forked from osmocom/wireshark
1312 lines
35 KiB
C
1312 lines
35 KiB
C
/*
|
|
* Wireshark - Network traffic analyzer
|
|
* By Gerald Combs <gerald@wireshark.org>
|
|
* Copyright 2001 Gerald Combs
|
|
*
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
|
*/
|
|
|
|
#include "config.h"
|
|
|
|
#define WS_LOG_DOMAIN LOG_DOMAIN_DFILTER
|
|
|
|
#include <string.h>
|
|
|
|
#include "dfilter-int.h"
|
|
#include "semcheck.h"
|
|
#include "syntax-tree.h"
|
|
#include "sttype-range.h"
|
|
#include "sttype-test.h"
|
|
#include "sttype-set.h"
|
|
#include "sttype-function.h"
|
|
|
|
#include <epan/exceptions.h>
|
|
#include <epan/packet.h>
|
|
|
|
#include <wsutil/ws_assert.h>
|
|
#include <wsutil/wslog.h>
|
|
|
|
#include <ftypes/ftypes.h>
|
|
|
|
|
|
#define FAIL(dfw, ...) \
|
|
dfilter_fail_throw(dfw, TypeError, __VA_ARGS__)
|
|
|
|
static void
|
|
semcheck(dfwork_t *dfw, stnode_t *st_node);
|
|
|
|
static void
|
|
check_function(dfwork_t *dfw, stnode_t *st_node);
|
|
|
|
static fvalue_t *
|
|
mk_fvalue_from_val_string(dfwork_t *dfw, header_field_info *hfinfo, const char *s);
|
|
|
|
typedef gboolean (*FtypeCanFunc)(enum ftenum);
|
|
|
|
/* Compares to ftenum_t's and decides if they're
|
|
* compatible or not (if they're the same basic type) */
|
|
static gboolean
|
|
compatible_ftypes(ftenum_t a, ftenum_t b)
|
|
{
|
|
switch (a) {
|
|
case FT_NONE:
|
|
case FT_PROTOCOL:
|
|
case FT_FLOAT: /* XXX - should be able to compare with INT */
|
|
case FT_DOUBLE: /* XXX - should be able to compare with INT */
|
|
case FT_ABSOLUTE_TIME:
|
|
case FT_RELATIVE_TIME:
|
|
case FT_IEEE_11073_SFLOAT:
|
|
case FT_IEEE_11073_FLOAT:
|
|
case FT_IPv4:
|
|
case FT_IPv6:
|
|
case FT_IPXNET:
|
|
case FT_INT40: /* XXX - should be able to compare with INT */
|
|
case FT_UINT40: /* XXX - should be able to compare with INT */
|
|
case FT_INT48: /* XXX - should be able to compare with INT */
|
|
case FT_UINT48: /* XXX - should be able to compare with INT */
|
|
case FT_INT56: /* XXX - should be able to compare with INT */
|
|
case FT_UINT56: /* XXX - should be able to compare with INT */
|
|
case FT_INT64: /* XXX - should be able to compare with INT */
|
|
case FT_UINT64: /* XXX - should be able to compare with INT */
|
|
case FT_EUI64: /* XXX - should be able to compare with INT */
|
|
return a == b;
|
|
|
|
case FT_ETHER:
|
|
case FT_BYTES:
|
|
case FT_UINT_BYTES:
|
|
case FT_GUID:
|
|
case FT_OID:
|
|
case FT_AX25:
|
|
case FT_VINES:
|
|
case FT_FCWWN:
|
|
case FT_REL_OID:
|
|
case FT_SYSTEM_ID:
|
|
|
|
return (b == FT_ETHER || b == FT_BYTES || b == FT_UINT_BYTES || b == FT_GUID || b == FT_OID || b == FT_AX25 || b == FT_VINES || b == FT_FCWWN || b == FT_REL_OID || b == FT_SYSTEM_ID);
|
|
|
|
case FT_BOOLEAN:
|
|
case FT_FRAMENUM:
|
|
case FT_CHAR:
|
|
case FT_UINT8:
|
|
case FT_UINT16:
|
|
case FT_UINT24:
|
|
case FT_UINT32:
|
|
case FT_INT8:
|
|
case FT_INT16:
|
|
case FT_INT24:
|
|
case FT_INT32:
|
|
switch (b) {
|
|
case FT_BOOLEAN:
|
|
case FT_FRAMENUM:
|
|
case FT_CHAR:
|
|
case FT_UINT8:
|
|
case FT_UINT16:
|
|
case FT_UINT24:
|
|
case FT_UINT32:
|
|
case FT_INT8:
|
|
case FT_INT16:
|
|
case FT_INT24:
|
|
case FT_INT32:
|
|
return TRUE;
|
|
default:
|
|
return FALSE;
|
|
}
|
|
|
|
case FT_STRING:
|
|
case FT_STRINGZ:
|
|
case FT_UINT_STRING:
|
|
case FT_STRINGZPAD:
|
|
case FT_STRINGZTRUNC:
|
|
switch (b) {
|
|
case FT_STRING:
|
|
case FT_STRINGZ:
|
|
case FT_UINT_STRING:
|
|
case FT_STRINGZPAD:
|
|
case FT_STRINGZTRUNC:
|
|
return TRUE;
|
|
default:
|
|
return FALSE;
|
|
}
|
|
|
|
case FT_NUM_TYPES:
|
|
ws_assert_not_reached();
|
|
}
|
|
|
|
ws_assert_not_reached();
|
|
return FALSE;
|
|
}
|
|
|
|
/* Gets an fvalue from a string, and sets the error message on failure. */
|
|
WS_RETNONNULL
|
|
static fvalue_t*
|
|
dfilter_fvalue_from_unparsed(dfwork_t *dfw, ftenum_t ftype, stnode_t *st,
|
|
gboolean allow_partial_value, header_field_info *hfinfo_value_string)
|
|
{
|
|
fvalue_t *fv;
|
|
const char *s = stnode_data(st);
|
|
|
|
/* Don't set the error message if it's already set. */
|
|
fv = fvalue_from_unparsed(ftype, s, allow_partial_value,
|
|
dfw->error_message == NULL ? &dfw->error_message : NULL);
|
|
if (fv == NULL && hfinfo_value_string) {
|
|
/* check value_string */
|
|
fv = mk_fvalue_from_val_string(dfw, hfinfo_value_string, s);
|
|
/*
|
|
* Ignore previous errors if this can be mapped
|
|
* to an item from value_string.
