I think it's pretty careless of GHK not to provide any references to the 'compliance requirements'. It just opens the door for all kinds of speculation and guesswork.
On another note, Huawei has 42 maintainers listed in the upstream MAINTAINERS file, even with all the sanctions from the US. It's a bit puzzling, and I'm not quite sure what to make of it.
Self-admittedly he has over 100 children. OTOH, Telegram's DCs are in: the US, the Netherlands and in Singapore [0] and he was just arrested in the EU.
So I don't follow how you've made a connection between Putin and (Putin's?) "(fake?) victim" Durov.
Telegram is also one of the very few places where ordinary Russians can read alt-news and not only Kremlin-approved propaganda. And Russia's stringent internet censorship is only tightening as years go by.
“I’m afraid electricity also drives command and control systems. If President Milošević really wants all of his population to have water and electricity all he has to do is accept NATO’s five conditions and we will stop this campaign. But as long as he doesn’t do so we will continue to attack those targets which provide the electricity for his armed forces. If that has civilian consequences, it’s for him to deal with … [so] that water, that electricity is turned back on for the people of Serbia.”
-- NATO spokesperson Jamie Shea during NATO aggression against the SRY. (He's also the person who coined the propaganda term "collateral damage" against civilian casualties.)
It can be said that pretty much everything NATO did in 1999. in SRY, Putin is now doing in Ukraine.
> It can be said that pretty much everything NATO did in 1999. in SRY, Putin is now doing in Ukraine.
That doesn't say much, everything I did in 1999 (as an uninteresting secondary school student) is also being done by people under Putin's control in Ukraine.
Well, almost anything. Can believe none are reading up on Wicca.
(Similarly, I didn't care much for the claim that Iraq had chemical weapons that could reach Iran, what with them sharing a border and thus a water rocket filled with chlorine gas would have filled this description).
> (Similarly, I didn't care much for the claim that Iraq had chemical weapons that could reach Iran, what with them sharing a border and thus a water rocket filled with chlorine gas would have filled this description).
The evidence that Iraq had chemical weapons and used them against Iranian forces is extensively documented. The Wikipedia page has a list of good resources. [0]
However, that programme was dismantled as a result of international inspections and pressure after the 1991 Gulf War, and it was not restarted by 2003 as claimed by the US government as part of their justification for the invasion that year. US troops did find a number of chemical weapons elements, but all it seemed dated from the previous programme.
Jia Cheong Tan is anagram for CIA Agent John. If you consider how much went into planning the backdoor operation, it seems virtually certain it's an internal joke.
And why an Asian name? It's certainly exploiting a psychological bias. Apart from what you noted, the names are much more generic than Ugandan names and IMO it's virtually impossible to track a legend down. And the number of OSS contributors from East Asia is much larger than from Africa. Hence a more normalized/frequent occurrence. And lastly if things start going south, some play on the r-card is always up the sleeve of PsyOps personnel.
No, they're not. They are saying that due to the extraordinary circumstances with this case US agencies cannot be excluded from suspicion. At this time no actor seems to be a more likely perpetrator than the next. (Keep in mind that false-flag operations are a very common occurrence in cyber warfare and this cannot be ruled out yet.)
Funnily enough, on Half-Life 1 engine-based games (i.e. the engine that came before HL2 - on which Team Fortress 2 runs; such as Counter-Strike 1.6), a different allocator problem exists -- glibc's malloc() just decides to fail miserably[0] on some setups.
that's exactly the sort of error you get if something has written just out of bounds on a malloc'd chunk - it clobbers the allocator's internal state, which appears to be what that assert() is checking.
It's probably an allocation before the failing one that is being misued - so the backtrace pointing to openal doesn't necessarily mean it's openal's fault.
Running with valgrind or another heap memory checking tool will probably be helpful to track down that particular linked bug.
EDIT:
It looks like that there's at least one out-of-bounds write when starting up half life (On arch linux, so maybe slightly different library versions and not loaded the counterstrike mod).
It looks like a valve bug - writing 2 bytes at index [30] of a malloc'd size of 31 goes one byte over, and it looks from the backtrace it's all valve's code and not deep in some library that might have been loaded in. Writing 2 bytes to a string is a bit odd, perhaps it's trying to null-terminate but somehow uses a wstring null? Or some attempt at SIMD that isn't correctly bound?
It doesn't seem to crash for me though, it might just be luck that nothing important is put 1 byte over, and it feels a bit unlikely something would be due to allocation and type alignment requirements, but it's perfectly valid for the malloc implementation to keep something important in that byte.
Or perhaps there's some other dynamics that change this - it looks like it's doing stuff with paths, so may change size (of the allocation or even the amount written) based on where the steam app is installed - stuff like your user name length changing that may be the difference between a crash. Or even another issue somewhere else I didn't see, or valgrind didn't catch.
Just goes to show how many games ship for years with "big" bugs :P
For reference:
==27467== Invalid write of size 2
==27467== at 0x406526A: GetSteamContentPath()
(pathmatch.cpp:523)
==27467== by 0x4065927: pathmatch(char const*, char\*,
bool, char*, unsigned int) [clone .part.1] (pathmatch.cpp:594)
==27467== by 0x4066849: pathmatch (pathmatch.cpp:541)
==27467== by 0x4066849: CWrap (pathmatch.cpp:685)
==27467== by 0x4066849: __wrap___xstat (pathmatch.cpp:907)
==27467== by 0x406294A: stat (stat.h:455)
==27467== by 0x406294A: CFileSystem_Stdio::FS_stat(char const*, stat*) (FileSystem_Stdio.cpp:225)
==27467== by 0x4060819: CBaseFileSystem::AddPackFiles(char const*) (BaseFileSystem.cpp:1325)
==27467== by 0x4060AA4: CBaseFileSystem::AddSearchPathInternal(char const*, char const*, bool) (BaseFileSystem.cpp:254)
==27467== by 0x4060B37: CBaseFileSystem::AddSearchPath(char const*, char const*) (BaseFileSystem.cpp:186)
==27467== by 0x8049003: main (launcher.cpp:413)
==27467== Address 0x45e5f4e is 30 bytes inside a block of size 31 alloc'd
==27467== at 0x4041714: malloc (vg_replace_malloc.c:393)
==27467== by 0x4357C4A: strdup (strdup.c:42)
==27467== by 0x42F1A76: realpath_stk (canonicalize.c:410)
==27467== by 0x42F1A76: realpath@@GLIBC_2.3 (canonicalize.c:432)
==27467== by 0x406525B: GetSteamContentPath() (pathmatch.cpp:520)
==27467== by 0x4065927: pathmatch(char const*, char\*, bool, char*, unsigned int) [clone .part.1] (pathmatch.cpp:594)
==27467== by 0x4066849: pathmatch (pathmatch.cpp:541)
==27467== by 0x4066849: CWrap (pathmatch.cpp:685)
==27467== by 0x4066849: __wrap___xstat (pathmatch.cpp:907)
==27467== by 0x406294A: stat (stat.h:455)
==27467== by 0x406294A: CFileSystem_Stdio::FS_stat(char const*, stat*) (FileSystem_Stdio.cpp:225)
==27467== by 0x4060819: CBaseFileSystem::AddPackFiles(char const*) (BaseFileSystem.cpp:1325)
==27467== by 0x4060AA4: CBaseFileSystem::AddSearchPathInternal(char const*, char const*, bool) (BaseFileSystem.cpp:254)
==27467== by 0x4060B37: CBaseFileSystem::AddSearchPath(char const*, char const*) (BaseFileSystem.cpp:186)
==27467== by 0x8049003: main (launcher.cpp:413)
Thanks a lot for the guidance/tip, I've learned something new. And you're absolutely right about the cause of the mentioned crash -- I've updated the Github issue with a bit of new info I've gathered.
Yeah, looks like the Q_strcat(pszContentPath, "/"); is invalid, as glibc has only allocated exactly enough to fit the path in the buffer returned by realpath().
The compiler seems to completely inline the strcat and write the '/' and null as a single 2-byte word write, the null then being out of bounds of the malloc'd chunk and likely causing the error as it overwrites something important.
Interestingly, the open group spec says that a null argument to realpath is "Implementation defined" [0]
And the linux (glibc) man pages say it allocates a buffer "Up to PATH_MAX" [1]
I guess "strlen(path)" is "Up to PATH_MAX", but the man page seems unclear - you could read that as implying the buffer is always allocated to PATH_MAX size, but that's not what seems to be happening, just effectively calling strdup() [2]. I have no idea how to feed back to the linux man pages, but might be worth clarifying there.
On another note, Huawei has 42 maintainers listed in the upstream MAINTAINERS file, even with all the sanctions from the US. It's a bit puzzling, and I'm not quite sure what to make of it.