From ad38c49b6641dc30af8ae4e9134c2c7ecf44eb3b Mon Sep 17 00:00:00 2001
From: Download-Fritz <download-fritz@outlook.com>
Date: Mon, 25 Mar 2019 17:17:27 +0100
Subject: [PATCH] OcAppleKernelLib: Ignore missing VTable resolution symbols
 during iteration.

---
 Library/OcAppleKernelLib/Vtables.c | 32 +++++++++++-------------------
 1 file changed, 12 insertions(+), 20 deletions(-)

diff --git a/Library/OcAppleKernelLib/Vtables.c b/Library/OcAppleKernelLib/Vtables.c
index 576f4dbd..cc06c18a 100644
--- a/Library/OcAppleKernelLib/Vtables.c
+++ b/Library/OcAppleKernelLib/Vtables.c
@@ -139,23 +139,24 @@ InternalConstructVtablePrelinked64 (
     (Value = VtableData[Index + VTABLE_HEADER_LEN_64]) != 0;
     ++Index
     ) {
+    //
+    // If we can't find the symbol, it means that the virtual function was
+    // defined inline.  There's not much I can do about this; it just means
+    // I can't patch this function.
+    //
+    // It's possible for the patched parent entry not to have a symbol
+    // (e.g. when the definition is inlined).  We can't patch this entry no
+    // matter what, so we'll just skip it and die later if it's a problem
+    // (which is not likely).
+    //
     Symbol = InternalOcGetSymbolValue (Context, Kext, Value, OcGetSymbolOnlyCxx);
 
     if (Symbol != NULL) {
       Vtable->Entries[Index].Address = Value;
-      Vtable->Entries[Index].Name = (Kext->StringTable + Symbol->StringIndex);
-    } else {
-      //
-      // If we can't find the symbol, it means that the virtual function was
-      // defined inline.  There's not much I can do about this; it just means
-      // I can't patch this function.
-      //
-      Vtable->Entries[Index].Address = 0;
-      Vtable->Entries[Index].Name    = NULL;
+      Vtable->Entries[Index].Name    = Symbol->Name;
+      ++Vtable->NumEntries;
     }
 
-    ++Vtable->NumEntries;
-
     if ((Index + VTABLE_HEADER_LEN_64 + 1) >= MaxSize) {
       return FALSE;
     }
@@ -300,15 +301,6 @@ InternalPatchVtableSymbol (
     return TRUE;
   }
   //
-  // It's possible for the patched parent entry not to have a symbol
-  // (e.g. when the definition is inlined).  We can't patch this entry no
-  // matter what, so we'll just skip it and die later if it's a problem
-  // (which is not likely).
-  //
-  if (ParentEntry->Name == NULL) {
-    return TRUE;
-  }
-  //
   // 1) If the symbol is defined locally, do not patch
   //
   if (MachoSymbolIsLocalDefined (MachoContext, Symbol)) {