diff options
| author | 2016-07-12 23:34:27 +0200 | |
|---|---|---|
| committer | 2017-02-07 18:32:39 +0100 | |
| commit | 1728254f3a51b8b4d7de902dd53f12141085109c (patch) | |
| tree | 286124ad1c242835c59522aba32141f4340c0988 | |
| parent | 00a9e576ebf0dec261c67644d6c7eba7ea9afd23 (diff) | |
| download | idevicerestore-1728254f3a51b8b4d7de902dd53f12141085109c.tar.gz idevicerestore-1728254f3a51b8b4d7de902dd53f12141085109c.tar.bz2 | |
Remove some unneded variables and conditionals and plug some potential memory leaks
| -rw-r--r-- | src/dfu.c | 45 | ||||
| -rw-r--r-- | src/idevicerestore.c | 4 | ||||
| -rw-r--r-- | src/normal.c | 16 | ||||
| -rw-r--r-- | src/recovery.c | 13 | ||||
| -rw-r--r-- | src/restore.c | 122 | 
5 files changed, 79 insertions, 121 deletions
| @@ -44,7 +44,6 @@ int dfu_client_new(struct idevicerestore_client_t* client) {  	int i = 0;  	int attempts = 10;  	irecv_client_t dfu = NULL; -	irecv_error_t dfu_error = IRECV_E_UNKNOWN_ERROR;  	if (client->dfu == NULL) {  		client->dfu = (struct dfu_client_t*)malloc(sizeof(struct dfu_client_t)); @@ -56,8 +55,7 @@ int dfu_client_new(struct idevicerestore_client_t* client) {  	}  	for (i = 1; i <= attempts; i++) { -		dfu_error = irecv_open_with_ecid(&dfu, client->ecid); -		if (dfu_error == IRECV_E_SUCCESS) { +		if (irecv_open_with_ecid(&dfu, client->ecid) == IRECV_E_SUCCESS) {  			break;  		} @@ -90,12 +88,10 @@ void dfu_client_free(struct idevicerestore_client_t* client) {  int dfu_check_mode(struct idevicerestore_client_t* client, int* mode) {  	irecv_client_t dfu = NULL; -	irecv_error_t dfu_error = IRECV_E_SUCCESS;  	int probe_mode = -1;  	irecv_init(); -	dfu_error = irecv_open_with_ecid(&dfu, client->ecid); -	if (dfu_error != IRECV_E_SUCCESS) { +	if (irecv_open_with_ecid(&dfu, client->ecid) != IRECV_E_SUCCESS) {  		return -1;  	} @@ -119,18 +115,16 @@ const char* dfu_check_hardware_model(struct idevicerestore_client_t* client) {  	irecv_device_t device = NULL;  	irecv_init(); -	dfu_error = irecv_open_with_ecid(&dfu, client->ecid); -	if (dfu_error != IRECV_E_SUCCESS) { +	if (irecv_open_with_ecid(&dfu, client->ecid) != IRECV_E_SUCCESS) {  		return NULL;  	}  	dfu_error = irecv_devices_get_device_by_client(dfu, &device); +	irecv_close(dfu);  	if (dfu_error != IRECV_E_SUCCESS) {  		return NULL;  	} -	irecv_close(dfu); -  	return device->hardware_model;  } @@ -150,11 +144,7 @@ int dfu_send_buffer(struct idevicerestore_client_t* client, unsigned char* buffe  }  int dfu_send_component(struct idevicerestore_client_t* client, plist_t build_identity, const char* component) { -	uint32_t size = 0; -	unsigned char* data = NULL;  	char* path = NULL; -	irecv_error_t err = 0; -	int flag = 1;  	if (client->tss) {  		if (tss_response_get_path_by_entry(client->tss, component, &path) < 0) { @@ -164,8 +154,7 @@ int dfu_send_component(struct idevicerestore_client_t* client, plist_t build_ide  	if (!path) {  		if (build_identity_get_component_path(build_identity, component, &path) < 0) {  			error("ERROR: Unable to get path for component '%s'\n", component); -			if (path) -				free(path); +			free(path);  			return -1;  		}  	} @@ -178,17 +167,21 @@ int dfu_send_component(struct idevicerestore_client_t* client, plist_t build_ide  		free(path);  		return -1;  	} +	free(path); +	path = NULL; + +	unsigned char* data = NULL; +	uint32_t size = 0;  	if (personalize_component(component, component_data, component_size, client->tss, &data, &size) < 0) {  		error("ERROR: Unable to get personalized component: %s\n", component);  		free(component_data); -		free(path);  		return -1;  	}  	free(component_data);  	component_data = NULL; -	if (!client->image4supported && (client->build_major > 8) && !