From 340496f25f661f9dc2c46976c2be96fd2d94b406 Mon Sep 17 00:00:00 2001
From: Sam Bingner <sam@bingner.com>
Date: Mon, 24 Dec 2018 11:20:51 -1000
Subject: Use an NSArray for inject arguments

---
 Makefile |  2 +-
 control  |  2 +-
 inject.h |  3 ++-
 inject.m | 41 +++++++++++++++++++++++------------------
 main.c   | 50 --------------------------------------------------
 main.m   | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 6 files changed, 88 insertions(+), 71 deletions(-)
 delete mode 100644 main.c
 create mode 100644 main.m

diff --git a/Makefile b/Makefile
index b62e56b..4d63026 100644
--- a/Makefile
+++ b/Makefile
@@ -7,6 +7,6 @@ TOOL_NAME = inject
 inject_CODESIGN_FLAGS = -Sentitlements.xml
 inject_LIBRARIES = mis
 inject_FRAMEWORKS = IOKit Security
-inject_FILES = main.c inject.m patchfinder64.c kern_funcs.c
+inject_FILES = main.m inject.m patchfinder64.c kern_funcs.c
 
 include $(THEOS_MAKE_PATH)/tool.mk
diff --git a/control b/control
index d2e93b2..dc27596 100644
--- a/control
+++ b/control
@@ -1,6 +1,6 @@
 Package: trustinjector
 Name: Trust Cache Injector
-Version: 0.2
+Version: 0.3
 Architecture: iphoneos-arm
 Description: Inject files to kernel trust cache
 Maintainer: Sam Bingner <maintainer@sbdhi.com>
diff --git a/inject.h b/inject.h
index 0c72b5f..f5429e3 100644
--- a/inject.h
+++ b/inject.h
@@ -8,7 +8,8 @@
 
 #ifndef _INJECT_H_
 #define _INJECT_H_
+#include <Foundation/Foundation.h>
 
-int injectTrustCache(int filecount, char* files[], uint64_t trust_chain);
+int injectTrustCache(NSArray <NSString*> *files, uint64_t trust_chain);
 
 #endif
diff --git a/inject.m b/inject.m
index fda74e0..b7a073d 100644
--- a/inject.m
+++ b/inject.m
@@ -103,7 +103,7 @@ NSArray *filteredHashes(uint64_t trust_chain, NSDictionary *hashes) {
 #endif
 }
 
-int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) {
+int injectTrustCache(NSArray <NSString*> *files, uint64_t trust_chain) {
   @autoreleasepool {
     struct trust_mem mem;
     uint64_t kernel_trust = 0;
@@ -115,18 +115,20 @@ int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) {
     NSMutableDictionary *hashes = [NSMutableDictionary new];
     SecStaticCodeRef staticCode;
     CFDictionaryRef cfinfo;
-    int duplicates=0;
+    int errors=0;
 
-    for (int i = 0; i < filecount; i++) {
-        OSStatus result = SecStaticCodeCreateWithPathAndAttributes(CFURLCreateWithFileSystemPath(kCFAllocatorDefault, (CFStringRef)@(files[i]), kCFURLPOSIXPathStyle, false), kSecCSDefaultFlags, NULL, &staticCode);
+    for (NSString *file in files) {
+        OSStatus result = SecStaticCodeCreateWithPathAndAttributes(CFURLCreateWithFileSystemPath(kCFAllocatorDefault, (CFStringRef)file, kCFURLPOSIXPathStyle, false), kSecCSDefaultFlags, NULL, &staticCode);
+        const char *filename = file.UTF8String;
         if (result != errSecSuccess) {
             if (_SecCopyErrorMessageString != NULL) {
                 CFStringRef error = _SecCopyErrorMessageString(result, NULL);
-                fprintf(stderr, "Unable to generate cdhash for %s: %s\n", files[i], [(__bridge id)error UTF8String]);
+                fprintf(stderr, "Unable to generate cdhash for %s: %s\n", filename, [(__bridge id)error UTF8String]);
                 CFRelease(error);
             } else {
-                fprintf(stderr, "Unable to generate cdhash for %s: %d\n", files[i], result);
+                fprintf(stderr, "Unable to generate cdhash for %s: %d\n", filename, result);
             }
+            errors++;
             continue;
         }
 
@@ -135,7 +137,7 @@ int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) {
         NSDictionary *info = CFBridgingRelease(cfinfo);
         CFRelease(staticCode);
         if (result != errSecSuccess) {
-            fprintf(stderr, "Unable to copy cdhash info for %s\n", files[i]);
+            fprintf(stderr, "Unable to copy cdhash info for %s\n", filename);
             continue;
         }
         NSArray *cdhashes = info[@"cdhashes"];
@@ -143,23 +145,26 @@ int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) {
         NSUInteger algoIndex = [algos indexOfObject:@(cdHashTypeSHA256)];
 
         if (cdhashes == nil) {
-            printf("%s: no cdhashes\n", files[i]);
+            printf("%s: no cdhashes\n", filename);
+            errors++;
         } else if (algos == nil) {
-            printf("%s: no algos\n", files[i]);
+            printf("%s: no algos\n", filename);
+            errors++;
         } else if (algoIndex == NSNotFound) {
-            printf("%s: does not have SHA256 hash\n", files[i]);
+            printf("%s: does not have SHA256 hash\n", filename);
+            errors++;
         } else {
             NSData *cdhash = [cdhashes objectAtIndex:algoIndex];
             if (cdhash != nil) {
                 if (hashes[cdhash] == nil) {
-                    printf("%s: OK\n", files[i]);
-                    hashes[cdhash] = @(files[i]);
+                    printf("%s: OK\n", filename);
+                    hashes[cdhash] = file;
                 } else {
-                    printf("%s: same as %s (ignoring)", files[i], [hashes[cdhash] UTF8String]);
-                    duplicates++;
+                    printf("%s: same as %s (ignoring)", filename, [hashes[cdhash] UTF8String]);
                 }
             } else {
-                printf("%s: missing SHA256 cdhash entry\n", files[i]);
+                printf("%s: missing SHA256 cdhash entry\n", filename);
+                errors++;
             }
         }
     }
@@ -167,7 +172,7 @@ int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) {
 
     if (numHashes < 1) {
         fprintf(stderr, "Found no hashes to inject\n");
-        return 0;
+        return errors;
     }
 
