From d266a367ad6ed67cdd990d81187be9e2096c9ef4 Mon Sep 17 00:00:00 2001
From: Dan Zimmerman <danz@spotify.com>
Date: Fri, 15 Jul 2022 13:28:33 -0500
Subject: [PATCH 1/2] [dyldex] Add --lookup to quickly find the image an
 address lives in

---
 bin/dyldex | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/bin/dyldex b/bin/dyldex
index 35889a0..c767834 100755
--- a/bin/dyldex
+++ b/bin/dyldex
@@ -76,6 +76,10 @@ def _getArguments():
 	parser.add_argument(
 		"-b", "--basenames", action="store_true",
 		help="Print only the basenames of each framework. Only applies when --list-frameworks is specified."
+		)
+	parser.add_argument(
+		"--lookup",
+		help="Find the library that an address lives in. Address should be specified as hex. E.g. dyldex --lookup 0x18008e9f8 dyld_shared_cache_arm64e."
 	)
 	parser.add_argument(
 		"-v", "--verbosity", type=int, choices=[0, 1, 2, 3], default=1,
@@ -204,6 +208,31 @@ def main():
 
 			imageMap[path] = imageData
 
+		# Find the image that an address lives in
+		if args.lookup:
+			lookupAddr = int(args.lookup, 16)
+
+			imagePaths = imageMap.keys()
+
+			# sort the paths so they're in VM address order
+			sortedPaths = sorted(imagePaths, key=lambda path: imageMap[path].address)
+
+			previousImagePath = None
+			for path in sortedPaths:
+				imageAddr = imageMap[path].address
+				if lookupAddr < imageAddr:
+					if previousImagePath is None:
+						print("Error: address before first image!", file=sys.stderr)
+						sys.exit(1)
+					print(os.path.basename(previousImagePath) if args.basenames else previousImagePath)
+					return
+				else:
+					previousImagePath = path
+			# We got to the end of the list, must be the last image
+			path = sortedPaths[-1]
+			print(os.path.basename(path) if args.basenames else path)
+			return
+
 		# list images option
 		if args.list_frameworks:
 			imagePaths = imageMap.keys()

From 5cd9cac1ab683bf28360edcb0e0f62dac3ca4807 Mon Sep 17 00:00:00 2001
From: Dan Zimmerman <danz@spotify.com>
Date: Mon, 18 Jul 2022 16:52:19 -0500
Subject: [PATCH 2/2] [dyldex] Don't mandate hex for --lookup

---
 bin/dyldex | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/dyldex b/bin/dyldex
index c767834..c080a4d 100755
--- a/bin/dyldex
+++ b/bin/dyldex
@@ -79,7 +79,7 @@ def _getArguments():
 		)
 	parser.add_argument(
 		"--lookup",
-		help="Find the library that an address lives in. Address should be specified as hex. E.g. dyldex --lookup 0x18008e9f8 dyld_shared_cache_arm64e."
+		help="Find the library that an address lives in. E.g. dyldex --lookup 0x18008e9f8 dyld_shared_cache_arm64e."
 	)
 	parser.add_argument(
 		"-v", "--verbosity", type=int, choices=[0, 1, 2, 3], default=1,
@@ -210,7 +210,7 @@ def main():
 
 		# Find the image that an address lives in
 		if args.lookup:
-			lookupAddr = int(args.lookup, 16)
+			lookupAddr = int(args.lookup, 0)
 
 			imagePaths = imageMap.keys()