Figure 3-52 sub_351F8
We can infer from the name of
BKSTerminateApplicationGroupForReasonAndReportWithDescription that sub_351F8 acts as a
terminator, which just proves our analysis of sub_350C4. Go back to the function body of
relaunchSpringBoard, our analysis comes to the end: _relaunchSpringBoardNow is called to
finish respring.
Neither do we need to read assembly code nor be familiar with calling conventions, we’ve
finished this reverse engineering task from scratch, right? However, we should not take much
credits, kudos to IDA! In most cases, IDA plays the same role to the above example; you only
need to be patient reading every line of code, it won’t be long before you feel the beauty of
reverse engineering.
The usage of IDA is much much more complicated than I have introduced in this book, if
you have any questions about it, please discuss with us on http://bbs.iosre.com, or take The
IDA Pro Book as reference.