summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2013-07-13configure.ac: Simply check for asprintf and vasprintfGravatar Martin Szulecki1-10/+1
2013-07-02Bug #331 - Don't create a /tmp/root directory insecurelyGravatar Federico Mena Quintero1-29/+76
When finding the user's home directory to generate a subdirectory in $HOME/.config, we would fall back to /tmp if there were no environment variables for HOME or XDG_CONFIG_HOME. Since libimobiledevice gets used by upower, and since upowerd runs as root, this would cause a /tmp/root directory to be created insecurely, leaving upowerd vulnerable to a symlink attack. Now we fall back to getpwuid_r() to find the user's home directory if it is not provided in environment variables - this is the case when upowerd gets run via systemd, for example. The result is that we'll end up creating /root/.config, a safe directory, since regular users cannot create symlinks in /root. In the future we'll need a way for libimobiledevice to find where to store its pairing data on behalf of the console user, rather than writing it to /root. http://libiphone.lighthouseapp.com/projects/27916-libiphone/tickets/331-insecure-tmp-directory-use
2013-07-02common: Add utils.[ch] with a string_concat() functionGravatar Federico Mena Quintero3-1/+114
Instead of doing malloc() and repeated strcat(), which is an O(n^2) way to concatenate multiple strings, we define a single O(total_len) function that uses stpcpy(). This will also make the rest of the code more legible and safer.
2013-07-01cython: Remove erroneous free()Gravatar Dawn K. Isabel1-2/+0
2013-06-30 Fixed leaked plist uint which is passed to ↵Gravatar Aaron Burghardt1-1/+3
mobilebackup2_send_status_response().
2013-06-30Fixed multiple occurrences of memory leaks when empty plist dicts are passed ↵Gravatar Aaron Burghardt1-5/+13
to mobilebackup2_send_status_response().
2013-06-30Fixed leaked lockdowns client object in do_post_notification().Gravatar Aaron Burghardt1-0/+1
2013-06-30Fixed memory leak in mb2_status_check_snapshot_state() by freeing the string ↵Gravatar Aaron Burghardt1-0/+1
returned from plist_get_string_val().
2013-06-30Fixed memory leak by creating empty plist dict for iTunes settings only when ↵Gravatar Aaron Burghardt1-2/+2
it can’t be retrieved from the lockdown connection. That mimics the leaking implementation, but maybe it should be an error.
2013-06-30Fixed memory leak in lockdownd_gen_pair_cert() by freeing X509_EXTENSION ↵Gravatar Aaron Burghardt1-0/+1
object when using OpenSSL.
2013-06-30Fixed memory leak in lockdownd_gen_pair_cert() when getting cert data using ↵Gravatar Aaron Burghardt1-2/+5
OpenSSL.
2013-06-06cython: Add support for using Python 'with' statement when opening AfcFileGravatar Dawn K. Isabel1-0/+6
2013-05-31cython: Update declaration for LockdownServiceDescriptor to match definitionGravatar Martin Szulecki1-1/+1
2013-05-31cython: Explicitly cast ssl_enabled when calling lockdownd_start_sessionGravatar Dawn K. Isabel1-1/+1
2013-05-31cython: Add Afc2Client class to allow jailbroken filesystem accessGravatar Dawn K. Isabel1-0/+32
2013-05-31cython: Initialize some pointers to NULLGravatar Dawn K. Isabel1-4/+4
2013-05-31cython: Add read() method to AfcFileGravatar Dawn K. Isabel1-0/+14
2013-05-31cython: Make LockdownServiceDescriptor inherit from Base, since it calls ↵Gravatar Dawn K. Isabel1-1/+1
self.handle_error
2013-05-28tools: fix linker error with newer libtoolGravatar Nikias Bassen1-4/+4
2013-05-24syslog_relay: Make sure syslog worker thread is not stuck foreverGravatar Martin Szulecki1-2/+4
2013-05-23idevicesyslog: Remove obsolete include of lockdown interfaceGravatar Martin Szulecki1-1/+0
2013-05-23Silence compiler warnings for win32 buildsGravatar Martin Szulecki5-5/+8
2013-05-23syslog_relay: Remove syslog_relay_send() as the service is read-onlyGravatar Martin Szulecki2-35/+1
2013-05-23idevicesyslog: Switch code to new syslog_relay service interfaceGravatar Martin Szulecki2-50/+26
2013-05-23Add protocol implementation for syslog_relay serviceGravatar Martin Szulecki5-2/+416
2013-05-23heartbeat: Fix wrong error codes in documentationGravatar Martin Szulecki1-4/+4
2013-04-25installation_proxy: Add helper to retrieve filepath of an app from deviceGravatar Martin Szulecki2-0/+99
2013-04-25common: Move debug and userpref code into libinternalcommonGravatar Martin Szulecki31-32/+32
2013-04-25installation_proxy: Silence compiler warnings about thread_t pointer assignmentsGravatar Martin Szulecki2-4/+4
2013-04-25afc: Add convenience helper to free AFC dictionaries in afc_dictionary_free()Gravatar Martin Szulecki2-0/+15
2013-03-20use new internal common code for thread, mutex, and socket operationsGravatar Nikias Bassen14-230/+50
2013-03-20move thread and socket code to "common" subdirGravatar Nikias Bassen9-7/+64
2013-03-20idevicesyslog: removed unused header includeGravatar Nikias Bassen1-1/+0
2013-03-19configure.ac: Fix broken byte order detection for platforms without endian.hGravatar Martin Szulecki1-1/+1
This could ultimatively lead to broken AFC communication with a device on affected platforms due to bad byte order in the AFC protocol header.
2013-03-19Post release version bump to 1.1.6Gravatar Martin Szulecki1-1/+1
2013-03-19tools: Add missing socket.h and thread.h to fix make distcheck1.1.5Gravatar Martin Szulecki1-0/+2
2013-03-19docs: Update manpage for idevicebackup2Gravatar Martin Szulecki1-3/+17
2013-03-19idevice_id: Rename devname variable which shadows a global declaration on OS XGravatar Martin Szulecki1-5/+5
2013-03-19Update NEWS with latest changesGravatar Martin Szulecki1-0/+6
2013-03-18installation_proxy: Add ReturnAttributes key to comment for documentationGravatar Martin Szulecki1-3/+3
2013-03-18idevicebackup2: Fix integer overflow bug on 32-bit architecturesGravatar Martin Szulecki1-1/+1
2013-03-18Update README for sanityGravatar Martin Szulecki1-14/+11
2013-03-14fix invalid whitespaceGravatar Nikias Bassen1-1/+1
2013-03-14global: make sure to check service before checking service->port to prevent ↵Gravatar Nikias Bassen26-77/+44
crashes
2013-03-14lockdown: only return service descriptor if StartService succeedsGravatar Nikias Bassen1-5/+11
2013-03-07ideviceheartbeat: Report if starting the service failedGravatar Martin Szulecki1-1/+4
2013-02-28idevicesyslog: use events to allow automatic reconnect to deviceGravatar Nikias Bassen1-31/+147
2013-02-28idevicesyslog: use new service APIGravatar Nikias Bassen1-33/+17
2013-02-28remove unneeded int16_t* casts from calls to ↵Gravatar Nikias Bassen2-2/+2
service_client_factory_start_service
2013-02-28service: use correct int16_t instead of uint16_t for error codesGravatar Nikias Bassen4-7/+7