I have only been working with C++ for about 6 months so my apologies for any stupid mistakes I make in my code.
I am working on a project that will read in a binary file to a streambuf and then search the streambuf for specific sequences and report the sequences starting offset in the binary file as well as an identifier for which specific sequence was found in the binary file.
The sequences to search for are stored in a vector> called snortRules where each index of the snortRules vector is the a single sequence stored as vector of ints.
Ultimately i need to create a text file that will show the offset and specific sequence found for comparison against another file that should match, but for now I am just printing the results to a console window.
My code seems to be working as it reports finding all the sequences except for a single issue. For some reason I sometimes get a repeat of the offset for where a sequence is found. for example output would be:
101521 #655
101816 #656 <--This output is correct
101816 #657 <--This output is wrong and should have offset 101865
101893 #658 <--This output is correct
101893 #659 <--This output is wrong and should have offset 102084
102105 #660
102325 #661
102378 #662
I think my issues is that I am not getting the offset correctly using streambuf's pubseekoff.
my code is:
fstream binFS(binName, ios::in | ios::binary); //create stream
streambuf* binBuff = binFS.rdbuf(); //create streambuf from filestream
int currentChar; //ascii code of current character from binary file
streamsize offset; //location of first character of rule in binary file
do
{ //until the end of binary file
for(unsigned i=0; i<snortRules.size(); ++i)
{//start by finding the begining of current rule
do
{ //check binBuff until first char of first rule is found.
currentChar = binBuff->sgetc();
if( snortRules[i][0] == currentChar )//binBuff->sgetc() ) //compare short rule 1st char to curtent position
{ //match save offset and compare rest of rule
offset = binBuff->pubseekoff(0,ios::cur); //set the offset to current postion
bool checkNext = true; //bool to break loop when checking rules if not matching
for(unsigned srIdx=0; srIdx < snortRules[i].size() && checkNext == true; ++srIdx)
{ //loop through current rule comparing characters
if(snortRules[i][srIdx] == currentChar)
{ //match check if end of rule or advance character to compare to next in rule
if( srIdx == snortRules[i].size()-1)
{ //match write the offset of fist character of rule and which was matched
std::cout<<offset<<" #"<<i+1<<endl; //write to console for debugging purposes will write to text file when working
++i; //increment rule to next when exact match found
}
else
{ //not at the end of the rule so continue to compare next characters
currentChar = binBuff->snextc(); //set currentChar to next char to be checked by for loop
}
}
else
{ //no match break out and continue
checkNext == false; //set flag to break for loop because characters didnt match
}
}
}
else
{ //no match check next character in binBuff
//offset = binBuff->pubseekoff (0,binFS.cur, binFS.in); //set the offset to current postion
currentChar = binBuff->snextc(); //get next char in binBuff
//offset = binBuff->pubseekoff (0,binFS.cur, binFS.in); //set the offset to current postion
}
}while( currentChar != streambuf::traits_type::eof() ); //stop checking if end of file reached
}
}while( binBuff->snextc() != streambuf::traits_type::eof() ); //stop checking if end of file reached
I have tried to find documentation and examples for pubseekoff on stackoverflow.com and cplusplus.com but what I can find is not making much sense to me and honestly I am not 100% sure it is my problem...
Any help or suggestions is greatly appreciated!
https://stackoverflow.com/questions/16246553
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian