Worst (Best?) Hacks

A place to discuss the implementation and style of computer programs.

Moderators: phlip, Moderators General, Prelates

User avatar
Bruce
Posts: 447
Joined: Tue Feb 12, 2008 11:44 am UTC
Location: Melbourne

Worst (Best?) Hacks

Postby Bruce » Tue Feb 26, 2008 9:00 am UTC

I pulled a really awful hack today and felt like telling people about it, and did not see an area for using things in ways other than they were intended. If you have done something interestingly bad please share.

My story:

I write PLC in a proprietary language at work, which is compiled to a native executable. There is a function call (plccom_db_message(<db_key>, <db_class>)) which we use to display messages on the screen which are pulled out of a database. In this particular case I was writing a second PLC which would run along side the standard one (separate process) as a special for a customer. The PLC must load a database to use for plccom with this:

Code: Select all

plccom_attach_db(<file>)

The problem is I found a bug in the PLCCOM implementation. If you were running more than one PLC only the first attached database would be used for all instances, though everything else worked as normal. I did not want to move this single custom message into the main database, so here is hack number one:

Code: Select all

plccom_message("foo\nbar")

We never used it but there was a function which let you pass a string directly, so I could just hard code my message. This created a new problem when my code compiled but would not assemble. The resulting asm looked something like this:

Code: Select all

sym383 db 'stuff', 0
sym439 db 'foo
bar', 0
sym446 db 'more stuff', 0

After experimenting with a few combinations of escaping the returns I found I could not get it to both assemble and run correctly with the line breaks. Then I came up with this piece of wrong:

Code: Select all

plccom_message("foo', 10, 'bar")

This adds the ASCII value 10 (newline) to the string in the middle of the asm. effectively an injection attack on our own compiler. So, please make me feel better by sharing something worse!
COMFORT, n.
A state of mind produced by contemplation of a neighbor's uneasiness.

Dongorath
Posts: 93
Joined: Tue Oct 16, 2007 1:17 pm UTC

Re: Worst (Best?) Hacks

Postby Dongorath » Tue Feb 26, 2008 1:17 pm UTC

I don't think it's as bad, but it's also an injection. In an ASP.NET/C# webapp, we have custom control for dropdown lists, and I wanted to add an html attribute with the corresponding JavaScript I needed, but there was no Attributes property, and it was badly programmed (i.e. you can't add attributes), so I made an html injection writing this :

Code: Select all

ddlFields.AccessKey = "\" ondblclick=\"AddIndicCodeToIndicCalc();";

joeframbach
Posts: 1478
Joined: Sun Nov 05, 2006 12:49 am UTC

Re: Worst (Best?) Hacks

Postby joeframbach » Tue Feb 26, 2008 3:42 pm UTC

Dongorath wrote:I don't think it's as bad, but it's also an injection. In an ASP.NET/C# webapp, we have custom control for dropdown lists, and I wanted to add an html attribute with the corresponding JavaScript I needed, but there was no Attributes property, and it was badly programmed (i.e. you can't add attributes), so I made an html injection writing this :

Code: Select all

ddlFields.AccessKey = "\" ondblclick=\"AddIndicCodeToIndicCalc();";


How can you doubleclick a dropdown option? As soon as you click it once, it disappears and you can't get the second click in.

Dongorath
Posts: 93
Joined: Tue Oct 16, 2007 1:17 pm UTC

Re: Worst (Best?) Hacks

Postby Dongorath » Tue Feb 26, 2008 4:22 pm UTC

joeframbach wrote:How can you doubleclick a dropdown option? As soon as you click it once, it disappears and you can't get the second click in.


When it's a multiple selection dropdown list (attribute multiple).

omglolbah
Posts: 34
Joined: Thu May 24, 2007 12:23 am UTC
Location: Bergen, Norway

Re: Worst (Best?) Hacks

Postby omglolbah » Tue Feb 26, 2008 10:54 pm UTC

As part of my job at a science center in Norway I was tasked to build a ticket checking system.

This system has the following components:

2 turnstile type gates. These require a relay to control each way... ie 4 hardware io

4 RFID readers. Zero documentation. Crappy support from manufacturer.

1 MSSQL database. (not my choice, *wimper*)


The problems started right away.

Apparently the speed of which the RFID readers can pull an ID off a card is... directly related to the baud rate you use for serial communication between the reader and the PC.... wonderful. 25 meters of serial cable in a 20mm plastic pipe under concrete with lots of electronic noise from the heating wiring....
about 40% packet loss on a serial link with no CRC is painful to say the least.
Well... that required some nasty hacking.
A PIC chip is sitting on top of the RFID reader. This takes the string from the reader and adds a layer of CRC... horrible but needed.....

Then imagine this... After anywhere from 20 to 60 minutes (as far as I've been able to measure) a random RFID reader stops responding to serial communication. No life at all. I expect this to have something to do with the serial link but any decent UART should be able to recover *sigh*
I still have no idea why. The manufacturer dont know or wont help....

The fix?

Remeber those relays needed for the port control? 4 of em right?... the controller has 8 relays...

So if a reader stops responding for 5 seconds... I cut power on that reader and do a hard powercycle...

Nasty as hell but it -does- work.

--*sigh*--


ps,

If you ever work with MSSQL and .NET... SQLDATETIME in MSSQL takes the format mm.dd.yyyy
SQLDATETIME in .NET takes it as dd.mm.yyyy.... wondaful.

mrkite
Posts: 336
Joined: Tue Sep 04, 2007 8:48 pm UTC

Re: Worst (Best?) Hacks

Postby mrkite » Tue Feb 26, 2008 11:07 pm UTC

joeframbach wrote:How can you doubleclick a dropdown option? As soon as you click it once, it disappears and you can't get the second click in.


Anything with a doubleclick event handler will have a timeout set on first click. If you don't click again after the timeout, it's a single click, otherwise it's a double click.

Try it, attach a doubleclick and an onclick to a single element. Then double click. The first click never fires.

User avatar
'; DROP DATABASE;--
Posts: 3284
Joined: Thu Nov 22, 2007 9:38 am UTC
Location: Midwest Alberta, where it's STILL snowy
Contact:

Re: Worst (Best?) Hacks

Postby '; DROP DATABASE;-- » Wed Feb 27, 2008 2:12 am UTC

I used an injection trick all the time in VB. The IDE only let you assign certain keys to menu items. I wanted to use other keys. I could do it just fine using the keypress methods, but the menus wouldn't display the keys because they weren't assigned through the IDE. I figured I could fake it by making the key label part of the option name, and inserting a tab. Just pressing Tab didn't work - it moved to the next field - so I copied a tab character from the code and pasted it in. It worked perfectly. :D
poxic wrote:You suck. And simultaneously rock. I think you've invented a new state of being.

arcoain
Posts: 56
Joined: Thu Dec 20, 2007 12:34 am UTC

Re: Worst (Best?) Hacks

Postby arcoain » Wed Feb 27, 2008 4:12 am UTC

'; DROP DATABASE;-- wrote:used an injection trick all the time in VB. The IDE only let you assign certain keys to menu items. I wanted to use other keys. I could do it just fine using the keypress methods, but the menus wouldn't display the keys because they weren't assigned through the IDE. I figured I could fake it by making the key label part of the option name, and inserting a tab. Just pressing Tab didn't work - it moved to the next field - so I copied a tab character from the code and pasted it in. It worked perfectly. :D

You do realize that a menu has a field called something like: 'Shortcut Key Display String' so you can set how the short cut is displayed...?
(at least in VS 2008)
arcoain

joeframbach
Posts: 1478
Joined: Sun Nov 05, 2006 12:49 am UTC

Re: Worst (Best?) Hacks

Postby joeframbach » Wed Feb 27, 2008 4:46 am UTC

mrkite wrote:
joeframbach wrote:How can you doubleclick a dropdown option? As soon as you click it once, it disappears and you can't get the second click in.


Anything with a doubleclick event handler will have a timeout set on first click. If you don't click again after the timeout, it's a single click, otherwise it's a double click.

Try it, attach a doubleclick and an onclick to a single element. Then double click. The first click never fires.

Code: Select all

<select>
<option>1</option>
<option>2</option>
<option>3</option>
<option>4</option>
<option ondblclick="alert('5 dblclick');">5</option>
<option>6</option>
<option onclick="alert('7 click');">7</option>
</select>


Neither events fire in IE with or without multiple="true".
FF only gives me the single click. It gives me the doubleclick with multiple="true"

User avatar
'; DROP DATABASE;--
Posts: 3284
Joined: Thu Nov 22, 2007 9:38 am UTC
Location: Midwest Alberta, where it's STILL snowy
Contact:

