Simple cross array of sizes

Blog tags: 

I recently coded this in less than 30 seconds for a student showing how you can create a simple 2D array to return sizes of structs to be used inside of buffer array function. This should be explanatory by itself... the use - its up to you.

#include <stdlib.h>
#include <stdio.h>
#include <string.h>

typedef struct type1_s {
    int data;

typedef struct type2_s {
    int data;
    int data2;

Bluez RFCOMM Gotcha

Blog tags: 

We spent some time looking at RFCOMM sockets in C using libbluetooth (bluez)... and we found this treat:

If you use the same channel for both the src and dest struct sockaddr_rc, or rather both as zero - it will never work. Apparently according to documentation on the internet - 0 - means, pick a free one. It actually doesn't and it will result in:

  • Connection refused
  • Host down
  • Permission denied (rarely)
int rfcomm_socket_for_client(char *src_address, char *dst_address)
        int s;

        // src addressing and binding
        struct sockaddr_rc loc_addr = { 0 };
        loc_addr.rc_family = AF_BLUETOOTH;
        loc_addr.rc_channel = 0;
        str2ba(src_address, &loc_addr.rc_bdaddr);
        // set the connection parameters (who to connect to)
        struct sockaddr_rc addr = { 0 };
        addr.rc_family = AF_BLUETOOTH;
        addr.rc_channel = (uint8_t) 1; 
        str2ba(dst_address, &addr.rc_bdaddr);

        // connect to server
        bind(s, (struct sockaddr *)&loc_addr, sizeof(loc_addr));
        status = connect(s, (struct sockaddr *)&addr, sizeof(addr));

        if (status == 0) {
                printf("\nConnection established.");
                write(s, "Hello Master!", 6);
                return (0);
        } else {
                printf("\nConnection Failed.");

        return (0);

The other gotcha is PSCAN - you should either write the HCI code to enable it OR just use:

hciconfig hci[x] PSCAN

 * enable_scanmode(char *mac_address, char *opt)
 * @brief Enables scanmode which allows you to actually have a working RFCOMM host
 * @param mac_address
 * @param opt
 * @return 0 for success, -1 for error
 * @note Borrowed some of this from the bluez hciconfig tool
int enable_scanmode(char *mac_address, char *opt)

        /* Open HCI socket  */
        int ctl = 0;
        struct hci_dev_req dr = { 0 };
        dr.dev_id = hci_devid(mac_address);
        dr.dev_opt = SCAN_DISABLED;

        if ((ctl = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI)) < 0) {
                perror("Can't open HCI socket.");
                return (-1);

        if (strcmp(opt, "iscan") == 0) {
                dr.dev_opt = SCAN_INQUIRY;
        } else if (strcmp(opt, "pscan") == 0) {
                dr.dev_opt = SCAN_PAGE;
        } else if (strcmp(opt, "piscan") == 0) {
                dr.dev_opt = SCAN_PAGE | SCAN_INQUIRY;
        } else if (strcmp(opt, "noscan") == 0) {
                dr.dev_opt = SCAN_DISABLED;
        } else {
                printf("unknown scan option to set\n");
                return (-1);

        if (ioctl(ctl, HCISETSCAN, (unsigned long)&dr) < 0) {
                printf("Can't set scan mode on hci: %s %s-%d\n", mac_address, strerror(errno), errno);
                return (-1);
        return (0);

Simple Pthread wrappers in C

Blog tags: 

Working on a project and supervising an intern - I decided that it would be nicer if I had a good example of a detached thread generator which also provided a parameter (as a structure).

#include <pthread.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>

/* This is the structure you could use to pass parameters to the threads */
typedef struct thread_params_s {
        int param;
} threat_params_t;

C UDP Client and Server example

Blog tags: 

I recently ran across some code for some students that was terribly written regarding sockets and upon helping them - I realized, that most examples just abhorrently throw all of the required code into the program with no function calls to help segment/make sense of it.

Here is my example programs - note that the actual socket code is wrapped up in socket.c & shared.h:

Modifying Linux ELF Binaries - Changing Callq Addresses

Blog tags: 

For awhile, I have wanted to write a simple tutorial of in-line patching of binaries and in particular, changing the assembly instructions and having a binary skip to whatever function we desire manually. This involves tweaking the callq instruction (call can be altered too, but it refers to a static address vs. a relative address).

Okay so lets get started - this tutorial is written to alter one specific thing and assumes that you have some basic knowledge of assembly & know how to compile basic programs. I am also assuming that you could find strings within binaries and know how to convert values in hexadecimal.

The example to be used in this test application contains a main function, and two functions (function1 and function2) which print different messages. The goal of this exercise is to modify the application AFTER it has been compiled so that function2() is executed instead of function1().


Subscribe to RSS - C