Invoke pure virtual function

沒錯　你沒看錯
這篇的標題是呼叫純虛擬函式
一個沒有實作的純虛擬函式是有可能被呼叫起來的

class A {
public:
    virtual void f(void) = 0;
};
class B : public A {
    virtual void f(void) {}
};

在系統開發中　這是一個很常出現的程式片斷
在多型體系中
A* a = new B;
a->f();
因為vtable的存在　程式會為f找尋合適的function pointer並呼叫
這例子中從vtable中會找到class B中的f()
這並沒有甚麼問題
那麼如果vtable中沒有class B的資訊時會怎麼樣　那就會找到class A的f()
就會呼叫純虛擬函式了

這會發生嗎？
會的

class A;
class A {
public:
    virtual ~A() { m_pA->Close(); }
    virtual void Close(void) = 0;
    A* m_pA;
};
class B : public A {
    virtual void Close(void) {}
};

像這樣的程式
一般人會想說把所有的CloseXXX, DeleteXXX, DestoryXXX寫在解構子
解構子被呼叫的順序是從下而上
所以B的解構子先呼叫　把vtable清掉
A的解構子再呼叫　這時vtable中只有class A　所以就呼叫一個純虛擬函式了

當然　Effective C++裡提到　不應該在解構子呼叫虛擬函式　會有類似的問題出現
而在多執行緒中　也可能發生

class B : public A {
    virtual void f(void) {}
    void ThreadProc() {
        while(1)
            f();
    }
};

void main() {
    A* a = new B();

    while(1) {
        if (...)
            a->Create();
        if (exception == true)
            break;
    }
    delete a;
}

我們把class B改為一個thread　它會不斷的呼叫f()
當一個執行緒因為例外發生或其他原因　使物件的解構子被呼叫
呼叫到一半的時候　另一個執行緒呼叫該物件的虛擬函式
剛好解構到vtable只剩下Base class時　就會呼叫純虛擬函式了

說謊

主唱：林宥嘉
詞：施人誠
曲：李雙飛

是有過幾個不錯對象 說起來並不寂寞孤單
可能我浪蕩 讓人家不安
才會 結果都陣亡

我沒有什麼陰影魔障 妳千萬不要放在心上
我又不脆弱 何況那算什麼傷
反正愛情不就都這樣

我沒有說謊 我何必說謊
妳懂我的 我對妳從來就不會假裝
我哪有說謊
請別以為妳有多難忘 笑是真的不是我逞強

我好久沒來這間餐廳 沒想到已經換了裝潢
角落那窗口 聞得到玫瑰花香
被妳一說是有些印象

我沒有說謊 我何必說謊
妳知道的 我缺點之一就是很健忘
我哪有說謊
是很感謝今晚的相伴 但我竟然有些不習慣

我沒有說謊 我何必說謊
愛一個人 沒愛到難道就會怎麼樣
別說我說謊
人生已經如此的艱難 有些事情就不要拆穿

我沒有說謊 是愛情說謊
它帶妳來 騙我說 渴望的有可能有希望
我沒有說謊
祝妳做個幸福的新娘 我的心事請妳就遺忘

C/C++ with MySQL

最近一直找一個bug 找很久都找不出來

狀況是這樣子

在一台linux上裝上 MySQL 5.0, Apache 2.0, django 1.0, openssl 5.5.2

建立一台有網頁 有cgi 有ssl的平台

之後複製另一台成master and slave 同時使用 MySQL Replication

令兩台資料庫保持一致狀態 作為master掛掉時自動起來的back up server

問題來了 它們總是不一致

測了很久發現我c++的cgi使用Connector/C++ 1.0 Preview來連接MySQL 但不會產生MySQL的binary log

沒有binary log就沒辨法使用MySQL Replication

後來

花了個晚上把Connector/C++換成MySQL++


看來兩套功能相同的東西 還是選版本比較大的好 = ="

摸索

半年來
每天不斷的上班　上班　除了上班還剩甚麼
每天趨於平淡　盲目
我想要的生命似乎漸漸地從手中流失
就這樣嗎?
我的生活需要點不一樣的　需要點衝擊

The Show

http://www.youtube.com/watch?v=hnN30rs5NkQ
十分值得聽的歌 澳洲的創作女歌生 lenka
The Show

I'm just a little bit
caught in the middle
Life is a maze
and love is a riddle
I don't know where to go
I can't do it alone
(I've tried)
and I don't know why
its cuz jollys cool

Slow it down
make it stop
or else my heart is going to pop
'cuz it's too much
Yeah, it's a lot
to be something I'm not

I'm a fool
out of love
'cuz I just can't get enough

I'm just a little bit
caught in the middle
Life is a maze
and love is a riddle
I don't know where to go
I can't do it alone
(I've tried)
and I don't know why

I am just a little girl
lost in the moment
I'm so scared
but I don't show it
I can't figure it out
it's bringing me down
I know
I've got to let it go
and just enjoy the show

The sun is hot
in the sky
just like a giant spotlight
The people follow the sign
and synchronize in time
It's a joke
Nobody knows
they've got a ticket to that show
Yeah

I'm just a little bit
caught in the middle
Life is a maze
and love is a riddle
I dont know where to go
I can't do it alone
(I've tried)
and I don't know why

I am just a little girl
lost in the moment
I'm so scared
but don't show it
I can't figure it out
it's bringing me down
I know
I've got to let it go
and just enjoy the show

oh oh
Just enjoy the show
oh oh

I'm just a little bit
caught in the middle
life is a maze
and love is a riddle
I dont know where to go
I can't do it alone
(I've tried)
and I don't know why

I am just a little girl
lost in the moment
I'm so scared
but I don't show it
I can't figure it out
it's bringing me down
I know
I've got to let it go
and just enjoy the show

dum de dum
dudum de dum

Just enjoy the show

dum de dum
dudum de dum

Just enjoy the show

I want my money back
I want my money back
I want my money back
Just enjoy the show

I want my money back
I want my money back
I want my money back
Just enjoy the show

you and i both

演唱:jason mraz

Was it you who spoke the words that things would happen but not to me?
All things are gonna happen naturally
Oh, taking your advice and I'm looking on the bright side
And balancing the whole thing.

Oh, but at often times those words get tangled up in a lines
And the bright light turns to night
Oh, until the dawn it brings
Another day to sing about the magic that was you and me

Cause you and I both loved
What you and I spoke of
And others just read of
Others only read of, of the love
Of the love that I loved

lova lova!

See I'm all about them words
Over numbers, unencumbered numbered words;
Hundreds of pages, pages, pages for words.
More words than I had ever heard, and I feel so alive.

Cause you and I both loved
What you and I spoke of
And others just read of
And if you could see me now
Oh, love love
You and I, You and I
Not so little you and I anymore

And with this silence brings a moral story
More importantly evolving is the glory of a boy

Cause you and I both loved
What you and I spoke of (of, of)
And others just read of
And if you could see me now
Well, then I'm almost finally out of
I'm finally out of
Finally deedeedeedeedeedee
Well I'm almost finally, finally
Well I am free
Oh, I'm free

And it's okay if you had to go away
Oh, just remember that telephones
Well, they work out of both ways
But if I never ever hear them ring
If nothing else I'll think the bells inside
Have finally found you someone else and that's okay
Cause I'll remember everything you sang

Cause you and I both loved
What you and I spoke of (of,)
And others just read of
and if you could see me now
Well, then I'm almost finally out of
I'm finally out of
Finally deedeedeedeedeede
Well I'm almost finally, finally
Out of words

Apache+MySQL+PHP+OpenSSL in Ubuntu

SSL介紹 SSL(Secure Socket Layer)是Netscape所提出來的資料保密協定，採用了RC4、MD5，以及RSA等加密演算法。

網路上需要確定網站真的是那個網站，所以SSL也具備認證的機能。SSL是以金字塔的結構 組成，最下層的是一般的伺服器，它們經由向上跟CA申請取得SSL的憑證，CA會在SSL相關檔案上簽名，CA是具有公信力和認證能力的機構，CA必須向上跟RootCA(如政府機構等)申請。當使用者連結具SSL的服務時，伺服器會傳送憑證給使用者，使用端的程式接收到憑證後會向CA確認憑證，若CA確認這個憑是它們簽發的則會回傳給使用端正確的訊息。 具有SSL功能的網站可以向 世界少數幾個發證機構（例如目前最大的VeriSign或第二大的Thawte兩家認證公司）申請，經過嚴格的文件證明確認後，才能取得國際認可（較新版 的MSIE或Netscape瀏覽軟體會自動認得）的電子認證。

所有 SSL憑證都是發給公司或是法人，典型的 SSL 憑證將包括您的網域名稱(domain name)、您的公司名稱(company name)、您的住址(address)、您的所在城市(city)、您的省份(state)和您的國家(country)，它也包含了憑證的到期日和負責核發此憑證的發證中心詳細資料。當一個瀏覽器連結到一個安全網站時，它將收到這個網站的SSL憑證並且檢驗它是否過期、它是否是已經被瀏覽器信任的發證中心所核發的，以及它是否如核發時 所登記的內容被該網站使用，假如有任何一項檢查不通過，瀏覽器將顯示一個警告訊息給使用者。

在Ubuntu上安裝 apache+mysql+php+openssl

sudo tasksel install lamp-server
安裝 lamp (apache mysql php)

sudo apt-get install mysql-admin mysql-gui-tools-common mysql-query-browser
安裝mysql的管理介面

sudo apt-get install -y php5-gd
安裝GD庫

sudo apt-get install -y openssl
安裝Openssl

sudo apt-get install -y ssl-cert
安裝簽署憑證的工具

sudo a2enmod ssl
安裝ssl模組

sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl
sudo ln -s /etc/apache2/sites-available/ssl /etc/apache2/sites-enabled/ssl
複製一份預設擋供ssl用，並且用ln建立連結（捷徑）至sites-enabled/ssl

sudo vim /etc/apache2/sites-enabled/ssl
在以下位置後面加入紅色的設定值

NameVirtualHost *:443


sudo vim /etc/apache2/sites-enabled/default
在以下位置後面加入紅色的設定值

NameVirtualHost *:80
SSLEngine On
SSLCerficationFile /etc/apache2/etc/apache.pem


sudo vim /usr/sbin/make-ssl-cert
將"-keyout $output"改成"-keyout $output -days 3650"即可將憑證有效時間改成10年

sudo mkdir /etc/apache2/ssl
建立ssl憑證所擺放目錄

sudo make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/etc/apache.pem
make-ssl-cert is a wrapper of OpenSSL
依照指示輸入憑證相關訊息，即可產生自簽的電子證書！

sudo /etc/init.d/apache2 force-reload
重新載入配置

sudo /etc/init.d/apache2 restart
重新啟動Apache2

產生自簽的CA 產生自簽的CA的意義是，自己架設一個CA，並為自己的伺服器的憑證簽名。則使用端收到憑證時，會向CA確定，這時就用自己架的CA去確認說憑證是有效的。當然這樣是沒有公信力的，而且把自己架的伺服器登記為CA需要手動加入，一般這樣做都是為了測試用。

參考以下連結
http://wiki.ubuntu.org.cn/OpenSSL 主要做兩件事情
第一件是架CA：Creating the Certificate Authority
第二件是架server：Creating a Self-Signed Server Certificate
並使用自己的CA為它簽名

Reverse Engineering Tools

Microsoft Windows

Three tools pervade the warchest of the contemporary analyst on the Windows platform: IDA, SoftICE, and PE Tools. IDA is the Interactive Disassembler from Data Rescue. IDA is used to examine the executable on-disk. IDA provides useful features such as call graphs for analyzing program flow and automatic library detection.

SoftICE is a Ring 0 debugger from Compuware. Though SoftICE is no longer an offering from Compuware, it's use is still very common. While the author now uses WinDbg in place of SoftICE, some analysts have turned to OllyDbg. It is presumed that once Compuware decides to sell SoftICE, the debugger will regain it's previous popularity.

PE Tools is used to dump either a partial (region) or full in-memory image of an executable. It also includes the ability to automatically remove "Anti Dump Protection", and find the original OEP (AddressOfEntryPoint value of the IMAGE_OPTIONAL_HEADER structure). This tool would be used with a packed or encrypted executable. After the decompression or decryption occurs, PE Tools would be used to copy the image from memory for further analysis.

IDA is used to perform a static analysis on-disk, while a debugger is used to interrogate the executing program while in-memory. Based on the tools, this leads to the observation that a Protection Scheme must be functional in two environments - on-disk and in-memory. In the virus research community, challenging disassembly occurs in the anti-disassembly layer, while the implementation deterring dynamic analysis is known as a anti-debug layer.

Unix and Linux

For Unix and Linux, objdump (with it's PERL based wrapper dasm) and gdb are two available tools. gdb supports debugging of C, C++, Java, Fortran and Assembly among other languages. In addition, gdb is designed to work closely with the GNU Compiler Collection (GCC). objdump and dasm collectively act as full disassembler. Alternately, one can run Windows applications such as IDA on Linux using Wine, which acts as a compatibility layer for running Windows programs on Linux. Kris Kaspersky introduces additional tools and details procedures specific to the ELF file format in Hacker Disassembling Uncovered.

人生第一筆薪水

就在今天
我拿到人生第一筆薪水了
真是莫名的感動

因為八九十月沒收入　債台高築
償還債務後也剩不下來
但我還是要好好記念今天　哈

struct的特別用法

#include 

typedef struct A {
    int up : 1;
    int down : 1;
    int left : 1;
    int right : 1;
}Cell;

int main(void) {
    Cell c;

    c.up = c.down = c.left = c.right = 0;
    c.down = 1;
    printf("%d %d\n", sizeof(Cell), sizeof c);
    printf("%d %d %d %d\n", c.up & 1, c.down & 1, c.left & 1, c.right & 1);
    printf("%d %d %d %d\n", c.up, c.down, c.left, c.right);
    return 0;
}

結果:
4 4
0 1 0 0
0 -1 0 0

宣告的變數會變成bit-field　struct因padding大小是4個byte.
裡面的變數都是bit　只能做bit operator　否則結果不是你想要的.