Flux RSS

Code Rant

Where we rant about programming failures.

Entries feed - Comments feed

Tuesday, January 4 2011

How to fail encryption, part 2

One of the very first post I've made was talking about encryption, and how to fail it. Okay, that was a very easy encryption, but the base principles remain the same: don't be stupid, aka, know what you're doing. Well, I'm joining the bandwagon here, but it seems Sony's programmers didn't really try to understand their crypto handbook, and implemented it without really knowing what they were doing. As a result, all of the private keys for the PSP and the PS3 (including the one hardcoded in the CPU die) are leaking with simply two signatures made with them.

Good job, really.

Source: fail0verflow

Thursday, November 18 2010

OCCI-gateway, or why C++ is a horrible language

I don't really know to which category this should fit, but I guess "code rant" is probably quite appropriate. I'd like to discuss a bit about why C++ is a horrible language, by adding a few arguments towards Linus.

Continue reading...

Monday, December 14 2009

PS: Don't blow up the stack

The title of this article is actually something I wrote on the corner of the whiteboard at work. We've recently had a few issues which all dealt with stack abuses. We added some instrumentation to help us, and I thought about sharing that a bit.

Continue reading...

Friday, October 16 2009

Pure virtual handler

Here is a little trick that saved my life a few month back when I was dealing with a virtual pure function been called.

In a program I wrote, I had a very very rare bug where the code would crash in a completely improbable way. I finally figured out that it was due to abort() beeing called, and that was crashing the all other threads in random place. Now, where did that call come from was the big question. With one lucky crash dump, I was able to find that it was due to a virtual pure call, obviously due to a boggus cast.

By default, it seems that the virtual pure handler in gcc just call abort, making it hard to debug. The trick I used to find the actual bug was to override the default virtual pure handler:

extern "C" {

static int __cxa_pure_virtual() __attribute__((noinline, used));
static int __cxa_pure_virtual()
{
    assert(0);
    return 0;
}

}

That way, every time a virtual pure function will be called, it will assert instead of simply aborting, giving way more useful information about what's happening.

Monday, October 12 2009

Don't trust the compiler: part #3

Okay, that's an easy one. But still. See how the compiler can actually turn good-looking code into code that contains security flaws:

http://threatpost.com/blogs/researcher-uses-new-linux-kernel-flaw-bypass-selinux-other-protections

- page 2 of 4 -