Click here to Skip to main content
15,917,176 members
Search within:


Filtering with vprintf()
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
C++
I'm trying to filter out a certain line with vprintf(). I'm getting alot of print out being this is the data part of an assembled packet. I just want the content-type part. This doesn't work, Any suggestions?
Thanks
C++
vprintf("%c", data[i], "Content-Type: application/x-www-form-urlencoded""");
Posted
Updated 21-Aug-11 14:29pm
v2
Add a Solution

5 solutions

This function is not designed to "filter" anything. It prints formatted variable argument list to standard output. See:
http://www.cplusplus.com/reference/clibrary/cstdio/vprintf/[^],
http://www.cplusplus.com/reference/clibrary/cstdarg/va_list/[^].

I have no idea what you tried to achieve using the call parameters shown in the code sample. It could not filter out the content-type (or anything at all) from data. If you still need to help on this matter, you should explain what's in data and what do you want to get out of this data.

—SA
 
Share this answer
 
Posted
Comments
Member 7766180 21-Aug-11 21:34pm    
Simply want Content Type of the packet.
Perhaps you are looking for something like strstr or string::find, to search the string for the "Content Type" part.
 
Share this answer
 
Posted
Comments
Member 7766180 21-Aug-11 23:49pm    
Perhaps, I'm just trying to search text as it appears in my console program and do a printf on it. I see the word content type go by me several times but I want to isolate it.
As Dalek Dave would say, FFS!

C++
char *origStr =  "Content-Type: application/x-www-form-urlencoded";
char *searchStr = "Content-Type: ";
char *desiredExerpt, *contentTypeTagPtr;

contentTypeTagPtr = strstr(origStr, searchStr);
desiredExerpt = contentTypeTagPtr + strlen(searchStr);

printf(desiredExerpt);
 
Share this answer
 
Posted
Comments
Member 7766180 22-Aug-11 9:59am    
Thank you. Unfortunatly it keeps printing.......
"Content-Type: application/x-www-form-urlencoded"; only. Over and over again. I just need to extract "Content-Type: application/x-www-form-urlencoded"; from the data portion of a packet dump.
enhzflep 22-Aug-11 11:11am    
Pleasure.

Well in that case, you need to identify the difference between your actual code and the example code you've displayed. If you make a bare-bones program and drop the above snippet in, the only output is "application/x-www-form-urlencoded"
If it doesn't work in your code, something is different to the code you've posted.
It's (the above snippet) really very simple.

1. Locate the string "Content-Type: " in the string that contains the content type.
2. Make a pointer that points to the first character after the string searched for.
3. Display the string from the character immediately after "Content-Type: "

Obviously, there's no error checking.
I assume:
1) That the case of the target string and the search string are consistent (since I'm using a case-sensitive string-compare)
2) That there will be a " " after the string "Content-Type:"
3) That the remainder of the line contains useful information.

Perhaps it would be a prudent way to spend everybody's time if you were to show the code that you use to obtain the string that you are searching through for the content-type. Also, the loop that you have the printf statement in. It sounds 90% likely to me that you have a logic error.
Member 7766180 22-Aug-11 17:43pm    
Thanks, the problem is that I'm getting the http header info from a tcp packet that has been sniffed. The TCP header prints out fine but when it comes to the data, I only have this...
void printRawData(unsigned char *data, int length, int more)
{
int i, c=0;
printf(" -------------Data Begins-------------\n");
for (i=0; i<length;> {
if ((data[i]>30 && data[i]<122) ||
(((data[i]==10) || (data[i]==13) || (data[i]==123) || (data[i]==125))
&& (more>0)))
{
printf("%c", data[i]);
c+=1;
}
else
{
printf("[%i]", data[i]);
c+=3;
if (data[i]>9) c++;
if (data[i]>99) c++;
}
if (c>=47)
{
printf("\n");
c=0;
}
}
}

data is defined here...void printRawData(unsigned char *data, int length, int more)
data is coming from the buffer.
enhzflep 22-Aug-11 23:14pm    
Er, that's not quite what I meant. I'm interested in the [i]other[/i] end-point of the data.. I don't care where it goes, where does it come from? Besides, that's not your real-code anyway, there's no way to advance "i" and it contains an incomplete "for" statement (hope the two are related)

What happens if the first line of printRawData was? <pre>printf("%s",data);</pre> Is it going to print something sensible or does the data contain control characters that must first be removed?

