because kung fu death grips are usually nsCOMPtrs, so they automatically release the reference when it goes out of scope (it's similar to _com_ptr_t for MS COM).
A function might have any number of points where it exits(especially there's lots of "if that function call just failed, return with the same code to tell somebody else about it" fake throw type thing hidden as NS_ENSURE_SUCCESS() calls). By using a smart pointer class, it goes out of scope and does the release for you when the function ends.
And they're not functions, they're variables. Not sure about the bizzare name part though, since that confuses me too:p
Usually kung fu death grips hold on to a given reference-counted object so that it will never reach zero references.
That is, most things in Mozilla are XPCOM-based; it's similiar to Microsoft's COM if you've used that. Things get reference counted (i.e. they keep track of how many pointers are pointing at them, with the help of the people acquiring and releasing references). Once something reaches zero references, it's considered no longer needed and get released (memory deallocated, etc.). In some cases you want to make sure things stay alive for a certain period - such as making sure event listeners don't kill themselves before you finish processing them - so you give them an extra reference via the kung fu death grips. Once the grip goes out of scope, the reference is released; if at that point it gets a reference count of zero the object kills itself.... Err, as far as I know anyway:)
Ah, it's probably MSI (Microsoft installer) based, and you've tried to launch setup first as normal before trying runas? msiexec.exe (the MS Installer service) doesn't like to quit, so if you run as a normal user first it'd stick around with the normal user privileges. I'm guessing the InstallShield setup is a stub that runs the MSI (probably with some parameters or something, since they tend to not like starting the MSI directly).
At least, I'm hoping your setup isn't using a 16-bit stub nowadays..:p
Strange, I run cmd.exe as admin to load sysinternal's regmon, which doesn't work in my normal account (because it won't be able to load the registry monitoring driver thingimabob in that case)... Same with the Add/Remove Programs thing in Control Panel (which I get to by running iexplore as admin then locating it there).
Just tried it, and both process explorer and task manager reported the child processes as belonging to administrator...
Don't worry, that only works on Windows anyway (and only if your Firefox was compiled with MSVC - as mozilla.org binaries are - due to issues with C++).
Err, not exactly - content (i.e. unprivileged non-chrome) doesn't get to even touch Components.classes. It replies with this in the JS console: Error: uncaught exception: Permission denied to get property UnnamedClass.classes
To test, copy this into your address bar: javascript:alert(Components.classes[ "@mozilla.org/network/socket-transport-service;1"] ) Then try the same again in JS console, without the javascript: prefix. (The JS console is trusted, because web pages can't evaluate in its context. Presumably:p)
Re:Not a feature at all ... It's even more weird
on
Gmail Mis.delivered?
·
· Score: 1
Yeah, back when I signed up (some time during the invite period), IIRC, there was something about the dots not mattering.
Strangely though I just got a mail addressed to oobarf@gmail even though my account is foobar@gmail - basically, one letter was moved from one end to the other. And yes, I checked the message headers and everything; the To: address is wrong, and there are no BCC fields (which I assume would show up if it's BCCing me), and it's a text/plain only message that isn't advertising anything, so I don't think it's spam...
Of course, whois says the sender IP was from Shanghai Telecom and the from address ends in.no, so it's probably just clever but pointless spam:p
That brings up an interesting question - do people check the stats? Or do they fudge them, the way ancient cartographers added places to identify their work?
Are you sure you're talking about Mozilla? I usually find their release goals to be... well, rarely met, and if met usually it's because it was a short-term goal anyway.
Personally, I wouldn't trust their scheduling... the product is great, being able to peek at the progress (and occasionally help) is fun, but it's more of a "when it comes out" thing. Refer back to Netscape's estimates of when 5 was going to be released, for example;)
May I ask why the heck a Windows Media Audio related lawsuit would have anything to do with Windows Meta Files?
WMA/WMV are, AFAIK, stuff the decended from the ASFs. Which have very little to do with vector graphics... and WMFs are so old that there probably is nothing left to sue.
Sorta like suing the X11 people over something in X-Box because of the X.
Re:I trust the patch, the source is included
on
Trustworthy Computing
·
· Score: 2, Informative
How?
The patch came as an EXE (InnoSetup), and to get at the source you need to install it... At which point an executable has already been run, *and* a DLL has been dropped to %systemroot%\system32 and schedule to load for any subsequent apps that load user32.dll (according to the description anyway).
I've managed to read the source after installing it... but if it was bad, I'd've already been hosed by that point.
This "patch" is more of a loader. It hooks every program loaded, and redirects the vulnerable function to its own implementation, which disables the buggy functionality and passes everything else back to the original buggy implementation. Sort of like overzealous sanity checking.
It does not modify the original code (gdi32.dll) on disk. After Microsoft's patch, it will still try to load, and either 1) the function will change and workaround will realize this and fail to load (since it checks the 5 initial bytes of the vulnerable function to see which version it's patching), or 2) it will load, still neuter the previously-vulnerable path, and continue as normal.
The source code is included; read it. (Unfortunately, the source code was not a separate download, and therefore we can't read it before installing:( )
You do realize that the installer at hexblog dumps the source to the "install dir"? (The actual useful DLL goes into system32 instead...)
It would have been nice to have the option to get just the sources w/o the installer though:( It was a single file, would have been pretty easy to read it and make sure it doesn't look like it does anything malicious, *then* compile it...
On the other hand... Does this mean we now have a giant entity with most of the patents?
Imagine a small business on the wrong end of this. You have a patent that's actually genuinely useful? Well, here's five thousand trivial things that should give you a nice death by paper cut. Oh, and we'd like to take that patent off you as compensation....
Isn't that a video card driver vulnerability? (IIRC, that also worked on Mozilla-based browsers... and if it's the one I was thinking about, caused a BSoD)
Firefox will respawn itself and die (effectively doing the detach you mentioned) if
there is no old copy of Firefox around to attach to; and
it needs to install / uninstall / update extensions; or
your XPCOM registry thing (compreg.dat/xpti.dat) is busted; or
you started with the profile manager.
I probably missed some situations.
Basically, it loads half way, figure out that it loaded stuff it shouldn't have (or didn't load stuff it should have), and restarts itself. Completely normal for the stuff mentioned above. This will not occur if you already have an existing Firefox window (since the new instance actually just tells the old one to open a new window, then quietly commits suicide).
As to GP's complaint about the negative download count - that actually exists in any version 1.0.x and older. Using a 32-bit number to keep track of file sizes didn't work so well with > 2GB files:) (There was also something about how the order of operations got it to overflow first - that was also fixed post-1.0.x, I think)
See the last-modified date... I guess it's more of a one pixel per second on average, but really a bunch per lots of minutes or something. Probably once per 10 minutes.
Google for "IETabs". (The result you want should be pointing to the MozillaZine forums.) It sort of implements parts of what Netscape 8 had, but for Firefox.
That basically implements a IE plugin with GUI hooks to open it in a new tab. The difference being 1) this is open source; 2) you would end up using Gecko most of the time, which is probably better security-wise.
Slashdot Mirror
because kung fu death grips are usually nsCOMPtrs, so they automatically release the reference when it goes out of scope (it's similar to _com_ptr_t for MS COM).
:p
A function might have any number of points where it exits(especially there's lots of "if that function call just failed, return with the same code to tell somebody else about it" fake throw type thing hidden as NS_ENSURE_SUCCESS() calls). By using a smart pointer class, it goes out of scope and does the release for you when the function ends.
And they're not functions, they're variables. Not sure about the bizzare name part though, since that confuses me too
Usually kung fu death grips hold on to a given reference-counted object so that it will never reach zero references.
... Err, as far as I know anyway :)
That is, most things in Mozilla are XPCOM-based; it's similiar to Microsoft's COM if you've used that. Things get reference counted (i.e. they keep track of how many pointers are pointing at them, with the help of the people acquiring and releasing references). Once something reaches zero references, it's considered no longer needed and get released (memory deallocated, etc.). In some cases you want to make sure things stay alive for a certain period - such as making sure event listeners don't kill themselves before you finish processing them - so you give them an extra reference via the kung fu death grips. Once the grip goes out of scope, the reference is released; if at that point it gets a reference count of zero the object kills itself.
Ah, it's probably MSI (Microsoft installer) based, and you've tried to launch setup first as normal before trying runas? msiexec.exe (the MS Installer service) doesn't like to quit, so if you run as a normal user first it'd stick around with the normal user privileges. I'm guessing the InstallShield setup is a stub that runs the MSI (probably with some parameters or something, since they tend to not like starting the MSI directly).
:p
At least, I'm hoping your setup isn't using a 16-bit stub nowadays..
[This is totally about the offtopicy Run As]
Strange, I run cmd.exe as admin to load sysinternal's regmon, which doesn't work in my normal account (because it won't be able to load the registry monitoring driver thingimabob in that case)... Same with the Add/Remove Programs thing in Control Panel (which I get to by running iexplore as admin then locating it there).
Just tried it, and both process explorer and task manager reported the child processes as belonging to administrator...
Windows XP SP2. Been like that in 2000 too IIRC.
Don't worry, that only works on Windows anyway (and only if your Firefox was compiled with MSVC - as mozilla.org binaries are - due to issues with C++).
:)
Dunno if Wine would help though
For Mozilla-related things, there's a DOMParser constructor that may be useful. Use parseFromString() since you don't have access to nsIInputStream :)
(If you can, XPath is lovely for getting stuff out of DOM trees!)
Err, not exactly - content (i.e. unprivileged non-chrome) doesn't get to even touch Components.classes. It replies with this in the JS console:
] ) :p)
Error: uncaught exception: Permission denied to get property UnnamedClass.classes
To test, copy this into your address bar:
javascript:alert(Components.classes[ "@mozilla.org/network/socket-transport-service;1"
Then try the same again in JS console, without the javascript: prefix. (The JS console is trusted, because web pages can't evaluate in its context. Presumably
Yeah, back when I signed up (some time during the invite period), IIRC, there was something about the dots not mattering.
