exploit – Metasploit – for’ loop initial declarations are only allowed in C99

I am addressing a C compile error with a Metasploit exploit called: “linux/local/sudo_baron_samedit”. In particular, I have defined all necessary parameters as shown below:

Module options (exploit/linux/local/sudo_baron_samedit):

   Name         Current Setting  Required  Description
   ----         ---------------  --------  -----------
   SESSION      1                yes       The session to run this module on.
   WritableDir  /tmp             yes       A directory where you can write files.


Payload options (linux/x64/meterpreter/reverse_tcp):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   LHOST  XXXX             yes       The listen address (an interface may be specified)
   LPORT  4444             yes       The listen port


Exploit target:

   Id  Name
   --  ----
   4   Debian 10 x64 (sudo v1.8.27, libc v2.28)

Please note that LHOST is not given for privacy reasons. However, it has been defined properly. Unfortunately, I am getting the following error:

(*) Executing automatic check (disable AutoCheck to override)
(+) The target appears to be vulnerable. sudo 1.8.23 is a vulnerable build.
(-) /tmp/1ghC2.c: In function ‘exploit’:
/tmp/1ghC2.c:80:5: error: ‘for’ loop initial declarations are only allowed in C99 mode
     for(int i = 0; i < target->null_stomp_len; i++) {
     ^
/tmp/1ghC2.c:80:5: note: use option -std=c99 or -std=gnu99 to compile your code
(-) Exploit aborted due to failure: bad-config: /tmp/1ghC2.c failed to compile.
(*) Exploit completed, but no session was created.

Any idea, please? Thanks in advance.

programming practices – Padding variable declarations with inline comments for better readability

I declared some variables, at the beggining of a java method, like this:

final Set<Scheduled>/*****/ roots/***********/ = new HashSet();
final Set<Scheduled>/*****/ alreadySeen/*****/ = new HashSet();
final Queue<Scheduled>/***/ junctionQueue/***/ = new LinkedList(junctions);

Now I’m struggling to find a good reason not to do this! Since improved readability.
Should one do this? to help fellow coders to understand the code easier.

Some IDEs would remove consecutive blank spaces, so isn’t an option.

There is no SE for coding style questions. Yet, whatever gets upvoted, will show some consensus.

opengl – GLSL link fails with C9999 (too many buffer declarations?)

I’m receiving a C9999 (*** exception during compilation ***) linker error for an OpenGl 4.6 compute shader. It seems to be related to the number of SSBOs I have declared (14 separate declarations), but it really doesn’t seem like it should be a problem, given that my GTX 1070 has 96 buffer binding locations.

None of the names are reserved keywords, and I’m not using double underscores. This has happened to me before, but I’ve worked around it by managing to split my code into separate shaders with fewer buffer declarations.

I’m finally asking about it because, for performance reasons, I’d really rather not split this up.

enter image description here

This is all the information the driver gives me in this case.

Update:

While I have received that error for buffers in the past, now I’ve narrowed this down to the following:


buffer _elementmap   { uint elementmap(); };

void element_insert(vec4 element)
{
    uint hash = get_hash(element);
    uint spot = 2 + (hash % (elementmap.length() - 2));
                                        ~~^

    uint pos = atomicAdd(elementmap(0), 1);

    (...)
}

Calling length() on that buffer produces the error for me. Seems like a driver bug. If I pass the length in as a separate buffer or a uniform, it works fine.

Additionally, I have a separate much simpler compute shader that doesn’t include this particular function that uses .length() on that same declaration that does work.

Is this the return type covariance issue PHP faced when type declarations launched, violation of Liskov principle, or flaw in my pattern?

I’ve been using a somewhat odd yet effective pattern for a current use case. The one issue is that I’m getting an undefined method notice on a method that is unique to the subclass. The method of course works fine but the notice leads me to believe that either my architecture is shotty or something else is going on.

I don’t believe this violates Liskov Principle as the subclass satisfies all contracts with identical signatures, put simply, it could replace any other subclass and work reliably.

Is this an instance of the variance issue PHP has stated when releasing type declarations, a violation of Liskov principle, or do I need to clean up my architecture?

Quick code example and brief explanation.

interface Quiz
{
    public function generate() : void;
}

class LessonQuiz implements Quiz
{
    public function generate() : void
    {
        //stuff here
    }

    public function lessonId() : int 
    {
        //stuff here
    }
}

class QuizClient //Determines/returns instantiated quiz subclass & other permission stuff.
{
    public static function create(string $case) : Quiz
    {
        switch($case){
            case('lesson'): return new LessonQuiz;
            //more logic     
        }
    }
}

/** In another class that builds a lesson template.
* ... 
*/
$quiz = QuizClient::create('lesson');
$lessonId = $quiz->lessonId(); //undefined method.

