This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| # INFO ABOUT PHP SESSION ID COOKIE | |
| define('SERVER_SESS_ID', session_id()); | |
| define('SERVER_SESS_CHAR', '26'); | |
| # PHP SESSION ID FORMAT VERIFICATION | |
| if(isset($_COOKIE[SERVER_SESS_ID])) { | |
| if (!preg_match('/^[a-z0-9]{'.SERVER_SESS_CHAR.'}$/', $_COOKIE[SERVER_SESS_ID])) { | |
| setrawcookie(SERVER_SESS_ID, '', 1, '/', null, null, true); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $str = 'ffffff'; | |
| $chartype = ctype_alnum($str); | |
| $charcount = strlen($str); | |
| if ($charcount === 3 && $chartype) { | |
| $splitby = 1; | |
| } else if ($charcount === 6 && $chartype) { |
uintdev
/ vlc_tts_buffer_oob_read_demo.cpp
Created
October 17, 2022 17:11
VLC 3.x vlc_tick_to_str() buffer out-of-bounds read
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| // VLC 3.x vlc_tick_to_str() (previously secstotimestr()) out-of-bounds read bug demo | |
| // ./src/misc/mtime.c | |
| // | |
| // This is to illustrate an existing bug in VLC 3 builds. | |
| // VLC 4 is not affected. Despite having similar code, it might have protections in place elsewhere. | |
| // | |
| // The large number of seconds from the selected media would be passed onto the unary minus operator. | |
| // For context, int32_t is 32-bit signed integer. The given number exceeds the maximum. | |
| // The unary minus operator has undefined behaviour when passing overflowing numbers, |
uintdev
/ EmailExtractor.cpp
Last active
April 22, 2023 16:14
Email extractor but in C++ (test port)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Last modified: 2nd April 2019 | |
| * This was a test port from Python to see if C++ would trivally | |
| * improve performance. In this case, the implementation resulted | |
| * in far worse file extraction times in comparison to | |
| * the Python counterpart. | |
| * Of course, the Rust port, of which came out long after, had easily bet both. | |
| * | |
| * Presented is the snapshot of the last modification, | |
| * with comments and what was commented out. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Hex to RGB converter | |
| gcc -o hex2rgb hex2rgb.c | |
| ./hex2rgb [hex] | |
| */ | |
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <string.h> |