|
|
*/
|
|
if (fv && dfw->error_message) {
|
|
g_free(dfw->error_message);
|
|
dfw->error_message = NULL;
|
|
}
|
|
}
|
|
if (fv == NULL)
|
|
THROW(TypeError);
|
|
return fv;
|
|
}
|
|
|
|
/* Gets an fvalue from a string, and sets the error message on failure. */
|
|
WS_RETNONNULL
|
|
static fvalue_t*
|
|
dfilter_fvalue_from_string(dfwork_t *dfw, ftenum_t ftype, stnode_t *st,
|
|
header_field_info *hfinfo_value_string)
|
|
{
|
|
fvalue_t *fv;
|
|
const char *s = stnode_data(st);
|
|
|
|
fv = fvalue_from_string(ftype, s,
|
|
dfw->error_message == NULL ? &dfw->error_message : NULL);
|
|
if (fv == NULL && hfinfo_value_string) {
|
|
fv = mk_fvalue_from_val_string(dfw, hfinfo_value_string, s);
|
|
/*
|
|
* Ignore previous errors if this can be mapped
|
|
* to an item from value_string.
|
|
*/
|
|
if (fv && dfw->error_message) {
|
|
g_free(dfw->error_message);
|
|
dfw->error_message = NULL;
|
|
}
|
|
}
|
|
if (fv == NULL)
|
|
THROW(TypeError);
|
|
return fv;
|
|
}
|
|
|
|
/* Creates a FT_UINT32 fvalue with a given value. */
|
|
static fvalue_t*
|
|
mk_uint32_fvalue(guint32 val)
|
|
{
|
|
fvalue_t *fv;
|
|
|
|
fv = fvalue_new(FT_UINT32);
|
|
fvalue_set_uinteger(fv, val);
|
|
|
|
return fv;
|
|
}
|
|
|
|
/* Creates a FT_UINT64 fvalue with a given value. */
|
|
static fvalue_t*
|
|
mk_uint64_fvalue(guint64 val)
|
|
{
|
|
fvalue_t *fv;
|
|
|
|
fv = fvalue_new(FT_UINT64);
|
|
fvalue_set_uinteger64(fv, val);
|
|
|
|
return fv;
|
|
}
|
|
|
|
/* Try to make an fvalue from a string using a value_string or true_false_string.
|
|
* This works only for ftypes that are integers. Returns the created fvalue_t*
|
|
* or NULL if impossible. */
|
|
static fvalue_t*
|
|
mk_fvalue_from_val_string(dfwork_t *dfw, header_field_info *hfinfo, const char *s)
|
|
{
|
|
static const true_false_string default_tf = { "True", "False" };
|
|
const true_false_string *tf = &default_tf;
|
|
|
|
/* Early return? */
|
|
switch(hfinfo->type) {
|
|
case FT_NONE:
|
|
case FT_PROTOCOL:
|
|
case FT_FLOAT:
|
|
case FT_DOUBLE:
|
|
case FT_IEEE_11073_SFLOAT:
|
|
case FT_IEEE_11073_FLOAT:
|
|
case FT_ABSOLUTE_TIME:
|
|
case FT_RELATIVE_TIME:
|
|
case FT_IPv4:
|
|
case FT_IPv6:
|
|
case FT_IPXNET:
|
|
case FT_AX25:
|
|
case FT_VINES:
|
|
case FT_FCWWN:
|
|
case FT_ETHER:
|
|
case FT_BYTES:
|
|
case FT_UINT_BYTES:
|
|
case FT_STRING:
|
|
case FT_STRINGZ:
|
|
case FT_UINT_STRING:
|
|
case FT_STRINGZPAD:
|
|
case FT_STRINGZTRUNC:
|
|
case FT_EUI64:
|
|
case FT_GUID:
|
|
case FT_OID:
|
|
case FT_REL_OID:
|
|
case FT_SYSTEM_ID:
|
|
case FT_FRAMENUM: /* hfinfo->strings contains ft_framenum_type_t, not strings */
|
|
return NULL;
|
|
|
|
case FT_BOOLEAN:
|
|
case FT_CHAR:
|
|
case FT_UINT8:
|
|
case FT_UINT16:
|
|
case FT_UINT24:
|
|
case FT_UINT32:
|
|
case FT_UINT40:
|
|
case FT_UINT48:
|
|
case FT_UINT56:
|
|
case FT_UINT64:
|
|
case FT_INT8:
|
|
case FT_INT16:
|
|
case FT_INT24:
|
|
case FT_INT32:
|
|
case FT_INT40:
|
|
case FT_INT48:
|
|
case FT_INT56:
|
|
case FT_INT64:
|
|
break;
|
|
|
|
case FT_NUM_TYPES:
|
|
ws_assert_not_reached();
|
|
}
|
|
|
|
/* TRUE/FALSE *always* exist for FT_BOOLEAN. */
|
|
if (hfinfo->type == FT_BOOLEAN) {
|
|
if (hfinfo->strings) {
|
|
tf = (const true_false_string *)hfinfo->strings;
|
|
}
|
|
|
|
if (g_ascii_strcasecmp(s, tf->true_string) == 0) {
|
|
return mk_uint64_fvalue(TRUE);
|
|
}
|
|
else if (g_ascii_strcasecmp(s, tf->false_string) == 0) {
|
|
return mk_uint64_fvalue(FALSE);
|
|
}
|
|
else {
|
|
/*
|
|
* Prefer this error message to whatever error message
|
|
* has already been set.
|
|
*/
|
|
g_free(dfw->error_message);
|
|
dfw->error_message = NULL;
|
|
dfilter_fail(dfw, "\"%s\" cannot be found among the possible values for %s.",
|
|
s, hfinfo->abbrev);
|
|
return NULL;
|
|
}
|
|
}
|
|
|
|
/* Do val_strings exist? */
|
|
if (!hfinfo->strings) {
|
|
dfilter_fail(dfw, "%s cannot accept strings as values.",
|
|
hfinfo->abbrev);
|
|
return NULL;
|
|
}
|
|
|
|
/* Reset the error message, since *something* interesting will happen,
|
|
* and the error message will be more interesting than any error message
|
|
* I happen to have now. */
|
|
g_free(dfw->error_message);
|
|
dfw->error_message = NULL;
|
|
|
|
if (hfinfo->display & BASE_RANGE_STRING) {
|
|
dfilter_fail(dfw, "\"%s\" cannot accept [range] strings as values.",
|
|
hfinfo->abbrev);
|
|
}
|
|
else if (hfinfo->display & BASE_VAL64_STRING) {
|
|
const val64_string *vals = (const val64_string *)hfinfo->strings;
|
|
|
|
while (vals->strptr != NULL) {
|
|
if (g_ascii_strcasecmp(s, vals->strptr) == 0) {
|
|
return mk_uint64_fvalue(vals->value);
|
|
}
|
|
vals++;
|
|
}
|
|
dfilter_fail(dfw, "\"%s\" cannot be found among the possible values for %s.",
|
|
s, hfinfo->abbrev);
|
|
}
|
|
else if (hfinfo->display == BASE_CUSTOM) {
|
|
/* If a user wants to match against a custom string, we would
|
|
* somehow have to have the integer value here to pass it in
|
|
* to the custom-display function. But we don't have an
|
|
* integer, we have the string they're trying to match.
|
|
* -><-
|
|
*/
|
|
dfilter_fail(dfw, "\"%s\" cannot accept [custom] strings as values.",
|
|
hfinfo->abbrev);
|
|
}
|
|
else {
|
|
const value_string *vals = (const value_string *)hfinfo->strings;
|
|
if (hfinfo->display & BASE_EXT_STRING)
|
|
vals = VALUE_STRING_EXT_VS_P((const value_string_ext *) vals);
|
|
|
|
while (vals->strptr != NULL) {
|
|
if (g_ascii_strcasecmp(s, vals->strptr) == 0) {
|
|
return mk_uint32_fvalue(vals->value);
|
|
}
|
|
vals++;
|
|
}
|
|
dfilter_fail(dfw, "\"%s\" cannot be found among the possible values for %s.",
|
|
s, hfinfo->abbrev);
|
|
}
|
|
return NULL;
|
|
}
|
|
|
|
static gboolean
|
|
is_bytes_type(enum ftenum type)
|
|
{
|
|
switch(type) {
|
|
case FT_AX25:
|
|
case FT_VINES:
|
|
case FT_FCWWN:
|
|
case FT_ETHER:
|
|
case FT_BYTES:
|
|
case FT_UINT_BYTES:
|
|
case FT_IPv6:
|
|
case FT_GUID:
|
|
case FT_OID:
|
|
case FT_REL_OID:
|
|
case FT_SYSTEM_ID:
|
|
return TRUE;
|
|
|
|
case FT_NONE:
|
|
case FT_PROTOCOL:
|
|
case FT_FLOAT:
|
|
case FT_DOUBLE:
|
|
case FT_IEEE_11073_SFLOAT:
|
|
case FT_IEEE_11073_FLOAT:
|
|
case FT_ABSOLUTE_TIME:
|
|
case FT_RELATIVE_TIME:
|
|
case FT_IPv4:
|
|
case FT_IPXNET:
|
|
case FT_STRING:
|
|
case FT_STRINGZ:
|
|
case FT_UINT_STRING:
|
|
case FT_STRINGZPAD:
|
|
case FT_STRINGZTRUNC:
|
|
case FT_BOOLEAN:
|
|
case FT_FRAMENUM:
|
|
case FT_CHAR:
|
|
case FT_UINT8:
|
|
case FT_UINT16:
|
|
case FT_UINT24:
|
|
case FT_UINT32:
|
|
case FT_UINT40:
|
|
case FT_UINT48:
|
|
case FT_UINT56:
|
|
case FT_UINT64:
|
|
case FT_INT8:
|
|
case FT_INT16:
|
|
case FT_INT24:
|
|
case FT_INT32:
|
|
case FT_INT40:
|
|
case FT_INT48:
|
|
case FT_INT56:
|
|
case FT_INT64:
|
|
case FT_EUI64:
|
|
return FALSE;
|
|
|
|
case FT_NUM_TYPES:
|
|
ws_assert_not_reached();
|
|
}
|
|
|
|
ws_assert_not_reached();
|
|
return FALSE;
|
|
}
|
|
|
|
/* Check the semantics of an existence test. */
|
|
static void
|
|
check_exists(dfwork_t *dfw, stnode_t *st_arg1)
|
|
{
|
|
switch (stnode_type_id(st_arg1)) {
|
|
case STTYPE_FIELD:
|
|
/* This is OK */
|
|
break;
|
|
case STTYPE_STRING:
|
|
case STTYPE_UNPARSED:
|
|
case STTYPE_CHARCONST:
|
|
FAIL(dfw, "%s is neither a field nor a protocol name.",
|
|
stnode_todisplay(st_arg1));
|
|
break;
|
|
|
|
case STTYPE_RANGE:
|
|
/*
|
|
* XXX - why not? Shouldn't "eth[3:2]" mean
|
|
* "check whether the 'eth' field is present and
|
|
* has at least 2 bytes starting at an offset of
|
|
* 3"?
|
|
*/
|
|
FAIL(dfw, "You cannot test whether a range is present.");
|
|
break;
|
|
|
|
case STTYPE_FUNCTION:
|
|
/* XXX - Maybe we should change functions so they can return fields,
|
|
* in which case the 'exist' should be fine. */
|
|
FAIL(dfw, "You cannot test whether a function is present.");
|
|
break;
|
|
|
|
default:
|
|
ws_assert_not_reached();
|
|
}
|
|
}
|
|
|
|
static void
|
|
check_drange_sanity(dfwork_t *dfw, stnode_t *st)
|
|
{
|
|
stnode_t *entity1;
|
|
header_field_info *hfinfo1;
|
|
ftenum_t ftype1;
|
|
|
|
entity1 = sttype_range_entity(st);
|
|
ws_assert(entity1);
|
|
|
|
if (stnode_type_id(entity1) == STTYPE_FIELD) {
|
|
hfinfo1 = stnode_data(entity1);
|
|
ftype1 = hfinfo1->type;
|
|
|
|
if (!ftype_can_slice(ftype1)) {
|
|
FAIL(dfw, "\"%s\" is a %s and cannot be sliced into a sequence of bytes.",
|
|
hfinfo1->abbrev, ftype_pretty_name(ftype1));
|
|
}
|
|
} else if (stnode_type_id(entity1) == STTYPE_FUNCTION) {
|
|
df_func_def_t *funcdef = sttype_function_funcdef(entity1);
|
|
ftype1 = funcdef->retval_ftype;
|
|
|
|
if (!ftype_can_slice(ftype1)) {
|
|
FAIL(dfw, "Return value of function \"%s\" is a %s and cannot be converted into a sequence of bytes.",
|
|
funcdef->name, ftype_pretty_name(ftype1));
|
|
}
|
|
|
|
check_function(dfw, entity1);
|
|
} else if (stnode_type_id(entity1) == STTYPE_RANGE) {
|
|
/* Should this be rejected instead? */
|
|
check_drange_sanity(dfw, entity1);
|
|
} else {
|
|
FAIL(dfw, "Range is not supported for entity %s of type %s",
|
|
stnode_todisplay(entity1), stnode_type_name(entity1));
|
|
}
|
|
}
|
|
|
|
static void
|
|
convert_to_bytes(stnode_t *arg)
|
|
{
|
|
stnode_t *entity1;
|
|
drange_node *rn;
|
|
|
|
entity1 = stnode_dup(arg);
|
|
rn = drange_node_new();
|
|
drange_node_set_start_offset(rn, 0);
|
|
drange_node_set_to_the_end(rn);
|
|
|
|
stnode_replace(arg, STTYPE_RANGE, NULL);
|
|
sttype_range_set1(arg, entity1, rn);
|
|
}
|
|
|
|
static void
|
|
check_function(dfwork_t *dfw, stnode_t *st_node)
|
|
{
|
|
df_func_def_t *funcdef;
|
|
GSList *params;
|
|
guint iparam;
|
|
guint nparams;
|
|
|
|
funcdef = sttype_function_funcdef(st_node);
|
|
params = sttype_function_params(st_node);
|
|
nparams = g_slist_length(params);
|
|
|
|
if (nparams < funcdef->min_nargs) {
|
|
FAIL(dfw, "Function %s needs at least %u arguments.",
|
|
funcdef->name, funcdef->min_nargs);
|
|
} else if (nparams > funcdef->max_nargs) {
|
|
FAIL(dfw, "Function %s can only accept %u arguments.",
|
|
funcdef->name, funcdef->max_nargs);
