flak rss random

small views of large files

Sometimes you have a large file when you want a small file. You may not be able to edit the large file, but that's okay, you can simply read the small part you want out of the large file. libfdview is a proof of concept library that presents a smaller view of a larger file.


Posted 22 Sep 2020 20:00 by tedu Updated: 22 Sep 2020 20:00
Tagged: c programming

Cenum safety warning

Before relying on compiler warnings for enum mismatches, it's important to know when or if such warnings will be generated.


Posted 30 Jul 2020 20:07 by tedu Updated: 30 Jul 2020 20:07
Tagged: c programming

three valued structs

Sometimes we have a boolean, which is great for storing two values, but we need just a little more space to squeeze in a third value. There's a few ways to do this.


Posted 29 Jul 2020 06:20 by tedu Updated: 06 Aug 2020 01:17
Tagged: c programming

embedding binary objects in c

You have a blob of some data which you would like to embed into your C program. Perhaps a splash screen, or a special font, firmware for your scsi card, or whatever. The usual approach which I think most people are familiar with is to run something like xxd -i to generate a source file with a large array of hex constants. Or write your own little script for that purpose.


Posted 16 Apr 2020 11:02 by tedu Updated: 16 Apr 2020 11:02
Tagged: c programming

fixing telnet fixes

There’s a FreeBSD commit to telnet. fix a couple of snprintf() buffer overflows. It’s received a bit of attention for various reasons, telnet in 2019?, etc. I thought I’d take a look. Here’s a few random observations.

Here are three new lines, after the patch.

                unsigned int buflen = strlen(hbuf) + strlen(cp2) + 1;
		cp = (char *)malloc(sizeof(char)*buflen);
		snprintf((char *)cp, buflen, "%s%s", hbuf, cp2);

1. The first line is indented with spaces while the others use tabs.

2. The correct type for string length is size_t not unsigned int.

3. sizeof(char) is always one. There’s no need to multiply by it.

4. If you do need to multiply by a size, this is an unsafe pattern. Use calloc or something similar. (OpenBSD provides reallocarray to avoid zeroing cost of calloc.)

5. Return value of malloc doesn’t need to be cast. In fact, should not be, lest you disguise a warning.

6. Return value of malloc is not checked for NULL.

7. No reason to cast cp to char * when passing to snprintf. It already is that type. And if it weren’t, what are you doing?

8. The whole operation could be simplified by using asprintf.

9. Although unlikely (probably impossible here, but more generally), adding the two source lengths together can overflow, resulting in truncation with an unchecked snprintf call. asprintf avoids this failure case.

Posted 11 Jul 2019 04:13 by tedu Updated: 11 Jul 2019 04:13
Tagged: c programming

xterm full reverse

Depending on whether it is day or night, I prefer a light screen or a dark screen. I would like switching between these two modes of operation to be quick and easy. Easy in this case means I am willing to run a command, but not ctrl-click on 21 different xterms.


Posted 13 Dec 2018 21:14 by tedu Updated: 13 Dec 2018 21:31
Tagged: c programming x11

strict structs

Contrary to popular belief, C does have types. It even has type qualifiers. Unfortunately, the selection is somewhat limited and there are several implicit conversions that may lead to less than robust code. The good news is that with a little effort we can define our own types and enforce our own rules. I’ve forgotten where I first saw this, and don’t really have a good name for it.


Posted 14 Nov 2018 15:45 by tedu Updated: 14 Nov 2018 15:45
Tagged: c programming

bind broker

You’ve got a great big server that’s capable of supporting multiple users. Everybody wants to run a web server. This would be great, but alas, archaic decisions made long ago mean that network sockets aren’t really files and there’s this weird concept of privileged ports. Maybe we could assign each user a virtual machine and let them do whatever they want, but that seems wasteful. Think of the megabytes! Maybe we could setup nginx.conf to proxy all incoming connections to a process of the user’s choosing, but that only works for web sites and we want to be protocol neutral. Maybe we could use iptables, but nobody wants to do that.


Posted 11 Jul 2017 13:06 by tedu Updated: 11 Jul 2017 13:06
Tagged: c openbsd programming

alloca with great difficulty

All the cool kids are clashing their stacks, and all the cool developers are trying to reduce stack usage. In the midst of this, it is revealed that calling alloca can be difficult.

For starters, we might look at this fine patch removing alloca from a function in glibc. I’m mostly interested in the first chunk. That’s quite the incantation to prototype a function.

Another variant of the alloca spellbook is in bash. This version supports a different set of operating systems.

As Ben Franklin never said, “Beer is proof God loves us and wants us to be happy.” The ifdef maze one encounters trying to call alloca is proof your compiler hates you and you will be unhappy.

Posted 21 Jun 2017 21:14 by tedu Updated: 21 Jun 2017 21:14
Tagged: c programming

userland xnr jit

One ROP mitigation is Execute no Read (XnR) or Execute Only (XOM) memory. We can wait for someone to add this to our operating system kernel using paging (You Can Run But You Can’t Read: Preventing Disclosure Exploits in Executable Code PDF or VT-x and EPT (ExOShim: Preventing Memory Disclosure using Execute-Only Kernel Code PDF. Or we can do it today in userland. This is only a partial implementation, that protects JIT pages only, but demonstrates the technique.


Posted 29 May 2017 10:05 by tedu Updated: 29 May 2017 10:05
Tagged: c openbsd programming