0

So I am trying to check if a string is within a 'block' of memory. So here is a made up memory address 0x00343211 where I start and want to start checking from.

What I am trying to do is write the data from 0x00343211 to 0x00343211 + 900 into a char array and then check if within that char array there is a string that I am looking for.

So this is what I have tried already

char dataBuf[1000] = { 0 };
memcpy((void*)dataBuf,(void*)0x00343211,900);
if(strstr(dataBuf,"ACTIVE") != NULL)
{
    //I want to check if the string "ACTIVE" is
    //within the random data that I have written into dataBuf
}

But this does not seem to be working.

Kara
  • 6,115
  • 16
  • 50
  • 57
rflxdev
  • 143
  • 2
  • 2
  • 11
  • Just loop through the memory address, and if the character is "A", check if the next memory addresses consists of the remaining characters? Not hard to do right? – KarelG Apr 20 '17 at 08:31
  • @KarelG Yes but I am doing this in a hook that is executed each frame. So doing it in a loop like that would be pretty slow and/or cause the program to run pretty slow, no? – rflxdev Apr 20 '17 at 08:32
  • 1
    Possibly related: http://stackoverflow.com/q/36878017/1938163 – Marco A. Apr 20 '17 at 08:39
  • @reflexdev how's that slow? The process is same as searching for a string in a large string. Both performs the same way. Your databuffer is 1000 characters. That's not a problem. You don't have to do advanced stuff like using vectors or something else ... – KarelG Apr 20 '17 at 08:44
  • why do you copy instead of using `strstr` directly on your mem address? – Andriy Tylychko Apr 20 '17 at 09:49
  • 1
    please specify how exactly it doesn't work. `strstr` returns `nullptr` or something else? – Andriy Tylychko Apr 20 '17 at 09:50
  • Do as AndyT says. Also, I would set a breakpoint and single-step through the code. Ensure that you have the correct memory address. – Sam Hobbs Apr 20 '17 at 17:18
  • Also, note that you are allocating 1000 characters and copying 900. – Sam Hobbs Apr 20 '17 at 17:43

1 Answers1

0

You can use std::search directly on the memory block and pray that your compiler has an efficient implementation, like this:

#include <algorithm>
#include <string>
#include <iostream>


int main()
{
    char dataBuf[13] = { "xxxACTIVExxx" }; // block of 12 bytes + zero byte
    std::string active = "ACTIVE";

    using std::begin;
    using std::end;

    // std::search returns dataBuf+12 if no match is found
    if (std::search(dataBuf, dataBuf + 12,
        begin(active), end(active))
        != dataBuf + 12)
    {
        std::cout << "ACTIVE has been found\n";
    }
    else {
        std::cout << "ACTIVE has not been found\n";
    }


    return 0;
}
mars
  • 774
  • 1
  • 13
  • 17