.no, so it's probably just clever but pointless spam :p
Strangely though I just got a mail addressed to oobarf@gmail even though my account is foobar@gmail - basically, one letter was moved from one end to the other. And yes, I checked the message headers and everything; the To: address is wrong, and there are no BCC fields (which I assume would show up if it's BCCing me), and it's a text/plain only message that isn't advertising anything, so I don't think it's spam...
Of course, whois says the sender IP was from Shanghai Telecom and the from address ends in
That brings up an interesting question - do people check the stats? Or do they fudge them, the way ancient cartographers added places to identify their work?
Are you sure you're talking about Mozilla? I usually find their release goals to be... well, rarely met, and if met usually it's because it was a short-term goal anyway.
;)
Personally, I wouldn't trust their scheduling... the product is great, being able to peek at the progress (and occasionally help) is fun, but it's more of a "when it comes out" thing. Refer back to Netscape's estimates of when 5 was going to be released, for example
May I ask why the heck a Windows Media Audio related lawsuit would have anything to do with Windows Meta Files?
WMA/WMV are, AFAIK, stuff the decended from the ASFs. Which have very little to do with vector graphics... and WMFs are so old that there probably is nothing left to sue.
Sorta like suing the X11 people over something in X-Box because of the X.
How?
The patch came as an EXE (InnoSetup), and to get at the source you need to install it... At which point an executable has already been run, *and* a DLL has been dropped to %systemroot%\system32 and schedule to load for any subsequent apps that load user32.dll (according to the description anyway).
I've managed to read the source after installing it... but if it was bad, I'd've already been hosed by that point.
Err..
:( )
This "patch" is more of a loader. It hooks every program loaded, and redirects the vulnerable function to its own implementation, which disables the buggy functionality and passes everything else back to the original buggy implementation. Sort of like overzealous sanity checking.
It does not modify the original code (gdi32.dll) on disk. After Microsoft's patch, it will still try to load, and either 1) the function will change and workaround will realize this and fail to load (since it checks the 5 initial bytes of the vulnerable function to see which version it's patching), or 2) it will load, still neuter the previously-vulnerable path, and continue as normal.
The source code is included; read it. (Unfortunately, the source code was not a separate download, and therefore we can't read it before installing
See also http://www.grc.com/groups/securitynow:423
"reverse engineered"?
:( It was a single file, would have been pretty easy to read it and make sure it doesn't look like it does anything malicious, *then* compile it...
You do realize that the installer at hexblog dumps the source to the "install dir"? (The actual useful DLL goes into system32 instead...)
It would have been nice to have the option to get just the sources w/o the installer though
Err, I'm not sure if RSS needs any help screwing up. See here (Google cache because the guy's site seems to be down).
On the other hand... Does this mean we now have a giant entity with most of the patents?
Imagine a small business on the wrong end of this. You have a patent that's actually genuinely useful? Well, here's five thousand trivial things that should give you a nice death by paper cut. Oh, and we'd like to take that patent off you as compensation....
The first point, at least, may be possible with an extension. See here. It's still alpha-ish, though, I think.
Isn't that a video card driver vulnerability? (IIRC, that also worked on Mozilla-based browsers... and if it's the one I was thinking about, caused a BSoD)
chrome://browser/content/browser.xul for Firefox.
:)
Note that this is very crashy because this isn't exactly designed to work in a tab, but anyway
Yes there still is a Mozilla.
They're not using it as a product name anymore, but they're still using the name.
You may want to try this URL instead.
(... WTF? Told the Mozilla folks Sept 6 and went public Sept 8? I mean, I know they're cool Open Sores people, but... 2 days?)
Yeah, you would have they would have come up with something like Cache-Control: no-cache by now.
I probably missed some situations.
Basically, it loads half way, figure out that it loaded stuff it shouldn't have (or didn't load stuff it should have), and restarts itself. Completely normal for the stuff mentioned above. This will not occur if you already have an existing Firefox window (since the new instance actually just tells the old one to open a new window, then quietly commits suicide).
As to GP's complaint about the negative download count - that actually exists in any version 1.0.x and older. Using a 32-bit number to keep track of file sizes didn't work so well with > 2GB files
$wget -d "http://i.tuxgames.com/lgpcomp/comp.jpg"
[snip]
Date: Mon, 05 Sep 2005 03:00:18 GMT
Server: Apache/1.3.33 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.22 OpenSSL/0.9.7a PHP-CGI/0.1b
Last-Modified: Mon, 05 Sep 2005 02:48:04 GMT
ETag: "1641b8-162d18-431bb1e4"
Accept-Ranges: bytes
Content-Length: 1453336
Connection: close
Content-Type: image/jpeg
[snip]
See the last-modified date... I guess it's more of a one pixel per second on average, but really a bunch per lots of minutes or something. Probably once per 10 minutes.
Google for "IETabs". (The result you want should be pointing to the MozillaZine forums.) It sort of implements parts of what Netscape 8 had, but for Firefox.
That basically implements a IE plugin with GUI hooks to open it in a new tab. The difference being 1) this is open source; 2) you would end up using Gecko most of the time, which is probably better security-wise.