dorking around

account.cc

@@ -0,0 +1,12 @@
+#include <iostream>
+#include <cmath>
+#include <cstdlib>
+
+using namespace std;
+
+#include "account.h"
+
+int main(int argc, char* argv[]) {
+	Account	account(0.0);
+	return EXIT_SUCCESS;
+}

account.h

@@ -0,0 +1,37 @@
+
+/*
+ * =====================================================================================
+ *        Class:  Account
+ *  Description:  
+ * =====================================================================================
+ */
+class Account
+{
+	public:
+
+		/* ====================  LIFECYCLE     ======================================= */
+		//Account ();                             /* constructor      */
+		//Account ( const Account &other );       /* copy constructor */
+		Account ( double initial_balance ) : balance(initial_balance) {
+		}
+		~Account () { /* destructor       */
+		}
+
+		/* ====================  ACCESSORS     ======================================= */
+
+		/* ====================  MUTATORS      ======================================= */
+
+		/* ====================  OPERATORS     ======================================= */
+
+		Account& operator = ( const Account &other ); /* assignment operator */
+
+	protected:
+		/* ====================  DATA MEMBERS  ======================================= */
+
+	private:
+		/* ====================  DATA MEMBERS  ======================================= */
+
+		double balance;
+
+}; /* -----  end of class Account  ----- */
+

