Monday 29 September 2014

Test for shellshock bash bug vulnerability in OS X or Linux

Problem:

How do I quickly test if my computer is vulnerable to the shellshock Bash bug?

Solution:

One way to test the shellshock bug is to open a Terminal (in OS X, or any shell prompt in Linux, Cygwin, etc.), and try the following one-lined command:

x='() { :;}; echo VULNERABLE' bash -c :

If vulnerable, VULNERABLE should appear as part of the response. Otherwise if things are alright, you should get a response similar to the following:

bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'

(Note that in some versions of fixed/patched bash shells, the above error won't show up but "VULNERABLE" will also not be printed to the terminal.)

Notes:

If you're unsure of any steps of the above instructions, see if you can find a friend who may be familiar with how to use bash shell and Terminal to try the above for you.

For more detail, check out the references below.

If your system happens to be vulnerable, and you're using Linux and don't know how to update your bash shell, try this post for instructions: http://linux.about.com/od/howtos/fl/How-To-Fix-The-BASH-Shellshock-Bug-On-Your-Linux-System.htm

NOTE: I won't be able to answer any questions about shellshock as I am not enough of an expert on this bug to comfortably respond. Sorry about that! I hope that this post still comes in handy to people out there.

References:

Friday 12 September 2014

Unable to resolve superclass android.support.v4.app.FragmentActivity

Problem:

When trying to implement an Android app using the Facebook SDK (v3.18) I get an error similar to: Unable to resolve superclass of Lcom/facebook/samples/hellofacebook/HelloFacebookSampleActivity;

In the above example, HelloFacebookSampleActivity is a subclass of android.support.v4.app.FragmentActivity.

I have already added the android-support-v4.jar to my project (found in FacebookSDK/libs) and Eclipse ADT does not show any linker errors. However, whenever the app is compiled and run on a device it crashes immediately and gives the above error in the log.

Solution:

Try the following:

  • Right click on your project in Eclipse
  • Select: Build Path -> Configure Build Path
  • Select the "Order and Export" tab
  • Make sure that "android-support-v4.jar" is checked

When you try and run the project now, the app should hopefully be able to find the linked FragmentActivity from the now-included android-support-v4.jar.

References: