Page Hits

Saturday, March 19, 2016

Apple's goto Fail Bug 

static OSStatus
SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams,uint8_t *signature, UInt16 signatureLen)
{
    OSStatus        err;
    ...
 
    if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0)
        goto fail;
    if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
        goto fail;
        goto fail; //code executes irrespective of whether if condition is    
        satisfied - always executes.
    if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0)
        goto fail;
    ...
 
fail:
    SSLFreeBuffer(&signedHashes);
    SSLFreeBuffer(&hashCtx);
    return err;
}
at No comments:

Saturday, February 06, 2016

Car as a service #IAAS #PAAS #SAAS


Courtesy: https://twitter.com/wswmuc/status/681217518778871810


at No comments:

Friday, November 13, 2015

What is NOT a Unit Test?

A test is not a unit test if:

  1. It talks to the database
  2. It communicates across the network
  3. It touches the file system
  4. It can't run at the same time as any of your other unit tests
  5. You have to do special things to your environment (such as editing config files) to run it.

Tests that do these things aren't bad. Often they are worth writing, and they can be written in a unit test harness. However, it is important to be able to separate them from true unit tests so that we can keep a set of tests that we can run fast whenever we make our changes.

-- Michael Feathers...
at No comments:

Tuesday, June 30, 2015

Full Virtualization, Para Virtualization and Hybrid Virtualization...

Source: Stackoverflow.com -- http://stackoverflow.com/questions/21462581/what-is-the-difference-between-full-para-and-hardware-assisted-virtualiazation

  • Paravirtualization is virtualization in which the guest operating system (the one being virtualized) is aware that it is a guest and accordingly has drivers that, instead of issuing hardware commands, simply issues commands directly to the host operating system. This will include things such as memory management as well.
  • Full Virtualization is virtualization in which the guest operating system is unaware that it is in a virtualized environment, and therefore hardware is virtualized by the host operating system so that the guest can issue commands to what it thinks is actual hardware, but really are just simulated hardware devices created by the host.
  • Hardware Assisted Virtualization is a type of Full Virtualization where the microprocessor architecture has special instructions to aid the virtualization of hardware. These instructions might allow a virtual context to be setup so that the guest can execute privileged instructions directly on the processer, even though it is virtualized. If said instructions do not exist, Full Virtualization is still possible, however it must be done via software techniques such as Dynamic Recompilationwhere the host recompiles on the fly privileged instructions in the guest to be able to run in a non-privileged way on the host.
  • There is also a combination of Para Virtualization and Full Virtualization called Hybrid Virtualization where parts of the guest operating system use paravirtualization for certain hardware drivers, and the host uses full virtualization for other features. This often produces superior performance on the guest without the need for the guest to be completely paravirtualized. An example of this: The guest uses full virtualization for privileged instructions in the kernel but paravirtualization for IO requests using a special driver in the guest. This way the guest operating system does not need to be fully paravirtualized (which is sometimes not availible) but can still enjoy some paravirtualized features.
at No comments:

In Memory Database

Source: Wikipedia -- https://en.wikipedia.org/wiki/In-memory_database

An in-memory database (IMDB; also main memory database system or MMDB or memory resident database) is a database management system that primarily relies on main memory for computer data storage. It is contrasted with database management systems that employ a disk storage mechanism. Main memory databases are faster than disk-optimized databases since the internal optimization algorithms are simpler and execute fewer CPU instructions. Accessing data in memory eliminates seek time when querying the data, which provides faster and more predictable performance than disk.[1][2]
Applications where response time is critical, such as those running telecommunications network equipment and mobile advertising networks, often use main-memory databases.[3][4] IMDBs have gained a lot of traction,[3] especially in the data analytics space, starting in the mid-2000s - mainly due to cheaper RAM.[5][6]
With the introduction of non-volatile random access memory technology,[when?] in-memory databases will be able to run at full speed and maintain data in the event of power failure.[3][7][8][9]
at No comments:
Subscribe to: Comments (Atom)

If we already have automation, what's the need for Agents?

“Automation” and “agent” sound similar — but they solve very different classes of problems. Automation = Fixed Instruction → Fixed Outcome ...