1999-12-12 22:40:10 +00:00
|
|
|
/* i4btrace.c
|
|
|
|
*
|
|
|
|
* Wiretap Library
|
|
|
|
* Copyright (c) 1999 by Bert Driehuis <driehuis@playbeing.org>
|
|
|
|
*
|
2018-02-07 11:26:45 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
1999-12-12 22:40:10 +00:00
|
|
|
*/
|
2002-03-04 00:25:35 +00:00
|
|
|
|
1999-12-12 22:40:10 +00:00
|
|
|
#include "config.h"
|
|
|
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <errno.h>
|
2000-11-17 21:00:40 +00:00
|
|
|
#include <string.h>
|
2000-05-19 23:07:04 +00:00
|
|
|
#include "wtap-int.h"
|
2000-01-13 07:09:20 +00:00
|
|
|
#include "file_wrappers.h"
|
1999-12-12 22:40:10 +00:00
|
|
|
#include "i4b_trace.h"
|
2005-08-02 04:23:39 +00:00
|
|
|
#include "i4btrace.h"
|
1999-12-12 22:40:10 +00:00
|
|
|
|
2010-02-26 07:59:54 +00:00
|
|
|
typedef struct {
|
|
|
|
gboolean byte_swapped;
|
|
|
|
} i4btrace_t;
|
|
|
|
|
2014-05-23 10:50:02 +00:00
|
|
|
static gboolean i4btrace_read(wtap *wth, int *err, gchar **err_info,
|
2006-11-05 22:46:44 +00:00
|
|
|
gint64 *data_offset);
|
2014-05-23 10:50:02 +00:00
|
|
|
static gboolean i4btrace_seek_read(wtap *wth, gint64 seek_off,
|
2018-02-09 00:19:12 +00:00
|
|
|
wtap_rec *rec, Buffer *buf, int *err, gchar **err_info);
|
|
|
|
static int i4b_read_rec(wtap *wth, FILE_T fh, wtap_rec *rec,
|
2013-06-17 21:18:47 +00:00
|
|
|
Buffer *buf, int *err, gchar **err_info);
|
1999-12-12 22:40:10 +00:00
|
|
|
|
1999-12-15 02:25:50 +00:00
|
|
|
/*
|
|
|
|
* Test some fields in the header to see if they make sense.
|
|
|
|
*/
|
|
|
|
#define I4B_HDR_IS_OK(hdr) \
|
2014-06-16 22:00:23 +00:00
|
|
|
(!((unsigned int)hdr.length < 3 || (unsigned int)hdr.length > 16384 || \
|
|
|
|
(unsigned int)hdr.unit > 4 || (unsigned int)hdr.type > 4 || \
|
|
|
|
(unsigned int)hdr.dir > 2 || (unsigned int)hdr.trunc > 2048))
|
1999-12-15 02:25:50 +00:00
|
|
|
|
2014-10-09 23:44:15 +00:00
|
|
|
wtap_open_return_val i4btrace_open(wtap *wth, int *err, gchar **err_info)
|
1999-12-12 22:40:10 +00:00
|
|
|
{
|
|
|
|
i4b_trace_hdr_t hdr;
|
1999-12-15 02:25:50 +00:00
|
|
|
gboolean byte_swapped = FALSE;
|
2010-02-26 07:59:54 +00:00
|
|
|
i4btrace_t *i4btrace;
|
1999-12-12 22:40:10 +00:00
|
|
|
|
|
|
|
/* I4B trace files have no magic in the header... Sigh */
|
Add some higher-level file-read APIs and use them.
Add wtap_read_bytes(), which takes a FILE_T, a pointer, a byte count, an
error number pointer, and an error string pointer as arguments, and that
treats a short read of any sort, including a read that returns 0 bytes,
as a WTAP_ERR_SHORT_READ error, and that returns the error number and
string through its last two arguments.
Add wtap_read_bytes_or_eof(), which is similar, but that treats a read
that returns 0 bytes as an EOF, supplying an error number of 0 as an EOF
indication.