(client->flags & FLAG_CUSTOM) && (strcmp(component, "iBEC") == 0)) { +	if (!client->image4supported && client->build_major > 8 && !(client->flags & FLAG_CUSTOM) && !strcmp(component, "iBEC")) {  		unsigned char* ticket = NULL;  		unsigned int tsize = 0;  		if (tss_response_get_ap_ticket(client->tss, &ticket, &tsize) < 0) { @@ -196,26 +189,23 @@ int dfu_send_component(struct idevicerestore_client_t* client, plist_t build_ide  			return -1;  		}  		uint32_t fillsize = 0; -		if ((tsize % 0x40) != 0) { -			fillsize = 0x40 - (tsize % 0x40); +		if (tsize % 64 != 0) { +			fillsize = ((tsize / 64) + 1) * 64;  		}  		debug("ticket size = %d\nfillsize = %d\n", tsize, fillsize); -		unsigned char* newdata = (unsigned char*)malloc(tsize + fillsize + size); +		unsigned char* newdata = (unsigned char*)malloc(size + fillsize);  		memcpy(newdata, ticket, tsize); -		memset(newdata+tsize, '\xFF', fillsize); -		memcpy(newdata+tsize+fillsize, data, size); +		memset(newdata + tsize, '\xFF', fillsize - tsize); +		memcpy(newdata + fillsize, data, size);  		free(data);  		data = newdata; -		size += tsize;  		size += fillsize; -		flag = 1;  	}  	info("Sending %s (%d bytes)...\n", component, size);  	// FIXME: Did I do this right???? -	err = irecv_send_buffer(client->dfu->client, data, size, flag); -	free(path); +	irecv_error_t err = irecv_send_buffer(client->dfu->client, data, size, 1);  	if (err != IRECV_E_SUCCESS) {  		error("ERROR: Unable to send %s component: %s\n", component, irecv_strerror(err));  		free(data); @@ -325,7 +315,6 @@ int dfu_get_sep_nonce(struct idevicerestore_client_t* client, unsigned char** no  }  int dfu_enter_recovery(struct idevicerestore_client_t* client, plist_t build_identity) { -	irecv_error_t dfu_error = IRECV_E_SUCCESS;  	int mode = 0;  	if (dfu_client_new(client) < 0) { diff --git a/src/idevicerestore.c b/src/idevicerestore.c index acf171d..01901d6 100644 --- a/src/idevicerestore.c +++ b/src/idevicerestore.c @@ -1740,10 +1740,8 @@ int personalize_component(const char *component_name, const unsigned char* compo  				memcpy(stitched_component, component_data, component_size);  			}  		} - -		if (component_blob) -			free(component_blob);  	} +	free(component_blob);  	if (idevicerestore_keep_pers) {  		write_file(component_name, stitched_component, stitched_component_size); diff --git a/src/normal.c b/src/normal.c index c0ec2bf..8101b72 100644 --- a/src/normal.c +++ b/src/normal.c @@ -220,14 +220,13 @@ int normal_open_with_timeout(struct idevicerestore_client_t* client) {  const char* normal_check_hardware_model(struct idevicerestore_client_t* client) {  	idevice_t device = NULL; -	char* product_type = NULL; -	irecv_device_t irecv_device = NULL;  	lockdownd_client_t lockdown = NULL;  	lockdownd_error_t lockdown_error = LOCKDOWN_E_SUCCESS; +	irecv_device_t irecv_device = NULL;  	