2008-11-27 16:40:45 +00:00
|
|
|
/* tnef.c
|
|
|
|
*
|
|
|
|
* Transport-Neutral Encapsulation Format (TNEF) file reading
|
|
|
|
*
|
2018-01-19 11:33:53 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0+
|
2008-11-27 16:40:45 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include "config.h"
|
|
|
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
|
|
|
#include "wtap-int.h"
|
|
|
|
#include "file_wrappers.h"
|
2014-07-15 23:40:46 +00:00
|
|
|
#include <wsutil/buffer.h>
|
2008-11-27 16:40:45 +00:00
|
|
|
#include "tnef.h"
|
|
|
|
|
2014-05-23 10:50:02 +00:00
|
|
|
static gboolean tnef_read_file(wtap *wth, FILE_T fh, struct wtap_pkthdr *phdr,
|
|
|
|
Buffer *buf, int *err, gchar **err_info)
|
2013-06-02 23:23:47 +00:00
|
|
|
{
|
2013-06-17 22:18:24 +00:00
|
|
|
gint64 file_size;
|
|
|
|
int packet_size;
|
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
if ((file_size = wtap_file_size(wth, err)) == -1)
|
2014-05-23 10:50:02 +00:00
|
|
|
return FALSE;
|
2013-06-17 22:18:24 +00:00
|
|
|
|
Allow bigger snapshot lengths for D-Bus captures.
Use WTAP_MAX_PACKET_SIZE_STANDARD, set to 256KB, for everything except
for D-Bus captures. Use WTAP_MAX_PACKET_SIZE_DBUS, set to 128MB, for
them, because that's the largest possible D-Bus message size. See
https://bugs.freedesktop.org/show_bug.cgi?id=100220
for an example of the problems caused by limiting the snapshot length to
256KB for D-Bus.
Have a snapshot length of 0 in a capture_file structure mean "there is
no snapshot length for the file"; we don't need the has_snap field in
that case, a value of 0 mean "no, we don't have a snapshot length".
In dumpcap, start out with a pipe buffer size of 2KB, and grow it as
necessary. When checking for a too-big packet from a pipe, check
against the appropriate maximum - 128MB for DLT_DBUS, 256KB for
everything else.
Change-Id: Ib2ce7a0cf37b971fbc0318024fd011e18add8b20
Reviewed-on: https://code.wireshark.org/review/21952
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-06-05 01:58:40 +00:00
|
|
|
if (file_size > WTAP_MAX_PACKET_SIZE_STANDARD) {
|
2013-06-17 22:18:24 +00:00
|
|
|
/*
|
|
|
|
* Probably a corrupt capture file; don't blow up trying
|
|
|
|
* to allocate space for an immensely-large packet.
|
|
|
|
*/
|
|
|
|
*err = WTAP_ERR_BAD_FILE;
|
|
|
|
*err_info = g_strdup_printf("tnef: File has %" G_GINT64_MODIFIER "d-byte packet, bigger than maximum of %u",
|
Allow bigger snapshot lengths for D-Bus captures.
Use WTAP_MAX_PACKET_SIZE_STANDARD, set to 256KB, for everything except
for D-Bus captures. Use WTAP_MAX_PACKET_SIZE_DBUS, set to 128MB, for
them, because that's the largest possible D-Bus message size. See
https://bugs.freedesktop.org/show_bug.cgi?id=100220
for an example of the problems caused by limiting the snapshot length to
256KB for D-Bus.
Have a snapshot length of 0 in a capture_file structure mean "there is
no snapshot length for the file"; we don't need the has_snap field in
that case, a value of 0 mean "no, we don't have a snapshot length".
In dumpcap, start out with a pipe buffer size of 2KB, and grow it as
necessary. When checking for a too-big packet from a pipe, check
against the appropriate maximum - 128MB for DLT_DBUS, 256KB for
everything else.
Change-Id: Ib2ce7a0cf37b971fbc0318024fd011e18add8b20
Reviewed-on: https://code.wireshark.org/review/21952
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-06-05 01:58:40 +00:00
|
|
|
file_size, WTAP_MAX_PACKET_SIZE_STANDARD);
|
2014-05-23 10:50:02 +00:00
|
|
|
return FALSE;
|
2013-06-17 22:18:24 +00:00
|
|
|
}
|
|
|
|
packet_size = (int)file_size;
|
|
|
|
|
2014-05-24 18:28:30 +00:00
|
|
|
phdr->rec_type = REC_TYPE_PACKET;
|
2013-06-02 23:23:47 +00:00
|
|
|
phdr->presence_flags = 0; /* yes, we have no bananas^Wtime stamp */
|
|
|
|
|
|
|
|
phdr->caplen = packet_size;
|
|
|
|
phdr->len = packet_size;
|
|
|
|
|
|
|
|
phdr->ts.secs = 0;
|
|
|
|
phdr->ts.nsecs = 0;
|
2013-06-17 22:18:24 +00:00
|
|
|
|
2014-05-23 10:50:02 +00:00
|
|
|
return wtap_read_packet_bytes(fh, buf, packet_size, err, err_info);
|
2013-06-02 23:23:47 +00:00
|
|
|
}
|
2008-11-27 16:40:45 +00:00
|
|
|
|
2014-05-23 10:50:02 +00:00
|
|
|
static gboolean tnef_read(wtap *wth, int *err, gchar **err_info, gint64 *data_offset)
