Wireshark · Wireshark-dev: Re: [Wireshark-dev] need a C utility to search data in hex dump

Wireshark-dev: Re: [Wireshark-dev] need a C utility to search data in hex dump

From: Jakub Zawadzki <darkjames@xxxxxxxxxxxxxxxx>

Date: Thu, 4 Mar 2010 13:24:22 +0100

On Thu, Mar 04, 2010 at 05:36:56PM +0530, prashanth s wrote:
> I have read the data from the pcap file in to a buffer. Now I need to search
> for a pattern in the data from pcap stored in buffer.
> Could anyone please tell me a c function that can be used to search for the
> pattern?
> For example the data may contain  00 0f a2 ee cd 34 23 78 00    and I need a
> c function to search for cd34.

You can try memmem() [GNU extension]

  const char pattern[] = { 0xcd, 0x34 };
  memmem(buf, buflen, pattern, sizeof(pattern));

Follow-Ups:
- Re: [Wireshark-dev] need a C utility to search data in hex dump
  - From: prashanth joshi

References:
- [Wireshark-dev] need a C utility to search data in hex dump
  - From: prashanth s

Prev by Date: [Wireshark-dev] need a C utility to search data in hex dump
Next by Date: Re: [Wireshark-dev] malformed packet
Previous by thread: [Wireshark-dev] need a C utility to search data in hex dump
Next by thread: Re: [Wireshark-dev] need a C utility to search data in hex dump
Index(es):
- Date
- Thread