Restrict DYLD_ launchd injection in cydo's parent.

author: Jay Freeman (saurik) <saurik@saurik.com> 2015-07-03 13:37:03 -0700
committer: Jay Freeman (saurik) <saurik@saurik.com> 2015-07-03 13:37:03 -0700
commit: cf769c11b99abf71df6bf9528c8bf9956c7e18e0 (patch)
tree: 06f51fd9030d60c89870d5d11c77b23cef2622c0 /cydo.cpp
parent: 42bbf27d44c650ea2d6fb6c3764881f4ff6f3413 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/cydo.cpp b/cydo.cpp
index 6fcde15..6d33f94 100644
--- a/cydo.cpp
+++ b/cydo.cpp
@@ -68,6 +68,19 @@ int main(int argc, char *argv[]) {
         if (pid != parent)
             return;
 
+        auto variables(launch_data_dict_lookup(value, LAUNCH_JOBKEY_ENVIRONMENTVARIABLES));
+        if (variables != NULL && launch_data_get_type(variables) == LAUNCH_DATA_DICTIONARY) {
+            bool dyld(false);
+
+            launch_data_dict_iterate(variables, [&dyld](const char *name, launch_data_t value) {
+                if (strncmp(name, "DYLD_", 5) == 0)
+                    dyld = true;
+            });
+
+            if (dyld)
+                return;
+        }
+
         auto string(launch_data_dict_lookup(value, LAUNCH_JOBKEY_PROGRAM));
         if (string == NULL || launch_data_get_type(string) != LAUNCH_DATA_STRING) {
             auto array(launch_data_dict_lookup(value, LAUNCH_JOBKEY_PROGRAMARGUMENTS));
author	Jay Freeman (saurik) <saurik@saurik.com>	2015-07-03 13:37:03 -0700
committer	Jay Freeman (saurik) <saurik@saurik.com>	2015-07-03 13:37:03 -0700
commit	cf769c11b99abf71df6bf9528c8bf9956c7e18e0 (patch)
tree	06f51fd9030d60c89870d5d11c77b23cef2622c0 /cydo.cpp
parent	42bbf27d44c650ea2d6fb6c3764881f4ff6f3413 (diff)