CN107391171A - The method and user terminal of a kind of multiple problem of solution iOS hot repairs - Google Patents
The method and user terminal of a kind of multiple problem of solution iOS hot repairs Download PDFInfo
- Publication number
- CN107391171A CN107391171A CN201710448247.3A CN201710448247A CN107391171A CN 107391171 A CN107391171 A CN 107391171A CN 201710448247 A CN201710448247 A CN 201710448247A CN 107391171 A CN107391171 A CN 107391171A
- Authority
- CN
- China
- Prior art keywords
- objective
- hot repair
- class
- encryption
- hot
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
- G06F8/656—Updates while running
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3249—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
Abstract
The invention discloses the method and user terminal of a kind of multiple problem of solution iOS hot repairs, method is on the one hand by avoiding respondsToSelector methods and performSelector methods, by using class_getInstanceMethod the and class_getClassMethod methods in runtime Library, equally realize the method that the method for inquiry Objective C classes whether there is, and the redirection of message is realized with NSInvocation and forwardInvocation, the forwarding for equally realizing message is called.The present invention enables to have the product of hot repair function to pass through the strict examination & verification of Apple Inc. by improving sensitivity function problem present in current open source technology.
Description
Technical field
The present invention relates to ios software development field, and in particular to the multiple functional development field of hot repair.
Background technology
Hot repair is important for Mobile solution correlation as technological means abnormal on a kind of quick solution IT product line again, special
Not on iOS platforms, because the Review Cycle of Apple Inc. is general longer, if going to repair upper one edition by issuing new version
The abnormal problem of this appearance, then the longer cycle is needed, so as to cause Anomalous Diffusion, not only influences the normal use of App functions,
The more seriously experience of the reputation of infringement product and user, causes customer loss in the technical scheme increased income, iOS platforms are real
The open source technology of the multiple function of existing hot repair is quite a few, such as popular JSPatch, Weex, RN etc., but just on March 8th, 2017
Left and right, Apple Inc. is directed to proposes severe warning with the product of these hot repair functions, or even the more moneys uses of undercarriage
The major company such as product, Tengxun of the hot repair function of the above has Related product examination & verification to be refused.
A piece of alarmed in industry, the product that each product all stops new restocking at once uses the multiple skill of the hot repair called the roll above
Art, while the hot repair ability of the above whether is added to third party library and also carries out narrow examination.And these technologies, why by apple
It is safety problem that most important reason is refused in fruit warning even examination & verification.On the one hand it is the regulation for not observing Apple Inc., calls
Apple is forbidden in the sensitivity function used using shop such as:dlopen(),dlsym(),respondsToSelector,
Several methods such as performSelector, method_exchangeImplementations ().
And be on the other hand during being repaired using these Dynamic Thermals, the technical guarantee of secure context is not carried out,
Cause easily to distort the multiple code of hot repair by the means of man-in-the-middle attack by criminal, issue malicious code, formed serious
Potential safety hazard, destroy the ecosystem of apple.
The content of the invention
For overcome the deficiencies in the prior art, an object of the present invention is to provide a kind of multiple problem of solution iOS hot repairs
Method, solve the problems, such as and improve the multiple safety issue of sensitivity function present in current open source technology and hot repair, make that there is heat
The product of repair function can pass through the strict examination & verification of Apple Inc..
The second object of the present invention is to provide a kind of user terminal solve and improve and be quick present in current open source technology
Feel the multiple safety issue of function problem and hot repair, enable to have the product of hot repair function to pass through that Apple Inc. is strict to be examined
Core.
One of to achieve the above object, the technical solution adopted in the present invention is as follows:
A kind of method of the multiple problem of solution iOS hot repairs, comprises the following steps:
The multiple JavaScript scripts of hot repair in S101, parsing internal memory, generation hot repair parse script again;
S201, by JavaScriptCore load hot repair parse script again, using closure by hot repair answer parsing script in
The Objective-C of reference information is pulled back in Objective-C;
S301, the class name for judging whether to have in described information in Objective-C by NSClassFromString methods
Corresponding class, if so, step S401 is then performed, if it is not, the then class corresponding to dynamic creation in Objective-C, and performing
Step S401;
S401, replacement simultaneously cache disappearing for class in Objective-C corresponding to class name in described information and its parent
Cease reorientation method forwardInvocation;
S501, pass through the class_getInstanceMethod methods and class_ in runtime Library
GetClassMethod methods judge the method for whether having corresponding to the method name in described information in Objective-C, if so,
Step S601 is then performed, if it is not, then performing step S701;
S601, by the class_replaceMethod methods in runtime Library by the method in described information
The realization of the method in Objective-C corresponding to name replaces with the realization of message forwarding;
S701, the method name institute by the class_addMethod methods in runtime Library in described information
Increase the realization of message forwarding in method in corresponding Objective-C;
S801, perform the multiple message forwarding process of hot repair.
Preferably, in step S801, the multiple message forwarding process of hot repair includes two kinds of situations, when the realization of method exists
In Objective-C, the first situation is performed, is comprised the following steps:
Information to be called is pulled back in Objective-C by closure by the multiple JavaScript scripts of hot repair;
NSMethodSignature examples are obtained by runtime Library in Objective-C, and combines and closes
The information structuring to be called returned is wrapped into NSInvocation examples;
The invoke methods performed in Objective-C in NSInvocation examples carry out message forwarding;
When JavaScript scripts add new method to Objective-C class and go to the new method,
Second of situation is performed, is comprised the following steps:
The message call reorientation method forwardInvocation in Objective-C;
Called in Objective-C by corresponding method in NSInvocation case-based system JavaScript scripts
Parameter;
The JSValue examples provided in Objective-C by JavaScriptCore call
CallWithArguments methods and incoming parameter, to realize corresponding method in calling JavaScript scripts and return to knot
Fruit.
