Software Update Enabler 2.0

September 3rd, 2009

Just released Software Update Enabler 2.0 now with Snow Leopard support, a simplified UI and the ability for non-administrators to authenticate to set the update server.

If you’re using Snow Leopard or a Snow Leopard Software Update server you really want to grab it now!

Application Specific Information in Leopard Crash Reports

January 4th, 2008

Mac OS X Leopard added a lot of new features in the Crash Reporter giving much better crash reports in a number of situations. One of these enhancements you’ll see in applications like DashboardClient is that crash logs can contain an “Application Specific Information” section, with any text that application wants to appear in the crash log. Naturally the ability to add information to the crash report is currently Apple-only secret sauce. So how do they do it?

Searching for Some Clues

First up let’s take a look at what the application specific information looks like in a crash log.

Process:         DashboardClient [3786]
Path:            /System/Library/CoreServices/Dock.app/Contents/
Resources/DashboardClient.app/Contents/MacOS/DashboardClient
Identifier:      com.apple.dashboard.client
Version:         1.5 (1.5)
Build Info:      Dock-5880000~1
Code Type:       X86 (Native)
Parent Process:  Dock [96353]

Date/Time:       2007-11-07 11:46:49.476 +1100
OS Version:      Mac OS X 10.5 (9A581)
Report Version:  6

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x00000000c56c0db3
Crashed Thread:  0

Application Specific Information:
/Library/Widgets/Dictionary.wdgt/
/Library/Widgets/World Clock.wdgt/
/Library/Widgets/Calculator.wdgt/
/Library/Widgets/Weather.wdgt/
/Library/Widgets/World Clock.wdgt/

[...]

Further information with the usual backtrace and image information is shown below this part of the crash log.

OK, so now we know that the DashboardClient can put application specific information into the crash log, let’s take a look at the symbols that DashboardClient references:

$ nm DashboardClient
[...]
         U ___CFConstantStringClassReference
000161fc D ___crashreporter_info__
         U __kLSASNKey
[...]

Aha! Here we’ve got a symbol that looks pretty likely. It’s a data symbol (the D after the address) not a function symbol so it’s not something we need to call to tell the crash reporter something.

Some Experiments

Given that this seems to be a data pointer let’s take a logical jump that it’s probably going to be a pointer to some data: most likely the string of data that will be displayed in the crash log. Given this assumption, it’s time to try some code.

/*
 *  crashinfo.c
 *  AppSpecificCrashInfo
 *
 *  Created by Andrew Wellington on 27/12/07.
 *  Copyright 2007 Andrew Wellington. All rights reserved.
 *
 */

#include 
#include 

int main (int argc, char *argv[])
{
    char **theAppSpecificInfo = NULL;
    theAppSpecificInfo = dlsym(RTLD_DEFAULT, "__crashreporter_info__");

    if (theAppSpecificInfo)
        *theAppSpecificInfo = "My Hovercraft is full of Eels";

    /* Crash with a null dereference */
    char *crasher = 0;
    *crasher = 0;
}

Let’s compile this:

$ gcc -o crashinfo crashinfo.c -framework CoreFoundation

Note that we’re linking to CoreFoundation as that’s the framework that contains the crash reporter symbol. If you don’t link to CoreFoundation the symbol lookup will fail and return NULL.

Time to try and run this:

$ ./crashinfo 
Bus error

Our test crashed as expected, now did it create a crash log with the information we’re expecting? Open up Console from the Utilities folder then find the crash log for “crashinfo”.

[...]
Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000000
Crashed Thread:  0

Application Specific Information:
My Hovercraft is full of Eels
[...]

Excellent, we’ve found our crash report and the application specific information is there. So it seems all we need to do is set the symbol to a pointer to a standard C string containing the information that we want.

A Few Thoughts

If you want to use this facility in your application there are some things you should be aware of:

Other frameworks might try and overwrite this value. If you do decide to use this, keep another reference to any dynamically allocated memory. This way you can free it if another framework overwrites the pointer and doesn’t leak memory.

You probably should limit any use of this feature to a subset of Mac OS X versions. At the very least you should only do this for Mac OS X 10.5 (on older versions the symbol either won’t exist, or it might do something totally different, and newer versions could be totally different again and this is an undocumented trick).