|
|
}
|
|
|
|
iparam = 0;
|
|
while (params) {
|
|
funcdef->semcheck_param_function(dfw, funcdef->name, iparam, params->data);
|
|
params = params->next;
|
|
iparam++;
|
|
}
|
|
}
|
|
|
|
WS_RETNONNULL
|
|
static fvalue_t *
|
|
dfilter_fvalue_from_charconst(dfwork_t *dfw, ftenum_t ftype, stnode_t *st)
|
|
{
|
|
fvalue_t *fvalue;
|
|
unsigned long *nump = stnode_data(st);
|
|
|
|
fvalue = fvalue_from_charconst(ftype, *nump,
|
|
dfw->error_message == NULL ? &dfw->error_message : NULL);
|
|
if (fvalue == NULL)
|
|
THROW(TypeError);
|
|
|
|
return fvalue;
|
|
}
|
|
|
|
/* If the LHS of a relation test is a FIELD, run some checks
|
|
* and possibly some modifications of syntax tree nodes. */
|
|
static void
|
|
check_relation_LHS_FIELD(dfwork_t *dfw, test_op_t st_op,
|
|
FtypeCanFunc can_func, gboolean allow_partial_value,
|
|
stnode_t *st_node,
|
|
stnode_t *st_arg1, stnode_t *st_arg2)
|
|
{
|
|
sttype_id_t type2;
|
|
header_field_info *hfinfo1, *hfinfo2;
|
|
df_func_def_t *funcdef;
|
|
ftenum_t ftype1, ftype2;
|
|
fvalue_t *fvalue;
|
|
|
|
type2 = stnode_type_id(st_arg2);
|
|
|
|
hfinfo1 = stnode_data(st_arg1);
|
|
ftype1 = hfinfo1->type;
|
|
|
|
if (!can_func(ftype1)) {
|
|
FAIL(dfw, "%s (type=%s) cannot participate in %s comparison.",
|
|
hfinfo1->abbrev, ftype_pretty_name(ftype1),
|
|
stnode_todisplay(st_node));
|
|
}
|
|
|
|
if (type2 == STTYPE_FIELD) {
|
|
hfinfo2 = stnode_data(st_arg2);
|
|
ftype2 = hfinfo2->type;
|
|
|
|
if (!compatible_ftypes(ftype1, ftype2)) {
|
|
FAIL(dfw, "%s and %s are not of compatible types.",
|
|
hfinfo1->abbrev, hfinfo2->abbrev);
|
|
}
|
|
/* Do this check even though you'd think that if
|
|
* they're compatible, then can_func() would pass. */
|
|
if (!can_func(ftype2)) {
|
|
FAIL(dfw, "%s (type=%s) cannot participate in specified comparison.",
|
|
hfinfo2->abbrev, ftype_pretty_name(ftype2));
|
|
}
|
|
}
|
|
else if (type2 == STTYPE_STRING || type2 == STTYPE_UNPARSED) {
|
|
/* Skip incompatible fields */
|
|
while (hfinfo1->same_name_prev_id != -1 &&
|
|
((type2 == STTYPE_STRING && ftype1 != FT_STRING && ftype1!= FT_STRINGZ) ||
|
|
(type2 != STTYPE_STRING && (ftype1 == FT_STRING || ftype1== FT_STRINGZ)))) {
|
|
hfinfo1 = proto_registrar_get_nth(hfinfo1->same_name_prev_id);
|
|
ftype1 = hfinfo1->type;
|
|
}
|
|
|
|
if (type2 == STTYPE_STRING) {
|
|
fvalue = dfilter_fvalue_from_string(dfw, ftype1, st_arg2, hfinfo1);
|
|
}
|
|
else {
|
|
fvalue = dfilter_fvalue_from_unparsed(dfw, ftype1, st_arg2, allow_partial_value, hfinfo1);
|
|
}
|
|
stnode_replace(st_arg2, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_CHARCONST) {
|
|
fvalue = dfilter_fvalue_from_charconst(dfw, ftype1, st_arg2);
|
|
stnode_replace(st_arg2, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_RANGE) {
|
|
check_drange_sanity(dfw, st_arg2);
|
|
if (!is_bytes_type(ftype1)) {
|
|
if (!ftype_can_slice(ftype1)) {
|
|
FAIL(dfw, "\"%s\" is a %s and cannot be converted into a sequence of bytes.",
|
|
hfinfo1->abbrev,
|
|
ftype_pretty_name(ftype1));
|
|
}
|
|
|
|
/* Convert entire field to bytes */
|
|
convert_to_bytes(st_arg1);
|
|
}
|
|
}
|
|
else if (type2 == STTYPE_FUNCTION) {
|
|
funcdef = sttype_function_funcdef(st_arg2);
|
|
ftype2 = funcdef->retval_ftype;
|
|
|
|
if (!compatible_ftypes(ftype1, ftype2)) {
|
|
FAIL(dfw, "%s (type=%s) and return value of %s() (type=%s) are not of compatible types.",
|
|
hfinfo1->abbrev, ftype_pretty_name(ftype1),
|
|
funcdef->name, ftype_pretty_name(ftype2));
|
|
}
|
|
|
|
if (!can_func(ftype2)) {
|
|
FAIL(dfw, "return value of %s() (type=%s) cannot participate in specified comparison.",
|
|
funcdef->name, ftype_pretty_name(ftype2));
|
|
}
|
|
|
|
check_function(dfw, st_arg2);
|
|
}
|
|
else if (type2 == STTYPE_PCRE) {
|
|
ws_assert(st_op == TEST_OP_MATCHES);
|
|
}
|
|
else {
|
|
ws_assert_not_reached();
|
|
}
|
|
}
|
|
|
|
static void
|
|
check_relation_LHS_STRING(dfwork_t *dfw, test_op_t st_op _U_,
|
|
FtypeCanFunc can_func, gboolean allow_partial_value _U_,
|
|
stnode_t *st_node,
|
|
stnode_t *st_arg1, stnode_t *st_arg2)
|
|
{
|
|
sttype_id_t type2;
|
|
header_field_info *hfinfo2;
|
|
df_func_def_t *funcdef;
|
|
ftenum_t ftype2;
|
|
fvalue_t *fvalue;
|
|
|
|
type2 = stnode_type_id(st_arg2);
|
|
|
|
if (type2 == STTYPE_FIELD) {
|
|
hfinfo2 = stnode_data(st_arg2);
|
|
ftype2 = hfinfo2->type;
|
|
|
|
if (!can_func(ftype2)) {
|
|
FAIL(dfw, "%s (type=%s) cannot participate in %s comparison.",
|
|
hfinfo2->abbrev, ftype_pretty_name(ftype2),
|
|
stnode_todisplay(st_node));
|
|
}
|
|
|
|
fvalue = dfilter_fvalue_from_string(dfw, ftype2, st_arg1, hfinfo2);
|
|
stnode_replace(st_arg1, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_STRING || type2 == STTYPE_UNPARSED ||
|
|
type2 == STTYPE_CHARCONST) {
|
|
/* Well now that's silly... */
|
|
FAIL(dfw, "Neither %s nor %s are field or protocol names.",
|
|
stnode_todisplay(st_arg1),
|
|
