Get rid of some cruft left in by previous checkins as placeholders.
Get rid of WTAP_ENCAP_NONE; replace it with WTAP_ENCAP_UNKNOWN, which means "I can't handle that file, it's using an encapsulation I don't support". Check for encapsulations we don't support, and return an error (as is already done in "libpcap.c"). Check for too-large packet sizes, and return an error (as is already done in "libpcap.c"). Print unsigned quantities in Wiretap messages with "%u", not "%d". svn path=/trunk/; revision=544
This commit is contained in:
parent
63a69a5cca
commit
4b9ab6d1fc
17
capture.c
17
capture.c
|
@ -1,7 +1,7 @@
|
|||
/* capture.c
|
||||
* Routines for packet capture windows
|
||||
*
|
||||
* $Id: capture.c,v 1.59 1999/08/22 01:02:42 guy Exp $
|
||||
* $Id: capture.c,v 1.60 1999/08/22 02:29:30 guy Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@zing.org>
|
||||
|
@ -835,21 +835,12 @@ capture_pcap_cb(u_char *user, const struct pcap_pkthdr *phdr,
|
|||
case WTAP_ENCAP_PPP:
|
||||
capture_ppp(pd, phdr->caplen, &ld->counts);
|
||||
break;
|
||||
#if 0
|
||||
#ifdef DLT_ENC
|
||||
case DLT_ENC : /* XXX - OpenBSD "IPSEC enc type (af header, spi,
|
||||
flags)" */
|
||||
#endif
|
||||
#ifdef DLT_LOOP
|
||||
case DLT_LOOP : /* XXX - prepended 4-byte AF_xxxx value in OpenBSD,
|
||||
network byte order */
|
||||
#endif
|
||||
#endif
|
||||
/* XXX - FreeBSD may append 4-byte ATM pseudo-header
|
||||
to DLT_ATM_RFC1483, with LLC header following */
|
||||
case WTAP_ENCAP_RAW_IP:
|
||||
capture_raw(pd, phdr->caplen, &ld->counts);
|
||||
break;
|
||||
/* XXX - FreeBSD may append 4-byte ATM pseudo-header to DLT_ATM_RFC1483,
|
||||
with LLC header following; we should implement it at some
|
||||
point. */
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* file.c
|
||||
*
|
||||
* $Id: file.c,v 1.17 1999/08/19 05:31:33 guy Exp $
|
||||
* $Id: file.c,v 1.18 1999/08/22 02:29:38 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
|
||||
|
@ -104,7 +104,7 @@ wtap* wtap_open_offline(const char *filename, int *err)
|
|||
}
|
||||
|
||||
/* initialization */
|
||||
wth->file_encap = WTAP_ENCAP_NONE;
|
||||
wth->file_encap = WTAP_ENCAP_UNKNOWN;
|
||||
|
||||
/* Try all file types */
|
||||
for (i = 0; i < N_FILE_TYPES; i++) {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* iptrace.c
|
||||
*
|
||||
* $Id: iptrace.c,v 1.7 1999/08/20 04:07:09 gram Exp $
|
||||
* $Id: iptrace.c,v 1.8 1999/08/22 02:29:40 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
|
||||
|
@ -125,7 +125,10 @@ static int iptrace_read(wtap *wth, int *err)
|
|||
wth->phdr.pkt_encap = WTAP_ENCAP_RAW_IP;
|
||||
}
|
||||
else {
|
||||
wth->phdr.pkt_encap = WTAP_ENCAP_NONE;
|
||||
g_message("iptrace: interface type %c%c unknown or unsupported",
|
||||
if_name1, if_name2);
|
||||
*err = WTAP_ERR_BAD_RECORD;
|
||||
return -1;
|
||||
}
|
||||
return data_offset;
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* lanalyzer.c
|
||||
*
|
||||
* $Id: lanalyzer.c,v 1.12 1999/08/20 04:49:18 gram Exp $
|
||||
