codeblog code is freedom — patching my itch

1/28/2005

learning autoconf

Filed under: General — kees @ 7:09 pm

I think I’ll never actually learn all the various functions in autoconf. It feels like this endless road that I can’t see the end of. Any time I do something new in autoconf, I have to go re-read some part of the autoconf manual, and try things a few times before I get the desired result. Today, for example, I got Inkscape to identify which version of libgc is on the system.

© 2005, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

1/18/2005

It just Works

Filed under: Inkscape — kees @ 8:03 am

There is nothing quite as satisfying as refactoring a whole mess of code, fixing up the syntax errors and warnings, running the code, and having it Just Work. (In fact, it’s even better if there aren’t any syntax errors to fix.)

This is probably Why I code. I get such satisfaction out of having code do its little dance for me. It’s like training a dog, only I don’t need treats. Why it’s satisfying, I’m still not clear on, but it just is.

© 2005, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

1/13/2005

Command Line Scraps

Filed under: Security — kees @ 6:21 pm

Usually when I have to temporarily hold onto something in my cut buffer, I might paste it into an open xterm. I don’t have any fancy cut buffer management tools running (though I probably should). So it’s always amusing to Alt-Tab through my windows after a busy day and find little snippets of conversations, phone numbers, and today when I sat down to my computer at home after work, I find, pasted into my xterm from the evening earlier’s experimentation: 'OR''='

I had a brief flash of what it might be like to be a drunken blackhat. Waking up in the morning, navigating through a sea of beer bottles, settling down at your computer, only to find it strewn with previously calculated buffer overflow offsets, SQL injection attempts, and cracked WEP keys. “Oh man, what a night! What did I get myself into?”

© 2005, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

1/9/2005

Fragile Code

Filed under: Embedded — kees @ 7:27 pm

I define fragile code as code that isn’t easily changed without introducing bugs. I think the biggest cause of fragile code is cut/paste algorithms. This is especially true for data access and processing routines.

The idea behind Object Oriented programming is that you end up creating accessor functions for all your data. It’s simple to change your data formats without breaking the program as a whole. When you don’t have an OO language, you create all kinds of methods to do your repeated work.

This is critically important for stable, readable, sane code. Functions should do something small, and do it very well. Then you can call a whole series of strong little functions, rather than cutting and pasting the same code over and over, only to wreck your day much later on.

© 2005, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

1/8/2005

madwifi

Filed under: Networking — kees @ 9:59 pm

Woohoo! I found Macrus Crafter’s blog (and webpage) describing how he got a decent wireless miniPCI card (Proxim ORiNOCO 802.11a/b/g) working in his Dell 8500, and I figured it was worth a shot. It worked great in my Dell 8600! One kernel compile later, and the madwifi drivers are in great shape. I just have to test WEP and monitor mode. What a relief after the disappointment of the broadcom chipset. I won’t be buying from them ever.

The soldering was very straight forward. There were 3 solder points on the back holding the EM shield in place over the miniPCI card. Once the solder was wicked off there, I used an exacto blade to lift the tabs up, and continued to wick solder until the cover popped off. Then I wicked solder off either side of the miniPCI card where the card holder fingers had snapped into place. All in all, it took about 15 minutes, and most of that was fighting with the solder on the EM shield tabs.

On the PCI card, the antenna was plugged into the right-most antenna plug. (If looking at the PCI card with the slot down and antenna wire leaving the card to the left.) On the Dell miniPCI card, the plugs are labelled “MAIN” and “AUX”. Since I figured the current plug on the Proxim must be the “MAIN”, I plugged the white cable from the Dell (the one NOT marked “AUX”) into the right-most, and the black cable (marked “AUX”) into the left-most. This was rather awkward, since that required the cables to cross over eachother. So far, so good. I figure it just plain wouldn’t work if I screwed that up. Since I’m currently posting this from my laptop over wireless, I think I got it right. :)

© 2005, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

1/5/2005

SuSE Firewall

Filed under: Networking,Security — kees @ 5:08 pm

Started looking at the SuSE firewall scripts today. They’re quite nice, actually. So far, they look like they’ll support everything I want to do without any trouble. What’s really nice about it is the resulting script is much more readable than a string of iptables commands (where I’d have to specify the ACCEPT, NAT, and FORWARD for inbound services generally in different places).

What I’d really like to see would be an m4-based version of the script. It’s good enough for sendmail and autoconf, why not iptables? :) That would totally rock, because then I’d be able to see the resulting list of iptables commands. I bet there’s a place somewhere to see them now; but I just haven’t looked.