stnode_todisplay(st_arg2));
|
|
}
|
|
else if (type2 == STTYPE_RANGE) {
|
|
check_drange_sanity(dfw, st_arg2);
|
|
fvalue = dfilter_fvalue_from_string(dfw, FT_BYTES, st_arg1, NULL);
|
|
stnode_replace(st_arg1, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_FUNCTION) {
|
|
check_function(dfw, st_arg2);
|
|
|
|
funcdef = sttype_function_funcdef(st_arg2);
|
|
ftype2 = funcdef->retval_ftype;
|
|
|
|
if (!can_func(ftype2)) {
|
|
FAIL(dfw, "Return value of function %s (type=%s) cannot participate in %s comparison.",
|
|
funcdef->name, ftype_pretty_name(ftype2),
|
|
stnode_todisplay(st_node));
|
|
}
|
|
|
|
fvalue = dfilter_fvalue_from_string(dfw, ftype2, st_arg1, NULL);
|
|
stnode_replace(st_arg1, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else {
|
|
ws_assert_not_reached();
|
|
}
|
|
}
|
|
|
|
static void
|
|
check_relation_LHS_UNPARSED(dfwork_t *dfw, test_op_t st_op _U_,
|
|
FtypeCanFunc can_func, gboolean allow_partial_value,
|
|
stnode_t *st_node,
|
|
stnode_t *st_arg1, stnode_t *st_arg2)
|
|
{
|
|
sttype_id_t type2;
|
|
header_field_info *hfinfo2;
|
|
df_func_def_t *funcdef;
|
|
ftenum_t ftype2;
|
|
fvalue_t *fvalue;
|
|
|
|
type2 = stnode_type_id(st_arg2);
|
|
|
|
if (type2 == STTYPE_FIELD) {
|
|
hfinfo2 = stnode_data(st_arg2);
|
|
ftype2 = hfinfo2->type;
|
|
|
|
if (!can_func(ftype2)) {
|
|
FAIL(dfw, "%s (type=%s) cannot participate in %s comparison.",
|
|
hfinfo2->abbrev, ftype_pretty_name(ftype2),
|
|
stnode_todisplay(st_node));
|
|
}
|
|
|
|
fvalue = dfilter_fvalue_from_unparsed(dfw, ftype2, st_arg1, allow_partial_value, hfinfo2);
|
|
stnode_replace(st_arg1, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_STRING || type2 == STTYPE_UNPARSED ||
|
|
type2 == STTYPE_CHARCONST) {
|
|
/* Well now that's silly... */
|
|
FAIL(dfw, "Neither %s nor %s are field or protocol names.",
|
|
stnode_todisplay(st_arg1),
|
|
stnode_todisplay(st_arg2));
|
|
}
|
|
else if (type2 == STTYPE_RANGE) {
|
|
check_drange_sanity(dfw, st_arg2);
|
|
fvalue = dfilter_fvalue_from_unparsed(dfw, FT_BYTES, st_arg1, allow_partial_value, NULL);
|
|
stnode_replace(st_arg1, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_FUNCTION) {
|
|
check_function(dfw, st_arg2);
|
|
|
|
funcdef = sttype_function_funcdef(st_arg2);
|
|
ftype2 = funcdef->retval_ftype;
|
|
|
|
if (!can_func(ftype2)) {
|
|
FAIL(dfw, "return value of function %s() (type=%s) cannot participate in %s comparison.",
|
|
funcdef->name, ftype_pretty_name(ftype2), stnode_todisplay(st_node));
|
|
}
|
|
|
|
fvalue = dfilter_fvalue_from_unparsed(dfw, ftype2, st_arg1, allow_partial_value, NULL);
|
|
stnode_replace(st_arg1, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else {
|
|
ws_assert_not_reached();
|
|
}
|
|
}
|
|
|
|
static void
|
|
check_relation_LHS_CHARCONST(dfwork_t *dfw, test_op_t st_op _U_,
|
|
FtypeCanFunc can_func, gboolean allow_partial_value _U_,
|
|
stnode_t *st_node,
|
|
stnode_t *st_arg1, stnode_t *st_arg2)
|
|
{
|
|
sttype_id_t type2;
|
|
header_field_info *hfinfo2;
|
|
df_func_def_t *funcdef;
|
|
ftenum_t ftype2;
|
|
fvalue_t *fvalue;
|
|
|
|
type2 = stnode_type_id(st_arg2);
|
|
|
|
if (type2 == STTYPE_FIELD) {
|
|
hfinfo2 = stnode_data(st_arg2);
|
|
ftype2 = hfinfo2->type;
|
|
|
|
if (!can_func(ftype2)) {
|
|
FAIL(dfw, "%s (type=%s) cannot participate in %s comparison.",
|
|
hfinfo2->abbrev, ftype_pretty_name(ftype2),
|
|
stnode_todisplay(st_node));
|
|
}
|
|
|
|
fvalue = dfilter_fvalue_from_charconst(dfw, ftype2, st_arg1);
|
|
stnode_replace(st_arg1, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_STRING || type2 == STTYPE_UNPARSED ||
|
|
type2 == STTYPE_CHARCONST) {
|
|
/* Well now that's silly... */
|
|
FAIL(dfw, "Neither %s nor %s are field or protocol names.",
|
|
stnode_todisplay(st_arg1),
|
|
stnode_todisplay(st_arg2));
|
|
}
|
|
else if (type2 == STTYPE_RANGE) {
|
|
check_drange_sanity(dfw, st_arg2);
|
|
fvalue = dfilter_fvalue_from_charconst(dfw, FT_BYTES, st_arg1);
|
|
stnode_replace(st_arg1, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_FUNCTION) {
|
|
check_function(dfw, st_arg2);
|
|
|
|
funcdef = sttype_function_funcdef(st_arg2);
|
|
ftype2 = funcdef->retval_ftype;
|
|
|
|
if (!can_func(ftype2)) {
|
|
FAIL(dfw, "return value of function %s() (type=%s) cannot participate in %s comparison.",
|
|
funcdef->name, ftype_pretty_name(ftype2), stnode_todisplay(st_node));
|
|
}
|
|
|
|
fvalue = dfilter_fvalue_from_charconst(dfw, ftype2, st_arg1);
|
|
stnode_replace(st_arg1, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else {
|
|
ws_assert_not_reached();
|
|
}
|
|
}
|
|
|
|
static void
|
|
check_relation_LHS_RANGE(dfwork_t *dfw, test_op_t st_op,
|
|
FtypeCanFunc can_func _U_,
|
|
gboolean allow_partial_value,
|
|
stnode_t *st_node _U_,
|
|
stnode_t *st_arg1, stnode_t *st_arg2)
|
|
{
|
|
sttype_id_t type2;
|
|
header_field_info *hfinfo2;
|
|
ftenum_t ftype2;
|
|
fvalue_t *fvalue;
|
|
|
|
check_drange_sanity(dfw, st_arg1);
|
|
|
|
type2 = stnode_type_id(st_arg2);
|
|
|
|
if (type2 == STTYPE_FIELD) {
|
|
hfinfo2 = stnode_data(st_arg2);
|
|
ftype2 = hfinfo2->type;
|
|
|
|
if (!is_bytes_type(ftype2)) {
|
|
if (!ftype_can_slice(ftype2)) {
|
|
FAIL(dfw, "\"%s\" is a %s and cannot be converted into a sequence of bytes.",
|
|
hfinfo2->abbrev,
|
|
ftype_pretty_name(ftype2));
|
|
}
|
|
|
|
/* Convert entire field to bytes */
|
|
convert_to_bytes(st_arg2);
|
|
}
|
|
}
|
|
else if (type2 == STTYPE_STRING) {
|
|
fvalue = dfilter_fvalue_from_string(dfw, FT_BYTES, st_arg2, NULL);
|
|
stnode_replace(st_arg2, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_UNPARSED) {
|
|
fvalue = dfilter_fvalue_from_unparsed(dfw, FT_BYTES, st_arg2, allow_partial_value, NULL);
|
|
stnode_replace(st_arg2, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_CHARCONST) {
|
|
fvalue = dfilter_fvalue_from_charconst(dfw, FT_BYTES, st_arg2);
|
|
stnode_replace(st_arg2, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_RANGE) {
|
|
check_drange_sanity(dfw, st_arg2);
|
|
}
|
|
else if (type2 == STTYPE_FUNCTION) {
|
|
df_func_def_t *funcdef = sttype_function_funcdef(st_arg2);
|
|
ftype2 = funcdef->retval_ftype;
|
|
|
|
if (!is_bytes_type(ftype2)) {
|
|
if (!ftype_can_slice(ftype2)) {
|
|
FAIL(dfw, "Return value of function \"%s\" is a %s and cannot be converted into a sequence of bytes.",
|
|
funcdef->name,
|
|
ftype_pretty_name(ftype2));
|
|
}
|
|
|
|
/* Convert function result to bytes */
|
|
convert_to_bytes(st_arg2);
|
|
}
|
|
|
|
check_function(dfw, st_arg2);
|
|
}
|
|
else if (type2 == STTYPE_PCRE) {
|
|
ws_assert(st_op == TEST_OP_MATCHES);
|
|
}
|
|
else {
|
|
ws_assert_not_reached();
|
|
}
|
|
}
|
|
|
|
/* If the LHS of a relation test is a FUNCTION, run some checks
|
|
* and possibly some modifications of syntax tree nodes. */
|
|
static void
|
|
check_relation_LHS_FUNCTION(dfwork_t *dfw, test_op_t st_op,
|
|
FtypeCanFunc can_func, gboolean allow_partial_value,
|
|
stnode_t *st_node,
|
|
stnode_t *st_arg1, stnode_t *st_arg2)
|
|
{
|
|
sttype_id_t type2;
|
|
header_field_info *hfinfo2;
|
|
ftenum_t ftype1, ftype2;
|
|
fvalue_t *fvalue;
|
|
df_func_def_t *funcdef;
|
|
df_func_def_t *funcdef2;
|
|
/* GSList *params; */
|
|
|
|
check_function(dfw, st_arg1);
|
|
type2 = stnode_type_id(st_arg2);
|
|
|
|
funcdef = sttype_function_funcdef(st_arg1);
|
|
ftype1 = funcdef->retval_ftype;
|
|
|
|
if (!can_func(ftype1)) {
|
|
FAIL(dfw, "Function %s (type=%s) cannot participate in %s comparison.",
|
|
funcdef->name, ftype_pretty_name(ftype1),
|
|
stnode_todisplay(st_node));
|
|
}
|
|
|
|
if (type2 == STTYPE_FIELD) {
|
|
hfinfo2 = stnode_data(st_arg2);
|
|
ftype2 = hfinfo2->type;
|
|
|
|
if (!compatible_ftypes(ftype1, ftype2)) {
|
|
FAIL(dfw, "Function %s and %s are not of compatible types.",
|
|
funcdef->name, hfinfo2->abbrev);
|
|
}
|
|
/* Do this check even though you'd think that if
|
|
* they're compatible, then can_func() would pass. */
|
|
if (!can_func(ftype2)) {
|
|
FAIL(dfw, "%s (type=%s) cannot participate in specified comparison.",
|
|
hfinfo2->abbrev, ftype_pretty_name(ftype2));
|
|
}
|
|
}
|
|
else if (type2 == STTYPE_STRING) {
|
|
fvalue = dfilter_fvalue_from_string(dfw, ftype1, st_arg2, NULL);
|
|
stnode_replace(st_arg2, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_UNPARSED) {
|
|
fvalue = dfilter_fvalue_from_unparsed(dfw, ftype1, st_arg2, allow_partial_value, NULL);
|
|
stnode_replace(st_arg2, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_CHARCONST) {
|
|
fvalue = dfilter_fvalue_from_charconst(dfw, ftype1, st_arg2);
|
|
stnode_replace(st_arg2, STTYPE_FVALUE, fvalue);
|
|
}
|
|
else if (type2 == STTYPE_RANGE) {
|
|
check_drange_sanity(dfw, st_arg2);
|
|
if (!is_bytes_type(ftype1)) {
|
|
if (!ftype_can_slice(ftype1)) {
|
|
FAIL(dfw, "Function \"%s\" is a %s and cannot be converted into a sequence of bytes.",
|
|
funcdef->name,
|
|
ftype_pretty_name(ftype1));
|
|
}
|
|
|
|
/* Convert function result to bytes */
|
|
convert_to_bytes(st_arg1);
|
|
}
|
|
}
|
|
else if (type2 == STTYPE_FUNCTION) {
|
|
funcdef2 = sttype_function_funcdef(st_arg2);
|
|
ftype2 = funcdef2->retval_ftype;
|
|
|
|
if (!compatible_ftypes(ftype1, ftype2)) {
|
|
FAIL(dfw, "Return values of function %s (type=%s) and function %s (type=%s) are not of compatible types.",
|
|
funcdef->name, ftype_pretty_name(ftype1), funcdef2->name, ftype_pretty_name(ftype2));
|
|
}
|
|
|
|
/* Do this check even though you'd think that if
|
|
* they're compatible, then can_func() would pass. */
|
|
if (!can_func(ftype2)) {
|
|
FAIL(dfw, "Return value of %s (type=%s) cannot participate in specified comparison.",
|
|
funcdef2->name, ftype_pretty_name(ftype2));
|
|
}
|
|
|
|
check_function(dfw, st_arg2);
|
|
}
|
|
else if (type2 == STTYPE_PCRE) {
|
|
ws_assert(st_op == TEST_OP_MATCHES);
|
|
}
|
|
else {
|
|
ws_assert_not_reached();
|
|
}
|
|
}
|
|
|
|
|
|
