Changeset f47025d


Ignore:
Timestamp:
01/07/19 10:37:40 (21 months ago)
Author:
Jacob Van Walraven <jcv9@…>
Branches:
develop
Children:
32de4c7, 62b2d97
Parents:
b2e3894
git-author:
Jacob Van Walraven <jcv9@…> (12/19/18 10:29:34)
git-committer:
Jacob Van Walraven <jcv9@…> (01/07/19 10:37:40)
Message:

Improve options/custom options byteswapping

File:
1 edited

Legend:

Unmodified
Added
Removed
  • lib/format_pcapng.c

    r3dc6ed6 rf47025d  
    5959#define PCAPNG_CUSTOM_OPTION_BIN_NONCOPY 0x4BAD
    6060
     61#define PCAPNG_OPTION_END 0x0000
     62
    6163#define PACKET_IS_ENHANCED (pcapng_get_record_type(packet) == PCAPNG_ENHANCED_PACKET_TYPE)
    6264
     
    237239                uint32_t intid) {
    238240
    239 
    240         if (intid >= DATA(libtrace)->nextintid) {
    241                 return NULL;
    242         }
    243 
    244         return DATA(libtrace)->interfaces[intid];
    245 
     241        if (intid >= DATA(libtrace)->nextintid) {
     242                return NULL;
     243        }
     244
     245        return DATA(libtrace)->interfaces[intid];
    246246}
    247247
     
    249249        uint32_t *btype = (uint32_t *)packet->header;
    250250
    251         /* Can be NULL if trace is a dead trace */
    252         if (DATA(packet->trace) == NULL) {
    253                 return *btype;
    254         }
    255 
    256         if (DATA(packet->trace)->byteswapped)
    257                 return byteswap32(*btype);
     251        /* only check for byteswapped if input format is pcapng */
     252        if (packet->trace->format->type == TRACE_FORMAT_PCAPNG) {
     253                if (DATA(packet->trace)->byteswapped)
     254                        return byteswap32(*btype);
     255        }
     256
    258257        return *btype;
    259258}
     
    276275        struct pcapng_peeker *hdr = (struct pcapng_peeker *)packet->buffer;
    277276
    278         /* Can be NULL is trace is dead trace */
    279         if (DATA(packet->trace) == NULL) {
    280                 return hdr->blocklen;
    281         }
    282 
    283         if (DATA(packet->trace)->byteswapped) {
    284                 return byteswap32(hdr->blocklen);
    285         } else {
    286                 return hdr->blocklen;
    287         }
     277        /* only check for byteswapped if input format is pcapng */
     278        if (packet->trace->format->type == TRACE_FORMAT_PCAPNG) {
     279                if (DATA(packet->trace)->byteswapped)
     280                        return byteswap32(hdr->blocklen);
     281        }
     282
     283        return hdr->blocklen;
     284
    288285}
    289286static inline uint16_t pcapng_get_customdata_len(libtrace_packet_t *packet, char *ptr) {
     
    331328        void *padding_data;
    332329        uint32_t len = 0;
    333         int options = 0;
    334330
    335331        bodyptr = ptr;
     
    338334                        &optcode, &optlen, (pcapng_hdr_t *) packet->buffer))) {
    339335
    340                 opthdr.optcode = byteswap16(optcode);
    341                 /* optlen contains the length of the option value without any padding bits,
    342                  * it needs to be padded to 32 bits */
    343                 opthdr.optlen = byteswap16(optlen);
    344 
     336                /* pcapng_parse_next_option byteswaps the opcode and len for us */
     337                opthdr.optcode = optcode;
     338                opthdr.optlen = optlen;
     339
     340                /* output the header */
    345341                wandio_wwrite(DATAOUT(libtrace)->file, &opthdr, sizeof(opthdr));
    346                 wandio_wwrite(DATAOUT(libtrace)->file, optval, optlen);
     342
     343                /* If this is a custom option */
     344                if (optcode == PCAPNG_CUSTOM_OPTION_UTF8 || PCAPNG_CUSTOM_OPTION_BIN
     345                        || PCAPNG_CUSTOM_OPTION_UTF8_NONCOPY || PCAPNG_CUSTOM_OPTION_BIN_NONCOPY) {
     346                        /* flip the pen and output the option value */
     347                        //uint32_t pen = byteswap32((uint32_t)*optval);
     348                        wandio_wwrite(DATAOUT(libtrace)->file, optval, sizeof(uint32_t));
     349
     350                        /* the len for custom options include pen */
     351                        optval += sizeof(uint32_t);
     352                        optlen -= sizeof(uint32_t);
     353                }
     354
     355                /* output the rest of the data */
     356                wandio_wwrite(DATAOUT(libtrace)->file, &optval, optlen);
    347357
    348358                /* calculate any required padding */
     
