summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar BALATON Zoltan2016-07-12 23:34:27 +0200
committerGravatar BALATON Zoltan2017-02-07 18:32:39 +0100
commit1728254f3a51b8b4d7de902dd53f12141085109c (patch)
tree286124ad1c242835c59522aba32141f4340c0988
parent00a9e576ebf0dec261c67644d6c7eba7ea9afd23 (diff)
downloadidevicerestore-1728254f3a51b8b4d7de902dd53f12141085109c.tar.gz
idevicerestore-1728254f3a51b8b4d7de902dd53f12141085109c.tar.bz2
Remove some unneded variables and conditionals and plug some potential memory leaks
-rw-r--r--src/dfu.c45
-rw-r--r--src/idevicerestore.c4
-rw-r--r--src/normal.c16
-rw-r--r--src/recovery.c13
-rw-r--r--src/restore.c122
5 files changed, 79 insertions, 121 deletions
diff --git a/src/dfu.c b/src/dfu.c
index 993692d..124d2c7 100644
--- a/src/dfu.c
+++ b/src/dfu.c
@@ -44,7 +44,6 @@ int dfu_client_new(struct idevicerestore_client_t* client) {
int i = 0;
int attempts = 10;
irecv_client_t dfu = NULL;
- irecv_error_t dfu_error = IRECV_E_UNKNOWN_ERROR;
if (client->dfu == NULL) {
client->dfu = (struct dfu_client_t*)malloc(sizeof(struct dfu_client_t));
@@ -56,8 +55,7 @@ int dfu_client_new(struct idevicerestore_client_t* client) {
}
for (i = 1; i <= attempts; i++) {
- dfu_error = irecv_open_with_ecid(&dfu, client->ecid);
- if (dfu_error == IRECV_E_SUCCESS) {
+ if (irecv_open_with_ecid(&dfu, client->ecid) == IRECV_E_SUCCESS) {
break;
}
@@ -90,12 +88,10 @@ void dfu_client_free(struct idevicerestore_client_t* client) {
int dfu_check_mode(struct idevicerestore_client_t* client, int* mode) {
irecv_client_t dfu = NULL;
- irecv_error_t dfu_error = IRECV_E_SUCCESS;
int probe_mode = -1;
irecv_init();
- dfu_error = irecv_open_with_ecid(&dfu, client->ecid);
- if (dfu_error != IRECV_E_SUCCESS) {
+ if (irecv_open_with_ecid(&dfu, client->ecid) != IRECV_E_SUCCESS) {
return -1;
}
@@ -119,18 +115,16 @@ const char* dfu_check_hardware_model(struct idevicerestore_client_t* client) {
irecv_device_t device = NULL;
irecv_init();
- dfu_error = irecv_open_with_ecid(&dfu, client->ecid);
- if (dfu_error != IRECV_E_SUCCESS) {
+ if (irecv_open_with_ecid(&dfu, client->ecid) != IRECV_E_SUCCESS) {
return NULL;
}
dfu_error = irecv_devices_get_device_by_client(dfu, &device);
+ irecv_close(dfu);
if (dfu_error != IRECV_E_SUCCESS) {
return NULL;
}
- irecv_close(dfu);
-
return device->hardware_model;
}
@@ -150,11 +144,7 @@ int dfu_send_buffer(struct idevicerestore_client_t* client, unsigned char* buffe
}
int dfu_send_component(struct idevicerestore_client_t* client, plist_t build_identity, const char* component) {
- uint32_t size = 0;
- unsigned char* data = NULL;
char* path = NULL;
- irecv_error_t err = 0;
- int flag = 1;
if (client->tss) {
if (tss_response_get_path_by_entry(client->tss, component, &path) < 0) {
@@ -164,8 +154,7 @@ int dfu_send_component(struct idevicerestore_client_t* client, plist_t build_ide
if (!path) {
if (build_identity_get_component_path(build_identity, component, &path) < 0) {
error("ERROR: Unable to get path for component '%s'\n", component);
- if (path)
- free(path);
+ free(path);
return -1;
}
}
@@ -178,17 +167,21 @@ int dfu_send_component(struct idevicerestore_client_t* client, plist_t build_ide
free(path);
return -1;
}
+ free(path);
+ path = NULL;
+
+ unsigned char* data = NULL;
+ uint32_t size = 0;
if (personalize_component(component, component_data, component_size, client->tss, &data, &size) < 0) {
error("ERROR: Unable to get personalized component: %s\n", component);
free(component_data);
- free(path);
return -1;
}
free(component_data);
component_data = NULL;
- if (!client->image4supported && (client->build_major > 8) && !(client->flags & FLAG_CUSTOM) && (strcmp(component, "iBEC") == 0)) {
+ if (!client->image4supported && client->build_major > 8 && !(client->flags & FLAG_CUSTOM) && !strcmp(component, "iBEC")) {
unsigned char* ticket = NULL;
unsigned int tsize = 0;
if (tss_response_get_ap_ticket(client->tss, &ticket, &tsize) < 0) {
@@ -196,26 +189,23 @@ int dfu_send_component(struct idevicerestore_client_t* client, plist_t build_ide
return -1;
}
uint32_t fillsize = 0;
- if ((tsize % 0x40) != 0) {
- fillsize = 0x40 - (tsize % 0x40);
+ if (tsize % 64 != 0) {
+ fillsize = ((tsize / 64) + 1) * 64;
}
debug("ticket size = %d\nfillsize = %d\n", tsize, fillsize);
- unsigned char* newdata = (unsigned char*)malloc(tsize + fillsize + size);
+ unsigned char* newdata = (unsigned char*)malloc(size + fillsize);
memcpy(newdata, ticket, tsize);
- memset(newdata+tsize, '\xFF', fillsize);
- memcpy(newdata+tsize+fillsize, data, size);
+ memset(newdata + tsize, '\xFF', fillsize - tsize);
+ memcpy(newdata + fillsize, data, size);
free(data);
data = newdata;
- size += tsize;
size += fillsize;
- flag = 1;
}
info("Sending %s (%d bytes)...\n", component, size);
// FIXME: Did I do this right????
- err = irecv_send_buffer(client->dfu->client, data, size, flag);
- free(path);
+ irecv_error_t err = irecv_send_buffer(client->dfu->client, data, size, 1);
if (err != IRECV_E_SUCCESS) {
error("ERROR: Unable to send %s component: %s\n", component, irecv_strerror(err));
free(data);
@@ -325,7 +315,6 @@ int dfu_get_sep_nonce(struct idevicerestore_client_t* client, unsigned char** no
}
int dfu_enter_recovery(struct idevicerestore_client_t* client, plist_t build_identity) {
- irecv_error_t dfu_error = IRECV_E_SUCCESS;
int mode = 0;
if (dfu_client_new(client) < 0) {
diff --git a/src/idevicerestore.c b/src/idevicerestore.c
index acf171d..01901d6 100644
--- a/src/idevicerestore.c
+++ b/src/idevicerestore.c
@@ -1740,10 +1740,8 @@ int personalize_component(const char *component_name, const unsigned char* compo
memcpy(stitched_component, component_data, component_size);
}
}
-
- if (component_blob)
- free(component_blob);
}
+ free(component_blob);
if (idevicerestore_keep_pers) {
write_file(component_name, stitched_component, stitched_component_size);
diff --git a/src/normal.c b/src/normal.c
index c0ec2bf..8101b72 100644
--- a/src/normal.c
+++ b/src/normal.c
@@ -220,14 +220,13 @@ int normal_open_with_timeout(struct idevicerestore_client_t* client) {
const char* normal_check_hardware_model(struct idevicerestore_client_t* client) {
idevice_t device = NULL;
- char* product_type = NULL;
- irecv_device_t irecv_device = NULL;
lockdownd_client_t lockdown = NULL;
lockdownd_error_t lockdown_error = LOCKDOWN_E_SUCCESS;
+ irecv_device_t irecv_device = NULL;
normal_idevice_new(client, &device);
if (!device) {
- return product_type;
+ return NULL;
}
lockdown_error = lockdownd_client_new_with_handshake(device, &lockdown, "idevicerestore");
@@ -236,22 +235,23 @@ const char* normal_check_hardware_model(struct idevicerestore_client_t* client)
}
if (lockdown_error != LOCKDOWN_E_SUCCESS) {
idevice_free(device);
- return product_type;
+ return NULL;
}
plist_t pval = NULL;
lockdownd_get_value(lockdown, NULL, "HardwareModel", &pval);
if (pval && (plist_get_node_type(pval) == PLIST_STRING)) {
- char* strval = NULL;
+ char *strval = NULL;
plist_get_string_val(pval, &strval);
if (strval) {
irecv_devices_get_device_by_hardware_model(strval, &irecv_device);
free(strval);
}
}
- if (pval) {
- plist_free(pval);
- }
+ plist_free(pval);
+
+ lockdownd_client_free(lockdown);
+ idevice_free(device);
return (irecv_device) ? irecv_device->hardware_model : NULL;
}
diff --git a/src/recovery.c b/src/recovery.c
index 134742e..13612c4 100644
--- a/src/recovery.c
+++ b/src/recovery.c
@@ -168,17 +168,13 @@ int recovery_enter_restore(struct idevicerestore_client_t* client, plist_t build
char* value = NULL;
irecv_getenv(client->recovery->client, "build-version", &value);
info("iBoot build-version=%s\n", (value) ? value : "(unknown)");
- if (value) {
- free(value);
- value = NULL;
- }
+ free(value);
+ value = NULL;
irecv_getenv(client->recovery->client, "build-style", &value);
info("iBoot build-style=%s\n", (value) ? value : "(unknown)");
- if (value) {
- free(value);
- value = NULL;
- }
+ free(value);
+ value = NULL;
unsigned long radio_error = 0;
irecv_getenv(client->recovery->client, "radio-error", &value);
@@ -273,6 +269,7 @@ int recovery_send_component(struct idevicerestore_client_t* client, plist_t buil
if (!path) {
if (build_identity_get_component_path(build_identity, component, &path) < 0) {
error("ERROR: Unable to get path for component '%s'\n", component);
+ free(path);
return -1;
}
}
diff --git a/src/restore.c b/src/restore.c
