Writing generalized hypergeometric function ${_nF}_{n-1}(\cdot)$ as a function of $n$

How can we code the hypergeometric function $ $ f(n,k,z)={_nF}_{n-1}{\huge(}{1-k,\overbrace{2,\dots,2}^{n-1\ \text{times}} \atop \underbrace{1,\dots,1}_{n-1\ \text{times}}};z{\huge)} $ $ as a function that accepts any $ n=1,2,3,\dots$ ? This function reduces to a rational function in $ z$ but that is not what I’m after. I apologize for lack of an attempt here…did not have any idea where to start.

Can the tongues spell decipher writing (directly or indirectly)?

The description for tongues states,

This spell grants the creature touched the ability to speak and understand the language of any intelligent creature

It makes no special mention of understanding written languages–just that you can “understand the language”. If it doesn’t include this ability, though, could, for example, a Dwarf using the spell read aloud a message written by Orcs (since apparently Dwarvish and Orcish use the same writing system, but if that’s not how the actual languages in the settings work then replace the example with languages that do work that way), and then listen to and understand their own Orcish?

Writing to .fini_array

I’m learning about format string exploits, and am attempting to use one on an example program to overwrite the .fini_array section in virtual memory with a stack address containing shellcode (and hence redirect execution to the shellcode once main exits). Unfortunately, trying to write to this address raises a segmentation fault, and I have written the following program to try to understand what’s going on. (Disclaimer, I am running x64 linux with ASLR disabled while I am learning.)

//fini_test.c #include <stdio.h> #define OFFSET 0x555555554000  int main(int argc, char **argv) {     unsigned long int addr;     char **ptr;     static int canary=0xdeadbeef;      if(argc<2) {         printf("Usage: %s <position to write to in object file>\n", argv[0]);         exit(0); }      addr=stroul(argv[1], ptr, 16)+OFFSET;      printf("[*] about to print\n");     printf("writing to %p\n%n", (void *) addr, (int *) addr);     printf("[*] print complete\n");     printf("canary @ %p\t%d\t0x%08x\n\n", &canary, canary, canary);     exit(0); } 

So, the program simply takes a position in the object file as a command line argument, and then writes some bytes to the corresponding position in the virtual memory space of the process. With GDB I found that the right offset between the location in the object file and the location in the virtual memory space was 0x555555554000.

I then compiled and used objdump to find the desired sections in the object file.

$  gcc fini_test.c -o fini_test $  objdump -h ./fini_test Sections: Idx Name          Size      VMA               LMA               File off  Algn ...  19 .fini_array   00000008  0000000000200da8  0000000000200da8  00000da8  2**3                   CONTENTS, ALLOC, LOAD, DATA ...  22 .data         00000014  0000000000201000  0000000000201000  00001000  2**3                   CONTENTS, ALLOC, LOAD, DATA ... 

So, the position of the .data section in ./fini_test is 0x201000 and the position of the .fini_array section is 0x200da8. I also noted that, like the .data section, the .fini_array section does not have a READONLY flag, so I assumed that I should be able to write to it with the appropriate command line argument. However, this is how execution behaved:

$  ./dtors_test 0x2010000 [*] about to print writing to 0x555555755000 [*] print complete canary @ 0x555555755010 -559038737  0xdeadbeef  $  ./dtors_test 0x201010 [*] about to print writing to 0x555555755010 [*] print complete canary @ 0x555555755010 26  0x0000001a  $  ./dtors_test 0x200da8 [*] about to print writing to 0x555555754da8 Segmentation fault (core dumped) 

First, to verify that my code and choice of OFFSET were right, I tried to overwrite the value of canary. As a first approximation I just inputted the position of the .data section, which was unsuccessful because – as inspecting the outputted address of canary shows – the value of canary is stored beneath the two pointers addr and ptr. Hence I inputted the position of the .data section plus 0x10 to account for this, and indeed successfully overwrote the value of canary with the expected value of 26 (precisely the number of bytes in the string "writing to 0x555555755010\n".)