    355365
    356366                len += sizeof(opthdr) + optlen;
    357                 options = 1;
    358         }
    359 
    360         if (options) {
    361                 struct pcapng_optheader optftr;
    362                 optftr.optcode = 0;
    363                 optftr.optlen = 0;
    364                 wandio_wwrite(DATAOUT(libtrace)->file, &optftr, sizeof(optftr));
    365                 len += sizeof(optftr);
    366367        }
    367368
     
    373374        char *bodyptr = NULL;
    374375
    375         /* If trace is deadtrace or the byte ordering is the same just output it */
    376         if ((DATA(packet->trace) == NULL) ||
     376        /* If the input trace is not pcapng we have no way of finding the byteordering
     377         * this can occur if a packet is reconstructed with a deadtrace. Or if the packet
     378         * is in the correct byte ordering just output it */
     379        if ((packet->trace->format->type != TRACE_FORMAT_PCAPNG) ||
    377380                (DATA(packet->trace)->byteswapped == DATAOUT(libtrace)->byteswapped)) {
    378381                uint32_t len = pcapng_get_blocklen(packet);
     
    402405        char *bodyptr = NULL;
    403406
    404         /* If trace is deadtrace or the byte ordering is the same just output it */
    405         if ((DATA(packet->trace) == NULL) ||
     407        /* If the input trace is not pcapng we have no way of finding the byteordering
     408         * this can occur if a packet is reconstructed with a deadtrace. Or if the packet
     409         * is in the correct byte ordering just output it */
     410        if ((packet->trace->format->type != TRACE_FORMAT_PCAPNG) ||
    406411                (DATA(packet->trace)->byteswapped == DATAOUT(libtrace)->byteswapped)) {
    407412                len = pcapng_get_blocklen(packet);
     
    431436        char *bodyptr = NULL;
    432437
    433         /* If trace is deadtrace or the byte ordering is the same just output it */
    434         if ((DATA(packet->trace) == NULL) ||
     438        /* If the input trace is not pcapng we have no way of finding the byteordering
     439         * this can occur if a packet is reconstructed with a deadtrace. Or if the packet
     440         * is in the correct byte ordering just output it */
     441        if ((packet->trace->format->type != TRACE_FORMAT_PCAPNG) ||
    435442                (DATA(packet->trace)->byteswapped == DATAOUT(libtrace)->byteswapped)) {
    436443                len = pcapng_get_blocklen(packet);
     
    470477        void *padding_data;
    471478
    472         /* If trace is deadtrace or the byte ordering is the same just output it */
    473         if ((DATA(packet->trace) == NULL) ||
     479        /* If the input trace is not pcapng we have no way of finding the byteordering
     480         * this can occur if a packet is reconstructed with a deadtrace. Or if the packet
     481         * is in the correct byte ordering just output it */
     482        if ((packet->trace->format->type != TRACE_FORMAT_PCAPNG) ||
    474483                (DATA(packet->trace)->byteswapped == DATAOUT(libtrace)->byteswapped)) {
    475484                uint32_t len = pcapng_get_blocklen(packet);
     
    488497
    489498        uint16_t record_type = pcapng_get_nrb_record_type(packet, bodyptr);
    490         while (record_type == PCAPNG_NRB_RECORD_IP4 ||
    491                 record_type == PCAPNG_NRB_RECORD_IP6) {
     499        while (record_type != PCAPNG_NRB_RECORD_END) {
    492500
    493501                struct pcapng_nrb_record nrb;
    494502
    495                 /* recordlen contains the total size of the record block */
     503                /* recordlen contains only the length of the record value without
     504                 * any padding */
    496505                uint16_t recordlen = pcapng_get_nrb_record_len(packet, bodyptr);
    497506
     
    504513
    505514                /* output the record data */
    506                 wandio_wwrite(DATAOUT(libtrace)->file, bodyptr, recordlen - sizeof(nrb));
    507                 bodyptr += recordlen - sizeof(nrb);
     515                wandio_wwrite(DATAOUT(libtrace)->file, bodyptr, recordlen);
     516                bodyptr += recordlen;
    508517
    509518                /* calculate any required padding. record also contains the 8 byte header
     
    515524                wandio_wwrite(DATAOUT(libtrace)->file, padding_data, padding);
    516525                free(padding_data);
     526                bodyptr += padding;
    517527
    518528                /* get the next record if it exists */
     
    526536        nrbftr.recordlen = 0;
    527537        wandio_wwrite(DATAOUT(libtrace)->file, &nrbftr, sizeof(nrbftr));
     538        bodyptr += sizeof(nrbftr);
    528539
    529540        /* output any options if present */
     
