2002-08-28 20:41:00 +00:00
|
|
|
/*
|
2004-07-18 00:24:25 +00:00
|
|
|
* $Id$
|
2001-02-01 20:31:21 +00:00
|
|
|
*
|
|
|
|
* Ethereal - Network traffic analyzer
|
2001-11-02 10:09:51 +00:00
|
|
|
* By Gerald Combs <gerald@ethereal.com>
|
2001-02-01 20:31:21 +00:00
|
|
|
* Copyright 2001 Gerald Combs
|
2002-08-28 20:41:00 +00:00
|
|
|
*
|
2001-02-01 20:31:21 +00:00
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
2002-08-28 20:41:00 +00:00
|
|
|
*
|
2001-02-01 20:31:21 +00:00
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
2002-08-28 20:41:00 +00:00
|
|
|
*
|
2001-02-01 20:31:21 +00:00
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
*/
|
2001-02-01 20:21:25 +00:00
|
|
|
|
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
#include "config.h"
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#include <ftypes-int.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include <ctype.h>
|
2004-08-06 19:57:49 +00:00
|
|
|
#include <epan/addr_resolv.h>
|
2003-08-27 15:23:11 +00:00
|
|
|
#include <epan/strutil.h>
|
2001-02-01 20:21:25 +00:00
|
|
|
|
2003-12-18 13:02:19 +00:00
|
|
|
#ifdef HAVE_LIBPCRE
|
|
|
|
#include <pcre.h>
|
|
|
|
#define CMP_MATCHES cmp_matches
|
|
|
|
#else
|
|
|
|
#define CMP_MATCHES NULL
|
|
|
|
#endif
|
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
#define ETHER_LEN 6
|
|
|
|
#define IPv6_LEN 16
|
2005-07-04 13:04:53 +00:00
|
|
|
#define GUID_LEN 16
|
2001-02-01 20:21:25 +00:00
|
|
|
|
|
|
|
static void
|
|
|
|
bytes_fvalue_new(fvalue_t *fv)
|
|
|
|
{
|
|
|
|
fv->value.bytes = NULL;
|
|
|
|
}
|
|
|
|
|
2005-07-23 06:21:17 +00:00
|
|
|
static void
|
2001-02-01 20:21:25 +00:00
|
|
|
bytes_fvalue_free(fvalue_t *fv)
|
|
|
|
{
|
|
|
|
if (fv->value.bytes) {
|
|
|
|
g_byte_array_free(fv->value.bytes, TRUE);
|
2001-10-29 21:13:13 +00:00
|
|
|
fv->value.bytes=NULL;
|
2001-02-01 20:21:25 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
bytes_fvalue_set(fvalue_t *fv, gpointer value, gboolean already_copied)
|
|
|
|
{
|
|
|
|
g_assert(already_copied);
|
2003-10-29 23:48:14 +00:00
|
|
|
|
|
|
|
/* Free up the old value, if we have one */
|
|
|
|
bytes_fvalue_free(fv);
|
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
fv->value.bytes = value;
|
|
|
|
}
|
|
|
|
|
2003-02-08 04:22:37 +00:00
|
|
|
static int
|
2003-06-11 21:24:54 +00:00
|
|
|
bytes_repr_len(fvalue_t *fv, ftrepr_t rtype _U_)
|
2003-02-08 04:22:37 +00:00
|
|
|
{
|
|
|
|
/* 3 bytes for each byte of the byte "NN:" minus 1 byte
|
2003-06-11 21:24:54 +00:00
|
|
|
* as there's no trailing ":". */
|
2003-02-08 04:22:37 +00:00
|
|
|
return fv->value.bytes->len * 3 - 1;
|
|
|
|
}
|
|
|
|
|
2005-09-01 10:52:33 +00:00
|
|
|
static int
|
2005-09-05 21:18:06 +00:00
|
|
|
guid_repr_len(fvalue_t *fv _U_, ftrepr_t rtype _U_)
|
2005-09-01 10:52:33 +00:00
|
|
|
{
|
|
|
|
return GUID_STR_LEN;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
guid_to_repr(fvalue_t *fv, ftrepr_t rtype _U_, char *buf)
|
|
|
|
{
|
|
|
|
guid_to_str_buf(fv->value.bytes->data, buf, GUID_STR_LEN);
|
|
|
|
}
|
|
|
|
|
2003-06-11 21:24:54 +00:00
|
|
|
static void
|
|
|
|
bytes_to_repr(fvalue_t *fv, ftrepr_t rtype _U_, char *buf)
|
2003-02-08 04:22:37 +00:00
|
|
|
{
|
|
|
|
guint8 *c;
|
|
|
|
char *write_cursor;
|
|
|
|
unsigned int i;
|
|
|
|
|
|
|
|
c = fv->value.bytes->data;
|
|
|
|
write_cursor = buf;
|
|
|
|
|
|
|
|
for (i = 0; i < fv->value.bytes->len; i++) {
|
|
|
|
if (i == 0) {
|
|
|
|
sprintf(write_cursor, "%02x", *c++);
|
|
|
|
write_cursor += 2;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
sprintf(write_cursor, ":%02x", *c++);
|
|
|
|
write_cursor += 3;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
static void
|
|
|
|
common_fvalue_set(fvalue_t *fv, guint8* data, guint len)
|
|
|
|
{
|
2003-10-29 23:48:14 +00:00
|
|
|
/* Free up the old value, if we have one */
|
|
|
|
bytes_fvalue_free(fv);
|
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
fv->value.bytes = g_byte_array_new();
|
|
|
|
g_byte_array_append(fv->value.bytes, data, len);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
ether_fvalue_set(fvalue_t *fv, gpointer value, gboolean already_copied)
|
|
|
|
{
|
|
|
|
g_assert(!already_copied);
|
|
|
|
common_fvalue_set(fv, value, ETHER_LEN);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
ipv6_fvalue_set(fvalue_t *fv, gpointer value, gboolean already_copied)
|
|
|
|
{
|
|
|
|
g_assert(!already_copied);
|
|
|
|
common_fvalue_set(fv, value, IPv6_LEN);
|
|
|
|
}
|
|
|
|
|
2005-07-04 13:04:53 +00:00
|
|
|
static void
|
|
|
|
guid_fvalue_set(fvalue_t *fv, gpointer value, gboolean already_copied)
|
|
|
|
{
|
|
|
|
g_assert(!already_copied);
|
|
|
|
common_fvalue_set(fv, value, GUID_LEN);
|
|
|
|
}
|
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
static gpointer
|
|
|
|
value_get(fvalue_t *fv)
|
|
|
|
{
|
|
|
|
return fv->value.bytes->data;
|
|
|
|
}
|
|
|
|
|
2004-01-01 17:02:56 +00:00
|
|
|
static gboolean
|
|
|
|
bytes_from_string(fvalue_t *fv, char *s, LogFunc logfunc _U_)
|
|
|
|
{
|
|
|
|
GByteArray *bytes;
|
|
|
|
|
|
|
|
bytes = g_byte_array_new();
|
|
|
|
|
|
|
|
g_byte_array_append(bytes, (guint8 *)s, strlen(s));
|
|
|
|
|
|
|
|
/* Free up the old value, if we have one */
|
|
|
|
bytes_fvalue_free(fv);
|
|
|
|
fv->value.bytes = bytes;
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
static gboolean
|
2003-08-27 15:23:11 +00:00
|
|
|
bytes_from_unparsed(fvalue_t *fv, char *s, gboolean allow_partial_value _U_, LogFunc logfunc)
|
2001-02-01 20:21:25 +00:00
|
|
|
{
|
|
|
|
GByteArray *bytes;
|
2003-12-29 04:07:06 +00:00
|
|
|
gboolean res;
|
2001-02-01 20:21:25 +00:00
|
|
|
|
|
|
|
bytes = g_byte_array_new();
|
|
|
|
|
2004-06-06 14:29:07 +00:00
|
|
|
res = hex_str_to_bytes(s, bytes, TRUE);
|
2001-02-01 20:21:25 +00:00
|
|
|
|
2003-12-29 04:07:06 +00:00
|
|
|
if (!res) {
|
2002-02-05 22:50:17 +00:00
|
|
|
if (logfunc != NULL)
|
|
|
|
logfunc("\"%s\" is not a valid byte string.", s);
|
2001-02-01 20:21:25 +00:00
|
|
|
g_byte_array_free(bytes, TRUE);
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
2003-10-29 23:48:14 +00:00
|
|
|
/* Free up the old value, if we have one */
|
|
|
|
bytes_fvalue_free(fv);
|
2001-02-01 20:21:25 +00:00
|
|
|
|
2003-10-29 23:48:14 +00:00
|
|
|
fv->value.bytes = bytes;
|
2001-02-01 20:21:25 +00:00
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
static gboolean
|
2003-08-27 15:23:11 +00:00
|
|
|
ether_from_unparsed(fvalue_t *fv, char *s, gboolean allow_partial_value, LogFunc logfunc)
|
2001-02-01 20:21:25 +00:00
|
|
|
{
|
|
|
|
guint8 *mac;
|
|
|
|
|
2001-03-03 00:33:24 +00:00
|
|
|
/*
|
|
|
|
* Don't log a message if this fails; we'll try looking it
|
|
|
|
* up as an Ethernet host name if it does, and if that fails,
|
|
|
|
* we'll log a message.
|
|
|
|
*/
|
2003-08-27 15:23:11 +00:00
|
|
|
if (bytes_from_unparsed(fv, s, TRUE, NULL)) {
|
|
|
|
if (fv->value.bytes->len > ETHER_LEN) {
|
|
|
|
logfunc("\"%s\" contains too many bytes to be a valid Ethernet address.",
|
|
|
|
s);
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
else if (fv->value.bytes->len < ETHER_LEN && !allow_partial_value) {
|
|
|
|
logfunc("\"%s\" contains too few bytes to be a valid Ethernet address.",
|
|
|
|
s);
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
mac = get_ether_addr(s);
|
|
|
|
if (!mac) {
|
2002-02-05 22:50:17 +00:00
|
|
|
logfunc("\"%s\" is not a valid hostname or Ethernet address.",
|
|
|
|
s);
|
2001-02-01 20:21:25 +00:00
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
ether_fvalue_set(fv, mac, FALSE);
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
static gboolean
|
2003-08-27 15:23:11 +00:00
|
|
|
ipv6_from_unparsed(fvalue_t *fv, char *s, gboolean allow_partial_value _U_, LogFunc logfunc)
|
2001-02-01 20:21:25 +00:00
|
|
|
{
|
|
|
|
guint8 buffer[16];
|
|
|
|
|
|
|
|
if (!get_host_ipaddr6(s, (struct e_in6_addr*)buffer)) {
|
2002-02-05 22:50:17 +00:00
|
|
|
logfunc("\"%s\" is not a valid hostname or IPv6 address.", s);
|
2001-02-01 20:21:25 +00:00
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
ipv6_fvalue_set(fv, buffer, FALSE);
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2005-10-31 02:42:22 +00:00
|
|
|
static int
|
|
|
|
ipv6_repr_len(fvalue_t *fv _U_, ftrepr_t rtype _U_)
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* 39 characters for "XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX".
