Null terminator in string
Posted: Fri Feb 13, 2009 10:18 am
Hi,
I have a client application that XOR's a string, then I send that string via a POST to a PHP script. The purpose of the XOR is to simply mask the otherwise plain text I'm sending to the server.
The output of the XOR can contain character values of zero, but these are not null terminators. I can sometimes get an XOR output like:
h g r \0 p x y z
somehow the PHP script is recognizing that the null terminator is not really the end of the string, strlen() gives me 9 instead of 3.
I want to echo this string back to the client, and here that null terminator becomes a problem. When I do this:
echo $xorString;
the client only receives the first 3 characters - not sure if PHP echo sees the null terminator and quits, or my client networking code sees the null terminator and figures it's the end of the http response.
What's the proper way to send XOR'd strings around like this? I'm sure others are doing it.
I've spent about a day trying to figure this out, I'm about ready to just make a dumb caesar cipher with only printable characters just to have something which isn't plain text. Any other options for masking stuff going between server and client that I could use instead of this?
Thanks
I have a client application that XOR's a string, then I send that string via a POST to a PHP script. The purpose of the XOR is to simply mask the otherwise plain text I'm sending to the server.
The output of the XOR can contain character values of zero, but these are not null terminators. I can sometimes get an XOR output like:
h g r \0 p x y z
somehow the PHP script is recognizing that the null terminator is not really the end of the string, strlen() gives me 9 instead of 3.
I want to echo this string back to the client, and here that null terminator becomes a problem. When I do this:
echo $xorString;
the client only receives the first 3 characters - not sure if PHP echo sees the null terminator and quits, or my client networking code sees the null terminator and figures it's the end of the http response.
What's the proper way to send XOR'd strings around like this? I'm sure others are doing it.
I've spent about a day trying to figure this out, I'm about ready to just make a dumb caesar cipher with only printable characters just to have something which isn't plain text. Any other options for masking stuff going between server and client that I could use instead of this?
Thanks