Noutați

C Header Translator Tool For Delphi Lets You Parse C Header Files Using The Clang Compiler

Since Chet uses an actual compiler, you will need to have a (minimal) C develop environment installed, as well as LLVM with Clang. Clang needs to be able to find the system headers for the development environment. These will usually be available if you have some version of Visual Studio with Visual C++ installed. The free (community) edition of Visual Studio suffices. As said in the readme on Github, unlike some other header translators, Chet uses the Clang compiler to parse header files, resulting in more accurate translations that require fewer manual adjustments. Please check out the awesome features Chet lists: Translates C data types such as structs, union, enums, typedefs, procedural types and opaque types. Translates C functions to Delphi procedures or functions. Tries to translate #define declarations to constants where possible. Generates a single .pas file for an entire directory of .h files. This reduces issues due to dependencies between header files. Generates output for multiple platforms (Windows, macOS, Linux, iOS and Android) if desired. You can customize the Clang parsing process by supplying command line arguments to the compiler. You can customize the output of some conversion operations. Retains any Doxygen style documentation comments if desired, or converts them to XmlDoc comments or PasDoc comments. Provides a GUI for configuring the conversion process, and allows you to save the conversion settings to a .chet project file for reuse. Although Chet has amazing features, there are some limitations that the user has to pay attention on: Chet only works with C header files, not with C++ header files. All non-inlined functions in the header files are translated and assumed to be available in the static or dynamic library for the project. This does not have to be the case. (Inlined functions are never translated since they are never available in the library.) Since Clang is used to parse the header files, this means that Clangs preprocessor is run as well to perform conditional parsing (guided by #ifdef directives). This is both good and bad. It is good because it improves conversion accuracy. But it can be bad because it uses the system that Chet runs on to determine some conditional paths. For example, because Chet runs on Windows, it will parse code in #ifdef _WIN32 sections but skip any code in sections for other platforms. You can run Chet first to check for any errors related to missing dependencies. If you get any dependency errors when running the translator, then you can download the dependencies here: LLVM with Clang (Clang for Windows (64-bit) is recommended); Visual Studio IDE (the free Community edition suffices; be sure to install C++ support). You can use the pre-compiled 64-bit Windows Chet application in the Bin directory. If you want to compile Chet yourself, then you also need libclang for Delphi and make sure the Delphi IDE can find it (the Chet project will find it automatically if the Neslib.Clang directory is at the same level as the Chet directory). Chet is licensed under the Simplified BSD License. From the Github article we understand that Chet is pretty straightforward. In many cases, you only need to provide a directory with header files, the name of the output .pas file and select “Run Header Translator (F9)”. For more control over the conversion process, you can specify various options, described below. The screenshot from GitHub for the project is below: This […]

Read More

Powerful LockBox3 Cryptography Library Available For Delphi And C++Builder

LockBox3 is a Delphi library for cryptography. It provides support for AES, DES, 3DES, Blowfish, Twofish, SHA, MD5, a variety of chaining modes, RSA digital signature and verification. This is a source-only release of TurboPack LockBox3. It includes designtime and runtime packages for Delphi and C++Builder and supports VCL, FMX, Win32, Win64, macOS, iOS, and Android. Reading the information from http://lockbox.seanbdurkin.id.au/HomePage, “the user interface shall be clean and simple. For Ciphers and Hashes, two styles shall be provided: A component and an interface pointer. IV, salting of ciphers and signaling of IV’s shall be managed and hidden from the developer-client. The main encryption functions shall be implemented in 100% native Delphi code. (TOpenSSL_Signatory component is the exception to the rule).“ That is to say it shall not rely on links to third party libraries (at least as far as the core functionality is concerned). LockBox 3 is has easy traceability to standards. Developers should be able to open cipher standards and open the respective implementing source code; put them side-by-side, and very quickly observer that one implements the other. implementing source should borrow the style and symbols and the specifiying cipher standard.It shall be as easy as it can be to extend the library with new hashes and block ciphers. The selection, implementation and usage of ciphers shall be divorced from the chaining mode. LockBox3CR.bpl (C++Builder Runtime) and LockBox3CD.bpl (C++Builder Designtime). TurboPack LockBox3 is available via the GetIt Package Manager where you can quickly and easily install and uninstall it. To manually install TurboPack LockBox3 into your IDE, take the following steps: Unzip the release files into a directory (e.g., d:lockBox3); Start RAD Studio; Add the source directory (e.g. d:lockBox3run and all the subdirectories) to the IDE’s library path. For C++Builder, add the hpp subdirectory (e.g., d:lockBox3sourcehppWin32Release) to the IDE’s system include path; Open & install the designtime package specific to the IDE being used. The IDE should notify you the components have been installed; I can tell for sure that this is the best choice for cryptography library ! If you want to download this package via GitHub, please refer to the link below: https://github.com/TurboPack/LockBox3 Or find out more about TurboPack LockBox3 and download it via Embarcadero GetIt.

