WTF Bites
-
@remi To be honest, moving a full bookcase and then having Gaston help is asking for trouble.
-
-
@luhmann Well as I recall those comics Gaston is quite capable of taking the initiative for such an undertaking as well, if he needs the bookcase moved. But my limited French suggests that's not the case here.
-
@timebandit said in WTF Bites:
That makes sense to me. Bald Eagles can eat the apple pie. But if you take a bat to a bird, we'll shoot you.
-
@remi To be honest, moving a full bookcase and then having Gaston help is asking for trouble.
Not necessarily... (the two strips at the bottom... the top ones are a different story and removing them would require, well, you know, working )
(that one might be less understandable without translation. Basically, Fantasio (Gaston's boss) scolds him for moving books one by one, then thinks how childish Gaston's overreaction is, and that he will not go through the door, and waits gleefully for the inevitable. When that does not happen, he exclaims "he did think!")
-
@benjamin-hall said in WTF Bites:
Or, as I tell my students--
That would involve effort. I'm allergic to effort.
M'enfin?!
-
@timebandit said in WTF Bites:
That makes sense to me. Bald Eagles can eat the apple pie. But if you take a bat to a bird, we'll shoot you.
The only appropriate way to kill bald eagles is with windmills.
-
@TimeBandit said in Being rather crude (From: In other news today...):
@benjamin-hall said in Being rather crude (From: In other news today...):
There is no replacement as it stands right now and none in the cards. Especially not for things bigger than passenger cars.
It's coming real soon
Fuck you, it's an embedded youtube video. You don't even pay for the bandwidth.
-
Suggesting emoji is hard: it means Dango needs to understand the meaning of what you’re writing in order to suggest emoji you might want to use. At its core, Dango’s predictions are powered by a neural network.
-
@timebandit said in WTF Bites:
I guess I'm not American, literally none of those things remotely applies to me....
-
@tsaukpaetra My wife likes to make apple pie. The bald eagles I usually see are in Canada.
-
@pie_flavor said in WTF Bites:
@benjamin-hall Yup. Online textbooks and looseleaf textbooks are how they're getting rid of textbook resale/renting (which the bookstore actually offers its own service for). A lesser evil, but still very present, is the monopoly Texas Instruments has over calculators used in exams - I could buy a Chromebook for less than I paid for my calculator.
You used to be able to rent textbooks on amazon for considerably less than list price, but one or two years back the major publishers stopped doing that, although occasionally I still see one when browsing around. Likewise you could download the entire book to preview for a short span of time, but that too appears to have completely disappeared.
Filed Under: I wonder if Apprentice Alf had something to do with it
-
@greybeard said in WTF Bites:
@tsaukpaetra My wife likes to make apple pie. The bald eagles I usually see are in Canada.
I like to eat apple pie. When I lived in Washington, I occasionally saw a bald eagle flying around. Baseball is my favorite spectator team sport, and the only one where I consistently root for a specific team.
-
@benjamin-hall said in WTF Bites:
@pie_flavor said in WTF Bites:
I had to deal with Wiley for my CS class.
I'm sorry. But at least they're not Elsevier!
Elsevier is the Oracle of the publishing world. Except worse.
Which reminds me--I know someone in Disney's hotel side IT department. He said they're trying to implement one of Oracle's products and decided to go uncustomized. Oops. Many of the features are just plain not implemented/broken in the base version.
OTOH, Disney's big enough they could probably make and win an "unfit for purpose" lawsuit or something like that. Or just say "nope, nevermind, not buying" and scare Oracle into giving them all the work they need for free.
/me checks Wikipedia
Huh, they're about the same in size, actually.
Disney:
Oracle:
-
@dreikin what if Oracle bought Disney
-
@pie_flavor a match made in hell.
-
@benjamin-hall The empty ride line is null!
-
@pie_flavor said in WTF Bites:
@dreikin what if Oracle bought Disney
-
@benjamin-hall said in WTF Bites:
Elsevier is the Oracle of the publishing world
Does that make Packt the Zonitron of publishing?
-
@scholrlea said in WTF Bites:
@benjamin-hall said in WTF Bites:
Elsevier is the Oracle of the publishing world
Does that make Packt the Zonitron of publishing?
I'm on the reference here. Both, in fact.
-
Packt is a 'programming manual' company known for their abysmal quality and the speed at which they publish new books on the Buzzword of the Day. While their entry on Wicked-Pedo describes them as a 'print on demand' company, they also have more pro-active publishing activities. They have recruiters trawling help fora to find new authors - I once posted a newb-level question on the Spree E-Commerce help forum, then five months later (long after I'd forgotten Spree existed) got an email from a Packt rep praising me as a 'respected expert on Spree' and asking me if I would write a book on it for them for the princely sum of $500 US (no royalties). A quick check of the forum showed that this recruiter had hit up everyone who had ever posted anything on the message board.
