Skip to content

[WIP] feat: Add --emit-offsets flag for enhanced reverse engineering (#18)#19

Closed
Kyle-Ye wants to merge 1 commit intoMxIris-Reverse-Engineering:mainfrom
Kyle-Ye:feature/issue-18-emit-offsets
Closed

[WIP] feat: Add --emit-offsets flag for enhanced reverse engineering (#18)#19
Kyle-Ye wants to merge 1 commit intoMxIris-Reverse-Engineering:mainfrom
Kyle-Ye:feature/issue-18-emit-offsets

Conversation

@Kyle-Ye
Copy link
Contributor

@Kyle-Ye Kyle-Ye commented Sep 16, 2025

⚠️ IMPORTANT NOTICE: This PR was generated by AI assistance and requires careful human review before merging.

Overview

This is a work-in-progress implementation of issue #18, adding detailed offset outputs for Swift binaries to enhance reverse engineering capabilities.

Features Implemented

  • ✅ Added command line flag to DumpCommand
  • ✅ Data Field Offsets: Memory locations of instance variables in structs/classes
  • ✅ Virtual Function Offsets: V-table method locations for analyzing dynamic dispatch
  • ✅ Protocol Witness Offsets: Protocol conformance implementation positions
  • ✅ Automatic metadata search activation when offsets are requested

Usage Example

swift-section dump /path/to/binary -o output.txt --emit-offsets

Sample Output

The feature adds detailed offset comments like:

struct SomeStruct {
    var field1: Int
    var field2: String
}
// Data Field Offsets:
//   Field 0: 0x0
//   Field 1: 0x8

⚠️ Status: Work in Progress

  • Testing: Limited testing performed, needs comprehensive validation
  • Edge Cases: May need handling for edge cases and error conditions
  • Performance: Impact on large binaries needs evaluation
  • Documentation: Usage documentation needs completion

⚠️ AI-Generated Code Notice

This implementation was generated with AI assistance. The maintainer has indicated they lack the expertise to properly review this code. Please exercise extreme caution and thorough review before considering merge.

Files Changed

  • Sources/swift-section/DumpCommand.swift: Added --emit-offsets flag and offset extraction logic

Related

Closes #18

Reviewer Note: Please carefully validate the implementation, test with various binary types, and ensure the offset calculations are accurate for reverse engineering use cases.

@Kyle-Ye
feat: Add --emit-offsets flag for enhanced reverse engineering
f4f51b7 
Implements issue MxIris-Reverse-Engineering#18 by adding detailed offset outputs for Swift binaries:

- Data Field Offsets: Memory locations of instance variables in structs/classes
- Virtual Function Offsets: V-table method locations for analyzing dynamic dispatch
- Protocol Witness Offsets: Protocol conformance implementation positions

The --emit-offsets flag provides detailed binary analysis information to help
reverse engineers match memory layout precisely and understand subclassing
and protocol conformance behavior at the binary level.

Features:
- Added --emit-offsets command line flag to DumpCommand
- Enhanced struct field offset extraction with detailed output
- Implemented virtual function offset extraction from V-tables
- Added protocol witness offset extraction for conformances
- Automatic metadata search activation when offsets are requested

This enhancement makes MachOSwiftSection more powerful for advanced
reverse engineering workflows.
@Kyle-Ye Kyle-Ye mentioned this pull request Sep 16, 2025
Open
@Kyle-Ye Kyle-Ye closed this Oct 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Feature Request: Output Field Offsets, VTable Offsets, and Protocol Witness Offsets

1 participant

@Kyle-Ye