normal_idevice_new(client, &device);  	if (!device) { -		return product_type; +		return NULL;  	}  	lockdown_error = lockdownd_client_new_with_handshake(device, &lockdown, "idevicerestore"); @@ -236,22 +235,23 @@ const char* normal_check_hardware_model(struct idevicerestore_client_t* client)  	}  	if (lockdown_error != LOCKDOWN_E_SUCCESS) {  		idevice_free(device); -		return product_type; +		return NULL;  	}  	plist_t pval = NULL;  	lockdownd_get_value(lockdown, NULL, "HardwareModel", &pval);  	if (pval && (plist_get_node_type(pval) == PLIST_STRING)) { -		char* strval = NULL; +		char *strval = NULL;  		plist_get_string_val(pval, &strval);  		if (strval) {  			irecv_devices_get_device_by_hardware_model(strval, &irecv_device);  			free(strval);  		}  	} -	if (pval) { -		plist_free(pval); -	} +	plist_free(pval); + +	lockdownd_client_free(lockdown); +	idevice_free(device);  	return (irecv_device) ? irecv_device->hardware_model : NULL;  } diff --git a/src/recovery.c b/src/recovery.c index 134742e..13612c4 100644 --- a/src/recovery.c +++ b/src/recovery.c @@ -168,17 +168,13 @@ int recovery_enter_restore(struct idevicerestore_client_t* client, plist_t build  	char* value = NULL;  	irecv_getenv(client->recovery->client, "build-version", &value);  	info("iBoot build-version=%s\n", (value) ? value : "(unknown)"); -	if (value) { -		free(value); -		value = NULL; -	} +	free(value); +	value = NULL;  	irecv_getenv(client->recovery->client, "build-style", &value);  	info("iBoot build-style=%s\n", (value) ? value : "(unknown)"); -	if (value) { -		free(value); -		value = NULL; -	} +	free(value); +	value = NULL;  	unsigned long radio_error = 0;  	irecv_getenv(client->recovery->client, "radio-error", &value); @@ -273,6 +269,7 @@ int recovery_send_component(struct idevicerestore_client_t* client, plist_t buil  	if (!path) {  		if (build_identity_get_component_path(build_identity, component, &path) < 0) {  			error("ERROR: Unable to get path for component '%s'\n", component); +			free(path);  			return -1;  		}  	} diff --git a/src/restore.c b/src/restore.c index d354ac6..6fe1049 100644 --- a/src/restore.c +++ b/src/restore.c @@ -225,24 +225,23 @@ const char* restore_check_hardware_model(struct idevicerestore_client_t* client)  	idevice_t device = NULL;  	restored_client_t restore = NULL;  	restored_error_t restore_error = RESTORE_E_SUCCESS; -	char* product_type = NULL;  	irecv_device_t irecv_device = NULL;  	restore_idevice_new(client, &device);  	if (!device) { -		return product_type; +		return NULL;  	}  	restore_error = restored_client_new(device, &restore, "idevicerestore");  	if (restore_error != RESTORE_E_SUCCESS) {  		idevice_free(device); -		return product_type; +		return NULL;  	}  	if (restored_query_type(restore, NULL, NULL) != RESTORE_E_SUCCESS) {  		restored_client_free(restore);  		idevice_free(device); -		return product_type; +		return NULL;  	}  	if (client->srnm == NULL) { @@ -251,41 +250,32 @@ const char* restore_check_hardware_model(struct idevicerestore_client_t* client)  			error("ERROR: Unable to get SerialNumber from restored\n");  			restored_client_free(restore);  			idevice_free(device); -			return product_type; +			return NULL;  		}  		plist_get_string_val(node, &client->srnm);  		info("INFO: device serial