DYLD — Do You Like Death? (X)

Karol Mazurek
14 min readMay 11, 2024

The lifecycle of a Dynamic Loader from its creation to its termination.

This is the tenth article in the series about debugging Dyld-1122 and analyzing its source code. We will introduce ExternallyViewableState, which holds information about the state of externally viewable objects in the system that we are loading, such as dyld, executable, and all dylibs.

Please note that this analysis may contain some errors as I am still learning and working on it alone. No one has checked it for mistakes. Please let me know in the comments or contact me through my social media if you find anything.

Let’s go!

WORKING MAP

As last time, we begin our journey by decompiling the Dyld using a Hopper.

hopper -e '/usr/lib/dyld'

We are in the dyld`start analysing the Memory Manager. In the fourth article, I introduced pseudo-code, which you can see below:

Based on this, we finished creating the allocator later used as a memory pool for setting the Global state of the process, which consists of two types of states: fixed — ProcessConfig, and dynamic — RuntimeState.

--

--

Karol Mazurek
Karol Mazurek

No responses yet