Thursday, September 1, 2011

What should be disposed in your Flex Codes? (possible flex memory leaks)

According to the well-written article here, there are several possible scenarios which would lead to memory leaks.

1) You started a timer but forgot to destroy it (remove)
2) You created an event listener, but forgot to destroy it (remove)
3) You created loader objects, but forgot to destroy it (remove)
4) You created variables (references), but forgot to destroy it (null, empty array)
5) You created an annoymous handler, and you cannot destroy it ( #sigh )


The Flow for making JPIP streaming possible from a DCM4CHEE (manually)

This documents my way to get the DCMs to output to a JPIP Stream

You will need:

1) A remote archive( preferably, if not try local) DICOM archive (supports dicom queries)
2) DCM4CHEE (unzipped)
3) Kakadu JPIP Server and Client (you can sub this in with others)
4) DCMTK

Pseudo-Steps:

1) Retrieve Images from a remote archive


a) set up a dcmrcv
> dcmrcv AE_TITLE@11112 -dest H:\Folder


b) cmove from a remote archive to dcmrcv
> dcmqr -L AE_TITLE@LOCALMACHINE AE_TITLE@REMOTEMACHINE:PORT -cmove AE_TITLE -qPatientID=1234567 -cstoredest /tmp


2) Convert 'cmove'ed images to a kakadu encoder-compatible format

a) this step is a bit important if your remote archive tends to store everything to a jpeg-ls or jpeg lossless format with different process tables).  Step a) is to ensure it will be converted to explicit big endian (which dcmtk knows what it is.
>DCM4CHEE\DCM2DCM "H:\Folder\abc.dcm" "H:\Folder\convertedabc.dcm" 

b) Convert to PGM with DCMTK
> DCMTK\DCMP2PGM "H:\Folder\convertedabc.dcm" "H:\Folder\convertedabc.pgm"

c) Convert to JP2 with Kakadu
> Kakadu\kdu_compress -i "H:\Folder\convertedabc.dcm" -o "H:\Folder\convertedabc.jp2" -rate 1.0




3) Start JPIP Server

*assuming you have moved convertedabc.jp2 to a place where the server knows where to read from
> kdu_server -address localhost -port 8080

4) Start JPIP Client
Just make sure your JPIP Url is correct and the target file is convertedabc.jp2 (in this example).






There, that'd do it.  If not, email me or leave me a comment for me to analyze your situation.  Thanks!!


Security Issues of Web Apps



Your web app is likely to be constantly under attack!  
Just take a look at the following list!



Common Concerns
Secure Messaging
Protection of Resources
Negotiation of Contracts
Trust Management


Common Attacks against Web Services
Reconnaissance Attacks
Dictionary Attack
Forceful Browsing Attack
Directory Traversal Attack
WSDL Scanning
Sniffing
Privilege Escalation Attempts
Format String Attacks
Exploiting Unprotected Administrator Interfaces

Attacks on Confidentiality
Registry Disclosure Attacks

Attacks on Integrity
Parameter Tampering
Coercive Parsing
Schema Poisoning
Spoofing of UDDI/ebXML messages
Principal Spoofing
Routing Detours
External Entity Attack
Cannoicalization
Intelligent Tamparing
Impersonation

DOS attacks
Flooding attacks
Recursive Payloads sent to XML Parsers
Buffer overflow exploits
Race Conditions
Symlink Attacks
Memory Leak Exploitation
Command Injection
SQL Injection
XML injection

Malicious Code Attacks

URL String Attacks
Parameter Tampering
Cross-site Scripting
Session Hijacking
Malformed Content
Logic Bombs Trapdoors/Backdoors




Reference:
Sangwan S. and Sangwan YS. (2010)  "Designing a Frame Work for Web Application Information Security Architecture".  International Journal of Electronics Engineering 2(2):337-380