|
|
|
|
*/
|
|
|
|
return 39;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
ipv6_to_repr(fvalue_t *fv, ftrepr_t rtype _U_, char *buf)
|
|
|
|
{
|
|
|
|
ip6_to_str_buf((struct e_in6_addr *)fv->value.bytes->data, buf);
|
|
|
|
}
|
|
|
|
|
2005-09-01 10:52:33 +00:00
|
|
|
static gboolean
|
|
|
|
get_guid(char *s, guint8 *buf)
|
|
|
|
{
|
2005-09-05 21:18:06 +00:00
|
|
|
size_t i, n;
|
2005-09-01 10:52:33 +00:00
|
|
|
char *p, two_digits[3];
|
|
|
|
static const char fmt[] = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX";
|
|
|
|
|
|
|
|
n = strlen(s);
|
2005-09-05 21:18:06 +00:00
|
|
|
if (n != strlen(fmt))
|
|
|
|
return FALSE;
|
2005-09-01 10:52:33 +00:00
|
|
|
for (i=0; i<n; i++) {
|
|
|
|
if (fmt[i] == 'X') {
|
2005-09-05 21:18:06 +00:00
|
|
|
if (!isxdigit((guchar)s[i]))
|
|
|
|
return FALSE;
|
2005-09-01 10:52:33 +00:00
|
|
|
} else {
|
2005-09-05 21:18:06 +00:00
|
|
|
if (s[i] != fmt[i])
|
|
|
|
return FALSE;
|
2005-09-01 10:52:33 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
for (p=s,i=0; i<GUID_LEN; i++) {
|
|
|
|
if (*p == '-') p++;
|
|
|
|
two_digits[0] = *(p++);
|
|
|
|
two_digits[1] = *(p++);
|
|
|
|
two_digits[2] = '\0';
|
|
|
|
buf[i] = (guint8)strtoul(two_digits, NULL, 16);
|
|
|
|
}
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2005-07-04 13:04:53 +00:00
|
|
|
static gboolean
|
|
|
|
guid_from_unparsed(fvalue_t *fv, char *s, gboolean allow_partial_value, LogFunc logfunc)
|
|
|
|
{
|
2005-09-01 10:52:33 +00:00
|
|
|
guint8 buffer[GUID_LEN];
|
|
|
|
|
2005-07-04 13:04:53 +00:00
|
|
|
/*
|
|
|
|
* Don't log a message if this fails; we'll try looking it
|
|
|
|
* up as an GUID if it does, and if that fails,
|
|
|
|
* we'll log a message.
|
|
|
|
*/
|
|
|
|
if (bytes_from_unparsed(fv, s, TRUE, NULL)) {
|
|
|
|
if (fv->value.bytes->len > GUID_LEN) {
|
|
|
|
logfunc("\"%s\" contains too many bytes to be a valid Globally Unique Identifier.",
|
|
|
|
s);
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
else if (fv->value.bytes->len < GUID_LEN && !allow_partial_value) {
|
|
|
|
logfunc("\"%s\" contains too few bytes to be a valid Globally Unique Identifier.",
|
|
|
|
s);
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
2005-09-01 10:52:33 +00:00
|
|
|
|
|
|
|
if (!get_guid(s, buffer)) {
|
|
|
|
logfunc("\"%s\" is not a valid GUID.", s);
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
guid_fvalue_set(fv, buffer, FALSE);
|
|
|
|
return TRUE;
|
2005-07-04 13:04:53 +00:00
|
|
|
}
|
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
static guint
|
|
|
|
len(fvalue_t *fv)
|
|
|
|
{
|
|
|
|
return fv->value.bytes->len;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
slice(fvalue_t *fv, GByteArray *bytes, guint offset, guint length)
|
|
|
|
{
|
|
|
|
guint8* data;
|
|
|
|
|
|
|
|
data = fv->value.bytes->data + offset;
|
|
|
|
|
|
|
|
g_byte_array_append(bytes, data, length);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static gboolean
|
|
|
|
cmp_eq(fvalue_t *fv_a, fvalue_t *fv_b)
|
|
|
|
{
|
|
|
|
GByteArray *a = fv_a->value.bytes;
|
|
|
|
GByteArray *b = fv_b->value.bytes;
|
|
|
|
|
|
|
|
if (a->len != b->len) {
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
return (memcmp(a->data, b->data, a->len) == 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static gboolean
|
|
|
|
cmp_ne(fvalue_t *fv_a, fvalue_t *fv_b)
|
|
|
|
{
|
|
|
|
GByteArray *a = fv_a->value.bytes;
|
|
|
|
GByteArray *b = fv_b->value.bytes;
|
|
|
|
|
|
|
|
if (a->len != b->len) {
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
return (memcmp(a->data, b->data, a->len) != 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static gboolean
|
|
|
|
cmp_gt(fvalue_t *fv_a, fvalue_t *fv_b)
|
|
|
|
{
|
|
|
|
GByteArray *a = fv_a->value.bytes;
|
|
|
|
GByteArray *b = fv_b->value.bytes;
|
|
|
|
|
|
|
|
if (a->len > b->len) {
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (a->len < b->len) {
|
|
|
|
return FALSE;
|
|
|
|
}
|
2002-08-28 20:41:00 +00:00
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
return (memcmp(a->data, b->data, a->len) > 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
static gboolean
|
|
|
|
cmp_ge(fvalue_t *fv_a, fvalue_t *fv_b)
|
|
|
|
{
|
|
|
|
GByteArray *a = fv_a->value.bytes;
|
|
|
|
GByteArray *b = fv_b->value.bytes;
|
|
|
|
|
|
|
|
if (a->len > b->len) {
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (a->len < b->len) {
|
|
|
|
return FALSE;
|
|
|
|
}
|
2002-08-28 20:41:00 +00:00
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
return (memcmp(a->data, b->data, a->len) >= 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
static gboolean
|
|
|
|
cmp_lt(fvalue_t *fv_a, fvalue_t *fv_b)
|
|
|
|
{
|
|
|
|
GByteArray *a = fv_a->value.bytes;
|
|
|
|
GByteArray *b = fv_b->value.bytes;
|
|
|
|
|
|
|
|
if (a->len < b->len) {
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (a->len > b->len) {
|
|
|
|
return FALSE;
|
|
|
|
}
|
2002-08-28 20:41:00 +00:00
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
return (memcmp(a->data, b->data, a->len) < 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
static gboolean
|
|
|
|
cmp_le(fvalue_t *fv_a, fvalue_t *fv_b)
|
|
|
|
{
|
|
|
|
GByteArray *a = fv_a->value.bytes;
|
|
|
|
GByteArray *b = fv_b->value.bytes;
|
|
|
|
|
|
|
|
if (a->len < b->len) {
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (a->len > b->len) {
|
|
|
|
return FALSE;
|
|
|
|
}
|
2002-08-28 20:41:00 +00:00
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
return (memcmp(a->data, b->data, a->len) <= 0);
|
|
|
|
}
|
|
|
|
|
2004-02-27 12:00:32 +00:00
|
|
|
static gboolean cmp_bytes_bitwise_and(fvalue_t *fv_a, fvalue_t *fv_b)
|
|
|
|
{
|
|
|
|
GByteArray *a = fv_a->value.bytes;
|
|
|
|
GByteArray *b = fv_b->value.bytes;
|
|
|
|
guint i = 0;
|
|
|
|
unsigned char *p_a, *p_b;
|
|
|
|
|
|
|
|
if (b->len != a->len) {
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
p_a = a->data;
|
|
|
|
p_b = b->data;
|
|
|
|
while (i < b->len) {
|
|
|
|
if (p_a[i] & p_b[i])
|
|
|
|
i++;
|
|
|
|
else
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2003-08-27 15:23:11 +00:00
|
|
|
static gboolean
|
|
|
|
cmp_contains(fvalue_t *fv_a, fvalue_t *fv_b)
|
|
|
|
{
|
|
|
|
GByteArray *a = fv_a->value.bytes;
|
|
|
|
GByteArray *b = fv_b->value.bytes;
|
|
|
|
|
|
|
|
if (epan_memmem(a->data, a->len, b->data, b->len)) {
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2003-12-18 13:02:19 +00:00
|
|
|
#ifdef HAVE_LIBPCRE
|
|
|
|
static gboolean
|
|
|
|
cmp_matches(fvalue_t *fv_a, fvalue_t *fv_b)
|
|
|
|
{
|
2004-01-25 17:22:57 +00:00
|
|
|
GString *a = fv_a->value.gstring;
|
2003-12-18 13:02:19 +00:00
|
|
|
pcre_tuple_t *pcre = fv_b->value.re;
|
|
|
|
int options = 0;
|
|
|
|
int rc;
|
|
|
|
|
|
|
|
/* fv_b is always a FT_PCRE, otherwise the dfilter semcheck() would have
|
|
|
|
* warned us. For the same reason (and because we're using g_malloc()),
|
|
|
|
* fv_b->value.re is not NULL.
