Wireshark-dev: Re: [Wireshark-dev] need a C utility to search data in hex dump
From: prashanth joshi <[email protected]>
Date: Thu, 4 Mar 2010 07:17:23 -0800 (PST)

Hi Jakub,
Thanks very much for the reply.
--- On Thu, 3/4/10, Jakub Zawadzki <[email protected]> wrote:

From: Jakub Zawadzki <[email protected]>
Subject: Re: [Wireshark-dev] need a C utility to search data in hex dump
To: "Developer support list for Wireshark" <[email protected]>
Date: Thursday, March 4, 2010, 6:24 AM

On Thu, Mar 04, 2010 at 05:36:56PM +0530, prashanth s wrote:
> I have read the data from the pcap file in to a buffer. Now I need to search
> for a pattern in the data from pcap stored in buffer.
> Could anyone please tell me a c function that can be used to search for the
> pattern?
> For example the data may contain  00 0f a2 ee cd 34 23 78 00    and I need a
> c function to search for cd34.

You can try memmem() [GNU extension]

  const char pattern[] = { 0xcd, 0x34 };
  memmem(buf, buflen, pattern, sizeof(pattern));
Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:[email protected]?subject=unsubscribe