Recherche avancée

Sur d’autres sites (7836)

• Join us at MatomoCamp 2024 world tour edition

  13 novembre 2024, par Daniel Crough — Uncategorized

  Join us at MatomoCamp 2024 world tour edition, our online conference dedicated to Matomo Analytics—the leading open-source web analytics platform that prioritises data privacy.

  • 🗓️ Date : 14 November 2024
  • 🌐 Format : 24-hour virtual conference accessible worldwide
  • 💰 Cost : Free and no need to register

  Event highlights

  Opening ceremony

  Begin the day with a welcome from Ronan Chardonneau, co-organiser of MatomoCamp and customer success manager at Matomo.

  View session | iCal link

  Keynote : “Matomo by its creator”

  Attend a special session with Matthieu Aubry, the founder of Matomo Analytics. Learn about the platform’s evolution and future developments.

  View session | iCal link

  Explore MatomoCamp 2024’s diverse tracks and topics

  MatomoCamp 2024 offers a wide range of topics across several tracks, including using Matomo, integration, digital analytics, privacy, plugin development, system administration, business, other free analytics, use cases, and workshops and panel talks.

  Featured sessions

  1. Using AI to fetch raw data with Python

  Speaker : Ralph Conti
  Time : 14 November, 12:00 PM UTC

  Discover how to combine AI and Matomo’s API to create unique reporting solutions. Leverage Python for advanced data analysis and unlock new possibilities in your analytics workflow.

  View session | iCal link

  2. Supercharge Matomo event tracking with custom reports

  Speaker : Thomas Steur
  Time : 14 November, 2:00 PM UTC

  Learn how to enhance event tracking and simplify data analysis using Matomo’s custom reports feature. This session will help you unlock the full potential of your event data.

  View session | iCal link

  3. GDPR with AI and AI Act

  Speaker : Stefanie Bauer
  Time : 14 November, 4:00 PM UTC

  Navigate the complexities of data protection requirements for AI systems under GDPR. Explore the implications of the new AI Act and receive practical tips for compliance.

  View session | iCal link

  4. A new data mesh era !

  Speaker : Jorge Powers
  Time : 14 November, 4:00 PM UTC

  Explore how Matomo supports the data mesh approach, enabling decentralised data ownership and privacy-focused analytics. Learn how to empower teams to manage and analyse data without third-party reliance.

  View session | iCal link

  5. Why Matomo has to create a MTM server side : The future of data privacy and user tracking

  Panel discussion
  Time : 14 November, 6:00 PM UTC

  Join experts in a discussion on the necessity of server-side tag management for enhanced privacy and compliance. Delve into the future of data privacy and user tracking.

  View session | iCal link

  6. Visualisation of Matomo data using external tools

  Speaker : Leticia Rodríguez Morado
  Time : 14 November, 8:00 PM UTC

  Learn how to create compelling dashboards using Grafana and Matomo data. Enhance your data visualisation skills and gain better insights.

  View session | iCal link

  7. Keep it simple : Tracking what matters with Matomo

  Speaker : Scott Fillman
  Time : 14 November, 9:00 PM UTC

  Discover how to focus on essential metrics and simplify your analytics setup for more effective insights. Learn tactics for a powerful, streamlined Matomo configuration.

  View session | iCal link

  Stay connected

  Stay updated with the latest news and announcements :

  • Twitter : @MatomoCamp
  • YouTube : @MatomoCamp
  • Official website : matomocamp.org

  Don’t miss out

  MatomoCamp 2024 world tour edition is more than a conference ; it’s a global gathering shaping the future of ethical analytics. Whether you aim to enhance your skills, stay informed about industry trends, or network with professionals worldwide, this event offers valuable opportunities.

• Heroic Defender of the Stack

  27 janvier 2011, par Multimedia Mike — Programming

  Problem Statement

  I have been investigating stack smashing and countermeasures (stack smashing prevention, or SSP). Briefly, stack smashing occurs when a function allocates a static array on the stack and writes past the end of it, onto other local variables and eventually onto other function stack frames. When it comes time to return from the function, the return address has been corrupted and the program ends up some place it really shouldn’t. In the best case, the program just crashes ; in the worst case, a malicious party crafts code to exploit this malfunction.

