Using this XOR encryption in C++

[qwerz]

Oh finallly got the difference now then, thanks. Indeed also on stackoverflow a good example. The first one is in the read-only memory without copying the string to the newly allocated memory.

So next step would be

Code:

char *XOR(char str[], char cipher[])
{
    for (size_t i = 0; i < strlen(str); i++)
    {
        str[i] ^= cipher[i &#37; strlen(cipher)];
    }
    return str;
}

Not sure though if the call stays the same, as that is still unwritable and does not need to be writable. so just kept the (char *) there.

Code:

char *CPA = XOR((char *)"CreateProcessA", (char *)"Sddd");

Ill Google now to see what you mean by the NULL first argument.

[Paul McKenzie]

So next step would be

Code:

char *XOR(char str[], char cipher[])
{
    for (size_t i = 0; i < strlen(str); i++)
    {
        str[i] ^= cipher[i % strlen(cipher)];
    }
    return str;
}

No. Still wrong.

I also mentioned this to you on the other thread. This

Code:

char *XOR(char str[], char cipher[])

is exactly the same as this:

Code:

char *XOR(char *str, char *cipher)

So you haven't changed a thing.

Ill Google now to see what you mean by the NULL first argument.

You are calling strlen(NULL) in your function if NULL is the first argument. There is no guarantee how strlen() behaves if a NULL is passed, as strlen() doesn't check for NULL pointers. All strlen() does is start at the address you give it, and search for a '\0' character.

A NULL address is not the same thing as a '\0' character.

Regards,

Paul McKenzie

[Paul McKenzie]

The bottom line is this:

In your function, you're assigning a value to str, which is the first parameter. You are passing an unassignable string-literal as the first parameter. Stop passing string literals and instead pass the address of the first element of a true char array.

C++ is not C#, where you get all kinds of warning bells and flags going off when you make a mistake. You are basically on your own, and C++ allows you to shoot yourself in the foot if you want to.

I don't think you're aware of these things -- in C++, just because something compiles doesn't mean it is a well-formed program, and the only issue is that the logic may be off. Nothing could be further from the truth -- you can create ill-formed programs that compile that break all sorts of rules (writing to string literals, accessing array elements out of bounds, etc.), thus the behaviour of such programs is -- you don't know.

Regards,

Paul McKenzie

[qwerz]

You are calling strlen(NULL) in your function if NULL is the first argument. There is no guarantee how strlen() behaves if a NULL is passed, as strlen() doesn't check for NULL pointers. All strlen() does is start at the address you give it, and search for a '\0' character.

A NULL address is not the same thing as a '\0' character.

Regards,

Paul McKenzie

But my first argument will not be NULL, so I dont see the problem in this.

[qwerz]

Yes, I get that point now. C++ differs alot from C# as I see now.

I also mentioned this to you on the other thread. This
Code:
char *XOR(char str[], char cipher[])
is exactly the same as this:
Code:
char *XOR(char *str, char *cipher)

"Stop passing string literals and instead pass the address of the first element of a true char array."

Then I really don't know what Im doing wrong.. and how I should do it. Could you give an example?
Im getting confused I think.

Thanks

[Paul McKenzie]

But my first argument will not be NULL, so I dont see the problem in this.

And if I use your function and pass a NULL, it breaks.

What if in another (larger) program, the string you're passing it is generated or computed at runtime (in other words, you have no way to know in advance what the string will be), and that generation produces a NULL. You then blindly pass it to your XOR function. What then?

The point being that a function should be written so that simple things like this won't break it. When you write a function, the underlying reason why you write it is that it can be reused in other programs and other situations, not just the situation you find yourself in now.

Regards,

Paul McKenzie

[Paul McKenzie]

Then I really don't know what Im doing wrong.. and how I should do it. Could you give an example?

Again, don't pass a string literal as the first argument. I don't know how I can make it any simpler than that:

Code:

char p[10] = "abc123";  // a real array of char
XOR(p, "whatever");

Regards,

Paul McKenzie

[qwerz]

You are really a 'man of the rules'. I appreciate that you are that strict.
I get your point. Although, I was just using this in a single small program in which im sure the first argument is not a Null.

I could easily add an if statement so it leaves the void or returns any other array and doesn't go in the loop.

Edit: removed and reading the post above.

[qwerz]

Again, don't pass a string literal as the first argument. I don't know how I can make it any simpler than that:

Code:

char p[10] = "abc123";  // a real array of char
XOR(p, "whatever");

Regards,

Paul McKenzie

Yes, but that gives a problem too..

Like a small test:

char CPA[15] = "CreateProcessA"; // a real array of char
CPA = XOR(CPA, "whatever");
CPA = XOR(CPA, "whatever");

This is not possible because XOR returns char *

The compiler also gives two erros
"incompatible types in assignment of 'char*' to 'char [15]'|"

[Paul McKenzie]

Yes, but that gives a problem too..

Like a small test:

This is not possible because XOR returns char *

The compiler also gives two erros
"incompatible types in assignment of 'char*' to 'char [15]'|"

So assign it to a char*.

Code:

char *returnValue = XOR(CPA, "whatever");

Which comes back full circle in why using classes that wrap arrays and pointers removes all of these headaches.

Regards,

Paul McKenzie

[qwerz]

It indeed really gives a headache.

But then again it fails.. because the input is again a returnvalue which is not declared like CPA[15]. if the return is not a real char array.
But I think it is, and the code below should have worked.

char CPA[15] = "CreateProcessA"; // a real array of char
char *returnValue = XOR(CPA, (char *)"whatever");
returnValue = XOR(returnValue, (char *)"whatever");

This didn't fix it either.

char CPA[15] = "CreateProcessA"; // a real array of char
char *returnValue = XOR(CPA, (char *)"whatever");

char CPA2[15] = returnValue;
returnValue = XOR(CPA2, (char *)"whatever");

[laserlight]

But then again it fails.. because the input is again a returnvalue which is not declared like CPA[15]. if the return is not a real char array.
But I think it is, and the code below should have worked.
It should work, because you pass CPA and then return it, so returnValue points to CPA[0]. You did not really need returnValue to begin with as you could just reuse CPA.

That said, stop casting away const-ness. You should have written:

Code:

XOR(CPA, "whatever");

Then the function declaration should be:

Code:

char* XOR(char str[], const char cipher[]);

[qwerz]

Laserlight I think you are wrong in that as I tried it earlier too on the previous page.

Using using CPA instead of the returnValue would give the error
error: incompatible types in assignment of 'char*' to 'char [15]'|

Changed it to const char now. Hope someone knows a solution for this.

[monarch_dodra]

...

The entire problem so far, when explained by Paul about "Literal" is one of "constness".

Unfortunately, for compatibility reasons, string literals in C++ are not declared const, but you are not allowed to modify them. That means there is nothing that will prevent you from trying to do it, and shooting yourself in the foot.

If you seriously want to get into C++, then you should really try to avoid such low level technical stuff, and start getting comfortable with the higher level stuff. The low level details will then flow naturally.

----
Here is a simple implementation, using basic return by value.

Code:

#include <iostream>
#include <vector>

std::string XOR(const std::string& sentence, const std::string& key)
{
    std::string ret(sentence);

    const size_t sentence_size = sentence.size();
    const size_t key_size      = key.size();

    for (size_t i = 0; i<sentence_size; ++i)
        {ret[i] ^= key[i % key_size];}

    return ret;
}

int main()
{
  std::string encoded = XOR("This is my secret sentence", "ANDthisISmyKEY");
  std::cout << "Encoded sentence: " << encoded << std::endl;
  std::cout << "Decoded sentence: " << XOR(encoded, "ANDthisISmyKEY") << std::endl;
}

The fact that the output is a different object than the input will mean a bit of overhead, but it also guarantees you don't hurt yourself...

[laserlight]

Using using CPA instead of the returnValue would give the error
error: incompatible types in assignment of 'char*' to 'char [15]'|

That is because you are trying to assign to an array. However, since you are changing the array using the pointer that is the first argument, you don't need to use the return value to begin with.