From eb879c72e53585d55abbbf811d799b7ef43d1c02 Mon Sep 17 00:00:00 2001 From: Nikias Bassen Date: Thu, 24 Sep 2015 20:22:15 +0200 Subject: Revise several changes from commit 245bc9b6510a8900c69c2fd543434bae1bc6ca6a In very rare cases the changes introduced by commit can actually cause an invalid free. Reverted those changes. Also, plist_free() will check for NULL before doing anything, so an extra check for that is not needed. --- src/recovery.c | 13 ++++++++----- src/restore.c | 8 ++------ 2 files changed, 10 insertions(+), 11 deletions(-) (limited to 'src') diff --git a/src/recovery.c b/src/recovery.c index c21af19..907b1f2 100644 --- a/src/recovery.c +++ b/src/recovery.c @@ -168,13 +168,17 @@ int recovery_enter_restore(struct idevicerestore_client_t* client, plist_t build char* value = NULL; irecv_getenv(client->recovery->client, "build-version", &value); info("iBoot build-version=%s\n", (value) ? value : "(unknown)"); - free(value); - value = NULL; + if (value) { + free(value); + value = NULL; + } irecv_getenv(client->recovery->client, "build-style", &value); info("iBoot build-style=%s\n", (value) ? value : "(unknown)"); - free(value); - value = NULL; + if (value) { + free(value); + value = NULL; + } unsigned long radio_error = 0; irecv_getenv(client->recovery->client, "radio-error", &value); @@ -269,7 +273,6 @@ int recovery_send_component(struct idevicerestore_client_t* client, plist_t buil if (!path) { if (build_identity_get_component_path(build_identity, component, &path) < 0) { error("ERROR: Unable to get path for component '%s'\n", component); - free(path); return -1; } } diff --git a/src/restore.c b/src/restore.c index 3abf082..c81a7e4 100644 --- a/src/restore.c +++ b/src/restore.c @@ -779,7 +779,6 @@ int restore_send_kernelcache(restored_client_t restore, struct idevicerestore_cl if (!path) { if (build_identity_get_component_path(build_identity, "KernelCache", &path) < 0) { error("ERROR: Unable to find kernelcache path\n"); - free(path); return -1; } } @@ -848,7 +847,6 @@ int restore_send_nor(restored_client_t restore, struct idevicerestore_client_t* if (llb_path == NULL) { if (build_identity_get_component_path(build_identity, "LLB", &llb_path) < 0) { error("ERROR: Unable to get component path for LLB\n"); - free(llb_path); return -1; } } @@ -1913,10 +1911,8 @@ int restore_device(struct idevicerestore_client_t* client, plist_t build_identit } free(type); - if (message) { - plist_free(message); - message = NULL; - } + plist_free(message); + message = NULL; } restore_client_free(client); -- cgit v1.1-32-gdbae