No Time to post =[

Oh I have no time to post 😦

Sorry for that but I was busy with my kernel development (I’m writing kernel, you didn’t know?).

Anyway I didn’t forget the blog! But come-one read and post comments!

void main()? No int main()!

Today at the morning, on my way to the bus station, I asked my self “What should I post today?”

Few years ago (about 3-4) I posted a question about C on one of the forums. I also included my code, it had void main() in it. People started to yell at me, that this is bad and not according the standard. Later I discovered that ANSI says that main must return a value, so I took it as a rule to follow the standard. I couldn’t really find any reason why void main() is bad, as it worked all the time no matter on what OS.

So, today when I know assembly I could find the answer to the holy war between int main and void main.

So what is the difference between void main() and int main()?

Well first of all lets take a look at the assembly code we get after we compile each version of main:

$cat foo.c
int main() { return 0; }
gcc foo.c -o foo
objdump -d foo
08048374 <main>:
08048374:     55                                 push %ebp
8048375:       89 e5                            mov %esp,%ebp
8048377:       b8 00 00 00 00     mov $0x0,%eax
804837c:       5d                                 pop %ebp
804837d:      c3                                  ret
804837e:      90                                  nop
804837f:       90                                 nop

And the second one

$cat foo.c
void main() {}
gcc foo.c -o foo
objdump -d foo
08048374 <main>:
8048374:        55                         push %ebp
8048375:        89 e5                   mov %esp,%ebp
8048377:       5d                          pop %ebp
8048378:        c3                         ret
8048379:        90                        nop
804837a:        90                        nop
804837b:        90                        nop
804837c:        90                        nop
804837d:       90                        nop
804837e:       90                        nop
804837f:        90                       nop

So the only difference in the line mov $0x0, $eax

How does return mechanism works?

So what really happens when you write return 5? This generates an assembly code of mov eax, 0x5. So we can tell for sure that the value in eax register is the value that the function returns. So why int and not void? The standard says that any application must return an error code to the OS, while 0 represents that the execution was successful and everything else represents an error. What the OS does with this value? Nothing special to be honest, but assume the following scenario:

Application A needs to execute application B. A can not continue without B finishes, however B can fail, in that case A have to fail also. How A will know that B failed? Exactly! It will check the value of the eax register after B finished to execute. If we used void main(), and the end of main eax will be undefined and may have any value! So its like Russian roulette 😛 This why we have to write int main()!

I hope this post was useful and you learned something new! Leave comments and have a good day 🙂

A Security bug in Linux kernel

My morning started as usual, woke up at 7:30, turned the PC one, went to kitchen to bring some food and make coffee, then back to the PC to check emails, facebook, forums, and RSS. So one of the news reports was a Linux kernel bug that existed for about eight years! Can you imagine it?

So in short:

Linux kernel implements different sockets. Each socket have a struct assigned to it called proto_ops. The only thing this struct hold is pointers to implementation of different functions like bind, accept, and so on. Some might not implement one of the functions, in this case they should send a pointer to stub function. But even if the pointer left NULL, most of the times the kernel will validate that it is null.

So where is the bug? In function sock_sendpage(). This function does not validate the pointer and therefore can call for a NULL pointer. In this case an attacker can place a code at page 0 and the kernel will execute this code in SUPERVISOR mode!

I haven’t heard about any patch yet, but I’m sure that there will be one soon.

Come Back, or “Welcome No. 2” Post

Wow, I forgot about my bloggie 😦

Bloggie says: “Write ten times that you are sorry!”

Me: “I’m sorry I’m sorry I’m sorry I’m sorry I’m sorry I’m sorry I’m sorry I’m sorry I’m sorry I’m sorry”

Bloggie: “Good!”

Well for those who wonders who the hell I am. I am a 1337 programmer ^^

Nah not really, I just like computers very much, I like programming, I am good at it. In this blog Ill write stuff about computers the most, some life stuff (don’t worry I wont cry about “how sucky my life is” cause my life is awesome :p ), programming, linux, music (metal at most \m/) and thats it.

You are free to comment, share your blogs, read and enjoy 😛

See you 🙂