|
|
|
|
*/
|
|
|
|
if (strcmp(fv_b->ftype->name, "FT_PCRE") != 0) {
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
if (! pcre) {
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
rc = pcre_exec(
|
|
|
|
pcre->re, /* Compiled PCRE */
|
|
|
|
pcre->ex, /* PCRE extra from pcre_study() */
|
2004-01-25 17:22:57 +00:00
|
|
|
a->str, /* The data to check for the pattern... */
|
2003-12-18 13:02:19 +00:00
|
|
|
a->len, /* ... and its length */
|
|
|
|
0, /* Start offset within data */
|
|
|
|
options, /* PCRE options */
|
|
|
|
NULL, /* We are not interested in the matched string */
|
|
|
|
0 /* of the pattern; only in success or failure. */
|
|
|
|
);
|
|
|
|
/* NOTE - DO NOT g_free(data) */
|
|
|
|
if (rc == 0) {
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
void
|
|
|
|
ftype_register_bytes(void)
|
|
|
|
{
|
|
|
|
|
|
|
|
static ftype_t bytes_type = {
|
2002-05-09 23:50:34 +00:00
|
|
|
"FT_BYTES", /* name */
|
|
|
|
"sequence of bytes", /* pretty_name */
|
|
|
|
0, /* wire_size */
|
|
|
|
bytes_fvalue_new, /* new_value */
|
|
|
|
bytes_fvalue_free, /* free_value */
|
2003-08-27 15:23:11 +00:00
|
|
|
bytes_from_unparsed, /* val_from_unparsed */
|
2004-01-01 17:02:56 +00:00
|
|
|
bytes_from_string, /* val_from_string */
|
2003-06-11 21:24:54 +00:00
|
|
|
bytes_to_repr, /* val_to_string_repr */
|
|
|
|
bytes_repr_len, /* len_string_repr */
|
2002-05-09 23:50:34 +00:00
|
|
|
|
|
|
|
bytes_fvalue_set, /* set_value */
|
|
|
|
NULL, /* set_value_integer */
|
2004-08-22 00:31:58 +00:00
|
|
|
NULL, /* set_value_integer64 */
|
2002-05-09 23:50:34 +00:00
|
|
|
NULL, /* set_value_floating */
|
|
|
|
|
|
|
|
value_get, /* get_value */
|
|
|
|
NULL, /* get_value_integer */
|
2004-08-22 00:31:58 +00:00
|
|
|
NULL, /* get_value_integer64 */
|
2003-02-08 04:22:37 +00:00
|
|
|
NULL, /* get_value_floating */
|
2001-02-01 20:21:25 +00:00
|
|
|
|
2002-05-09 23:50:34 +00:00
|
|
|
cmp_eq,
|
|
|
|
cmp_ne,
|
|
|
|
cmp_gt,
|
|
|
|
cmp_ge,
|
|
|
|
cmp_lt,
|
|
|
|
cmp_le,
|
2004-02-27 12:00:32 +00:00
|
|
|
cmp_bytes_bitwise_and,
|
2003-08-27 15:23:11 +00:00
|
|
|
cmp_contains,
|
2003-12-18 13:02:19 +00:00
|
|
|
CMP_MATCHES,
|
2002-05-09 23:50:34 +00:00
|
|
|
|
|
|
|
len,
|
|
|
|
slice,
|
|
|
|
};
|
|
|
|
|
|
|
|
static ftype_t uint_bytes_type = {
|
|
|
|
"FT_UINT_BYTES", /* name */
|
|
|
|
"sequence of bytes", /* pretty_name */
|
|
|
|
0, /* wire_size */
|
|
|
|
bytes_fvalue_new, /* new_value */
|
|
|
|
bytes_fvalue_free, /* free_value */
|
2003-08-27 15:23:11 +00:00
|
|
|
bytes_from_unparsed, /* val_from_unparsed */
|
2003-07-25 03:44:05 +00:00
|
|
|
NULL, /* val_from_string */
|
