Generalize goal of Safe Mode to safify everything.

diff --git a/Makefile b/Makefile
index 0eea91034852d90d219300ba8c58f40c3607b12d..4c64528d1ca85adb646e24e596fb888012204bb8 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-TARGET := iphone:7.0:2.0
+TARGET := iphone:7.1:2.0
 ARCHS := armv6 arm64
 PACKAGE_VERSION := $(shell ./version.sh)
 

diff --git a/Tweak.xm b/Tweak.xm
index f5b48163dd25bc8b2a6ad8fa7fd5409f1971b773..2e85f78fb427dd29da48cec37a1622e04accb034 100644 (file)
--- a/Tweak.xm
+++ b/Tweak.xm
@@ -314,25 +314,6 @@ static void AlertIfNeeded() {
 } %end
 
 
-// notification widgets ("wee apps" or "bulletin board sections") are capable of crashing SpringBoard
-// unfortunately, which ones are in use are stored in SpringBoard's defaults, so we need to turn them off
-
-%hook BBSectionInfo
-- (BOOL) showsInNotificationCenter {
-    return NO;
-} %end
-
-
-// we don't want this state persisted back to disk, however: that is just really really irritating
-
-%hook BBServer
-- (void) _writeBehaviorOverrides {}
-- (void) _writeSectionOrder {}
-- (void) _writeClearedSections {}
-- (void) _writeSectionInfo {}
-%end
-
-
 // on iOS 6.0, Apple split parts of SpringBoard into a daemon called backboardd, including app launches
 // in order to allow safe mode to propogate into applications, we need to then tell backboardd here
 // XXX: (all of this should be replaced, however, with per-process launchd-mediated exception handling)
@@ -347,9 +328,49 @@ static void AlertIfNeeded() {
     return %orig(modified);
 } %end
 
+
+// this highly-general hook replaces all previous attempts to protect SpringBoard from spurious code
+// the main purpose is to protect SpringBoard from non-Substrate "away view plug-ins" and "wee apps"
+
+const char *dylibs_[] = {
+    "/usr/lib",
+    "/System/Library/Frameworks",
+    "/System/Library/PrivateFrameworks",
+    "/System/Library/CoreServices",
+    "/System/Library/AccessibilityBundles",
+    NULL,
+};
+
+MSHook(void *, dlopen, const char *path, int mode) {
+    // we probably don't need this whitelist, but it has the nifty benefit of letting Cycript inject
+    // that said, older versions of iOS (before 3.1) will need a special case due to now shared cache
+
+    for (const char **dylib = dylibs_; *dylib != NULL; ++dylib) {
+        size_t length(strlen(*dylib));
+        if (strncmp(path, *dylib, length) != 0)
+            continue;
+        if (path[length] != '/')
+            continue;
+        goto load;
+    }
+
+    // if the file is not on disk, and isn't already loaded (LC_ID_DYLIB), it is in the shared cache
+    // files loaded from the shared cache are "trusted". ones that don't exist are clearly harmless.
+    // this allows us to load most of the dynamic functionality of SpringBoard without going nuts ;P
+
+    if (access(path, F_OK) == 0)
+        mode |= RTLD_NOLOAD;
+
+  load:
+    return _dlopen(path, mode);
+}
+
+
 %ctor {
     NSAutoreleasePool *pool([[NSAutoreleasePool alloc] init]);
 
+    MSHookFunction(&dlopen, MSHake(dlopen));
+
     // on iOS 6, backboardd is in charge of brightness, and freaks out when SpringBoard restarts :(
     // the result is that the device is super dark until we attempt to update the brightness here.