Recherche avancée

Sur d’autres sites (5754)

• I am trying to use ffmpeg with CodeRunner, but it isn't working

  8 juillet 2021, par Michael Raja

  I'm new to coding and I'm using a mac. I used the command conda install -c conda-forge ffmpeg to install the package for use with anaconda. I use Coderunner 4 as well, but Coderunner doesn't seem like it can access ffmpeg from this installation. Since Coderunner isn't as popular as anaconda, I'm having trouble locating a workaround. So, my questions are :

  


  Why can't coderunner use this package installation and how can I get coderunner to be able to access ffmpeg ?

  


  Thanks !

  


• Heroic Defender of the Stack

  27 janvier 2011, par Multimedia Mike — Programming

  Problem Statement

  I have been investigating stack smashing and countermeasures (stack smashing prevention, or SSP). Briefly, stack smashing occurs when a function allocates a static array on the stack and writes past the end of it, onto other local variables and eventually onto other function stack frames. When it comes time to return from the function, the return address has been corrupted and the program ends up some place it really shouldn’t. In the best case, the program just crashes ; in the worst case, a malicious party crafts code to exploit this malfunction.

  Further, debugging such a problem is especially obnoxious because by the time the program has crashed, it has already trashed any record (on the stack) of how it got into the errant state.

  Preventative Countermeasure

  GCC has had SSP since version 4.1. The computer inserts SSP as additional code when the -fstack-protector command line switch is specified. Implementation-wise, SSP basically inserts a special value (the literature refers to this as the ’canary’ as in "canary in the coalmine") at the top of the stack frame when entering the function, and code before leaving the function to make sure the canary didn’t get stepped on. If something happens to the canary, the program is immediately aborted with a message to stderr about what happened. Further, gcc’s man page on my Ubuntu machine proudly trumpets that this functionality is enabled per default ever since Ubuntu 6.10.

  And that’s really all there is to it. Your code is safe from stack smashing by default. Or so the hand-wavy documentation would have you believe.

  Not exactly

  Exercising the SSP

  I wanted to see the SSP in action to make sure it was a real thing. So I wrote some code that smashes the stack in pretty brazen ways so that I could reasonably expect to trigger the SSP (see later in this post for the code). Here’s what I learned that wasn’t in any documentation :

  SSP is only emitted for functions that have static arrays of 8-bit data (i.e., [unsigned] chars). If you have static arrays of other data types (like, say, 32-bit ints), those are still fair game for stack smashing.

  Evaluating the security vs. speed/code size trade-offs, it makes sense that the compiler wouldn’t apply this protection everywhere (I can only muse about how my optimization-obsessive multimedia hacking colleagues would absolute freak out if this code were unilaterally added to all functions). So why are only static char arrays deemed to be "vulnerable objects" (the wording that the gcc man page uses) ? A security hacking colleague suggested that this is probably due to the fact that the kind of data which poses the highest risk is arrays of 8-bit input data from, e.g., network sources.

  The gcc man page also lists an option -fstack-protector-all that is supposed to protect all functions. The man page’s definition of "all functions" perhaps differs from my own since invoking the option does not have differ in result from plain, vanilla -fstack-protector.

  The Valgrind Connection

  "Memory trouble ? Run Valgrind !" That may as well be Valgrind’s marketing slogan. Indeed, it’s the go-to utility for finding troublesome memory-related problems and has saved me on a number of occasions. However, it must be noted that it is useless for debugging this type of problem. If you understand how Valgrind works, this makes perfect sense. Valgrind operates by watching all memory accesses and ensuring that the program is only accessing memory to which it has privileges. In the stack smashing scenario, the program is fully allowed to write to that stack space ; after all, the program recently, legitimately pushed that return value onto the stack when calling the errant, stack smashing function.

  Valgrind embodies a suite of tools. My idea for an addition to this suite would be a mechanism which tracks return values every time a call instruction is encountered. The tool could track the return values in a separate stack data structure, though this might have some thorny consequences for some more unusual program flows. Instead, it might track them in some kind of hash/dictionary data structure and warn the programmer whenever a ’ret’ instruction is returning to an address that isn’t in the dictionary.

