Quote:
Originally Posted by dila
|
Hmmm... So you're looking for something like the OD command in unix (except for the addition of multiple file search)?
Would something like this work?
Code:
#include <stdio.h>
#include <string.h>
#include <ctype.h>
#include <stdlib.h>
#define BUF_SIZE 65536
int getnibble(char c)
{
c = toupper(c);
return (c > '9' ? c - 'A' + 10 : c - '0');
}
void main(int argc, char** argv)
{
if (argc != 3)
{
printf(
"Usage:\n"
"%s <filename> <hex>\n",
argv[0]
);
return;
}
char* filename = argv[1];
char* hexchars = argv[2];
int len = strlen(hexchars);
if (len % 2)
{
printf("Error: Odd number of hex chars\n");
return;
}
len /= 2; // len = number of bytes in pattern
// parse hexchars to real bytes
char* pattern = (char*)malloc(len);
char* p = pattern;
while (*hexchars)
{
int h = getnibble(*hexchars++);
int l = getnibble(*hexchars++);
if (h > 16 || l > 16)
{
printf("Error: invalid hex\n");
free(pattern);
return;
}
*p++ = (h << 4) + l;
}
// Open the file
FILE* f = fopen(filename, "rb");
if (f)
{
char* buf = (char*)malloc(BUF_SIZE);
// we want to read in less than the whole buffer each time to avoid
// missing the needle when it's halfway across a boundary
int readsize = BUF_SIZE - len;
int amtread;
int offset = 0;
char* p; // search result
int bytessearched; // how many bytes we've already searched in this block
// read in the first block in full
amtread = fread(buf, 1, BUF_SIZE, f);
while (amtread != 0)
{
// search for the start byte
bytessearched = 0;
while ((p = (char*)memchr(buf + bytessearched, *pattern, amtread - len - bytessearched)) != NULL)
{
if (memcmp(p, pattern, len) == 0)
{
printf("Found at %x\n", offset + p - buf);
}
bytessearched = p - buf + 1;
}
// copy the tail of the buffer over the head
memmove(buf, buf + BUF_SIZE - len, len);
// read in the next block
amtread = fread(buf + len, 1, BUF_SIZE - len, f);
offset += BUF_SIZE - len;
}
free(buf);
}
fclose(f);
free(pattern);
}
And then just create a batch file for the multiple file search?
01-22-2018, 03:46
Similar Threads
Hybrid Mode
