I am trying to save a raw byte array into a file:
mDataStream.writeRawData( ( (const char *)&testPacket), 188);
The test packet is just an array of unsigned char, the packet is copied in the right size, but the bytes are reordered. ie: 0x47 0x00 0x10 0x20 ... becomes 0x00 0x47 ox20 0x10.
This looks like an endianness problem, but i've tried setting the byte order to little endian with unsuccessful results.
Related
I have an unsigned long long variable which I want to write to a binary file. However, I need to neglect all leading bytes which are zero.
This means
unsigned long long toWrite = 4;
should write 0x04 and not 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x04 to the stream.
#include <fstream>
int main(){
std::ofstream out("test.txt", std::ios::binary);
unsigned long long toWrite = 4;
out << cutoffZeroBytes(toWrite);
out.close();
return 1;
}
I was thinking about making cutoffZeroBytes a function which returns a char*. But if there are zero bytes in the middle (e.g. 0x03 0x00 0xf1), then I think I couldn't write it to the stream, since 0x00 determines the end of an char array.
I'm a little clueless here and need some help.
One way is using write for this aim.
So, just change:
out << cutoffZeroBytes(toWrite);
to:
out.write((char*)&toWrite, sizeof(toWrite));
And if you want to cut this number:
char* start = (char*)&toWrite;
int pi = sizeof(toWrite);
for (; pi > 0; pi--, start++)
if (*start)
break;
out.write(start, pi);
In my project I'm working with QByteArrays appending data to them as the program goes. Most of the time, a simple quint8 gets appended just fine using QByteArray::append(). But when a quint16 gets appended, only 1 byte gets appended instead of 2.
QByteArray ba = QByteArray::fromHex("010203");
quint number(300);//300 in hex is 012c
ba.append(number);//What should be appended instead of just number?
//the current incorrect result is
ba.toHex() == "0102032c"
//the desired result is
ba.toHex() == "010203012c"
I've already tried this, but it just inserts the value as a string (4 bytes):
ba.append(QByteArray::number(number, 16));
What should I append to the QByteArray so both bytes of "number" get appended instead of just one byte? Also, the fastest method possible is preferred since this program needs to have great performance times. So absolutely no converting to QStrings.
Thanks for your time.
On its own, QByteArray only supports appending bytes; to append a big-endian representation of fixed-size integer types you can build your own operator<< (or what you prefer) overloads using the appropriate bit shifts:
QByteArray &operator<<(QByteArray &l, quint8 r)
{
l.append(r);
return l;
}
QByteArray &operator<<(QByteArray &l, quint16 r)
{
return l<<quint8(r>>8)<<quint8(r);
}
QByteArray &operator<<(QByteArray &l, quint32 r)
{
return l<<quint16(r>>16)<<quint16(r);
}
This allows you to write code like:
QByteArray b;
b<<quint16(300); // appends 0x01 0x2c
b<<quint8(4); // appends 0x04
b<<quint16(4); // appends 0x00 0x04
b<<quint32(123456); // appends 0x00 0x01 0xe2 0x40
b<<quint8(1)<<quin16(2)<<quint32(3); // appends 0x01 0x00 0x02 0x00 0x00 0x00 0x03
You should probably avoid writing
QByteArray b;
b<<1;
because in theory the output depends on the size of the current platform integer (although AFAIK on all platforms supported by Qt int is 32 bit).
I have source code for a project that inspects a game's memory values. The thing I don't understand is this: How did the author so precisely determined the type and location of these values? For example, here's a struct he defined:
typedef struct {
UInt16 times_used; // 0x0
UInt16 token; // 0x2
SInt16 previous_id; // 0x4
SInt16 next_id; // 0x6
SInt32 model; // 0x8
char unknown00[0x1B]; // 0xC
UInt8 player_owner; // 0x27
char unknown01[0x18]; // 0x28
UInt32 position_x; // 0x40
UInt32 position_y; // 0x44
char unknown02[0x1F]; // 0x48
UInt32 death_type; // 0x69
char unknown03[0x7]; // 0x6D
UInt32 destination_x; // 0x74
UInt32 destination_y; // 0x78
char unknown04[0x84]; // 0x7C
UInt32 health_damage; // 0x100
UInt32 shield_damage; // 0x104
UInt32 energy_damage; // 0x108
char unknown05[0x74]; // 0x10C
} Unit;
He looks for it at this address 0x3BC2060 and it's size is 0x8B8. I ran the program and watch the memory at this location, and sure, I could identify some things like the name property, but how did he find this out so precisely?
Thanks.
