From: karim on
Hi Kalpesh,

"kalpesh" wrote:

> On Jul 6, 5:38 pm, karim <k...(a)discussions.microsoft.com> wrote:
> > hi David,
> >
> >
> >
> >
> >
> > "David Wilkinson" wrote:
> > > karim wrote:
> > > > Hi All,
> > > > i have the following code in my cpp file
> > > > **************************************************
> > > > int i = 0;
> >
> > > > char *passwordToEncrypt = "080000151F6ECF67";
> > > > char *encpwd8 = NULL;
> > > > char *encpwd16 = NULL;
> >
> > > > //if i uncomment below line,then it throwing access violation error during
> > > > runtime
> > > > //i = 0605;
> >
> > > > int l = E3Des(passwordToEncrypt, encpwd8, encpwd16, &i);
> >
> > > > ****************************************************
> >
> > > > the method "E3Des" is defined in a dll and it is linked. so no compilation
> > > > errors:-). i have only runtime error.
> >
> > > > can anybody help me out.
> >
> > > karimulla:
> >
> > > What is the declaration of E3Des()? Does it modify the first parameter?
> >
> > see the declaration below
> > int E3Des(char *Passwd_en_Claro, char *Passwd_Encriptado8, char*
> > Passwd_Encriptado16, int *version);
> > and it doesn't modify the first parameter.> It would seem that it does. In that case you must pass it a modifiable
> > > character string
> >
> > > char passwordToEncrypt[1024] = "080000151F6ECF67";
> >
> > > (assuming that 1024 is long enough).
> >
> > > Additional point: when you assign a string literal to a char pointer you
> > > should always write
> >
> > > const char *passwordToEncrypt = "080000151F6ECF67";
> >
> > i don't have any problem with above parameter. i got error when i pass +ve
> > value to "i" variable.> Then the compiler will stop you from passing it to a function that will
> > > modify the string (i.e. one that takes char* as argument).
> >
> > > --
> > > David Wilkinson
> > > Visual C++ MVP
> >
> > -karimulla.- Hide quoted text -
> >
> > - Show quoted text -
>
> i think the problem create using the second and third parametet (char
> *encpwd8 = NULL; char *encpwd16 = NULL;) which you pass as char *
> without initialize its memory so when ever you are trying to copy some
> string in this two parameter inside your E3Des function it will thow
> memory exception and your application will crash.
> so use all pointer variable with proper memory initialization.
>
you are right. my function E3Des() takes "passwordToEncrypt" as input and
copy some data into "encpwd8" and "encpwd16". can you please tell me how to
declare and pass them.

Thanks,
karimulla sk.
From: karim on
Hi Joseph ,
Thanks for your reply. The method E3Des takes "passwordToEncrypt" as input
and run some encryption algorithm and then store the result in encpwd8 and
encpwd16 parameters, during this process version number, which is in "i" gets
modified. thats why i passed i as int *.now i have provided input like

char *passwordToEncrypt = "080000151F6ECF67";
char encpwd8[1024] = "";
char encpwd16[1024] = "";
int i = 0605;

here i am getting output in encpwd16 and some garbage value in encpwd8 and
i=389 with a return value of zero(Actually 1= success, differnt 1 = bad)

can you help me on this please........

Thanks and Regards,
karimulla.

"Joseph M. Newcomer" wrote:

