From 88b27e4a175654d59cba574e60df191e39fec766 Mon Sep 17 00:00:00 2001
From: opa334 <opa334@users.noreply.github.com>
Date: Fri, 26 Jul 2024 17:59:59 +0200
Subject: [PATCH] Code cleanup

---
 .../src/jbserver/jbdomain_systemwide.c        |  8 +--
 BaseBin/rootlesshooks/SpringBoard.x           |  4 +-
 BaseBin/systemhook/src/common.c               | 55 +++++++++----------
 BaseBin/systemhook/src/common.h               | 10 +++-
 BaseBin/systemhook/src/main.c                 |  2 +-
 5 files changed, 40 insertions(+), 39 deletions(-)

diff --git a/BaseBin/launchdhook/src/jbserver/jbdomain_systemwide.c b/BaseBin/launchdhook/src/jbserver/jbdomain_systemwide.c
index 4cda93ae2..5a5bea3d1 100644
--- a/BaseBin/launchdhook/src/jbserver/jbdomain_systemwide.c
+++ b/BaseBin/launchdhook/src/jbserver/jbdomain_systemwide.c
@@ -11,8 +11,8 @@
 #include <libjailbreak/primitives.h>
 #include <libjailbreak/codesign.h>
 
-extern bool stringStartsWith(const char *str, const char* prefix);
-extern bool stringEndsWith(const char* str, const char* suffix);
+extern bool string_has_prefix(const char *str, const char* prefix);
+extern bool string_has_suffix(const char* str, const char* suffix);
 
 char *combine_strings(char separator, char **components, int count)
 {
@@ -159,7 +159,7 @@ static int systemwide_process_checkin(audit_token_t *processToken, char **rootPa
 	}
 
 	bool fullyDebugged = false;
-	if (stringStartsWith(procPath, "/private/var/containers/Bundle/Application") || stringStartsWith(procPath, JBROOT_PATH("/Applications"))) {
+	if (string_has_prefix(procPath, "/private/var/containers/Bundle/Application") || string_has_prefix(procPath, JBROOT_PATH("/Applications"))) {
 		// This is an app, enable CS_DEBUGGED based on user preference
 		if (jbsetting(markAppsAsDebugged)) {
 			fullyDebugged = true;
@@ -220,7 +220,7 @@ static int systemwide_process_checkin(audit_token_t *processToken, char **rootPa
 	}
 	// For the Dopamine app itself we want to give it a saved uid/gid of 0, unsandbox it and give it CS_PLATFORM_BINARY
 	// This is so that the buttons inside it can work when jailbroken, even if the app was not installed by TrollStore
-	else if (stringEndsWith(procPath, "/Dopamine.app/Dopamine")) {
+	else if (string_has_suffix(procPath, "/Dopamine.app/Dopamine")) {
 		// svuid = 0, svgid = 0
 		uint64_t ucred = proc_ucred(proc);
 		kwrite32(proc + koffsetof(proc, svuid), 0);
diff --git a/BaseBin/rootlesshooks/SpringBoard.x b/BaseBin/rootlesshooks/SpringBoard.x
index 46b40047e..bddc99864 100644
--- a/BaseBin/rootlesshooks/SpringBoard.x
+++ b/BaseBin/rootlesshooks/SpringBoard.x
@@ -4,7 +4,7 @@
 #import <libroot.h>
 #import <fcntl.h>
 
-bool stringStartsWith(const char *str, const char* prefix)
+bool string_has_prefix(const char *str, const char* prefix)
 {
 	if (!str || !prefix) {
 		return false;
@@ -43,7 +43,7 @@ bool stringStartsWith(const char *str, const char* prefix)
 		char filePath[PATH_MAX];
 		if (fcntl(fildes, F_GETPATH, filePath) != -1) {
 			// Skip setting protection class on jailbreak apps, this doesn't work and causes snapshots to not be saved correctly
-			if (stringStartsWith(filePath, JBROOT_PATH_CSTRING("/var/mobile/Library/SplashBoard/Snapshots"))) {
+			if (string_has_prefix(filePath, JBROOT_PATH_CSTRING("/var/mobile/Library/SplashBoard/Snapshots"))) {
 				return 0;
 			}
 		}
diff --git a/BaseBin/systemhook/src/common.c b/BaseBin/systemhook/src/common.c
index 942bdcd11..b63dc2a82 100644
--- a/BaseBin/systemhook/src/common.c
+++ b/BaseBin/systemhook/src/common.c
@@ -21,7 +21,7 @@
 #define JETSAM_MULTIPLIER 3
 #define XPC_TIMEOUT 0.1 * NSEC_PER_SEC
 
