i am studying C now, and I am parsing a raw registry file and read it.
i have some problem now,
000011E0 00 00 00 00 60 01 00 00 B9 01 00 00 00 00 00 00
000011F0 20 C0 26 00 FF FF FF FF 00 00 00 00 FF FF FF FF
00001200 10 FC 00 00 FF FF FF FF 4C 00 01 00 00 00 00 00
this is hex value of REGISTRY file.
fseek(fp,0x11F0,SEEK_SET);
char tmp[4];
int now = ftell(fp);
for(int i = 0 ; i < 4 ; i++){
tmp[i] = fgetc(fp);
}
I made this tmp array, but I need 0x0026c020.
how can I change this array to that value? or please suggest me better algorithm.
Thanks.
If you know for a fact that the value is stored with the same endianness as the host OS architecture, you can just do:
int value = *(int *)tmp;
However, you should not read the bytes in backwards order, as you do here -- that alters the endianness and will result in an incorrect value. Try this:
int value;
if (fread(&value, sizeof(value), 1, fp) != 1) {
/* Could not read, handle error. */
}
/* value is set, inspect it */
To convert a string into integer there are already available functions one such function is
strtoul().
you can use standard strtoul() function to convert string into integer values.
Related
I wrote a function that is responsible for moving to a binary file and editing its bytes
int replace(FILE *binaryFile, long offset, unsigned char *replaced, int length) {
if (binaryFile != NULL) {
for (int i = 0; i < length; i++) {
fseek(binaryFile, offset + i, SEEK_SET);
fwrite(&replaced[i], sizeof(*replaced), 1, binaryFile);
}
fclose(binaryFile);
return 0;
}
else return -1;
}
When I use this function, I encounter a strange problem
All data in the file is filled with NULL bytes
And only one of the addresses in the file changes
Example:
FILE* fp = fopen("target.bin", "wb");
replace(fp, 0x57d8b0, "\x1E\xFF\x2F\xE1", 4);
replace(fp, 0x57c770, "\x01\x00\xA0\xE3\x1E\xFF\x2F\xE1", 8);
Result:
0x57c770: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
...
0x57d8a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x57d8b0: 1e ff 2f e1
Correct result:
0x57c770: 01 00 A0 E3 1E FF 2F E1 ...
...
0x57d8a0: 9c c4 0a ea 70 d2 68 00 44 d4 68 00 10 d1 68 00
0x57d8b0: 1e ff 2f e1 18 b0 8d e2 02 8b 2d ed 18 d0 4d e2
Please help me to solve the function problem or other problems.
wb is not correct. It clobbers the file.
From here,
Mode
Meaning
Explanation
If already exists
If does not exist
"r"
read
Open a file for reading
read from start
failure to open
"w"
write
Create a file for writing
destroy contents
create new
"a"
append
Append to a file
write to end
create new
"r+"
read extended
Open a file for read/write
read from start
error
"w+"
write extended
Create a file for read/write
destroy contents
create new
"a+"
append extended
Open a file for read/write
write to end
create new
You want r+b.
Also, you close the file handle in replace, which is premature. This should be done outside of replace, after you're done with the handle.
As an aside, you shouldn't be doing a number of seeks and writes of length one equal to length; you should be doing one seek and one write of length length.
Is there a function in a C lib to print data packets similar to Wireshark format (position then byte by byte)
I looked up their code and they use trees which was too complex for my task. I could also write my own version from scratch but I don't wanna be reinventing the wheel, so I was wondering if there is some code written that I can utilize. Any suggestions of a lib that I can use?
*The data I have is in a buffer of unsigned ints.
0000 01 02 ff 45 a3 00 90 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 ... etc
Thanks!
I doubt such a specific function exists in the libC, but the system is rather simple:
for (unsigned k = 0; k < len; k++)
{
if (k % 0x10 == 0)
printf("\n%04x", k);
if (k % 0x4 == 0)
printf(" ");
printf(" %02x", buffer[k] & 0xff);
}
Replace the first modulo by the line length, and the second by the word length and you're good (of course, try to make one a multiple of the other)
EDIT:
As I just noticed you mentioned the data you have is in a buffer of unsigned ints, you will have to cast it to an unsigned char buffer for this part.
Of course, you can do it with an unsigned buffer with bitwise shifts and four prints per loop, but that really makes for cumbersome code where it isn't necessary
I'm having an issue with (I think) memory reallocation in C. The program is meant to run such that when fopen(array, &num); is called, it will first retrieve the number of elements in the array from file and place that in num, reallocate memory for the array pointer given to give it enough room to store the contents of the file proper, then copy the values over into that array. This seems to work while still in the fopen function (shown by 'mark 1'), but does not work outside of this (shown by 'mark 2') instead seeming to spew out random memory garbage. Any help appreciated (both with code and formatting my poorly laid out question).
//main.c
void Rtest(){
char num;
struct individual *array;
array = (struct individual *) malloc(sizeof(struct individual));
openf(array, &num);
printf("%d\n", num);
for (int i = 0; i < num; i++) {printf("%s\n", array[i].name);} //mark 2
free(array);
}
//fil.h
struct individual {
char name[32];
char stats[7];
char role;
char roles[13];
};
void openf(struct individual *array, char *num){
FILE *fp;
fp = fopen("save.bin", "rb");
fread(num, 1, sizeof(char), fp);
array = (struct individual *)realloc(array, *num * sizeof(struct individual));
printf("%d\n", sizeof(*array));
fread(array, *num, sizeof(struct individual), fp);
for (int i = 0; i < *num; i++) {printf("%s\n", array[i].name);} //mark 1
fclose(fp);
}
File contents:
03 43 61 72 6C 73 6F 6E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 02 03 04 05 06 08 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 43 61 72 6C 73 6F 6E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 02 03 04 05 06 08 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 43 61 72 6C 73 6F 6E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 02 03 04 05 06 08 00 01 02 03 04 05 06 07 08 09 0A 0B 0C
When you want to change the argument inside a function, you pass a pointer to it.
For example, inside Rtest you declared a char called num. It has no value, and you sent it to openf, But you actually sent the pointer to num since you wanted to change its value, you did it correctly and indeed openf changed num value successfully.
But how about array? Well, you declared it on Rtest and allocated space in memory for it, which is all correct. Then, you wanted to send it to Rtest as a pointer so the function could change it.
array is a variable of the type "pointer to struct individual". This is okay, but if you wanted to change it inside Rtest, well you need to send a pointer for that variables.. hence, you needed a "POINTER TO pointer to struct individual". Note that the variable name was copied from before and I just added "POINTER TO"
I'm sure you know what pointer to pointer is, and what you needed to do is use:
openf(&array, &num);
And of course modift openf as well so it will use the new "pointer to pointer", something like that:
void openf(struct individual **array, char *num){
FILE *fp;
fp = fopen("save.bin", "rb");
fread(num, 1, sizeof(char), fp);
*array = (struct individual **)realloc(*array, *num * sizeof(struct individual));
printf("%d\n", sizeof(**array));
fread(*array, *num, sizeof(struct individual), fp);
for (int i = 0; i < *num; i++) {printf("%s\n", (*array)[i].name);} //mark 1
fclose(fp);
}
When I run this code on my machine, along with Rtest and provided save.bin I get the following output:
53
Carlson
Carlson
Carlson
3
Carlson
Carlson
Carlson
EDIT:
As #WhozCraig mentioned in the comments, You could use the unused return value for the function and return the pointer for the "new" array, which might be a slightly better way of doing things here instead of the "pointer to pointer" stuff, but its up to you.
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#define NBRCOLOURS 16
#define COLOURSIZE 8
typedef struct
{
char colours[COLOURSIZE];
}BITMAP;
//Main Function
void main(void)
{
int count, count2;
char bm_file[] = "C:\\Coding\\Bitmap Program\\Sample.bmp";
FILE *fptr;
char ch;
int i = 0;
BITMAP bm_data[NBRCOLOURS];
fptr = fopen(bm_file, "rb");
if (fptr != NULL)
{
while ((ch = fgetc(fptr)) != EOF)
{
printf("%02X ", ch);
if (!(++i % 16)) putc('\n', stdout);
}
}
fclose(fptr);
system("pause");
return;
}
I am using this code which I found mostly online to try and read the contents of a bitmap file as its hexadecimal values. For some reason, this code stops right at the end of the header, and unfortunately ultimately I need to count the number of times each colour appears so that I can figure out which occurs most and which occurs least.
If anyone could tell me why this code stops at the end of the header for the bitmap, or lead me towards being able to pull the rest of the hexadecimal data out of the file, I would really appreciate it.