Preferably, the multiple file of hot repair is also included before step S101 issues step:
S001, the multiple file of encryption hot repair is obtained from server end;
S002, the encryption MD5 digital signature in the multiple file of encryption hot repair is decrypted, obtains MD5 digital signature;
S003, the MD5 values obtained by the multiple file of encryption hot repair that the value of the MD5 digital signature is got with calculating are entered
Row compares, if identical, perform step S004, if differing, terminates flow;
S004, by encryption hot repair, file is decrypted and is loaded onto in internal memory again, the multiple JavaScript scripts of generation hot repair.
Preferably, in server end, by encrypting the multiple text of hot repair described in the multiple file generated of XXTEA algorithm for encryption hot repair
Part, and pass through RSA private key encryption XXTEA decruption keys;
In step S004, XXTEA keys are obtained by RSA public key decryptions XXTEA decruption keys, then it is close by XXTEA
Key will be encrypted the multiple file of hot repair and is decrypted.
Preferably, in server end, the MD5 digital signature is generated by the MD5 values for calculating the multiple file of encryption hot repair,
And by RSA private key encryption MD5 digital signature, obtain the encryption MD5 digital signature;
In step S002, encryption MD5 digital signature is decrypted by RSA public keys.
To achieve the above object two, the technical solution adopted in the present invention is as follows:
A kind of user terminal, including:
Memory, instructed for storage program;
Processor, for running described program instruction, to perform following steps:
The multiple JavaScript scripts of hot repair in S101, parsing internal memory, generation hot repair parse script again;
S201, by JavaScriptCore load hot repair parse script again, using closure by hot repair answer parsing script in
The Objective-C of reference information is pulled back in Objective-C;
S301, the class name for judging whether to have in described information in Objective-C by NSClassFromString methods
Corresponding class, if so, step S401 is then performed, if it is not, the then class corresponding to dynamic creation in Objective-C, and performing
Step S401;
S401, replacement simultaneously cache disappearing for class in Objective-C corresponding to class name in described information and its parent
Cease reorientation method forwardInvocation;
S501, pass through the class_getInstanceMethod methods and class_ in runtime Library
GetClassMethod methods judge the method for whether having corresponding to the method name in described information in Objective-C, if so,
Step S601 is then performed, if it is not, then performing step S701;
S601, by the class_replaceMethod methods in runtime Library by the method in described information
The realization of the method in Objective-C corresponding to name replaces with the realization of message forwarding;
S701, the method name institute by the class_addMethod methods in runtime Library in described information
Increase the realization of message forwarding in method in corresponding Objective-C;
S801, perform the multiple message forwarding process of hot repair.
Preferably, in step S801, the multiple message forwarding process of hot repair includes two kinds of situations, when the realization of method exists
In Objective-C, the first situation is performed, is comprised the following steps:
Information to be called is pulled back in Objective-C by closure by the multiple JavaScript scripts of hot repair;
NSMethodSignature examples are obtained by runtime Library in Objective-C, and combines and closes
The information structuring to be called returned is wrapped into NSInvocation examples;
The invoke methods performed in Objective-C in NSInvocation examples carry out message forwarding;
When JavaScript scripts add new method to Objective-C class and go to the new method,
Second of situation is performed, is comprised the following steps:
The message call reorientation method forwardInvocation in Objective-C;
Called in Objective-C by corresponding method in NSInvocation case-based system JavaScript scripts
Parameter;
The JSValue examples provided in Objective-C by JavaScriptCore call
CallWithArguments methods and incoming parameter, to realize corresponding method in calling JavaScript scripts and return to knot
Fruit.
Preferably, the multiple file of hot repair is also included before step S101 issues step:
S001, the multiple file of encryption hot repair is obtained from server end;
S002, the encryption MD5 digital signature in the multiple file of encryption hot repair is decrypted, obtains MD5 digital signature;
S003, the MD5 values obtained by the multiple file of encryption hot repair that the value of the MD5 digital signature is got with calculating are entered
Row compares, if identical, perform step S004, if differing, terminates flow;
S004, by encryption hot repair, file is decrypted and is loaded onto in internal memory again, the multiple JavaScript scripts of generation hot repair.
Preferably, in server end, by encrypting the multiple text of hot repair described in the multiple file generated of XXTEA algorithm for encryption hot repair
Part, and pass through RSA private key encryption XXTEA decruption keys;
In step S004, XXTEA keys are obtained by RSA public key decryptions XXTEA decruption keys, then it is close by XXTEA
Key will be encrypted the multiple file of hot repair and is decrypted.
Preferably, in server end, the MD5 digital signature is generated by the MD5 values for calculating the multiple file of encryption hot repair,
And by RSA private key encryption MD5 digital signature, obtain the encryption MD5 digital signature;
In step S002, encryption MD5 digital signature is decrypted by RSA public keys.