Read More

Learn How To Use C++ Defaulted Functions For Windows Development With C++ Builder

A defaulted function is a function that contains =default; in its prototype. This construction indicates that the function’s default definition should be used. Defaulted functions are a C++11 specific feature. Defaulted functions example class A { A() = default; // OK A& operator = (A & a) = default; // OK void f() = default; // ill-formed, only special member function may be defaulted }; class A {         A() = default;                    // OK         A& operator = (A & a) = default;  // OK         void f() = default;               // ill-formed, only special member function may be defaulted }; By default, C++ provides four default special member functions. Users may override these defaults. destructor default constructor copy constructor copy assignment operator = Also by default, C++ applies several global operators to classes. Users may provide class-specific operators. sequence operator , address-of operator & indirection operator * member access operator -> member indirection operator ->* free-store allocation operator new free-store deallocation operator delete The management of defaults has several problems: Constructor definitions are coupled; declaring any constructor suppresses the default constructor. The destructor default is inappropriate to polymorphic classes, requiring an explicit definition. Once a default is suppressed, there is no means to resurrect it. Default implementations are often more efficient than manually specified implementations. Non-default implementations are non-trivial, which affects type semantics, e.g. makes a type non-POD. There is no means to prohibit a special member function or global operator without declaring a (non-trivial) substitute. The most common encounter with these problems is when disabling copying of a class. The accepted technique is to declare a private copy constructor and a private copy assignment operator, and then fail to define either. Head over and check out more information about defaulted functions on Windows in C++.

Read More

Low-Hanging Fruit: The Top 8 Cybersecurity Vulnerabilities in Enterprise Software

Published December 9, 2020 WRITTEN BY MICHAEL SOLOMON Michael G. Solomon, PhD, CISSP, PMP, CISM, PenTest+, is a security, privacy, blockchain, and data science author, consultant, educator and speaker who specializes in leading organizations toward achieving and maintaining compliant and secure IT environments. Cybersecurity is getting a lot of attention, from the break room to the board room. Few weeks pass without another salacious story in the media about a new large-scale data breach, ransomware outbreak or other attack designed to disrupt normal life.  Cybercriminals know what they are doing, and they’re able to succeed in their goals with uncomfortable regularity. Those goals are increasingly focused on enterprise applications due to the large number of access opportunities that are supposed to support end-users and internal personnel. For example, last year 62 US colleges were targets of cyberattacks that exploited their enterprise resource planning (ERP) system vulnerabilities. Cybercriminals constantly search for easy targets. Expanding complexity, growing numbers of users and partners, and rapidly emerging exploits make security an elusive target. Learning about the most common security gaps found in software, why those gaps really matter, and how to close them can make you less likely to be the next big victim. Instead of approaching security by being as secure as you can be, a better approach is to just be as secure as you need to be. That’s a subtle difference, but the outcome of the latter can be similar to the goal of the former, with much less effort and expense. Let’s cover some rudimentary aspects of security and a basic approach that balances security with budget and effort.  The lure of low-hanging fruit In this article I’m focusing on general cybercriminals who are looking for financial gain. They don’t care who their next victim is. Other types of cybercriminals, such as disgruntled (possibly former) personnel, “hacktivists,” or other people who are targeting your specific data or intellectual property are more determined and motivated to succeed. But here, we’re talking about cybercriminals looking for any victim, so they mainly want a quick and easy attack. Using the path of least resistance is a good thing. The easiest and cheapest path to the bottom line is most commonly the desirable path. Of course, there are reputational impacts and other obstacles that affect the decision-making process, but there is always some appeal to the path of least resistance. Cybercriminals spend a lot of effort identifying the easiest targets. What does this have to do with your security? One important key to being as secure as you need to be is simply avoiding being a hacker’s “low-hanging fruit.” Most cybercriminals use automated scanners to find potential victims they can attack without much work. They look for well-known vulnerabilities that their potential victims haven’t addressed. Cybercriminals know that keeping security controls current takes time and effort, and many organizations have “more important” tasks than hardening systems and networks. This gap between known vulnerabilities and implemented controls defines the sweet spot that cybercriminals are looking for. The best defense from most cybercriminals is to just be secure enough to not be worth their effort. This approach to cyber defense simply means that you should learn about the most common vulnerabilities and fix those first. If you have more budget to go further, that’s great. But at […]