audisp-example.c

@@ -0,0 +1,252 @@
+/* audisp-example.c --
+ * Copyright 2012 Red Hat Inc.
+ * All Rights Reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *
+ * Authors:
+ *   Steve Grubb <sgrubb@redhat.com>
+ *
+ * This is a sample program to demonstrate several concepts of how to
+ * write an audispd plugin using libauparse. It can be tested by using a
+ * file of raw audit records. You can generate the test file like:
+ *
+ * ausearch --start today --raw > test.log.
+ *
+ * Then you can test this app by: cat test.log | ./audisp-example
+ *
+ * It will print things to stdout. In a real program, you wouldn't
+ * do anything with stdout since that is likely to be pointing to /dev/null.
+ *
+ * Excluding some init/destroy items you might need to add to main, the
+ * event_handler function is the main place that you would modify to do
+ * things specific to your plugin.
+ *
+ * Also, note that for a "real" plugin, you may have to add an internal queue
+ * to your application. If plugins do any kind of networking or in depth
+ * processing of incoming events, auditd's internal queue can overflow because
+ * the socket connecting to the plugin's stdin get backed up. When audit has
+ * nowhere to put events, the kernel's audit backlog can get filled up.
+ * If that happens, the backlog_wait_time is consulted by the kernel which
+ * may have the effect of slowing down the whole system. A good design would be
+ * to have 2 threads, one watching for inbound events and one doing the
+ * processing of the events with a configurable queue in between.
+ */
+
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <signal.h>
+#include <sys/select.h>
+#include <errno.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <libaudit.h>
+#include <auparse.h>
+
+/* Global Data */
+static volatile int stop = 0;
+static volatile int hup = 0;
+static auparse_state_t *au = NULL;
+
+/* Local declarations */
+static void handle_event(auparse_state_t *au,
+		auparse_cb_event_t cb_event_type, void *user_data);
+
+/*
+ * SIGTERM handler
+ */
+static void term_handler(int sig)
+{
+        stop = 1;
+}
+
+/*
+ * SIGHUP handler: re-read config
+ */
+static void hup_handler(int sig)
+{
+        hup = 1;
+}
+
+static void reload_config(void)
+{
+	hup = 0;
+
+	/*
+	 * Add your code here that re-reads the config file and changes
+	 * how your plugin works.
+	 */
+}
+
+int main(int argc, char *argv[])
+{
+	char tmp[MAX_AUDIT_MESSAGE_LENGTH];
+	struct sigaction sa;
+
+	/* Register sighandlers */
+	sa.sa_flags = 0;
+	sigemptyset(&sa.sa_mask);
+	/* Set handler for the ones we care about */
+	sa.sa_handler = term_handler;
+	sigaction(SIGTERM, &sa, NULL);
+	sa.sa_handler = hup_handler;
+	sigaction(SIGHUP, &sa, NULL);
+	/* Set STDIN non-blocking */
+	fcntl(0, F_SETFL, O_NONBLOCK);
+
+	/* Initialize the auparse library */
+	au = auparse_init(AUSOURCE_FEED, 0);
+	if (au == NULL) {
+		printf("audisp-example is exiting due to auparse init errors");
+		return -1;
+	}
+	auparse_set_eoe_timeout(2);
+	auparse_add_callback(au, handle_event, NULL, NULL);
+	do {
+		fd_set read_mask;
+		int retval;
+		int read_size = 1; /* Set to 1 so it's not EOF */
+
+		/* Load configuration */
+		if (hup) {
+			reload_config();
+		}
+		do {
+			FD_ZERO(&read_mask);
+			FD_SET(0, &read_mask);
+
+			if (auparse_feed_has_data(au)) {
+				struct timeval tv;
+				tv.tv_sec = 1;
+				tv.tv_usec = 0;
+				retval= select(1, &read_mask, NULL, NULL, &tv);
+			} else
+				retval= select(1, &read_mask, NULL, NULL, NULL);
+
+			/* If we timed out & have events, shake them loose */
+			if (retval == 0 && auparse_feed_has_data(au))
+				auparse_feed_age_events(au);
+
+		} while (retval == -1 && errno == EINTR && !hup && !stop);
+
+		/* Now the event loop */
+		if (!stop && !hup && retval > 0) {
+			while ((read_size = read(0, tmp,
+					     MAX_AUDIT_MESSAGE_LENGTH)) > 0) {
+				auparse_feed(au, tmp, read_size);
+			}
+		}
+		if (read_size == 0) /* EOF */
+			break;
+	} while (stop == 0);
+
+	/* Flush any accumulated events from queue */
+	auparse_flush_feed(au);
+	auparse_destroy(au);
+	if (stop)
+		printf("audisp-example is exiting on stop request\n");
+	else
+		printf("audisp-example is exiting on stdin EOF\n");
+
+	return 0;
+}
+
+/* This function shows how to dump a whole event by iterating over records */
+static void dump_whole_event(auparse_state_t *au)
+{
+	auparse_first_record(au);
+	do {
+		printf("%s\n", auparse_get_record_text(au));
+	} while (auparse_next_record(au) > 0);
+	printf("\n");
+}
+
+/* This function shows how to dump a whole record's text */
+static void dump_whole_record(auparse_state_t *au)
+{
+	printf("%s: %s\n", audit_msg_type_to_name(auparse_get_type(au)),
+		auparse_get_record_text(au));
+	printf("\n");
+}
+
+/* This function shows how to iterate through the fields of a record
+ * and print its name and raw value and interpreted value. */
+static void dump_fields_of_record(auparse_state_t *au)
+{
+	printf("record type %d(%s) has %d fields\n", auparse_get_type(au),
+		audit_msg_type_to_name(auparse_get_type(au)),
+		auparse_get_num_fields(au));
+
+	printf("line=%d file=%s\n", auparse_get_line_number(au),
+		auparse_get_filename(au) ? auparse_get_filename(au) : "stdin");
+
+	const au_event_t *e = auparse_get_timestamp(au);
+	if (e == NULL) {
+		printf("Error getting timestamp - aborting\n");
+		return;
+	}
+	/* Note that e->sec can be treated as time_t data if you want
+	 * something a little more readable */
+	printf("event time: %u.%u:%lu, host=%s\n", (unsigned)e->sec,
+		e->milli, e->serial, e->host ? e->host : "?");
+		auparse_first_field(au);
+
+	do {
+		printf("field: %s=%s (%s)\n",
+		auparse_get_field_name(au),
+		auparse_get_field_str(au),
+		auparse_interpret_field(au));
+	} while (auparse_next_field(au) > 0);
+	printf("\n");
+}
+
+/* This function receives a single complete event at a time from the auparse
+ * library. This is where the main analysis code would be added. */
+static void handle_event(auparse_state_t *au,
+		auparse_cb_event_t cb_event_type, void *user_data)
+{
+	int type, num=0;
+
+	if (cb_event_type != AUPARSE_CB_EVENT_READY)
+		return;
+
+	/* Loop through the records in the event looking for one to process.
+	   We use physical record number because we may search around and
+	   move the cursor accidentally skipping a record. */
+	while (auparse_goto_record_num(au, num) > 0) {
+		type = auparse_get_type(au);
+		/* Now we can branch based on what record type we find.
+		   This is just a few suggestions, but it could be anything. */
+		switch (type) {
+			case AUDIT_AVC:
+				dump_fields_of_record(au);
+				break;
+			case AUDIT_SYSCALL:
+				dump_whole_record(au); 
+				break;
+			case AUDIT_USER_LOGIN:
+				break;
+			case AUDIT_ANOM_ABEND:
+				break;
+			case AUDIT_MAC_STATUS:
+				dump_whole_event(au); 
+				break;
+			default:
+				break;
+		}
+		num++;
+	}
+}
+