* $Id: lanalyzer.c,v 1.13 1999/08/22 02:29:40 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
|
||||
|
@ -163,7 +163,11 @@ int lanalyzer_open(wtap *wth, int *err)
|
|||
wth->file_encap = WTAP_ENCAP_TR;
|
||||
break;
|
||||
default:
|
||||
wth->file_encap = WTAP_ENCAP_NONE;
|
||||
g_message("lanalyzer: board type %u unknown",
|
||||
board_type);
|
||||
g_free(wth->capture.lanalyzer);
|
||||
*err = WTAP_ERR_UNSUPPORTED;
|
||||
return -1;
|
||||
}
|
||||
break;
|
||||
|
||||
|
@ -229,6 +233,8 @@ static int lanalyzer_read(wtap *wth, int *err)
|
|||
* the middle of reading packets. If any other record type exists
|
||||
* after a Trace Packet Data Record, mark it as an error. */
|
||||
if (record_type != REC_TRACE_PACKET_DATA) {
|
||||
g_message("lanalyzer: record type %u seen after trace summary record",
|
||||
record_type);
|
||||
*err = WTAP_ERR_BAD_RECORD;
|
||||
return -1;
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* libpcap.c
|
||||
*
|
||||
* $Id: libpcap.c,v 1.11 1999/08/22 00:47:56 guy Exp $
|
||||
* $Id: libpcap.c,v 1.12 1999/08/22 02:29:37 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
|
||||
|
@ -78,21 +78,23 @@ static int libpcap_dump_close(wtap_dumper *wdh, int *err);
|
|||
/*
|
||||
* XXX - this is a bit of a mess. OpenBSD, and perhaps NetBSD, have
|
||||
* different DLT_ codes from FreeBSD (and from the LBL BPF code).
|
||||
* For now, we simply treat all except DLT_RAW as "unknown"; this
|
||||
* means you won't be able to capture from a network using those
|
||||
* For now, we simply treat those type values with different
|
||||
* meanings on different platforms, except for DLT_RAW, as "unknown";
|
||||
* this means you won't be able to capture from a network using those
|
||||
* types in Ethereal (and that capturing from the loopback interface
|
||||
* won't necessarily work right on OpenBSD, either).
|
||||
* won't necessarily work right on OpenBSD, either, as it uses
|
||||
* DLT_LOOP, which is the same as DLT_RAW on other platforms).
|
||||
*
|
||||
* Does anybody know what BSD/OS uses as DLT_ types for SLIP and
|
||||
* PPP? The LBL code, and the OpenBSD code, appear to disagree....
|
||||
*
|
||||
* Nothing in FreeBSD appears to use DLT_RAW, so it's not clear what
|
||||
* link-layer header or fake header appears. If it's completely
|
||||
* unused, or if it behaves the same way OpenBSD DLT_LOOP behaves,
|
||||
* i.e. it puts an address family in *network* byte order (as opposed
|
||||
* to the *host* byte order that DLT_NULL uses on FreeBSD), then
|
||||
* we should just make it WTAP_ENCAP_LOOP and process that as an
|
||||
* OpenBSD DLT_LOOP.
|
||||
* link-layer header or fake header appears for DLT_RAW. If it's
|
||||
* completely unused, or if it behaves the same way OpenBSD DLT_LOOP
|
||||
* behaves, i.e. it puts an address family in *network* byte order
|
||||
* (as opposed to the *host* byte order that DLT_NULL uses on FreeBSD),
|
||||
* then we should just make it WTAP_ENCAP_NULL, which we treat in
|
||||
* such a fashion as to cause it to work with DLT_LOOP headers.
