開(kāi)源選擇

目前找到比較好的一個(gè)開(kāi)源庫(kù)是這個(gè)
https://github.com/Tyilo/insert_dylib

至少我發(fā)現(xiàn)它是能夠支持模擬器的笨枯。

原理

這些東西原理都一個(gè)樣薪丁，通過(guò)修改LoadCommand來(lái)使得系統(tǒng)加載應(yīng)用時(shí)順便把你的dylib加載進(jìn)來(lái)。

LoadCommand.png

取值

添加一個(gè)Command, value要如何取值

• dylib直接放在app目錄下: @executable_path/libtest.dylib
• dylib放在已存在Frameworks目錄下: @rpath/libtest.dylib 或 @executable_path/Frameworks/libtest.dylib
• dylib放在自己創(chuàng)建的Frameworks目錄下: @executable_path/Frameworks/libtest.dylib

用法

直接編譯得到二進(jìn)制后即可使用

坑1

為了方便重簽名馅精，我嘗試總是將dylib放到Frameworks下面严嗜。當(dāng)然，如果沒(méi)有.app文件下面沒(méi)有這個(gè)目錄洲敢，我就為他創(chuàng)建一個(gè)漫玄，然后把dylib放進(jìn)去。事實(shí)證明這樣是不行的压彭，會(huì)導(dǎo)致dylib加載失敗睦优。（如果原來(lái)Frameworks目錄是存在的，是不會(huì)失敗的）

Exception Type:  EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note:  EXC_CORPSE_NOTIFY
Termination Description: DYLD, Library not loaded: @rpath/libtest.dylib | Referenced from: /var/containers/Bundle/Application/9683F64B-63A5-4CD2-90D0-076CD85789E5/Test.app/Test | Reason: image not found
Triggered by Thread:  0

Filtered syslog:
None found

Thread 0 Crashed:
0   dyld                            0x0000000103841cbc __abort_with_payload + 8
1   dyld                            0x0000000103841668 abort_with_payload_wrapper_internal + 100
2   dyld                            0x0000000103841694 fcntl + 0
3   dyld                            0x0000000103820514 dyld::fastBindLazySymbol(ImageLoader**, unsigned long) + 0
4   dyld                            0x00000001038229a8 dyld::_main(macho_header const*, unsigned long, int, char const**, char const**, char const**, unsigned long*) + 4072
5   dyld                            0x000000010381d044 _dyld_start + 68

Thread 0 crashed with ARM Thread State (64-bit):
    x0: 0x0000000000000006   x1: 0x0000000000000001   x2: 0x000000016fdde1b0   x3: 0x0000000000000082
    x4: 0x000000016fddddb0   x5: 0x0000000000000000   x6: 0x0000000000000000   x7: 0x0000000000000e80
    x8: 0x0000000000000020   x9: 0x0000000000000009  x10: 0x6f5a512f35453938  x11: 0x512f7070612e656e
   x12: 0x20200a656e6f7a51  x13: 0x203a6e6f73616552  x14: 0x6f6e206567616d69  x15: 0x00646e756f662074
   x16: 0x0000000000000209  x17: 0x0000000000000030  x18: 0x0000000000000000  x19: 0x0000000000000000
   x20: 0x000000016fddddb0  x21: 0x0000000000000082  x22: 0x000000016fdde1b0  x23: 0x0000000000000001
   x24: 0x0000000000000006  x25: 0x000000010384dab8  x26: 0x000000010384fbb8  x27: 0x9015bc02032200b8
   x28: 0x000000010384d000   fp: 0x000000016fdddd80   lr: 0x0000000103841668
    sp: 0x000000016fdddd40   pc: 0x0000000103841cbc cpsr: 0x00000000

Binary Images:
0x100020000 - 0x102bcffff Test arm64  <98ee4fcadd62340f838b652d5fe58ecb> /var/containers/Bundle/Application/9683F64B-63A5-4CD2-90D0-076CD85789E5/Test.app/Test
0x10381c000 - 0x10384bfff dyld arm64  <f54ed85a94253887886a8028e20ed8ba> /usr/lib/dyld

EOF

解決辦法：

• 如果Frameworks文件夾是我們創(chuàng)建的話哮塞，使用 @executable_path/Frameworks/libtest.dylib而不是@rpath/libtest.dylib
• 放在app目錄下就好了刨秆，使用 ```@executable_path/libtest.dylib