Re: Worst (Best?) Hacks

Postby '; DROP DATABASE;-- » Wed Feb 27, 2008 6:53 am UTC

arcoain wrote:
'; DROP DATABASE;-- wrote:used an injection trick all the time in VB. The IDE only let you assign certain keys to menu items. I wanted to use other keys. I could do it just fine using the keypress methods, but the menus wouldn't display the keys because they weren't assigned through the IDE. I figured I could fake it by making the key label part of the option name, and inserting a tab. Just pressing Tab didn't work - it moved to the next field - so I copied a tab character from the code and pasted it in. It worked perfectly. :D

You do realize that a menu has a field called something like: 'Shortcut Key Display String' so you can set how the short cut is displayed...?
(at least in VS 2008)
arcoain
Not in this version.
poxic wrote:You suck. And simultaneously rock. I think you've invented a new state of being.

omglolbah
Posts: 34
Joined: Thu May 24, 2007 12:23 am UTC
Location: Bergen, Norway

Re: Worst (Best?) Hacks

Postby omglolbah » Wed Feb 27, 2008 7:03 am UTC

VS 2008 has a lot of stuff that earlier version did not have which drove developers absolutely nuts with frustration.

Progress is nice ^.^

User avatar
Bruce
Posts: 447
Joined: Tue Feb 12, 2008 11:44 am UTC
Location: Melbourne

Re: Worst (Best?) Hacks

Postby Bruce » Wed Feb 27, 2008 7:43 am UTC

omglolbah wrote:So if a reader stops responding for 5 seconds... I cut power on that reader and do a hard powercycle...

Heh that certainly is pretty bad and good at the same time. Could have wasted a very long time on a more elegant solution.
omglolbah wrote:If you ever work with MSSQL and .NET... SQLDATETIME in MSSQL takes the format mm.dd.yyyy
SQLDATETIME in .NET takes it as dd.mm.yyyy.... wondaful.

Silly Americans. Who thought that mm.dd.yyyy would ever make sense?
COMFORT, n.
A state of mind produced by contemplation of a neighbor's uneasiness.

Dongorath
Posts: 93
Joined: Tue Oct 16, 2007 1:17 pm UTC

Re: Worst (Best?) Hacks

Postby Dongorath » Wed Feb 27, 2008 9:30 am UTC

omglolbah wrote:If you ever work with MSSQL and .NET... SQLDATETIME in MSSQL takes the format mm.dd.yyyy
SQLDATETIME in .NET takes it as dd.mm.yyyy.... wondaful.


CONVERT(datetime, 'dd.mm.yyyy', 104) might be what you are looking for... Anyway, it's never pretty to convert datetimes...


About the dropdownlist, I put the ondblclick event in the select tag :

Code: Select all

<select multiple ondblclick="AddIndicCodeToIndicCalc();" blablabla>
    <option  value="mat_gross">[mat_gross] Gross usage / part</option>
    blablabla...
</select>

<script>
   function AddIndicCodeToIndicCalc()
   {
      if (document.mainForm.elements['body:x:ddlFields:x'].value.length > 0)
      {
         document.mainForm.elements['body:x:txtCalculation:x:_ctl0'].focus();
         document.mainForm.elements['body:x:txtCalculation:x:_ctl0'].value += '['+document.mainForm.elements['body:x:ddlFields:x'].value+']';
         document.mainForm.elements['body:x:txtCalculation:x:_ctl0'].focus();
      }
   }
</script>


Not pretty, I don't really know why there are two .focus(); but it works... (it's a copy-paste from another page, and I didn't want to even try to modify it. If it works, don't touch it !).
Basically : it adds the value of the double-clicked option to a textbox.

omglolbah
Posts: 34
Joined: Thu May 24, 2007 12:23 am UTC
Location: Bergen, Norway

Re: Worst (Best?) Hacks

Postby omglolbah » Wed Feb 27, 2008 5:20 pm UTC

Yep, not hard to fix but you would think a microsoft database and the .net framework with data types of the exact same name would be compatible *sighs*

User avatar
segmentation fault
Posts: 1770
Joined: Wed Dec 05, 2007 4:10 pm UTC
Location: Nu Jersey
Contact:

Re: Worst (Best?) Hacks

Postby segmentation fault » Wed Feb 27, 2008 6:05 pm UTC

const_cast.
people are like LDL cholesterol for the internet

mrkite
Posts: 336
Joined: Tue Sep 04, 2007 8:48 pm UTC

Re: Worst (Best?) Hacks

Postby mrkite » Wed Feb 27, 2008 6:05 pm UTC

omglolbah wrote:If you ever work with MSSQL and .NET... SQLDATETIME in MSSQL takes the format mm.dd.yyyy
SQLDATETIME in .NET takes it as dd.mm.yyyy.... wondaful.