    539550        pcapng_custom_t hdr;
    540551        char *bodyptr = (char *)packet->buffer;
    541         int padding;
    542         void *padding_data;
    543 
    544         /* If trace is deadtrace or the byte ordering is the same just output it */
    545         if ((DATA(packet->trace) == NULL) ||
     552
     553        /* If the input trace is not pcapng we have no way of finding the byteordering
     554         * this can occur if a packet is reconstructed with a deadtrace. Or if the packet
     555         * is in the correct byte ordering just output it */
     556        if ((packet->trace->format->type != TRACE_FORMAT_PCAPNG) ||
    546557                (DATA(packet->trace)->byteswapped == DATAOUT(libtrace)->byteswapped)) {
    547558                uint32_t len = pcapng_get_blocklen(packet);
     
    557568        wandio_wwrite(DATAOUT(libtrace)->file, &hdr, sizeof(hdr));
    558569        bodyptr += sizeof(hdr);
    559 
    560         /* get header for custom data ? if it exists */
    561         struct pcapng_custom_optheader *copt = (struct pcapng_custom_optheader *)bodyptr;
    562 
    563         uint16_t optcode = pcapng_get_customdata_optcode(packet, bodyptr);
    564         while (optcode == PCAPNG_CUSTOM_OPTION_UTF8 || optcode == PCAPNG_CUSTOM_OPTION_BIN ||
    565                 optcode == PCAPNG_CUSTOM_OPTION_UTF8_NONCOPY ||
    566                 optcode == PCAPNG_CUSTOM_OPTION_BIN_NONCOPY) {
    567 
    568                 struct pcapng_custom_optheader opt;
    569                 /* get the true value for the custom datas length */
    570                 uint16_t optlen = pcapng_get_customdata_len(packet, bodyptr);
    571 
    572                 opt.optcode = byteswap16(copt->optcode);
    573                 opt.optlen = byteswap16(copt->optlen);
    574                 opt.pen = byteswap32(copt->pen);
    575 
    576                 /* output the header */
    577                 wandio_wwrite(DATAOUT(libtrace)->file, &opt, sizeof(opt));
    578                 bodyptr += sizeof(copt);
    579 
    580                 /* output the custom data */
    581                 wandio_wwrite(DATAOUT(libtrace)->file, bodyptr, optlen - sizeof(opt.pen));
    582                 /* oplen includes length of pen but we have already accounted for it so we need
    583                  * remove it from the bodyptr */
    584                 bodyptr += optlen - sizeof(opt.pen);
    585 
    586                 /* calculate any required padding. optlen also contains the 4 bytes for pen
    587                  * but we dont need to subtract them cause they will be removed with % 4 */
    588                 padding = optlen % 4;
    589                 if (padding) { padding = 4 - padding; }
    590                 padding_data = calloc(1, padding);
    591                 /* output the padding */
    592                 wandio_wwrite(DATAOUT(libtrace)->file, padding_data, padding);
    593                 free(padding_data);
    594 
    595                 /* get the next custom data? */
    596                 copt = (struct pcapng_custom_optheader *)bodyptr;
    597                 /* get the next opcode */
    598                 optcode = pcapng_get_customdata_optcode(packet, bodyptr);
    599         }
    600570
    601571        /* now print out any options */
     
    613583        uint32_t len;
    614584
    615         /* If trace is deadtrace or the byte ordering is the same just output it */
    616         if ((DATA(packet->trace) == NULL) ||
     585        /* If the input trace is not pcapng we have no way of finding the byteordering
     586         * this can occur if a packet is reconstructed with a deadtrace. Or if the packet
     587         * is in the correct byte ordering just output it */
     588        if ((packet->trace->format->type != TRACE_FORMAT_PCAPNG) ||
    617589                (DATA(packet->trace)->byteswapped == DATAOUT(libtrace)->byteswapped)) {
    618590                len = pcapng_get_blocklen(packet);
     
    650622        char *bodyptr = NULL;
    651623
    652         /* If trace is deadtrace or the byte ordering is the same just output it */
    653         if ((DATA(packet->trace) == NULL) ||
     624        /* If the input trace is not pcapng we have no way of finding the byteordering
     625         * this can occur if a packet is reconstructed with a deadtrace. Or if the packet
     626         * is in the correct byte ordering just output it */
     627        if ((packet->trace->format->type != TRACE_FORMAT_PCAPNG) ||
    654628                (DATA(packet->trace)->byteswapped == DATAOUT(libtrace)->byteswapped)) {
    655629                uint32_t len = pcapng_get_blocklen(packet);
     
    10551029                }
    10561030                case PCAPNG_DECRYPTION_SECRETS_TYPE: {
    1057                         /* Silently discard these until they are supported */
    1058                         struct pcapng_peeker *hdr = (struct pcapng_peeker *)packet->header;
    1059                         return hdr->blocklen;
     1031                        return 0;
     1032                }
     1033                case PCAPNG_CUSTOM_NONCOPY_TYPE: {
     1034                        /* This custom block type is not ment to be copied */
     1035                        return 0;
    10601036                }
    10611037                default: {
Note: See TracChangeset for help on using the changeset viewer.