-bool stringStartsWith(const char *str, const char* prefix)
+bool string_has_prefix(const char *str, const char* prefix)
 {
 	if (!str || !prefix) {
 		return false;
@@ -37,7 +37,7 @@ bool stringStartsWith(const char *str, const char* prefix)
 	return !strncmp(str, prefix, prefix_len);
 }
 
-bool stringEndsWith(const char* str, const char* suffix)
+bool string_has_suffix(const char* str, const char* suffix)
 {
 	if (!str || !suffix) {
 		return false;
@@ -53,40 +53,29 @@ bool stringEndsWith(const char* str, const char* suffix)
 	return !strcmp(str + str_len - suffix_len, suffix);
 }
 
-void enumeratePathString(const char *pathsString, void (^enumBlock)(const char *pathString, bool *stop))
+void string_enumerate_components(const char *string, const char *separator, void (^enumBlock)(const char *pathString, bool *stop))
 {
-	char *pathsCopy = strdup(pathsString);
-	char *pathString = strtok(pathsCopy, ":");
-	while (pathString != NULL) {
+	char *stringCopy = strdup(string);
+	char *curString = strtok(stringCopy, separator);
+	while (curString != NULL) {
 		bool stop = false;
-		enumBlock(pathString, &stop);
+		enumBlock(curString, &stop);
 		if (stop) break;
-		pathString = strtok(NULL, ":");
+		curString = strtok(NULL, separator);
 	}
-	free(pathsCopy);
+	free(stringCopy);
 }
 
-int __posix_spawn_orig(pid_t *restrict pid, const char *restrict path, struct _posix_spawn_args_desc *desc, char *const argv[restrict], char * const envp[restrict])
-{
-	return syscall(SYS_posix_spawn, pid, path, desc, argv, envp);
-}
-
-typedef enum 
-{
-	kBinaryConfigDontInject = 1 << 0,
-	kBinaryConfigDontProcess = 1 << 1
-} kBinaryConfig;
-
-kBinaryConfig configForBinary(const char* path, char *const argv[restrict])
+static kSpawnConfig spawn_config_for_executable(const char* path, char *const argv[restrict])
 {
 	if (!strcmp(path, "/usr/libexec/xpcproxy")) {
 		if (argv) {
 			if (argv[0]) {
 				if (argv[1]) {
-					if (stringStartsWith(argv[1], "com.apple.WebKit.WebContent")) {
+					if (string_has_prefix(argv[1], "com.apple.WebKit.WebContent")) {
 						// The most sandboxed process on the system, we can't support it on iOS 16+ for now
 						if (__builtin_available(iOS 16.0, *)) {
-							return (kBinaryConfigDontInject | kBinaryConfigDontProcess);
+							return (kSpawnConfigDontInject | kSpawnConfigDontTrust);
 						}
 					}
 				}
@@ -105,12 +94,17 @@ kBinaryConfig configForBinary(const char* path, char *const argv[restrict])
 	size_t blacklistCount = sizeof(processBlacklist) / sizeof(processBlacklist[0]);
 	for (size_t i = 0; i < blacklistCount; i++)
 	{
-		if (!strcmp(processBlacklist[i], path)) return (kBinaryConfigDontInject | kBinaryConfigDontProcess);
+		if (!strcmp(processBlacklist[i], path)) return (kSpawnConfigDontInject | kSpawnConfigDontTrust);
 	}
 
 	return 0;
 }
 
+int __posix_spawn_orig(pid_t *restrict pid, const char *restrict path, struct _posix_spawn_args_desc *desc, char *const argv[restrict], char * const envp[restrict])
+{
+	return syscall(SYS_posix_spawn, pid, path, desc, argv, envp);
+}
+
 // 1. Ensure the binary about to be spawned and all of it's dependencies are trust cached
 // 2. Insert "DYLD_INSERT_LIBRARIES=/usr/lib/systemhook.dylib" into all binaries spawned
 // 3. Increase Jetsam limit to more sane value (Multipler defined as JETSAM_MULTIPLIER)
@@ -131,9 +125,9 @@ int spawn_hook_common(pid_t *restrict pid, const char *restrict path,
 	posix_spawnattr_t attr = NULL;
 	if (desc) attr = desc->attrp;
 
-	kBinaryConfig binaryConfig = configForBinary(path, argv);
+	kSpawnConfig spawnConfig = spawn_config_for_executable(path, argv);
 
-	if (!(binaryConfig & kBinaryConfigDontProcess)) {
+	if (!(spawnConfig & kSpawnConfigDontTrust)) {
 		bool preferredArchsSet = false;
 		cpu_type_t preferredTypes[4];
 		cpu_subtype_t preferredSubtypes[4];
@@ -170,11 +164,12 @@ int spawn_hook_common(pid_t *restrict pid, const char *restrict path,
 	const char *existingLibraryInserts = envbuf_getenv((const char **)envp, "DYLD_INSERT_LIBRARIES");
 	__block bool systemHookAlreadyInserted = false;
 	if (existingLibraryInserts) {
-		enumeratePathString(existingLibraryInserts, ^(const char *existingLibraryInsert, bool *stop) {
+		string_enumerate_components(existingLibraryInserts, ":", ^(const char *existingLibraryInsert, bool *stop) {
 			if (!strcmp(existingLibraryInsert, HOOK_DYLIB_PATH)) {
 				systemHookAlreadyInserted = true;
 			}
 			else {
+				// Upload everything already in DYLD_INSERT_LIBRARIES to trustcache aswell
 				trust_binary(existingLibraryInsert, NULL);
 			}
 		});
@@ -187,7 +182,7 @@ int spawn_hook_common(pid_t *restrict pid, const char *restrict path,
 	bool shouldInsertJBEnv = true;
 	bool hasSafeModeVariable = false;
 	do {
-		if (binaryConfig & kBinaryConfigDontInject) {
+		if (spawnConfig & kSpawnConfigDontInject) {
 			shouldInsertJBEnv = false;
 			break;
 		}
@@ -278,7 +273,7 @@ int spawn_hook_common(pid_t *restrict pid, const char *restrict path,
 			// 	if (!strcmp(path, "/usr/libexec/xpcproxy") && argv) {
 			// 		if (argv[0]) {
 			// 			if (argv[1]) {
-			// 				if (stringStartsWith(argv[1], "com.apple.WebKit.WebContent.")) {
+			// 				if (string_has_prefix(argv[1], "com.apple.WebKit.WebContent.")) {
 			// 					*(uint8_t *)(attrStruct + POSIX_SPAWNATTR_OFF_LAUNCH_TYPE) = 0;
 			// 				}
 			// 			}
@@ -320,7 +315,7 @@ int spawn_hook_common(pid_t *restrict pid, const char *restrict path,
 					newLibraryInsert[0] = '\0';
 
 					__block bool first = true;
-					enumeratePathString(existingLibraryInserts, ^(const char *existingLibraryInsert, bool *stop) {
+					string_enumerate_components(existingLibraryInserts, ":", ^(const char *existingLibraryInsert, bool *stop) {
 						if (strcmp(existingLibraryInsert, HOOK_DYLIB_PATH) != 0) {
 							if (first) {
 								strcpy(newLibraryInsert, existingLibraryInsert);
diff --git a/BaseBin/systemhook/src/common.h b/BaseBin/systemhook/src/common.h
index f5c640da5..a24041e96 100644
--- a/BaseBin/systemhook/src/common.h
+++ b/BaseBin/systemhook/src/common.h
@@ -14,6 +14,12 @@
 #define SYS_necp_session_open 0x20A
 #define SYS_necp_session_action 0x20B
 
+typedef enum 
+{
+	kSpawnConfigDontInject = 1 << 0,
+	kSpawnConfigDontTrust = 1 << 1
+} kSpawnConfig;
+
 struct _posix_spawn_args_desc {
 	size_t attr_size;
 	posix_spawnattr_t attrp;
@@ -46,8 +52,8 @@ struct _posix_spawn_args_desc {
 int __posix_spawn(pid_t *restrict pid, const char *restrict path, struct _posix_spawn_args_desc *desc, char *const argv[restrict], char *const envp[restrict]);
 int __execve(const char *path, char *const argv[], char *const envp[]);
 
-bool stringStartsWith(const char *str, const char* prefix);
-bool stringEndsWith(const char* str, const char* suffix);
+bool string_has_prefix(const char *str, const char* prefix);
+bool string_has_suffix(const char* str, const char* suffix);
 
 int __posix_spawn_orig(pid_t *restrict pid, const char *restrict path, struct _posix_spawn_args_desc *desc, char *const argv[restrict], char * const envp[restrict]);
 
diff --git a/BaseBin/systemhook/src/main.c b/BaseBin/systemhook/src/main.c
index c8ab18df5..95c4c0187 100644
--- a/BaseBin/systemhook/src/main.c
+++ b/BaseBin/systemhook/src/main.c
@@ -233,7 +233,7 @@ bool shouldEnableTweaks(void)
 		"Dopamine.app/Dopamine",
 	};
 	for (size_t i = 0; i < sizeof(tweaksDisabledPathSuffixes) / sizeof(const char*); i++) {
-		if (stringEndsWith(gExecutablePath, tweaksDisabledPathSuffixes[i])) return false;
+		if (string_has_suffix(gExecutablePath, tweaksDisabledPathSuffixes[i])) return false;
 	}
 
 	if (__builtin_available(iOS 16.0, *)) {