Menu
Now that Apple is running some kind of static analysis to automatically check for private API use, a number of people have been caught because of the Three20 library. I use another third-party library (which I compile myself from code) and I would like to automatically audit it for private API use before I submit to Apple, so I can eliminate/re-write those parts.
If I run nm on my application executable, I get a list of symbols, and I am seeing symbols in there that I don't use. For example I see _AudioServicesPlaySystemSound, and if I search for "AudioServicesPlaySystemSound" in XCode I get no results. Is there any way to automatically discriminate calls to private APIs, for example I notice that Apple has a habit of naming them with an initial underscore.
However: if I deliberately include a call to a private API it doesn't show up in the output of nm, but it does show up if I run strings on the binary. Based on this, one idea I had was to compile a huge list of all private API calls into a huge table, and automatically search for them in the strings output. I haven't done that yet.
Does anyone have any tips on how to automatically catch this stuff so I'm only going through the review process once?
653
You could try running nm on the object files instead of the linked executable:
nm -g -j *.o | sort | uniq
The objects should be in the build/<app>.build/*/<app>.build/Objects-normal sub-directory.
You're seeing a reference to AudioServicesPlaySystemSound because one of the functions you did call in turn calls AudioServicesPlaySystemSound.
Objective C calls won't generally show up in nm dumps, you'll need to use otool for that:
otool -ov <object file>
Use this dev tool, App Scanner. It scans your .app file for private API methods. A future release will also check for private API instance variables.
43
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