index d354ac6..6fe1049 100644
--- a/src/restore.c
+++ b/src/restore.c
@@ -225,24 +225,23 @@ const char* restore_check_hardware_model(struct idevicerestore_client_t* client)
idevice_t device = NULL;
restored_client_t restore = NULL;
restored_error_t restore_error = RESTORE_E_SUCCESS;
- char* product_type = NULL;
irecv_device_t irecv_device = NULL;
restore_idevice_new(client, &device);
if (!device) {
- return product_type;
+ return NULL;
}
restore_error = restored_client_new(device, &restore, "idevicerestore");
if (restore_error != RESTORE_E_SUCCESS) {
idevice_free(device);
- return product_type;
+ return NULL;
}
if (restored_query_type(restore, NULL, NULL) != RESTORE_E_SUCCESS) {
restored_client_free(restore);
idevice_free(device);
- return product_type;
+ return NULL;
}
if (client->srnm == NULL) {
@@ -251,41 +250,32 @@ const char* restore_check_hardware_model(struct idevicerestore_client_t* client)
error("ERROR: Unable to get SerialNumber from restored\n");
restored_client_free(restore);
idevice_free(device);
- return product_type;
+ return NULL;
}
plist_get_string_val(node, &client->srnm);
info("INFO: device serial number is %s\n", client->srnm);
+ plist_free(node);
node = NULL;
}
restore_error = restored_get_value(restore, "HardwareModel", &node);
- if (restore_error != RESTORE_E_SUCCESS) {
- error("ERROR: Unable to get HardwareModel from restored\n");
- restored_client_free(restore);
- idevice_free(device);
- return product_type;
- }
-
restored_client_free(restore);
idevice_free(device);
- restore = NULL;
- device = NULL;
-
- if (!node || plist_get_node_type(node) != PLIST_STRING) {
- error("ERROR: Unable to get HardwareModel information\n");
- if (node)
- plist_free(node);
- return product_type;
+ if (restore_error != RESTORE_E_SUCCESS || !node || plist_get_node_type(node) != PLIST_STRING) {
+ error("ERROR: Unable to get HardwareModel from restored\n");
+ plist_free(node);
+ return NULL;
}
- plist_get_string_val(node, &model);
+ plist_get_string_val(node, &model);
irecv_devices_get_device_by_hardware_model(model, &irecv_device);
+ free(model);
if (irecv_device && irecv_device->product_type) {
return irecv_device->hardware_model;
}
- return product_type;
+ return NULL;
}
void restore_device_callback(const idevice_event_t* event, void* userdata) {
@@ -1141,7 +1131,6 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned
uint64_t blob_size = 0;
int zerr = 0;
int zindex = -1;
- int size = 0;
struct zip_stat zstat;
struct zip_file* zfile = NULL;
struct zip* za = NULL;
@@ -1180,7 +1169,7 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned
goto leave;
}
char* ext = strrchr(signfn, '.');
- if (strcmp(ext, ".fls") == 0) {
+ if (!strcmp(ext, ".fls")) {
is_fls = 1;
}
@@ -1202,30 +1191,29 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned
goto leave;
}
- size = zstat.size;
- buffer = (unsigned char*) malloc(size+1);
+ buffer = (unsigned char*) malloc(zstat.size + 1);
if (buffer == NULL) {
error("ERROR: Out of memory\n");
goto leave;
}
- if (zip_fread(zfile, buffer, size) != size) {
+ if (zip_fread(zfile, buffer, zstat.size) != zstat.size) {
error("ERROR: zip_fread: failed\n");
goto leave;
}
- buffer[size] = '\0';
+ buffer[zstat.size] = '\0';
zip_fclose(zfile);
zfile = NULL;
if (is_fls) {
- fls = fls_parse(buffer, size);
+ fls = fls_parse(buffer, zstat.size);
if (!fls) {
error("ERROR: could not parse fls file\n");
goto leave;
}
} else {
- mbn = mbn_parse(buffer, size);
+ mbn = mbn_parse(buffer, zstat.size);
if (!mbn) {
error("ERROR: could not parse mbn file\n");
goto leave;
