Changeset 1376
- Timestamp:
- 31/10/08 13:51:59 (2 months ago)
- Files:
-
- trunk/lib/libtrace.h.in (modified) (11 diffs)
- trunk/lib/protocols_l2.c (modified) (11 diffs)
- trunk/lib/protocols_l3.c (modified) (3 diffs)
- trunk/lib/protocols_pktmeta.c (modified) (4 diffs)
- trunk/lib/protocols_transport.c (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/lib/libtrace.h.in
r1372 r1376 1077 1077 * wireless monitoring header. 1078 1078 * 1079 * If the header is truncated, this function will return NULL, and remaining will be 0. 1080 * If there are 0 bytes of payload, the function will return a pointer, and remaining will be 0. 1081 * 1079 1082 * @param[in] meta a pointer to a header 1080 1083 * @param[in,out] linktype the linktype of meta (updated to indicate the … … 1085 1088 * unchanged. 1086 1089 * 1087 * All parameters are mandatory. NULL will be returned if any are NULL.1090 * All parameters are mandatory. 1088 1091 */ 1089 1092 DLLEXPORT void *trace_get_payload_from_meta(const void *meta, … … 1116 1119 * @param l2 The pointer to the current layer2 header 1117 1120 * @param linktype The type of the layer2 header 1118 * @param[out] ethertype An optional output variable of the ethernet type 1119 * @param[in,out] remaining Optionally updated with the length remaining1121 * @param[out] ethertype An optional output variable of the ethernet type of the new header 1122 * @param[in,out] remaining Updated with the length remaining 1120 1123 * 1121 1124 * @return a pointer to the transport layer header, or NULL if header isn't 1122 1125 * present. 1123 1126 * 1124 * type may be NULL if not needed. 1125 * 1126 * Remaining may be NULL. If Remaining is not NULL it must point to the number 1127 * of bytes captured of the layer2 header and beyond. It will be decremented 1128 * by the number of bytes skipped to find the payload. 1127 * Remaining must point to the number of bytes captured of the layer2 header 1128 * and beyond. It will be decremented by the number of bytes skipped to find 1129 * the payload. 1130 * 1131 * If the layer2 header is complete but there are zero bytes of payload after the end of the header, 1132 * a pointer to where the payload would be is returned and remaining will be set to 0. If the 1133 * layer2 header is incomplete (truncated), then NULL is returned and remaining will be set to 0. 1129 1134 * 1130 1135 */ … … 1169 1174 * present. 1170 1175 * 1171 * Remaining may be NULL. If Remaining is not NULL it must point to the number 1172 * of bytes captured of the IP header and beyond. It will be decremented by 1173 * the length of the IPv4 header (including any options). 1174 * 1175 * proto may be NULL if not needed. 1176 * Remaining will be decremented by the size of the IPv4 header (including any options). 1177 * If the IPv4 header is complete but there are zero bytes of payload after the IPv4 header, a pointer 1178 * to where the payload would be is returned and remaining will be set to 0. If the IPv4 header is 1179 * incomplete, NULL will be returned and remaining will be set to 0. 1180 * 1181 * proto may be NULL, in which case it won't be updated 1176 1182 * 1177 1183 * @note This is similar to trace_get_transport_from_ip in libtrace2 … … 1188 1194 * isn't complete. 1189 1195 * 1190 * Remaining may be NULL. If Remaining is not NULL it must point to the number 1191 * of bytes captured of the IP header and beyond. It will be decremented by 1192 * this function by the length of the IPV6 header. 1193 * 1194 * proto may be NULL if not needed. 1196 * Remaining will be decremented by the size of the IPv6 header (including any options). 1197 * If the IPv6 header is complete but there are zero bytes of payload after the IPv6 header, a pointer 1198 * to where the payload would be is returned and remaining will be set to 0. If the IPv6 header is 1199 * incomplete, NULL will be returned and remaining will be set to 0. 1200 * 1201 * proto may be NULL, in which case it won't be updated. 1195 1202 * 1196 1203 */ … … 1218 1225 uint16_t *type, uint32_t *remaining); 1219 1226 1220 /** Skips over any 802.1q header s, if present.1227 /** Skips over any 802.1q header, if present. 1221 1228 * @param vlan A pointer to the vlan header 1222 * @param[ in,out] type The ethernet type, replaced with the vlan ether type1229 * @param[out] type The ethernet type, replaced with the vlan ether type 1223 1230 * @param[in,out] remaining Updated with the number of bytes remaining 1224 1231 * 1225 1232 * @return a pointer to the header beyond the vlan header, if present. 1226 * Otherwise, returns NULL 1227 * 1228 * Remaining may be NULL. If Remaining is not NULL it must point to the number 1229 * of bytes captured past (but not including) the link layer. This function 1230 * will decrement it by the length of the 802.1q headers if present. 1231 * 1232 * Type must point to the value of the ethernet type. Libtrace will assert 1233 * fail if type is NULL. 1233 * Otherwise, returns NULL. 1234 * 1235 * Remaining will be decremented by the size of the vlan header. If the vlan 1236 * header is complete but there are zero bytes of payload after the vlan 1237 * header, a pointer to where the payload would be is returned and remaining 1238 * will be set to 0. If the vlan header is incomplete, NULL will be returned 1239 * and remaining will be set to 0. 1240 * 1241 * type will be set to the ethertype contained within the vlan payload. 1234 1242 * 1235 1243 */ … … 1237 1245 void *vlan, uint16_t *type, uint32_t *remaining); 1238 1246 1239 /** Skips over a ny MPLS headers, if present.1247 /** Skips over a MPLS header 1240 1248 * @param mpls A pointer to the mpls header 1241 * @param[ in,out] type The ethernet type, replaced by the ether type of the1249 * @param[out] type The ethernet type, replaced by the ether type of the 1242 1250 * following header - 0x0000 if an Ethernet header is deemed to be next 1243 1251 * @param[in,out] remaining Updated with the number of bytes remaining … … 1245 1253 * @return a pointer to the header beyond the MPLS label, if present. Will 1246 1254 * return NULL if there is not enough bytes remaining to skip past the MPLS 1247 * label or if the ether type is not MPLS. 1248 * 1249 * Remaining may be NULL. If remaining is not NULL it must point to the number 1250 * of bytes captured past (but not including) the link layer. This function 1251 * will decrement it by the length of the topmost MPLS label if present. 1255 * label. 1256 * 1257 * Remaining will be decremented by the size of the MPLS header. If the MPLS 1258 * header is complete but there are zero bytes of payload after the MPLS 1259 * header, a pointer to where the payload would be is returned and remaining 1260 * will be set to 0. If the MPLS header is incomplete, NULL will be returned 1261 * and remaining will be set to 0. 1252 1262 * 1253 1263 * Type must point to the value of the ethernet type. Libtrace will assert … … 1266 1276 * @param[in,out] remaining Updated with the number of bytes remaining 1267 1277 * 1268 * @return a pointer to the tcp payload, or NULL if the payload isn't present. 1269 * 1270 * Remaining may be NULL. If remaining is not NULL it must point to the number 1271 * of bytes captured of the TCP header and beyond. It will be decremented by 1272 * this function by the length of the TCP header (including any options). 1278 * @return a pointer to the tcp payload, or NULL if the tcp header is truncated. 1279 * 1280 * Remaining will be decremented by the size of the TCP header. If the TCP 1281 * header is complete but there are zero bytes of payload after the TCP 1282 * header, a pointer to where the payload would be is returned and remaining 1283 * will be set to 0. If the TCP header is incomplete, NULL will be returned 1284 * and remaining will be set to 0. 