If another framework overwrites the data you might not get your application specific information so you still need to be able to extract as much information from crash reports by yourself as you can. This can provide more information than before, but it’s certainly not guaranteed to be there.

After working this out myself, I found a patch Apple adds to Samba on Mac OS X 10.5 that explains this in some detail: http://www.opensource.apple.com/darwinsource/Current/samba-187/patches/add-smb-panic-string-to-crashreporter. The most important thing to note from that patch is this part:

 * NOTE: this is an unsupported interface and the
CrashReporter team reserve
 * the right to change it at any time.

So I guess the answer there is: now you know how to do it, don’t. Enjoy :-)

Accuracy of Game Shows

October 19th, 2007

How often do TV Game Shows get the answers to their questions wrong?

A while ago I was flicking through TV channels and fell onto Temptation. After watching a few minutes I came across this question:

Temptation
Click the image to view video clip (QuickTime Movie, 1.2MB)

Question: Jane Bennet finally marries Mr Who in Pride and Prejudice?
Answer: Mr Darcy [sic]

Of course anyone who has read Pride and Prejudice would know that Jane Bennet married Charles Bingley, and it was Elizabeth Bennet who married Mr Darcy.

With a simple mistake like this in the show, and an easily verifiable question at that, you’ve got to wonder how often they get it wrong.

Back to WordPress

October 17th, 2007

I’ve decided I’m far too busy (and lazy) to maintain my own blog engine for this site so I’ve gone back to WordPress. On the plus side this means I can try out MarsEdit and end up hopelessly addicted as it’s far too easy to blog with this. :-)

Software Update Enabler 1.0.4 Released

October 2nd, 2007

Software Update Enabler 1.0.4 has just been released. This version brings a couple of improvements:

  • Enhanced Software Update server port detection
  • Correct issue preventing launching on Mac OS X 10.5 “Leopard”

You can grab it from the Software Update Enabler page.

The Actual List of Phrases Blocked by MSN

August 7th, 2007

Update July 2008 An updated list of phrases is available here.


There has been a bit of a stink in the last few days by people shocked by a list of phrases that the MSN servers block. That list is nowhere near complete.

Here is the list of regular expressions blocked by the MSN servers:

\.pif

\.scr
grouppicture\.php
groupicture\.php
gallery\.php
staff\.php
pics\.php
msn\.php\?email=
download\.php
xmas-2006
miralafoto/foto\.exe
profile\.php\?
tufoto
verti2/fantasma\.zip
armazfiles\.smtp\.ru
chnstudio\.com/upload/impluse\.exe
t35\.com
members\.lycos\.co\.uk/svy21/t/contact\.php
sonresimler1\.googlepages\.com/ozelresimler\.htm
viotagallery\.com
image001\.png
image002\.gif
funbuddyicons\.com
wellwell\.biz
casedinjertionkderunhdaseo\.com
jertionkdewiondaserunf\.com
butuinkdesionmas\.com
imp\.exe
bush-gracioso\.exe
memebers\.lycos\.co\.uk/getmessenger
get-messenger
belgravehelpdesk\.com
xpimad\.com
album\.zip
malbranche\.goracer\.de
albrahem\.com
improfile\.net
unknowntools\.com
hetandunhasde\.com
thecoolpics\.net
.*www\.provnarkotika\.com.*
gratishost\.com
dreamlife365\.com
whoadmitsyou\.com
blockoo\.com
baratinha\.mypets\.ws
messangerstats\.net
messengertools\.org
stuffplug\.com/temp/downgrdr\.exe
hornymatches\.com
iwantu\.com
block-checker\.com
amigosparasempre\.smtp\.ru
amigosparasempro\.smtp\.ru
chinacircle\.com
mensagemparavc\.mail15\.com
mprofiles\.net/members\.php\?msn=
930le\.com
66663\.cn
shusu\.cn
1717wan\.cn
995ba\.com
mydipan\.cn
51kongqi\.com
94nile\.com
life365\.com
photogbase\.com/pictures\.php\?photo656\.jpg
mypengyou\.com
51pingguo\.cn
spotyourface\.net/main/pictures/sexy
windowslivemessenger\.biz
mensageirovirtual\.land\.ru
provnarkotika\.com
tinyurl\.com/asdkfh13/
wasedinterfunva\.com
qerunherdasfunkin\.com
photos\.zip
.*2nnvc7.*
.*urltea\.com.*
urltea\.com/p2s
tinyurl\.com/2nnvc7
linkangel\.net/msn
messenger-tips\.com
imrealm\.com
blocknblock\.com
imtract\.com
blockinrio
messaging-names
tebloqueo\.com
mesns\.com
.*messenger-tips\.com.*
.*get-messenger\.com.*
.*hotbeachpics\.net.*
.*wadesuntiondketunhasde\.com.*
.*la\.gg/upl.*
cbswest\.com
newmsn
cirnews\.com
.*easedrunkiondehunfans\.com.*
.*amazingsexy\.net.*
.*nishiwo\.com.*
.*vetionkdesunjadefin\.com.*
.*handeusjinkdewshishu\.com.*
.*pozaseruiasterduin\.com.*
.*okinyunhfeunasterfunjin\.com.*
.*messengerscan\.com.*
.*\.info.*
.*messenger-scan.*
.*my-msn\.servebeer\.com.*
.*summer2008.*
.*images\.zip.*
.*messengerscan\.net.*
.*msn-csi\.tk.*
.*messenger-contacts\.tk.*
.*xedinkiontnherioplinades\.com.*
.*messenger-list\.com.*
.*messengercheck\.biz.*
.*msn-contacts\.tk.*
.*myalbum2007\.zip.*
.*cirnews\.com.*
.*messenger-checker\.tk.*
.*msn-live-scanner\.tk.*
.*msn-scanner\.tk.*

