Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: epan_base64_decode(): failure when string contains a NUL character

From: Evan Huus <eapache () gmail com>
Date: Sun, 21 Apr 2013 16:29:07 -0400
On Sun, Apr 21, 2013 at 4:22 PM, Uli Heilmeier <zeugs () heilmeier eu> wrote:

Hi,

Thanks for both replies!
I did a complete clean-up of my code and now the decoded string is 14
bytes long. So the epan_base64_decode() function is working correct.

Sorry for the work and the confusion.

There is only one issue left: How can I split up this string. The
g_strsplit() function seems to don't accept NULL as a delimiter.


It depends what you need the results for. If you just need them
separated by a NULL then they're already in that state, you can just
use strlen and pointer arithmetic.

If you need discrete copies of each substring in their own memory
space you can just do the above and then strdup them.

A word of warning though: be sure to sanity check everything, as you
can't assume that the string coming out of the packet will be sane, or
will contain the correct number of NULLs (it may not contain any NULLs
at all, in which case just calling strlen will run past the end of the
buffer). Also be sure to use managed memory (see doc/README.wmem)
unless you have a specific reason not to.

Cheers,
Evan


Thanks!
Uli

Am 20.04.13 11:55, schrieb Jakub Zawadzki:

Hi,

On Wed, Apr 17, 2013 at 10:27:42PM +0200, Uli Heilmeier wrote:

With the PLAIN mechanism the packet has a base64 encoded string containing:
[authorization user](\x00)[authentication user](\x00)[password]

For example:
dGVzdAB0ZXN0ADEyMzQ= contains test(NUL)test(NUL)1234

I tried to decode the base64 string with the epan_base64_decode() function
(from epan/base64.h). Unfortunately this fails. I only get a wrong three
bytes long string.
I guess the problem is the NUL character as a delimiter.

Do you have an idea if this is bug in the epan_base64_decode() function or
do I have to do the decoding another way?


From C interactive shell (gdb):

(gdb) call $x = (char *) strdup("dGVzdAB0ZXN0ADEyMzQ=")
$1 = 0x65b0e0 "dGVzdAB0ZXN0ADEyMzQ="
(gdb) call epan_base64_decode($x)
$2 = 14

(gdb) x/14c $x
0x65b0e0:       116 't' 101 'e' 115 's' 116 't' 0 '\000'        116 't' 101 'e' 115 's'
0x65b0e8:       116 't' 0 '\000'        49 '1'  50 '2'  51 '3'  52 '4'

(gdb) call $x
$3 = 0x65b0e0 "test"
(gdb) call $x + 5
$4 = 0x65b0e5 "test"
(gdb) call $x + 5 + 5
$5 = 0x65b0ea "1234"

Seems to be working ok, can you attach your code?

Regards,
Jakub Zawadzki


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: