From Michal Labedzki via
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8818 Add support for dissection ELF files. It opens as a "capture" file via wiretap at the moment for simplicity's sake, but the intention is eventually to have this (and other file types we dissect) open through some other program sharing much of the libwireshark infrastructure. svn path=/trunk/; revision=52775
This commit is contained in:
Evan Huus
parent
cbd3194bcf
commit
328a05630c
|
|
@ -292,6 +292,7 @@ set(DIRTY_ASN1_DISSECTOR_SRC
|
|||
)
|
||||
|
||||
set(DISSECTOR_SRC
|
||||
dissectors/file-elf.c
|
||||
dissectors/file-mp4.c
|
||||
dissectors/packet-2dparityfec.c
|
||||
dissectors/packet-3com-njack.c
|
||||
|
|
@ -1461,6 +1462,7 @@ set(LIBWIRESHARK_FILES
|
|||
crc8-tvb.c
|
||||
disabled_protos.c
|
||||
dissector_filters.c
|
||||
dwarf.c
|
||||
emem.c
|
||||
epan.c
|
||||
ex-opt.c
|
||||
|
|
|
|||
|
|
@ -45,6 +45,7 @@ LIBWIRESHARK_SRC = \
|
|||
crc32-tvb.c \
|
||||
crc8-tvb.c \
|
||||
disabled_protos.c \
|
||||
dwarf.c \
|
||||
dissector_filters.c \
|
||||
emem.c \
|
||||
epan.c \
|
||||
|
|
@ -179,6 +180,7 @@ LIBWIRESHARK_INCLUDES = \
|
|||
dissector_filters.h \
|
||||
dtd.h \
|
||||
dtd_parse.h \
|
||||
dwarf.h \
|
||||
eap.h \
|
||||
emem.h \
|
||||
epan-int.h \
|
||||
|
|
|
|||
|
|
@ -215,6 +215,7 @@ DIRTY_ASN1_DISSECTOR_SRC = \
|
|||
$(CUSTOM_DIRTY_ASN1_DISSECTOR_SRC)
|
||||
|
||||
FILE_DISSECTOR_SRC = \
|
||||
file-elf.c \
|
||||
file-mp4.c
|
||||
|
||||
#
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -32,6 +32,7 @@
|
|||
|
||||
#include <epan/packet.h>
|
||||
#include <epan/prefs.h>
|
||||
#include "dwarf.h"
|
||||
#include "packet-tcp.h"
|
||||
|
||||
/*
|
||||
|
|
@ -157,30 +158,9 @@ static int ett_netsync = -1;
|
|||
static guint global_tcp_port_netsync = TCP_PORT_NETSYNC;
|
||||
static gboolean netsync_desegment = TRUE;
|
||||
|
||||
static gint dissect_uleb128( tvbuff_t *tvb, gint offset, guint* size)
|
||||
{
|
||||
guint shift = 0;
|
||||
guint8 tmp;
|
||||
guint start_offset = offset;
|
||||
|
||||
*size = 0;
|
||||
|
||||
/* get size */
|
||||
do {
|
||||
tmp = tvb_get_guint8(tvb, offset);
|
||||
offset += 1;
|
||||
|
||||
*size |= (tmp & 0x7F) << shift;
|
||||
shift += 7;
|
||||
} while (tmp & 0x80);
|
||||
|
||||
|
||||
return offset - start_offset;
|
||||
}
|
||||
|
||||
static gint dissect_netsync_cmd_error( tvbuff_t *tvb, gint offset, proto_tree *tree, guint size _U_)
|
||||
{
|
||||
guint len = 0;
|
||||
guint64 len = 0;
|
||||
|
||||
offset += dissect_uleb128( tvb, offset, &len );
|
||||
|
||||
|
|
@ -199,7 +179,7 @@ static gint dissect_netsync_cmd_bye(tvbuff_t *tvb _U_, gint offset, proto_tree
|
|||
|
||||
static gint dissect_netsync_cmd_hello(tvbuff_t *tvb, gint offset, proto_tree *tree, guint size _U_)
|
||||
{
|
||||
guint len = 0;
|
||||
guint64 len = 0;
|
||||
|
||||
offset += dissect_uleb128( tvb, offset, &len );
|
||||
|
||||
|
|
@ -224,7 +204,7 @@ static gint dissect_netsync_cmd_hello(tvbuff_t *tvb, gint offset, proto_tree *t
|
|||
|
||||
static gint dissect_netsync_cmd_anonymous(tvbuff_t *tvb, gint offset, proto_tree *tree, guint size _U_)
|
||||
{
|
||||
guint len = 0;
|
||||
guint64 len = 0;
|
||||
|
||||
proto_tree_add_item(tree, hf_netsync_cmd_anonymous_role, tvb,
|
||||
offset, 1, ENC_BIG_ENDIAN );
|
||||
|
|
@ -246,7 +226,7 @@ static gint dissect_netsync_cmd_anonymous(tvbuff_t *tvb, gint offset, proto_tre
|
|||
|
||||
static gint dissect_netsync_cmd_auth(tvbuff_t *tvb, gint offset, proto_tree *tree, guint size _U_)
|
||||
{
|
||||
guint len = 0;
|
||||
guint64 len = 0;
|
||||
|
||||
proto_tree_add_item(tree, hf_netsync_cmd_auth_role, tvb,
|
||||
offset, 1, ENC_BIG_ENDIAN );
|
||||
|
|
@ -287,7 +267,7 @@ static gint dissect_netsync_cmd_auth(tvbuff_t *tvb, gint offset, proto_tree *tr
|
|||
|
||||
static gint dissect_netsync_cmd_confirm(tvbuff_t *tvb, gint offset, proto_tree *tree, guint size _U_)