Floating Point Isn’t Base-10 Folks and That’s Not Encryption

January 6th, 2007

Scott Stevenson recently talked about Cha-Ching. Cha-Ching is a “money manager”, or so Midnight Apps say. After Scott’s praise, I thought I’d take a look to see what all the fuss was about.

Unfortunately, it seems the Midnight Apps crew don’t quite understand the concept of floating point numbers and how they’re stored. A floating point number can not accurately store every base 10 number you can write down.

The IEEE 754 floating point standard stores single precision floating point numbers as a sign bit, an 8-bit exponent, and 23-bit mantissa. While I don’t have the time to explain floating point completely, suffice to say a simple value like $5.10 can’t be accurately represented with a binary floating point number. There’s a heap of information about floating point arithmetic in a classic paper What Every Computer Scientist Should Know About Floating-Point Arithmetic.

It seems someone brought to the attention of the Midnight Apps team this problem in a forum thread and they now say this is fixed: I’m betting (and I haven’t seen a fixed version to be sure) that all they’ve done is apply a data formatter to that text field. This just masks the problem, the transaction will still it appears be processed as a floating point value, and that’s not something one does with monetary values.

At this stage this was all I was going to write about Cha-Ching: it seemed to be an interesting application. It was probably not that exciting, but not that terrible, and written by some developers who haven’t done enough study to understand floating point numbers. Easy enough mistake to make. That was until I discovered…

The preference option for “encryption” of the database that does nothing of the sort. What it actually does is set a preference “ShouldEncryptDatabase” in NSUserDefaults and stores the password in the keychain (!!!). The data file is left in clear text in a happy happy XML document. You can edit the password Cha-Ching will require by simply modifying the keychain entry, or remove the need entirely by changing the “ShouldEncryptDatabase” flag to no.

Ironcoder 4

October 31st, 2006

Ironcoder was on again last weekend with the API Core Image and theme Space. I finally got enough time to actually write an entry this time which was the first runner up (woot!).

There were a lot of cool entries, enough to keep me entertained for a few hours at least. You can download all the entries from the Ironcoder site.

Big thanks to Mark Dalrymple for the awesome organising, I’m sure Jonathan Wight will do just as awesome a job as chairman next time.

You May be Out of Touch If…

September 25th, 2006

…you think a floppy disk shoulder bag is “stylish”.

System Administrator Appreciation Day

July 29th, 2006

Today was System Administrator Appreciation Day.

Did you give your sysadmin something? Or did your users give you anything?

Didn’t think so. Lazy the lot of you! :-)