main.c

@@ -5,21 +5,32 @@
 enum
 DNA_PROTEINS
 {
-  DNA_PROTIEN_A = 0x01,
+  DNA_PROTIEN_A = 1,
-  DNA_PROTIEN_T = 0x02,
+  DNA_PROTIEN_T = 2,
-  DNA_PROTIEN_G = 0x04,
+  DNA_PROTIEN_G = 4,
-  DNA_PROTIEN_C = 0x08,
+  DNA_PROTIEN_C = 8,
 };
 
+void
+loop() 
+{
+  for (int i = 0 ; i < 8; i++) {
+    printf("i: %d\n", i);
+  }
+}
+
 int
 main()
 {
-  signed char c;
+  loop();
-  short int i;
+}
+
+void
+nope() 
+{
+  signed char c; // 1 byte (8 bits)
 
   printf("sizeof(c) %d\n", sizeof(c));
-  printf("sizeof(i) %d\n", sizeof(i));
-
 
   printf("c: %b || %d\n", c, c);
   printf("A: %b\n", DNA_PROTIEN_A);
@@ -29,6 +40,23 @@ main()
 
   c |= DNA_PROTIEN_A;
   printf("c: %b || %d\n", c, c);
+  c |= DNA_PROTIEN_T;
+  printf("c: %b || %d\n", c, c);
   c |= DNA_PROTIEN_G;
   printf("c: %b || %d\n", c, c);
+  c |= DNA_PROTIEN_C;
+  printf("c: %b || %d\n", c, c);
+  c |= 16 ; // upper 4 bits
+  printf("c: %b || %d\n", c, c);
+  c |= 32; // upper 4 bits
+  printf("c: %b || %d\n", c, c);
+  c |= 64; // upper 4 bits
+  printf("c: %b || %d\n", c, c);
+  c |= 128; // too far
+  printf("c: %b || %d\n", c, c);
+  c |= 256; // too far
+  printf("c: %b || %d\n", c, c);
+  c |= 512; // too far
+  printf("c: %b || %d\n", c, c);
 }
+

read++.cc

@@ -0,0 +1,23 @@
+#include <iostream>
+#include <vector>
+#include <unordered_set>
+
+using namespace std;
+
+vector<string> collect_lines(istream& is)
+{
+	unordered_set<string> s;
+	for (string line; getline(is, line); )
+		s.insert(line);
+	return vector<string>(s.begin(), s.end());
+}
+
+int main() {
+	auto lines = collect_lines(cin);
+	for (const string& line : lines)
+		cout << line << endl;
+	try {
+
+	}
+	return 0;
+}

read.c

@@ -0,0 +1,63 @@
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <stdlib.h>
+
+int
+main(void)
+{
+  FILE * fp;
+  char * line = NULL;
+  size_t len = 0;
+  ssize_t read;
+
+  size_t num_lines;
+  size_t max_len;
+
+  fp = fopen("./genome_VINCENT_BATTS_v5_Full_20240403215609.txt", "r");
+  if (fp == NULL) {
+    exit(EXIT_FAILURE);
+  }
+
+  while ((read = getline(&line, &len, fp)) != -1) {
+    printf("Read line length: %zu:\n", read);
+    if (read > 0) {
+      if (line[0] == '#') {
+        printf("skipping a comment line ...\n");
+        continue;
+      }
+      if (read > max_len) {
+        max_len = read;
+      }
+      num_lines++;
+    }
+    //printf("%s", line);
+  }
+
+  printf("num_lines: %zu\n", num_lines);
+  printf("max_len: %zu\n", max_len);
+
+  char **arr[num_lines];
+  num_lines = 0;
+  while ((read = getline(&line, &len, fp)) != -1) {
+    printf("Read line length: %zu:\n", read);
+    if (read > 0) {
+      if (line[0] == '#') {
+        continue;
+      }
+      arr[num_lines] = &line;
+      num_lines++;
+    }
+  }
+
+  int num;
+  printf("enter a number: ");
+  scanf("%d", &num);
+
+  fclose(fp);
+  if (line) {
+    free(line);
+  }
+
+  exit(EXIT_SUCCESS);
+}
+