| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
(i.e. not freed before writing)
|
|
|
|
If some arguments are passed multiple times, don't leak the memory used
for the value of the first arguments passed.
|
|
If some arguments are passed multiple times, don't leak the memory used
for the value of the first arguments passed.
|
|
When creating a connection handler thread fails, and we close the
server_fd, do not loop back to the start of the loop trying to run
socket_accept() on a closed fd, but break out of the loop instead.
|
|
If either of dstpath or srcpath can be NULL, then make sure they get
freed irrespective of the other variable's value in
mb2_copy_directory_by_path()
|
|
fd was leak in error path.
|
|
|
|
Another change in 3.6.0 is that a serial of '\0' is not valid anymore.
Bump it to one.
|
|
Verification will fail if a special flag is not passed. Use
gnutls_x509_crt_sign2() instead of gnutls_x509_crt_sign() to make
sure that passing this flag works in 3.6.0 and stays working with
3.6.1.
|
|
Starting with iOS 9.1, querying IORegistry by plane stopped working. This
commit will add a new command that allows querying by entry that will allow
gathering data for devices with newer iOS versions again (including iOS 11).
|
|
command
|
|
After device bootup several services cannot be used until the passcode
is entered on the device. This commit will detect this state and wait for
the passcode to be entered. Before this change you would have to restart
idevicesyslog or replug the device after entering the passcode to make
the logging work again.
|
|
Credit to Rudolf Tammekivi (Blefish), see issue #599
|
|
iOS 11.2+
When activating in session mode - which is required for newer iOS versions -
we can now pass the activation response headers with the activation command.
For iOS 11.2+ this is mandatory or the activation will fail.
|
|
PLIST_DATA
|
|
older device
On newer iOS version, ValidatePair is not mandatory to gain trusted host
status. Starting with iOS 11, the ValidatePair request has been removed from
lockdownd and will throw an error. This commit adds a version check so that
ValidatePair is only called on devices prior iOS 7.
|
|
device activation
|
|
|
|
|
|
|
|
That is, recover if gnutls_handshake() returns with non fatal
error codes like GNUTLS_E_INTERRUPTED or GNUTLS_E_AGAIN.
|
|
|
|
CRYPTO_set_id_callback
CRYPTO_set_locking_callback
EVP_cleanup
CRYPTO_cleanup_all_ex_data
SSL_COMP_free_compression_methods
are all no-ops with OpenSSL 1.1.0, so we can #ifdef out the
corresponding code. This cleans up some warnings about
id_function/locking_function being defined but unused (as the calls to
CRYPTO_set_id_callback and CRYPTO_set_locking_callback disappear at
preprocessing time).
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
|
|
It's deprecated and causes compile-time warnings. We don't want to
fallback to ERR_remove_state() either as it's similarly deprecated.
This commit adds a helper functions to hide the #ifdef mess between
the various openssl versions.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
|
|
Since commit OpenSSL_1_1_0-pre3~178
https://github.com/openssl/openssl/commit/b184e3ef73200cb3b7914a603b43a5b8a074c85f
OpenSSL automatically cleans up some of its internal data when the
program exits. This conflicts with some similar clean up
libimobiledevice attempts to do, which causes a double-free.
SSL_COMP_free_compression_methods() was available in OpenSSL 1.0.2,
and is still there in 1.1.0 as a no-op, so we can use that to free
the compression methods.
This bug can be hit with a simple idevicebackup2 --help
==14299== Invalid read of size 4
==14299== at 0x547AEBC: OPENSSL_sk_pop_free (stack.c:263)
==14299== by 0x508B848: ssl_library_stop (ssl_init.c:182)
==14299== by 0x5424D11: OPENSSL_cleanup (init.c:402)
==14299== by 0x5DC3134: __cxa_finalize (cxa_finalize.c:56)
==14299== by 0x53332B2: ??? (in /usr/lib64/libcrypto.so.1.1.0e)
==14299== by 0x4011232: _dl_fini (dl-fini.c:235)
==14299== by 0x5DC2DC7: __run_exit_handlers (exit.c:83)
==14299== by 0x5DC2E19: exit (exit.c:105)
==14299== by 0x5DA8604: (below main) (libc-start.c:329)
==14299== Address 0x6585590 is 0 bytes inside a block of size 40 free'd
==14299== at 0x4C2FCC8: free (vg_replace_malloc.c:530)
==14299== by 0x4E43381: sk_SSL_COMP_free (ssl.h:830)
==14299== by 0x4E434E7: internal_idevice_deinit (idevice.c:103)
==14299== by 0x5B79643: __pthread_once_slow (pthread_once.c:116)
==14299== by 0x4E5663A: thread_once (thread.c:104)
==14299== by 0x4E43525: libimobiledevice_deinitialize (idevice.c:140)
==14299== by 0x4011232: _dl_fini (dl-fini.c:235)
==14299== by 0x5DC2DC7: __run_exit_handlers (exit.c:83)
==14299== by 0x5DC2E19: exit (exit.c:105)
==14299== by 0x5DA8604: (below main) (libc-start.c:329)
==14299== Block was alloc'd at
==14299== at 0x4C2EB1B: malloc (vg_replace_malloc.c:299)
==14299== by 0x5428908: CRYPTO_zalloc (mem.c:100)
==14299== by 0x547A9AE: OPENSSL_sk_new (stack.c:108)
==14299== by 0x5087D43: sk_SSL_COMP_new (ssl.h:830)
==14299== by 0x5087D43: do_load_builtin_compressions (ssl_ciph.c:482)
==14299== by 0x5087D43: do_load_builtin_compressions_ossl_ (ssl_ciph.c:476)
==14299== by 0x5B79643: __pthread_once_slow (pthread_once.c:116)
==14299== by 0x547B198: CRYPTO_THREAD_run_once (threads_pthread.c:106)
==14299== by 0x5089F96: load_builtin_compressions (ssl_ciph.c:500)
==14299== by 0x5089F96: SSL_COMP_get_compression_methods (ssl_ciph.c:1845)
==14299== by 0x508B68B: ossl_init_ssl_base (ssl_init.c:125)
==14299== by 0x508B68B: ossl_init_ssl_base_ossl_ (ssl_init.c:25)
==14299== by 0x5B79643: __pthread_once_slow (pthread_once.c:116)
==14299== by 0x547B198: CRYPTO_THREAD_run_once (threads_pthread.c:106)
==14299== by 0x508B90A: OPENSSL_init_ssl (ssl_init.c:227)
==14299== by 0x4E43416: internal_idevice_init (idevice.c:73)
=
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
|
|
The capabilities parameter is a string array not a plist. Also check
other parameters when we are at it.
|
|
|
|
event number in libusbmuxd
|
|
error for most failures
|
|
There are services that would send really large plist data, e.g. when listing
provisioning profiles. Instead of forcing the data to be less than 16MB we
try to allocate a buffer as large as requested. If the allocation fails the
function returns with an error.
|
|
|
|
|
|
|
|
|
|
The condition in line 2278 is incorrectly evaluated when
mb2_status_check_snapshot_state() isn't able to read the Status.plist file.
While `if (-1) { ... }` will be a 'false' condition, `if (1 && -1) { ... }`
will be 'true' which in this case would make idevicebackup2 assume the backup
was successful while it was not.
This commit fixes this issue by changing the default return value of
mb2_status_check_snapshot_state() to be 0 (false).
Thanks to Xiao Deng for pointing out this issue!
|
|
profiles at once
|
|
|
|
return exit code on error
|
|
|
|
|
|
|
|
In newer GnuTLS versions the parameters supplied to
gnutls_x509_privkey_import_rsa_raw() are actually checked for somewhat
sane values. Since we were passing the same values for all parameters,
this check fails and the device certificate is never generated.
However due to missing checks the pairing record was saved anyway, with
an empty device certificate. This led to TLS errors during communication,
leading to the "GnuTLS: Error in pull function" error message appearing
and the communication to fail.
This commit fixes the issue by passing some sane values, and also improves
the overall error handling during generation of the paring record.
|
|
|
|
|
|
|
|
|
|
|
|
For newer iOS versions, apparently >= iOS 8, iTunes stores information
about installed applications inside of the Info.plist file. This
commit mimics that behavior.
|
|
|
Nikias Bassen
Bastien Nocera
Robert Gadbois
Nikos Mavrogiannopoulos
Christophe Fergeau
BALATON Zoltan
Antoine Reversat