@@ -1256,15 +1244,17 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned
free(blob);
blob = NULL;
+ fsize = (is_fls ? fls->size : mbn->size);
+ fdata = (unsigned char*)malloc(fsize);
+ if (fdata == NULL) {
+ error("ERROR: out of memory\n");
+ goto leave;
+ }
if (is_fls) {
- fsize = fls->size;
- fdata = (unsigned char*)malloc(fsize);
memcpy(fdata, fls->data, fsize);
fls_free(fls);
fls = NULL;
} else {
- fsize = mbn->size;
- fdata = (unsigned char*)malloc(fsize);
memcpy(fdata, mbn->data, fsize);
mbn_free(mbn);
mbn = NULL;
@@ -1273,6 +1263,7 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned
zs = zip_source_buffer(za, fdata, fsize, 1);
if (!zs) {
error("ERROR: out of memory\n");
+ free(fdata);
goto leave;
}
@@ -1294,33 +1285,29 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned
free(iter);
// remove everything but required files
- int i;
- int j;
- int skip = 0;
- int numf = zip_get_num_files(za);
+ int i, j, keep, numf = zip_get_num_files(za);
for (i = 0; i < numf; i++) {
- skip = 0;
+ keep = 0;
// check for signed file index
for (j = 0; j < signed_file_count; j++) {
if (i == signed_file_idxs[j]) {
- skip = 1;
+ keep = 1;
break;
}
}
// check for anything but .mbn and .fls if bb_nonce is set
- if (bb_nonce && !skip) {
+ if (bb_nonce && !keep) {
const char* fn = zip_get_name(za, i, 0);
if (fn) {
char* ext = strrchr(fn, '.');
if (ext && (!strcmp(ext, ".fls") || !strcmp(ext, ".mbn") || !strcmp(ext, ".elf") || !strcmp(ext, ".bin"))) {
- skip = 1;
+ keep = 1;
}
}
}
- if (skip) {
- continue;
+ if (!keep) {
+ zip_delete(za, i);
}
- zip_delete(za, i);
}
if (bb_nonce) {
@@ -1344,23 +1331,22 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned
goto leave;
}
- size = zstat.size;
- buffer = (unsigned char*) malloc(size+1);
+ buffer = (unsigned char*) malloc(zstat.size + 1);
if (buffer == NULL) {
error("ERROR: Out of memory\n");
goto leave;
}
- if (zip_fread(zfile, buffer, size) != size) {
+ if (zip_fread(zfile, buffer, zstat.size) != zstat.size) {
error("ERROR: zip_fread: failed\n");
goto leave;
}
- buffer[size] = '\0';
+ buffer[zstat.size] = '\0';
zip_fclose(zfile);
zfile = NULL;
- fls = fls_parse(buffer, size);
+ fls = fls_parse(buffer, zstat.size);
free(buffer);
buffer = NULL;
if (!fls) {
@@ -1385,6 +1371,10 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned
fsize = fls->size;
fdata = (unsigned char*)malloc(fsize);
+ if (!fdata) {
+ error("ERROR: out of memory\n");
+ goto leave;
+ }
memcpy(fdata, fls->data, fsize);
fls_free(fls);
fls = NULL;
@@ -1392,6 +1382,7 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned
zs = zip_source_buffer(za, fdata, fsize, 1);
if (!zs) {
error("ERROR: out of memory\n");
+ free(fdata);
goto leave;
}
@@ -1434,12 +1425,6 @@ static int restore_sign_bbfw(const char* bbfwtmp, plist_t bbtss, const unsigned
zs = NULL;
leave:
- if (mbn) {
- mbn_free(mbn);
- }
- if (fls) {
- fls_free(fls);
- }
if (zfile) {
zip_fclose(zfile);
}
@@ -1450,12 +1435,10 @@ leave:
zip_unchange_all(za);
zip_close(za);
}
- if (buffer) {
- free(buffer);
- }
- if (blob) {
- free(blob);
- }
+ mbn_free(mbn);
+ fls_free(fls);
+ free(buffer);
+ free(blob);
return res;
}
@@ -1609,25 +1592,16 @@ int restore_send_baseband_data(restored_client_t restore, struct idevicerestore_
}
info("Done sending BasebandData\n");
- plist_free(dict);
- dict = NULL;
-
res = 0;
leave:
- if (dict) {
- plist_free(dict);
- }
- if (buffer) {
- free(buffer);
- }
+ plist_free(dict);
+ free(buffer);
if (bbfwtmp) {
remove(bbfwtmp);
free(bbfwtmp);
}
- if (response) {
- plist_free(response);
- }
+ plist_free(response);
return res;
}