Use those in file readers; that simplifies the code and makes it less
likely that somebody will fail to supply the error number and error
string on a file read error.
Change-Id: Ia5dba2a6f81151e87b614461349d611cffc16210
Reviewed-on: https://code.wireshark.org/review/4512
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-10-07 01:00:57 +00:00
|
|
|
if (!wtap_read_bytes(wth->fh, &hdr, sizeof(hdr), err, err_info)) {
|
|
|
|
if (*err != WTAP_ERR_SHORT_READ)
|
2014-10-09 23:44:15 +00:00
|
|
|
return WTAP_OPEN_ERROR;
|
|
|
|
return WTAP_OPEN_NOT_MINE;
|
1999-12-12 22:40:10 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Silly heuristic... */
|
1999-12-15 02:25:50 +00:00
|
|
|
if (!I4B_HDR_IS_OK(hdr)) {
|
|
|
|
/*
|
|
|
|
* OK, try byte-swapping the header fields.
|
|
|
|
*/
|
2013-11-29 19:21:20 +00:00
|
|
|
hdr.length = GUINT32_SWAP_LE_BE(hdr.length);
|
|
|
|
hdr.unit = GUINT32_SWAP_LE_BE(hdr.unit);
|
|
|
|
hdr.type = GUINT32_SWAP_LE_BE(hdr.type);
|
|
|
|
hdr.dir = GUINT32_SWAP_LE_BE(hdr.dir);
|
|
|
|
hdr.trunc = GUINT32_SWAP_LE_BE(hdr.trunc);
|
1999-12-15 02:25:50 +00:00
|
|
|
if (!I4B_HDR_IS_OK(hdr)) {
|
|
|
|
/*
|
|
|
|
* It doesn't look valid in either byte order.
|
|
|
|
*/
|
2014-10-09 23:44:15 +00:00
|
|
|
return WTAP_OPEN_NOT_MINE;
|
1999-12-15 02:25:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* It looks valid byte-swapped, so assume it's a
|
|
|
|
* trace written in the opposite byte order.
|
|
|
|
*/
|
|
|
|
byte_swapped = TRUE;
|
|
|
|
}
|
1999-12-12 22:40:10 +00:00
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
if (file_seek(wth->fh, 0, SEEK_SET, err) == -1)
|
2014-10-09 23:44:15 +00:00
|
|
|
return WTAP_OPEN_ERROR;
|
1999-12-12 22:40:10 +00:00
|
|
|
|
|
|
|
/* Get capture start time */
|
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
wth->file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_I4BTRACE;
|
2010-02-26 07:59:54 +00:00
|
|
|
i4btrace = (i4btrace_t *)g_malloc(sizeof(i4btrace_t));
|
2014-05-09 05:18:49 +00:00
|
|
|
wth->priv = (void *)i4btrace;
|
|
|
|
wth->subtype_read = i4btrace_read;
|
|
|
|
wth->subtype_seek_read = i4btrace_seek_read;
|
|
|
|
wth->snapshot_length = 0; /* not known */
|
1999-12-12 22:40:10 +00:00
|
|
|
|
2010-02-26 07:59:54 +00:00
|
|
|
i4btrace->byte_swapped = byte_swapped;
|
1999-12-12 22:40:10 +00:00
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
wth->file_encap = WTAP_ENCAP_ISDN;
|
2014-09-28 18:37:06 +00:00
|
|
|
wth->file_tsprec = WTAP_TSPREC_USEC;
|
1999-12-12 22:40:10 +00:00
|
|
|
|
2014-10-09 23:44:15 +00:00
|
|
|
return WTAP_OPEN_MINE;
|
1999-12-12 22:40:10 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Read the next packet */
|
2014-05-23 10:50:02 +00:00
|
|
|
static gboolean i4btrace_read(wtap *wth, int *err, gchar **err_info,
|
2006-11-05 22:46:44 +00:00
|
|
|
gint64 *data_offset)
|
1999-12-12 22:40:10 +00:00
|
|
|
{
|
