patching out the timebomb in pepper flash

patch_flash.md

de-timebombing pepper flash

well, only a matter of time before Chrome turns off pepper plugins at all, but let's have fun while we can

flash player keeps a floating point timestamp of the time when flash should stop working, it can be patched to Infinity (thanks, floats!) and flash should keep working forever

on my version (straight from arch repos, md5sum b6da1630859c4f9c47c8ac26ec9c57a3) the timebomb timestamp is at offset 00EB7760, you need to change 00 00 40 46 3E 6F 77 42 to 00 00 00 00 00 00 F8 7F. here's a script to automate that, it also makes a backup

in case the timestamp isnt there, or you have a different md5 hash, you can just search for the timestamp with any hex editor

thanks to http://cache.tehsausage.com/flash/defuse.txt and to /f/ who posted that link

patch_flash.sh

#!/bin/bash
cp libpepflashplayer.so libpepflashplayer.so.bak
cat <<__EOF__ >/tmp/flash.patch
00eb7760: 0000 0000 0000 f87f  ........
__EOF__
xxd -r -c 8 /tmp/flash.patch libpepflashplayer.so

You should also update latest-component-updated-flash with the new SHA256 hash because otherwise Chrome wouldn't load it. Calculate the hash with openssl dgst -binary -sha256 32.0.0.465/libpepflashplayer.so | base64, you should get m+taVTLcq7w+CDJbCw3QhCyZvKfmZsZ0Z8MC6zGcBEU=. Replace the value for "Hash" key in the aforementioned file and restart Chrome.

my Chromium instalation worked just fine without doing that, maybe it only applies with mainline Chrome. thanks for mentioning this here though!

Yeah, could be additional proprietary precautions. This patch saved my mom's games that otherwise could've only been played in a standalone Windows-only app which is based on Chromium and freezes all the time under Wine. So this is the only way I could fix it, thanks a lot for posting!