
Zip Files All the Way Down (2010) - mmastrac
https://research.swtch.com/zip
======
Animats
That approach has been used for some exploits. You can create an LZ encoding
which inefficiently encodes using a small set of characters, such as ASCII
letters only. This will get through some mail filters that are trying to stop
binary files by looking at byte value statistics.

------
bkase
Another interesting problem slightly more interesting than a quine is writing
an auto-cannibal machine (this was a homework assignment in my semester of
15-251 at CMU):

Write a function `ACM : (String -> a) -> a` aka a function that takes a string
consumer as input (such as flip_upper_and_lower_cases: String -> String, or
word-count String -> Int) and outputs the result of applying this transform to
it's own source code.

For example if the contents of the ACM file were: `ACM(f) = print f("foo")`
(note that this is clearly not a correct answer in any language)

`ACM(flip_upper_and_lower_cases)` invoked from another file should yield:
'acm(F) = PRINT F("FOO")'

(please don't post a solution publicly just in case they're still using this
as homework)

------
dzmitry_lahoda
Related discussion and links
[https://news.ycombinator.com/item?id=10158529](https://news.ycombinator.com/item?id=10158529)

------
davidshepherd7
In case anyone else is interested this is (probably) the image the "set theory
books all the way down" should link to:
[http://also.kottke.org/misc/images/naive-set-theory-
cover.jp...](http://also.kottke.org/misc/images/naive-set-theory-cover.jpg)

------
10165
By default the Python binary will try to load a file called "python27.zip" at
startup. What if python27.zip was a "zip bomb"?

~~~
aw3c2
Nothing for me:

    
    
        stat("/usr/lib/python27.zip", {st_mode=S_IFREG|0644, st_size=440, ...}) = 0
        open("/usr/lib/python27.zip", O_RDONLY) = 3

~~~
derefr
Makes sense; the way runtimes use archives as pseudo-loop-mounted-filesystems
only requires one level of dereference. A zip file inside that zip file would
just be left alone.

A bit different from a "smart" archive tool, or a virus-scanner, which tend to
want to recursively unpack things until they run out of archives.

~~~
mst
Though back when I worked ISP operations our AV setup was quite nicely screwed
over by a simple zip-that-unpacks-a-giant-file - since when it reached 2Gb the
AV process would crash without cleaning up and eventually we ran out of
unpacking space and couldn't process anything else either (but until then kept
processing at about 75% normal speed because the bomb went back into queue for
a bit after that).

Duct taped it by doing roughly 'rm /tmp/av_system/ _/_ ' in cron once a minute
to keep things up while we tracked the offending email down and malleted it
out of existence.

AV vendor intentionally not mentioned since >15 years later I'm sure their
code is mostly different and mostly not maintained by the same people.

------
amenghra
[http://alf.nu/ZipQuine](http://alf.nu/ZipQuine)

------
0x0
The last time I checked gmail refused to attach this file to emails. :)

