IOMobileFramebufferGetLayerDefaultSurface无法在iOS 9上运行 [英] IOMobileFramebufferGetLayerDefaultSurface not working on iOS 9
问题描述
我的主要问题是,如何对已经存在的私有API函数进行反向工程,但是在新版本的iOS中进行了修改?
My main question is, how can I reverse engineer a private API function that already exists, but has been modified in a new version of iOS?
我创建了一个iOS应用程序来使用IOSurface和IOMobileFramebuffer记录屏幕内容。 framebuffer用来打开它的主要功能是 IOMobileFramebufferGetMainDisplay(connect)和 IOMobileFramebufferGetLayerDefaultSurface 。
I have created an iOS application to record the screen content using IOSurface and IOMobileFramebuffer. The main functions the framebuffer use to open it are IOMobileFramebufferGetMainDisplay(connect) and IOMobileFramebufferGetLayerDefaultSurface.
这些功能自应用程序的第一个版本开始使用,它们适用于所有版本的iOS 7和8.但是,最新的iOS 9 beta ,这是beta 5,函数 IOMobileFramebufferGetLayerDefaultSurface 不起作用。该函数不会返回0,因为它在成功打开帧缓冲区时应该返回0。
These functions have been used since the very first version of the app, and they have worked on all versions of iOS 7 and 8. However, on the latest iOS 9 beta, which is beta 5, the function IOMobileFramebufferGetLayerDefaultSurface does not work. The function does not return 0, as it should when it successfully opens the framebuffer.
StackOverflow上的其他用户似乎也遇到了同样的问题: IOMobileFramebufferGetLayerDefaultSurface函数。我们引用名为_framebufferConnection的IOMobileFramebufferConnection和名为_screenSurface的IOSurfaceRef这是当前代码:
This other user on StackOverflow seems to also be experiencing the same issue: IOMobileFramebufferGetLayerDefaultSurface function failed on iOS 9. We have a reference to IOMobileFramebufferConnection named "_framebufferConnection" and an IOSurfaceRef named "_screenSurface" Here is the current code:
IOMobileFramebufferGetMainDisplay( &安培; _framebufferConnection);
IOMobileFramebufferGetLayerDefaultSurface(_framebufferConnection,0,& _screenSurface;
如前所述,这些在iOS 7上完美运行-8,但是在iOS 9上,第二个函数崩溃了。我还查看了两个版本的符号的二进制文件并进行了比较。与iOS 8.4相比,iOS 9的第二个参数略有不同。因此,回到主要问题,我如何逆向工程 IOMobileFramebufferGetLayerDefaultSurface ,或者看看它在iOS 9上实际被修改的方式是什么?
As stated before, these work perfectly on iOS 7-8, but on iOS 9, the second function crashes. I have also looked at the binaries with the symbols for both versions and compared them. The second parameter of the LDR is slightly different in iOS 9, when compared to the iOS 8.4.1 binary. So, back to the main question, how can I reverse engineer IOMobileFramebufferGetLayerDefaultSurface, or see how in what way it’s actually been modified on iOS 9?
推荐答案
我相信@nevyn是正确的。但是,我想详细说明一下。我已经广泛研究了这个问题,并且 IOMobileFramebufferGetLayerDefaultSurface 函数 返回-536870201,如果它运行函数没有任何问题它应返回0.这个错误在互联网上,但它只是出现在我们身边我们遇到了QuickTime的常见问题。可能是Apple确实完全锁定了框架,并且需要Apple才能访问帧缓冲区。我们无法添加这些权利,因为它也必须位于配置文件中。我目前正在尝试阅读和解释反汇编并对IOMobileFramebuffer二进制文件进行一些逆向工程工作,以查看自上一个iOS版本以来是否有任何参数发生了变化。如果我发现任何事情,我一定会更新这个答案。但如果是这种情况,我建议尝试寻找另一种尝试捕获/记录屏幕内容的方法。
I believe @nevyn is correct. However, I would like to elaborate a bit more. I have looked into this exact issue extensively, and the IOMobileFramebufferGetLayerDefaultSurface function does return -536870201, while it should return 0 if it runs the function without any problems. This error is on the internet, but it only appears when users encounter generic problems with QuickTime. It could be that Apple has indeed locked up the framework completely, and needs an Apple-only entitlement to access the framebuffer. We cannot add these entitlements, since it also has to be on the provisioning profile. I currently am trying to read and interpret the disassembly and doing some reverse engineering work on the IOMobileFramebuffer binary to see if any of the parameters have changed since the last iOS version. I will surely update this answer if I discover anything. But if this is the case, I would suggest trying to find another method of trying to capture/record the screen content.
-UPDATE -
如果您阅读这个,它显示完全相同的错误代码,这意味着该函数不受支持,并返回IOKit错误。至少我们知道这意味着什么。但是,我仍然不确定如何解决它,或使功能工作。我会继续研究这个。
It seems as if there is evidence that this would be the case, if you read this, it shows the exact same error code, and it means that the function is "unsupported", and returns an IOKit error. At least we know what this means now. However, I am still unsure of how to fix it, or to make the function work. I will continue looking into this.
更新2
我实际上已经发现了iOS 9中的全新类FigScreenCaptureController,它是MediaToolbox框架的一部分!但奇怪的是,Apple为什么只在iOS 9中包含这个?所以,也许有一种方法可以通过这个 ......我将很快深入研究这门课程。
I have actually discovered a brand new class in iOS 9, "FigScreenCaptureController", and it is part of the MediaToolbox framework! What the strange thing is though, is why would Apple include this only in iOS 9? So, maybe there will be a way to record the display through this...I will be looking into this class more in depth very soon.
这篇关于IOMobileFramebufferGetLayerDefaultSurface无法在iOS 9上运行的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