Compared with prior art, the beneficial effects of the present invention are:
The improvement of technology is carried out for two large problems present in current iOS system hot-fixing, first, by avoiding
The sensitivity function that apple is mentioned, using regular technical scheme, solve in review process due to not observing examining for Apple Inc.
The problem of examination & verification is rejected caused by core provision.Second, solve hot repair by using safer complicated encryption technology makes again
The situation of man-in-the-middle attack is can be potentially encountered during.
Brief description of the drawings
Fig. 1 is the flow chart of the method for the multiple problem of solution iOS hot repairs of the embodiment of the present invention one;
The message that Fig. 2 is the Objective-C of the embodiment of the present invention one forwards schematic diagram;
Fig. 3 is the structure chart of the user terminal of the embodiment of the present invention two.
Embodiment
Below, with reference to accompanying drawing and embodiment, the present invention is described further:
Embodiment one:
With reference to figure 1, the invention provides a kind of method of the multiple problem of solution iOS hot repairs, comprise the following steps:
S001, the multiple file of encryption hot repair is obtained from server end;
S002, the encryption MD5 digital signature in the multiple file of encryption hot repair is decrypted, obtains MD5 digital signature;
S003, the MD5 values obtained by the multiple file of encryption hot repair that the value of the MD5 digital signature is got with calculating are entered
Row compares, if identical, perform step S004, if differing, terminates flow;
S004, by encryption hot repair, file is decrypted and is loaded onto in internal memory again, the multiple JavaScript scripts of generation hot repair;
The multiple JavaScript scripts of hot repair in S101, parsing internal memory, generation hot repair parse script again;
S201, by JavaScriptCore load hot repair parse script again, using closure by hot repair answer parsing script in
The Objective-C of reference information is pulled back in Objective-C;
S301, the class name for judging whether to have in described information in Objective-C by NSClassFromString methods
Corresponding class, if so, step S401 is then performed, if it is not, the then class corresponding to dynamic creation in Objective-C, and performing
Step S401;
S401, replacement simultaneously cache disappearing for class in Objective-C corresponding to class name in described information and its parent
Cease reorientation method forwardInvocation;
S501, pass through the class_getInstanceMethod methods and class_ in runtime Library
GetClassMethod methods judge the method for whether having corresponding to the method name in described information in Objective-C, if so,
Step S601 is then performed, if it is not, then performing step S701;
S601, by the class_replaceMethod methods in runtime Library by the method in described information
The realization of the method in Objective-C corresponding to name replaces with the realization of message forwarding;
S701, the method name institute by the class_addMethod methods in runtime Library in described information
Increase the realization of message forwarding in method in corresponding Objective-C;
S801, perform the multiple message forwarding process of hot repair.
Wherein, in step S801, the multiple message forwarding process of hot repair includes two kinds of situations, when the realization of method exists
In Objective-C, the first situation is performed, is comprised the following steps:
Information to be called is pulled back in Objective-C by closure by the multiple JavaScript scripts of hot repair;
NSMethodSignature examples are obtained by runtime Library in Objective-C, and combines and closes
The information structuring to be called returned is wrapped into NSInvocation examples;
The invoke methods performed in Objective-C in NSInvocation examples carry out message forwarding;
When JavaScript scripts add new method to Objective-C class and go to the new method,
Second of situation is performed, is comprised the following steps:
The message call reorientation method forwardInvocation in Objective-C;
Called in Objective-C by corresponding method in NSInvocation case-based system JavaScript scripts
Parameter;
The JSValue examples provided in Objective-C by JavaScriptCore call
CallWithArguments methods and incoming parameter, to realize corresponding method in calling JavaScript scripts and return to knot
Fruit.
Further, in server end, by encrypting the multiple text of hot repair described in the multiple file generated of XXTEA algorithm for encryption hot repair
Part, and pass through RSA private key encryption XXTEA decruption keys;
In step S004, XXTEA keys are obtained by RSA public key decryptions XXTEA decruption keys, then it is close by XXTEA
Key will be encrypted the multiple file of hot repair and is decrypted.
In server end, the MD5 digital signature is generated by the MD5 values for calculating the multiple file of encryption hot repair, and pass through
RSA private key encryption MD5 digital signature, obtain the encryption MD5 digital signature;
In step S002, encryption MD5 digital signature is decrypted by RSA public keys.
It is described in further detail with reference to the method for the present invention.
On the one hand, step S001-S004 solves the multiple safety issue of hot repair.Hot repair function is except can promptly repair
On line outside App abnormal problem, moreover it is possible to issuing for various codes is carried out, if utilized by criminal, to product and user
Serious safety problem will be produced, the present invention combines XXTEA encryptions and RSA asymmetric encryption solves safety issue.
After server end to the multiple document code of hot repair by carrying out XXTEA encryptions, calculate MD5 and pass through as digital signature
Issued after private key encryption, because private key is secrecy, the signature can not be changed;The hot repair encrypted simultaneously by XXTEA
Multiple file is also secrecy, and XXTEA encryption keys can not be changed also by private key encryption.So, go-between is avoided to attack
Hit, because have modified any one in these three contents, can all cause the multiple document code of hot repair not decrypt normally.