  Further, debugging such a problem is especially obnoxious because by the time the program has crashed, it has already trashed any record (on the stack) of how it got into the errant state.

  Preventative Countermeasure

  GCC has had SSP since version 4.1. The computer inserts SSP as additional code when the -fstack-protector command line switch is specified. Implementation-wise, SSP basically inserts a special value (the literature refers to this as the ’canary’ as in "canary in the coalmine") at the top of the stack frame when entering the function, and code before leaving the function to make sure the canary didn’t get stepped on. If something happens to the canary, the program is immediately aborted with a message to stderr about what happened. Further, gcc’s man page on my Ubuntu machine proudly trumpets that this functionality is enabled per default ever since Ubuntu 6.10.

  And that’s really all there is to it. Your code is safe from stack smashing by default. Or so the hand-wavy documentation would have you believe.

  Not exactly

  Exercising the SSP

  I wanted to see the SSP in action to make sure it was a real thing. So I wrote some code that smashes the stack in pretty brazen ways so that I could reasonably expect to trigger the SSP (see later in this post for the code). Here’s what I learned that wasn’t in any documentation :

  SSP is only emitted for functions that have static arrays of 8-bit data (i.e., [unsigned] chars). If you have static arrays of other data types (like, say, 32-bit ints), those are still fair game for stack smashing.

  Evaluating the security vs. speed/code size trade-offs, it makes sense that the compiler wouldn’t apply this protection everywhere (I can only muse about how my optimization-obsessive multimedia hacking colleagues would absolute freak out if this code were unilaterally added to all functions). So why are only static char arrays deemed to be "vulnerable objects" (the wording that the gcc man page uses) ? A security hacking colleague suggested that this is probably due to the fact that the kind of data which poses the highest risk is arrays of 8-bit input data from, e.g., network sources.

  The gcc man page also lists an option -fstack-protector-all that is supposed to protect all functions. The man page’s definition of "all functions" perhaps differs from my own since invoking the option does not have differ in result from plain, vanilla -fstack-protector.

  The Valgrind Connection

  "Memory trouble ? Run Valgrind !" That may as well be Valgrind’s marketing slogan. Indeed, it’s the go-to utility for finding troublesome memory-related problems and has saved me on a number of occasions. However, it must be noted that it is useless for debugging this type of problem. If you understand how Valgrind works, this makes perfect sense. Valgrind operates by watching all memory accesses and ensuring that the program is only accessing memory to which it has privileges. In the stack smashing scenario, the program is fully allowed to write to that stack space ; after all, the program recently, legitimately pushed that return value onto the stack when calling the errant, stack smashing function.

  Valgrind embodies a suite of tools. My idea for an addition to this suite would be a mechanism which tracks return values every time a call instruction is encountered. The tool could track the return values in a separate stack data structure, though this might have some thorny consequences for some more unusual program flows. Instead, it might track them in some kind of hash/dictionary data structure and warn the programmer whenever a ’ret’ instruction is returning to an address that isn’t in the dictionary.

  Simple Stack Smashing Code

  Here’s the code I wrote to test exactly how SSP gets invoked in gcc. Compile with ’gcc -g -O0 -Wall -fstack-protector-all -Wstack-protector stack-fun.c -o stack-fun’.

  stack-fun.c :

  PLAIN TEXT

  C :

  1. /* keep outside of the stack frame */
  2. static int i ;
  3.  
  4. void stack_smasher32(void)
  5. {
  6.  int buffer32[8] ;
  7.  // uncomment this array and compile without optimizations
  8.  // in order to force this function to compile with SSP
  9. // char buffer_to_trigger_ssp[8] ;
  10.  
  11.  for (i = 0 ; i <50 ; i++)
  12.   buffer32[i] = 0xA5 ;
  13. }
  14.  
  15. void stack_smasher8(void)
  16. {
  17.  char buffer8[8] ;
  18.  for (i = 0 ; i <50 ; i++)
  19.   buffer8[i] = 0xA5 ;
  20. }
  21.  
  22. int main()
  23. {
  24. // stack_smasher8() ;
  25.  stack_smasher32() ;
  26.  return 0 ;
  27. }

  The above incarnation should just produce the traditional "Segmentation fault". However, uncommenting and executing stack_smasher8() in favor of stack_smasher32() should result in "*** stack smashing detected *** : ./stack-fun terminated", followed by the venerable "Segmentation fault".

  As indicated in the comments for stack_smasher32(), it’s possible to trick the compiler into emitting SSP for a function by inserting an array of at least 8 bytes (any less and SSP won’t emit, as documented, unless gcc’s ssp-buffer-size parameter is tweaked). This has to be compiled with no optimization at all (-O0) or else the compiler will (quite justifiably) optimize away the unused buffer and omit SSP.

  For reference, I ran my tests on Ubuntu 10.04.1 with gcc 4.4.3 compiling the code for both x86_32 and x86_64.

• muxing DVB subtitles into transport stream with ffmpeg

  28 novembre 2019, par user3439130

  So i have H264 video + AAC audio muxed inside transport stream (*.ts). To achive evenly spread PCR values i added muxrate tag to my command.

  ffmpeg -analyzeduration 20000000 -probesize 20M -loglevel verbose -i 1135084.m4v -i 1135084.m4a -c copy -muxrate 7982K -map 0:v:0 -map 1:a:0 -metadata:s:a:0 language=eng -metadata:s:a:0 tms_track_id=169451954 TEMP0.ts

  Since our client need DVB substitles we convert SRT to DVD with subtitle edit and then encode them to DVB with ffmpeg with this command :

  ffmpeg -analyzeduration 20000000 -probesize 20M -loglevel verbose -i TEMP0.ts -i out.da.idx -map 0 -c copy -muxrate 7992K -map 1:s -c:s:0 dvbsub -metadata:s:s:0 language=dan TEMP1.ts

  here is output from ffmpeg command :

  ffmpeg version git-2019-11-18-d831edc Copyright (c) 2000-2019 the FFmpeg developers
  
    built with gcc 9.2.1 (GCC) 20191010
  
    configuration: --enable-gpl --enable-version3 --enable-sdl2 --enable-fontconfig --enable-gnutls --enable-iconv --enable-libass --enable-libdav1d --enable-libbluray --enable-libfreetype --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-libshine --enable-libsnappy --enable-libsoxr --enable-libtheora --enable-libtwolame --enable-libvpx --enable-libwavpack --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-libzimg --enable-lzma --enable-zlib --enable-gmp --enable-libvidstab --enable-libvorbis --enable-libvo-amrwbenc --enable-libmysofa --enable-libspeex --enable-libxvid --enable-libaom --enable-libmfx --enable-ffnvcodec --enable-cuvid --enable-d3d11va --enable-nvenc --enable-nvdec --enable-dxva2 --enable-avisynth --enable-libopenmpt --enable-amf
  
    libavutil      56. 36.100 / 56. 36.100
  
    libavcodec     58. 62.100 / 58. 62.100
  
    libavformat    58. 35.100 / 58. 35.100
  
    libavdevice    58.  9.101 / 58.  9.101
  
    libavfilter     7. 66.100 /  7. 66.100
  
    libswscale      5.  6.100 /  5.  6.100
  
    libswresample   3.  6.100 /  3.  6.100
  
    libpostproc    55.  6.100 / 55.  6.100
  
  [h264 @ 000002bf7460d400] non-existing SPS 0 referenced in buffering period
  
  [h264 @ 000002bf7460d400] SPS unavailable in decode_picture_timing
  
  [h264 @ 000002bf7460d400] non-existing SPS 0 referenced in buffering period
  
  [h264 @ 000002bf7460d400] SPS unavailable in decode_picture_timing
  
  [h264 @ 000002bf7460d400] Reinit context to 1920x1088, pix_fmt: yuv420p
  
  [mpegts @ 000002bf7460ae00] max_analyze_duration 20000000 reached at 20000000 microseconds st:0
  
  [mpegts @ 000002bf7460ae00] start time for stream 2 is not set in estimate_timings_from_pts
  
  Input #0, mpegts, from 'TEMP1.ts':
  