|
2008-11-27 16:40:45 +00:00
|
|
|
{
|
2012-05-04 16:56:18 +00:00
|
|
|
gint64 offset;
|
2008-11-27 16:40:45 +00:00
|
|
|
|
|
|
|
*err = 0;
|
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
offset = file_tell(wth->fh);
|
2012-05-04 16:56:18 +00:00
|
|
|
|
2008-11-27 16:40:45 +00:00
|
|
|
/* there is only ever one packet */
|
2012-05-04 16:56:18 +00:00
|
|
|
if (offset)
|
2014-05-23 10:50:02 +00:00
|
|
|
return FALSE;
|
2008-11-27 16:40:45 +00:00
|
|
|
|
2012-05-04 16:56:18 +00:00
|
|
|
*data_offset = offset;
|
2008-11-27 16:40:45 +00:00
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
return tnef_read_file(wth, wth->fh, &wth->phdr, wth->frame_buffer, err, err_info);
|
2008-11-27 16:40:45 +00:00
|
|
|
}
|
|
|
|
|
2014-05-23 10:50:02 +00:00
|
|
|
static gboolean tnef_seek_read(wtap *wth, gint64 seek_off,
|
|
|
|
struct wtap_pkthdr *phdr,
|
|
|
|
Buffer *buf, int *err, gchar **err_info)
|
2008-11-27 16:40:45 +00:00
|
|
|
{
|
|
|
|
/* there is only one packet */
|
|
|
|
if(seek_off > 0) {
|
|
|
|
*err = 0;
|
2014-05-23 10:50:02 +00:00
|
|
|
return FALSE;
|
2008-11-27 16:40:45 +00:00
|
|
|
}
|
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
if (file_seek(wth->random_fh, seek_off, SEEK_SET, err) == -1)
|
2014-05-23 10:50:02 +00:00
|
|
|
return FALSE;
|
2008-11-27 16:40:45 +00:00
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
return tnef_read_file(wth, wth->random_fh, phdr, buf, err, err_info);
|
2008-11-27 16:40:45 +00:00
|
|
|
}
|
|
|
|
|
2015-05-09 01:33:56 +00:00
|
|
|
wtap_open_return_val tnef_open(wtap *wth, int *err, gchar **err_info)
|
2008-11-27 16:40:45 +00:00
|
|
|
{
|
|
|
|
guint32 magic;
|
|
|
|
|
Add some higher-level file-read APIs and use them.
Add wtap_read_bytes(), which takes a FILE_T, a pointer, a byte count, an
error number pointer, and an error string pointer as arguments, and that
treats a short read of any sort, including a read that returns 0 bytes,
as a WTAP_ERR_SHORT_READ error, and that returns the error number and
string through its last two arguments.
Add wtap_read_bytes_or_eof(), which is similar, but that treats a read
that returns 0 bytes as an EOF, supplying an error number of 0 as an EOF
indication.
Use those in file readers; that simplifies the code and makes it less
likely that somebody will fail to supply the error number and error
string on a file read error.
Change-Id: Ia5dba2a6f81151e87b614461349d611cffc16210
Reviewed-on: https://code.wireshark.org/review/4512
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-10-07 01:00:57 +00:00
|
|
|
if (!wtap_read_bytes(wth->fh, &magic, sizeof magic, err, err_info))
|
2014-10-09 23:44:15 +00:00
|
|
|
return (*err != WTAP_ERR_SHORT_READ) ? WTAP_OPEN_ERROR : WTAP_OPEN_NOT_MINE;
|
2008-11-27 16:40:45 +00:00
|
|
|
|
2013-11-29 18:44:00 +00:00
|
|
|
if (GUINT32_TO_LE(magic) != TNEF_SIGNATURE)
|
2008-11-27 16:40:45 +00:00
|
|
|
/* Not a tnef file */
|
2014-10-09 23:44:15 +00:00
|
|
|
return WTAP_OPEN_NOT_MINE;
|
2008-11-27 16:40:45 +00:00
|
|
|
|
|
|
|
/* seek back to the start of the file */
|
2014-05-09 05:18:49 +00:00
|
|
|
if (file_seek(wth->fh, 0, SEEK_SET, err) == -1)
|
2014-10-09 23:44:15 +00:00
|
|
|
return WTAP_OPEN_ERROR;
|
2008-11-27 16:40:45 +00:00
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
wth->file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_TNEF;
|
|
|
|
wth->file_encap = WTAP_ENCAP_TNEF;
|
|
|
|
wth->snapshot_length = 0;
|
2008-11-27 16:40:45 +00:00
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
wth->subtype_read = tnef_read;
|
|
|
|
wth->subtype_seek_read = tnef_seek_read;
|
2014-09-28 18:37:06 +00:00
|
|
|
wth->file_tsprec = WTAP_TSPREC_SEC;
|
2008-11-27 16:40:45 +00:00
|
|
|
|
2014-10-09 23:44:15 +00:00
|
|
|
return WTAP_OPEN_MINE;
|
2008-11-27 16:40:45 +00:00
|
|
|
}
|
2015-01-02 00:45:22 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Editor modelines - http://www.wireshark.org/tools/modelines.html
|
|
|
|
*
|
|
|
|
* Local Variables:
|
|
|
|
* c-basic-offset: 2
|
|
|
|
* tab-width: 8
|
|
|
|
* indent-tabs-mode: nil
|
|
|
|
* End:
|
|
|
|
*
|
|
|
|
* vi: set shiftwidth=2 tabstop=8 expandtab:
|
|
|
|
* :indentSize=2:tabSize=8:noTabs=true:
|
|
|
|
*/
|