number is %s\n", client->srnm); +		plist_free(node);  		node = NULL;  	}  	restore_error = restored_get_value(restore, "HardwareModel", &node); -	if (restore_error != RESTORE_E_SUCCESS) { -		error("ERROR: Unable to get HardwareModel from restored\n"); -		restored_client_free(restore); -		idevice_free(device); -		return product_type; -	} -  	restored_client_free(restore);  	idevice_free(device); -	restore = NULL; -	device = NULL; - -	if (!node || plist_get_node_type(node) != PLIST_STRING) { -		error("ERROR: Unable to get HardwareModel information\n"); -		if (node) -			plist_free(node); -		return product_type; +	if (restore_error != RESTORE_E_SUCCESS || !node || plist_get_node_type(node) != PLIST_STRING) { +		error("ERROR: Unable to get HardwareModel from restored\n"); +		plist_free(node); +		return NULL;  	} -	plist_get_string_val(node, &model); +	plist_get_string_val(node, &model);  	irecv_devices_get_device_by_hardware_model(model, &irecv_device); +	free(model);  	if (irecv_device && irecv_device->product_type) {  		return irecv_device->hardware_model;  	} -	return product_type; +	return NULL;  }  void restore_device_callback(const idevice_event_t* event, void* userdata) { @@ -1141,7 +1131,6 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned  	uint64_t blob_size = 0;  	int zerr = 0;  	int zindex = -1; -	int size = 0;  	struct zip_stat zstat;  	struct zip_file* zfile = NULL;  	struct zip* za = NULL; @@ -1180,7 +1169,7 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned  				goto leave;  			}  			char* ext = strrchr(signfn, '.'); -			if (strcmp(ext, ".fls") == 0) { +			if (!strcmp(ext, ".fls")) {  				is_fls = 1;  			} @@ -1202,30 +1191,29 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned  				goto leave;  			} -			size = zstat.size; -			buffer = (unsigned char*) malloc(size+1); +			buffer = (unsigned char*) malloc(zstat.size + 1);  			if (buffer == NULL) {  				error("ERROR: Out of memory\n");  				goto leave;  			} -			if (zip_fread(zfile, buffer, size) != size) { +			if (zip_fread(zfile, buffer, zstat.size) != zstat.size) {  				error("ERROR: zip_fread: failed\n");  				goto leave;  			} -			buffer[size] = '\0'; +			buffer[zstat.size] = '\0';  			zip_fclose(zfile);  			zfile = NULL;  			if (is_fls) { -				fls = fls_parse(buffer, size); +				fls = fls_parse(buffer, zstat.size);  				if (!fls) {  					error("ERROR: could not parse fls file\n");  					goto leave;  				}  			} else { -				mbn = mbn_parse(buffer, size); +				mbn = mbn_parse(buffer, zstat.size);  				if (!mbn) {  					error("ERROR: could not parse mbn file\n");  					goto leave; @@ -1256,15 +1244,17 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned  			free(blob);  			blob = NULL; +			fsize = (is_fls ? fls->size : mbn->size); +			fdata = (unsigned char*)malloc(fsize); +			if (fdata == NULL)  { +				error("ERROR: out of memory\n"); +				goto leave; +			}  			if (is_fls) { -				fsize = fls->size; -				fdata = (unsigned char*)malloc(fsize);  				memcpy(fdata, fls->data, fsize);  				fls_free(fls);  				fls = NULL;  			} else { -				fsize = mbn->size; -				fdata = (unsigned char*)malloc(fsize);  				memcpy(fdata, mbn->data, fsize);  				mbn_free(mbn);  				mbn = NULL; @@ -1273,6 +1263,7 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned  			zs = zip_source_buffer(za, fdata, fsize, 1);  			if (!zs) {  				error("ERROR: out of memory\n"); +				free(fdata);  				goto leave;  			} @@ -1294,33 +1285,29 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned  	free(iter);  	// remove everything but required files -	int i; -	int j; -	int skip = 0; -	int numf = zip_get_num_files(za); +	int i, j, keep, numf = zip_get_num_files(za);  	for (i = 0; i < numf; i++) { -		skip = 0; +		keep = 0;  		// check for signed file index  		for (j = 0; j < signed_file_count; j++) {  			if (i == signed_file_idxs[j]) { -				skip = 1; +				keep = 1;  				break;  			}  		}  		// check for anything but .mbn and .fls if bb_nonce is set -		if (bb_nonce && !skip) { +		if (bb_nonce && !keep) {  			const char* fn = zip_get_name(za, i, 0);  			if (fn) {  				char* ext = strrchr(fn, '.');  				if (ext && (!strcmp(ext, ".fls") || !strcmp(ext, ".mbn") || !strcmp(ext, ".elf") || !strcmp(ext, ".bin"))) { -					skip = 1; +					keep = 1;  				}  			}  		} -		if (skip) { -			continue; +		if (!keep) { +			zip_delete(za, i);  		} -		zip_delete(za, i);  	}  	if (bb_nonce) { @@ -1344,23 +1331,22 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned  				goto leave;  			} -			size = zstat.size; -			buffer = (unsigned char*) malloc(size+1); +			buffer = (unsigned char*) malloc(zstat.size + 1);  			if (buffer == NULL) {  				error("ERROR: Out of memory\n");  				goto leave;  			} -			if (zip_fread(zfile, buffer, size) != size) { +			if (zip_fread(zfile, buffer, zstat.size) != zstat.size) {  				error("ERROR: zip_fread: failed\n");  				goto leave;  			} -			buffer[size] = '\0'; +			buffer[zstat.size] = '\0';  			zip_fclose(zfile);  			zfile = NULL; -			fls = fls_parse(buffer, size); +			fls = fls_parse(buffer, zstat.size);  			free(buffer);  			buffer = NULL;  			if (!fls) { @@ -1385,6 +1371,10 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned  			fsize = fls->size;  			fdata = (unsigned char*)malloc(fsize); +			if (!fdata) { +				error("ERROR: out of memory\n"); +				goto leave; +			}  			memcpy(fdata, fls->data, fsize);  			fls_free(fls);  			fls = NULL; @@ -1392,6 +1382,7 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned  			zs = zip_source_buffer(za, fdata, fsize, 1);  			if (!zs) {  				error("ERROR: out of memory\n"); +				free(fdata);  				goto leave;  			} @@ -1434,12 +1425,6 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned  	zs = NULL;  leave: -	if (mbn) { -		mbn_free(mbn); -	} -	if (fls) { -		fls_free(fls); -	}  	if (zfile) {  		zip_fclose(zfile);  	} @@ -1450,12 +1435,10 @@ leave:  		zip_unchange_all(za);  		zip_close(za);  	} -	if (buffer) { -		free(buffer); -	} -	if (blob) { -		free(blob); -	} +	mbn_free(mbn); +	fls_free(fls); +	free(buffer); +	free(blob);  	return res;  } @@ -1609,25 +1592,16 @@ int restore_send_baseband_data(restored_client_t restore, struct idevicerestore_  	}  	info("Done sending BasebandData\n"); -	plist_free(dict); -	dict = NULL; -  	res = 0;  leave: -	if (dict) { -		plist_free(dict); -	} -	if (buffer) { -		free(buffer); -	} +	plist_free(dict); +	free(buffer);  	if (bbfwtmp) {  		remove(bbfwtmp);  		free(bbfwtmp);  	} -	if (response) { -		plist_free(response); -	} +	plist_free(response);  	return res;  } | 
