lattera

# mount
rootfs on / type rootfs (rw)
tmpfs on /dev type tmpfs (rw,nosuid,relatime,mode=755)
devpts on /dev/pts type devpts (rw,relatime,mode=600)
proc on /proc type proc (rw,relatime)
sysfs on /sys type sysfs (rw,relatime)
/dev/block/mmcblk0p2 on /cache type ext4 (rw,nodev,noatime,nodiratime,user_xattr,acl,barrier=1,data=ordered)
~ # mount /dev/block/mmcblk0p8 /data
mount: mounting /dev/block/mmcblk0p8 on /data failed: Invalid argument

lattera

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

#include <sys/types.h>

#include <dirent.h>
#include <fcntl.h>

lattera

function json_encode($arr, $tab=0) {
        $ret = "{\n";

        foreach ($arr as $key => $value) {
                if (strlen($ret) > 2)
                        $ret .= ",\n";

                for ($i=0; $i<$tab+1; $i++)
                        $ret .= "\t";

lattera

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

#include <sys/types.h>
#include <sys/mman.h>
#include <sys/stat.h>
#include <openssl/ssl.h>
#include <openssl/err.h>

lattera

20:52 < lattera> oOoO, I think I spot a vuln in fbsd's rtld
20:54 < chz> an actual vuln or a convoluted one that's not actually a vuln
20:54 < chz> maybe buffer overflow in rtld when loading libraries
20:55 < chz> an attacker with control of the library can cause program to execute arbitrary code
20:55 < chz> fUck
20:55 < lattera> haha, ya, if exploitable (or even if it's a valid vuln), it'd be low priority
20:56 < lattera> https://github.com/lattera/freebsd/blob/svn_stable_9/libexec/rtld-elf/rtld.c#L964
20:57 < lattera> that variable is an int, and other variables, including pointers, are calculated based on that variable
20:57 < chz> bloom_size32?
20:58 < lattera> ya

lattera

====>> Building editors/libreoffice
build started at Mon Sep 16 09:53:04 EDT 2013
port directory: /usr/ports/editors/libreoffice
building for: FreeBSD 9-stable_amd64-local-job-01 9.2-PRERELEASE FreeBSD 9.2-PRERELEASE amd64
maintained by: office@FreeBSD.org
ident warning: no id keywords in /tank/poudriere/jails/data/build/9-stable_amd64-local/ref/../01//usr/ports/editors/libreoffice/Makefile
Makefile ident: 
Poudriere version: 3.0.5

---Begin Environment---

lattera

#!/usr/bin/env zsh

if [ ${#1} -eq 0 ]; then
    pidfile="/tmp/clamd.pid"
    if [ ! -f ${pidfile} ]; then
        echo "[-] pidfile not found"
        exit 1
    fi  
    pid=$(cat ${pidfile})
else

lattera

### Keybase proof

I hereby claim:

  * I am lattera on github.
  * I am lattera (https://keybase.io/lattera) on keybase.
  * I have a public key whose fingerprint is 2ABA B6BD EF6A F486 BE89  3D9E 6A84 658F 5245 6EEE

To claim this, I am signing this object:

lattera

====>> Building www/chromium
build started at Sun May  4 03:06:50 EDT 2014
port directory: /usr/ports/www/chromium
building for: FreeBSD 11-current_amd64-local-job-04 11.0-CURRENT FreeBSD 11.0-CURRENT amd64
maintained by: chromium@FreeBSD.org
ident warning: no id keywords in /tank/poudriere/jails/data/build/11-current_amd64-local/ref/../04//usr/ports/www/chromium/Makefile
Makefile ident: 
Poudriere version: 3.0.14

---Begin Environment---

lattera

" Modeline and Notes {
"   vim: set foldmarker={,} foldlevel=0 spell:
" }

" Basics {
    set nocompatible " explicitly get out of vi-compatible mode
    set noexrc " don't use local version of .(g)vimrc, .exrc
    set background=dark " we plan to use a dark background
    set cpoptions=aABceFsmq
    "             |||||||||