Read More

Quickly Write Efficient Code With Modern Structured Bindings Available In C++17 On Windows With C++Builder

C++17 has a new feature that consolidates syntactic sugar and automatic type deduction: structured bindings. This helps to assign values from tuples, pairs, and structs into individual variables. In another programming language, you can find this as unpacking. Applying a structured binding to specify various variables from one bundled structure is one step. Structured bindings always applied with the same pattern: auto [var1, var2, …] = ; auto [var1, var2, …] = pair, tuple, struct, or array expression>; The list of variables var1, var2 – must exactly match the number of variables contained by the expression being assigned from Then there should be one of the following std::pair std::tuple struct or array The type can be auto, const auto, or even auto&& If you write too many or not enough variables between the square brackets, the compiler will give an error, telling us about our mistake std::tuple tup {3.55, 1, 99}; auto [a, b] = tup; // gives an error std::tuplefloat, int, long> tup {3.55, 1, 99}; auto [a, b] = tup; // gives an error Here is a complete real example of a use case for structured bindings: #ifdef _WIN32 #include #else typedef char _TCHAR; #define _tmain main #endif #include #include #include // Demonstrate structured bindings – here, a method might in the past // have had a bool success result, and an error param written to. // Now, can return both (all error info) as one tuple, bound automatically // to local vars through the auto keyword (much nicer than std::tie // in C++11/14) auto connect_to_network() { // The connection could succeed, or fail with an error message // Here, mimic it failing bool connected{ false }; // failed! std::string str_error{ “404: resource not found” }; return std::make_tuple(connected, str_error); } int _tmain(int argc, _TCHAR* argv[]) { auto [connected, str_error] = connect_to_network(); if (!connected) { std::cout 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 #ifdef _WIN32 #include #else typedef char _TCHAR; #define _tmain main #endif   #include #include #include   // Demonstrate structured bindings – here, a method might in the past // have had a bool success result, and an error param written to. // Now, can return both (all error info) as one tuple, bound automatically // to local vars through the auto keyword (much nicer than std::tie // in C++11/14)   auto connect_to_network() {   // The connection could succeed, or fail with an error message   // Here, mimic it failing   bool connected{ false }; // failed!     std::string str_error{ “404: resource not found” };     return std::make_tuple(connected, str_error); }   int _tmain(int argc, _TCHAR* argv[]) {   auto [connected, str_error] = connect_to_network();     if (!connected) {     std::cout str_error;   }     system(“pause”);     return 0; } As you can see, by using structured bindings, you can write more efficient and clean code. Be sure to check out the official documentation on structured bindings here! Check out the structured bindings demo for C++Builder on GitHub!

