Tag: Programming

This one was a bit painful as I didn’t want to mess with the pre-existing configuration of the key files. Installation required a small modification to the standard installation options.

cygrunsrv --install sshd --path '/usr/sbin/sshd' --env 'PATH=/bin;/sbin' --env 'CYGWIN=ntsec tty' -a -D

You need to use the cygwin –path item, otherwise the service won’t start correctly (sshd needs to be executed with an absolute path). The env flags are there to allow the service to start, otherwise you end up with an annoying: cygcrypt-0.dll cannot be found error. The CYGWIN environment was there because otherwise it doesn’t work correctly. the -D is for daemon mode.

Came across this one in a piece of C code.

(conditionflag & STATUSBIT) ?
(KdPrint(xxxx)) : 0;

Edited [ 2005-08-04, 19:42 Pete ] There was no code making use of the result of the ?: operation.
This piece of code is terrible from both a readability and functionality perspective. If the return type of the function is changed to a void, then there won’t be a valid left hand side for the evaluation to function correctly, from a readability perspective the developer split the code over two lines, which made it ripe for the more legible form of:

if (conditionflag & STATUSBIT)
(KdPrint(xxxx));

Ah well, you can’t boss everyone around all of the time I suppose.

It’s slightly frustrating when you are trying to find out what piece of code created what variable. Desktop search only goes so far, showing you all the references of the name of a variable. I need something along the lines of cscope, but over all my code – C, C++, Delphi, Java, FoxPro.
Does anyone know of something like this, or am I going to have to make one myself?

Just seeing if I was still capable of breaking the typical registration check in a program. Today’s exercise was Konfabulator, a prettification program for Windows and the Mac. Long and the short of it. Find out where the registration code is stored. It was in the registry. Find out what the registration key is (Registration). Found two functions referencing the registry key as two separate strings (Bad optimization on the compiler). One of them looked like it was trying to check the registration code, the other made internet check calls (part of the registration process – it’s over the internet). Went to the call that wasn’t over the internet and backtracked it – it was a very short, stubby routine with an setnz immediately following the call to the check. Replaced this with an setz, and the program executed flawlessly.
I was attempting to produce a keygen, but the one byte change was easier. I’m not planning on using the software anyhow, this was just me trying something out.
On other details, I have a chunk of encrypted data that I need to decode. I’ve deduced the structure size based on repeating patterns, now I need to find out the encryption scheme for the data – that way we can upsize it to the windows systems. There’s encryption on the data. The key for encrypting the data is in the application. The only reasonable conclusion I can come to about the encryption is that it is intended to prevent people from porting their data from the old system to a new one.
Of course I went to the Konfabulator web site to find out that it’s all free gratis and for nothing now – they’ve been acquired by Yahoo.

This one is one of my favourites – Comparing strings. The logic is simple: the function returns 0 if the strings are equal. The problem is that people code it like: if (!strcmp(x,y)), so a casual read can completely misinterpret the intent.
Explicit comparisons please people! This is one of those things that I’m glad does not happen in the more B&D languages.

Microsoft have this ‘spot the bug’ blog entry. And while the code size is trivial, people have been finding more than one bug! Of course if you want some more fun spot-the-bug items you could try the Secure programming @blogspot, or even the linux kernel. Ok, anyone who thinks I’m being smart by this one can just bite me. You could also try the Open Solaris code also. So there’s plenty of things to keep you occupied with in your bug finding tasks.
Of course, you could try to find the bugs in your own code 🙂

This one is a doozy. It’s the underhanded C contest. It’s purpose is to have people write seemingly innocent code that actually performs some sort of nefarious activity. If anyone remembers the linux exploit that was attempted around about January 2005, where some code was introduced which had the subtle side effect of granting people root permission. It was noticed and killed off… but what if people have been doing this for a long time already?

Here I am, at about 2 in the morning thinking about timely information. Take for example accessing a file’s Version Information (Windows applications). The API is piss easy, it’s jut a bit noxious. I wrote myself up a small class to extract this for my applications. The problem is that this code is to all intents obsolete – there is a class in .NET that covers it.
This is the two forked problem with the internet. When you have a problem, by the time you’ve either (a) solved it or (b) found the solution, the world has gone and passed you by. Almost depressing, I might add.

It’s not unusual to encounter undocumented methods in a programming language, it’s just the nature of the beast. Take for example Delphi 2005. It has a new Queue method, for allowing a programmer to queue a call to the main user thread, rather than serially invoke it (it’s not quite serial, there’s a WaitForSingleObject in there).
This interestingly brings up another item. There are two models generally associated with timed events. The first model is the Invoke, leaving at least an interval gap between the invocations, the second model is the invoke, and even if it’s not finished invoke it again when the interval elapses. The first model can be emulated using the standard Synchronize call, the second can be emulated using the Queue call. Because they both are operating from the one task queue, either method would be safe to use on mt-unsafe code. The advantage of the Queue method is that you can interlock the thread and the GUI in a looser manner, as the thread does not wait for the GUI to do it’s stuff before continuing. This means that, for example you could be informing a gui component to repaint itself when the underlying dataset changes.