> See below...
> On Fri, 6 Jul 2007 05:38:04 -0700, karim <karim(a)discussions.microsoft.com> wrote:
>
> >hi David,
> >
> >"David Wilkinson" wrote:
> >
> >> karim wrote:
> >> > Hi All,
> >> > i have the following code in my cpp file
> >> > **************************************************
> >> > int i = 0;
> >> >
> >> > char *passwordToEncrypt = "080000151F6ECF67";
> >> > char *encpwd8 = NULL;
> >> > char *encpwd16 = NULL;
> >> >
> >> > //if i uncomment below line,then it throwing access violation error during
> >> > runtime
> >> > //i = 0605;
> >> >
> >> > int l = E3Des(passwordToEncrypt, encpwd8, encpwd16, &i);
> >> >
> >> > ****************************************************
> >> >
> >> > the method "E3Des" is defined in a dll and it is linked. so no compilation
> >> > errors:-). i have only runtime error.
> >> >
> >> > can anybody help me out.
> >>
> >> karimulla:
> >>
> >> What is the declaration of E3Des()? Does it modify the first parameter?
> >see the declaration below
> >int E3Des(char *Passwd_en_Claro, char *Passwd_Encriptado8, char*
> >Passwd_Encriptado16, int *version);
> ****
> Of course, this actually says NOTHING about whether or not the first parameter is
> modified; far too many programmers are sloppy about the use of the word const in
> specifying parameters (generally, these are the same programmers who think 'char *' is
> still a data type that should be used for general-purpose programming, as opposed to
> LPTSTR or LPCTSTR). So it is entirely possible that a CORRECT declaration might have been
>
> int E3Des(const char * Passwd_en_Claro, char * Passwd_Encriptado8, char *
> Passwd_Encriptado16, int * version);
>
> I had hypothesized something about the last argument being a possible buffer count, but a
> key here is that we have not yet actually seen a specification of what is going on here,
> but my suspiction is that it expects that valid pointers are passed in for the second and
> third parameters, which is not happening here. If the version is given as 0, it probably
> rejects the operation and returns 0, quite possibly calling ::SetLastError, or
> alternatively, returning a negative number, but of course lacking any concept of what this
> function is really supposed to do to its arguments or what its return type is makes it
> difficult to infer what is going on or suggest alternative approaches.
>
> Why is the version number a pointer? Is it changed on completion of the function? What
> is it changed to, and why? I can see that you might have something that takes a (and
> shades of retrocomputing) an octal version number 0605 representing version 6.05, and
> returns an updated value, such as 0622, meaning the function could support features in the
> 6.22 release, but why octal? As far as I know, the last byte-oriented machine to use
> octal was the PDP-11. (Although the failure to use const and the assumption of 8-bit
> characters suggests the coder has not progressed beyond PDP-11 C)
>
> I suspect it is uninitialized pointers caused by someone who doesn't understand the C
> language trying to write code, and who is calling a function written by someone who
> doesn't understand either C or modern programming practice. In addition to the abuse of
> the data type 'char', as if characters are really only 8 bits wide all the time
> everywhere, and the likely omission of the 'const' on the first parameter, DO YOU SEE A
> BUFFER LENGTH BEING PASSED IN? Of course not! We have here a security function designed
> to create security holes! Buffer overrun!
>
> This looks like it was written by someone who learned C programming from the K&R book.
> *****
> >and it doesn't modify the first parameter.
> ****
> So why is the first parameter not declared 'const'???? The function definition is, to put
> it mildly, the result of slovenly programming.
> ****
> >> It would seem that it does. In that case you must pass it a modifiable
> >> character string
> >>
> >> char passwordToEncrypt[1024] = "080000151F6ECF67";
> >>
> >> (assuming that 1024 is long enough).
> >>
> >> Additional point: when you assign a string literal to a char pointer you
> >> should always write
> >>
> >> const char *passwordToEncrypt = "080000151F6ECF67";
> >i don't have any problem with above parameter. i got error when i pass +ve
> >value to "i" variable.
> >> Then the compiler will stop you from passing it to a function that will
> >> modify the string (i.e. one that takes char* as argument).
> >>
> >> --
> >> David Wilkinson
> >> Visual C++ MVP
> >>
> >-karimulla.
> Joseph M. Newcomer [MVP]
> email: newcomer(a)flounder.com
> Web: http://www.flounder.com
> MVP Tips: http://www.flounder.com/mvp_tips.htm
>
From: David Wilkinson on
karim wrote:
> Hi Joseph ,
> Thanks for your reply. The method E3Des takes "passwordToEncrypt" as input
> and run some encryption algorithm and then store the result in encpwd8 and
> encpwd16 parameters, during this process version number, which is in "i" gets
> modified. thats why i passed i as int *.now i have provided input like
>
> char *passwordToEncrypt = "080000151F6ECF67";
> char encpwd8[1024] = "";
> char encpwd16[1024] = "";
> int i = 0605;
>
> here i am getting output in encpwd16 and some garbage value in encpwd8 and
> i=389 with a return value of zero(Actually 1= success, differnt 1 = bad)

Karim:

Mihajlo Cvetanovic gave you the correct answer to this several days ago.
You have to provide a buffer with enough space for the encrypted
information:

const char *passwordToEncrypt = "080000151F6ECF67";
char encpwd8[LARGE_ENOUGH_8];
char encpwd16[LARGE_ENOUGH_16];
int i = 0605;

int l = E3Des(passwordToEncrypt, encpwd8, encpwd16, &i);

Actually, because the prototype of your function is not const-correct
you must do:

int l = E3Des((char*)passwordToEncrypt, encpwd8, encpwd16, &i);

or supply an actual buffer for the input array:

char passwordToEncrypt[] = "080000151F6ECF67";

--
David Wilkinson
Visual C++ MVP
From: karim on
Hi David,

"David Wilkinson" wrote:

> karim wrote:
> > Hi Joseph ,
> > Thanks for your reply. The method E3Des takes "passwordToEncrypt" as input
> > and run some encryption algorithm and then store the result in encpwd8 and
> > encpwd16 parameters, during this process version number, which is in "i" gets
> > modified. thats why i passed i as int *.now i have provided input like
> >
> > char *passwordToEncrypt = "080000151F6ECF67";
> > char encpwd8[1024] = "";
> > char encpwd16[1024] = "";
> > int i = 0605;
> >
> > here i am getting output in encpwd16 and some garbage value in encpwd8 and
> > i=389 with a return value of zero(Actually 1= success, differnt 1 = bad)
>
> Karim:
>
> Mihajlo Cvetanovic gave you the correct answer to this several days ago.
i have tried it, but the encpwd8 parameter is getting only garbage value.
Actually i don't have source code for that dll(which has function defination)
to debug. is there any way to get the error correct.
> You have to provide a buffer with enough space for the encrypted
> information:
>
> const char *passwordToEncrypt = "080000151F6ECF67";
> char encpwd8[LARGE_ENOUGH_8];
> char encpwd16[LARGE_ENOUGH_16];
> int i = 0605;
>
> int l = E3Des(passwordToEncrypt, encpwd8, encpwd16, &i);
>
> Actually, because the prototype of your function is not const-correct
> you must do:
>
> int l = E3Des((char*)passwordToEncrypt, encpwd8, encpwd16, &i);
>
> or supply an actual buffer for the input array:
>
> char passwordToEncrypt[] = "080000151F6ECF67";
>
> --
> David Wilkinson
> Visual C++ MVP

Thanks,
karimulla .
From: David Wilkinson on
karim wrote:

>> Mihajlo Cvetanovic gave you the correct answer to this several days ago.

> i have tried it, but the encpwd8 parameter is getting only garbage value.
> Actually i don't have source code for that dll(which has function defination)
> to debug. is there any way to get the error correct.

Karim:

You say you have tried it, but the code you showed allocated a zero
length buffer for encpwd8 and encpwd16.

You have to read the documentation to find out how big these buffers
have to be, and to learn the meaning of the integer parameter.

--
David Wilkinson
Visual C++ MVP
First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4
Prev: CHtmlView
Next: using MXXMLWriter to pretty print xml