2014-05-09 05:18:49 +00:00
|
|
|
*data_offset = file_tell(wth->fh);
|
2013-05-17 06:08:40 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
return i4b_read_rec(wth, wth->fh, &wth->rec, wth->rec_data,
|
2014-05-23 10:50:02 +00:00
|
|
|
err, err_info);
|
2000-05-18 09:09:50 +00:00
|
|
|
}
|
|
|
|
|
2014-05-23 10:50:02 +00:00
|
|
|
static gboolean
|
2018-02-09 00:19:12 +00:00
|
|
|
i4btrace_seek_read(wtap *wth, gint64 seek_off, wtap_rec *rec,
|
2014-01-02 20:47:21 +00:00
|
|
|
Buffer *buf, int *err, gchar **err_info)
|
2000-05-18 09:09:50 +00:00
|
|
|
{
|
2014-05-09 05:18:49 +00:00
|
|
|
if (file_seek(wth->random_fh, seek_off, SEEK_SET, err) == -1)
|
2014-05-23 10:50:02 +00:00
|
|
|
return FALSE;
|
2000-05-18 09:09:50 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
if (!i4b_read_rec(wth, wth->random_fh, rec, buf, err, err_info)) {
|
2000-05-18 09:09:50 +00:00
|
|
|
/* Read error or EOF */
|
2013-06-17 21:18:47 +00:00
|
|
|
if (*err == 0) {
|
2002-03-05 05:58:41 +00:00
|
|
|
/* EOF means "short read" in random-access mode */
|
|
|
|
*err = WTAP_ERR_SHORT_READ;
|
|
|
|
}
|
2014-05-23 10:50:02 +00:00
|
|
|
return FALSE;
|
2000-05-18 09:09:50 +00:00
|
|
|
}
|
2014-05-23 10:50:02 +00:00
|
|
|
return TRUE;
|
2000-05-18 09:09:50 +00:00
|
|
|
}
|
|
|
|
|
2014-05-23 17:51:56 +00:00
|
|
|
static gboolean
|
2018-02-09 00:19:12 +00:00
|
|
|
i4b_read_rec(wtap *wth, FILE_T fh, wtap_rec *rec, Buffer *buf,
|
2013-05-17 06:08:40 +00:00
|
|
|
int *err, gchar **err_info)
|
2000-05-18 09:09:50 +00:00
|
|
|
{
|
2014-05-09 05:18:49 +00:00
|
|
|
i4btrace_t *i4btrace = (i4btrace_t *)wth->priv;
|
2013-05-17 06:08:40 +00:00
|
|
|
i4b_trace_hdr_t hdr;
|
|
|
|
guint32 length;
|
2000-05-18 09:09:50 +00:00
|
|
|
|
Add some higher-level file-read APIs and use them.
Add wtap_read_bytes(), which takes a FILE_T, a pointer, a byte count, an
error number pointer, and an error string pointer as arguments, and that
treats a short read of any sort, including a read that returns 0 bytes,
as a WTAP_ERR_SHORT_READ error, and that returns the error number and
string through its last two arguments.
Add wtap_read_bytes_or_eof(), which is similar, but that treats a read
that returns 0 bytes as an EOF, supplying an error number of 0 as an EOF
indication.
Use those in file readers; that simplifies the code and makes it less
likely that somebody will fail to supply the error number and error
string on a file read error.
Change-Id: Ia5dba2a6f81151e87b614461349d611cffc16210
Reviewed-on: https://code.wireshark.org/review/4512
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-10-07 01:00:57 +00:00
|
|
|
if (!wtap_read_bytes_or_eof(fh, &hdr, sizeof hdr, err, err_info))
|
2013-06-17 21:18:47 +00:00
|
|
|
return FALSE;
|
2010-02-26 07:59:54 +00:00
|
|
|
|
|
|
|
if (i4btrace->byte_swapped) {
|
2000-05-18 09:09:50 +00:00
|
|
|
/*
|
|
|
|
* Byte-swap the header.
