Made to Order Software Corporation Logo


Metaprogramming in C++ to create functions that depend on their input parameters

I've been using metaprogramming for a while now. An interesting aspect to the ability to define an invalid (unavailable) type, allows you to declare functions that do not get selected by the C++ template system.

The following is a simple example where you want to test a version where the major, minor and patch version numbers are defined as an undefined type T which could be a signed or an unsigned type while compiling. If unsigned, the return value < 0; statement will generate a warning and for safer programming, you should not allow any warnings (we use the -Werror command line ...

What is a Golden File in software development?

Golden Files to run your test with large input and output dataWhile programming, one of the best thing to do to make sure that your software works as expected is to write tests.

Actually, if you write enough tests to make sure that the code works as expected, it should take you between two and three more time to finish up your project. So if it takes you one day to write a function, it will take you another two days to write good tests for that one function.

Many of those tests, especially as you construct more and more complex software, require large amount of input and output data. It's easy enough to test a function such as strlen(). It has one ...

Docker, an advanced chroot utility

Chasm—just like a Docker creates a chasm between two sets of software


Before installing Docker and containers with services on your Linux system, make sure to read and understand the risks as mentioned on this Docker and iptables page. Especially, Docker will make all your containers visible to the entire world through your Internet connection. This is great if you want to indeed share that service with the rest of the world, it's very dangerous if you are working on that container service since it could have security issues that need patching and such. Docker documents a way to prevent that behavior by adding the following rule to your firewall:

iptables -I DOCKER-USER -i eth0 ! -s -j DROP

This means that unless the IP address matches, the access is refused. The `eth0` interface name should be replaced with the interface name you use as the external ethernet connection. During development, you should always have such a rule.

That has not worked at all for me because my local network includes many other computers on my LAN and this rule blocks them all. So really not a useful idea.

Instead, I created my own entries based on some other characteristics. That includes the following lines in my firewall file:

:DOCKER-USER - [0:0]

-A DOCKER-USER -j early_forward
-A DOCKER-USER -i eno1 -p tcp -m conntrack --ctorigdstport 80 --ctdir ORIGINAL -j DROP
-A DOCKER-USER -i eno1 -p tcp -m conntrack --ctorigdstport 8080 --ctdir ORIGINAL -j DROP
-A DOCKER-USER -i eno1 -p tcp -m conntrack --ctorigdstport 8081 --ctdir ORIGINAL -j DROP

My early_forward allows my LAN to continue to work. These are my firewall rules that allow my LAN computers to have their traffic forwarded as expected.

Then I have three rules that block port 80, 8080, and 8081 from Docker.

Docker will add new rules that will appear after (albeit not within the DOCKER-USER list) and will open ports for whatever necessary service you install in your Dockers.

Note that the only ports you have to block are ports that Docker will share and that you have otherwise open on your main server. If Docker opens port 5000 and your firewall does not allow connections to port 5000 from the outside, then you're already safe. On my end I have Apache running so as a result I block quite usual HTTP ports from Docker.


As we are helping various customers, we encounter new technologies.

In the old days, we used chroot to create a separate environment where you could have your own installation and prevent the software from within that environment access to everything on your computer. This is particularly useful for publicly facing services liek Apache, Bind, etc.

Help with version 0.1.7 of Zipios (CVE-2019-13453)

Here is yet another example of why opensource is a really good way of getting things fixed.

Assuming you have a project that is getting used by many, you are likely to see people post issues about bugs and possible enhancements. Your software is even very likely to get improved on its own by enthousiast users. On Github, for example, it is very easy to fork a project (make a copy) and then work on your version of the software. You can then offer a fix to the main authors of the project with a near one to one copy of the project.

In our case, a security professional, Mike Salvatore, was asked ...

Table of Contents Settings

Filter Configuration

At this point, most of the Table of Contents configuration is done in the Table of Contents filter.

This means multiple Input formats allow you to make use of several different configurations.

To Do List (The module —)

To Do List is a Drupal module allowing users to create lists of things to do. A small project management system if you wish.

The latest version includes many features including a block, views support and basic actions support.

The permission model makes the To Do Items hidden but to the few who are given the right to see the To Do List. This is quite useful to work with Organic Groups and other similar advanced Drupal features.

The following pages explain how to use this module to its full extend. With the use of some other modules, it is possible to build a quite robust project system. ...

Projects Similar to Insert Node

Link Node

There is a Link Node project that can be used to generate a link to a node using the node title or another user specified title.

This is similar to using the following with Insert Node:

   [node:<name> title=<my link>;]

Insert View

If you want to include a view, use the insert_view module instead.

Insert Block

If you want to include blocks in your nodes (or other blocks, scary, hey?!), use the insert_block module instead.


If you know or have a similar project, please, feel free to post a comment below and I will add it to the list.

Thank ...

The SSWF Project

The SWF Reference by Alexis is part of the free SSWF project.

This documentation is intended for people who want to program a Flash player, editor, or some similar tool handling Flash data.

The project comes with a complete C++ library that is designed to greatly simplify the generation and loading of Flash files.

SWF Action 3 (swf_action3)

SWF Structure Info
Tag Flash Version: 
SWF Structure: 

Not documented here yet.

Since Flash version 9, actions can be saved in a new format named abcFormat by the Tamarin project from the Mozilla organization.

The code itself (action script) is the same, but the structure of an swf_action3 holds object oriented information about classes, methods and such in a really clean way (really! in comparison to the old way, that's dead clean!).

At this time, the swf_action3 structure is documented in the abcFormat.html file.

I will duplicate and test the structures at a later time.


Tag Info
Tag Number: 
Tag Type: 
Tag Flash Version: 
Brief Description: 

Declare a sound effect. This tag defines sound samples that can later be played back using either a StartSound or a DefineButtonSound. Note that the same DefineSound block can actually include multiple sound files and only part of the entire sound can be played back as required.

Tag Structure: 
struct swf_definesound {
	swf_tag			f_tag;		/* 14 */
	unsigned short		f_sound_id;
	unsigned		f_sound_format : 4;
	unsigned		f_sound_rate : 2;
	unsigned		f_sound_is_16bits : 1;
	unsigned		f_sound_is_stereo : 1;
	unsigned long		f_sound_samples_count;
	unsigned char		f_sound_data[<variable size>];

A DefineSound tag declares a set of samples of a sound effect or a music.

The sound samples can be compressed or not, stereo or not and 8 or 16 bits. The different modes are not all available in version 2, although the same tag is used in newer versions with additional capabilities.

The f_sound_is_16bits is always set to 1 (16bits samples) if the samples are compressed (neither Rawnor Uncompressed).

The f_sound_rate represents the rate at which the samples are defined. The rate at which it will be played on the target computers may differ. The following equation can be used to determine the ...