From ddf0da04e26d634eb459a6d4a0d452d34c62e83b Mon Sep 17 00:00:00 2001
From: Nikias Bassen
Date: Wed, 24 Apr 2013 03:37:49 +0200
Subject: limera1n: verify device mode after sending exploit to check for
 failure

---
 src/limera1n.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

(limited to 'src/limera1n.c')

diff --git a/src/limera1n.c b/src/limera1n.c
index 0d0edcc..29cb02a 100644
--- a/src/limera1n.c
+++ b/src/limera1n.c
@@ -28,7 +28,7 @@
 #include "limera1n.h"
 #include "limera1n_payload.h"
 
-int limera1n_exploit(struct irecv_device *device, irecv_client_t client)
+int limera1n_exploit(struct irecv_device *device, irecv_client_t *pclient)
 {
 	irecv_error_t err = IRECV_E_SUCCESS;
 	unsigned int i = 0;
@@ -56,6 +56,8 @@ int limera1n_exploit(struct irecv_device *device, irecv_client_t client)
 	shellcode_length = sizeof(limera1n_payload);
 	memcpy(shellcode, limera1n_payload, sizeof(limera1n_payload));
 
+	irecv_client_t client = *pclient;
+
 	debug("Resetting device counters\n");
 	err = irecv_reset_counters(client);
 	if (err != IRECV_E_SUCCESS) {
@@ -96,11 +98,15 @@ int limera1n_exploit(struct irecv_device *device, irecv_client_t client)
 	debug("Exploit sent\n");
 
 	debug("Reconnecting to device\n");
-	client = irecv_reconnect(client, 7);
-	if (client == NULL) {
+	*pclient = irecv_reconnect(client, 7);
+	if (*pclient == NULL) {
 		error("Unable to reconnect\n");
 		return -1;
 	}
+	if ((*pclient)->mode != kDfuMode) {
+		error("Device reconnected in non-DFU mode\n");
+		return -1;
+	}
 
 	return 0;
 }
-- 
cgit v1.1-32-gdbae