Zonitron, by comparison, is a game developer who got kicked off of Steam last year, having used a dozen or more sockpuppet 'development house' names on Steam to push out over 170 games in six months - nearly 1% of all games in the Steam library. Most of these games were slight re-skins of the same dozen or so simple-minded knock-offs of 1980s games.
-
@benjamin-hall said in WTF Bites:
I'm on the reference here. Both, in fact.
It was a post by @ScholRLEA. That's perfectly normal and expected.
-
This is unreal. How does a regular old text box type what I'm saying in reverse fucking order? JFC I hate Canvas so goddamn much.
Of course, the side note that that nice long comment was previously typed into the Canvas app, where everything after 'Its content was not relevant' had gotten sliced off, for raisins. So it looked like I was responding to:
You could use a more descriptive name for your variable than just "picture" (like bird, crow,...). No points deducted this time.
Looks good otherwise.with:
Its content was not relevant
I can't decide whether the app or the website is less functional.
-
Well, McDonald's updated their app to no longer include info about their food. Instead, that menu item now opens a WebView of the relevant page, which promptly displays a banner to download their app.
Also, nice iOS styling on that banner. Because I guess making two versions of it was effort...
-
@atazhaia Oh, right. I remembered another thing about that app.
Awesome, my McCafé coupon is valid until 2018-09-07! Now, let's take a look at what I can choose...
Oh. The actual choices are only valid until 2018-07-01. Um...
-
Sure, let me just defi... oops.
-
@maciejasjmj said in WTF Bites:
Sure, let me just defi... oops.
I just clicked your screenshot in an attempt to see the error's details.
-
@pie_flavor said in WTF Bites:
How does a regular old text box type what I'm saying in reverse fucking order?
Maybe some weird combination of unicode LTR and RTL marks ended up in the box?
-
-
Magento wart of the day:
Let's support bothprintf
-style%s
format specifiers and dynamic%token%
markers, and use%
for both!
...
Psh, ifvsprintf
complains, just use the previous version of the string. Damn I'm good.// Translation code: $result = @vsprintf($translated, $args); // ¹ if ($result === false) { $result = $translated; } // actual translatable strings: ² "<strong>%s</strong> requests access to your account" "%name% '%value%' is too short. It must has length %min% symbols." "After authorization application will have access to you account."
¹For those lucky enough not to know PHP,
@
is the "stfu" operator. Conceptually similar to unix's infamous2> /dev/null
, it bypasses normal warning/error handlers for that expression. However, it doesn't stop custom error handlers from catching the error. If you later check "what was the last error that was raised?", you can still see this silenced error.²Does the abuse of the English language count as a bonus WTF?
-
@timebandit said in WTF Bites:
the other had a half-naked nun
That must be it
And yet, the tumblr app shows a shit ton of porn, while I can point Safari at pornhub at will.
The article you posted provided a likely explanation:
It’s not clear when Telegram will return to the App Store, or what inappropriate content was found on the messaging service. TechCrunch reports that Apple’s iOS guidelines make it clear there must be filters for objectionable material, mechanisms to report it, and the ability to block users from the service. It’s possible that some content was making it through any filters in place.
-
I dun fixed Asterisk!
❯ git diff diff --git a/main/manager.c b/main/manager.c index 71d7432a0f..497e7e5f38 100644 --- a/main/manager.c +++ b/main/manager.c @@ -7657,7 +7657,7 @@ static void process_output(struct mansession *s, struct ast_str **out, struct as fd = ast_iostream_get_fd(s->stream); - l = lseek(fd, SEEK_CUR, 0); + l = lseek(fd, 0, SEEK_CUR); if (l > 0) { if (MAP_FAILED == (buf = mmap(NULL, l, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0))) { ast_log(LOG_WARNING, "mmap failed. Manager output was not processed\n");
The bug itself is less of a WTF, wrong argument order, shit happens.
TRWTF is that no one ran into it since June 2016 when it was committed. Seriously, am I the only one using some of this shit?
To clarify, this broke long outputs when using HTTP interface for Asterisk Manager Interface, I just simply didn't have Asterisk 15 installed for some of the bigger clients until now because migrations from an older version is always a bit of a larger undertaking, since I have to deal with migrating some customizations almost all of them have in the rest of the system.
-
The bug itself is less of a WTF, wrong argument order, shit happens.
If the code had read one byte from the file first, you'd have never spotted it! (
SEEK_CUR
is virtually always defined to be1
;0
isSEEK_SET
.)
-
The bug itself is less of a WTF, wrong argument order, shit happens.
If the code had read one byte from the file first, you'd have never spotted it! (
SEEK_CUR
is virtually always defined to be1
;0
isSEEK_SET
.)Yup, figured that much while reading the docs.
I'm also not sure why they use
SEEK_CUR
instead ofSEEK_END
, but since I don't feel like looking into wizardry in the background (pretty much all data structures and primitives are wrapped in stuff likeast_string
, making it a pain to trace what actually happens), I left it alone...Also, this somehow only broke on large enough output, in my case it was if it was > ~4100 bytes, so fuck knows
-
@onyx It looks like a test to see if the underlying OS object is seekable. The corrected version is a no-move seek, used to get the current pointer.