They both take yyyy-mm-dd

Rysto
Posts: 1460
Joined: Wed Mar 21, 2007 4:07 am UTC

Re: Worst (Best?) Hacks

Postby Rysto » Thu Feb 28, 2008 4:24 am UTC

This is more than a little strange, but I honestly could come up with a better way to do it:

Code: Select all

final ParseTable table;
   
    public LrParser(String ... parseTable) {
        table = decode(parseTable);
    }


So we're taking an array of strings in and decoding them into a parse table. Not exactly an auspicious beginning.

Code: Select all

private ParseTable decode(String [] table) {
        try {
            StringDecoder decode = new StringDecoder(table);

            ObjectInputStream stream = new ObjectInputStream(new GZIPInputStream(decode));

            return (ParseTable)stream.readObject();
        } catch(IOException e) {
            throw new Error(e);
        } catch(ClassNotFoundException e) {
            throw new Error(e);
        }
    }


Now things really start turning weird. StringDecoder in a subclass of InputStream that decodes a string into bytes using a base-16 encoding(I didn't want to complicate things by using base-64 or something similar). So we're taking a string in, turning into a byte array, decompressing that byte array and then deserializing the parse table from that. But why on earth is it necessary to take in an array of strings instead of just one?

Code: Select all

public abstract class Parser extends LrParser {
    private static final String [] ENCODED_TABLE = {
        "F1B88000000000000000CDD990C7C9559BFF7ED77ED99E20D618A588B0433943D42D420........",
        "155F99998D9B6FE35D6A1EFEB23B39148F08AF1F092C138C2934E7ED469C9FF376D7930.......",
        "0D6E780521028073539AF44BCA71C2AFDE6814A102A8F38D9AB724830B9509B54495C7B......."

    public Parser() {
        super(ENCODED_TABLE);
    }


As it turns out, a single string would be larger than the maximum length string in a Java class file(a bit less than 65536). So I had to split the string into several strings.

Now, the obvious question is why I'm doing all this. This was all done for a parser generator I've written for a compilers class. The idea is that the parser generator reads the grammar and generates a Parser class. Every Parser extends the LrParser class, which implements the general LR(1) parsing algorithm. The parse table is unique to the grammar, so the Parser class has to instantiate and pass a ParseTable to the LrParser constructor. So I had to encode the parse table in the generated Parser class somehow. I could have tried to generate a bunch of code that produces the parse table, but that would probably be a lot slower, make the Parser class a lot bigger, and might even run up against the Java method length limit. Hence the hack.

btilly
Posts: 1877
Joined: Tue Nov 06, 2007 7:08 pm UTC

Re: Worst (Best?) Hacks

Postby btilly » Thu Feb 28, 2008 4:43 am UTC

I've posted it before, but one of my favorite hacks is Coroutines in C. (This trick is used inside of the popular PuTTY program.)
Some of us exist to find out what can and can't be done.

Others exist to hold the beer.

User avatar
Berengal
Superabacus Mystic of the First Rank
Posts: 2707
Joined: Thu May 24, 2007 5:51 am UTC
Location: Bergen, Norway
Contact:

Re: Worst (Best?) Hacks

Postby Berengal » Thu Feb 28, 2008 6:35 am UTC

btilly wrote:I've posted it before, but one of my favorite hacks is Coroutines in C. (This trick is used inside of the popular PuTTY program.)

One of my favorite C hacks as well. Of course, coding mostly in python, generators do the same thing.

Another favorite hack of mine was told to me by someone, but apparantly comes from thedailywtf.com:

A sysadmin had a server that was in the bad habbit of crashing every so often. Several times a day, on average, in fact. Tired of is job consisting only of hard-rebooting it every time it happened, he wrote a perl-script to do it for him. "But how can a perl-script hard-reboot a machine?" I hear you ask. Well, it had to be running on another machine, of course, but still, how is it possible? Well, the script pinged the server every so often, and when the server didn't respond, it sent a signal to the cd-tray to eject. I think you see where this is going.
It is practically impossible to teach good programming to students who are motivated by money: As potential programmers they are mentally mutilated beyond hope of regeneration.

Posi
Posts: 111
Joined: Mon Jul 16, 2007 6:08 am UTC

Re: Worst (Best?) Hacks

Postby Posi » Thu Feb 28, 2008 6:58 am UTC

Berengal wrote:
btilly wrote:I've posted it before, but one of my favorite hacks is Coroutines in C. (This trick is used inside of the popular PuTTY program.)

