Preparation Host Flows: make ICMP(v6) code and type retrieval more robust

Do not retrieve type and code base on the info column content. Instead store type and code in pinfo structure and retrieve them in sequence analysis tap. Change-Id: I71cd505d7faf713c2372731495d47b45928a41f8 Reviewed-on: https://code.wireshark.org/review/10280 Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Reviewed-by: Pascal Artho <pascalartho@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2015-08-27 23:35:58 +02:00 · 2015-08-27 23:35:58 +02:00 · c04d54fbd4
parent 5179406fa4
commit c04d54fbd4
4 changed files with 39 additions and 27 deletions
--- a/epan/dissectors/packet-icmp.c
+++ b/epan/dissectors/packet-icmp.c
@ -1590,11 +1590,17 @@ dissect_icmp(tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree, void* data)
 		break;
 	}

+	if (!PINFO_FD_VISITED(pinfo)) {
+		icmp_info_t *p_icmp_info = wmem_new(wmem_file_scope(), icmp_info_t);
+		p_icmp_info->type = icmp_type;
+		p_icmp_info->code = icmp_code;
+		p_add_proto_data(wmem_file_scope(), pinfo, proto_icmp, 0, p_icmp_info);
+	}
+
 	if (trans) {
 		tap_queue_packet(icmp_tap, pinfo, trans);
 	}

-	col_append_fstr(pinfo->cinfo, COL_INFO, ", Type=%d, Code=%d", icmp_type, icmp_code);
 	return tvb_reported_length(tvb);
 }

--- a/epan/dissectors/packet-icmp.h
+++ b/epan/dissectors/packet-icmp.h
@ -33,4 +33,10 @@ typedef struct _icmp_transaction_t {
    nstime_t resp_time;
 } icmp_transaction_t;

+/* ICMP info ... used by sequence analysis tap and stored in pinfo with p_add_proto_data */
+typedef struct {
+    guint8 type;
+    guint8 code;
+} icmp_info_t;
+
 #endif
--- a/epan/dissectors/packet-icmpv6.c
+++ b/epan/dissectors/packet-icmpv6.c
@ -4114,10 +4114,16 @@ dissect_icmpv6(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
        } /* switch (icmp6_type) */
    } /* if (1) */

+    if (!PINFO_FD_VISITED(pinfo)) {
+        icmp_info_t *p_icmp_info = wmem_new(wmem_file_scope(), icmp_info_t);
+        p_icmp_info->type = icmp6_type;
+        p_icmp_info->code = icmp6_code;
+        p_add_proto_data(wmem_file_scope(), pinfo, proto_icmpv6, 0, p_icmp_info);
+    }
+
    if (trans)
        tap_queue_packet(icmpv6_tap, pinfo, trans);

-	col_append_fstr(pinfo->cinfo, COL_INFO, ", Type=%d, Code=%d", icmp6_type, icmp6_code);
    return offset;
 }

--- a/ui/tap-sequence-analysis.c
+++ b/ui/tap-sequence-analysis.c
@ -32,6 +32,7 @@
 #include "epan/packet.h"
 #include "epan/tap.h"
 #include "epan/dissectors/packet-tcp.h"
+#include "epan/dissectors/packet-icmp.h"

 #include "ui/alert_box.h"

@ -82,8 +83,7 @@ seq_analysis_frame_packet( void *ptr, packet_info *pinfo, epan_dissect_t *edt _U
        gchar *protocol = NULL;
        gchar *colinfo = NULL;
        seq_analysis_item_t *sai = NULL;
-        gchar **strings = NULL;
-        gchar **stringsPart = NULL;
+        icmp_info_t *p_icmp_info;

        if (sainfo->any_addr) {
            if (pinfo->net_src.type!=AT_NONE && pinfo->net_dst.type!=AT_NONE) {
@ -133,30 +133,10 @@ seq_analysis_frame_packet( void *ptr, packet_info *pinfo, epan_dissect_t *edt _U
        }

        if (colinfo != NULL) {
+            sai->frame_label = g_strdup(colinfo);
            if (protocol != NULL) {
-                sai->frame_label = g_strdup(colinfo);
                sai->comment = g_strdup_printf("%s: %s", protocol, colinfo);
-                if ((!sai->port_src && !sai->port_dst) || strcmp(protocol, g_strdup("ICMP")) == 0 || strcmp(protocol, g_strdup("ICMPv6")) == 0) {
-                    guint32 type = 0;
-                    guint32 code = 0;
-                    sai->protocol = g_strdup(g_strdup_printf("%s", protocol));
-                    strings = g_strsplit(colinfo,", ", -1);
-                    for (i = 0; strings[i] != NULL; i++) {
-                        if (g_str_has_prefix(strings[i], "Type=") == TRUE) {
-                            stringsPart = g_strsplit(strings[i], "=", -1);
-                            type = (guint32)g_ascii_strtoull(stringsPart[1], NULL, 10);
-                        }
-                        if (g_str_has_prefix(strings[i], "Code=") == TRUE) {
-                            stringsPart = g_strsplit(strings[i], "=", -1);
-                            code = (guint32)g_ascii_strtoull(stringsPart[1], NULL, 10);
-                        }
-                    }
-                    sai->port_src = 0;
-                    sai->port_dst = type * 256 + code;
-
-                }
            } else {
-                sai->frame_label = g_strdup(colinfo);
                sai->comment = g_strdup(colinfo);
            }
        } else {
@ -167,10 +147,24 @@ seq_analysis_frame_packet( void *ptr, packet_info *pinfo, epan_dissect_t *edt _U
            }
        }

+        if (pinfo->ptype == PT_NONE) {
+            if ((p_icmp_info = (icmp_info_t *)p_get_proto_data(wmem_file_scope(),
+                    pinfo, proto_get_id_by_short_name("ICMP"), 0)) != NULL) {
+                g_free(sai->protocol);
+                sai->protocol = g_strdup("ICMP");
+                sai->port_src = 0;
+                sai->port_dst = p_icmp_info->type * 256 + p_icmp_info->code;
+            } else if ((p_icmp_info = (icmp_info_t *)p_get_proto_data(wmem_file_scope(),
+                    pinfo, proto_get_id_by_short_name("ICMPv6"), 0)) != NULL) {
+                g_free(sai->protocol);
+                sai->protocol = g_strdup("ICMPv6");
+                sai->port_src = 0;
+                sai->port_dst = p_icmp_info->type * 256 + p_icmp_info->code;
+            }
+        }
+
        g_free(protocol);
        g_free(colinfo);
-        g_free(strings);
-        g_free(stringsPart);

        sai->line_style=1;
        sai->conv_num=0;