From e281d0b3f1126f12eba23ad0a2732b050af1990b Mon Sep 17 00:00:00 2001
From: "Jay Freeman (saurik)" <saurik@saurik.com>
Date: Mon, 9 Nov 2009 10:42:22 +0000
Subject: [PATCH] Fixed a crash bug reported by ZodTTD in SourceURL string
 handling.

---
 LockScreen.mm | 17 +++++++++++++----
 control       |  2 +-
 makefile      |  2 +-
 3 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/LockScreen.mm b/LockScreen.mm
index bfb5432..4333ce9 100644
--- a/LockScreen.mm
+++ b/LockScreen.mm
@@ -794,6 +794,7 @@ static void Cycriptify(apr_pool_t *pool, const uint16_t *&data, size_t &size) {
 extern "C" void *_ZN3JSC7UString3Rep14nullBaseStringE __attribute__((__weak_import__));
 extern "C" void *_ZN3JSC7UString3Rep7destroyEv __attribute__((__weak_import__));
 extern "C" void *_ZN3JSC7UStringC1EPKti __attribute__((__weak_import__));
+extern "C" void *_ZN3JSC7UStringC1EPKc __attribute__((__weak_import__));
 extern "C" void *_ZNK3JSC7UString6substrEii __attribute__((__weak_import__));
 extern "C" void *_ZN3WTF10fastMallocEm __attribute__((__weak_import__));
 extern "C" void WTFReportAssertionFailure(const char *, int, const char *, const char *) __attribute__((__weak_import__));
@@ -804,6 +805,7 @@ bool CYWeakHell() {
         &_ZN3JSC7UString3Rep14nullBaseStringE == NULL ||
         &_ZN3JSC7UString3Rep7destroyEv == NULL ||
         &_ZN3JSC7UStringC1EPKti == NULL ||
+        &_ZN3JSC7UStringC1EPKc == NULL ||
         &_ZNK3JSC7UString6substrEii == NULL ||
         &_ZN3WTF10fastMallocEm == NULL ||
         &WTFReportAssertionFailure == NULL ||
@@ -816,17 +818,21 @@ MSHook(void, _ZN3JSC6Parser5parseEPNS_12JSGlobalDataEPiPNS_7UStringE, JSC::Sourc
         return __ZN3JSC6Parser5parseEPNS_12JSGlobalDataEPiPNS_7UStringE(_this, global, line, message);
     else {
         SetParser(false, true);
+
         JSC::SourceCode *source(*_this);
         const uint16_t *data(source->data());
         size_t size(source->length());
+
         apr_pool_t *pool;
         apr_pool_create(&pool, NULL);
+
         Cycriptify(pool, data, size);
-        JSC::SourceCode code(JSC::makeSource(JSC::UString(data, size)));
-        *_this = &code;
-        __ZN3JSC6Parser5parseEPNS_12JSGlobalDataEPiPNS_7UStringE(_this, global, line, message);
+        source->~SourceCode();
+        new (source) JSC::SourceCode(JSC::UStringSourceProvider::create(JSC::UString(data, size), "cycript://"), 1);
+
         apr_pool_destroy(pool);
-        *_this = source;
+
+        __ZN3JSC6Parser5parseEPNS_12JSGlobalDataEPiPNS_7UStringE(_this, global, line, message);
     }
 }
 
@@ -836,10 +842,13 @@ MSHook(void, _ZN3KJS6Parser5parseEiPKNS_5UCharEjPiS4_PNS_7UStringE, void *_this,
     else {
         const uint16_t *data(code);
         size_t size(length);
+
         apr_pool_t *pool;
         apr_pool_create(&pool, NULL);
+
         Cycriptify(pool, data, size);
         __ZN3KJS6Parser5parseEiPKNS_5UCharEjPiS4_PNS_7UStringE(_this, start, data, size, source, line, message);
+
         apr_pool_destroy(pool);
     }
 }
diff --git a/control b/control
index c037282..353bc85 100644
--- a/control
+++ b/control
@@ -3,7 +3,7 @@ Priority: optional
 Section: Development
 Maintainer: Jay Freeman (saurik) <saurik@saurik.com>
 Architecture: iphoneos-arm
-Version: 0.9.3084-1
+Version: 0.9.3085-1
 Description: framework for managing lock screen plugins
 Name: Cydget
 Depends: mobilesubstrate (>= 0.9.2587-1), firmware (>= 2.2), preferenceloader, apr-lib, pcre
diff --git a/makefile b/makefile
index 2f4df5d..0a85f5b 100644
--- a/makefile
+++ b/makefile
@@ -15,7 +15,7 @@ CydgetSettings: CydgetSettings.mm makefile
 	ldid -S $@
 
 WebCycriptLockScreen: LockScreen.mm makefile $(base)/../mobilesubstrate/substrate.h
-	$(target)g++ -F. -bundle -mthumb -g0 -O2 -Wall -Werror -o $@ $(filter %.mm,$^) -lobjc -I$(base)/../mobilesubstrate $(link) $(flags) -framework CoreGraphics -framework QuartzCore -framework SpringBoardUI -framework WebCore -framework GraphicsServices -framework TelephonyUI -I$(jscore) -iquote$(webcore)/{bindings/js,dom,loader,platform{,/animation,/cf,/network{,/cf},/text},/rendering/style} -iquote$(jscore)/{bytecode,debugger,interpreter,jit,parser,runtime} -lapr-1 -weak_reference_mismatches weak -framework JavaScriptCore -lpcre
+	$(target)g++ -F. -bundle -mthumb -g0 -O2 -Wall -Werror -o $@ $(filter %.mm,$^) -lobjc -I$(base)/../mobilesubstrate $(link) $(flags) -framework CoreGraphics -framework QuartzCore -framework SpringBoardUI -framework WebCore -framework GraphicsServices -framework TelephonyUI -I$(jscore) -iquote$(webcore)/{bindings/js,dom,loader,platform{,/animation,/cf,/network{,/cf},/text},/rendering/style} -iquote$(jscore)/{bytecode,debugger,interpreter,jit,parser,runtime} -lapr-1 -weak_reference_mismatches weak -framework JavaScriptCore -lpcre -DNDEBUG
 	ldid -S $@
 
 extra:
-- 
2.45.2