  Simple Stack Smashing Code

  Here’s the code I wrote to test exactly how SSP gets invoked in gcc. Compile with ’gcc -g -O0 -Wall -fstack-protector-all -Wstack-protector stack-fun.c -o stack-fun’.

  stack-fun.c :

  PLAIN TEXT

  C :

  1. /* keep outside of the stack frame */
  2. static int i ;
  3.  
  4. void stack_smasher32(void)
  5. {
  6.  int buffer32[8] ;
  7.  // uncomment this array and compile without optimizations
  8.  // in order to force this function to compile with SSP
  9. // char buffer_to_trigger_ssp[8] ;
  10.  
  11.  for (i = 0 ; i <50 ; i++)
  12.   buffer32[i] = 0xA5 ;
  13. }
  14.  
  15. void stack_smasher8(void)
  16. {
  17.  char buffer8[8] ;
  18.  for (i = 0 ; i <50 ; i++)
  19.   buffer8[i] = 0xA5 ;
  20. }
  21.  
  22. int main()
  23. {
  24. // stack_smasher8() ;
  25.  stack_smasher32() ;
  26.  return 0 ;
  27. }

  The above incarnation should just produce the traditional "Segmentation fault". However, uncommenting and executing stack_smasher8() in favor of stack_smasher32() should result in "*** stack smashing detected *** : ./stack-fun terminated", followed by the venerable "Segmentation fault".

  As indicated in the comments for stack_smasher32(), it’s possible to trick the compiler into emitting SSP for a function by inserting an array of at least 8 bytes (any less and SSP won’t emit, as documented, unless gcc’s ssp-buffer-size parameter is tweaked). This has to be compiled with no optimization at all (-O0) or else the compiler will (quite justifiably) optimize away the unused buffer and omit SSP.

  For reference, I ran my tests on Ubuntu 10.04.1 with gcc 4.4.3 compiling the code for both x86_32 and x86_64.

• Working on images asynchronously

  15 décembre 2013, par Mikko Koppanen — Imagick, PHP stuff

  To get my quota on buzzwords for the day we are going to look at using ZeroMQ and Imagick to create a simple asynchronous image processing system. Why asynchronous ? First of all, separating the image handling from a interactive PHP scripts allows us to scale the image processing separately from the web heads. For example we could do the image processing on separate servers, which have SSDs attached and more memory. In this example making the images available to all worker nodes is left to the reader.

  Secondly, separating the image processing from a web script can provide more responsive experience to the user. This doesn’t necessarily mean faster, but let’s say in a multiple image upload scenario this method allows the user to do something else on the site while we process the images in the background. This can be beneficial especially in cases where users upload hundreds of images at a time. To achieve a simple distributed image processing infrastructure we are going to use ZeroMQ for communicating between different components and Imagick to work on the images.

  The first part we are going to create is a simple “Worker” -process skeleton. Naturally for a live environment you would like to have more error handling and possibly use pcntl for process control, but for the sake of brewity the example is barebones :

  php

  < view plain text >

  1. < ?php
  2.  
  3. define (’THUMBNAIL_ADDR’, ’tcp ://127.0.0.1:5000’) ;
  4. define (’COLLECTOR_ADDR’, ’tcp ://127.0.0.1:5001’) ;
  5.  
  6. class Worker {
  7.  
  8.   private $in ;
  9.   private $out ;
  10.  
  11.   public function __construct ($in_addr, $out_addr)
  12.   {
  13.     $context = new ZMQContext () ;
  14.  
  15.     $this->in = new ZMQSocket ($context, ZMQ: :SOCKET_PULL) ;
  16.     $this->in->bind ($in_addr) ;
  17.  
  18.     $this->out = new ZMQSocket ($context, ZMQ: :SOCKET_PUSH) ;
  19.     $this->out->connect ($out_addr) ;
  20.   }
  21.  
  22.   public function work () {
  23.     while ($command = $this->in->recvMulti ()) {
  24.       if (isset ($this->commands [$command [0]])) {
  25.         echo "Received work" . PHP_EOL ;
  26.  
  27.         $callback = $this->commands [$command [0]] ;
  28.  
  29.         array_shift ($command) ;
  30.         $response = call_user_func_array ($callback, $command) ;
  31.  
  32.         if (is_array ($response))
  33.           $this->out->sendMulti ($response) ;
  34.         else
  35.           $this->out->send ($response) ;
  36.       }
  37.       else {
  38.         error_log ("There is no registered worker for $command [0]") ;
  39.       }
  40.     }
  41.   }
  42.  
  43.   public function register ($command, $callback)
  44.   {
  45.     $this->commands [$command] = $callback ;
  46.   }
  47. }
  48.  ?>

  The Worker class allows us to register commands with callbacks associated with them. In our case the Worker class doesn’t actually care or know about the parameters being passed to the actual callback, it just blindly passes them on. We are using two separate sockets in this example, one for incoming work requests and one for passing the results onwards. This allows us to create a simple pipeline by adding more workers in the mix. For example we could first have a watermark worker, which takes the original image and composites a watermark on it, passes the file onwards to thumbnail worker, which then creates different sizes of thumbnails and passes the final results to event collector.

