473,836 Members | 2,187 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

A C tutorial

There is a C tutorial at
http://www.cs.virginia.edu/~lcc-win32
It is written to go with the compiler, available
at the same URL.

I have added quite a bit of material, and I would be
glad if people in this group give it a try and tell me if
I am saying nonsense somewhere.

Beware that I am not very orthodox, hence my tutorial
(and the associated compiler) is not just a tutorial about
ANSI C, but covers things like operator overloading and
other heresies :-)

And since it is running in a specific OS, windows
programming makes for quite a lot of pages. If you
use another OS however, the first part is (almost)
straight C.

jacob

Nov 14 '05
156 7718
In article <40******@news2 .power.net.uk>,
Richard Heathfield <in*****@addres s.co.uk.invalid > wrote:
Dan Pop wrote:
In <40******@news2 .power.net.uk> Richard Heathfield
<in*****@addres s.co.uk.invalid > writes:
Dan Pop wrote:

In <c0**********@s parta.btinterne t.com> Richard Heathfield
<do******@addre ss.co.uk.invali d> writes:

>I don't have a problem trusting gcc.

On the contrary, gcc is the ideal target for pulling such a trick,

^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^ ^^^
precisely because its code is widely available and most people use gcc
to build gcc.

Are you claiming that gcc contains a back door? If so, do you have any
evidence to support that claim?


I am claiming exactly what I have written above.


Presumably, then, you are not claiming that gcc contains a back door. Fine.
So - I /had/ no reason not to trust gcc, and I /still have/ no reason not
to trust gcc. Nothing has changed, then. Good.


I'm not quite sure, but I think it might have been Kernighan who
described how to add an invisible backdoor to a compiler.

(Start with a compiler X. Based on X, write a modified compiler Y that
will recognise (a) your favorite password checking function and (b) the
code generation of compiler X, and replace them with modified code that
does exactly the same thing. Compile the compiler Y with X and you get a
compiler that adds backdoors to compilers and password checking
functions. Compile X with the result and the object code will still
install backdoors. Distribute X and the compiled compiler with backdoors
widely. )
Nov 14 '05 #91
Christian Bau wrote:
In article <40******@news2 .power.net.uk>,
Richard Heathfield <in*****@addres s.co.uk.invalid > wrote:
Fine. So - I /had/ no reason not to trust gcc, and I /still have/ no
reason not to trust gcc. Nothing has changed, then. Good.


I'm not quite sure, but I think it might have been Kernighan who
described how to add an invisible backdoor to a compiler.


No, it was definitely ken (Ken Thompson). Google for "Reflection s on
Trusting Trust".

--
Richard Heathfield : bi****@eton.pow ernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton
Nov 14 '05 #92
On Wed, 11 Feb 2004 15:35:18 +0000, in comp.lang.c , Richard Heathfield
<in*****@addres s.co.uk.invalid > wrote:
Dan Pop wrote:
In <40******@news2 .power.net.uk> Richard Heathfield
<in*****@addres s.co.uk.invalid > writes:
I am claiming exactly what I have written above.


Presumably, then, you are not claiming that gcc contains a back door. Fine.
So - I /had/ no reason not to trust gcc, and I /still have/ no reason not
to trust gcc. Nothing has changed, then. Good.


Hmm. I'm puzzled here.

You seem to be saying that because someone else tested software X and
reported no issues, you're prepared to trust it. But software Y, which
coincidentally happens to be commercially produced, you don't trust, for
precisely the same reason.

And even though software X is potentially modifiable by all and sundry and
thus vulnerable to malicious additions, whereas software Y is not so
vulnerable, you don't feel any need to check software X yourself, but won't
use software Y.

I think you need to explain more clearly. Your logic seems more like
disestablishmen tarianism to me.

On second thoughts, don't bother. I'm pretty convinced that your *real*
reason is quite different, and something more akin to a mania than logic.
No offense I hope. I'm similarly maniacal about good guitarists.
--
Mark McIntyre
CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
CLC readme: <http://www.angelfire.c om/ms3/bchambless0/welcome_to_clc. html>
----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---
Nov 14 '05 #93
Mark McIntyre <ma**********@s pamcop.net> writes:
You seem to be saying that because someone else tested software X and
reported no issues, you're prepared to trust it. But software Y, which
coincidentally happens to be commercially produced, you don't trust, for
precisely the same reason.
I trust software once the source code has been inspected by a reasonable
large number of different independent parties. This is the case for
some (but not all) free software, but it is never the case for proprietary
software, simply because the source code is not available to enough
independent parties.

