I am writing a program that uses winpcap to sniff packets. More specifically, packets from the game "Warcraft III." I have figured out the formatting of the game's chat messages as a test. It looks something like this:
Code:
typedef struct wc3_chat
{
//DWORD id; <-- these are handled in wc3_header.
DWORD event_id;
DWORD flags;
DWORD ping;
DWORD ip; // defunct
DWORD account_number; // defunct
DWORD reg_auth; //defunct
char* username;
char* text;
}wc3_chat;
Testing in-game, I found that this structure works fine for everything except for the strings which give odd behavior.
Heres some bits from where I'm trying to use the structure:
Code:
const u_char *data = (sniffer.pkt_data + 14 + ip_len + tcp_len + 4); //4 bytes for wc3_header struct
wc3_chat *chat = (wc3_chat*)data;
if (chat->event_id == 0x05)
printf("%s: %s\n", &chat->username, &chat->text);
*Edit* The problem is that chat->text doesn't display correctly. Instead of displaying the message, it displays the username minus the first 4 letters. It would appear that chat->text is pointing 4 bytes after wherever chat->username is pointing to instead of pointing after the NULL. See below for more information and a sample packet capture from Wireshark.
Can anyone help me figure out what I'm doing wrong here?
Thanks,
Glorfindel