Read More

Flexible Multi-Tenancy REST Support Demo For RAD Server In Delphi

It requires InterBase to be installed on the machine or to connect to a remote server. Make sure that the server is running before you run the sample application. With Multi-Tenancy support, a single RAD Server instance with a single RAD Server database connection can support multiple isolated tenants. Each tenant has a unique set of RAD Server resources including Users, Groups, Installations, Edge Modules, and other data. All tenants have custom resources that are installed in the EMS Server. Also, as an administrator you can create new tenants, edit existing ones, add, edit, or delete details of your tenants, specify if the tenant is active, and delete the tenants that you do not need. Location You can find the RAD Server Overview Multi-tenant sample project at: Start | Programs | Embarcadero RAD Studio Sydney | Samples and then navigate to the following: Object PascalDataBaseEMSMulti-Tenancy Demo Subversion Repository: You can find Delphi code samples in GitHub Repositories. Search by name into the samples repositories according to your RAD Studio version. Overview This sample application demonstrates RAD Server’s Multi-Tenancy support. RAD Server Overview is a turn-key application foundation for rapidly building and deploying services based applications. RAD Server enables developers to quickly build new application back-ends or migrate existing Delphi or C++ client/server business logic to a modern services based architecture that is open, stateless, secure and scalable. A single RAD Server Overview instance with a single RAD Server database connection can support multiple isolated tenants. This demo uses a chain of toy stores to highlight RAD Server’s multi-tenancy support where each store with its employees and goods is a tenant implementation. Using the RAD Server Multi-Tenant Application The sample application demonstrates a retail store deployment use case. Each store with its employees and goods is a tenant implementation. Employees There are two groups of users with different rights: Managers can add new store items, delete them, and edit the details of the existing ones while cashiers can only view the information about the existing goods. Neither employee can see the information about the other stores in the chain.   Description Now, let us have a look at the sample application. Store Log in Page To access store specific information, enter the following information on the Store Log in page: Toy Store: select a store from the list. Each store is a tenant implementation. Store password: enter the password. Tip: You can find credentials in the Readme.txt file provided with the sample application. Employee Log in Page On the Employee Log in page, each employee enters the following: Employee login Employee password Tip: You can find credentials in the Readme.txt file provided with the sample application. Store Items Page After logging in, each employee sees the store items screen. The screen is displayed in two different modes: edit or view only, and access depends on the employee’s position. This uses EMS groups (a feature of RAD Server) to define access rights. Managers can view, add, and delete the store items and edit the details. Cashiers can view the items’ details only. Please follow the link to the original post for more information: http://docwiki.embarcadero.com/CodeExamples/Sydney/en/EMS.Sample_RAD_Server_Multi-Tenant_Application Check out the full source code for the Multi-Tenancy REST Demo over on GitHub.

Read More

Learn How To Use Python Functions With Keyword Arguments In A Delphi Windows App

rocedure TForm1.Button1Click(Sender: TObject); var   P : Variant; begin   PythonEngine1.ExecStrings( Memo1.Lines );   P := MainModule.Person(‘John’, ‘Doe’);   Assert(P.first_name = ‘John’);   Assert(P.last_name = ‘Doe’);   Assert(VarIsNone(P.weight));   Assert(VarIsNone(P.height));   Assert(VarIsNone(P.age));   P := MainModule.Person(‘John’, ‘Doe’, weight := 70);   Assert(P.first_name = ‘John’);   Assert(P.last_name = ‘Doe’);   Assert(P.weight = 70);   Assert(VarIsNone(P.height));   Assert(VarIsNone(P.age));   P := MainModule.Person(‘John’, ‘Doe’, weight := 70, height := 172);   Assert(P.first_name = ‘John’);   Assert(P.last_name = ‘Doe’);   Assert(P.weight = 70);   Assert(P.height = 172);   Assert(VarIsNone(P.age));   P := MainModule.Person(‘John’, ‘Doe’, weight := 70, height := 172, age := 35);   Assert(P.first_name = ‘John’);   Assert(P.last_name = ‘Doe’);   Assert(P.weight = 70);   Assert(P.height = 172);   Assert(P.age = 35);   P := MainModule.Person(last_name := ‘Doe’, first_name := ‘John’, weight := 70, height := 172, age := 35);   Assert(P.first_name = ‘John’);   Assert(P.last_name = ‘Doe’);   Assert(P.weight = 70);   Assert(P.height = 172);   Assert(P.age = 35);   P := MainModule.Person(‘John’, ‘Doe’, 35, 172, 70);   Assert(P.first_name = ‘John’);   Assert(P.last_name = ‘Doe’);   Assert(P.weight = 70);   Assert(P.height = 172);   Assert(P.age = 35);   Memo2.Lines.Add(‘Success’) end;

