Fix signing unsupported MachO types

2024-02-01 21:40:23 +00:00 · 2024-02-01 21:40:23 +00:00 · 11eb142d3b
parent ac24773858
commit 11eb142d3b
3 changed files with 18 additions and 0 deletions
--- a/Exploits/fastPathSign/src/coretrust_bug.c
+++ b/Exploits/fastPathSign/src/coretrust_bug.c
@ -127,6 +127,18 @@ int apply_coretrust_bypass(const char *machoPath)
        macho_free(macho);
        return 2;
    }
+
+    if (macho->machHeader.filetype == MH_OBJECT) {
+        printf("Error: MachO is an object file, please use a MachO executable or dynamic library!\n");
+        macho_free(macho);
+        return 3;
+    }
+
+    if (macho->machHeader.filetype == MH_DSYM) {
+        printf("Error: MachO is a dSYM file, please use a MachO executable or dynamic library!\n");
+        macho_free(macho);
+        return 3;
+    }
    
    CS_SuperBlob *superblob = macho_read_code_signature(macho);
    if (!superblob) {
--- a/Exploits/fastPathSign/src/main.m
+++ b/Exploits/fastPathSign/src/main.m
@ -72,6 +72,10 @@ int main(int argc, char *argv[]) {
    }

 	char *machoPath = extract_preferred_slice(input);
+    if (!machoPath) {
+        printf("Failed extracting best slice\n");
+        return -1;
+    }
 	printf("Extracted best slice to %s\n", machoPath);

    printf("Applying CoreTrust bypass...\n");
--- a/RootHelper/main.m
+++ b/RootHelper/main.m
@ -709,6 +709,8 @@ int signApp(NSString* appPath)
 							// If not, we can continue but want to show a warning after the app is installed
 							hasAdditionalEncryptedBinaries = YES;
 						}
+					} else if (r == 3) { // Non-fatal - unsupported MachO type
+						NSLog(@"[%@] Cannot apply CoreTrust bypass on an unsupported MachO type!", filePath);
 					}
 					else {
 						NSLog(@"[%@] CoreTrust bypass failed!!! :(", filePath);