?
Solved

c++ crashing on xor decryption

Posted on 2011-02-17
14
Medium Priority
?
858 Views
Last Modified: 2012-05-11
hello.
I am storing xor encrypted data in a header file: (also including the key to decrypt it along with length of the key)
const char xorkey[256] = "simpletext";
const int keylen = strlen(xorkey);


char encryptedxor[] = { 0x1d, 0x1d, 0x9, 0x1c, 0x0, 0x4b, 0x10, 0x9, 0x14, 0x74 };

Open in new window


when I call the function to decrypt it in my code:
void xor(char *str, const int tamStr)
{
   for(int n=0; n<=tamStr; n++)
      str[n] ^= xorkey[n%keylen];
}

void main()
{
xor(encryptedxor, 9);
cout << encryptedxor;
}

Open in new window


the application crashes and the debug reports that it tried to "divide an integer by zero"

does anyone see where the problem is?

thanks
0
Comment
Question by:JoeD77
  • 4
  • 2
  • 2
  • +4
14 Comments
 
LVL 16

Expert Comment

by:sjklein42
ID: 34923881
Try
const char *xorkey = "simpletext";

Open in new window

0
 
LVL 85

Expert Comment

by:ozo
ID: 34923899
try changing the spelling of the xor function name
0
 
LVL 35

Expert Comment

by:sarabande
ID: 34923969
the for loop has keylen+1 iterations. change it to

   for(int n=0; n<tamStr; n++)

Sara

0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 53

Expert Comment

by:Infinity08
ID: 34924072
It's not a problem with the way xorkey is defined, nor is it a problem with the upper bound for the for loop (there are 10 characters in the string, so <= 9 works).

The only division in the code you showed is the modulo operation in the xor function, but if it's seeing the keylen that you showed (and that value hasn't been set to 0 at some point), then there should be no division by 0.

So, assuming no other code is interfering, I'm inclined to agree with ozo, that there is another function called xor that is being called.

But I'd like to see the complete code (all files, without modifications) you're using, just to remove any doubt.
0
 
LVL 16

Expert Comment

by:sjklein42
ID: 34924082
sarabande,  I thought so, too, but if you count them there are 10 entries in the encryptedxor array, so I think looping n 0 through 9 inclusive is ok (but confusing).
0
 
LVL 35

Expert Comment

by:sarabande
ID: 34924403
yes, i also counted 10 elements of char array. what seemed odd to me was the (non-used) keylen which was strlen("simpleText") == 10 in the first code box.

Sara
0
 
LVL 16

Expert Comment

by:sjklein42
ID: 34924468
I see keylen is part of the mod expression on line 4 of the function.  global reference.

I too suspect a scoping problem - keylen value must be zero as nothing else in this code could trigger a ZDIV.

If the two blocks of code are in different modules, is keylen declared properly in both??
0
 
LVL 12

Expert Comment

by:HappyCactus
ID: 34924575
Just for your information, this code crashes the compiler (g++ version 4.2.1 (Apple Inc. build 5659))
But if you change the xor function name in "exor", all works as expected (without the "division by zero").
This makes me think that there is some issue with the xor "name", at least on g++ 4, that confuses the compiler, maybe a "borderline" syntax issue.
Would you test changing the name? Witch compiler are you using (name and version)




#include <iostream>
using namespace std;
#include <string.h>

const char xorkey[256] = "simpletext";
const int keylen = strlen(xorkey);


char encryptedxor[] = { 0x1d, 0x1d, 0x9, 0x1c, 0x0, 0x4b, 0x10, 0x9, 0x14, 0x74 };

void xor(char *str, const int tamStr)
{
   for(int n=0; n<=tamStr; n++)
      str[n] ^= xorkey[n%keylen];
}

void main()
{
xor(encryptedxor, 9);
cout << encryptedxor;
}

Open in new window

0
 
LVL 16

Accepted Solution

by:
sjklein42 earned 2000 total points
ID: 34924707
I think I got it.

keylen is zero because I think the problem may be that using strlen outside any function, it is never executed.

sizeof would have worked (but only if the [256] is left off), but strlen needs to be called at runtime.

Try moving it inside the xor function:

void xor(char *str, const int tamStr)
{
   int keylen = strlen(xorkey);
   for(int n=0; n<=tamStr; n++)
      str[n] ^= xorkey[n%keylen];
}

Open in new window

0
 
LVL 12

Expert Comment

by:HappyCactus
ID: 34924736
This will work for surely, but this is not the source of the problem.
function call outside any function will be executed before the main() function - just after the starting of the program and the execution of the CRT startup function.
One doubt I had was that keylen was declared as "const", meaning that it was located in .text segment (IIRC), but it's not a problem, as you can see from my previous text.
But this could be a border-line issue...

0
 
LVL 31

Expert Comment

by:Zoppo
ID: 34924966
I even think ozo may have the right answer if it's about GCC - here I found a link where GCC has troubles if a variable is named 'xor': http://stackoverflow.com/questions/3169760/variable-name-xor-results-in-internal-compiler-error-segmentation-fault

So it's probably possible that using 'xor' as a function name leads to errors too ...
0
 

Author Comment

by:JoeD77
ID: 34928282
Thanks for all of your help. the problem was
int keylen = strlen(xorkey)

Open in new window


being called outside of the function.

fixed with:
void xor(char *str, const int tamStr)
{
	int keylen = strlen(xorkey);
   for(int n=0; n<=tamStr; n++)
   {
      str[n] ^= xorkey[n%keylen];
	}
   

}

Open in new window


I use MSVC6 compiler, so I think the xor function name problem is only a gcc problem.

0
 

Author Closing Comment

by:JoeD77
ID: 34928299
Everyone was very helpful but this answer proved to be the solution.
0
 
LVL 53

Expert Comment

by:Infinity08
ID: 34931759
>> Everyone was very helpful but this answer proved to be the solution.

Ah, so these first few lines were in the global scope then ? Sorry, I didn't get that, because you didn't mention getting a warning (or error) for the initialization of keylen with a non-const expression.

If you just missed the warning, I highly recommend never ignoring warnings ... Always get rid of all warnings in the compiler output (unless you know exactly what the warning is about, and know it's not a problem). In this case eg., it would have pointed you straight to the problem.

If there was no warning at all, I would seriously consider using a different compiler. A compiler that doesn't give a warning in a case like this, is very difficult to work with imo.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
The goal of this video is to provide viewers with basic examples to understand and use conditional statements in the C programming language.
The viewer will be introduced to the member functions push_back and pop_back of the vector class. The video will teach the difference between the two as well as how to use each one along with its functionality.
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question