security on Linux ?

Downloading the Linux kernel 0.0.1 was a wonderful learning for me as I could see the basic code structure of ‘now’ a highly advanced and huge code base. A very basic scheduler, very small code for init routine and infact for every module and yes (very) basic code for panic – see 🙂 !

volatile void panic(const char * s)
        printk("Kernel panic: %snr",s);

few minutes back, I went through the an article by M. Douglas McIlroy (Bell Labs), here is the link for that. Virology-01 [ pdf – Get Adobe Acrobat Reader ]Article discusses ‘how to write viruses’ using ‘Unix Shell’ as the language ! A basic but interesting article.

World of Rootkits.Rootkits are malicious (?) programs which make themselves hidden from the programs which are normally used for tracing other processes and hence from the user.Term was initially used for the Unix programs which could make themselved hidden from normal utilities available on Unices like ps, lsmod, netstat, ls to find processes/files etc. But now rootkits are available on non-‘unix based platforms’ as well.Rootkits can be user space programs as well as kernel space programs.

user space programs mostly work by replacing the original ‘process/files tracking’ utilities on the system by their versions.

kernel space rootkits are harder to find since they ‘hook’ the callflow through these utilities very deep in the system and modify the output their itself.

Finding Rootkits: visit this link. A nice discussion. Well .. that was it for now !

Linux kernel 0.0.1

Visited kernel newbies this morning and as advised there, few minutes back, I downloaded linux kernel 0.0.1 to see a basic linux kernel. Its around 10K LOC of C and Assembler code.

[root@localhost kernels]# tar -xvzf linux-0.01.tar.gz
linux/ linux/Makefile

[root@localhost kernels]# cd linux

While I am going to have my date with this historic version of linux, you can download it from: Here

zero sized allocation using malloc on AIX !

what happens when we try to allocate 0 bytes memory using malloc() ? My assumption was that memory will not be allocated but see what happened ! I tried it on two operating system environments – Linux and AIX (whose behaviour I heard is different from ‘default’) following is the linux version of the code :-

int main()
    int *p = 0;
    printf("before addr: %pn", p);
    p = (int *) malloc(0);
    printf("after addr: %pn", p);
    printf("sizeof: %un", sizeof(*p));
    *p = 1;
    printf("--- %d -- this is the last statment.n", *p);

and when run, produces following output on my shell,

[root@localhost work]# ./alloc
before addr: (nil)
after addr: 0x80496c8
sizeof: 4
--- 1 -- this is the last statment.

and this is the AIX version :-


int main()
int *p, *q = 0x0;
printf("before addr : %pn", p);
p = (int *) malloc(0);
printf("after addre : %p %dn", p, *p);

and the output goes here:

fundu[/manoj]: ./alloc
before addr : 2ff22ca8
after addre : 0 0
sizeof: 4 4

when I tried using the memory allocated in AIX program, using

*p = 1;

it segfaulted as expected by me !


  • allows a ‘read’ of the zero sized allocated memory
  • DOES NOT allow a ‘write’ on the zero sized allocated memory
  • sizeof shows an allocation of 4 bytes.

while Linux

  • allows a ‘read’ of the zero sized allocated memory
  • allows a ‘write’ on the zero sized allocated memory
  • sizeof shows an allocation of 4 bytes.

.. strange. but led me to ‘google’. following are the links I found interesting:

and following is a snip from a mailing list:

> I've tracked down the problem to change (somewhere) in 2.2.0 vs. 2.1.1 which
> has
> resulted in re_node_set_alloc() (in src/main/regex.c) being called with a
> size
> of 0.
> Whereas some system (Solaris, Linux, ...) return a valid pointer to a
> zero-size allocation, OSF1 returns a NULL pointer on a 0 allocation
> request
> (documented as such, and the Open Group Base Specifications Issue 6 documents
> that either may happen). The calling code treats a NULL return as a ESPACE
> error.

DB programming in Perl

In the need of creation of a database and a way to add an interface for interaction with that, today I learned how to work on MySQL.

Also got to work at Perl DBI for interaction with MySQL. Database access steps are similar to those in other languages:

for using MySQl, go here.

once your MySQL database is ready and assuming that you have created the database named mydb (how ? refer the link above !), you can continue for you safari into Perl DBI.

we begin our database programming by connecting to it with following steps.

use DBI; # to use Perl DBI ;

my $dsn = ‘DBI:mysql:mydb:localhost’; # DSN string

my $db_user_name = “myusername”; # user name for db
my $db_password = “mypasswd”; # passwd for db

my $dbh = DBI->connect($dsn, $db_user_name, $db_password); # connect to mydb

Now, we are ready for processing queries and statements on our database.

for a query like ‘select’ which return some record sets, the process is:

$statement = “select * from mytable”;
my $sth = $dbh->prepare($statement);
$sth->execute or die “can’t execute the query: ” . $sth->errstr;

Now for traversing through the records (rows) we have APIs to help:

while(@row = $sth->fetchrow_array) {

# access @row as an array:
# $row[0] is first field(column)
# $row[1] is second field (column) …

# … other stuff

$sth->finish; # reinitialize the handle when needed. we are done.

for the queries like ‘insert’ which do not return any records:

$statement = “insert into mytable values(0, “Manoj”, “402A, West Avenue”)”; $dbh->do($statement) or print $DBI::errstr;


$dbh->disconnect; # disconnect the db.

following are some links that can come to your rescue in case you get toads !


quiet technical day !

  • completed the book on Perl that I started yesterday (Picking up Perl – ebook). Learnt about Arrays (lists), hashes, regular expressions (seem powerful) and some functions. Also learnt the way to write subroutines in Perl (Never used subroutines although I have done a ‘lot’ of programming on Perl including an open source project coocle v1.0 and 1.1.
  • Today morning, I came and wanted to look at the status of a bug on a panic/crash on a solaris system and hey chandra, a senior colleague already analysed and summarised the cause and hey man the way was damn impressive. He got the address of instruction at which (or near which) code panicked. analyzed the disassembly of the binary (.o for modules) and went to the probable instructions and then went into code and what ? he gave the line number on which there was a null pointer dereference – I am impressed !! and you guessed that, I started looking for crash analysis techniques on solaris — that’s going to be next task ! for me. MDB is next thing I am gonna learn about.
  • how do you generate a core file on a Linux system ?
    $ ulimit -c unlimited
    int main () {
    pid_t pid;
    pid = getpid();
    #define MSIGSEGV 11
    kill(pid, MSIGSEGV);
    #undef MSIGSEGV
  • after execution, you get the core generated in the current working directory. What did I write in the code ? clearly sending a signal SIGSEGV to my own dear program and SIGSEGV is nothing but segmentation fault.

    An interesting open source project by google is hosted on here.

first day – bloggin at wordpress !

I today switched from (not exactly ..) because I found wordpress better in several aspects –

  • categorization support
  • use of validated HTML
  • simple and elegant looks
  • anti-incumbancy factor

I should start right away the topic I started the blog for. I learnt few things today:

  1. started with Perl. I have done programming in this language but did not get systematically into the language ever. I mean like a ‘hacker’.today I learnt about builtin data types, operators and scalar variables.
  2. I started reading Freakonomics today, the book by famous economist Steven D. Levitt. and learnt that sometimes small things/incidents have slow but big impact on the future.

that was it for today. good night.