One of my favorite C hacks as well. Of course, coding mostly in python, generators do the same thing.

Another favorite hack of mine was told to me by someone, but apparantly comes from thedailywtf.com:

A sysadmin had a server that was in the bad habbit of crashing every so often. Several times a day, on average, in fact. Tired of is job consisting only of hard-rebooting it every time it happened, he wrote a perl-script to do it for him. "But how can a perl-script hard-reboot a machine?" I hear you ask. Well, it had to be running on another machine, of course, but still, how is it possible? Well, the script pinged the server every so often, and when the server didn't respond, it sent a signal to the cd-tray to eject. I think you see where this is going.

That'd be a cool hack. Is there a way to inject an open CD tray?

User avatar
Berengal
Superabacus Mystic of the First Rank
Posts: 2707
Joined: Thu May 24, 2007 5:51 am UTC
Location: Bergen, Norway
Contact:

Re: Worst (Best?) Hacks

Postby Berengal » Thu Feb 28, 2008 7:48 am UTC

Of course. Trays close automatically, whenever they're pushed (such as when hitting the restart button), and there's also an "inject" signal that can be sent.
Automatic closing is probably just a timer and the inject signal put together in the drivers...
It is practically impossible to teach good programming to students who are motivated by money: As potential programmers they are mentally mutilated beyond hope of regeneration.

EvanED
Posts: 4331
Joined: Mon Aug 07, 2006 6:28 am UTC
Location: Madison, WI
Contact:

Re: Worst (Best?) Hacks

Postby EvanED » Thu Feb 28, 2008 5:44 pm UTC

Berengal wrote:A sysadmin had a server that was in the bad habbit of crashing every so often. Several times a day, on average, in fact. Tired of is job consisting only of hard-rebooting it every time it happened, he wrote a perl-script to do it for him. "But how can a perl-script hard-reboot a machine?" I hear you ask. Well, it had to be running on another machine, of course, but still, how is it possible? Well, the script pinged the server every so often, and when the server didn't respond, it sent a signal to the cd-tray to eject. I think you see where this is going.

That's this story.

Bonus: the final paragraph of the story makes you feel bad for the monitor robot
Second bonus: the comment linking to this commercial (watch after reading)
Third bonus: this other comment:
The originator of this story apparently worked for a company dealing in custom servers with network boot, network OS install, etc. -- basically obviating need for physical removable media. But they did custom builds, so when a server farm asked them for units with CD-ROM drives, they were accommodating but curious.

Their client explained to them that they had an established procedure for rapid physical location of individual machines -- if they needed to find a particular server, they'd instruct it to eject the CD drive, then jog along the stacks looking for the machine with its tongue hanging out.

User avatar
wing
the /b/slayer
Posts: 1876
Joined: Tue May 29, 2007 5:56 am UTC

Re: Worst (Best?) Hacks

Postby wing » Fri Feb 29, 2008 1:55 am UTC

Rysto wrote:might even run up against the Java method length limit. Hence the hack.
Excuse me but what?

One of my comrades suffers from Dread Fortran Programmer's Disease and doesn't even use functions automatically. And even worse, he's overly enthusiastic and has a half-functioning prototype within minutes of the closing of protocol and architecture discussions, but before we even DISCUSS class structure or anything like that.

I typically spend the first 2/3rds of these projects refactoring his code. If there were a method limit, I'm POSITIVE I would have seen it by now. We were paper-code-reviewing one of these monolithic things, and ended up with it printed and taped across all 4 walls of the 30-seat lab. After taping everything up, I walked around the room and collected method names. I uh, didn't find any. I don't think we're doing any paper code reviews anymore. Anyway, the point is, is there's a method size limit, it must be be wallpaper-grade.
I AM A SEXY, SHOELESS GOD OF WAR!
Akula wrote:Our team has turned into this hate-fueled juggernaut of profit. It's goddamn wonderful.

Rysto
Posts: 1460
Joined: Wed Mar 21, 2007 4:07 am UTC

Re: Worst (Best?) Hacks

Postby Rysto » Fri Feb 29, 2008 3:17 am UTC

I've hit the limit using another parser generator on a Java 1.5 grammar.

Edit:

Code: Select all

$ javac -cp ../java_cup.jar:.. parser.java
parser.java:7697: code too large
  public final java_cup.runtime.Symbol CUP$parser$do_action(
                                       ^
1 error


CUP$parser$do_action is 8457 lines long.

