Entries Tagged as 'Coding'

Vulnerability Management Axioms

The article is coming from here. I quoted part of it because it’s useful when we design vulnerability management tools.

To get anywhere with vulnerability management, Northcutt said there are five things to consider first:

  1. Vulnerabilities are the gateways through which threats are manifested.
  2. Vulnerability scans without remediation have little value.
  3. A little scanning and remediation is better than a lot of scanning and less remediation.
  4. Vulnerabilities in need of fixing must be prioritized based on which ones post the most immediate risk to the network.
  5. Security practitioners need a process that will allow them to stay on the trail of vulnerabilities so the fixes can be more frequent and effective.

Tags: Coding, Networks by hengdu
No Comments »

JVM Memory Management

JVM is still an application running on the OS. It’s interesting to know how JVM manages memory. Better performance in production servers is possible with proper configuration of JVM parameters, particularly those related to memory usage and garbage collection. The allocation of memory for the JVM is specified using -X options.

Heap Size

  • -Xms: initial java heap size.
  • -Xmx: maximum java heap size.

Stack Size

  • -Xss:     the stack size for each thread.

The snippet for Java Option.

JAVA_OPTS=”-Xms256m -Xmx2200m -Xss384k…

Generally, a JVM is using the following rules to manage memory:

  • When a JVM is invoked to run an application, it will ask the operating system for enough memory to run the JVM itself and some free memory for the application to create new objects.
  • When a new object is created, the JVM will allocate memory for that object out of the free memory area.
  • When the free memory area is getting too small, the JVM will ask the operating system for more.
  • When a object is no longer used by the application, it will be destroyed. Its memory will be freed up and merged back to the free memory area.
  • When the free memory area is used up, and there is no more additional memory available from the operating system, the JVM will stop the application and issue the “Out of memory error”.

Tags: Coding by hengdu
No Comments »

Shell Programming: test operators

Shell programming can execute test command for strings, integers and files. It’s commonly used when process conditional commands by using if-then-else appraoch.

You can compare two strings to see whether they are equivalent or not. You also can test a single string to see whether it has a value or not.

String

The test command can perform comparaion for integers.

Integers

All the file test options return true only if the file exists.

File

Tags: Coding, Linux by hengdu
No Comments »

Two’s-complement System

Two’s-complement system is the most common method of representing signed integers on computers. The alternatives are One’s complement, Sign-and-magnitude and Biased representation. An N-bit two’s-complement system can represent every signed interger in the range from -2^(N-1) to 2^(N-1)-1.

Negating a two’s complement number is simple: Invert all the bits and add one to the result. For 32-bit integer, negating 0xFFFF, we get 0×0000 + 1 = 1. Therefore, 0xFFFF must represent -1. Thus, when we use _mm_set1_epi8(-1), which is defined in SSE library, it will set 16 singned 8-bit integer value to 0xFF.

Right-shift negtive integer will always set the highest bit. So, right-shift -1 will always get -1. The following is the result after -1 left-shift 31 bit.

#include <stdio.h>
int main()
{
signed int a;
a = -1;
printf(“a is %d\n”,a);
a = a << 31;
printf(“a is now %d\n”,a);
return 0;
}

a is -1
a is now -2147483648

Tags: Coding by hengdu
No Comments »

UTF-8 to UTF-16 Mapping

UTF-8 to UTF-16

UTF-8 Pattern UTF-16 High Byte UTF-16 Low Byte
0tuvwxyz 00000000 0tuvwxyz
110pqrst
10uvwxyz		 -
00000pqr		 -
stuvwxyz
1110jklm
10npqrst
10uvwxyz		 -
-
jklmnpqr		 -
-
stuvwxyz
11110efg
10hijklm
10npqrst
10uvwxyz		 -
110110ab
-
110111qr		 -
cdjklmnp
-
stuvwxyz

Reference: Cameron, R. “A Case Study in SIMD Text Processing with Parallel Bit Streams”, School of Computing Science, SFU, 2008

Tags: Coding by hengdu
No Comments »

Unicode Range to UTF-16 Pattern

Using one table to express RFC 2781

Unicode to UTF-16

Unicode Range Code Point Pattern UTF-16 Pattern
0000-007F 00000 00000000 0tuyvwxyz 00000000
0tuvwxyz
0800-FFFF 00000 00000pqr stuvwxyz 00000pqr
stuvwxyz
0800-FFFF 00000 jklmnpqr stuvwxyz jklmnpqr
stuvwxyz
10000-10FFFF efghi jklmnpqr stuvwxyz 110110ab
cdjklmnp
110111qr
stuvwxyz

Tags: Coding by hengdu
No Comments »

C/C++: srand() and rand() to get random numbers

We can simply design a 6/49 lottery selector by randomly get numbers from 1 to 49. We will use srand() and rand().

srand() initializes random generator by argument seed. Normally, we use time() as seed.

srand( (unsigned int) time( (time_t *) NULL) );

rand() is function call to generate numbers which initialized some distinctive value using srand(). We can get number from 1 to 49 by mod 49 and plus 1.

(rand() % 49) + 1;

Tags: Coding, How-to by hengdu
No Comments »

C/C++: Swap Two Value by XOR

#include<stdio.h>
int
main()
{
int one=20;
int two=21;

one ^= two;
two ^= one;
one ^= two;

printf(“new one is:%d, new two is:%d\n”, one, two);

return 0;
}

Tags: Coding by hengdu
No Comments »

C/C++: #define

#define is precompile directive for compiler. Basically, #define has three functionalities, text substitutions, macro and conditional compiler directives.

1. Define Text Substitutions

#define MAXNUMBER 1024

#define BUFFER 2048

#define TRUE 1

#define FALSE 0

2. Define Macro

#define mem_clear(name) memset( name, ‘ ‘, sizeof(name))

#define max(a, b) ( (a) > (b) ? (a) : (b) )

However, sometimes, define macro do have some drawbacks. If “a” is “++i” in above definition, the “i” will be increment two times. Macro doesn’t have memory address. Macro doesn’t have recursive algorithm. Thus, Macro is hard to debug.

3. Conditional Precompile Directive

This feature has more advantage. we can put #ifdef, #ifndef and #endif in anywhere in the body of program. It will cooperate with configuration file to realize the certain functions.

#ifdef FAST_FUNC
#ifndef BUFFERED_FUNC
rslt = func((char **) &srcbuf_ptr,
&inbytes_left,
(char **) &trgtbuf_ptr,
&outbytes_left);
#endif

Tags: Coding by hengdu
No Comments »

How to get percentage of package loss

Due to testing on the network, the package lost rate is needed. The following bash script shows how to get percentage of package loss. I split IP address to four segments since it will be easy to manipulate for loop.

PINGTMP=/tmp/ping.tmp

IP_1=`echo $IPADDRESS | awk -F”.” ‘{print $1}’`
IP_2=`echo $IPADDRESS | awk -F”.” ‘{print $2}’`
IP_3=`echo $IPADDRESS | awk -F”.” ‘{print $3}’`
IP_4=`echo $IPADDRESS | awk -F”.” ‘{print $4}’`
ping -t 5 -c 2 $IP_1.$IP_2.$IP_3.$IP_4 > $PINGTMP
pack_loss=`awk ‘/statistics/{getline;print $6}’ $PINGTMP`
echo $pack_loss

Tags: Coding, How-to, Linux by hengdu
No Comments »

Next Page »