[Win32] Regexing a pattern from a binary file?

"Fred the man" <fr**@acme.com> wrote in message
news:le********************************@4ax.com...

Hi,

I'm a PHP newbie, and am stuck as to why I can't find a pattern in a
Win32 binary file.

I'm actually trying to extract the FileVersion information myself
since PHP under Unix doesn't seem to offer support for the PE file
format:

-------------
<?php
$file = "C:\\temp\\test.exe";
$fp = fopen($file, "rb");
$contents = fread($fp, filesize($file));
fclose($fp);

//Unicode?
//If (eregi('F.i.l.e.V.e.r.s.i.o.n', $contents)) {
//if (eregi('FileVersion', $contents)) {

if (eregi("This program cannot be run in DOS mode",
$contents)) {
print "OK!";
} else {
print "Outta luck...";
}
exit;

Hmmm, maybe the Posix RegExp library isn't binary safe? Use the Perl 5 set
of functions instead:

$fv = 'F\0i\0l\0e\0V\0e\0r\0s\0i\0o\0n\0';
$tz = '\0\0\0\0';

if(preg_match("/$fv$tz(.*?)$tz/", $contents, $matches)) {
echo str_replace("\0", "", $matches[1]);
}

On Thu, 17 Jun 2004 19:44:31 -0400, "Chung Leong"
<ch***********@hotmail.com> wrote:

Hmmm, maybe the Posix RegExp library isn't binary safe? Use the Perl 5 set
of functions instead:

Thx Chung :-) Indeed, it seems erg() doesn't like non-printable
characters.

For those interested in searching a pattern that may contain ASCII
0's, here's the code:

-----------------
$file = "c:\\temp\\test.exe";
$fp = fopen($file, "rb");
$contents = fread($fp, filesize($file));
fclose($fp);

$fv = 'F\0i\0l\0e\0V\0e\0r\0s\0i\0o\0n\0\0\0\0\0';
$tz = "\0\0";
if(preg_match("/$fv(.*?)$tz/", $contents, $matches)) {
//Looking for eg. 1.000 with 0's in between
if (preg_match("/(\\d)\\0\.\\0(\\d+)\\0(\\d+)\\0
(\\d+)\\0/",$matches[1],$version)) {
print "Version1=$version[1]<p>";
print "Version2=$version[2]<p>";
print "Version3=$version[3]<p>";
print "Version4=$version[4]<p>";
} else {
print "Sorry";
} else {
print "BAD";
}
---------------------

If you wish to replace ASCII 0's with eg. #, here's the code:
---------------
//\x = by default, means \x0, ie. match any ASCII 0 :-)
$output=preg_replace('/\x00/','#',$matches[1]);
---------------

I haven't found how to replace a character with a TAB (\t, or \\t, or
\\\\t don't work.)

Thx again
Fred.