Figure 6-44 PhoneSettingsCopyMyNumber
This snippet first calls CTSettingCopyMyPhoneNumber and autoreleases the return value,
then calls PhoneSettingsCopyFormattedNumberBySIMCountry, which seems to format the
phone number according to the country of the SIM card. Judging from the name and context,
CTSettingCopyMyPhoneNumber looks like the target function we are looking for. And the
prefix CT implies that it comes from CoreTelephony rather than MobilePhoneSettings. Double
click this function to see its implementation, as shown in figure 6-45.
Figure 6-45 CTSettingCopyMyPhoneNumber
As expected, it’s an external function. Double click
“impCTSettingCopyMyPhoneNumber” to check out which library it originates from; it’s
exactly CoreTelephony. Quit Preferences and terminate it completely in the background, then
relaunch it and don’t enter MobilePhoneSettings. Now let’s attach debugserver to it and take a
look at its image list with LLDB, we will see CoreTelephony on the list. It means that we can
call CTSettingCopyMyPhoneNumber to get my unformatted number without loading
MobilePhoneSettings.bundle, which perfectly meets our requirements of a target function.
Finally, the last question: what’re its arguments and return value?
Judging from figure 6-44, CTSettingCopyMyPhoneNumber doesn’t seem to have any
argument; before CTSettingCopyMyPhoneNumber, R0~R3 don’t even show at all. If it has any
argument, then R0~R3 come from its caller, i.e. PhoneSettingsCopyMyNumber. However, as
we can see in figure 6-43, before PhoneSettingsCopyMyNumber, only R0 occurs, and if it