fix some issues that may cause crashes

roothide · Apr 29, 2024 · eb83d9b · eb83d9b
1 parent b07c0b5
commit eb83d9b
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 3 deletions.
diff --git a/BaseBin/launchdhook/src/ipc_hook.m b/BaseBin/launchdhook/src/ipc_hook.m
@@ -33,7 +33,7 @@ int sandbox_check_by_audit_token_hook(audit_token_t au, const char *operation, i
 				if(pid>0 && proc_pidpath(pid, pathbuf, sizeof(pathbuf))>0) {
 					NSString* appIdentifier = getAppIdentifierForPath(pathbuf);
 					if(appIdentifier && roothideBlacklistedApp(appIdentifier)) {
-						JBLogDebug("%s roothideBlacklistedApp:%s, %s", name, appIdentifier.UTF8String, path);
+						JBLogDebug("%s roothideBlacklistedApp:%s, %s", name, appIdentifier.UTF8String, pathbuf);
 						allow=false;
 					} 
 				}

diff --git a/BaseBin/libjailbreak/src/recdhash.m b/BaseBin/libjailbreak/src/recdhash.m
@@ -4,6 +4,7 @@
 #include <choma/Host.h>
 #include <choma/MachOByteOrder.h>
 #include <choma/CodeDirectory.h>
+#include <sys/param.h>
 #include "log.h"
 
 extern CS_DecodedBlob *csd_superblob_find_best_code_directory(CS_DecodedSuperBlob *decodedSuperblob);
@@ -94,6 +95,29 @@ int calc_cdhash(uint8_t *cdBlob, size_t cdBlobSize, uint8_t hashtype, void *cdha
     return 0;
 }
 
+#define APP_PATH_PREFIX "/private/var/containers/Bundle/Application/"
+
+bool is_app_path(const char* path)
+{
+    if(!path) return false;
+
+    char rp[PATH_MAX];
+    if(!realpath(path, rp)) return false;
+
+    if(strncmp(rp, APP_PATH_PREFIX, sizeof(APP_PATH_PREFIX)-1) != 0)
+        return false;
+
+    char* p1 = rp + sizeof(APP_PATH_PREFIX)-1;
+    char* p2 = strchr(p1, '/');
+    if(!p2) return false;
+
+    //is normal app or jailbroken app/daemon?
+    if((p2 - p1) != (sizeof("xxxxxxxx-xxxx-xxxx-yxxx-xxxxxxxxxxxx")-1))
+        return false;
+
+	return true;
+}
+
 int ensure_randomized_cdhash(const char* inputPath, void* cdhashOut)
 {
 	if(access(inputPath, W_OK) != 0)
@@ -165,6 +189,14 @@ int ensure_randomized_cdhash(const char* inputPath, void* cdhashOut)
     uint64_t* rd2 = (uint64_t*)&(firstsection.segname[sizeof(firstsection.segname)-sizeof(uint64_t)]);
     JBLogDebug("__TEXT: %llx,%llx, %016llX %016llX\n", textsegoffset, textsegment.fileoff, *rd, *rd2);
 
+	bool isAppPath = is_app_path(inputPath);
+
+	//Ignore removable system apps
+	if(isAppPath && rd==0 && rd2==0) {
+		fat_free(fat);
+        return -1;
+	}
+
     int retval=-1;
 
     CS_SuperBlob *superblob = macho_read_code_signature(macho);
@@ -190,7 +222,7 @@ int ensure_randomized_cdhash(const char* inputPath, void* cdhashOut)
 
 		uint64_t jbrand = strtoull(getenv("JBRAND"),NULL,16);
 
-		if(*rd==0 && *rd2 == jbrand) 
+		if(!isAppPath && *rd==0 && *rd2 == jbrand) 
 		{
 			retval = csd_code_directory_calculate_hash(bestCDBlob, cdhashOut);
 			break;
@@ -204,7 +236,11 @@ int ensure_randomized_cdhash(const char* inputPath, void* cdhashOut)
 			}
 		}
 
-		*rd2 = jbrand;
+		if(isAppPath) {
+			*rd2 = 0; //fix removable system apps patched on previous version
+		} else {
+			*rd2 = jbrand;
+		}
 		if(memory_stream_write(fat->stream, macho->archDescriptor.offset + firstsectoffset, sizeof(firstsection), &firstsection) != 0) {
 			break;
 		}

diff --git a/Dopamine/Dopamine/bootstrap/bootstrap-iphoneos-arm64.tar.zst b/Dopamine/Dopamine/bootstrap/bootstrap-iphoneos-arm64.tar.zst