I’m hoping that this firewall configuration will play nice with heartbeat, which I’ll be using to do some high-availability work on the firewall pair. I’ve had to fight a little with SuSE over the interface names (I want to name the network interfaces after their function, not their boot order). udev has been quite friendly, but SuSE seems to have special meanings for various separator characters. I wanted to have “eth-internal”, etc, but it seems to strip “eth-”. And “eth_internal” turns into “eth/internal”. So, I’m just using “etinternal” instead. :P

© 2005, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

1/4/2005

Fun with LCDs

Filed under: Embedded — kees @ 11:09 am

Worked for a little while last night trying to figure out how to rotate the image on an LCD screen. Turns out the controller actually has a built in rotation ability. All the examples in the docs show a portrait LCD display being rotated to a landscape LCD display. I needed to the do the opposite. Anyway, 1 typo and several LCD controller registers later, I had convinced it to work, but with a nasty flicker. I dug around a little more and finally found where I could define “line widths” for the display memory (as in, each line of physical memory is 256 bytes, but it’s only going to display 240 of those bytes). Thank goodness the display library had already been set up to deal with virtual spans. Anyway, with that in place, it came up perfectly. Yay! It’s going to wreak havoc on the the testing routines: let’s just say the screen CRCs aren’t going to be the same. In fact, the screen CRCs might be just flat wrong; I’m not sure what portions of video memory it scans.

© 2005, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

1/3/2005

Blog Switchero

Filed under: Blogging — kees @ 11:02 pm

Well, the rewrite rules for drupal started pissing me off, so I’ve switched again! This time, I’m back to WordPress. I must have been crazy when I first looked at it. The SSL trouble I was having was my own fault (which, I’m sure is true of Drupal’s rewrite rules too). The reason I’m really switching, though, is that WordPress, I think, has a much cleaner interface to the editing and template editing. I need to find a better skin for it, but for now, the default will do just nicely.

© 2005, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

TiVo Home Media

Filed under: Multimedia — kees @ 12:35 pm

Last week a friend of mine told me about the Java HMO (Home Media Option) server. I had no idea it existed and immediately got it set up. This provides your TiVo with a place to get MP3s, streaming audio, and images over your local network through whatever other computer you have around to do the work for it. The regular Windows TiVo HM “Desktop” software isn’t nearly as cool. With the Java HMO, you can get movie listings, web cams, etc. It’s terrific.

Anyway, this was supposed to be about code, but it’s more about a growing itch to patch. It seems that the “Internet Images” module is either very fragile and/or doesn’t like having spaces (or maybe commas?) in the image titles (which it uses for caching in /tmp/javaHMO.cache/)

The overall system is a great design, and I’m currently enjoying watching some great webcams in places that are in daylight while I’m in the dark:

Antarctic Gentoo Penguins
Hanmer Springs, New Zealand
Tembe Elephant Watering Hole, South Africa

I can see elephant butts! :)

TiVo published their networking specs, but only included the broadcast and “desktop” specs. I think it would be cool to have the TiVo share movies with my computer too. Would be great for movie trailers and DVDs. My DVD player is in the other room, so I can’t watch movies in the TiVo room (at least until NetFlix and TiVo get their movie-delivery system finished). It still might be tricky to resample the DVD on the fly. TiVo normally records stuff at half-resolution, so dealing with a full DVD MPEG2 stream would be exciting to say the least. I’ll just have to see what’s on the wire between two TiVos configured to record shows from eachother.

(Edit: Holy crap! My wish is granted in the TiVo->PC direction, at least!)

© 2005, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

1/2/2005

Inkscape icons

Filed under: Inkscape — kees @ 11:35 am

Today, I ended up tracking down all the unused XPM files in Inkscape. Kind cool to get everything down to just SVG files. I don’t think we’ll be able to ditch the XPMs for the mouse cursor replacements, though. Oh well.

Oops, I found another bug related to the svg: prefix addition. Just proves my metadata code is fragile. I hardened it a little more, so that should fix it for a while. :)

© 2005, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

1/1/2005

Blogtastic

Filed under: Blogging,Security — kees @ 11:56 pm

Well, after messing around with WordPress for a little while, I switched to Drupal. WordPress is pretty cool, and all I really wanted was a nice Blog system. Drupal is a bit of overkill for that, but it seems more mature. WordPress really didn’t like being put onto an HTTPS server, so that made it a pretty poor choice for me.

Before getting a huge list of Blogs from the folks on the inkscape channel (thanks guys!) I had briefly tried Simple Blog System, and ran screaming from it. There were at least 3 types of security holes in it. I only noticed because I saw one within the first 10 lines of index.php. I’m not sure how far I trust Drupal, but at least it correctly deals with PHP magicquotes.

Check out Open Source CMS for a list of all the various CMS software out there. Kinda handy if you have an entire day to blow looking through all the stuff.

© 2005, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

Powered by WordPress