1273 1285 * 1274 1286 */ … … 1280 1292 * @param[in,out] remaining Updated with the number of bytes remaining 1281 1293 * 1282 * @return a pointer to the udp payload, or NULL if the payload isn't present. 1283 * 1284 * Remaining may be NULL. If Remaining is not NULL it must point to the number 1285 * of bytes captured of the UDP header and beyond. It will be decremented by 1286 * this function to the number of bytes remaining after the UDP header. 1294 * @return a pointer to the udp payload, or NULL if the udp header is truncated. 1295 * 1296 * Remaining will be decremented by the size of the TCP header. If the TCP 1297 * header is complete but there are zero bytes of payload after the TCP 1298 * header, a pointer to where the payload would be is returned and remaining 1299 * will be set to 0. If the TCP header is incomplete, NULL will be returned 1300 * and remaining will be set to 0. 1287 1301 * 1288 1302 */ … … 1293 1307 * @param[in,out] remaining Updated with the number of bytes remaining 1294 1308 * 1295 * @return a pointer to the icmp payload, or NULL if the payload isn't present. 1296 * 1297 * Remaining may be NULL. If remaining is not NULL it must point to the number 1298 * of bytes captured of the ICMP header and beyond. It will be decremented 1299 * by the number of bytes in the ICMP header. 1309 * @return a pointer to the icmp payload, or NULL if the icmp header is truncated. 1310 * 1311 * Remaining will be decremented by the size of the TCP header. If the TCP 1312 * header is complete but there are zero bytes of payload after the TCP 1313 * header, a pointer to where the payload would be is returned and remaining 1314 * will be set to 0. If the TCP header is incomplete, NULL will be returned 1315 * and remaining will be set to 0. 1300 1316 * 1301 1317 */ trunk/lib/protocols_l2.c
r1372 r1376 15 15 16 16 if (remaining) { 17 if (*remaining < =sizeof(*eth)) {17 if (*remaining < sizeof(*eth)) { 18 18 *remaining = 0; 19 19 return NULL; … … 29 29 30 30 /* skip any 802.1q headers if necessary 31 * type is input/output31 * type is now output only (why check it if we don't need to?) 32 32 */ 33 33 void *trace_get_payload_from_vlan(void *ethernet, uint16_t *type, 34 34 uint32_t *remaining) 35 35 { 36 assert(type != NULL); 37 if (*type == 0x8100) { 38 libtrace_8021q_t *vlanhdr = (libtrace_8021q_t *)ethernet; 39 40 if (remaining) { 41 if (*remaining <= sizeof(libtrace_8021q_t)) { 42 *remaining = 0; 43 return NULL; 44 } 45 46 *remaining=*remaining-sizeof(libtrace_8021q_t); 47 } 48 36 libtrace_8021q_t *vlanhdr = (libtrace_8021q_t *)ethernet; 37 38 if (remaining) { 39 if (*remaining < sizeof(libtrace_8021q_t)) { 40 *remaining = 0; 41 return NULL; 42 } 43 44 *remaining=*remaining-sizeof(libtrace_8021q_t); 45 } 46 47 if (type) 49 48 *type = ntohs(vlanhdr->vlan_ether_type); 50 49 51 return (void*)((char *)ethernet + sizeof(*vlanhdr)); 52 } else 53 return NULL; 50 return (void*)((char *)ethernet + sizeof(*vlanhdr)); 54 51 55 52 } … … 62 59 uint32_t *remaining) 63 60 { 64 assert(type != NULL); 65 66 if (*type == 0x8847) { 67 if ((((char*)ethernet)[2]&0x01)==0) { 68 *type = 0x8847; 69 } 70 else { 71 if (!remaining || *remaining>=5) { 72 switch (((char*)ethernet)[4]&0xF0) { 73 case 0x40: 74 *type = 0x0800; 75 break; 76 case 0x60: 77 *type = 0x86DD; 78 break; 79 default: 80 /* Ethernet */ 81 *type = 0; 82 } 61 62 assert(type); 63 if ((((char*)ethernet)[2]&0x01)==0) { 64 /* The MPLS Stack bit is set */ 65 *type = 0x8847; 66 } 67 else { 68 if (!remaining || *remaining>=5) { 69 switch (((char*)ethernet)[4]&0xF0) { 70 case 0x40: /* IPv4 */ 71 *type = 0x0800; 72 break; 73 case 0x60: /* IPv6 */ 74 *type = 0x86DD; 75 break; 76 default: /* VPLS */ 77 /* Ethernet */ 78 *type = 0; 83 79 } 84 80 } 85 ethernet=(char*)ethernet+4; 86 if (remaining) { 87 if (*remaining<=4) 88 return NULL; 89 else 90 *remaining-=4; 91 } 92 93 94 return ethernet; 95 } 96 else 97 return NULL; 81 } 82 ethernet=(char*)ethernet+4; 83 if (remaining) { 84 if (*remaining<4) 