Karrion
Posts: 92
Joined: Fri Jun 22, 2007 12:14 am UTC
Location: Melbourne, AU

Re: Worst (Best?) Hacks

Postby Karrion » Fri Feb 29, 2008 4:26 am UTC

There's a bunch of 16-bit fields in the class file format, which limits the size of various things. In particular a method can't be more than 64KB of bytecode, more than 64K local variables, or more than 64KB in the UTF-8 encoding of its name; a class can't have more than 64K fields, methods, constants or interface inheritances, and so on.

User avatar
mrbaggins
Posts: 1611
Joined: Tue Jan 15, 2008 3:23 am UTC
Location: Wagga, Australia

Re: Worst (Best?) Hacks

Postby mrbaggins » Fri Feb 29, 2008 6:18 am UTC

Just as a reply to the OP, did you try

Code: Select all

plccom_message("foo//nbar")


which should in theory escape the / and not the new line?
Why is it that 4chan is either infinitely awesome, infinitely bad, or "lolwut", but never any intermediary level?

mrkite
Posts: 336
Joined: Tue Sep 04, 2007 8:48 pm UTC

Re: Worst (Best?) Hacks

Postby mrkite » Fri Feb 29, 2008 8:47 pm UTC

mrbaggins wrote:Just as a reply to the OP, did you try

Code: Select all

plccom_message("foo//nbar")


which should in theory escape the / and not the new line?


forward slashes don't escape anything. you mean "foo\\nbar"

User avatar
mrbaggins
Posts: 1611
Joined: Tue Jan 15, 2008 3:23 am UTC
Location: Wagga, Australia

Re: Worst (Best?) Hacks

Postby mrbaggins » Fri Feb 29, 2008 10:36 pm UTC

bah, yeah.... this stupid keyboard has them right next to each other, and I always screw it up unless I've been programming lately.
Why is it that 4chan is either infinitely awesome, infinitely bad, or "lolwut", but never any intermediary level?

WhiskyTangoFoxtrot
Posts: 10
Joined: Sun Feb 17, 2008 9:16 pm UTC
Location: St Charles, MO USA

Re: Worst (Best?) Hacks

Postby WhiskyTangoFoxtrot » Sat Mar 01, 2008 3:10 am UTC

Here's a Solaris LP hack I came up with last year.

Background: my company was undergoing a massive network architecture change that, in part, involved adding appox. 10,000 remotely located printers to our servers. Basically we had an army of techs who would travel across the country setting up the hardware, and some software I wrote ran at headquarters and detected the new devices and set them up on our servers. Now, in addition, we had several printers that generated time-sensitive jobs throughout the day.

One day, we got a call saying the time-sensitive printers were having critical delays around the middle of the business day every day. It took some research, but it turned out the the Solaris LP system had a limit of 40 printer queue additions before requiring a restart of lp scheduler. Since our techs were setting up about 70-80 printers per day, they hit the magic 40 mark around midday each day, and lp would auto-bounce, which led to the print delay issue.

So, we contacted Sun for help, and they said we could resolve the problem by upgrading to <newest bestest version> of the Solaris OS. This was not an option since we have literally hundreds of servers and a convoluted upgrade process.

Well, I discovered that while you could only add 40 new printers without a restart *normally*, if you DELETED some print queues you could then add 40 PLUS the number deleted before a restart was required. This new number was on TOP of the already existing queues from previous days. So I wrote a shell script that ran in the wee hours when no one was legitimately adding printers, and it did the following:
Restarted LP to get a fresh 40 potential adds
Added a variable number of dummy queues, say 50, while restarting LP again every 40 adds
Restarted LP one final time, so we now had 50 more queues in the LP system than we really needed
DELETED the dummy queues, leaving the built-in 40 plus the 50 spots vacated by the deleted dummy queues, giving us room the next day to add 90 new print queues.

Of course, the number of dummy queues was in a config file so it could be modified if the need arose. The script ran every night for several months until the entire network migration was complete. Now I don't reckon anyone else will be able to use this for anything worthwhile, but it sure helped me.

User avatar
Bruce
Posts: 447
Joined: Tue Feb 12, 2008 11:44 am UTC
Location: Melbourne

Re: Worst (Best?) Hacks

Postby Bruce » Sun Mar 02, 2008 5:56 am UTC

mrbaggins wrote:Just as a reply to the OP, did you try

Code: Select all

plccom_message("foo//nbar")


which should in theory escape the / and not the new line?

The reason this does not work (apart from slash direction) is that the magic of escaped characters needs to be done by something. This should be the compiler, but it does not do it's job correctly. When you do this you end up with the characters '\' and 'n' in your message.
COMFORT, n.
A state of mind produced by contemplation of a neighbor's uneasiness.

User avatar
'; DROP DATABASE;--
Posts: 3284
Joined: Thu Nov 22, 2007 9:38 am UTC
Location: Midwest Alberta, where it's STILL snowy
Contact:

Re: Worst (Best?) Hacks

Postby '; DROP DATABASE;-- » Wed Mar 05, 2008 3:33 am UTC

EvanED wrote:Their client explained to them that they had an established procedure for rapid physical location of individual machines -- if they needed to find a particular server, they'd instruct it to eject the CD drive, then jog along the stacks looking for the machine with its tongue hanging out.
Not a bad idea, but it might just be cheaper to use bright blinking LEDs connected to the parallel port, or play tones on the internal speaker.
poxic wrote:You suck. And simultaneously rock. I think you've invented a new state of being.

User avatar
'; DROP DATABASE;--
Posts: 3284
Joined: Thu Nov 22, 2007 9:38 am UTC
Location: Midwest Alberta, where it's STILL snowy
Contact:

Re: Worst (Best?) Hacks

Postby '; DROP DATABASE;-- » Fri Mar 07, 2008 4:22 am UTC

I haven't actually used this one yet, but I just might at some point. Basically, on the Game Boy, RAM is hard to come by, and you only have 16K of fixed ROM space - the rest is bank switchable. If you need a function to read from other ROM banks at any decent speed, it needs to lie in this first 16K or in RAM. But it's not unlikely that both of these are full.

One possible trick to get around this is to put code in VRAM. However, VRAM is only accessible when the display hardware isn't reading it. The rest of the time, it reads 0xFF. This isn't a huge problem for a quick routine executed right at the start of VBlank, but say for a decent-sized copy loop in HBlank or something, you run the risk of running out of time and having VRAM become inaccessible while you're still executing from it. Not good.

However, nice things about the Game Boy's Z80 variant:
1) Instructions are one, two or three bytes each.
2) Instruction 0xFF is a jump to 0x38, which is in the 16K of fixed ROM.
I think you see where I'm going with this. :twisted: Just stick to single-byte instructions so you don't have it switch halfway through a read and corrupt your instruction...

One potential problem I can see is if not all 8 bits are read at the same time, VRAM might become inaccessible mid-read and turn e.g. 0x42 into 0x4F. I'd definitely like to try this and see if it works.

Another potential use for this hack is exception handling. Fill unused RAM and ROM space with 0xFF (and if you're designing a system, wire it so that unmapped memory reads 0xFF), and stick an exception handler at 0x38.
poxic wrote:You suck. And simultaneously rock. I think you've invented a new state of being.

User avatar
Bruce
Posts: 447
Joined: Tue Feb 12, 2008 11:44 am UTC
Location: Melbourne

Re: Worst (Best?) Hacks

Postby Bruce » Fri Mar 07, 2008 6:45 am UTC

Assuming the read is atomic (it should be) you still have another problem. What if the first byte to return FF is either not an instruction or not the start of one?
COMFORT, n.
A state of mind produced by contemplation of a neighbor's uneasiness.

User avatar
'; DROP DATABASE;--
Posts: 3284
Joined: Thu Nov 22, 2007 9:38 am UTC
Location: Midwest Alberta, where it's STILL snowy
Contact:

Re: Worst (Best?) Hacks

Postby '; DROP DATABASE;-- » Sun Mar 09, 2008 7:27 am UTC

Yeah, that's why you have to stick to using single-byte instructions. Which could be pretty tricky.
poxic wrote:You suck. And simultaneously rock. I think you've invented a new state of being.

User avatar
Amnesiasoft
Posts: 2573
Joined: Tue May 15, 2007 4:28 am UTC
Location: Colorado
Contact:

Re: Worst (Best?) Hacks

Postby Amnesiasoft » Sun Mar 09, 2008 7:56 am UTC

Code: Select all

while(pos < pffDataSize) {
   pos += (*PffOpCodes[*(pffFileData + pos + 1)])(base, pffFileData + pos) + 1;
}

Not as bad as some of the stuff you guys have posted.

pos is basically a program counter.
PffOpCodes is an array of function pointers for the op functions. these functions take a PffImage* and a char* pointer to where the op code parameters begin. The function then returns how many bytes of data it read out.
pffFileData is the procedural image file data all loaded into memory.
base is the image to process.

