Re: CheckPoint FW1 BUG

[sinster () DARKWATER COM (Jon Paul, Nollmann)]

Sprach Hugo.van.der.Kooij () CAIW NL:
> FW-1 does not use RPC itself at all. I've seen a couple of dozen of
> installations of FW-1 on just about any platform (besides Linux at present
> ;-) an know it runs on very bare systems.

Please.  You answered your own question: you don't know FW-1 on NT.  It
is very feasible that FW-1 would use RPC on an NT box.  For instance:
MS OLE is dependant on RPC.  So if FW-1 uses OLE, it's dependant on RPC.
Does it support drag-and-drop?  Then it probably uses OLE.

I don't know FW-1 on NT either, but I've done a lot more debugging under
NT than I care to admit, I've stumbled over a large number of these
undocumented (or poorly documented) gotchas on NT that reach up and
bite the unwary programmer.  A naive port of a *NIX application to
NT will bring in all sorts of unintended dependancies that may very
well be wholly inappropriate.  Hell, a naive implementation of a new
program under NT will do the same.

The thought that Checkpoint's translation of FW-1 over to NT has caused
it to become dependant on RPC without having a single call to any
RPC routine in their code is entirely credible to me.  I'm sure that's
just the tip of the set of unintended dependancies that it has.

The only reason I was able to find out about this OLE/RPC dependancy
is through sheer luck (I dunno if it's bad luck or good luck).  I had
written a program for a client.  One of their clients was encountering
a bug with my program.  I and my client couldn't reproduce the bug.
The client flew a machine out, and on that machine we could reproduce
the bug.  Examining the machine's configuration, we were able to build
another machine where we could also reproduce the bug.  After much
effort, we found sockets leaking from Microsoft's OLE library.  My
client's pitiful little GOLD support contract wasn't sufficient for
Microsoft to do anything about it.  They (Microsoft) strongly asserted
that it was our bug.  Only through the channels opened by my client's
client's superior support contract (would you call that a "platinum"
contract or something?) was Microsoft willing to acknowledge the bug
and offer a workaround.  The workaround was to tweak the RPC controls
in the registry.  I expressed surprise at this, and Microsoft
explained that their OLE library is built on RPC.  Sure enough, when
we made the tweak, the bug disappeared.

So, unless Checkpoint has this mythical platinum support contract,
they probably don't know about this bug.  And I'm sure there are other
problems as well.

--
Jon Paul Nollmann ne' Darren Senn                      sinster () balltech net
Unsolicited commercial email will be archived at $1/byte/day.
Congratulations FBI men: Hoover would be proud of you