I have a client that determines and returns a subclass object of an interface. The return type is set to the interface as I need to have some instance of that interface returned.

All subclasses satisfy the interface contracts with identical signatures. However, the subclass specific method is undefined. I don’t understand why this is incorrect. Class ‘LessonQuiz’ is an instance of ‘QuizFactory’ but also ‘LessonQuiz’.

This does work but the fact that it reports method undefined makes me suspicious about my architecture.

Would really appreciate any help.

C ++ namespaces and class forward declarations

I am working on a modification of ORBSlam 2 and have big problems with how they deal with namespaces. This is the repo: https://github.com/raulmur/ORB_SLAM2.

Each file is (reasonably) included in the ORB_SLAM2 namespace. Then in each header they declare (almost) all the classes they use forward. This is not recommended by most style guides (especially Google), but it definitely works. However, after making some changes that had nothing to do with each other, the compilation was stopped in a strange way.

In some contexts, they do the following in include / tracking.h:

#include"Viewer.h"
#include"FrameDrawer.h"
#include"Map.h"
#include"LocalMapping.h"
#include"LoopClosing.h"
#include"Frame.h"
#include "ORBVocabulary.h"
#include"KeyFrameDatabase.h"
#include"ORBextractor.h"
#include "Initializer.h"
#include "MapDrawer.h"
#include "System.h"

#include 

namespace ORB_SLAM2
{

class Viewer;
class FrameDrawer;
class Map;
class LocalMapping;
class LoopClosing;
class System;

class Tracking
{  ... } 

I'm lost here. Note that they are Not Make a forward declaration of frame, which is included like all other classes. To avoid having the entire repo copied, I casually assure you that there are no structural differences between the declaration of Frame and all other classes.

The reason why they don't make a forward declaration is because they have multiple frame type data elements. If you would declare these forward, you would of course need to create pointers or references. While this is all over In the rest of the code, for some reason, I'm trying to understand that they didn't do it here.

Example: Lines 205-206 of Tracking.h:

    KeyFrame* mpLastKeyFrame;
    Frame mLastFrame;

None of these types (Frame, KeyFrame) is declared forward. But that compiles pretty well.

I mainly try to understand why these decisions were made and how compilation works with namespaces and forward-declared classes.

So my questions are:

1) Why should some classes have to be declared forward and others not?

2) How is that compiled at all? If I delete some of the forward declarations, I am told that the variables of this type are now of the unknown type. So why can we get away from not declaring all classes forward? For example, I can get away with deleting it all the forward declarations from Tracking.h, and it builds up well. However, if I delete the forward declaration of LocalMapping in LoopClosing.h, I am informed that LocalMapping has not been declared (error occurs in line 57 of LoopClosing.h). Why is this a problem here, but not with tracking? It is worth noting that Tracking.h contains KeyFrameDatabase.h, which contains a forward declaration of frame. Do these things carry through?

3) OK, that's a stretch. I don't want people to scour my code to debug this, so this is really a question of "what kind of things might cause this question". I made some changes to tracking and related files. Now I am told that frame is incomplete where Frame mCurrentFrame is declared in line 205 of Tracking.h. There is no forward explanation of what I understand as the cause of this problem. Is there anything other than a forward declaration that can cause this error? As mentioned earlier, Tracking.h contains a file with a forward declaration of frame, but I made absolutely no changes to how files are contained, how forward declarations are made, etc. So I'm really confused about this error. and hope that understanding the answers to (1) and (2) will help me debug this.

Thank you very much,

Seth

php – Is there a rule for "type declarations in class properties"?

PHP 7.4 now supports type declarations in class properties.

In a normal routine I would use:

/* @var array */
protected $names;

Now in PHP 7.4 I can:

protected array $names;

But if I declare it that way, I can't initialize it as nullI would have to do:

protected ?array $names = null;

Is it wrong to do that?

Can I declare the type in all properties in a class with many properties?

I'm going to bring you $ 2000 traffic to your website for $ 20

I will bring 2000 Usa traffic to your website

I can promote your website to real US visitors for only $ 20/2000 unique visitors.
Generate sales and leads today.
I will deliver traffic in 5 days for best results.
Contact me before you order and all the information on your website.
3 days money back guaranteed.
I will send you tracking link.

Programming Languages ​​- What are the benefits of function declarations when the type of parameter is specified after the parameter name?

What are the advantages and disadvantages of specifying the parameter type after the parameter name for typed languages?

For languages ​​such as C and Java, the type comes first:

void myfunc (TypeA param1, TypeB param2);

For other languages ​​like Scala, Rust etc. the type is after the parameter name:

fn myfunc (param1: typeA, param2: typeB) {}

What are the benefits of this approach? I could see in languages ​​where the specification of a type is optional (or can be derived) and can be omitted, but at least for Rust, types must be specified in the parameter list of a function.