view release on metacpan or  search on metacpan

libgbsed.c  view on Meta::CPAN

        int   minmatch;
        int   maxmatch;
    };
    typedef struct fgbsed_arguments fGBSEDargs;

    int
    gbsed_fbinary_search_replace(struct fgbsed_arguments *);

    // Error handling

    extern int
    gbsed_errno;

    const char*
    gbsed_errtostr(int);

=head1 DESCRIPTION

This is <libgbsed>, a binary stream editor.

C<gbsed> lets you search and replace binary data in binary files by using hex
values in text strings as search patterns. You can also use wildcard matches
with C<??>, which will match any wide byte.

These are all valid search strings:

    search = "0xffc300193ab2f63a";
    search = "0xff??00??3ab2f??a";
    search = "FF??00??3AB2F??A";

while these are not:

    search = "the quick brown fox"; // only hex, no text. you would have to
                                    // convert the text to hex first.
    search = "0xff?c33ab3?accc";    // no nybbles only wide bytes. (?? not ?).

=head1 FUNCTIONS

=head2 C<gbsed_binary_search_replace(struct gbsed_arguments *)>

=head3 ARGUMENTS

C<gbsed_binary_search_replace> uses a struct for it's arguments.
The members of the argument struct is as follows:

=over 4

=item C<char *search>

What to search for. This must be a string with hex values or the wildcard
character sequence C<??>, which will match any byte. The string
can start with C<0x>, but this is optional.

=item C<char *replace>

What to replace with. Must also be a string with hex values,
but no wildcards allowed. It must also be of the same length
as the search string (This is by intention, as binary data is always
in structured form. If you add extra information to a binary executable
it will be rendered useless as address offsets will be shifted and
relocation tables and internal address references will point to the
wrong place).

=item C<char *infilename>

The file name of the file to search in.

=item C<char *outfilename>

The file name to save the modified binary as.

=item C<int minmatch>

Need at least C<minmatch> matches before any work.

=item C<int maxmatch>

Stop after C<maxmatch> matches. A value of C<-1> means no limit.

=back


=head3 EXAMPLE USAGE
    
    #include <stdlib.h>
    #include <stdio.h>
    #include <libgbsed.h>
    
    extern int gbsed_errno;

    int main(int argc, char **argv) {

        int         gbsed_ret;
        int         sysret;
        const char *errmessage;
        GBSEDargs   *bargs;

        sysret  = EXIT_SUCCESS;
        bargs   = (GBSEDargs *)malloc(sizeof(GBSEDargs));
        if (bargs == NULL) {
            fprintf(stderr, "Out of memory!\n");
            exit(1);
        }

        bargs->search      = "0xff";
        bargs->replace     = "0x00";
        bargs->infilename  = "/bin/ls";
        bargs->outfilename = "bsed.out";
        bargs->minmatch    =  1;                        // atleast one match.
        bargs->maxmatch    = GBSED_MMAX_NO_LIMIT;   // no limit.

        if (argc > 1)
            bargs->infilename  = argv[1];

        gbsed_ret = gbsed_binary_search_replace(bargs);

        switch (gbsed_ret) {
            
            case GBSED_ERROR:
                errmessage = gbsed_errtostr(gbsed_errno);
                fprintf(stderr, "ERROR: %s\n", errmessage);