Basically, that makes up the most important part of my procedural image processors process function. Whole thing is written in C :P

ramsey
Posts: 2
Joined: Mon Mar 10, 2008 9:15 am UTC

Re: Worst (Best?) Hacks

Postby ramsey » Mon Mar 10, 2008 9:24 am UTC

Not too terrible, but I thought it was pretty neat at the time:

Code: Select all

*reinterpret_cast<unsigned long*>(base) = *reinterpret_cast<unsigned long*>(derived);

(Where base is an instance of class Base with virtual function Foo, derived is an instance of class Derived that derives from Base with a redefinition of virtual function Foo.)

This is horribly undefined behavior (the C++ standard doesn't specify how virtual functions are implemented,) but basically it changes the vtable of base (the instance) to point to the vtable for Derived objects. I was doing this to instances of IDirectDrawSurface7 (an abstract class,) to change their vtable to my own (DirectDrawSurface7Wrapper) to intercept method calls (and optionally call the original method by temporarily rewriting the vtable, calling, and rewriting it again.)

Rysto
Posts: 1460
Joined: Wed Mar 21, 2007 4:07 am UTC

Re: Worst (Best?) Hacks

Postby Rysto » Tue Mar 11, 2008 3:54 am UTC

"Not too terrible"? What on earth qualifies as "terrible" in your world?

User avatar
Actaeus
Posts: 606
Joined: Thu Jan 10, 2008 9:21 pm UTC
Location: ZZ9 Plural Z Alpha

Re: Worst (Best?) Hacks

Postby Actaeus » Tue Mar 11, 2008 7:48 pm UTC

I like this program, but the while loop is hackish (can you combine a while and a for loop?) and I don't like my primality test, which checks every odd number below the square root to see if it's a factor.
The program (primetime.py) counts the number of times in a day using AM/PM notation that the time is prime:

Code: Select all

import math
primes=0
for hour in range(1,13):
    for minute in range(1,60,2):
        time=100*hour+minute
        factor=3
        prime=True
        while prime==True and factor<=math.sqrt(time):
            if time%factor==0:
                prime=False
            factor+=2
        if prime==True:
            primes+=1
print primes*2

EDIT: by the way, there are 222 of 'em.

User avatar
'; DROP DATABASE;--
Posts: 3284
Joined: Thu Nov 22, 2007 9:38 am UTC
Location: Midwest Alberta, where it's STILL snowy
Contact:

Re: Worst (Best?) Hacks

Postby '; DROP DATABASE;-- » Wed Mar 12, 2008 6:52 am UTC

Rysto wrote:"Not too terrible"? What on earth qualifies as "terrible" in your world?
#define sizeof(x) rand()
muahahaha :twisted:
poxic wrote:You suck. And simultaneously rock. I think you've invented a new state of being.

User avatar
TomBot
Posts: 228
Joined: Sun Jul 29, 2007 1:17 am UTC
Location: Illinois (UIUC)
Contact:

Re: Worst (Best?) Hacks

Postby TomBot » Wed Mar 12, 2008 10:08 am UTC

I just wrote a pretty good hack. I was making a thread-safe debug logging thingy for C++ that lets you use cout-style syntax. So I have a subclass of ostream that takes a mutex in its constructor and drops it in the destructor. Then I have a function that returns a temporary instance of it, which will get destroyed at the end of the line. This lets you write:

Code: Select all

log(LOG_INFO) << "the answer is" << 42 << endl;

Of course, it's not quite that simple. ostreams don't work quite right when they're rvalues, so log is actually a macro that evaluates to real_log(level).flush(). Also, it would be easy to accidentally write:

Code: Select all

ostream_wrapper &saved = log(LOG_INFO);
saved << "accessing destroyed object" << endl;

But the compiler doesn't warn, and valgrind can't even catch it. I ended up making my wrapper class write 0xdeadbeef all over itself in its destructor to keep you from doing that.

'; DROP DATABASE;-- wrote:#define sizeof(x) rand()
muahahaha :twisted:


That reminds me of one of the things I plan to do when I get infinite free time: I will make a POSIX-compliant operating system that is random, arbitrary, and stupid in every possible way allowed by the standards. System calls will get interrupted all the time, read and write will only read and write a random amount, not all of it. Everything that's not required to be threadsafe will self-modify its code just for the heck of it. Endianness: random each time you compile.


Return to “Coding”

Who is online

Users browsing this forum: No registered users and 9 guests