I've given you code that will isolate the first occurrence of "Content-Type: ". The code then goes on to print the text that follows this string until a terminating NULL is found. Clearly if this doesn't work you've got a problem with the string that you're supplying to this code.

Frankly, you supplied convoluted, buggy input to the forum, me thinks you've done the same to the code....
Member 7766180 23-Aug-11 11:30am    
Actuall the code does work, how and why I don't know. I'm have more code before it that gives me the IP, TCP Header info then I get the data part of the packet. Is there some way that I can copy the output from a console? I'd love to show you what I'm getting so that this can be figured out? Thanks. I appreciate the input!
Okay great. So how does that help?

What about the code that produces the output?

Please, for the love of God, Allah, Vishna, Buddha & Lucifer - will you display the code that you use to obtain the data in the first place, also please show the code used to produce the output shown in the previous 2 posts.

I'm telling you what I need to help you. If you want help, you know what to do.
These excerpts you've shown do not correspond to one-another, and contribute nothing to the discussion.

You're using unspecified data - i.e I've not seen it, you're transforming it in an unspecified way, yet you want a specific answer. That's not going to happen in this country any time soon. Not unless you ask a politician that is.


Here, look - you've got two instance of VERY NEARLY the same string:

Content-Type: text/html; charset=us-ascii


and

"Content-Type" Content="text/html; charset=us-ascii"



The first appears in the block that appears to be displaying statistics about the packet.
The next appears to actually be content from that packet.

My ten dollars says that you've ripped someone else's code (make that $1000, the code 'works' and you've admitted to having no idea why) and have foolishly searched for the string as displayed in the statistics block, when you should be searching for the text found within the packet data,

This is the text you should be searching the packet data for:

"Content-Type" Content=

Note, you have to search for this string (including the quote marks) I forget if it's \" to include a quote character in the string - but you'll have to escape it in some way so that the quote marks don't signify the end of the string to the compiler.

Failing that, just search for "Content="


I HATE COPY/PASTE PROGRAMMING/ERS
 
Share this answer
 
Posted
Comments
Member 7766180 23-Aug-11 12:50pm    
Please, No need to hate! I'm just trying to learn. I do appreciate your help!

Here is the main code...
#pragma warning( disable: 4996 )

#include <winsock2.h>
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include "ippacket.h"
#define BUFFERSIZE 4098

#pragma comment( lib, "ws2_32.lib" ) // linker must use this lib for sockets

// *** Prototypes
void translate_ip(DWORD _ip, char *_cip);
void decode_tcp(char *_packet);
void get_this_machine_ip(char *_retIP);

// *** Defines and Typedefs

#define LS_HI_PART(x) ((x>>4) & 0x0F)
#define LS_LO_PART(x) ((x) & 0x0F)

#define LS_MAX_PACKET_SIZE 65535

#ifndef SIO_RCVALL
# define SIO_RCVALL _WSAIOW(IOC_VENDOR,1)
#endif

typedef struct _IP_HEADER_
{
BYTE ver_ihl; // Version (4 bits) and Internet Header Length (4 bits)
BYTE type; // Type of Service (8 bits)
WORD length; // Total size of packet (header + data)(16 bits)
WORD packet_id; // (16 bits)
WORD flags_foff; // Flags (3 bits) and Fragment Offset (13 bits)
BYTE time_to_live; // (8 bits)
BYTE protocol; // (8 bits)
WORD hdr_chksum; // Header check sum (16 bits)
DWORD source_ip; // Source Address (32 bits)
DWORD destination_ip; // Destination Address (32 bits)
} IPHEADER;

typedef struct _TCP_HEADER_
{
WORD source_port; // (16 bits)
WORD destination_port; // (16 bits)
DWORD seq_number; // Sequence Number (32 bits)
DWORD ack_number; // Acknowledgment Number (32 bits)
WORD info_ctrl; // Data Offset (4 bits), Reserved (6 bits), Control bits (6 bits)
WORD window; // (16 bits)
WORD checksum; // (16 bits)
WORD urgent_pointer; // (16 bits)
} TCPHEADER;