Whether or not the software is commercial makes no difference to me.
And even though software X is potentially modifiable by all and sundry
and thus vulnerable to malicious additions, whereas software Y is not
so vulnerable,
I believe it is /much/ easier to sneak malicious code into proprietary,
closed-source software than into the source code of free software, where
everybody could immediately see it.

Just because it's legal to distribute modified versions of free software,
but illegal to do the same with proprietary software, doesn't mean it's
also technically more difficult to modify proprietary software.
you don't feel any need to check software X yourself, but won't
use software Y.

I think you need to explain more clearly. Your logic seems more like
disestablishmen tarianism to me.


I find Richard's logic quite convincing. :)

Martin
Nov 14 '05 #94
Mark McIntyre wrote:
On Wed, 11 Feb 2004 15:35:18 +0000, in comp.lang.c , Richard Heathfield
<in*****@addres s.co.uk.invalid > wrote:
Dan Pop wrote:
In <40******@news2 .power.net.uk> Richard Heathfield
<in*****@addres s.co.uk.invalid > writes:
I am claiming exactly what I have written above.
Presumably, then, you are not claiming that gcc contains a back door.
Fine. So - I /had/ no reason not to trust gcc, and I /still have/ no
reason not to trust gcc. Nothing has changed, then. Good.


Hmm. I'm puzzled here.

You seem to be saying that because someone else tested software X and
reported no issues, you're prepared to trust it.


No, sir. I already trusted gcc. Dan raised a possible bugbear, but then
scotched it again. Situation is as before.

But software Y, which
coincidentally happens to be commercially produced, you don't trust, for
precisely the same reason.


No. I trust gcc partly because of the million eyes, but mainly because I
firmly believe that GNU have the interests of the programming community at
heart. I don't have the same faith in Adobe.

<snip>

--
Richard Heathfield : bi****@eton.pow ernet.co.uk
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton
Nov 14 '05 #95
Richard Heathfield <do******@addre ss.co.uk.invali d> wrote:
Mark McIntyre wrote:
But software Y, which
coincidentally happens to be commercially produced, you don't trust, for
precisely the same reason.
No. I trust gcc partly because of the million eyes, but mainly because I
firmly believe that GNU have the interests of the programming community at
heart.


You _have_ read the GCC man pages, haven't you? I refer in particular to
their comments about -pedantic.
I don't have the same faith in Adobe.


Neither do I, but at least if Adobe turn out to be criminals rather than
merely scummy weasels we can sue them.

Richard
Nov 14 '05 #96
In <c0************ *@news.t-online.com> Martin Dickopp <ex************ ****@zero-based.org> writes:
You seem to believe that only things which have previously been claimed
or implied can be disproven. That is not the case.


I merely don't see the point in disproving things no one has claimed or
implied. Unless you enjoy talking alone...

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de
Nov 14 '05 #97
In <c0**********@s parta.btinterne t.com> Richard Heathfield <do******@addre ss.co.uk.invali d> writes:
Dan Pop wrote:
My claim is that gcc is the ideal target for such an attack. If, from my
claim you infer that you have no reason not to blindly trust gcc, then
fine. But then, you'll look like the king of the hypocrites when claiming
that you distrust software you cannot check for malicious code (an
attacked gcc is a piece of software you cannot check for malicious code,
even if the sources are available, as long as you use gcc to rebuild the
program).


King of the hypocrites? No, not really. You see, I don't distrust GNU. But I
/do/ distrust Adobe. I am confident of GNU's good intentions. I am not
confident of Adobe's good intentions.


Non sequitur and a proof that you have understood nothing of this issue.

GNU distributes source code, not binaries. It is the distributor of the
binary that can implement the hack I was talking about, for the simple
reason that it doesn't exist in the distributed source code. Therefore,
GNU's intentions, either good or bad, have nothing to do with this
discussion.

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de
Nov 14 '05 #98
In <c0**********@h ercules.btinter net.com> Richard Heathfield <do******@addre ss.co.uk.invali d> writes:
Mark McIntyre wrote:
On Wed, 11 Feb 2004 06:49:20 +0000 (UTC), in comp.lang.c , Richard
Heathfield <do******@addre ss.co.uk.invali d> wrote:
<shrug> It is claimed that PDF documents are in a portable document
format. That's what PDF /stands for/. And yet PDF is clearly /not/ a
portable format, requiring as it does special readers which are not
available on all platforms.


I understand your point, I just think you're being blinded by
anti-proprietary-ism if you see what I mean.