    Duration: 01:51:54.48, start: 1.440000, bitrate: 7992 kb/s
  
    Program 1
  
      Metadata:
  
        service_name    : Service01
  
        service_provider: FFmpeg
  
      Stream #0:0[0x100]: Video: h264 (High), 1 reference frame ([27][0][0][0] / 0x001B), yuv420p(progressive, left), 1920x1080 (1920x1088) [SAR 1:1 DAR 16:9], 25 fps, 25 tbr, 90k tbn, 50 tbc
  
      Stream #0:1[0x101](eng): Audio: aac (LC) ([15][0][0][0] / 0x000F), 48000 Hz, stereo, fltp, 254 kb/s
  
      Stream #0:2[0x102](dan): Subtitle: dvb_subtitle ([6][0][0][0] / 0x0006)
  
  [vobsub @ 000002bf75d65940] IDX/SUB: out.fi.idx -> out.fi.sub
  
  Input #1, vobsub, from 'out.fi.idx':
  
    Duration: N/A, bitrate: N/A
  
      Stream #1:0[0x0](fi): Subtitle: dvd_subtitle, 1920x1080 (default)
  
  File 'TEMP2.ts' already exists. Overwrite? [y/N] y
  
  [mpegts @ 000002bf74634f00] service 1 using PCR in pid=256, pcr_period=20ms
  
  [mpegts @ 000002bf74634f00] muxrate 8002000, sdt every 500 ms, pat/pmt every 100 ms
  
  Output #0, mpegts, to 'TEMP2.ts':
  
    Metadata:
  
      encoder         : Lavf58.35.100
  
      Stream #0:0: Video: h264 (High), 1 reference frame ([27][0][0][0] / 0x001B), yuv420p(progressive, left), 1920x1080 (0x0) [SAR 1:1 DAR 16:9], q=2-31, 25 fps, 25 tbr, 90k tbn, 90k tbc
  
      Stream #0:1(eng): Audio: aac (LC) ([15][0][0][0] / 0x000F), 48000 Hz, stereo, fltp, 254 kb/s
  
      Stream #0:2(dan): Subtitle: dvb_subtitle ([6][0][0][0] / 0x0006)
  
      Stream #0:3(fin): Subtitle: dvb_subtitle (dvbsub), 1920x1080 (default)
  
      Metadata:
  
        encoder         : Lavc58.62.100 dvbsub
  
  Stream mapping:
  
    Stream #0:0 -> #0:0 (copy)
  
    Stream #0:1 -> #0:1 (copy)
  
    Stream #0:2 -> #0:2 (copy)
  
    Stream #1:0 -> #0:3 (dvd_subtitle (dvdsub) -> dvb_subtitle (dvbsub))
  
  Press [q] to stop, [?] for help
  
  No more output streams to write to, finishing.me=01:51:46.51 bitrate=7990.2kbits/s speed=18.2x
  
  frame=167862 fps=456 q=-1.0 Lsize= 6558750kB time=01:51:54.47 bitrate=8002.0kbits/s speed=18.2x
  
  video:5738580kB audio:212004kB subtitle:10989kB other streams:0kB global headers:0kB muxing overhead: 10.017118%
  
  Input file #0 (TEMP1.ts):
  
    Input stream #0:0 (video): 167862 packets read (5876305439 bytes);
  
    Input stream #0:1 (audio): 314742 packets read (217092443 bytes);
  
    Input stream #0:2 (subtitle): 1740 packets read (5578504 bytes);
  
    Total: 484344 packets (6098976386 bytes) demuxed
  
  Input file #1 (out.fi.idx):
  
    Input stream #1:0 (subtitle): 855 packets read (6881158 bytes); 854 frames decoded;
  
    Total: 855 packets (6881158 bytes) demuxed
  
  Output file #0 (TEMP2.ts):
  
    Output stream #0:0 (video): 167862 packets muxed (5876305439 bytes);
  
    Output stream #0:1 (audio): 314742 packets muxed (217092443 bytes);
  
    Output stream #0:2 (subtitle): 1740 packets muxed (5578504 bytes);
  
    Output stream #0:3 (subtitle): 1708 frames encoded; 1708 packets muxed (5673736 bytes);
  
    Total: 486052 packets (6104650122 bytes) muxed
  
  [AVIOContext @ 000002bf7463c280] Statistics: 0 seeks, 25621 writeouts
  
  [AVIOContext @ 000002bf74613f80] Statistics: 6728300448 bytes read, 2 seeks
  
  [AVIOContext @ 000002bf75efde40] Statistics: 7852032 bytes read, 0 seeks
  
  [AVIOContext @ 000002bf74f30e40] Statistics: 40275 bytes read, 0 seeks

  So i have video/audio and two dvb tracks inside one TS.

  Now im adding third subtitle and i get this warning :

  frame=32351 fps=869 q=-1.0 size= 1255936kB time=00:21:33.99 bitrate=7951.1kbits/s speed=34.8x
  
  [mpegts @ 0x2994600] Non-monotonous DTS in output stream 0:3; previous: 116868609, current: 116868607; changing to 116868610. This may result in incorrect timestamps in the output file.
  
  frame=33416 fps=886 q=-1.0 size= 1297408kB time=00:22:16.56 bitrate=7952.0kbits/s speed=35.4x

  By this warning it seems that something is not right with DVB (0:3) Finish track.
  Playing back the file with VLC i can see that Finish subtitles (between 21:33 and 22:16) are not showing up.

  Dumping packets from 0:3 track i see that 4 packets have the same DTS/PTS values.

  #stream#, dts,        pts, duration,     size, hash
  
  0,  111258000,  111258000,        0,     6979, 6215f060, S=1,        1, 67d220bc
  
  0,  111689100,  111689100,        0,       25, e60e94fa, S=1,        1, 67d220bc
  
  0,  113230800,  113230800,        0,     4423, f811be62, S=1,        1, 67d220bc
  
  0,  113561550,  113561550,        0,       25, 6db8d81f, S=1,        1, 67d220bc
  
  0,  113788800,  113788800,        0,     8247, 8b494779, S=1,        1, 67d220bc
  
  0,  114191190,  114191190,        0,       25, a205e183, S=1,        1, 67d220bc
  
  
  
  0,  116868607,  116868607,        0,     1119, e5d11188, S=1,        1, 67d220bc
  
  0,  116868607,  116868607,        0,       28, 11e09861, S=1,        1, 67d220bc
  
  0,  116868607,  116868607,        0,     1122, 8320a3f5, S=1,        1, 67d220bc
  
  0,  116868607,  116868607,        0,       28, e896fa37, S=1,        1, 67d220bc
  
  
  
  0,  117205200,  117205200,        0,     3583, 47b23f27, S=1,        1, 67d220bc
  
  0,  117611640,  117611640,        0,       25, e5ae32ed, S=1,        1, 67d220bc
  
  0,  117709200,  117709200,        0,     1119, 208b4f80, S=1,        1, 67d220bc
  
  0,  117830970,  117830970,        0,       25, 2a130b71, S=1,        1, 67d220bc
  
  0,  117846000,  117846000,        0,     3105, f179a4f0, S=1,        1, 67d220bc
  
  0,  118148040,  118148040,        0,       25, 29b3ad66, S=1,        1, 67d220bc
  
  0,  120146410,  120146410,        0,     1119, 714ef5d1, S=1,        1, 67d220bc
  
  0,  120146410,  120146410,        0,       28, bbad7fed, S=1,        1, 67d220bc
  
  0,  120708000,  120708000,        0,     2060, 703084f7, S=1,        1, 67d220bc
  
  0,  120855420,  120855420,        0,       25, 6db8d81f, S=1,        1, 67d220bc
  
  0,  121122000,  121122000,        0,     2184, 04a7be71, S=1,        1, 67d220bc
  
  0,  121395330,  121395330,        0,       25, a205e183, S=1,        1, 67d220bc

  Thes are the lines from SRT file where the warning happens :

  146
  
  00:21:34,840 --> 00:21:36,600
  
  Make!
  
  147
  
  00:21:42,280 --> 00:21:46,800
  
  Make! Hei, Make. Make!
  
  148
  
  00:21:47,880 --> 00:21:49,240
  
  Make!
  
  149
  
  00:21:49,400 --> 00:21:52,760
  
  Odota minua, Make!
  
  150
  
  00:22:00,400 --> 00:22:01,760
  
  Make!

  Sometimes muxing subtitles in different order (for example Finish before Danish and then Swedish) would solve this problem, but i would like to know why such things are happening.