// *********************************************************************
// main
// *********************************************************************
int main( int _argc, char *_argv[] )
{
int optVal=1, newData, packetCount;
int more=0;
time_t nowTime;
unsigned char packetBuffer[BUFFERSIZE];

struct sockaddr_in sock_sniff;
SOCKET sniff_socket = -1;
WSAData sa_data;
WORD ver;
IPHEADER *ip_header = NULL;
int optval = 1;
DWORD dwLen = 0;
char packet[LS_MAX_PACKET_SIZE];
int iRet = 0;
int ip_header_size = 0;
char ipSrc[20], ipDest[20], thisIP[20];
BOOL bShowTCP = TRUE;//, bShowICMP = TRUE;

printf("Welcome!");

if (argc<=2)
{
printf("\nUseage...");
printf("\ndood [IP-address] [packet-count] (ml) (o)");
printf("\n--> eyeball ");
return EXIT_SUCCESS;
}

// Init Windows sockets version 2.2
ver = MAKEWORD(2,2);
WSAStartup(ver, &sa_data);

// Get a socket in RAW mode
sniff_socket = socket( AF_INET, SOCK_RAW, IPPROTO_IP );
if ( sniff_socket == SOCKET_ERROR )
{
printf( "Error: socket = %ld\n", WSAGetLastError() );
exit(-1);
}

// Bind it
memset( thisIP, 0x00, sizeof(thisIP) );
get_this_machine_ip(thisIP);

sock_sniff.sin_family = AF_INET;
sock_sniff.sin_port = htons(0);

// If your machine has more than one IP you might put another one instead thisIP value
sock_sniff.sin_addr.s_addr = inet_addr(thisIP);

if ( bind( sniff_socket, (struct sockaddr *)&sock_sniff, sizeof(sock_sniff) ) == SOCKET_ERROR )
{
printf( "Error: bind = %ld\n", WSAGetLastError() );
exit(-2);
}


// Set socket to promiscuous mode
if ( WSAIoctl( sniff_socket,
SIO_RCVALL,
&optval,
sizeof(optval),
NULL,
0,
&dwLen,
NULL,
NULL ) == SOCKET_ERROR )

{
printf( "Error: WSAIoctl = %ld\n", WSAGetLastError() );
exit(-3);
}

while ( TRUE )
{
(void) memset( packet, 0x00, sizeof(packet) );

iRet = recv( sniff_sock
Member 7766180 23-Aug-11 12:51pm    
Here is the ippacket.h code....
void printRawData(unsigned char *data, int length, int more)
{
int i, c=0;
printf(" -------------Data Begins Big Tony-------------\n");
for (i=0; i<length; i++)
="" {
="" if="" ((data[i]="">30 && data[i]<122) ||
(((data[i]==10) || (data[i]==13) || (data[i]==123) || (data[i]==125))
&& (more>0)))
{
printf("%c", data[i]);
c+=1;
}
else
{
printf("[%i]", data[i]);
c+=3;
if (data[i]>9) c++;
if (data[i]>99) c++;
}
if (c>=47)
{
printf("\n");
c=0;
}
}
}

void writeRawData(unsigned char *data, int length, int type, FILE *file1)
{
int i, c=0;
fprintf(file1, " -------------Data Begins Small Fry-------------\n");
for (i=0; i<length; i++)
="" {
="" if="" ((data[i]="">30 && data[i]<122) ||
(((data[i]==10) || (data[i]==13) || (data[i]==123) || (data[i]==125))
&& (type>0)))
{
fprintf(file1, "%c", data[i]);
c+=1;

}
else
{
fprintf(file1, "[%i]", data[i]);
c+=3;
if (data[i]>9) c++;
if (data[i]>99) c++;
}
if (c>=47)
{
fprintf(file1, "\n");
c=0;
}
}
}

