Snap! Websites
An Open Source CMS System in C++
I updated the old version of zipios to version 0.1.7 as a DoS bug was found in the older version (0.1.5).
The bug was found and fixed by Mike Salvatore of Salvator Security.
I noticed another potential problem with a second loop, so I enhanced the patch a bit.
Mike got CVE-2019-13453 registered. He also made a post about how the bug was discovered and fixed.
If you are using any version of Zipios++ version 0.1.5 (or the CVS source code) or any of the older versions, you want to upgrade to version 0.1.7 as soon as possible. The interface is exactly the same so the upgrade should be ...
The Snap! C++ project makes use of exceptions whenever it bumps in a problem which can't be resolved at the time it is detected.
This model means that exceptions are usually fairly rare (once in a while we have a problem and generate problematic exceptions, but we tend to fix those quickly.) In other words, our exceptions are pretty exceptional. For example, a file can't be opened when it should, we are likely to throw a Run Time Exception.
As a result, it is possible for us to do something rather slow in our exceptions:
Collect a Stack Trace
This helps us ...
All of our C++ tests make use of Catch2, which is a C++ framwork allowing us to very quickly develop unit tests against our code.
We have our own extensions1 in the snapcatch2.hpp file so we can very quickly create new tests with our standard set of command line extensions, verbose sections, etc.
This project is a C++ library used to seamlessly handle UTF-8 strings. It offers very easy to use functions to convert characters and strings between UTF-32 and UTF-8.
The library also includes a string iterator to go through a UTF-8 string without having to first convert it to a UTF-32 string (which saves you a malloc() and free() and up to 4x the space the original string in memory saving.)
Later we intend to add support for UTF-16.
The source is available on github in our project git.
On Ubuntu, you may want to install it from our Snap! C++ Launchpad PPA. ...
We maintain the Zipios library. This is a C++ library one can use to read or create 32 bit zip files. The advantage of this library is that it offers standard C++ streams to copy the data. The main stream gives you information about each file and you can create a sub-stream for each one of those files. The input is automatically compressed and the output automatically decompressed.
Chapter 7. Mutal Exclusion — Lamport's solution, also called the Bakery Algorithm (p. 130)
The snaplock project is part of the snapwebsites environment. It is a daemon written in C++ allowing you to lock various resources on an entire cluster of computers for a small amount of time. A resource has a URL which is what we use to create the lock (we call it the Object Name.) The URL can be global to the whole cluster, specific to a website, or even specific to one special variable in a specific page of a specific website (in other words, very small granularity is ...
snaprfs is a daemon used to replicate files between computers on your Snap! cluster.
This is somewhat similar to what Hadoop is expected to do.
There are several capabilities as described below.
Keep a directory synchronized by copying the newest version of a file to all the other computers that do not already have it.
This is used to keep definitions in synchronization.
snaprfs keeps the files meta data in place (i.e. stat(3) information, especially the modification time) so it can detect whether one of the files on a computer is ...
Today I noticed hundreds of logs in the snapwatchdog services. These appear because the daemon checks whether clamav-freshclam is enabled. This is a daemon used to make sure fresh virus signatures are uploaded at least once a day.
Aug 23 18:14:42 hostname snapwatchdogserver[10305]: Failed to get unit file state for clamav-freshclam.service: No such file or directory
The snapwatchdog service runs its tests about once a minute. This means we check whether the clamav-freshclam service is enabled once a minute. That's 1,440 times a day, assuming we don't lose even one minute. ...
Today I was checking my logs and noticed this entry. As we can see, within about 600ms, an attacker was trying to connect to many different ports (20480, 20736, 36895, 37151, 22528, 16671, 14340, 20992, 4135, 64288, 45090, 21248, 21504, 31775, 39455, 42254, 47115.)
Note: I hid the destination URL (x.x.x.x) on purpose. However, I did not hide the source!
Jul 23 11:20:34 finball1 kernel: [1661019.650298] [iptables] unknown: IN=eth0 OUT= SRC=87.62.140.210 DST=x.x.x.x LEN=44 TOS=0x00 PREC=0x00 TTL=57 ID=52074 PROTO=TCP SPT=26091 DPT=20480 WINDOW=131 RES=0x00 SYN URGP=0 Jul 23 11:20:34 ...
Today I wanted to get a plugin to work against the snapmanager.cgi executable's server.
The idea is pretty simple, the process loads the plugins and one of them (so far) wants to connect against the generate_content() signal, only that signal is part of the manager_cgi class which is not part of a .so library. Because of that, it doesn't expose its functions by default.
This is a quite interesting problem because it makes sense that the executable functions would not be visible to the dynamic linker. It should not be required. Actually, this is the first time I need such a feature, ...
Snap! Websites
An Open Source CMS System in C++
