3y3 wr1t3 31337 c0d3!

It's amazing how terminally clueless 31337 L1nux c0d3rz can be. Those of you who folllow Bugtraq, for example, have probably seen this bit of 31337 c0d3:

#ifdef STRANGE_BSD_BYTE_ORDERING_THING
/* OpenBSD < 2.1, all FreeBSD and netBSD, BSDi < 3.0 */
#define FIX(n) (n)
#else /* OpenBSD 2.1, all Linux */
#define FIX(n) htons(n)
#endif /* STRANGE_BSD_BYTE_ORDERING_THING */

Apparently these kiddies slept that day when Big and Little Endian were explained in their high school architecture classes, and also that day in their college networks class (oh wait; they're not old enough to be in college) when htons was discussed in relation to network byte ordering.

For you L1nux cl00b13z, you should always call htons(3) on integers you plan to stick in a network header. Htons has a platform-dependant implementation that guarantees a result in network byte order. The cl00b13 who wrote the above code not only wrote broken code, but also wrote code that, in effect, does absolutely nothing more than a simple call to htons(3).

Harold Gutch said it best in a comment he inserted into the "nestea" exploit, as he corrected some stupid L1nux k1dd13 c0d3:

/* bsd usage works now, the original nestea.c was broken, because some braindead
* linsux-c0d3r was too stupid to use sendto() correctly
*/


Vi Powered Lynx Now! Powered by FreeBSD
Wed Jan 14 04:08:53 PST 2004   linux/clueless.src
Updated: Sun Jul 28 2002 22:00.44   Viewed: never

Copyright © 1998-1999 by Nick Johnson. All rights reserved.