#include "tcppacket.h"
#include "udppacket.h"

void printIpPacket(unsigned char *data, int length, int more)
{
printf("-----------------Dry Fish Packet Begins-----------------\n");
printf("IP Version: %i, Packet Size: %ibytes, Id: %i\n",
(data[0]>>4), (data[2]*256)+data[3], (data[4]*256)+data[5]);

printf("Fragment: %i, TTL: %i, HL: %iwds, Protocol: %i\n",
((int)(data[6]>>4)*256)+data[7], data[8], ((char)(data[0]<<4))>>4, data[9]);

printf("Source: %i.%i.%i.%i, Destination: %i.%i.%i.%i\n",
data[12], data[13], data[14], data[15],
data[16], data[17], data[18], data[19]);

if (data[9]==6)
printTcpPacket(data+(((char)(data[0]<<4))>>2), length-(((char)(data[0]<<4))>>2), more);
else if (data[9]==17)
printUdpPacket(data+(((char)(data[0]<<4))>>2), length-(((char)(data[0]<<4))>>2), more);
else
printRawData(data+(((char)(data[0]<<4))>>2), length-(((char)(data[0]<<4))>>2), more);
printf("\n------------------Packet Ends------------------\n");
}
Member 7766180 23-Aug-11 12:53pm    
Thank you, kindly.
enhzflep 23-Aug-11 13:14pm    
My apologies for the harsh tone.

It's 3am here, I'm going to bed. I'll take another look tommorow.

I can think of precisely 1 example when I thought copy/paste programming was funny. Perhaps you'll find some amusement in the story too?

The Australian Defence force was developing software that was used to simulate battlefield conditions for soldiers. At some point, it was deemed that wildlife should be included as they can react to aircraft/vehicles, giving away the position of an attacking force.
So, kangaroos were added to the simulation. Upon testing the new addition a glaring error was noticed - the kangaroos would hide behind rocks before popping up and firing stinger missiles at the helicopters!!!!!

Yup, someone had copy/pasted the class code for (I presume) soldiers and changed the 3d model and movement routines such that the represented object now had the characteristics of a kangaroo. They just kinda missed that crucial part that says KANGAROOS DON'T FIRE SHOULDER MOUNTED ANTI-AIRCRAFT MISSILES!

Have a search for it, the story lurks around the web somewhere..

I started programming in ASM - I consider using code yet not understanding it sacrilegious. 'Night.
Member 7766180 23-Aug-11 15:37pm    
Funny story!!!!!! Yet typical I might add. Yes I am using the code, modifying the code and adding to it. And through all of my sometimes not so smart questions I am finally coming to an understanding about the code. All of us learn in different ways. I learn by doing, making mistakes and moving on. Thank you once again for your help. G'Nite.
:chuckles:

Sorry my friend, but your code no-worky!

Running under Win7 Home Premium, I am unable to create the requested socket. The line 
sniff_socket = socket( AF_INET, SOCK_RAW, IPPROTO_IP );
returns an invalid_socket, with WSAGetLastError returning 10013, indicating WSAEACESS - permission denied..

I've taken the liberty of cleaning up the code found in printRawData, does this seem easier to read?

C++
void printRawData(unsigned char *data, int length, int more)
{
    int i, count=0, curByte;
    bool printAsText;
    printf("     -------------Data Begins Big Tony-------------\n");
    for (i=0; i<length; i++)
    {
        curByte = data[i];
        printAsText = false;

        if ((curByte > 30)&&(curByte<122))
            printAsText = true;

        if (more > 0)
        {
            if ((curByte == 10) || (curByte == 13) ||(curByte == 123) ||(curByte == 125))
                printAsText = true;
        }

        if (printAsText)
        {
            printf("%c",curByte);
            count++;
        }

        else
        {
            printf("[%i]", curByte);
            count += 3;
            if (curByte > 9) count++;
            if (curByte > 99) count++;
        }

        if (count >= 47)
        {
            printf("\n");
            count = 0;
        }
    }
}
 
Share this answer
 
Posted
Comments
Member 7766180 23-Aug-11 23:35pm    
Yes it is. Thank You
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
Advanceddatagridview filtering problem
Filter datagrideview by bindingsource
Odata filter for child
How can I filter the prime ng table and export only filtered data to excel
Issue can't make filter for every column data table filter inside data
C# dataset data filtering
How to filter requests to a port?
How to filter by enumerable attributes (methods)
Php filter database record using dropdownlist
How can we add filter in macro to read outlook mail

Advertise
Privacy
Cookies
Terms of Use
Last Updated 23 Aug 2011
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web04 2.8:2024-06-13:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900