SA-MP Forums Archive
strmid writing to wrong varible - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: strmid writing to wrong varible (/showthread.php?tid=640708)


strmid writing to wrong varible - wallee - 06.09.2017

Code:

Код:
RandomString(SafeData[playerid][eSalt], ACCOUNT_MAX_SALT_SIZE);
printf("1) salt = %s", SafeData[playerid][eSalt]);
SHA256_PassHash(password, SafeData[playerid][eSalt], password_hash, sizeof(password_hash));
strmid(SafeData[playerid][ePassword], password_hash, 0, strlen(password_hash), ACCOUNT_MAX_PASSWORD_SIZE);

					
printf("2) salt = %s", SafeData[playerid][eSalt]);
strmid(SafeData[playerid][eEmail], email, 0, strlen(email), ACCOUNT_MAX_EMAIL_SIZE);
printf("3) salt = %s", SafeData[playerid][eSalt]);
Printf output:

Код:
1) salt = H2422186RrsL1lUK8fj55TH01oIOSkfZ29WbBf589p440tXoz9M6DZz72n9M2k2597mq437m
2) salt = H2422186RrsL1lUK8fj55TH01oIOSkfZ29WbBf589p440tXoz9M6DZz72n9M2k2597mq437m
3) salt = H2422186RrsL1lUK8fj55TH01oIOSkfZ29WbBf589p440tXoz9M6DZz72n9M2k2597mq437mtestemail123@gmail.com
So my SafeData[playerid][eSalt] is getting messed up after strmid wrote to SafeData[playerid][eEmail] variable ... any idea why?

Re: strmid writing to wrong varible - nG Inverse - 06.09.2017

Buffer overflow is the most likely cause. Make sure your arrays are large enough to store the result.

Re: strmid writing to wrong varible - wallee - 06.09.2017

They are ...

Код:
#define ACCOUNT_MAX_NAME_SIZE 24
#define ACCOUNT_MAX_PASSWORD_SIZE 72
#define ACCOUNT_MAX_SALT_SIZE 72
#define ACCOUNT_MAX_EMAIL_SIZE 72
#define ACCOUNT_MAX_IP_SIZE 16
Код:
enum eSafeData
{
    eID,
    eName[ACCOUNT_MAX_NAME_SIZE],
    ePassword[ACCOUNT_MAX_PASSWORD_SIZE],
    eSalt[ACCOUNT_MAX_SALT_SIZE],
    eEmail[ACCOUNT_MAX_EMAIL_SIZE]
};

new SafeData[MAX_PLAYERS][eSafeData];


Re: strmid writing to wrong varible - Vince - 06.09.2017

The problem is more likely that your salt is not terminated with a null terminator. When you print a string memory is read until the next null terminator is found. If there isn't a null terminator at the end of the string then it'll just continue reading into adjacent memory where other variables are stored. That's called buffer overflow.

Do you mind showing your RandomString method?

Re: strmid writing to wrong varible - Misiur - 06.09.2017

If string is 72 characters long you need 73 characters. Why?
First of all know that strings in PAWN are no different than an array. Basically those are the same:
pawn Код:
new str[] = "Hello";
// same as
new str[] = { 'H', 'e', 'l', 'l', 'o', '\0' };
Notice that '\0'. All string functions depend on it to know when the string ends. So, if you overwrite it with a character, printf for example does not know that string ended and reads memory until it meets '\0'. In your case, from eEmail

#e: Damn internet outage

Re: strmid writing to wrong varible - wallee - 06.09.2017

Quote:
Originally Posted by Vince
Посмотреть сообщение
The problem is more likely that your salt is not terminated with a null terminator. When you print a string memory is read until the next null terminator is found. If there isn't a null terminator at the end of the string then it'll just continue reading into adjacent memory where other variables are stored. That's called buffer overflow.

Do you mind showing your RandomString method?
Here you go:

Код:
stock RandomString(strDest[], strLen = 10)
{
	while(strLen--)
	{
		strDest[strLen] = random(2) ? (random(26) + (random(2) ? 'a' : 'A')) : (random(10) + '0');
	}
}
Quote:
Originally Posted by Misiur
Посмотреть сообщение
If string is 72 characters long you need 73 characters. Why?
First of all know that strings in PAWN are no different than an array. Basically those are the same:
pawn Код:
new str[] = "Hello";
// same as
new str[] = { 'H', 'e', 'l', 'l', 'o', '\0' };
Notice that '\0'. All string functions depend on it to know when the string ends. So, if you overwrite it with a character, printf for example does not know that string ended and reads memory until it meets '\0'. In your case, from eEmail

#e: Damn internet outage
This is how they're defined:

Код:
new password[ACCOUNT_MAX_PASSWORD_SIZE], password_hash[128], email[ACCOUNT_MAX_EMAIL_SIZE];
	    
if(sscanf(params, "s["#ACCOUNT_MAX_PASSWORD_SIZE"]s["#ACCOUNT_MAX_EMAIL_SIZE"]", password, email))
{
    SendClientMessage(playerid, COLOR_YELLOW, "USAGE: /register [pass] [email]");
    return 1;
}
So i should just +1 on array sizes?

Re: strmid writing to wrong varible - wallee - 07.09.2017

Fixed it by doing this:

Код:
RandomString(SafeData[playerid][eSalt], ACCOUNT_MAX_SALT_SIZE - 1);
So if anyone else is using this function be aware that it's kinda bugged.



@Vince, @Misiur, thanks for your help.

Re: strmid writing to wrong varible - Paulice - 07.09.2017

Quote:
Originally Posted by wallee
Посмотреть сообщение
Fixed it by doing this:

Код:
RandomString(SafeData[playerid][eSalt], ACCOUNT_MAX_SALT_SIZE - 1);
No... Like others told you, it needs EOS (End of String).

PHP код:
stock RandomString(strDest[], strLen 10)
{
    strDest[strLen] = EOS;
    while(strLen--)
    {
        strDest[strLen] = random(2) ? (random(26) + (random(2) ? 'a' 'A')) : (random(10) + '0');
    }



Re: strmid writing to wrong varible - wallee - 07.09.2017

Quote:
Originally Posted by Paulice
Посмотреть сообщение
No... Like others told you, it needs EOS (End of String).

PHP код:
stock RandomString(strDest[], strLen 10)
{
    strDest[strLen] = EOS;
    while(strLen--)
    {
        strDest[strLen] = random(2) ? (random(26) + (random(2) ? 'a' 'A')) : (random(10) + '0');
    }

okay im fully patched now

ty