|
||||
*/
|
||||
static const int pcap_encap[] = {
|
||||
WTAP_ENCAP_NULL, /* null encapsulation */
|
||||
|
@ -166,14 +168,15 @@ int libpcap_open(wtap *wth, int *err)
|
|||
}
|
||||
if (hdr.version_major < 2) {
|
||||
/* We only support version 2.0 and later. */
|
||||
g_message("pcap: major version %d unsupported",
|
||||
g_message("pcap: major version %u unsupported",
|
||||
hdr.version_major);
|
||||
*err = WTAP_ERR_UNSUPPORTED;
|
||||
return -1;
|
||||
}
|
||||
if (hdr.network >= NUM_PCAP_ENCAPS
|
||||
|| pcap_encap[hdr.network] == WTAP_ENCAP_UNKNOWN) {
|
||||
g_message("pcap: network type %d unknown or unsupported", hdr.network);
|
||||
g_message("pcap: network type %u unknown or unsupported",
|
||||
hdr.network);
|
||||
*err = WTAP_ERR_UNSUPPORTED;
|
||||
return -1;
|
||||
}
|
||||
|
@ -289,16 +292,17 @@ int libpcap_dump_open(wtap_dumper *wdh, int *err)
|
|||
static const guint32 pcap_magic = PCAP_MAGIC;
|
||||
struct pcap_hdr file_hdr;
|
||||
static const int wtap_encap[] = {
|
||||
0, /* WTAP_ENCAP_NONE */
|
||||
1, /* WTAP_ENCAP_ETHERNET */
|
||||
6, /* WTAP_ENCAP_TR */
|
||||
8, /* WTAP_ENCAP_SLIP */
|
||||
9, /* WTAP_ENCAP_PPP */
|
||||
10, /* WTAP_ENCAP_FDDI */
|
||||
12, /* WTAP_ENCAP_RAW_IP */
|
||||
7, /* WTAP_ENCAP_ARCNET */
|
||||
11, /* WTAP_ENCAP_ATM_RFC1483 */
|
||||
19 /* WTAP_ENCAP_LINUX_ATM_CLIP */
|
||||
0, /* WTAP_ENCAP_UNKNOWN -> DLT_NULL */
|
||||
1, /* WTAP_ENCAP_ETHERNET -> DLT_EN10MB */
|
||||
6, /* WTAP_ENCAP_TR -> DLT_IEEE802 */
|
||||
8, /* WTAP_ENCAP_SLIP -> DLT_SLIP */
|
||||
9, /* WTAP_ENCAP_PPP -> DLT_PPP */
|
||||
10, /* WTAP_ENCAP_FDDI -> DLT_FDDI */
|
||||
12, /* WTAP_ENCAP_RAW_IP -> DLT_RAW */
|
||||
7, /* WTAP_ENCAP_ARCNET -> DLT_ARCNET */
|
||||
11, /* WTAP_ENCAP_ATM_RFC1483 -> DLT_ATM_RFC1483 */
|
||||
19, /* WTAP_ENCAP_LINUX_ATM_CLIP */
|
||||
0 /* WTAP_ENCAP_NULL -> DLT_NULL */
|
||||
};
|
||||
int nwritten;
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* netmon.c
|
||||
*
|
||||
* $Id: netmon.c,v 1.10 1999/08/19 05:31:36 guy Exp $
|
||||
* $Id: netmon.c,v 1.11 1999/08/22 02:29:40 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
|
||||
|
@ -99,18 +99,18 @@ int netmon_open(wtap *wth, int *err)
|
|||
struct netmon_hdr hdr;
|
||||
int file_type;
|
||||
static const int netmon_encap[] = {
|
||||
WTAP_ENCAP_NONE,
|
||||
WTAP_ENCAP_UNKNOWN,
|
||||
WTAP_ENCAP_ETHERNET,
|
||||
WTAP_ENCAP_TR,
|
||||
WTAP_ENCAP_FDDI,
|
||||
WTAP_ENCAP_NONE, /* WAN */
|
||||
WTAP_ENCAP_NONE, /* LocalTalk */
|
||||
WTAP_ENCAP_NONE, /* "DIX" - should not occur */
|
||||
WTAP_ENCAP_NONE, /* ARCNET raw */
|
||||
WTAP_ENCAP_NONE, /* ARCNET 878.2 */
|
||||
WTAP_ENCAP_NONE, /* ATM */
|
||||
WTAP_ENCAP_NONE, /* Wireless WAN */
|
||||
WTAP_ENCAP_NONE /* IrDA */
|
||||
WTAP_ENCAP_UNKNOWN, /* WAN */
|
||||
WTAP_ENCAP_UNKNOWN, /* LocalTalk */