2003-06-11 21:24:54 +00:00
|
|
|
bytes_to_repr, /* val_to_string_repr */
|
|
|
|
bytes_repr_len, /* len_string_repr */
|
2002-05-09 23:50:34 +00:00
|
|
|
|
|
|
|
bytes_fvalue_set, /* set_value */
|
|
|
|
NULL, /* set_value_integer */
|
2004-08-22 00:31:58 +00:00
|
|
|
NULL, /* set_value_integer64 */
|
2002-05-09 23:50:34 +00:00
|
|
|
NULL, /* set_value_floating */
|
|
|
|
|
|
|
|
value_get, /* get_value */
|
|
|
|
NULL, /* get_value_integer */
|
2004-08-22 00:31:58 +00:00
|
|
|
NULL, /* get_value_integer64 */
|
2003-02-08 04:22:37 +00:00
|
|
|
NULL, /* get_value_floating */
|
2001-02-01 20:21:25 +00:00
|
|
|
|
|
|
|
cmp_eq,
|
|
|
|
cmp_ne,
|
|
|
|
cmp_gt,
|
|
|
|
cmp_ge,
|
|
|
|
cmp_lt,
|
|
|
|
cmp_le,
|
2004-02-27 12:00:32 +00:00
|
|
|
cmp_bytes_bitwise_and,
|
2003-08-27 15:23:11 +00:00
|
|
|
cmp_contains,
|
2003-12-06 16:35:20 +00:00
|
|
|
NULL, /* cmp_matches */
|
2001-02-01 20:21:25 +00:00
|
|
|
|
|
|
|
len,
|
|
|
|
slice,
|
|
|
|
};
|
|
|
|
|
|
|
|
static ftype_t ether_type = {
|
2003-02-08 04:22:37 +00:00
|
|
|
"FT_ETHER", /* name */
|
|
|
|
"Ethernet or other MAC address",/* pretty_name */
|
|
|
|
ETHER_LEN, /* wire_size */
|
|
|
|
bytes_fvalue_new, /* new_value */
|
|
|
|
bytes_fvalue_free, /* free_value */
|
2003-07-25 03:44:05 +00:00
|
|
|
ether_from_unparsed, /* val_from_unparsed */
|
|
|
|
NULL, /* val_from_string */
|
2003-06-11 21:24:54 +00:00
|
|
|
bytes_to_repr, /* val_to_string_repr */
|
|
|
|
bytes_repr_len, /* len_string_repr */
|
2001-02-01 20:21:25 +00:00
|
|
|
|
2003-02-08 04:22:37 +00:00
|
|
|
ether_fvalue_set, /* set_value */
|
|
|
|
NULL, /* set_value_integer */
|
2004-08-22 00:31:58 +00:00
|
|
|
NULL, /* set_value_integer64 */
|
2003-02-08 04:22:37 +00:00
|
|
|
NULL, /* set_value_floating */
|
2001-02-01 20:21:25 +00:00
|
|
|
|
2003-02-08 04:22:37 +00:00
|
|
|
value_get, /* get_value */
|
|
|
|
NULL, /* get_value_integer */
|
2004-08-22 00:31:58 +00:00
|
|
|
NULL, /* get_value_integer64 */
|
2003-02-08 04:22:37 +00:00
|
|
|
NULL, /* get_value_floating */
|
2001-02-01 20:21:25 +00:00
|
|
|
|
|
|
|
cmp_eq,
|
|
|
|
cmp_ne,
|
|
|
|
cmp_gt,
|
|
|
|
cmp_ge,
|
|
|
|
cmp_lt,
|
|
|
|
cmp_le,
|
2004-02-27 12:00:32 +00:00
|
|
|
cmp_bytes_bitwise_and,
|
2003-08-27 15:23:11 +00:00
|
|
|
cmp_contains,
|
2003-12-18 13:02:19 +00:00
|
|
|
CMP_MATCHES,
|
2001-02-01 20:21:25 +00:00
|
|
|
|
|
|
|
len,
|
|
|
|
slice,
|
|
|
|
};
|
|
|
|
|
|
|
|
static ftype_t ipv6_type = {
|
2003-02-08 04:22:37 +00:00
|
|
|
"FT_IPv6", /* name */
|
|
|
|
"IPv6 address", /* pretty_name */
|
|
|
|
IPv6_LEN, /* wire_size */
|
|
|
|
bytes_fvalue_new, /* new_value */
|
|
|
|
bytes_fvalue_free, /* free_value */