85 return NULL; 86 else 87 *remaining-=4; 88 } 89 90 91 return ethernet; 98 92 } 99 93 … … 105 99 106 100 if (remaining) { 107 if (*remaining < =sizeof(libtrace_llcsnap_t)) {101 if (*remaining < sizeof(libtrace_llcsnap_t)) { 108 102 *remaining = 0; 109 103 return NULL; … … 126 120 int8_t extra = 0; /* how many QoS bytes to skip */ 127 121 128 if (remaining && *remaining < =sizeof(libtrace_80211_t)) {122 if (remaining && *remaining < sizeof(libtrace_80211_t)) { 129 123 *remaining = 0; 130 124 return NULL; … … 172 166 173 167 if (remaining) { 174 if (*remaining < =sizeof(libtrace_ppp_t)) {168 if (*remaining < sizeof(libtrace_ppp_t)) { 175 169 *remaining = 0; 176 170 return NULL; … … 196 190 uint32_t *remaining) { 197 191 if (remaining) { 198 if (*remaining < =sizeof(libtrace_pppoe_t)) {192 if (*remaining < sizeof(libtrace_pppoe_t)) { 199 193 *remaining = 0; 200 194 return NULL; … … 221 215 222 216 if (remaining) { 223 if (*remaining < =sizeof(libtrace_chdlc_t)) {217 if (*remaining < sizeof(libtrace_chdlc_t)) { 224 218 *remaining = 0; 225 219 return NULL; … … 245 239 if (l != NULL) { 246 240 link=l; 247 continue; 248 } 249 } while (0); 241 } 242 } while (l != NULL); 250 243 251 244 return trace_get_payload_from_layer2(link,linktype,ethertype,remaining); … … 291 284 { 292 285 libtrace_atm_capture_cell_t *cell; 293 if (remaining && *remaining< =sizeof(libtrace_atm_capture_cell_t)) {286 if (remaining && *remaining<sizeof(libtrace_atm_capture_cell_t)) { 294 287 *remaining = 0; 295 288 return NULL; … … 338 331 case TRACE_TYPE_NONE: 339 332 if ((*(char*)link&0xF0) == 0x40) 340 *ethertype=0x0800; 333 *ethertype=0x0800; /* IPv4 */ 341 334 else if ((*(char*)link&0xF0) == 0x60) 342 *ethertype=0x86DD; 335 *ethertype=0x86DD; /* IPv6 */ 343 336 return link; /* I love the simplicity */ 344 337 case TRACE_TYPE_PPP: trunk/lib/protocols_l3.c
r1372 r1376 49 49 void *trans_ptr = 0; 50 50 51 if (ipptr == NULL)52 return NULL;51 assert(ipptr != NULL); 52 assert(ipptr->ip_v == 4); 53 53 54 54 if ((ntohs(ipptr->ip_off) & SW_IP_OFFMASK) != 0) { … … 59 59 60 60 if (remaining) { 61 if (*remaining< =(ipptr->ip_hl*4U)) {61 if (*remaining<(ipptr->ip_hl*4U)) { 62 62 *remaining = 0; 63 63 return NULL; … … 77 77 { 78 78 void *payload = (char*)ipptr+sizeof(libtrace_ip6_t); 79 uint8_t nxt = ipptr->nxt; 80 81 if (ipptr == NULL) 82 return NULL; 83 79 uint8_t nxt; 80 81 assert (ipptr != NULL); 82 nxt = ipptr->nxt; 84 83 if (remaining) { 85 84 if (*remaining<sizeof(libtrace_ip6_t)) { trunk/lib/protocols_pktmeta.c
r1362 r1376 26 26 27 27 if (remaining) { 28 if (*remaining < =sizeof(*sll)) {28 if (*remaining < sizeof(*sll)) { 29 29 *remaining = 0; 30 30 return NULL; … … 45 45 libtrace_pflog_header_t *pflog = (libtrace_pflog_header_t*)link; 46 46 if (remaining) { 47 if (*remaining< =sizeof(*pflog)) {47 if (*remaining<sizeof(*pflog)) { 48 48 *remaining = 0; 49 49 return NULL; … … 62 62 { 63 63 if (remaining) { 64 if (*remaining<=144) { 64 /* Prism header is 144 bytes long */ 65 if (*remaining<144) { 65 66 *remaining = 0; 66 67 return NULL; … … 81 82 uint16_t rtaplen = bswap_le_to_host16(rtap->it_len); 82 83 if (remaining) { 83 if (*remaining < =rtaplen) {84 if (*remaining < rtaplen) { 84 85 *remaining = 0; 85 86 return NULL; trunk/lib/protocols_transport.c
r1354 r1376 37 37 38 38 default: 39 printf("unknown ethertype=%04x\n",ethertype); 39 40 *proto=0; 40 41 return NULL; … … 118 119 { 119 120 if (remaining) { 120 if (*remaining < =sizeof(libtrace_udp_t)) {121 if (*remaining < sizeof(libtrace_udp_t)) { 121 122 *remaining = 0; 122 123 return NULL; … … 131 132 unsigned int dlen = tcp->doff*4; 132 133 if (remaining) { 133 if (*remaining < =dlen) {134 if (*remaining < dlen) { 134 135 *remaining = 0; 135 136 return NULL; … … 143 144 { 144 145 if (remaining) { 145 if (*remaining < =sizeof(libtrace_icmp_t)) {146 if (*remaining < sizeof(libtrace_icmp_t)) { 146 147 *remaining = 0; 147 148 return NULL;