|
||||
WTAP_ENCAP_UNKNOWN, /* "DIX" - should not occur */
|
||||
WTAP_ENCAP_UNKNOWN, /* ARCNET raw */
|
||||
WTAP_ENCAP_UNKNOWN, /* ARCNET 878.2 */
|
||||
WTAP_ENCAP_UNKNOWN, /* ATM */
|
||||
WTAP_ENCAP_UNKNOWN, /* Wireless WAN */
|
||||
WTAP_ENCAP_UNKNOWN /* IrDA */
|
||||
};
|
||||
#define NUM_NETMON_ENCAPS (sizeof netmon_encap / sizeof netmon_encap[0])
|
||||
struct tm tm;
|
||||
|
@ -155,14 +155,16 @@ int netmon_open(wtap *wth, int *err)
|
|||
break;
|
||||
|
||||
default:
|
||||
g_message("netmon: major version %d unsupported", hdr.ver_major);
|
||||
g_message("netmon: major version %u unsupported", hdr.ver_major);
|
||||
*err = WTAP_ERR_UNSUPPORTED;
|
||||
return -1;
|
||||
}
|
||||
|
||||
hdr.network = pletohs(&hdr.network);
|
||||
if (hdr.network >= NUM_NETMON_ENCAPS) {
|
||||
g_message("netmon: network type %d unknown", hdr.network);
|
||||
if (hdr.network >= NUM_NETMON_ENCAPS
|
||||
|| netmon_encap[hdr.network] == WTAP_ENCAP_UNKNOWN) {
|
||||
g_message("netmon: network type %u unknown or unsupported",
|
||||
hdr.network);
|
||||
*err = WTAP_ERR_UNSUPPORTED;
|
||||
return -1;
|
||||
}
|
||||
|
@ -219,7 +221,7 @@ int netmon_open(wtap *wth, int *err)
|
|||
/* Read the next packet */
|
||||
static int netmon_read(wtap *wth, int *err)
|
||||
{
|
||||
int packet_size = 0;
|
||||
guint32 packet_size = 0;
|
||||
int bytes_read;
|
||||
union {
|
||||
struct netmonrec_1_x_hdr hdr_1_x;
|
||||
|
@ -274,6 +276,16 @@ static int netmon_read(wtap *wth, int *err)
|
|||
packet_size = pletohl(&hdr.hdr_2_x.incl_len);
|
||||
break;
|
||||
}
|
||||
if (packet_size > WTAP_MAX_PACKET_SIZE) {
|
||||
/*
|
||||
* Probably a corrupt capture file; don't blow up trying
|
||||
* to allocate space for an immensely-large packet.
|
||||
*/
|
||||
g_message("netmon: File has %u-byte packet, bigger than maximum of %u",
|
||||
packet_size, WTAP_MAX_PACKET_SIZE);
|
||||
*err = WTAP_ERR_BAD_RECORD;
|
||||
return -1;
|
||||
}
|
||||
buffer_assure_space(wth->frame_buffer, packet_size);
|
||||
errno = WTAP_ERR_CANT_READ;
|
||||
bytes_read = fread(buffer_start_ptr(wth->frame_buffer), 1,
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* netxray.c
|
||||
*
|
||||
* $Id: netxray.c,v 1.10 1999/08/19 05:31:35 guy Exp $
|
||||
* $Id: netxray.c,v 1.11 1999/08/22 02:29:39 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
|
||||
|
@ -102,14 +102,14 @@ int netxray_open(wtap *wth, int *err)
|
|||
WTAP_ENCAP_ETHERNET,
|
||||
WTAP_ENCAP_TR,
|
||||
WTAP_ENCAP_FDDI,
|
||||
WTAP_ENCAP_NONE, /* WAN */
|
||||
WTAP_ENCAP_NONE, /* LocalTalk */
|
||||
WTAP_ENCAP_NONE, /* "DIX" - should not occur */
|
||||
WTAP_ENCAP_NONE, /* ARCNET raw */
|
||||
WTAP_ENCAP_NONE, /* ARCNET 878.2 */
|
||||
WTAP_ENCAP_NONE, /* ATM */
|
||||
WTAP_ENCAP_NONE, /* Wireless WAN */
|
||||
WTAP_ENCAP_NONE /* IrDA */
|
||||
WTAP_ENCAP_UNKNOWN, /* WAN */
|
||||
WTAP_ENCAP_UNKNOWN, /* LocalTalk */
|
||||
WTAP_ENCAP_UNKNOWN, /* "DIX" - should not occur */
|
||||
WTAP_ENCAP_UNKNOWN, /* ARCNET raw */
|
||||
WTAP_ENCAP_UNKNOWN, /* ARCNET 878.2 */
|
||||
WTAP_ENCAP_UNKNOWN, /* ATM */
|
||||
WTAP_ENCAP_UNKNOWN, /* Wireless WAN */
|
||||
WTAP_ENCAP_UNKNOWN /* IrDA */
|
||||
};
|
||||
#define NUM_NETXRAY_ENCAPS (sizeof netxray_encap / sizeof netxray_encap[0])
|
||||
|
||||
|
@ -167,8 +167,10 @@ int netxray_open(wtap *wth, int *err)
|
|||
}
|
||||
|
||||
hdr.network = pletohs(&hdr.network);
|
||||
if (hdr.network >= NUM_NETXRAY_ENCAPS) {
|
||||
g_message("netxray: network type %d unknown", hdr.network);
|
||||
if (hdr.network >= NUM_NETXRAY_ENCAPS
|
||||
|| netxray_encap[hdr.network] == WTAP_ENCAP_UNKNOWN) {
|
||||
g_message("netxray: network type %u unknown or unsupported",
|
||||
hdr.network);
|
||||
*err = WTAP_ERR_UNSUPPORTED;
|
||||
return -1;
|
||||
}
|
||||
|
@ -204,7 +206,7 @@ int netxray_open(wtap *wth, int *err)
|
|||
/* Read the next packet */
|
||||
static int netxray_read(wtap *wth, int *err)
|
||||
{
|
||||
int packet_size;
|
||||
guint32 packet_size;
|
||||
int bytes_read;
|
||||
union {
|
||||
struct netxrayrec_1_x_hdr hdr_1_x;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* ngsniffer.c
|
||||
*
|
||||
* $Id: ngsniffer.c,v 1.18 1999/08/20 23:11:05 guy Exp $
|
||||
* $Id: ngsniffer.c,v 1.19 1999/08/22 02:29:39 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
|
||||
|
@ -87,7 +87,7 @@ struct vers_rec {
|
|||
gint16 time; /* DOS-format time */
|
||||
gint16 date; /* DOS-format date */
|
||||
gint8 type; /* what type of records follow */
|
||||
gint8 network; /* network type */
|
||||
guint8 network; /* network type */
|
||||
gint8 format; /* format version (we only support version 1!) */
|
||||
guint8 timeunit; /* timestamp units */
|
||||
gint8 cmprs_vers; /* compression version */
|
||||
|
@ -238,22 +238,6 @@ struct frame4_rec {
|
|||
#define NUM_NGSNIFF_TIMEUNITS 7
|
||||
static double Usec[] = { 15.0, 0.838096, 15.0, 0.5, 2.0, 0.0, 0.1 };
|
||||
|
||||
#define NGSNIFF_ENCAP_ATM 10
|
||||
#define NUM_NGSNIFF_ENCAPS 11
|
||||
static int sniffer_encap[] = {
|
||||
WTAP_ENCAP_TR,
|
||||
WTAP_ENCAP_ETHERNET,
|
||||
WTAP_ENCAP_ARCNET,
|
||||
WTAP_ENCAP_NONE, /* StarLAN */
|
||||
WTAP_ENCAP_NONE, /* PC Network broadband */
|
||||
WTAP_ENCAP_NONE, /* LocalTalk */
|
||||
WTAP_ENCAP_NONE, /* Znet */
|
||||
WTAP_ENCAP_LAPB, /* Internetwork analyzer */
|
||||
WTAP_ENCAP_NONE, /* type 8 not defined in Sniffer */
|
||||
WTAP_ENCAP_FDDI,
|
||||
WTAP_ENCAP_ATM_SNIFFER /* ATM */
|
||||
};
|
||||
|
||||
static int ngsniffer_read(wtap *wth, int *err);
|
||||
|
||||
int ngsniffer_open(wtap *wth, int *err)
|
||||
|
@ -267,6 +251,20 @@ int ngsniffer_open(wtap *wth, int *err)
|
|||
struct vers_rec version;
|
||||
guint16 start_date;
|
||||
guint16 start_time;
|
||||
static const int sniffer_encap[] = {
|
||||
WTAP_ENCAP_TR,
|
||||
WTAP_ENCAP_ETHERNET,
|
||||
WTAP_ENCAP_ARCNET,
|
||||
WTAP_ENCAP_UNKNOWN, /* StarLAN */
|
||||
WTAP_ENCAP_UNKNOWN, /* PC Network broadband */
|
||||
WTAP_ENCAP_UNKNOWN, /* LocalTalk */
|
||||
WTAP_ENCAP_UNKNOWN, /* Znet */
|
||||
WTAP_ENCAP_LAPB, /* Internetwork analyzer */
|
||||
WTAP_ENCAP_UNKNOWN, /* type 8 not defined in Sniffer */
|
||||
WTAP_ENCAP_FDDI,
|
||||
WTAP_ENCAP_ATM_SNIFFER /* ATM */
|
||||
};
|
||||
#define NUM_NGSNIFF_ENCAPS (sizeof sniffer_encap / sizeof sniffer_encap[0])
|
||||
struct tm tm;
|
||||
|
||||
/* Read in the string that should be at the start of a Sniffer file */
|
||||
|
@ -329,15 +327,17 @@ int ngsniffer_open(wtap *wth, int *err)
|
|||
}
|
||||
|
||||
/* Check the data link type */
|
||||
if (version.network >= NUM_NGSNIFF_ENCAPS) {
|
||||
g_message("ngsniffer: network type %d unknown", version.network);
|
||||
if (version.network >= NUM_NGSNIFF_ENCAPS
|
||||
|| sniffer_encap[version.network] == WTAP_ENCAP_UNKNOWN) {
|
||||
g_message("ngsniffer: network type %u unknown or unsupported",
|
||||
version.network);
|
||||
*err = WTAP_ERR_UNSUPPORTED;
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Check the time unit */
|
||||
if (version.timeunit >= NUM_NGSNIFF_TIMEUNITS) {
|
||||
g_message("ngsniffer: Unknown timeunit %d", version.timeunit);
|
||||
g_message("ngsniffer: Unknown timeunit %u", version.timeunit);
|
||||
*err = WTAP_ERR_UNSUPPORTED;
|
||||
return -1;
|
||||
}
|
||||
|
@ -390,13 +390,13 @@ int ngsniffer_open(wtap *wth, int *err)
|
|||
static int ngsniffer_read(wtap *wth, int *err)
|
||||
{
|
||||
int bytes_read;
|
||||
char record_type[2];
|
||||
char record_length[4]; /* only 1st 2 bytes are length */
|
||||
guint16 type, length;
|
||||
char record_type[2];
|
||||
char record_length[4]; /* only 1st 2 bytes are length */
|
||||
guint16 type, length;
|
||||
struct frame2_rec frame2;
|
||||
struct frame4_rec frame4;
|
||||
double t;
|
||||
guint16 time_low, time_med, time_high, true_size, size;
|
||||
double t;
|
||||
guint16 time_low, time_med, time_high, true_size, size;
|
||||
int data_offset;
|
||||
|
||||
for (;;) {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* snoop.c
|
||||
*
|
||||
* $Id: snoop.c,v 1.6 1999/08/19 05:31:35 guy Exp $
|
||||
* $Id: snoop.c,v 1.7 1999/08/22 02:29:38 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
|
||||
|
@ -62,16 +62,16 @@ int snoop_open(wtap *wth, int *err)
|
|||
char magic[sizeof snoop_magic];
|
||||
struct snoop_hdr hdr;
|
||||
static const int snoop_encap[] = {
|
||||
WTAP_ENCAP_NONE, /* IEEE 802.3 */
|
||||
WTAP_ENCAP_NONE, /* IEEE 802.4 Token Bus */
|
||||
