Here is the routine. Can anyone explain what I need to modify to make it return TRUE
__text:00086494 ; =============== S U B R O U T I N E =======================================
__text:00086494
__text:00086494 ; BLAH - (char)free
__text:00086494
__text:00086494 ; char __cdecl -[BLAH free](struct BLAH *self, SEL)
__text:00086494 __BLAH_free_ ; DATA XREF: __objc_const:00BC0CECo
__text:00086494 MOV R1, #(_OBJC_IVAR_$_BLAH._free - 0x864A0) ; char _free;
__text:0008649C ADD R1, PC ; char _free;
__text:0008649E LDR R1, [R1] ; char _free;
__text:000864A0 LDRSB R0, [R0,R1]
__text:000864A2 BX LR
__text:000864A2 ; End of function -[BLAH free]
Pretty much any ARM ABI passes the return value in r0, and this code looks to be no exception. In this case, ldrsb r0, [r0, r1] is loading the return value using the self pointer in r0 and the computed offset in r1. Since this has no side effects or other complex behaviour to account for, you could simply replace that instruction depending on what the actual numeric value of TRUE should be, e.g. mov r0, #1, mvn r0, #0, etc.