Results 1 to 5 of 5

Thread: [RESOLVED] [2005] Recognizing null from byte string

  1. #1

    Thread Starter
    Frenzied Member
    Join Date
    Jun 2005
    Posts
    1,950

    Resolved [RESOLVED] [2005] Recognizing null from byte string

    I'm trying to convert a securestring to a string using the function below. However, the returned string always has one additional character appended which I think is a null. No matter what I do with "nothing", "vbnull", "dbnull" etc. this extra character is always present. I've even tried doing a .Replace on the final string but whatever it is remains.

    The only fix I've found is to clip it off using a .Substring, but this is a nasty kludge.

    Anyone see what I'm doing wrong?

    VB Code:
    1. Public Function SecureStringToString(ByVal str As System.Security.SecureString) As String
    2.         Dim bstr As IntPtr = System.Runtime.InteropServices.Marshal.SecureStringToBSTR(str)
    3.         Dim b As Byte = 1
    4.         Dim i As Integer = 0
    5.         Dim s As String = ""
    6.         While Chr(b) <> Chr(0) 'I also tried IsNothing, IsNull, IsDBNull, = vbNull, = Nothing
    7.             b = System.Runtime.InteropServices.Marshal.ReadByte(bstr, i)
    8.             i += 2
    9.             s += Chr(b)
    10.         End While
    11.         s = s.Substring(0, s.Length - 1) 'This line is the kludge
    12.         System.Runtime.InteropServices.Marshal.FreeBSTR(bstr)
    13.         Return s
    14.     End Function

  2. #2

    Thread Starter
    Frenzied Member
    Join Date
    Jun 2005
    Posts
    1,950

    Re: [2005] Recognizing null from byte string

    ok, I found a better way to get rid of it;

    s = s.Replace(vbNullChar, "")

    or

    If s.Substring(s.Length - 1, 1) = Chr(0) Then s = s.Replace(vbNullChar, "")

    (but I still dont understand why it's there).
    Last edited by Bulldog; Feb 5th, 2007 at 04:42 PM.

  3. #3
    Lively Member
    Join Date
    Oct 2006
    Posts
    71

    Re: [2005] Recognizing null from byte string

    The reason it's there is because BSTR is a null terminated string.

  4. #4
    Frenzied Member
    Join Date
    Jul 2005
    Posts
    1,168

    Re: [2005] Recognizing null from byte string

    Are you trying to basically just make it to a STring? If so, you could replace the codes

    VB Code:
    1. Dim b As Byte = 1
    2.         Dim i As Integer = 0
    3.         Dim s As String = ""
    4.         While Chr(b) <> Chr(0) 'I also tried IsNothing, IsNull, IsDBNull, = vbNull, = Nothing
    5.             b = System.Runtime.InteropServices.Marshal.ReadByte(bstr, i)
    6.             i += 2
    7.             s += Chr(b)
    8.         End While
    9.      s = s.Substring(0, s.Length - 1) 'This line is the kludge

    and just use

    VB Code:
    1. Dim mystr As String = System.Runtime.InteropServices.Marshal.PtrToStringBSTR(bstr)

    By the way, are you using SecureString for the purpose of security? Based on what I read, SecureString's purpose is to avoid having to store certain data on a string variable, but since you convert the securestring to a string, doesn't that take way its purpose? Just curious.

  5. #5

    Thread Starter
    Frenzied Member
    Join Date
    Jun 2005
    Posts
    1,950

    Re: [2005] Recognizing null from byte string

    ok, thanks.

    Agreed on the security issue. I need to store a key in the executable, so a secure string is the only option. I wrote a converter the other way around to check the string was actually being stored correctly. I wont be using the back converter in practice, I can use hashes to compare.

    Secure strings are a bit of joke actually, since they are currently poorly supported by controls/methods. In most applications a secure string has to be briefly pulled back as a string in order to use its value, which of course exposes it on the heap. I think there are improvements on the way.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width