WTAP_ENCAP_UNKNOWN, /* IEEE 802.3 */
|
||||
WTAP_ENCAP_UNKNOWN, /* IEEE 802.4 Token Bus */
|
||||
WTAP_ENCAP_TR,
|
||||
WTAP_ENCAP_NONE, /* IEEE 802.6 Metro Net */
|
||||
WTAP_ENCAP_UNKNOWN, /* IEEE 802.6 Metro Net */
|
||||
WTAP_ENCAP_ETHERNET,
|
||||
WTAP_ENCAP_NONE, /* HDLC */
|
||||
WTAP_ENCAP_NONE, /* Character Synchronous */
|
||||
WTAP_ENCAP_NONE, /* IBM Channel-to-Channel */
|
||||
WTAP_ENCAP_UNKNOWN, /* HDLC */
|
||||
WTAP_ENCAP_UNKNOWN, /* Character Synchronous */
|
||||
WTAP_ENCAP_UNKNOWN, /* IBM Channel-to-Channel */
|
||||
WTAP_ENCAP_FDDI,
|
||||
WTAP_ENCAP_NONE /* Other */
|
||||
WTAP_ENCAP_UNKNOWN /* Other */
|
||||
};
|
||||
#define NUM_SNOOP_ENCAPS (sizeof snoop_encap / sizeof snoop_encap[0])
|
||||
|
||||
|
@ -105,13 +105,15 @@ int snoop_open(wtap *wth, int *err)
|
|||
hdr.version = ntohl(hdr.version);
|
||||
if (hdr.version != 2) {
|
||||
/* We only support version 2. */
|
||||
g_message("snoop: version %d unsupported", hdr.version);
|
||||
g_message("snoop: version %u unsupported", hdr.version);
|
||||
*err = WTAP_ERR_UNSUPPORTED;
|
||||
return -1;
|
||||
}
|
||||
hdr.network = ntohl(hdr.network);
|
||||
if (hdr.network >= NUM_SNOOP_ENCAPS) {
|
||||
g_message("snoop: network type %d unknown", hdr.network);
|
||||
if (hdr.network >= NUM_SNOOP_ENCAPS
|
||||
|| snoop_encap[hdr.network] == WTAP_ENCAP_UNKNOWN) {
|
||||
g_message("snoop: network type %u unknown or unsupported",
|
||||
hdr.network);
|
||||
*err = WTAP_ERR_UNSUPPORTED;
|
||||
return -1;
|
||||
}
|
||||
|
@ -127,7 +129,7 @@ int snoop_open(wtap *wth, int *err)
|
|||
/* Read the next packet */
|
||||
static int snoop_read(wtap *wth, int *err)
|
||||
{
|
||||
int packet_size;
|
||||
guint32 packet_size;
|
||||
int bytes_read;
|
||||
struct snooprec_hdr hdr;
|
||||
int data_offset;
|
||||
|
@ -148,6 +150,16 @@ static int snoop_read(wtap *wth, int *err)
|
|||
}
|
||||
|
||||
packet_size = ntohl(hdr.incl_len);
|
||||
if (packet_size > WTAP_MAX_PACKET_SIZE) {
|
||||
/*
|
||||
* Probably a corrupt capture file; don't blow up trying
|
||||
* to allocate space for an immensely-large packet.
|
||||
*/
|
||||
g_message("snoop: File has %u-byte packet, bigger than maximum of %u",
|
||||
packet_size, WTAP_MAX_PACKET_SIZE);
|
||||
*err = WTAP_ERR_BAD_RECORD;
|
||||
return -1;
|
||||
}
|
||||
buffer_assure_space(wth->frame_buffer, packet_size);
|
||||
data_offset = ftell(wth->fh);
|
||||
errno = WTAP_ERR_CANT_READ;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* wtap.h
|
||||
*
|
||||
* $Id: wtap.h,v 1.30 1999/08/22 00:47:55 guy Exp $
|
||||
* $Id: wtap.h,v 1.31 1999/08/22 02:29:38 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
|
||||
|
@ -27,6 +27,14 @@
|
|||
/* Encapsulation types. Choose names that truly reflect
|
||||
* what is contained in the packet trace file.