Read More

Learn How To Solve The C++ SFINAE Problem For Expressions In Windows Development With C++ Builder

Substitution failure is not an error (SFINAE) refers to a situation in C++ where an invalid substitution of template parameters is not in itself an error. We’re talking here about something related to templates, template substitution rules and metaprogramming… A quick example: template struct A {}; char xxx(int); char xxx(float); template A f(T){} int main() { f(1); }   template <int I> struct A {};     char xxx(int);   char xxx(float);     template <class T> A<sizeof(xxx((T)0))> f(T){}     int main()   {     f(1);   } This example is rejected by all major compilers because template deduction/substitution has historically used a simplified model of semantic checking, i.e., the SFINAE rules (which are mostly about types), instead of full semantic checking. But in C++ 11, fully general expressions allowed, and that most errors in such expressions be treated as SFINAE failures rather than errors. There’s a continuum of errors, some errors being clearly SFINAE failures, and some clearly “real” errors, with lots of unclear cases in between. We decided it’s easier to write the definition by listing the errors that are not treated as SFINAE failures, and the list we came up with is as follows: errors that occur while processing some entity external to the expression, e.g., an instantiation of a template or the generation of the definition of an implicitly-declared copy constructor. errors due to implementation limits (it’s probably a category error to list these here, since they’re not errors in the normal sense, but we wanted to make it very clear that compilers don’t have to take steps to capture and recover from violations of implementation limits; such violations cause hard errors, compiler crashes, etc., the same as anywhere else in a program). errors due to access violations (this is a judgment call, but the philosophy of access has always been that it doesn’t affect visibility)Everything else produces a SFINAE failure rather than a hard error. At certain points in the template argument deduction process it is is necessary to take a function type that makes use of template parameters and replace those template parameters with the corresponding template arguments. This is done at the beginning of template argument deduction when any explicitly specified template arguments are substituted into the function type, and again at the end of template argument deduction when any template arguments that were deduced or obtained from default arguments are substituted. The substitution occurs in all types and expressions that are used in the function type and in template parameter declarations. The expressions include not only constant expressions such as those that appear in array bounds or as nontype template arguments but also general expressions (i.e., non-constant expressions) inside sizeof, decltype, and other contexts that allow non-constant expressions. [Note: The equivalent substitution in exception specifications is done only when the function is instantiated, at which point a program is ill-formed if the substitution results in an invalid type or expression.] For example, template auto f(T t1, T t2) -> decltype(t1 + t2); template <class T> auto f(T t1, T t2) -> decltype(t1 + t2); Head over and check out more information about SFINAE problems for expressions in Windows Development.

Read More

TMS WEB Core v1.6 beta in a nutshell (video)

Yesterday we announced the beta release for TMS WEB Core v1.6 Pesaro. Before moving to a final release of TMS WEB Core v1.6.0.0, we want to give our registered TMS ALL-ACCESS and TMS WEB Core users sufficient time to test the new version. Registered users can find the beta download now on the “My Products” page on our website. This beta version can be used from Delphi XE7 to Delphi 10.4 Sydney as well as Lazarus 2.0.10. At the same time our team is also working on bringing the pas2js v2.0 compiler to TMS WEB Core for Visual Studio Code. The stunning new pas2js v2.0 features are not only coming in Delphi but also in Visual Studio Code. Watch our colleague Holger Flick show the use of generics in a TMS WEB Core application in an internal beta of TMS WEB Core for Visual Studio Code that will soon also be coming to you. Dali’s words: “Have no fear of perfection, you will never reach it” are the motivating force and inspiration behind everything we do. So, here we literally follow up the video about generics in TMS WEB Core with code improvement suggestions that bring it one step closer to perfection: enumerators. Stay tuned for more updates!

Read More