/* Check the semantics of any relational test. */
|
|
static void
|
|
check_relation(dfwork_t *dfw, test_op_t st_op,
|
|
FtypeCanFunc can_func, gboolean allow_partial_value,
|
|
stnode_t *st_node, stnode_t *st_arg1, stnode_t *st_arg2)
|
|
{
|
|
switch (stnode_type_id(st_arg1)) {
|
|
case STTYPE_FIELD:
|
|
check_relation_LHS_FIELD(dfw, st_op, can_func,
|
|
allow_partial_value, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case STTYPE_STRING:
|
|
check_relation_LHS_STRING(dfw, st_op, can_func,
|
|
allow_partial_value, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case STTYPE_RANGE:
|
|
check_relation_LHS_RANGE(dfw, st_op, can_func,
|
|
allow_partial_value, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case STTYPE_UNPARSED:
|
|
check_relation_LHS_UNPARSED(dfw, st_op, can_func,
|
|
allow_partial_value, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case STTYPE_CHARCONST:
|
|
check_relation_LHS_CHARCONST(dfw, st_op, can_func,
|
|
allow_partial_value, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case STTYPE_FUNCTION:
|
|
check_relation_LHS_FUNCTION(dfw, st_op, can_func,
|
|
allow_partial_value, st_node, st_arg1, st_arg2);
|
|
break;
|
|
|
|
default:
|
|
ws_assert_not_reached();
|
|
}
|
|
}
|
|
|
|
static void
|
|
check_relation_contains(dfwork_t *dfw, stnode_t *st_node,
|
|
stnode_t *st_arg1, stnode_t *st_arg2)
|
|
{
|
|
/* Protocol can only be on LHS for "contains".
|
|
* Check to see if protocol is on RHS, and re-interpret it as UNPARSED
|
|
* instead. The subsequent functions will parse it according to the
|
|
* existing rules for unparsed unquoted strings.
|
|
*
|
|
* This catches the case where the user has written "fc" on the RHS,
|
|
* probably intending a byte value rather than the fibre channel
|
|
* protocol, or similar for a number of other possibilities
|
|
* ("dc", "ff", "fefd"), and also catches the case where the user
|
|
* has written a generic string on the RHS. (The now unparsed value
|
|
* will be interpreted in a way that matches the LHS; e.g.
|
|
* FT_PROTOCOL and FT_BYTES fields expect byte arrays whereas
|
|
* FT_STRING[Z][PAD] fields expect strings.)
|
|
*
|
|
* XXX: Is there a better way to do this in the grammar parser,
|
|
* which now determines whether something is a field?
|
|
*/
|
|
|
|
if (stnode_type_id(st_arg2) == STTYPE_FIELD) {
|
|
header_field_info *hfinfo = stnode_data(st_arg2);
|
|
if (hfinfo->type == FT_PROTOCOL) {
|
|
/* Send it through as unparsed and all the other
|
|
* functions will take care of it as if it didn't
|
|
* match a protocol string.
|
|
*/
|
|
stnode_replace(st_arg2, STTYPE_UNPARSED, g_strdup(hfinfo->abbrev));
|
|
}
|
|
}
|
|
|
|
switch (stnode_type_id(st_arg1)) {
|
|
case STTYPE_FIELD:
|
|
check_relation_LHS_FIELD(dfw, TEST_OP_CONTAINS, ftype_can_contains,
|
|
TRUE, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case STTYPE_FUNCTION:
|
|
check_relation_LHS_FUNCTION(dfw, TEST_OP_CONTAINS, ftype_can_contains,
|
|
TRUE, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case STTYPE_RANGE:
|
|
check_relation_LHS_RANGE(dfw, TEST_OP_CONTAINS, ftype_can_contains,
|
|
TRUE, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case STTYPE_STRING:
|
|
case STTYPE_UNPARSED:
|
|
case STTYPE_CHARCONST:
|
|
FAIL(dfw, "%s is not a valid operand for contains.", stnode_todisplay(st_arg1));
|
|
break;
|
|
default:
|
|
ws_assert_not_reached();
|
|
}
|
|
}
|
|
|
|
static void
|
|
check_relation_matches(dfwork_t *dfw, stnode_t *st_node,
|
|
stnode_t *st_arg1, stnode_t *st_arg2)
|
|
{
|
|
ws_regex_t *pcre;
|
|
char *errmsg = NULL;
|
|
const char *patt;
|
|
|
|
if (stnode_type_id(st_arg2) != STTYPE_STRING) {
|
|
FAIL(dfw, "Matches requires a double quoted string on the right side.");
|
|
}
|
|
|
|
patt = stnode_data(st_arg2);
|
|
ws_debug("Compile regex pattern: %s", patt);
|
|
|
|
pcre = ws_regex_compile(patt, &errmsg);
|
|
if (errmsg) {
|
|
dfilter_fail(dfw, "Regex compilation error: %s.", errmsg);
|
|
g_free(errmsg);
|
|
THROW(TypeError);
|
|
}
|
|
|
|
stnode_replace(st_arg2, STTYPE_PCRE, pcre);
|
|
|
|
switch (stnode_type_id(st_arg1)) {
|
|
case STTYPE_FIELD:
|
|
check_relation_LHS_FIELD(dfw, TEST_OP_MATCHES, ftype_can_matches,
|
|
TRUE, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case STTYPE_FUNCTION:
|
|
check_relation_LHS_FUNCTION(dfw, TEST_OP_MATCHES, ftype_can_matches,
|
|
TRUE, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case STTYPE_RANGE:
|
|
check_relation_LHS_RANGE(dfw, TEST_OP_MATCHES, ftype_can_matches,
|
|
TRUE, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case STTYPE_STRING:
|
|
case STTYPE_UNPARSED:
|
|
case STTYPE_CHARCONST:
|
|
FAIL(dfw, "Matches requires a field-like value on the left side.");
|
|
break;
|
|
default:
|
|
ws_assert_not_reached();
|
|
}
|
|
}
|
|
|
|
static void
|
|
check_relation_in(dfwork_t *dfw, stnode_t *st_node _U_,
|
|
stnode_t *st_arg1, stnode_t *st_arg2)
|
|
{
|
|