 
@@ -175,7 +180,7 @@ int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) {
     unsigned hashesToInject = (unsigned)[filtered count];
     printf("%u new hashes to inject\n", hashesToInject);
     if (hashesToInject < 1) {
-        return 0;
+        return errors;
     }
 
     size_t length = (sizeof(mem) + hashesToInject * TRUST_CDHASH_LEN + 0xFFFF) & ~0xFFFF;
@@ -196,7 +201,7 @@ int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) {
     kwrite(kernel_trust + sizeof(mem), buffer, mem.count * TRUST_CDHASH_LEN);
     wk64(trust_chain, kernel_trust);
 
-    return filecount - numHashes - duplicates;
+    return (int)errors;
   }
 }
 
diff --git a/main.c b/main.c
deleted file mode 100644
index 81bed95..0000000
--- a/main.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- *  inject.m
- *  
- *  Created by Sam Bingner on 9/27/2018
- *  Copyright 2018 Sam Bingner. All Rights Reserved.
- *
- */
-
-#include <CoreFoundation/CoreFoundation.h>
-#include <mach/mach.h>
-#include <dlfcn.h>
-#include "patchfinder64.h"
-#include "CSCommon.h"
-#include "kern_funcs.h"
-#include "inject.h"
-
-
-mach_port_t try_restore_port() {
-    mach_port_t port = MACH_PORT_NULL;
-    kern_return_t err;
-
-    err = host_get_special_port(mach_host_self(), 0, 4, &port);
-    if (err == KERN_SUCCESS && port != MACH_PORT_NULL) {
-        fprintf(stderr, "got persisted port!\n");
-        // make sure rk64 etc use this port
-        return port;
-    }
-    fprintf(stderr, "unable to retrieve persisted port\n");
-    return MACH_PORT_NULL;
-}
-
-int main(int argc, char* argv[]) {
-    if (argc < 2) {
-        fprintf(stderr,"Usage: inject /full/path/to/executable\n");
-        fprintf(stderr,"Inject executables to trust cache\n");
-        return -1;
-    }
-    mach_port_t tfp0 = try_restore_port();
-    if (tfp0 == MACH_PORT_NULL)
-        return -2;
-    set_tfp0(tfp0);
-    uint64_t kernel_base = get_kernel_base(tfp0);
-    init_kernel(kernel_base, NULL);
-    uint64_t trust_chain = find_trustcache();
-    term_kernel();
-    printf("Injecting to trust cache...\n");
-    int errs = injectTrustCache(argc - 1, argv + 1, trust_chain);
-    printf("Successfully injected [%d/%d] to trust cache.\n", argc - errs - 1, argc - 1);
-    return errs;
-}
diff --git a/main.m b/main.m
new file mode 100644
index 0000000..e784804
--- /dev/null
+++ b/main.m
@@ -0,0 +1,61 @@
+/*
+ *  inject.m
+ *  
+ *  Created by Sam Bingner on 9/27/2018
+ *  Copyright 2018 Sam Bingner. All Rights Reserved.
+ *
+ */
+
+#include <CoreFoundation/CoreFoundation.h>
+#include <mach/mach.h>
+#include <dlfcn.h>
+#include "patchfinder64.h"
+#include "CSCommon.h"
+#include "kern_funcs.h"
+#include "inject.h"
+
+
+mach_port_t try_restore_port() {
+    mach_port_t port = MACH_PORT_NULL;
+    kern_return_t err;
+
+    err = host_get_special_port(mach_host_self(), 0, 4, &port);
+    if (err == KERN_SUCCESS && port != MACH_PORT_NULL) {
+        fprintf(stderr, "got persisted port!\n");
+        // make sure rk64 etc use this port
+        return port;
+    }
+    fprintf(stderr, "unable to retrieve persisted port\n");
+    return MACH_PORT_NULL;
+}
+
+int main(int argc, char* argv[]) {
+    if (argc < 2) {
+        fprintf(stderr,"Usage: inject /full/path/to/executable\n");
+        fprintf(stderr,"Inject executables to trust cache\n");
+        return -1;
+    }
+    mach_port_t tfp0 = try_restore_port();
+    if (tfp0 == MACH_PORT_NULL)
+        return -2;
+    set_tfp0(tfp0);
+    uint64_t kernel_base = get_kernel_base(tfp0);
+    init_kernel(kernel_base, NULL);
+    uint64_t trust_chain = find_trustcache();
+    term_kernel();
+    printf("Injecting to trust cache...\n");
+  @autoreleasepool {
+    NSMutableArray *files = [NSMutableArray new];
+    for (int i=1; i<argc; i++) {
+        [files addObject:@( argv[i] )];
+    }
+    int errs = injectTrustCache(files, trust_chain);
+    if (errs < 0) {
+        printf("Error %d injecting to trust cache.\n", errs);
+    } else {
+        printf("Successfully injected [%d/%d] to trust cache.\n", (int)files.count - errs, (int)files.count);
+    }
+
+    return errs;
+  }
+}
-- 
cgit v1.2.3