I hope I get this straight:
You look at 0x3bc2060 and the next 0x8b8 bytes/octets.
To reverse engineer a struct like this it is crucial to observe the program using this struct by filling it with values for the different fields in it.
Then you can deduce from many dumps starting at 0x3bc2060 and the following 0x8b8 bytes
what is happening.
But it is not so precise as you might expect, because some fields are apparently not assignable. These are the char unknown[].
Doing a struct reverse is a very tedious task and you need much patience with your debugger ;)
Hope this helps to understand how it works in principle
I've to read data from binary file.
This binary data format is:
0x00 0x00 0x01 - is delimiter
after this delimiter there is raw data byte array.
So, to sum up, my binary file looks like:
0x00 0x00 0x01 (here is raw data byte)
0x00 0x00 0x01 (here is another block
of raw data bytes) 0x00 0x00 0x01 ....
So i've wrote such code to parse my file (I'm not very familiar with C)
ifstream inp("myfile.bin",ios::binary);
char b1, b2, b3;
while (!inp.eof())
{
inp.read(&b1,sizeof(b1));
inp.read(&b2,sizeof(b2));
inp.read(&b3,sizeof(b3));
//finding first delimiter (data starts from delimiter)
while (!((0==b1)&&(0==b2)&&(1==b3)))
{
b1=b2;
b2=b3;
if (inp.eof())
break;
inp.read(&b3,sizeof(b3));
}
if (inp.eof())
break;
char* raw=new char[65535];
int rawSize=0;
inp.read(&b1,sizeof(b1));
inp.read(&b2,sizeof(b2));
inp.read(&b3,sizeof(b3));
raw[rawSize++]=b1;
raw[rawSize++]=b2;
if (inp.eof())
break;
//reading raw data until delimiter is found
while (!((0==b1)&&(0==b2)&&(1==b3)))
{
raw[rawSize++]=b3;
b1=b2;
b2=b3;
if (inp.eof())
break;
inp.read(&b3,sizeof(b3));
}
rawSize-=2; //because of two bytes of delimiter (0x00 0x00) would be added to raw
//Do something with raw data
if (inp.eof())
break;
inp.putback(1);
inp.putback(0);
inp.putback(0);
delete []raw;
}
But sometimes this code falls into infinite loop.
Could you advice me something?
Thanks
I think the problem there is that putback fails. As far as i recall, putback is guaranteed to work only once; second invocation will fail if the internal read buffer is aligned (that is, very rarely; seems like your situation).
To fix, get rid of putback. First of all, move the loop commented as "finding first delimiter" out of the outer while loop: the comment suggests that this code should only run once. After you do it, pay attention that at the beginning of the outer while loop, the sequence 0x00 0x00 0x01 has just been found, so the code doesn't have to use putback and look for it again.
You're using feof() wrong, it's only valid after a read has been attempted and failed.
How do you know that your magic byte sequence 0 0 1 doesn't appear inside the data? If the data is just a "binary array" that doesn't sound like it provides much of a guarantee ...
I have a structure:
struct JFIF_HEADER
{
WORD marker[2]; // = 0xFFD8FFE0
WORD length; // = 0x0010
BYTE signature[5]; // = "JFIF\0"
BYTE versionhi; // = 1
BYTE versionlo; // = 1
BYTE xyunits; // = 0
WORD xdensity; // = 1
WORD ydensity; // = 1
BYTE thumbnwidth; // = 0
BYTE thumbnheight; // = 0
};
This is how I read it from the file:
HANDLE file = CreateFile(filename, GENERIC_READ, FILE_SHARE_READ,
NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0);
DWORD tmp = 0;
DWORD size = GetFileSize(file, &tmp);
BYTE *DATA = new BYTE[size];
ReadFile(file, DATA, size, &tmp, 0);
JFIF_HEADER header;
memcpy(&header, DATA, sizeof(JFIF_HEADER));
This is how the beginning of my file looks in hex editor:
0xFF 0xD8 0xFF 0xE0 0x00 0x10 0x4A 0x46 0x49 0x46 0x00 0x01 0x01 0x00 0x00 0x01
When I print header.marker, it shows exactly what it should (0xFFD8FFE0). But when I print header.length, it shows 0x1000 instead of 0x0010. The same thing is with xdensity and ydensity. Why do I get wrong data when reading a WORD?
You are on an x86 cpu which stores words low byte-high byte (little endian)
The binary file is presumably stored in big endian.
You need to manually swap each byte in the file (or possibly your JFIF library will do this for you)
ps. The safest way to swap bytes is to use the ntohs() and htons() macros in your 'C' library.
See the wiki article for the details of endianness