ferlatte. 12 days ago.

The Second Life updater just downloaded the updater.exe from the website and ran it with no validation. One day, that returned a 404.

Cool thing about Win32: if you try to run an EXE, Windows checks to see if it's a valid format (PE). If it's not, it assumes that it's a COM: 16 bit x86 instructions, no header, no validation.

The 404 page, when interpreted as x86 bytecode, effectively opened the LPT DOS device and wrote garbage into it.

Windows would map that into your actual printer driver in some cases if you had a printer connected directly to your computer. Cheap inkjet printers don't do any validation, so they would freak out, spew paper, and in one case, physically break.

@thomasfuchs ...Can I get a link to the original? I need the rest of this story! XD

@thomasfuchs it's almost as if this whole "no validation" thing was a bad idea

@rysiek @thomasfuchs

Hah. Next, you’ll be saying that that they should never have obscured the difference between running an executable and opening a document.


Failed to find post containing image. This may be a federation issue, or you may have tagged OCRbot in a conversation without an image. Please note that OCRbot can only see images in the post you are directly replying to, and can't see images that are provided as URLs rather than attachments.
Contact the admin ( for assistance.
For further information, check

Wow, that's quite the series of unfortunate events too:

> The File commands use the output path that has been set. The documentation for the Delete function says the file *should* be specified with a full path but in fact it *must* be specified with a full path, like so:

Delete "$INSTDIR\boot.ini" Delete "$INSTDIR\manifest.dat"

> Otherwise, it is assumed that the file should be deleted from the root.
[ . . . ]
> We also discovered that we didn't have enough variation in our hardware and operating system setups since Windows will recover if it's on the first partition of the boot drive.

@thomasfuchs I'd put that one in one class with "CUPS not printing Cairo-generated PDFs on tuesdays" and that old 500-mile bug. :D

@doenietzomoeilijk @thomasfuchs Here's one account:

I can't find the source again that attributed it to the Cairo lib writing the date in an unusual, but valid position into the postscript that is to be sent to the print queue (sorry, got the PDF part wrong). Which triggered the file utility to report a wrong filetype, because it found the magic bytes "Tue" on a certain position in the file, which in turn triggered CUPS to reject the file from the print queue.

@thomasfuchs This kind of thing or why I tend to care about the entire fucking stack.

@thomasfuchs Can you please hit the "detect text from image" thingy when uploading screenshots of text? (assuming that you are using the default web client or something else that supports that feature)

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!