On the other hand, step S101-S801 solves the problems, such as that two sensitive methods cause to be unable to restocking.One is
RespondsToSelector methods, this method judge whether some class responds biography when being mainly used in iOS system dynamic operation
The method entered, if response, returns to YES, if be not responding to, return to NO.Using JSPatch as example, this method is used
Main purpose be the class method that judges to issue in the JS scripts of the multiple file of hot repair by this method whether be Objective-C classes
Through existing method, if it is present the covering of the method for progress, if it does not exist, then the runtime for passing through Objective-C
Mechanism such newly-increased method into such increase script, can not normal restocking Apple store using the sensitive method.Another
It is performSelector methods, message initiates the tune that object carries out message when this method is used primarily in iOS system dynamic operation
With if message, which initiates object, can not respond the message approach, system can throw exception situation.In hot repair is multiple, with it,
Script can be allowed to call the corresponding methods of Objective-C during dynamic load.Similarly, apple this method in heat
Repair this and be technically included in sensitive method, therefore very big technical risk be present using this method in review process.
Step S101-S801 detailed description is as follows:
JavaScript scripts are parsed, carry out the lattice of Objective-C (abbreviation OC, iOS development language) method
Formulaization is replaced, and the purpose for formatting replacement is so that OC method calls in JavaScript (abbreviation JS, script) script
The class of function, method name and parameter can be extracted conveniently by the parsing of JS character strings.
Context instance the content for script after having parsed by JavaScriptCore (abbreviation JSCore, public library)
JSContext (context environmental of JS scripts) carries out loading .JSCore and provided by context instance establishment JS methods, and
It can be adjusted by block closures (be combined in OC by function and relative referencing environment entity) in JS methods
Used time return parameters are into OC environment.By the JS methods pre-set, these methods are called in the multiple script of hot repair, so that it may
To realize the processes of the information back to OC such as the class name the OC quoted in script, method name, parameter value, realize that JS scripts are adjusted back
The process of OC environment.The method of closure also provides the approach that JS calls OC methods simultaneously.
After process of the information back that script is used to OC environment, how next to handle by these class names, side
Religious name and parameter go the method for calling the corresponding class of OC environment.It is that class (is obtained by NSClassFromString first
C language method) method judge class corresponding to class name whether there is OC environment in, be passed to class name to NSClassFromString, deposit
Such is then being returned, it is empty in the absence of then returning.If there is no, then by given parent (be also superclass, generate one it is new
Class need inherit a superclass) name (in script parent name regulation must be already present class in OC environment) with inherit
Mode dynamic creation and register a new class.
Class dynamic creation or in the presence of, replace and the message reorientation method of cache class and its parent
forwardInvocation.The purpose for replacing reorientation method is to allow the method for the OC to be replaced and JS in JS to increase newly
Method can by message forwarding mechanism come carry out message forward caching be in order to JS can adjust back method of the same name correspond to it is original
OC method is realized.
, it is necessary to the OC used in JS method and newly-increased after the processing to forwardInvocation is completed
Method is judged, has used the method class_ in runtime Library (bottom storehouse during dynamic operation) here
GetInstanceMethod and class_getClassMethod carrys out determination methods realization and whether there is, class_
GetInstanceMethod and class_getClassMethod is required for incoming class name and method name as parameter, if should
Class realizes this method, then returning result is not sky, if such is not carried out this method, returning result is sky.Two sides
The former is the case method for judging OC classes unlike method, and the latter is the class method for judging OC classes.
It should be noted that OC is to forward to perform by message, message forwarding mechanism is in the first step under normal circumstances
The lookup that method realizes IMP (pointer of specific implementation corresponding to OC methods) can be carried out, is visited once the method for finding realizes IMP
Receipt row method, forwarded without the message of next step.But if the realization of method directly make into message forwarding realization _
Objc_msgForward (is the function pointer of an IMP type, forwarded for message, when sending one to object
Message, but it when realize, _ objc_msgForward can have a go at message forwarding), that calls such this
IMP inquiry is just realized during method without method, and directly carries out message forwarding, message call reorientation method
forwardInvocation:And return type is that (NSInvocation is that iOS message transmissions and method are adjusted to NSInvocation
One class) example, the object belonging to method, method name, parameter and return value are saved in example.
By judgement above, it is known that the method for class whether there is, then passes through class_replaceMethod methods
The method replacement and increase of class are carried out with class_addMethod methods, the method for original class is realized and is substituted for unification
Message forwarding realization _ objc_msgForward, the realization of increased method is also _ objc_msgForward, so these
The OC methods and newly-increased method that JS is repaired all uniformly redirect message and forwarded all without directly going lookup method to realize IMP
Function forwardInvocation simultaneously returns to NSInvocation examples.
Step S101-S701 completes the loading procedure of the multiple script of hot repair, is exactly the implementation procedure of the multiple script of hot repair below,
Carry out message forwarding.The process that the multiple script of hot repair performs has two kinds of situations, and a kind of is that JS calls OC by closure biography ginseng to OC
The method of example or class, the situation are mainly that method realizes that code is in OC.Another kind is increased newly in OC calling JS
Method, the situation are that the multiple script of hot repair adds the method for OC classes or adds new class and method.
The first situation JS is transmitted to the information such as the example of the class to be called of OC environment, method, parameter by closure readjustment, so
After OC takes these information afterwards, being signed by acquisition methods, (such is the parameter to method, returned NSMethodSignature
Similar to be packaged, collaboration NSInvocation realizes that message forwards) example, the information structuring message forwarding returned with reference to closure
NSInvocation examples, method invoke, the OC environment for then performing the example can be automatically according to the message repeater-transmitters of system
System carries out message forwarding, realizes the calling of OC methods.
Second of situation is the realization that OC calls JS, in fact real after hot repair is multiple has increased new method newly to OC class
Realized on border or by JS codes, so when going to the newly-increased method in the code call in JS, due to above
Realization of the step to this method is substituted for the realization of message forwarding, so the method that meeting inbound message redirects
forwardInvocation.At this moment method that can be by NSInvocation Eample Analysis into JS, is then carried by JSCore
The method callWithArguments (OC performs the function of JS methods) of confession, allows the JSValue examples of JS methods (to JS in OC
The class being packaged) call callWithArguments and incoming parameter, so that it may to realize that OC readjustment JC methods are realized and returned
As a result.
By above-mentioned steps, without using respondsToSelector methods, by using in runtime Library
Class_getInstanceMethod and class_getClassMethod methods, equally realize inquiry Objective-C classes
The method that whether there is of method.Without using performSelector methods, mainly with NSInvocation and
ForwardInvocation realizes the redirection of message, and the forwarding for equally realizing message is called.
OC message forwards principle as shown in Fig. 2 its message forwarding process is described as follows:
1) dynamic method resolution
ResolveInstanceMethod is sent to current class:Message, check whether that dynamic with the addition of method to class, such as
Fruit returns to YES, then system thinks that method has been added, then can resend message.
2) fast message forwards
Check whether current class realizes forwardingTargetForSelector:Method, called if realizing, if
Method return value is non-nil or non-self object, then resends message to the object of return.
3) regular message forwards
Runtime sends methodSignatureForSelector:Message obtains the signature of selector corresponding methods,
If method signature returns, then the NSInvocation of description message is created according to method signature, sent to existing object
forwardInvocation:Message, if returned without method signature, i.e., return value is nil, then is sent to existing object
doesNotRecognizeSelector:Message, application crashes exit.
Based on the principle of above-mentioned message forwarding, the message that the class quoted in script is first caught on when script is loaded is reset
To method forwardInvocation, then by runtimeLibrary method class_replaceMethod,
Class_addMethod, the corresponding method of the Objective-C quoted in script class is replaced or increased.And
When the calling of script method, by runtime Library acquisition methods signature NSMethodSignature, then with side
Method signature construction NSInvocation instance variables, perform message with the variable and redirect, complete the forwarding of regular message.Entirely
Message forwarding process, which avoids, directly uses performSelector methods.
Embodiment two:
As shown in figure 3, the invention provides a kind of user terminal, including:
Memory, instructed for storage program;
Processor, for running described program instruction, to perform following steps:
The multiple JavaScript scripts of hot repair in S101, parsing internal memory, generation hot repair parse script again;
S201, by JavaScriptCore load hot repair parse script again, using closure by hot repair answer parsing script in
The Objective-C of reference information is pulled back in Objective-C;
S301, the class name for judging whether to have in described information in Objective-C by NSClassFromString methods
Corresponding class, if so, step S401 is then performed, if it is not, the then class corresponding to dynamic creation in Objective-C, and performing
Step S401;
S401, replacement simultaneously cache disappearing for class in Objective-C corresponding to class name in described information and its parent
Cease reorientation method forwardInvocation;
S501, pass through the class_getInstanceMethod methods and class_ in runtime Library
GetClassMethod methods judge the method for whether having corresponding to the method name in described information in Objective-C, if so,
Step S601 is then performed, if it is not, then performing step S701;
S601, by the class_replaceMethod methods in runtime Library by the method in described information
The realization of the method in Objective-C corresponding to name replaces with the realization of message forwarding;
S701, the method name institute by the class_addMethod methods in runtime Library in described information
Increase the realization of message forwarding in method in corresponding Objective-C;
S801, perform the multiple message forwarding process of hot repair.
Preferably, in step S801, the multiple message forwarding process of hot repair includes two kinds of situations, when the realization of method exists
In Objective-C, the first situation is performed, is comprised the following steps:
Information to be called is pulled back in Objective-C by closure by the multiple JavaScript scripts of hot repair;
NSMethodSignature examples are obtained by runtime Library in Objective-C, and combines and closes
The information structuring to be called returned is wrapped into NSInvocation examples;
The invoke methods performed in Objective-C in NSInvocation examples carry out message forwarding;
When JavaScript scripts add new method to Objective-C class and go to the new method,
Second of situation is performed, is comprised the following steps:
The message call reorientation method forwardInvocation in Objective-C;
Called in Objective-C by corresponding method in NSInvocation case-based system JavaScript scripts
Parameter;
The JSValue examples provided in Objective-C by JavaScriptCore call
CallWithArguments methods and incoming parameter, to realize corresponding method in calling JavaScript scripts and return to knot
Fruit.
Preferably, the multiple file of hot repair is also included before step S101 issues step:
S001, the multiple file of encryption hot repair is obtained from server end;
S002, the encryption MD5 digital signature in the multiple file of encryption hot repair is decrypted, obtains MD5 digital signature;
S003, the MD5 values obtained by the multiple file of encryption hot repair that the value of the MD5 digital signature is got with calculating are entered
Row compares, if identical, perform step S004, if differing, terminates flow;
S004, by encryption hot repair, file is decrypted and is loaded onto in internal memory again, the multiple JavaScript scripts of generation hot repair.
