ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] epan_base64_decode(): failure when string contains a NUL cha

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Evan Huus <eapache@xxxxxxxxx>
Date: Sun, 21 Apr 2013 16:29:07 -0400
On Sun, Apr 21, 2013 at 4:22 PM, Uli Heilmeier <zeugs@xxxxxxxxxxxx> wrote:
> Hi,
>
> Thanks for both replies!
> I did a complete clean-up of my code and now the decoded string is 14
> bytes long. So the epan_base64_decode() function is working correct.
>
> Sorry for the work and the confusion.
>
> There is only one issue left: How can I split up this string. The
> g_strsplit() function seems to don't accept NULL as a delimiter.

It depends what you need the results for. If you just need them
separated by a NULL then they're already in that state, you can just
use strlen and pointer arithmetic.

If you need discrete copies of each substring in their own memory
space you can just do the above and then strdup them.

A word of warning though: be sure to sanity check everything, as you
can't assume that the string coming out of the packet will be sane, or
will contain the correct number of NULLs (it may not contain any NULLs
at all, in which case just calling strlen will run past the end of the
buffer). Also be sure to use managed memory (see doc/README.wmem)
unless you have a specific reason not to.

Cheers,
Evan

> Thanks!
> Uli
>
> Am 20.04.13 11:55, schrieb Jakub Zawadzki:
>> Hi,
>>
>> On Wed, Apr 17, 2013 at 10:27:42PM +0200, Uli Heilmeier wrote:
>>> With the PLAIN mechanism the packet has a base64 encoded string containing:
>>> [authorization user](\x00)[authentication user](\x00)[password]
>>>
>>> For example:
>>> dGVzdAB0ZXN0ADEyMzQ= contains test(NUL)test(NUL)1234
>>>
>>> I tried to decode the base64 string with the epan_base64_decode() function
>>> (from epan/base64.h). Unfortunately this fails. I only get a wrong three
>>> bytes long string.
>>> I guess the problem is the NUL character as a delimiter.
>>>
>>> Do you have an idea if this is bug in the epan_base64_decode() function or
>>> do I have to do the decoding another way?
>>
>> From C interactive shell (gdb):
>>
>> (gdb) call $x = (char *) strdup("dGVzdAB0ZXN0ADEyMzQ=")
>> $1 = 0x65b0e0 "dGVzdAB0ZXN0ADEyMzQ="
>> (gdb) call epan_base64_decode($x)
>> $2 = 14
>>
>> (gdb) x/14c $x
>> 0x65b0e0:       116 't' 101 'e' 115 's' 116 't' 0 '\000'        116 't' 101 'e' 115 's'
>> 0x65b0e8:       116 't' 0 '\000'        49 '1'  50 '2'  51 '3'  52 '4'
>>
>> (gdb) call $x
>> $3 = 0x65b0e0 "test"
>> (gdb) call $x + 5
>> $4 = 0x65b0e5 "test"
>> (gdb) call $x + 5 + 5
>> $5 = 0x65b0ea "1234"
>>
>> Seems to be working ok, can you attach your code?
>>
>> Regards,
>> Jakub Zawadzki
>
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube