3 # Process a PuTTY SSH packet log that has gone through inappropriate
4 # line wrapping, and try to make it legible again.
6 # Motivation: people often include PuTTY packet logs in email
7 # messages, and if they're not careful, the sending MUA 'helpfully'
8 # wraps the lines at 72 characters, corrupting all the hex dumps into
11 # But as long as it's only the ASCII part of the dump at the end of
12 # the line that gets wrapped, and the hex part is untouched, this is a
13 # mechanically recoverable kind of corruption, because the ASCII is
14 # redundant and can be reconstructed from the hex. Better still, you
15 # can spot lines in which this has happened (because the ASCII at the
16 # end of the line is a truncated version of what we think it should
17 # say), and use that as a cue to remove the following line.
23 if (/^ ([0-9a-f]{8}) ((?:[0-9a-f]{2} ){0,15}(?:[0-9a-f]{2}))/) {
27 for (my $i = 0; $i < length($2); $i += 3) {
28 my $byte = hex(substr($hex, $i, 2));
29 my $char = ($byte >= 32 && $byte < 127 ? chr($byte) : ".");
32 $hex = substr($hex . (" " x 48), 0, 47);
35 my $new_line = " $addr $hex $ascii";
36 if ($old_line ne $new_line and
37 $old_line eq substr($new_line, 0, length($old_line))) {
39 <>; # eat the subsequent wrapped line