Preferably, in server end, by encrypting the multiple text of hot repair described in the multiple file generated of XXTEA algorithm for encryption hot repair
Part, and pass through RSA private key encryption XXTEA decruption keys;
In step S004, XXTEA keys are obtained by RSA public key decryptions XXTEA decruption keys, then it is close by XXTEA
Key will be encrypted the multiple file of hot repair and is decrypted.
Preferably, in server end, the MD5 digital signature is generated by the MD5 values for calculating the multiple file of encryption hot repair,
And by RSA private key encryption MD5 digital signature, obtain the encryption MD5 digital signature;
In step S002, encryption MD5 digital signature is decrypted by RSA public keys.
It will be apparent to those skilled in the art that technical scheme that can be as described above and design, make other various
Corresponding change and deformation, and all these changes and deformation should all belong to the protection domain of the claims in the present invention
Within.
Claims (10)
1. the method for the multiple problem of a kind of solution iOS hot repairs, it is characterised in that comprise the following steps:
The multiple JavaScript scripts of hot repair in S101, parsing internal memory, generation hot repair parse script again;
S201, by JavaScriptCore load hot repair parse script again, using closure by hot repair answer parsing script in quote
Objective-C information pull back in Objective-C;
S301, by NSClassFromString methods judge whether to have in Objective-C in described information class name institute it is right
The class answered, if so, step S401 is then performed, if it is not, the then class corresponding to dynamic creation in Objective-C, and perform step
S401;
S401, replacement and the message weight for caching the class and its parent in Objective-C corresponding to class name in described information
Orientation method forwardInvocation;
S501, pass through the class_getInstanceMethod methods and class_ in runtime Library
GetClassMethod methods judge the method for whether having corresponding to the method name in described information in Objective-C, if so,
Step S601 is then performed, if it is not, then performing step S701;
S601, by the class_replaceMethod methods in runtime Library by the method name institute in described information
The realization of method in corresponding Objective-C replaces with the realization of message forwarding;
S701, by corresponding to method name of the class_addMethod methods in described information in runtime Library
Objective-C in method in increase message forwarding realization;
S801, perform the multiple message forwarding process of hot repair.
2. the method for the multiple problem of solution iOS hot repairs according to claim 1, it is characterised in that in step S801, hot repair
Multiple message forwarding process includes two kinds of situations, when the realization of method is in Objective-C, performs the first situation, including
Following steps:
Information to be called is pulled back in Objective-C by closure by the multiple JavaScript scripts of hot repair;
NSMethodSignature examples are obtained by runtime Library in Objective-C, and returned with reference to closure
The information structuring to be called returned is into NSInvocation examples;
The invoke methods performed in Objective-C in NSInvocation examples carry out message forwarding;
When JavaScript scripts add new method to Objective-C class and go to the new method, perform
Second of situation, comprises the following steps:
The message call reorientation method forwardInvocation in Objective-C;
The ginseng called in Objective-C by corresponding method in NSInvocation case-based system JavaScript scripts
Number;
The JSValue examples provided in Objective-C by JavaScriptCore call callWithArguments side
Method and incoming parameter, corresponding method and returning result in JavaScript scripts are called to realize.
3. the method for the multiple problem of solution iOS hot repairs according to claim 1 or 2, it is characterised in that before step S101
Also include the multiple file of hot repair issues step:
S001, the multiple file of encryption hot repair is obtained from server end;
S002, the encryption MD5 digital signature in the multiple file of encryption hot repair is decrypted, obtains MD5 digital signature;
S003, the MD5 values obtained by the multiple file of encryption hot repair that the value of the MD5 digital signature is got with calculating are compared
Compared with, if identical, perform step S004, if differing, terminate flow;
S004, by encryption hot repair, file is decrypted and is loaded onto in internal memory again, the multiple JavaScript scripts of generation hot repair.
4. the method for the multiple problem of solution iOS hot repairs according to claim 3, it is characterised in that in server end, pass through
The multiple file of hot repair is encrypted described in the multiple file generated of XXTEA algorithm for encryption hot repair, and passes through RSA private key encryption XXTEA decruption keys;
In step S004, XXTEA keys are obtained by RSA public key decryptions XXTEA decruption keys, then will by XXTEA keys
The multiple file of encryption hot repair is decrypted.
5. the method for the multiple problem of solution iOS hot repairs according to claim 3, it is characterised in that in server end, pass through
The MD5 values for calculating the multiple file of encryption hot repair generate the MD5 digital signature, and by RSA private key encryption MD5 digital signature, obtain
To the encryption MD5 digital signature;
In step S002, encryption MD5 digital signature is decrypted by RSA public keys.
A kind of 6. user terminal, it is characterised in that including:
Memory, instructed for storage program;
Processor, for running described program instruction, to perform following steps:
The multiple JavaScript scripts of hot repair in S101, parsing internal memory, generation hot repair parse script again;
S201, by JavaScriptCore load hot repair parse script again, using closure by hot repair answer parsing script in quote
Objective-C information pull back in Objective-C;
S301, by NSClassFromString methods judge whether to have in Objective-C in described information class name institute it is right
The class answered, if so, step S401 is then performed, if it is not, the then class corresponding to dynamic creation in Objective-C, and perform step
S401;
S401, replacement and the message weight for caching the class and its parent in Objective-C corresponding to class name in described information
Orientation method forwardInvocation;
S501, pass through the class_getInstanceMethod methods and class_ in runtime Library
GetClassMethod methods judge the method for whether having corresponding to the method name in described information in Objective-C, if so,
Step S601 is then performed, if it is not, then performing step S701;
S601, by the class_replaceMethod methods in runtime Library by the method name institute in described information
The realization of method in corresponding Objective-C replaces with the realization of message forwarding;
S701, by corresponding to method name of the class_addMethod methods in described information in runtime Library
Objective-C in method in increase message forwarding realization;
S801, perform the multiple message forwarding process of hot repair.