|
||||
{
|
||||
guint len = 0;
|
||||
guint64 len = 0;
|
||||
|
||||
offset += dissect_uleb128( tvb, offset, &len );
|
||||
|
||||
|
|
@ -312,7 +292,7 @@ static gint dissect_netsync_cmd_refine(tvbuff_t *tvb, gint offset, proto_tree *
|
|||
|
||||
static gint dissect_netsync_cmd_done(tvbuff_t *tvb, gint offset, proto_tree *tree, guint size _U_)
|
||||
{
|
||||
guint len = 0;
|
||||
guint64 len = 0;
|
||||
guint bytes = 0;
|
||||
|
||||
bytes = dissect_uleb128( tvb, offset, &len );
|
||||
|
|
@ -364,7 +344,7 @@ static gint dissect_netsync_cmd_send_delta(tvbuff_t *tvb, gint offset, proto_tr
|
|||
|
||||
static gint dissect_netsync_cmd_data(tvbuff_t *tvb, gint offset, proto_tree *tree, guint size _U_)
|
||||
{
|
||||
guint len = 0;
|
||||
guint64 len = 0;
|
||||
|
||||
proto_tree_add_item(tree, hf_netsync_cmd_data_type, tvb,
|
||||
offset, 1, ENC_BIG_ENDIAN );
|
||||
|
|
@ -390,7 +370,7 @@ static gint dissect_netsync_cmd_data(tvbuff_t *tvb, gint offset, proto_tree *tr
|
|||
|
||||
static gint dissect_netsync_cmd_delta(tvbuff_t *tvb, gint offset, proto_tree *tree, guint size _U_)
|
||||
{
|
||||
guint len = 0;
|
||||
guint64 len = 0;
|
||||
|
||||
proto_tree_add_item(tree, hf_netsync_cmd_delta_type, tvb,
|
||||
offset, 1, ENC_BIG_ENDIAN );
|
||||
|
|
@ -434,7 +414,8 @@ static gint dissect_netsync_cmd_nonexistent(tvbuff_t *tvb, gint offset, proto_t
|
|||
static guint
|
||||
get_netsync_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset)
|
||||
{
|
||||
guint size = 0, size_bytes;
|
||||
guint64 size = 0;
|
||||
guint size_bytes;
|
||||
|
||||
/* skip version and command */
|
||||
offset += 2;
|
||||
|
|
|
|||
|
|
@ -0,0 +1,45 @@
|
|||
#include "config.h"
|
||||
#include <epan/packet.h>
|
||||
|
||||
gint
|
||||
dissect_uleb128(tvbuff_t *tvb, gint offset, guint64 *value)
|
||||
{
|
||||
guint start_offset = offset;
|
||||
guint shift = 0;
|
||||
guint8 byte;
|
||||
|
||||
*value = 0;
|
||||
|
||||
do {
|
||||
byte = tvb_get_guint8(tvb, offset);
|
||||
offset += 1;
|
||||
|
||||
*value |= (byte & 0x7F) << shift;
|
||||
shift += 7;
|
||||
} while (byte & 0x80);
|
||||
|
||||
return offset - start_offset;
|
||||
}
|
||||
|
||||
gint
|
||||
dissect_leb128(tvbuff_t *tvb, gint offset, gint64 *value)
|
||||
{
|
||||
guint start_offset = offset;
|
||||
guint shift = 0;
|
||||
guint8 byte;
|
||||
|
||||
*value = 0;
|
||||
|
||||
do {
|
||||
byte = tvb_get_guint8(tvb, offset);
|
||||
offset += 1;
|
||||
|
||||
*value |= (byte & 0x7F) << shift;
|
||||
shift += 7;
|
||||
} while (byte & 0x80);
|
||||
|
||||
if (shift < 64 && byte & 0x40)
|
||||
*value |= - (1 << shift);
|
||||
|
||||
return offset - start_offset;
|
||||
}
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
#ifndef __DWARF_H__
|
||||
#define __DWARF_H__
|
||||
|
||||
#include <glib.h>
|
||||
|
||||
gint dissect_uleb128(tvbuff_t *tvb, gint offset, guint64 *value);
|
||||
gint dissect_leb128(tvbuff_t *tvb, gint offset, gint64 *value);
|
||||
|
||||
#endif /* __DWARF_H__ */
|
||||
|
|
@ -76,13 +76,15 @@ static const guint8 xml_magic[] = { '<', '?', 'x', 'm', 'l' };
|
|||
static const guint8 png_magic[] = { 0x89, 'P', 'N', 'G', '\r', '\n', 0x1A, '\n' };
|
||||
static const guint8 gif87a_magic[] = { 'G', 'I', 'F', '8', '7', 'a'};
|
||||
static const guint8 gif89a_magic[] = { 'G', 'I', 'F', '8', '9', 'a'};
|
||||
static const guint8 elf_magic[] = { 0x7F, 'E', 'L', 'F'};
|
||||
|
||||
static const mime_files_t magic_files[] = {
|
||||
{ jpeg_jfif_magic, sizeof(jpeg_jfif_magic) },
|
||||
{ xml_magic, sizeof(xml_magic) },
|
||||
{ png_magic, sizeof(png_magic) },
|
||||
{ gif87a_magic, sizeof(gif87a_magic) },
|
||||
{ gif89a_magic, sizeof(gif89a_magic) }
|
||||
{ gif89a_magic, sizeof(gif89a_magic) },
|
||||
{ elf_magic, sizeof(elf_magic) }
|
||||
};
|
||||
|
||||
#define N_MAGIC_TYPES (sizeof(magic_files) / sizeof(magic_files[0]))
|
||||
|
|
|
|||
Loading…
Reference in New Issue