-
@dkf Not quite
l = lseek(fd, 0, SEEK_CUR); if (l > 0) { if (MAP_FAILED == (buf = mmap(NULL, l, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0))) { ast_log(LOG_WARNING, "mmap failed. Manager output was not processed\n"); } else { if (format == FORMAT_XML || format == FORMAT_HTML) { xml_translate(out, buf, params, format); } else { ast_str_append(out, 0, "%s", buf); } munmap(buf, l); } } else if (format == FORMAT_XML || format == FORMAT_HTML) { xml_translate(out, "", params, format); }
mmap
should accept a size as the second argument, no? So I'm assuming they are counting on the pointer already being at the end of the stream, which I guess makes sense in the context they are using it in (they are generating all the output in one place, then outputting it to either telnet, or over HTTP). It's still sketchy though, but again, I dare not mess with it in case it's because they are outputting it in chunks or whatever.
-
It's still sketchy though
It's what
ftell()
does under the covers. That's a different stdio call tofseek()
, but the same underlying system call.
-
It's still sketchy though
It's what
ftell()
does under the covers. That's a different stdio call tofseek()
, but the same underlying system call.Fair enough. In any case, reported, works locally now, I'll just go and drink until I forget some of the things I've seen in there while looking for the cause...
-
@onyx What most people call hell, he calls home.
-
Also, this somehow only broke on large enough output, in my case it was if it was > ~4100 bytes, so fuck knows
The code listed will request to map the first byte of the file. But mapping happens on a page level, so the actual size mapped will be rounded up to an entire page, or 4096 bytes.
I'm also surprised no length is being passed to xml_translate. Likely it is assuming the generated mapping is null-terminated, which is wrong.
-
But mapping happens on a page level, so the actual size mapped will be rounded up to an entire page, or 4096 bytes.
Ah, makes sense, I was trying to figure out what that number was, but I kept thinking about the actual size it should have been (some 4400ish bytes) and trying to figure out how it relates to the missing part. I checked my logs, the output I was getting was 4102 bytes, but I remember there was garbage at the very end, I don't have the contents logged, but I'd bet it was 6 or 5 bytes followed by
\0
, it would check out.Likely it is assuming the generated mapping is null-terminated, which is wrong.
I think that's exactly it, pretty sure I saw a comment mentioning it somewhere while poking around, and they do ensure it's null-terminated. Allegedly. I don't want to go and check how well that works, I still have some sanity left, and I'm holding onto that for special occasions.
-
-
I don't want to go and check how well that works
My bets are it doesn't in the general case. Pad the file out to a multiple of 4096 bytes and watch the fireworks.
Note if an attacker can control the contents of the files loaded these are security vulnerabilities.
Regarding use of
SEEK_END
: when mapping files from a file descriptor I'd recommend usingfstat()
to obtain the file size, but that may be a matter of taste.
-
@pleegwat Derp, it's right above:
/* Ensure buffer is NULL-terminated */ ast_iostream_write(s->stream, "", 1);
ssize_t ast_iostream_write(struct ast_iostream *stream, const void *buf, size_t size) { /* snip setup and SSL stuff */ written = 0; remaining = size; for (;;) { res = write(stream->fd, buf + written, remaining); if (res == remaining) { /* Yay everything was written. */ return size; } if (0 < res) { /* Successfully wrote part of the buffer. Try to write the rest. */ written += res; remaining -= res; continue; } if (errno != EINTR && errno != EAGAIN) { /* Not a retryable error. */ ast_debug(1, "TCP socket error writing: %s\n", strerror(errno)); if (written) { return written; } return -1; } ms = ast_remaining_ms(start, stream->timeout); if (!ms) { /* Report partial write. */ ast_debug(1, "TCP timeout writing data\n"); return written; } ast_wait_for_output(stream->fd, ms); } }
Ugh. Guess it shouldn't explode though. Hopefully.
-
@onyx That's horrible.
-
@pleegwat I did say I don't want to look at this thing any longer than absolutely necessary, didn't I?
-
-
Note if an attacker can control the contents of the files loaded these are security vulnerabilities.
I pity the attacker. They'll be using Asterisk too…
-
-
@hardwaregeek said in WTF Bites:
@scarlet_manuka said in WTF Bites:
I can almost see it making a kind of sense
this is a proven concept and if it exists here in I'm sure it does exist in other places. You rent a desk and all surrounding facilities like network, conference rooms, front desk, break room, ...
Yes, it does exist. The main problem with the specific implementation is the name, Outhouse. I will explain for the benefit of those of you from other countries/cultures/languages: An outhouse is an outdoor pit latrine, typically enclosed by a crude wooden shed. It is where one does one's "business," not business.
this is a proven concept and if it exists here in I'm sure it does exist in other places. You rent a desk and all surrounding facilities like network, conference rooms, front desk, break room, ...
AKA, renting a full office suite.