7. user terminal according to claim 6, it is characterised in that in step S801, the multiple message of hot repair is forwarded over
Journey includes two kinds of situations, when the realization of method is in Objective-C, performs the first situation, comprises the following steps:
Information to be called is pulled back in Objective-C by closure by the multiple JavaScript scripts of hot repair;
NSMethodSignature examples are obtained by runtime Library in Objective-C, and returned with reference to closure
The information structuring to be called returned is into NSInvocation examples;
The invoke methods performed in Objective-C in NSInvocation examples carry out message forwarding;
When JavaScript scripts add new method to Objective-C class and go to the new method, perform
Second of situation, comprises the following steps:
The message call reorientation method forwardInvocation in Objective-C;
The ginseng called in Objective-C by corresponding method in NSInvocation case-based system JavaScript scripts
Number;
The JSValue examples provided in Objective-C by JavaScriptCore call callWithArguments side
Method and incoming parameter, corresponding method and returning result in JavaScript scripts are called to realize.
8. the user terminal according to claim 6 or 7, it is characterised in that also include the multiple text of hot repair before step S101
Part issues step:
S001, the multiple file of encryption hot repair is obtained from server end;
S002, the encryption MD5 digital signature in the multiple file of encryption hot repair is decrypted, obtains MD5 digital signature;
S003, the MD5 values obtained by the multiple file of encryption hot repair that the value of the MD5 digital signature is got with calculating are compared
Compared with, if identical, perform step S004, if differing, terminate flow;
S004, by encryption hot repair, file is decrypted and is loaded onto in internal memory again, the multiple JavaScript scripts of generation hot repair.
9. user terminal according to claim 8, it is characterised in that in server end, pass through XXTEA algorithm for encryption heat
Repair and the multiple file of hot repair is encrypted described in file generated, and pass through RSA private key encryption XXTEA decruption keys;
In step S004, XXTEA keys are obtained by RSA public key decryptions XXTEA decruption keys, then will by XXTEA keys
The multiple file of encryption hot repair is decrypted.
10. user terminal according to claim 8, it is characterised in that in server end, answered by calculating encryption hot repair
The MD5 values of file generate the MD5 digital signature, and by RSA private key encryption MD5 digital signature, obtain the encryption MD5 numbers
Word is signed;
In step S002, encryption MD5 digital signature is decrypted by RSA public keys.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710448247.3A CN107391171B (en) | 2017-06-14 | 2017-06-14 | Method for solving iOS thermal repair problem and user terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710448247.3A CN107391171B (en) | 2017-06-14 | 2017-06-14 | Method for solving iOS thermal repair problem and user terminal |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107391171A true CN107391171A (en) | 2017-11-24 |
CN107391171B CN107391171B (en) | 2020-06-09 |
Family
ID=60331893
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710448247.3A Active CN107391171B (en) | 2017-06-14 | 2017-06-14 | Method for solving iOS thermal repair problem and user terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107391171B (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108052407A (en) * | 2017-12-13 | 2018-05-18 | 深圳乐信软件技术有限公司 | A kind of application crash means of defence, device, equipment and storage medium |
CN109375932A (en) * | 2018-09-18 | 2019-02-22 | 广州虎牙信息科技有限公司 | Method, apparatus, terminal and the storage medium of script building are answered in a kind of APP hot repair |
CN110321135A (en) * | 2019-06-28 | 2019-10-11 | 百度在线网络技术(北京)有限公司 | Hot restorative procedure, device, equipment and computer readable storage medium |
CN110427319A (en) * | 2019-07-22 | 2019-11-08 | 上海易点时空网络有限公司 | The hot restorative procedure of lightweight and device, storage medium based on IOS |
CN110457151A (en) * | 2019-07-10 | 2019-11-15 | 五八有限公司 | Hot restorative procedure, device and readable storage medium storing program for executing |
CN111857782A (en) * | 2020-07-27 | 2020-10-30 | 苏州朗动网络科技有限公司 | Interface updating method and device, computer equipment and storage medium |
CN112579094A (en) * | 2020-12-15 | 2021-03-30 | 上海赛可出行科技服务有限公司 | Lightweight thermal restoration method based on template code matching |
CN114461226A (en) * | 2022-04-07 | 2022-05-10 | 广州易方信息科技股份有限公司 | Method and device for solving mandatory dependence |
CN115296999A (en) * | 2022-09-28 | 2022-11-04 | 深圳依时货拉拉科技有限公司 | Mobile terminal hot repair method, device, hot repair system and readable storage medium |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9438491B1 (en) * | 2014-03-11 | 2016-09-06 | Apteligent, Inc. | Service monitor for monitoring a network connection to track the performance of an application running on different mobile devices |
