- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
if (cpu_id != genuine_intel) run_everything_50_percent_slower();
Admin
Admin
Strncpy isn't much safer than strcpy in reality. It won't write more than N characters, but if your source exceeds N it won't null terminate you target either. It's not intended be a safer strcpy, just another strcpy.
Admin
You obviously didn't try hard enough. Read "The Adolescence of P-1."
Admin
Admin
Admin
Admin
Admin
Hey that looks like the Intel C compiler !
Admin
Admin
I clearly recall logging in to MTS running on an IBM 3081D (dual processor machine, commonly referred to as "Sybil") via a VT-100 (also an ASCII terminal, and from DEC) on the RPI campus back in 1985...
Admin
the real wtf is not using const char* for string constants
Admin
That's because the value might change in a newer version to an even newer CPU system! Tss... that was not so hard.
Admin
Admin
Just because the snippet uses strcpy instead of strncpy, that doesn't mean there's a buffer overflow. It's copying a static, compiled-in string, which is automatically zero-terminated by the compiler... not some user-provided input.
Admin
At UMASS/Amherst, in the late 70s, we had a CDC Cyber 74 mainframe. It had, IIRC, a "Tempo" minicomputer (based on a Perkin-Elmer mini?), which was used as a front end processor. Along with multiplexing all the terminal lines, it was also used to convert ASCII to EBCDIC (or whatever 6-bit code CDC used). We had Teletypes, Selectrics, Diablo daisywheels, DECwriters and an assortment of CRTs, all hooked to the mainframe (via the Tempo) through dial-up and hardwire. Everything but the Selectrics used ASCII, and the Selectrics identified themselves by you pressing a different key after dialing in and getting a carrier.
Admin
Admin
EBCDIC is an 8 bit code (Extended BCDIC) that was baked into the System/360 (well, S/370 certainly) instruction set. (Seriously - the EDIT instruction formatted a 32-bit int into an EBCDIC character field.)
Pedantry: there were various versions of EBCDIC, but all of them shared an interesting feature: a for-loop from 'A' to 'Z' was more than 26 iterations, because the letters were in three separate ranges. I'd like to think that the origins of this are lost in the mists of time, but the clue is "punch cards"...
Admin
Admin
Admin
Admin
Hard and fast rules are stupid. There is no need to use strncpy to move a string that is constant you yourself just created. You know for sure its terminated and you know how many bytes it is.
The never ever ever use strcpy crowd is mindless.
Admin
Quite a while ago, I had some purchased programs that used the Intel compiler and libraries.
The Intel compiler generated code to check the CPU string, and if it's not 'genuineintel' then it runs the slowest version of many algorithms. (Maybe it doesn't do that any more?)
So I patched the application's libraries to search for "authenticamd" instead of "genuineintel" and poof, they started running faster! What a coincidence that both of those strings have the exact same number of characters.
http://www.agner.org/optimize/blog/read.php?i=49#49
True story!
Admin
EBCDIC was perhaps the original WTF, or certainly a contender. If you sort a bunch of stuff (not just alpha chars) it would end up something like a, b, c, d, e, f, g, h, i, a bunch of weird garbage, j, k, l... so you had to add code to set the crap to one side and gather the alphabet together. And this was back in the day when your penis size was basically 100 minus the number of bytes in your compiled code, so adding code for silly reasons was Not Good.
Admin
I hate model-view-controller. Not because it's bad architecture, which for the intended use case it isn't. I hate it because it's easy to remember and the name rolls of the tongue (even though it's wrong, it should be view-controller-model) and this makes a certain class of programmer think ‘model-view-controller’ no matter what. I've seen someone stack a model-view-controller on top of a component that was designed to take the burden of writing it off your shoulders. And then later use (a proxy for) the view as the model in another model-view-controller layer somewhere else in the code. You get greeted by a seemingly endless tower of stacked model-view-controllers, that do essentially nothing but waste CPU time. And programmer time when something goes wrong and it's time to debug the bloody contraption.
Admin
Wouldn't the CTO have to approve the purchase of new equipment ? I'm guessing that it would have been a significant cost that could not have been overlooked.
Admin
Meh. It was easier to just rummage through the wastebasket looking for discarded username/password cards.
Admin
"extremely surprising" doesn't sound right to me. In that time period, it was not remarkable to interface equipment that used different character encodings.
The ALGOL 60 compiler on the DECSystem 10 could support strings of 6, 7, 8 or 9 bit bytes, all in the same program. They were automatically converted from one size/encoding to another, or not, depending what you were doing. I suppose there must have been 5 bit characters too (for teletypes that use BAUDOT), and of course there was the RADIX-50 encoding used to store file names on the PDP-11 node controllers. I don't think I ever saw EBCDIC on a DEC-10 -- it had a card reader, but I don't know if the mainframe received EBCDIC, ASCII, or just 12 bit Hollerith codes when it was reading cards. It was ASCII by the time it got to my program.
The Burroughs mainframes used EBCDIC internally, but I only ever used ASCII terminals (including a DECWriter) and punched cards to talk to it. (Unless you count the printing terminal attached to the RJE station, but it could only list the job queue.)
You could buy a box that would make an IBM 370 think that your ASCII serial terminals were 3270s. You couldn't run XEDIT on a printing terminal, but I seem to remember some sort of hacky way you could do simple things like directory listings. I was working computer support at the time, so I must have used it -- on a DECWriter, because those were the only printing terminals we had.
Admin
static const *char, and what about checking boundaries of x86_model_id?
Admin
I've got some bad news guys.
My friend and lover, Alex, has suddenly and unexpectedly passed, and we are currently trying to evaluate how this site is going to operate in his absence. I know that during his tenure, he has never failed to post an article, and I'm sorry that we have to break that perfect streak. To be honest, I don't even know if we are going to keep this sight going knowing where he is right now.
Keep him and me in your prayers for sure.
Admin
Kindly follow Alex off whatever cliff he dove. Thank you.
Admin
[quote user="TheCPUWizard"] It is DECwriter...made by...wait for it...DEC [Digital Equipment Corp]. The vast majority of these were used for PDP-11 and VAX computers, both of which were considered Mini computers and not mainframes... [/quote]
The majority of women are under 5' 10". Therefore, if someone tells you that a woman he knows is 5' 11", he must be lying. Umm, no. If there is one exception in the world, then the person may be referring to that exception. I question if it's even true that the "vast majority" of DecWriters were connected to PDP-11s and VAXes. I used DecWriters with PDP-10s and PDP-20s back then. Which, by the way, I think would be called mainframes. At least, they were big boxes that served a large number of users.
[quote user="TheCPUWizard"] Given that nearly evry mainframe of that time period was EBCDIC based ...[/quote]
I have heard rumors that there used to be companies other than IBM. Remember Sperry, Univac, Burroughs? Okay, Amdahl used EBCDIC. [/quote]
Admin
arch/x86/include/asm/processor.h: char x86_model_id[64];
It fits.
Admin
Then you bitch about not having enough budget to make the app work properly. Just like the gov't set out to do something that everyone else thinks will fail, then when it fails, say it's because you didn't have enough money/power, then increase budget and repeat.
Admin
(Deleting this comment failed for some reason)
Admin
TRWTF is the use of (&foo)->bar instead of foo.bar
(&cpu_data(i))->x86_model_id
Admin
Oops wait, I just remembered, there's only one country in the world. Well, that country has ñ and á.
Admin
Yep. You have to know the rules before you break them. The whole point is to be in control of your code. If you're defining the string constant yourself, you're in control of it. Know why the rule exists.
For n00bs who don't know the strcpy/strncpy issue, here's the lowdown:
if you use strcpy with a null-terminated source string and the it is longer than your destination buffer (or worse, isn't actually null-terminated at all) you will overrun your buffer because strcpy will happily keep copying from the source to the destination 'til the cows come home.
If you know the size of your destination buffer (you should), it doesn't matter whether the source string terminates before the end of the buffer, because you can specify you want to copy n bytes into a buffer of size n. Then set the last byte of the buffer to null, and you're done. Safe as houses!
Admin
Thank you Captain Tautological, Defender of the Infinitely Likely Truth!
Admin
FTFY.
Admin
Older computers/OS do not have this ridiculous security protections. Its your computer, your OS, your software, if you want to "POKE 47196, 201", that's your business.
Incidentally, I've actually used the first hacking approach mentioned by john doe on a BBC Micro/Econet network to change the network address of my computer to that of the administrator, which allowed me to access quota related commands to up my shared disk quota to a whole 48k. You had to keep the administrator occupied and away from their desk, Econet didn't play very well with two machines declaring the same id, which kind of gave the game away.
Admin
Admin
Admin
TRWTF is that it doesn't compile on Linux. Of course no specific version was specified, so I tried RHEL 5.4 and SLES 9, which were the most convenient test boxes that I had access to.
Admin
Right... because you knew everything on your first day of learning C, right?
Admin
The Science Museum, London, had an exhibit on Charles Babbage in 1999. That's where I read that he was vilified for trying to fix bugs in tables of logarithms.
Admin
It doesn't take that much massaging to make it compile. I did it at work today on my Fedora box.
Google for 'linux kernel module example' and it's pretty clear that adding about 5 lines and creating a simple Makefile will do it.
Admin
Looks like there's a dependency on kernel headers (which would normally be in the makefile, but it isn't part of the submission). Compiling a kernel module isn't quite the same as compiling a user-space application. (And I'd be very surprised if this trick were possible outside the kernel…)
Admin
If you're truly interested in historical configurations, I'm not the original poster but at the school I went to (1984-1988), we had IBM mainframes, a DEC VAX running BSD, and some other timesharing systems. In addition to 3270 terminals scattered around campus, we had ASCII terminals including decwriters, ADM 3a's, PCs with terminal emulation, etc. The ASCII side of the house was mostly connected to a Gandalf PACX, which let you choose which computer you connected to. The IBM mainframe included a front end (once a 7171, I think, but upgraded while I was there) that made the mainframe think you were coming from a 3270 terminal when in fact you were using an ascii terminal.
Admin
I know I'm late to the party with this comment, but I used to travel to Temple University in Philadelphia with a few friends after high school let out for the day to hack their CDC 6600 mainframe. Though it accepted puch card jobs (handed to an operator as well as submitted remotely via CDC 200 User Terminals via dedicated lines using a primitive 9600 baud modem), there were a few DECwriters hooked up, as well. I think that CDC definitely qualifies as a mainframe.