Here is the hex code:
42 4D C6 00 00 00 00 00 00 00 76 00 00 00 28 00
00 00 0A 00 00 00 0A 00 00 00 01 00 04 00 00 00
00 00 50 00 00 00 12 0B 00 00 12 0B 00 00 10 00
00 00 10 00 00 00 FF 00 00 00 00 FF 00 00 00 00
42 00 5A 5A 84 00 00 00 FF 00 FF 00 FF 00 00 FF
FF 00 08 FF FF 00 5A FF FF 00 FF FF FF 00 FF FF
FF 00 FF FF FF 00 FF FF FF 00 FF FF FF 00 FF FF
FF 00 FF FF FF 00 92 59 00 16 47 00 00 00 25 90
01 64 61 00 00 00 59 90 11 64 61 00 00 00 99 00
16 48 11 00 00 00 90 01 64 61 11 00 00 00 00 16
64 61 00 00 00 00 01 16 46 10 09 00 00 00 11 64
41 00 99 00 00 00 16 64 11 09 95 00 00 00 66 48
10 09 53 00 00 00
And here is what prints:
42 4D FFFFFFC6 00 00 00 00 00 00 00 76 00 00 00 28 00
00 00 0A 00 00 00 0A 00 00 00 01 00 04 00 00 00
00 00 50 00 00 00 12 0B 00 00 12 0B 00 00 10 00
00 00 10 00 00 00
Long post, I'm sorry. Any help is greatly appreciated.
fgetc returns an int, not a char. You can't represent EOF with a char, as all of the possible values of a char are valid. EOF is (I think) -1 represented as an int, or 0xfffffff, so if you read 0xff as a char it's the same as EOF.
Change this:
char ch;
to:
int ch;
The number before a format specifier in printf, like %02X only guarantees a minimum number of characters outputted, not a maximum. fgetc returns an int, not a char. If the int is negative two's complement then the entire bitstring representing the int will get printed, including the FF bytes at the start. EOF is not representable as a char; only as an int.
In your case we know that the file we're working with is small enough that loading the entire file into a buffer will probably succeed, so we can just use malloc and free instead:
#include <stdio.h>
#include <stdlib.h>
typedef unsigned char byte;
int main(int argc, char *argv[])
{
FILE *fp = fopen("C:\\Coding\\Bitmap Program\\Sample.bmp", "rb");
byte *buffer = NULL;
size_t len;
int i;
fseek(fp, 0, SEEK_END);
len = ftell(fp);
rewind(fp);
buffer = malloc(len);
if(!buffer)
{
perror("malloc");
exit(EXIT_FAILURE);
}
fread(buffer, 1, len, fp);
fclose(fp);
for(i = 0; i < len; i++)
{
if(i%16==0) putchar('\n');
printf("%.2X ", buffer[i]&0xFF);
}
free(buffer);
return 0;
}
I'm not very familiar with C, but I have an app I'm trying to convert over to Node (JS).
I think char may be relatable to Nodes new Buffer() but I'm not 100% certain on this. Any information would be great thanks.
I have this bit of code here:
char data[80];
unsigned long long flag=0;
mysql_real_escape_string(&mysql,data,(char*)&flag,sizeof(flag));
Which mysql_real_escape_string should just copy the data from (char*)&flag) into data.
I'm wondering if I could do this like
var flag = 123;
var buf = new Buffer(80)
buf.writeUInt32LE(flag);
if I console.log(buf); I get
buf.toString();
'\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000��p\u0001\u0001\u0000\u0000\u0000P��\u0001\u0001\u0000\u0000\u0000\n\u0000\u0000\u0000\u0000\u0000\u0000\u0000x��\u0001\u0001\u0000\u0000\u0000\u0005\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000#��_�\u0000\u0000\u0001\u0000\u0000\u0000\u0001\u0000\u0000\u0000'
if I printf("%s", data); I get
\0#\0\0\0\0\0
Any information would be great thanks.
Well, I'm not sure why you are allocating such a large buffer for such a small bit of data, but creating a Buffer in Node does not initialize the underlying memory. Therefore, apart from the first 4 bytes overwritten by writeUInt32LE the rest will be gibberish. You should use fill to get consistent output.
var flag = 123;
var buf = new Buffer(80)
buf.fill(0);
buf.writeUInt32LE(flag);
When I add console.log(buf), I get a much more predictable output:
<Buffer 7b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ... >
I can't can't compare your output from the C snippet, as it seems your input values don't match. Based on your description, I think this will correct your output.