|
|
|
|
*/
|
2013-11-29 19:21:20 +00:00
|
|
|
hdr.length = GUINT32_SWAP_LE_BE(hdr.length);
|
|
|
|
hdr.unit = GUINT32_SWAP_LE_BE(hdr.unit);
|
|
|
|
hdr.type = GUINT32_SWAP_LE_BE(hdr.type);
|
|
|
|
hdr.dir = GUINT32_SWAP_LE_BE(hdr.dir);
|
|
|
|
hdr.trunc = GUINT32_SWAP_LE_BE(hdr.trunc);
|
|
|
|
hdr.count = GUINT32_SWAP_LE_BE(hdr.count);
|
|
|
|
hdr.ts_sec = GUINT32_SWAP_LE_BE(hdr.ts_sec);
|
|
|
|
hdr.ts_usec = GUINT32_SWAP_LE_BE(hdr.ts_usec);
|
2000-05-18 09:09:50 +00:00
|
|
|
}
|
|
|
|
|
2013-05-17 06:08:40 +00:00
|
|
|
if (hdr.length < sizeof(hdr)) {
|
|
|
|
*err = WTAP_ERR_BAD_FILE; /* record length < header! */
|
|
|
|
*err_info = g_strdup_printf("i4btrace: record length %u < header length %lu",
|
|
|
|
hdr.length, (unsigned long)sizeof(hdr));
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
length = hdr.length - (guint32)sizeof(hdr);
|
Allow bigger snapshot lengths for D-Bus captures.
Use WTAP_MAX_PACKET_SIZE_STANDARD, set to 256KB, for everything except
for D-Bus captures. Use WTAP_MAX_PACKET_SIZE_DBUS, set to 128MB, for
them, because that's the largest possible D-Bus message size. See
https://bugs.freedesktop.org/show_bug.cgi?id=100220
for an example of the problems caused by limiting the snapshot length to
256KB for D-Bus.
Have a snapshot length of 0 in a capture_file structure mean "there is
no snapshot length for the file"; we don't need the has_snap field in
that case, a value of 0 mean "no, we don't have a snapshot length".
In dumpcap, start out with a pipe buffer size of 2KB, and grow it as
necessary. When checking for a too-big packet from a pipe, check
against the appropriate maximum - 128MB for DLT_DBUS, 256KB for
everything else.
Change-Id: Ib2ce7a0cf37b971fbc0318024fd011e18add8b20
Reviewed-on: https://code.wireshark.org/review/21952
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-06-05 01:58:40 +00:00
|
|
|
if (length > WTAP_MAX_PACKET_SIZE_STANDARD) {
|
2013-05-17 06:08:40 +00:00
|
|
|
/*
|
|
|
|
* Probably a corrupt capture file; don't blow up trying
|
|
|
|
* to allocate space for an immensely-large packet.
|
|
|
|
*/
|
|
|
|
*err = WTAP_ERR_BAD_FILE;
|
|
|
|
*err_info = g_strdup_printf("i4btrace: File has %u-byte packet, bigger than maximum of %u",
|
Allow bigger snapshot lengths for D-Bus captures.
Use WTAP_MAX_PACKET_SIZE_STANDARD, set to 256KB, for everything except
for D-Bus captures. Use WTAP_MAX_PACKET_SIZE_DBUS, set to 128MB, for
them, because that's the largest possible D-Bus message size. See
https://bugs.freedesktop.org/show_bug.cgi?id=100220
for an example of the problems caused by limiting the snapshot length to
256KB for D-Bus.
Have a snapshot length of 0 in a capture_file structure mean "there is
no snapshot length for the file"; we don't need the has_snap field in
that case, a value of 0 mean "no, we don't have a snapshot length".
In dumpcap, start out with a pipe buffer size of 2KB, and grow it as
necessary. When checking for a too-big packet from a pipe, check
against the appropriate maximum - 128MB for DLT_DBUS, 256KB for
everything else.
Change-Id: Ib2ce7a0cf37b971fbc0318024fd011e18add8b20
Reviewed-on: https://code.wireshark.org/review/21952
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-06-05 01:58:40 +00:00
|
|
|
length, WTAP_MAX_PACKET_SIZE_STANDARD);
|
2002-03-05 08:40:27 +00:00
|
|
|
return FALSE;
|
2000-05-18 09:09:50 +00:00
|
|
|
}
|
2000-11-11 06:36:09 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
rec->rec_type = REC_TYPE_PACKET;
|
|
|
|
rec->presence_flags = WTAP_HAS_TS;
|
2013-05-17 06:08:40 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
rec->rec_header.packet_header.len = length;
|
|
|
|
rec->rec_header.packet_header.caplen = length;
|
2013-05-17 06:08:40 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
rec->ts.secs = hdr.ts_sec;
|
|
|
|
rec->ts.nsecs = hdr.ts_usec * 1000;
|
2013-05-17 06:08:40 +00:00
|
|
|
|
|
|
|
switch (hdr.type) {
|
|
|
|
|
|
|
|
case TRC_CH_I:
|
|
|
|
/*
|
|
|
|
* XXX - what is it? It's probably not WTAP_ENCAP_NULL,
|
|
|
|
* as that means it has a 4-byte AF_ type as the
|
|
|
|
* encapsulation header.
|
|
|
|
*/
|
2018-02-09 00:19:12 +00:00
|
|
|
rec->rec_header.packet_header.pkt_encap = WTAP_ENCAP_NULL;
|
2013-05-17 06:08:40 +00:00
|
|
|
break;
|
2000-11-11 06:36:09 +00:00
|
|
|
|
|
|
|
case TRC_CH_D:
|
|
|
|
/*
|
|
|
|
* D channel, so it's LAPD; set "p2p.sent".
|
|
|
|
*/
|
2018-02-09 00:19:12 +00:00
|
|
|
rec->rec_header.packet_header.pkt_encap = WTAP_ENCAP_ISDN;
|
|
|
|
rec->rec_header.packet_header.pseudo_header.isdn.channel = 0;
|
2000-11-11 06:36:09 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case TRC_CH_B1:
|
|
|
|
/*
|
2002-10-31 07:12:42 +00:00
|
|
|
* B channel 1.
|
2000-11-11 06:36:09 +00:00
|
|
|
*/
|
2018-02-09 00:19:12 +00:00
|
|
|
rec->rec_header.packet_header.pkt_encap = WTAP_ENCAP_ISDN;
|
|
|
|
rec->rec_header.packet_header.pseudo_header.isdn.channel = 1;
|
2002-10-31 07:12:42 +00:00
|
|
|
break;
|
2000-11-11 06:36:09 +00:00
|
|
|
|
2002-10-31 07:12:42 +00:00
|
|
|
case TRC_CH_B2:
|
|
|
|
/*
|
|
|
|
* B channel 2.
|
|
|
|
*/
|
2018-02-09 00:19:12 +00:00
|
|
|
rec->rec_header.packet_header.pkt_encap = WTAP_ENCAP_ISDN;
|
|
|
|
rec->rec_header.packet_header.pseudo_header.isdn.channel = 2;
|
2000-11-11 06:36:09 +00:00
|
|
|
break;
|
|
|
|
}
|
2013-05-17 06:08:40 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
rec->rec_header.packet_header.pseudo_header.isdn.uton = (hdr.dir == FROM_TE);
|
2013-05-17 06:08:40 +00:00
|
|
|
|
2013-06-17 21:18:47 +00:00
|
|
|
/*
|
|
|
|
* Read the packet data.
|
|
|
|
*/
|
|
|
|
return wtap_read_packet_bytes(fh, buf, length, err, err_info);
|
2013-05-17 06:08:40 +00:00
|
|
|
}
|
2015-01-02 00:45:22 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Editor modelines - http://www.wireshark.org/tools/modelines.html
|
|
|
|
*
|
|
|
|
* Local variables:
|
|
|
|
* c-basic-offset: 8
|
|
|
|
* tab-width: 8
|
|
|
|
* indent-tabs-mode: t
|
|
|
|
* End:
|
|
|
|
*
|
|
|
|
* vi: set shiftwidth=8 tabstop=8 noexpandtab:
|
|
|
|
* :indentSize=8:tabSize=8:noTabs=false:
|
|
|
|
*/
|