|
2003-07-25 03:44:05 +00:00
|
|
|
ipv6_from_unparsed, /* val_from_unparsed */
|
|
|
|
NULL, /* val_from_string */
|
2005-10-31 02:42:22 +00:00
|
|
|
ipv6_to_repr, /* val_to_string_repr */
|
|
|
|
ipv6_repr_len, /* len_string_repr */
|
2001-02-01 20:21:25 +00:00
|
|
|
|
2003-02-08 04:22:37 +00:00
|
|
|
ipv6_fvalue_set, /* set_value */
|
|
|
|
NULL, /* set_value_integer */
|
2004-08-22 00:31:58 +00:00
|
|
|
NULL, /* set_value_integer64 */
|
2003-02-08 04:22:37 +00:00
|
|
|
NULL, /* set_value_floating */
|
2001-02-01 20:21:25 +00:00
|
|
|
|
2003-02-08 04:22:37 +00:00
|
|
|
value_get, /* get_value */
|
|
|
|
NULL, /* get_value_integer */
|
2004-08-22 00:31:58 +00:00
|
|
|
NULL, /* get_value_integer64 */
|
2003-02-08 04:22:37 +00:00
|
|
|
NULL, /* get_value_floating */
|
2001-02-01 20:21:25 +00:00
|
|
|
|
|
|
|
cmp_eq,
|
|
|
|
cmp_ne,
|
|
|
|
cmp_gt,
|
|
|
|
cmp_ge,
|
|
|
|
cmp_lt,
|
|
|
|
cmp_le,
|
2004-02-27 12:00:32 +00:00
|
|
|
cmp_bytes_bitwise_and,
|
2003-08-27 15:23:11 +00:00
|
|
|
cmp_contains,
|
2003-12-06 16:35:20 +00:00
|
|
|
NULL, /* cmp_matches */
|
2001-02-01 20:21:25 +00:00
|
|
|
|
|
|
|
len,
|
|
|
|
slice,
|
|
|
|
};
|
|
|
|
|
2005-07-04 13:04:53 +00:00
|
|
|
static ftype_t guid_type = {
|
|
|
|
"GUID", /* name */
|
|
|
|
"Globally Unique Identifier", /* pretty_name */
|
|
|
|
GUID_LEN, /* wire_size */
|
|
|
|
bytes_fvalue_new, /* new_value */
|
|
|
|
bytes_fvalue_free, /* free_value */
|
|
|
|
guid_from_unparsed, /* val_from_unparsed */
|
|
|
|
NULL, /* val_from_string */
|
2005-10-31 02:42:22 +00:00
|
|
|
guid_to_repr, /* val_to_string_repr */
|
|
|
|
guid_repr_len, /* len_string_repr */
|
2005-07-04 13:04:53 +00:00
|
|
|
|
|
|
|
guid_fvalue_set, /* set_value */
|
|
|
|
NULL, /* set_value_integer */
|
|
|
|
NULL, /* set_value_integer64 */
|
|
|
|
NULL, /* set_value_floating */
|
|
|
|
|
|
|
|
value_get, /* get_value */
|
|
|
|
NULL, /* get_value_integer */
|
|
|
|
NULL, /* get_value_integer64 */
|
|
|
|
NULL, /* get_value_floating */
|
|
|
|
|
|
|
|
cmp_eq,
|
|
|
|
cmp_ne,
|
|
|
|
cmp_gt,
|
|
|
|
cmp_ge,
|
|
|
|
cmp_lt,
|
|
|
|
cmp_le,
|
|
|
|
cmp_bytes_bitwise_and,
|
|
|
|
cmp_contains,
|
|
|
|
NULL, /* cmp_matches */
|
|
|
|
|
|
|
|
len,
|
|
|
|
slice,
|
|
|
|
};
|
|
|
|
|
2001-02-01 20:21:25 +00:00
|
|
|
ftype_register(FT_BYTES, &bytes_type);
|
2002-05-10 02:44:08 +00:00
|
|
|
ftype_register(FT_UINT_BYTES, &uint_bytes_type);
|
2001-02-01 20:21:25 +00:00
|
|
|
ftype_register(FT_ETHER, ðer_type);
|
|
|
|
ftype_register(FT_IPv6, &ipv6_type);
|
2005-07-04 13:04:53 +00:00
|
|
|
ftype_register(FT_GUID, &guid_type);
|
2001-02-01 20:21:25 +00:00
|
|
|
}
|