From ee5f55567bd457e4c721267a154b796dc679f458 Mon Sep 17 00:00:00 2001 From: "Jay Freeman (saurik)" Date: Sat, 3 Sep 2016 17:37:23 -0700 Subject: [PATCH] Verify we do not overflow annoying 0x3000 padding. --- ldid.cpp | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/ldid.cpp b/ldid.cpp index a4dc725..c652a90 100644 --- a/ldid.cpp +++ b/ldid.cpp @@ -1500,6 +1500,9 @@ std::vector Sign(const void *idata, size_t isize, std::streambuf &output, } #endif + // XXX: this is just a "sufficiently large number" + size_t certificate(0x3000); + Allocate(idata, isize, output, fun([&](const MachHeader &mach_header, size_t size) -> size_t { size_t alloc(sizeof(struct SuperBlob)); @@ -1531,8 +1534,7 @@ std::vector Sign(const void *idata, size_t isize, std::streambuf &output, if (!key.empty()) { alloc += sizeof(struct BlobIndex); alloc += sizeof(struct Blob); - // XXX: this is just a "sufficiently large number" - alloc += 0x3000; + alloc += certificate; } _foreach (slot, slots) @@ -1661,7 +1663,8 @@ std::vector Sign(const void *idata, size_t isize, std::streambuf &output, std::string value(result); put(data, value.data(), value.size()); - insert(blobs, CSSLOT_SIGNATURESLOT, CSMAGIC_BLOBWRAPPER, data); + const auto &save(insert(blobs, CSSLOT_SIGNATURESLOT, CSMAGIC_BLOBWRAPPER, data)); + _assert(save.size() <= certificate); } #endif -- 2.47.2