  The next part we are going to create a is a simple worker script that does the actual thumbnailing of the images :

  php

  < view plain text >

  1. < ?php
  2. include __DIR__ . ’/common.php’ ;
  3.  
  4. // Create worker class and bind the inbound address to ’THUMBNAIL_ADDR’ and connect outbound to ’COLLECTOR_ADDR’
  5. $worker = new Worker (THUMBNAIL_ADDR, COLLECTOR_ADDR) ;
  6.  
  7. // Register our thumbnail callback, nothing special here
  8. $worker->register (’thumbnail’, function ($filename, $width, $height) {
  9.                   $info = pathinfo ($filename) ;
  10.  
  11.                   $out = sprintf ("%s/%s_%dx%d.%s",
  12.                           $info [’dirname’],
  13.                           $info [’filename’],
  14.                           $width,
  15.                           $height,
  16.                           $info [’extension’]) ;
  17.  
  18.                   $status = 1 ;
  19.                   $message = ’’ ;
  20.  
  21.                   try {
  22.                     $im = new Imagick ($filename) ;
  23.                     $im->thumbnailImage ($width, $height) ;
  24.                     $im->writeImage ($out) ;
  25.                   }
  26.                   catch (Exception $e) {
  27.                     $status = 0 ;
  28.                     $message = $e->getMessage () ;
  29.                   }
  30.  
  31.                   return array (
  32.                         ’status’  => $status,
  33.                         ’filename’ => $filename,
  34.                         ’thumbnail’ => $out,
  35.                         ’message’ => $message,
  36.                     ) ;
  37.                 }) ;
  38.  
  39. // Run the worker, will block
  40. echo "Running thumbnail worker.." . PHP_EOL ;
  41. $worker->work () ;

  As you can see from the code the thumbnail worker registers a callback for ‘thumbnail’ command. The callback does the thumbnailing based on input and returns the status, original filename and the thumbnail filename. We have connected our Workers “outbound” socket to event collector, which will receive the results from the thumbnail worker and do something with them. What the “something” is depends on you. For example you could push the response into a websocket to show immediate feeedback to the user or store the results into a database.

  Our example event collector will just do a var_dump on every event it receives from the thumbnailer :

  php

  < view plain text >

  1. < ?php
  2. include __DIR__ . ’/common.php’ ;
  3.  
  4. $socket = new ZMQSocket (new ZMQContext (), ZMQ: :SOCKET_PULL) ;
  5. $socket->bind (COLLECTOR_ADDR) ;
  6.  
  7. echo "Waiting for events.." . PHP_EOL ;
  8. while (($message = $socket->recvMulti ())) {
  9.   var_dump ($message) ;
  10. }
  11.  ?>

  The final piece of the puzzle is the client that pumps messages into the pipeline. The client connects to the thumbnail worker, passes on filename and desired dimensions :

  php

  < view plain text >

  1. < ?php
  2. include __DIR__ . ’/common.php’ ;
  3.  
  4. $socket = new ZMQSocket (new ZMQContext (), ZMQ: :SOCKET_PUSH) ;
  5. $socket->connect (THUMBNAIL_ADDR) ;
  6.  
  7. $socket->sendMulti (
  8.       array (
  9.         ’thumbnail’,
  10.         realpath (’./test.jpg’),
  11.         50,
  12.         50,
  13.       )
  14. ) ;
  15. echo "Sent request" . PHP_EOL ;
  16.  ?>

  After this our processing pipeline will look like this :

  

  Now, if we notice that thumbnail workers or the event collectors can’t keep up with the rate of images we are pushing through we can start scaling the pipeline by adding more processes on each layer. ZeroMQ PUSH socket will automatically round-robin between all connected nodes, which makes adding more workers and event collectors simple. After adding more workers our pipeline will look like this :

  

  Using ZeroMQ also allows us to create more flexible architectures by adding forwarding devices in the middle, adding request-reply workers etc. So, the last thing to do is to run our pipeline and see the results :

  Let’s create our test image first :

  $ convert magick:rose test.jpg
  

  From the command-line run the thumbnail script :

  $ php thumbnail.php 
  Running thumbnail worker..
  

  In a separate terminal window run the event collector :

  $ php collector.php 
  Waiting for events..
  

  And finally run the client to send the thumbnail request :

  $ php client.php 
  Sent request
  $
  

  If everything went according to the plan you should now see the following output in the event collector window :

  array(4) 
    [0]=>
    string(1) "1"
    [1]=>
    string(56) "/test.jpg"
    [2]=>
    string(62) "/test_50x50.jpg"
    [3]=>
    string(0) ""
  
  

  Happy hacking !