Made to Order Software Corporation Logo

break

Help with version 0.1.7 of Zipios (CVE-2019-13453)

Here is yet another example of why opensource is a really good way of getting things fixed.

Assuming you have a project that is getting used by many, you are likely to see people post issues about bugs and possible enhancements. Your software is even very likely to get improved on its own by enthousiast users. On Github, for example, it is very easy to fork a project (make a copy) and then work on your version of the software. You can then offer a fix to the main authors of the project with a near one to one copy of the project.

In our case, a security professional, Mike Salvatore, was asked ...

PHP eFax requires "ssl://" on RedHat EL7 and Ubuntu

We found out today that RedHat LE7 requires the use of the "ssl://" protocol instead of the default "tls://". The error we are getting from PHP looks like this:

PHP Warning:  stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version in .../lib/http_request.php on line 294
PHP Warning:  stream_socket_client(): Failed to enable crypto in .../lib/http_request.php on line 294
PHP Warning:  stream_socket_client(): unable to connect to tls://secure.efaxdeveloper.com:443 ...

SimpleMenu Known Issues

SimpleMenu Disappears

There following are a few of the main reasons why SimpleMenu disappears.

Pop-up Windows

By default, SimpleMenu wants to hide itself in pop-up windows. This is a feature.

The reason is that many websites will open pop-up windows for all kinds of extra-features such as uploading an image or printing some description of an image or the definition of a word or product.

These windows should not include the SimpleMenu bar.

There is a dedicated page giving several different ways to fix this problem on your website.

Menu Overflow

Long menu going out of screen vertically and horizontally.Very long menus will disappear on the

Insert Node Known Issues

The following are problems that have not been resolved and will probably not be.

Tag not transformed

At times, you enter the tag as in [node:123 cck=title] and it is not converted by the filter.

There are 3 common reasons for this to append:

  1. You did not select the filter in your Input formats;
  2. You did not select the format that uses the filter in that node; or
  3. There is a syntax error in the tag.

The 3rd one is certainly the most likely explanation once you made sure that the filter was effectively selected for that node. In many cases, it will be the missing ...

Set Local Variable

SWF Action
Action Category: 
Variables
Action Details: 
0
Action Identifier: 
60
Action Structure: 
<n.a.>
Action Length: 
0 byte(s)
Action Stack: 
pop 1 (a), pop 1 (s)
Action Operation: 
a1 := pop();
s2 := pop();
*s2 := a1;
Action Flash Version: 
5

Pop a value and a local variable name. Create or set a local variable of that name with the (initial) value as specified. The same local variable can safely be set in this way multiple times. To only declare a local variable (i.e. no default value to initialize the variable,) use the Declare Local Variable instead.

DefineEditText

Tag Info
Tag Number: 
37
Tag Type: 
Define
Tag Flash Version: 
4
Brief Description: 

An edit text enables the end users to enter text in a Flash window.

Tag Structure: 
struct swf_defineedittext {
	swf_tag			f_tag;		/* 37 */
	unsigned short		f_edit_id;
	swf_rect		f_rect;
	unsigned		f_edit_has_text : 1;
	unsigned		f_edit_word_wrap : 1;
	unsigned		f_edit_multiline : 1;
	unsigned		f_edit_password : 1;
	unsigned		f_edit_readonly : 1;
	unsigned		f_edit_has_color : 1;
	unsigned		f_edit_has_max_length : 1;
	unsigned		f_edit_has_font : 1;
	if(version >= 6) {
		unsigned		f_edit_reserved : 1;
		unsigned		f_edit_auto_size : 1;
	}
	else {
		unsigned		f_edit_reserved : 2;
	}
	unsigned		f_edit_has_layout : 1;
	unsigned		f_edit_no_select : 1;
	unsigned		f_edit_border : 1;
	unsigned		f_edit_reserved : 1;
	unsigned		f_edit_html : 1;
	unsigned		f_edit_use_outlines : 1;
	if(f_edit_has_font) {
		unsigned short		f_edit_font_id_ref;
		unsigned short		f_edit_font_height;
	}
	if(f_edit_has_color) {
		swf_rgba		f_edit_color;
	}
	if(f_edit_has_max_length) {
		unsigned short		f_edit_max_length;
	}
	if(f_edit_has_layout) {
		unsigned char		f_edit_align;
		unsigned short		f_edit_left_margin;
		unsigned short		f_edit_right_margin;
		signed short		f_edit_indent;
		signed short		f_edit_leading;
	}
	string			f_edit_variable_name;
	if(f_edit_has_text) {
		string			f_edit_initial_text;
	}
};

Additional interactivity has been added in V4.0 of the SWF format. This is given by the use of edit boxes offering the end users a way to enter text as if the SWF movie was in fact an interactive form.

The text is defined in a variable (accessible in action scripts). It can be dynamically assigned and retrieved. It is legal to have an empty string as the variable name (not dynamically accessible).

DefineBitsLossless

Tag Info
Tag Number: 
20
Tag Type: 
Define
Tag Flash Version: 
2
Brief Description: 

A bitmap compressed using ZLIB (similar to the PNG format).

Tag Structure: 
struct swf_definebitslossless {
	swf_long_tag		f_tag;		/* 20 or 36 */
	unsigned short		f_image_id;
	unsigned char		f_format;	/* 3, 4 or 5 */
	unsigned short		f_width;
	unsigned short		f_height;
	if(f_format == 3) {
		unsigned char	f_colormap_count;
		if(f_tag == DefineBitsLossless) {
			swf_rgb		f_colormap[f_colormap_count];
		}
		else {
			swf_rgba	f_colormap[f_colormap_count];
		}
		unsigned char	f_indices[((f_width + 3) & -4) * f_height];
	}
	else {
		if(f_tag == DefineBitsLossless) {
			swf_xrgb	f_bitmap[f_width * f_height];
		}
		else {
			swf_argb	f_bitmap[f_width * f_height];
		}
	}
};

These tags declares a loss-less image bitmap. It has a small header followed by an optional colormap and the bitmap data. When we have a colormap, the bitmap data is an array of indices in the colormap aligned to 4 bytes on a per row basis.

There are three supported formats:

...
Format
No.
(bits)
Color Format Comments
Without
Alpha
With
Alpha
3
(8 bits(1))
RGB

PostgreSQL and Drupal conflict

We have been running Drupal for some time now and we have noticed that it generates a very large amount of warnings in our log files.

The warning is in link with improperly formatted strings. PostgreSQL tries to follow the SQL specification to the letter and that means you cannot use the backslash character to escape special character sequences (such as \n for a newline character.)

I knew that in most cases the error was generated because of the function saving a full page or some other content in the cache. In that case, the system includes the characters: \012 and \015 (\n and \r.) That ...

Space going green!

Today, the only way to go in Space is to use rockets or fast planes (although the latter does not get you as far as needed to reach even the IST.) Either one of those uses a tremendous amount of quite poluting carburant.

In the future, however, we definitively need to find a way to build an elevator. The building of such a structure has not started though. At this time there are two main reasons why: (1) we think we do not have the technology, and (2) what we have thought about can break with the consequences of getting the debris all over Earth and that could be quite dangerous.

Now there ...

Your cell phone is hackable...

This is a quite interesting article which I thought I should share and keep a copy of!

Most of us, even if we can determine whether a piece of software (or hardware!) can be hacked, we just do not have the time to spend on testing each device we use to ensure that no hackers will be able to get it. We rely on the manufacturer to do that work for us.

This article shows that even though all manufacturers have protections, all are vulnerable! And that means your data is vulnerable on your cell phones... Hope this does not scare you too much!

Note by the way that those people who have plenty of ...