|
||||
*
|
||||
* WTAP_ENCAP_PER_PACKET is a value passed to "wtap_dump_open()" or
|
||||
* "wtap_dump_fdopen()" to indicate that there is no single encapsulation
|
||||
* type for all packets in the file; this may cause those routines to
|
||||
* fail if the capture file format being written can't support that.
|
||||
*
|
||||
* WTAP_ENCAP_UNKNOWN is returned by "wtap_pcap_encap_to_wtap_encap()"
|
||||
* if it's handed an unknown encapsulation.
|
||||
*
|
||||
* WTAP_ENCAP_LINUX_ATM_CLIP is the encapsulation you get with the
|
||||
* ATM on Linux code from <http://lrcwww.epfl.ch/linux-atm/>;
|
||||
* that code adds a DLT_ATM_CLIP DLT_ code of 19, and that
|
||||
|
@ -34,22 +42,24 @@
|
|||
* presumably used on some BSD systems, which we turn into
|
||||
* WTAP_ENCAP_ATM_RFC1483.
|
||||
*
|
||||
* WTAP_ENCAP_PER_PACKET is a value passed to "wtap_dump_open()" or
|
||||
* "wtap_dump_fdopen()" to indicate that there is no single encapsulation
|
||||
* type for all packets in the file; this may cause those routines to
|
||||
* fail if the capture file format being written can't support that.
|
||||
* WTAP_ENCAP_NULL corresponds to DLT_NULL from "libpcap". This
|
||||
* corresponds to
|
||||
*
|
||||
* WTAP_ENCAP_NULL is the DLT_NULL some BSD systems use; at least with
|
||||
* many drivers on FreeBSD (and the loopback driver in 4.4-Lite, so
|
||||
* hopefully most BSD drivers, at least, model their DLT_NULL after it),
|
||||
* it puts a 4-byte field containing the AF_ address family value,
|
||||
* in *host* byte order, at the beginning of the packet.
|
||||
* 1) PPP-over-HDLC encapsulation, at least with some versions
|
||||
* of ISDN4BSD (but not the current ones, it appears, unless
|
||||
* I've missed something);
|
||||
*
|
||||
* WTAP_ENCAP_UNKNOWN is returned by "wtap_pcap_encap_to_wtap_encap()"
|
||||
* if it's handed an unknown encapsulation. */
|
||||
#define WTAP_ENCAP_UNKNOWN -2
|
||||
* 2) a 4-byte header containing the AF_ address family, in
|
||||
* the byte order of the machine that saved the capture,
|
||||
* for the packet, as used on many BSD systems for the
|
||||
* loopback device and some other devices;
|
||||
*
|
||||
* 3) a 4-byte header containing 2 octets of 0 and an Ethernet
|
||||
* type in the byte order from an Ethernet header, that being
|
||||
* what "libpcap" on Linux turns the Ethernet header for
|
||||
* loopback interfaces into. */
|
||||
#define WTAP_ENCAP_PER_PACKET -1
|
||||
#define WTAP_ENCAP_NONE 0
|
||||
#define WTAP_ENCAP_UNKNOWN 0
|
||||
#define WTAP_ENCAP_ETHERNET 1
|
||||
#define WTAP_ENCAP_TR 2
|
||||
#define WTAP_ENCAP_SLIP 3
|
||||
|
@ -220,16 +230,6 @@ struct wtap_pkthdr {
|
|||
union pseudo_header pseudo_header;
|
||||
};
|
||||
|
||||
/*
|
||||
* Header that OpenBSD (and possibly other BSDs) DLT_ENC prepends to
|
||||
* a packet.
|
||||
*/
|
||||
struct dlt_enc_hdr {
|
||||
guint32 af;
|
||||
guint32 spi;
|
||||
guint32 flags;
|
||||
};
|
||||
|
||||
typedef void (*wtap_handler)(u_char*, const struct wtap_pkthdr*,
|
||||
int, const u_char *);
|
||||
|
||||
|
|
Loading…
Reference in New Issue