Text files are no more portable than pdf, since they too require special
readers. You may disagree with this, but remember that even cat and more
are file readers, and without them you could not read a text file on unix.


Yes, I could - using vim, or emacs, or ed, or less, or joe, or pico, or even
grep! Or I could simply write a simple cat:

#include <stdio.h>
int main(void)
{
int ch;
while((ch = getchar()) != EOF)
{
putchar(ch);
}
return 0;
}

You see, text fits in with the C model very well indeed. It's easy to write
text processors in C.


Especially if they're not supposed to work when the text file doesn't
match the author's assumptions. As a trivial example, your program
blisfully ignores character set issues, something that PDF readers usually
get right.

These days, text means more than whatever can be expressed with the
ASCII character set. Or even with any of the ISO-8859 8-bit character
sets.

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de
Nov 14 '05 #99
In <MP************ ************@ne ws.verizon.net> Randy Howard <ra*********@FO OverizonBAR.net > writes:
In article <c0**********@s unnews.cern.ch> , Da*****@cern.ch says...
Please elaborate. Which other pieces of Adobe software have bitten you
with their malicious code?


Perhaps a reminder that recently Adobe has gotten some flack for
introducing some "malware" into Acrobat reader that makes it
absolutely refuse to render certain graphic images, such as
US currency. No warning, no disclosure, it's just there. It
makes it load much, much slower while it scans the file looking
for such on each "fopen()".

Here is an example of such discussions:

http://www.pdfzone.com/news/767-PDFzone_news.html


Your example talks about Adobe Photoshop and the change in question does
not qualify as malicious code.

So, what was your point?

Dan
--
Dan Pop
DESY Zeuthen, RZ group
Email: Da*****@ifh.de
Nov 14 '05 #100

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
2933
by: Rhino | last post by:
Can anyone point me to a good free XSLT Tutorial online? I looked for some a few months ago and didn't find anything very good. I'm hoping some of the experts here can point me to a good XSLT tutorial..... -- Rhino --- rhino1 AT sympatico DOT ca "There are two ways of constructing a software design. One way is to make it
15
4239
by: binnyva | last post by:
Hello Everyone, I have just compleated a JavaScript tutorial and publishing the draft(or the beta version, as I like to call it) for review. This is not open to public yet. The Tutorial is avaliable at... http://www.geocities.com/binnyva/code/javascript/advanced_tutorial/ If any of you could spare the time, please have a look at my tutorial
18
1964
by: Xah Lee | last post by:
i've started to read python tutorial recently. http://python.org/doc/2.3.4/tut/tut.html Here are some quick critique: quick example: If the input string is too long, they don't truncate it, but return it unchanged; this will mess up your column lay-out but that's usually better than the alternative, which would be lying about a value. (If you really want truncation you can always add a slice operation, as in
0
1786
by: Joe Mayo | last post by:
I've recently updated the C# Tutorial at C# Station with a new addition, Lesson 17: Enums. The C# Tutorial may be found at http://www.csharp-station.com/Tutorial.aspx. Other updates include: 1. Downloadable source code. 2. All example programs run on-line as NTD apps. 3. A support forum for discussing the Tutorial.
10
3095
by: Safalra | last post by:
When a poster in a forum I frequent said they were beginning to learn HTML, I thought I should direct them to a good HTML tutorial so that they wouldn't start using <blink> and the like. Remembering that this group has discussed HTML tutorials several times in the past, I searched the Google Groups archives, but all I can find are tutorials unfortunately demonstrating Flavell's Law. Searching the internet, the only accurate tutorials for...
11
2939
by: Magnus Lycka | last post by:
While the official Python Tutorial has served its purpose well, keeping it up to date is hardly anyones top priority, and there are others who passionately create really good Python tutorials on the web. I think 'A Byte of Python' by Swaroop C H is a good beginners tutorial, and 'Dive Into Python' by Mark Pilgrim is a good tutorial for more experienced programmers.
7
2259
by: Turbo | last post by:
I have a written a detailed html tutorial here:- http://sandy007smarty.seo.iitm.ac.in/2006/09/26/html-tutorial/ I know there are a couple of html tutorials out there. But its a tutorial without links!! Everything in one page. Please leave a comment if you like it.
2
2111
by: sara | last post by:
Hi All, I learned C++ long time ago and now I want to review all of its details in a short time like a week. I wonder if there is a good tutorial you know which I can read for this purpose. Thanks a lot.
0
9811
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
9657
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
10822
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
1
10577
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
0
10241
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
0
9359
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
1
7774
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
5642
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
0
5812
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.