I read 8 bytes each time from a file.
the problem is in Windows, when It comes to the last bytes - it finds it less than 8 bytes so fread don't work and returns 0 . so I miss one or more characters from the file.
This behaviour doesn't happen in Linux with the same code.
How can I avoid this ?
Related
I tried running Apache a few times to see the effect of ASLR
I know that because of alignment, the last byte and a half is 0, and because of "canonization" the first two bytes are irrelevant, so that leaves 4 bytes and a half to randomize which is quite a lot
But I noticed that the first two bytes are always 7fff so does that mean only 2 bytes and a half are random ?
Background
I am reading buffers using the Node.js buffer native API. This API has two functions called readUIntBE and readUIntLE for Big Endian and Little Endian respectively.
https://nodejs.org/api/buffer.html#buffer_buf_readuintbe_offset_bytelength_noassert
Problem
By reading the docs, I stumbled upon the following lines:
byteLength Number of bytes to read. Must satisfy: 0 < byteLength <= 6.
If I understand correctly, this means that I can only read 6 bytes at a time using this function, which makes it useless for my use case, as I need to read a timestamp comprised of 8 bytes.
Questions
Is this a documentation typo?
If not, what is the reason for such an arbitrary limitation?
How do I read 8 bytes in a row ( or how do I read sequences greater than 6 bytes? )
Answer
After asking in the official Node.js repo, I got the following response from one of the members:
No it is not a typo
The byteLength corresponds to e.g. 8bit, 16bit, 24bit, 32bit, 40bit and 48bit. More is not possible since JS numbers are only safe up to Number.MAX_SAFE_INTEGER.
If you want to read 8 bytes, you can read multiple entries by adding the offset.
Source: https://github.com/nodejs/node/issues/20249#issuecomment-383899009
I was playing around with some assembly programming and wrote some code to read in 4096 bytes from stdin using the syscall sys_read. However, it reads only around a 120 bytes from stdin.
Why does this happen? Is there any system level setting that I can change in order to read more bytes in one go? Is there any other way I can get around this limitation and force the program or sys_read to read in more bytes?
stdin may be line buffered, do you happen to have a line feed at that position?
In general, however, read is allowed to return less than what you ask for. The solution is to read in a loop until you got all the bytes needed.
Could anyone provide some insight into the following assembly code:
More Information:
The bootloader is in fact a small 16bit bootloader that decipher using Xor decryption, a bigger one, a linux bootloader located in sectors 3 to 34. ( 1 sector is 512 byte in that disk )
The whole thing is a protection system for an exec running on embedded Linux.
the version where the protection was removed has the linux bootloader already deciphered ( we were able to reverse it using IDA ) so we assume that the xor key must be made only with zero's in the version without the protection.
if we look at offset 0x800 to 0x8FF in the version with protection removed it is not filled with zero's so this cannot be the key otherwise this version couldn't be loaded, it would xor plain data and load nothing but garbage.
the sectors 3->34 are ciphered in original version and in clear in our version ( protection removed ) but the MBR code ( small prebootloader ) is identical in both version.
So could it be that there is a small detail in the assembly code of the MBR that changes slightly the place of the xor key?
This is simply an exercise I am doing to understand assembly code loaders better and I found this one quite a challenge to go through. I thank you for your input so far!
Well, reading assembly code is a lot of work. I'll just stick to answering where does the "key" come from.
The BIOS loads the MBR at 0000:7C00 and sets DL to the drive from which it was loaded.
First, your MBR sets up a stack growing down from 0000:7C00.
Then, it copies itself to 0000:0600-0000:07ff and does the far jump which I assume is to the next instruction, however on the copied version, 0000:061D. (EDIT: this copy is a pretty standard thing for an MBR to do, typically to this address, it leaves the address space above free) (EDIT: it copies itself fully, I misread).
Then, it tries 5 times to read sector 2 into 0000:0700-0000:08ff, and halts with an error message if it fails (loc_78).
Then, it tries 5 times to read 32 sectors starting from sector 3 into 2000:0-2000:3FFF (absolute address 20000-23FFF, that's 16kB starting at 128kB).
If all goes well we are at loc_60 and we know what we have in memory.
The loop on loc_68 will use as destination the buffer holding those 32 sectors.
It will use as source the buffer starting at 0000:0800 (which is the second 256 bytes of the buffer we read into 0:0700-0:08ff, the second 256 bytes of sector 2 of the disk).
On each iteration, LODSW adds 2 to SI.
When SI reaches 840, it is set back to 800 by the AND. Therefore, the "key" buffer goes from 800 to 83F, which is to say the 64 bytes starting at byte 256 of sector 2 of the disk.
I have the impression that the XORing falls one byte short... that CX should have been set to 4000h, not 3FFF. I think this is a bug in the code.
After the 16kB buffer at physical address 20000 has been circularly XORed with that "key" buffer, we jump into it with a far jump to 2000:0.
Right? Does it fit? It the key there?
I am reading programming from the ground up
in chapter 5,
the program uses 500 byte buffer for 1byte long character converting.
shouldn't it have to use double loop?
loop1 for read 500 byte by 500 byte from file.
loop2 for processing something in the 500 byte maybe a byte at at time.
and I think this make program little bit more complicated.
if I use a byte buffer for convert
there is nothing need but just one loop
loop1: read 1byte and processing it.
is there any good point to use 500 byte buffer for simple upper-case converter?
my development environment is x86,linux,assembly,at&t syntax
The only reason to consider doing it 500 (or more) bytes at a time is that it may reduce the number of function calls into the library and/or Operating System services you're using for I/O. I suggest you try it both ways and measure the performance difference for yourself. Say your two versions are compiled to executables named ala uppercase.version, you can get a report on the CPU and elapsed time for it to run by typing the following at the shell prompt:
time uppercase.byte_by_byte < input > output
time uppercase.500_byte_blocks < input > output