1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
/* Cydia - iPhone UIKit Front-End for Debian APT
* Copyright (C) 2008-2015 Jay Freeman (saurik)
*/
/* GNU General Public License, Version 3 {{{ */
/*
* Cydia is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published
* by the Free Software Foundation, either version 3 of the License,
* or (at your option) any later version.
*
* Cydia is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Cydia. If not, see <http://www.gnu.org/licenses/>.
**/
/* }}} */
#include <cstdio>
#include <cstdlib>
#include <errno.h>
#include <sysexits.h>
#include <unistd.h>
#include <launch.h>
#include <sys/stat.h>
#include <Menes/Function.h>
typedef Function<void, const char *, launch_data_t> LaunchDataIterator;
void launch_data_dict_iterate(launch_data_t data, LaunchDataIterator code) {
launch_data_dict_iterate(data, [](launch_data_t value, const char *name, void *baton) {
(*static_cast<LaunchDataIterator *>(baton))(name, value);
}, &code);
}
int main(int argc, char *argv[]) {
auto request(launch_data_new_string(LAUNCH_KEY_GETJOBS));
auto response(launch_msg(request));
launch_data_free(request);
_assert(response != NULL);
_assert(launch_data_get_type(response) == LAUNCH_DATA_DICTIONARY);
auto parent(getppid());
auto cydia(false);
struct stat correct;
if (lstat("/Applications/Cydia.app/Cydia", &correct) == -1) {
fprintf(stderr, "you have no arms left");
return EX_NOPERM;
}
launch_data_dict_iterate(response, [=, &cydia](const char *name, launch_data_t value) {
if (launch_data_get_type(value) != LAUNCH_DATA_DICTIONARY)
return;
auto integer(launch_data_dict_lookup(value, LAUNCH_JOBKEY_PID));
if (integer == NULL || launch_data_get_type(integer) != LAUNCH_DATA_INTEGER)
return;
auto pid(launch_data_get_integer(integer));
if (pid != parent)
return;
auto variables(launch_data_dict_lookup(value, LAUNCH_JOBKEY_ENVIRONMENTVARIABLES));
if (variables != NULL && launch_data_get_type(variables) == LAUNCH_DATA_DICTIONARY) {
auto dyld(false);
launch_data_dict_iterate(variables, [&dyld](const char *name, launch_data_t value) {
if (strncmp(name, "DYLD_", 5) == 0)
dyld = true;
});
if (dyld)
return;
}
auto string(launch_data_dict_lookup(value, LAUNCH_JOBKEY_PROGRAM));
if (string == NULL || launch_data_get_type(string) != LAUNCH_DATA_STRING) {
auto array(launch_data_dict_lookup(value, LAUNCH_JOBKEY_PROGRAMARGUMENTS));
if (array == NULL || launch_data_get_type(array) != LAUNCH_DATA_ARRAY)
return;
if (launch_data_array_get_count(array) == 0)
return;
string = launch_data_array_get_index(array, 0);
if (string == NULL || launch_data_get_type(string) != LAUNCH_DATA_STRING)
return;
}
auto program(launch_data_get_string(string));
if (program == NULL)
return;
struct stat check;
if (lstat(program, &check) == -1)
return;
if (correct.st_dev == check.st_dev && correct.st_ino == check.st_ino)
cydia = true;
});
if (!cydia) {
fprintf(stderr, "none shall pass\n");
return EX_NOPERM;
}
setuid(0);
setgid(0);
if (argc < 2 || argv[1][0] != '/')
argv[0] = "/usr/bin/dpkg";
else {
--argc;
++argv;
}
execv(argv[0], argv);
return EX_UNAVAILABLE;
}
|