So everything to that point is working as expected. However, I then try to write to the start of the .fini_array section* and a segmentation fault is raised. This surprises me because this section is not marked as READONLY in the object file; can anyone help me understand what’s going on? Thank you in advance


*I know that destructor addresses are not stored at exactly the start of the .fini_array section, and so even if I could write to that address it would not yield the desired results. But for now, before I cross that bridge, I’m just trying to understand why I can’t write to an address that seemingly does not have a READONLY flag enabled. As a broader question, general references to understanding how .fini_array works in ELF files would be greatly appreciated!

Writing a linear program to model balanced bin packing

Say we want to write a (MI)LP to model the following problem:

Find a parking plan for a set of cars $ K=\{1, …, k\}$ with lengths $ \lambda_i$ . Parking is organised in lanes $ P=\{1, …, p\}$ . The length of a lane is the sum of the cars parking there and may not exceed a specified constant $ L$ . The goal is to balance the lengths of the parking lanes as well as possible. More specifically, we want to minimise the difference of the length of a longest and shortest line.

To me, this seems quite akin to some variant of the Bin Packing problem. Usually, however, we want the number used bins to be minimised.

Here, I am quite confused on how I could come up with an objective function that expresses the balance between the lanes/bins. My main problem is that — as far as I understood it — the objective function has to be linear. Thus, I couldn’t use operations like max, min, absolute value etc.

Can someone help me out here with a hint?

Do best practices eliminate the need for a CSRF token when writing an API server?

I realize that OWASP recommends CSRF tokens but I rarely see them used with public standalone HTTP APIs. This would seem to indicate that they’re not always necessary.

To make this a little more concrete, I would envision the following scenario:

  • The API server serves a limited number of frontends with an explicit CORS whitelist.

  • HTTP method semantics are followed religiously (no writes in GET).

  • All routes require authentication.

  • All POST routes require a request body[1].

  • All routes that take a request body require a JSON content-type header.

  • Cookies are httpOnly but not sameSite.

Based on my understanding of SOP setting a JSON content-type header on requests should trigger a preflight request which would fail for untrusted origins. If all POST routes require a JSON content-type header, that should then mean they’ll always fail the preflight, leaving only GET requests.

So this would not mitigate CSRF attacks against GET routes but as these can’t be used for exfiltration (as SOP prevents the response from being read) and the GET routes should not cause any data modification, guarding these requests with CSRF tokens would not appear to make a practical difference.

Given how viciously some people defend CSRF tokens, I can’t shake the feeling I’m overlooking an obvious problem here. I realize redundant protections may be valuable in their own right, but what I’m trying to understand is whether in the scenario described the CSRF token would really be redundant or not.


[1]: I realise this might be a practical limitation of this approach as in some real-world APIs there are legitimate POST routes that don’t take a request body or there may be routes that need to take a content-type like form-data that won’t trigger a preflight.

Can Effect for SEO badly Writing Low Word Count Post

I know that word count isn’t a ranking factor.

Source: Is word count a large ranking factor for Google?

I am going to add a Question and Answer Section for my website.

Some questions like “Do meta keywords have any impact on ranking algorithms?”. The answer for this is very simple answer like “The fact is, neither Google nor Bing use meta keywords at all. And a link to the source.” There are lot of questions like above which can easily be answered within 100 words.

Having a lot of pages like above(50 – 200 words but answer the question perfectly) will bad impact for SEO?

Will do an excellent 1500 words article writing, content writing, blog writing in any topic for $7

Website content, blogs, business articles – you name it, I can deliver it.Will write and provide much high-quality SEO BLOG, WEB CONTENT or ARTICLE WRITING for any niche, for either your BLOG POST or website with free revisions if needed!Some highlights are:100% Original Content!No plagiarism!High Quality and Well ResearchedGhost Written, you’ll receive the ownershipSEO Optimization via LSI, no keyword stuffingNo Spelling/Grammar Mistakes Why me?Who will give you more? I am a fluent English Speaker and Writer. I have over 5 years of writing experience. When you place an order with me, you will get top Quality SEO Articles of 1000 words in length with free revisions if needed.I like writing and it will be a pure pleasure to work for you.

by: SpeedSeo
Created: —
Category: Article Writing
Viewed: 111