CN106227554A (en) * | 2016-07-08 | 2016-12-14 | 百度在线网络技术(北京)有限公司 | A kind of method and apparatus carrying out applying heat renewal in ios system |
-
2017
- 2017-06-14 CN CN201710448247.3A patent/CN107391171B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9438491B1 (en) * | 2014-03-11 | 2016-09-06 | Apteligent, Inc. | Service monitor for monitoring a network connection to track the performance of an application running on different mobile devices |
CN106227554A (en) * | 2016-07-08 | 2016-12-14 | 百度在线网络技术(北京)有限公司 | A kind of method and apparatus carrying out applying heat renewal in ios system |
Non-Patent Citations (3)
Title |
---|
JACKLEE18: "JSPatch被拒之完美解决方案", 《HTTPS://BLOG.CSDN.NET/HANHAILONG18/ARTICLE/DETAILS/64443350》 * |
佚名: "如何对类方法进行 Method Swizzling", 《HTTPS://JUEJIN.IM/ENTRY/581B23D4C4C9710055727F1A》 * |
石虎132: "iOS JSPatch 热修复实现原理详解", 《HTTPS://BLOG.CSDN.NET/SHIHUBOKE/ARTICLE/DETAILS/73042691》 * |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108052407A (en) * | 2017-12-13 | 2018-05-18 | 深圳乐信软件技术有限公司 | A kind of application crash means of defence, device, equipment and storage medium |
CN109375932A (en) * | 2018-09-18 | 2019-02-22 | 广州虎牙信息科技有限公司 | Method, apparatus, terminal and the storage medium of script building are answered in a kind of APP hot repair |
CN110321135A (en) * | 2019-06-28 | 2019-10-11 | 百度在线网络技术(北京)有限公司 | Hot restorative procedure, device, equipment and computer readable storage medium |
CN110457151A (en) * | 2019-07-10 | 2019-11-15 | 五八有限公司 | Hot restorative procedure, device and readable storage medium storing program for executing |
CN110457151B (en) * | 2019-07-10 | 2022-01-28 | 五八有限公司 | Thermal restoration method and device and readable storage medium |
CN110427319A (en) * | 2019-07-22 | 2019-11-08 | 上海易点时空网络有限公司 | The hot restorative procedure of lightweight and device, storage medium based on IOS |
CN110427319B (en) * | 2019-07-22 | 2023-06-30 | 上海易点时空网络有限公司 | Lightweight thermal restoration method and device based on IOS and storage medium |
CN111857782A (en) * | 2020-07-27 | 2020-10-30 | 苏州朗动网络科技有限公司 | Interface updating method and device, computer equipment and storage medium |
CN112579094A (en) * | 2020-12-15 | 2021-03-30 | 上海赛可出行科技服务有限公司 | Lightweight thermal restoration method based on template code matching |
CN114461226A (en) * | 2022-04-07 | 2022-05-10 | 广州易方信息科技股份有限公司 | Method and device for solving mandatory dependence |
CN115296999A (en) * | 2022-09-28 | 2022-11-04 | 深圳依时货拉拉科技有限公司 | Mobile terminal hot repair method, device, hot repair system and readable storage medium |
CN115296999B (en) * | 2022-09-28 | 2023-01-10 | 深圳依时货拉拉科技有限公司 | Mobile terminal hot repair method, device, hot repair system and readable storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN107391171B (en) | 2020-06-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107391171A (en) | The method and user terminal of a kind of multiple problem of solution iOS hot repairs | |
US20210344711A1 (en) | Phishing Detection Method And System | |
US20170201547A1 (en) | Methods and systems to detect attacks on internet transactions | |
US9807113B2 (en) | Polymorphic obfuscation of executable code | |
US20110145435A1 (en) | Reputation Based Redirection Service | |
US20150339766A1 (en) | Information protection system | |
US9112900B1 (en) | Distributed polymorphic transformation of served content | |
US20110321162A1 (en) | Methods And Systems For Providing Security For Page Framing | |
CN105447378B (en) | A kind of method for generating cipher code and device | |
CN105359157A (en) | A network security system | |
CN107959660A (en) | A kind of static file access method and device based on Nginx | |
US20180130056A1 (en) | Method and system for transaction security | |
CN107294921A (en) | The processing method and processing device that a kind of web terminal is accessed | |
CN109977703A (en) | A kind of encryption method of safety keyboard, storage medium and terminal device | |
CN115730319A (en) | Data processing method, data processing device, computer equipment and storage medium | |
Mazmudar et al. | Mitigator: Privacy policy compliance using trusted hardware | |
Mouha et al. | A vulnerability in implementations of SHA-3, SHAKE, EdDSA, and other NIST-approved algorithms | |
CN113946869B (en) | Internal security attack detection method and device for federal learning and privacy calculation | |
Goldsteen et al. | Application-screen masking: a hybrid approach | |
US20140281492A1 (en) | Prevention of Forgery of Web Requests to a Server | |
Uddin et al. | File upload security and validation in context of software as a service cloud model | |
CN114912112A (en) | Script detection method and device | |
Orunsolu et al. | A Lightweight Anti-Phishing Technique for Mobile Phone. | |
CN113347270A (en) | Method and device for preventing horizontal unauthorized network transmission file | |
US11146594B2 (en) | Security incident blockchain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PP01 | Preservation of patent right | ||
PP01 | Preservation of patent right |
Effective date of registration: 20210922 Granted publication date: 20200609 |