GSList *nodelist;
|
|
stnode_t *node_left, *node_right;
|
|
|
|
if (stnode_type_id(st_arg1) != STTYPE_FIELD) {
|
|
FAIL(dfw, "Only a field may be tested for membership in a set.");
|
|
}
|
|
/* Checked in the grammar parser. */
|
|
ws_assert(stnode_type_id(st_arg2) == STTYPE_SET);
|
|
|
|
/* Attempt to interpret one element of the set at a time. Each
|
|
* element is represented by two items in the list, the element
|
|
* value and NULL. Both will be replaced by a lower and upper
|
|
* value if the element is a range. */
|
|
nodelist = stnode_data(st_arg2);
|
|
while (nodelist) {
|
|
node_left = nodelist->data;
|
|
|
|
/* Don't let a range on the RHS affect the LHS field. */
|
|
if (stnode_type_id(node_left) == STTYPE_RANGE) {
|
|
FAIL(dfw, "A range may not appear inside a set.");
|
|
break;
|
|
}
|
|
|
|
nodelist = g_slist_next(nodelist);
|
|
ws_assert(nodelist);
|
|
node_right = nodelist->data;
|
|
if (node_right) {
|
|
check_relation_LHS_FIELD(dfw, TEST_OP_GE, ftype_can_cmp,
|
|
FALSE, st_node, st_arg1, node_left);
|
|
check_relation_LHS_FIELD(dfw, TEST_OP_LE, ftype_can_cmp,
|
|
FALSE, st_node, st_arg1, node_right);
|
|
} else {
|
|
check_relation_LHS_FIELD(dfw, TEST_OP_ANY_EQ, ftype_can_eq,
|
|
FALSE, st_node, st_arg1, node_left);
|
|
}
|
|
nodelist = g_slist_next(nodelist);
|
|
}
|
|
}
|
|
|
|
/* Check the semantics of any type of TEST */
|
|
static void
|
|
check_test(dfwork_t *dfw, stnode_t *st_node)
|
|
{
|
|
test_op_t st_op, st_arg_op;
|
|
stnode_t *st_arg1, *st_arg2;
|
|
|
|
log_test(st_node);
|
|
|
|
sttype_test_get(st_node, &st_op, &st_arg1, &st_arg2);
|
|
|
|
switch (st_op) {
|
|
case TEST_OP_UNINITIALIZED:
|
|
ws_assert_not_reached();
|
|
break;
|
|
|
|
case TEST_OP_EXISTS:
|
|
check_exists(dfw, st_arg1);
|
|
break;
|
|
|
|
case TEST_OP_NOT:
|
|
semcheck(dfw, st_arg1);
|
|
break;
|
|
|
|
case TEST_OP_AND:
|
|
case TEST_OP_OR:
|
|
if (stnode_type_id(st_arg1) == STTYPE_TEST) {
|
|
sttype_test_get(st_arg1, &st_arg_op, NULL, NULL);
|
|
if (st_arg_op == TEST_OP_AND || st_arg_op == TEST_OP_OR) {
|
|
if (st_op != st_arg_op && !stnode_inside_parens(st_arg1))
|
|
add_deprecated_token(dfw, "suggest parentheses around '&&' within '||'");
|
|
}
|
|
}
|
|
|
|
if (stnode_type_id(st_arg2) == STTYPE_TEST) {
|
|
sttype_test_get(st_arg2, &st_arg_op, NULL, NULL);
|
|
if (st_arg_op == TEST_OP_AND || st_arg_op == TEST_OP_OR) {
|
|
if (st_op != st_arg_op && !stnode_inside_parens(st_arg2))
|
|
add_deprecated_token(dfw, "suggest parentheses around '&&' within '||'");
|
|
}
|
|
}
|
|
|
|
semcheck(dfw, st_arg1);
|
|
semcheck(dfw, st_arg2);
|
|
break;
|
|
|
|
case TEST_OP_ANY_EQ:
|
|
case TEST_OP_ALL_NE:
|
|
case TEST_OP_ANY_NE:
|
|
check_relation(dfw, st_op, ftype_can_eq, FALSE, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case TEST_OP_GT:
|
|
case TEST_OP_GE:
|
|
case TEST_OP_LT:
|
|
case TEST_OP_LE:
|
|
check_relation(dfw, st_op, ftype_can_cmp, FALSE, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case TEST_OP_BITWISE_AND:
|
|
check_relation(dfw, st_op, ftype_can_bitwise_and, FALSE, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case TEST_OP_CONTAINS:
|
|
check_relation_contains(dfw, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case TEST_OP_MATCHES:
|
|
check_relation_matches(dfw, st_node, st_arg1, st_arg2);
|
|
break;
|
|
case TEST_OP_IN:
|
|
check_relation_in(dfw, st_node, st_arg1, st_arg2);
|
|
break;
|
|
|
|
default:
|
|
ws_assert_not_reached();
|
|
}
|
|
}
|
|
|
|
|
|
/* Check the entire syntax tree. */
|
|
static void
|
|
semcheck(dfwork_t *dfw, stnode_t *st_node)
|
|
{
|
|
/* The parser assures that the top-most syntax-tree
|
|
* node will be a TEST node, no matter what. So assert that. */
|
|
switch (stnode_type_id(st_node)) {
|
|
case STTYPE_TEST:
|
|
check_test(dfw, st_node);
|
|
break;
|
|
default:
|
|
ws_assert_not_reached();
|
|
}
|
|
}
|
|
|
|
|
|
/* Check the syntax tree for semantic errors, and convert
|
|
* some of the nodes into the form they need to be in order to
|
|
* later generate the DFVM bytecode. */
|
|
gboolean
|
|
dfw_semcheck(dfwork_t *dfw)
|
|
{
|
|
volatile gboolean ok_filter = TRUE;
|
|
|
|
ws_debug("Starting semantic check (dfw = %p)", dfw);
|
|
|
|
/* Instead of having to check for errors at every stage of
|
|
* the semantic-checking, the semantic-checking code will
|
|
* throw an exception if a problem is found. */
|
|
TRY {
|
|
semcheck(dfw, dfw->st_root);
|
|
}
|
|
CATCH(TypeError) {
|
|
ok_filter = FALSE;
|
|
}
|
|
ENDTRY;
|
|
|
|
ws_debug("Semantic check (dfw = %p) returns %s",
|
|
dfw, ok_filter ? "TRUE" : "FALSE");
|
|
|
|
return ok_filter;
|
|
}
|
|
|
|
/*
|
|
* Editor modelines - https://www.wireshark.org/tools/modelines.html
|
|
*
|
|
* Local variables:
|
|
* c-basic-offset: 8
|
|
* tab-width: 8
|
|
* indent-tabs-mode: t
|
|
* End:
|
|
*
|
|
* vi: set shiftwidth=8 tabstop=8 noexpandtab:
|
|
* :indentSize=8:tabSize=8:noTabs=false:
|
|
*/
|