search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
kerberos: remember account details from dissect_krb5_PAC_UPN_DNS_INFO on EncTicketPar...
[wireshark-sm.git] / wiretap / file_access.c
blob0812f93b0f0f1b5cb29c08a60602a9979fd206fb
1 /* file_access.c
2 *
3 * Wiretap Library
4 * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
5 *
6 * SPDX-License-Identifier: GPL-2.0-or-later
7 */
8
9 #include "config.h"
10 #define WS_LOG_DOMAIN LOG_DOMAIN_WIRETAP
11
12 #include <string.h>
13 #include <stdlib.h>
14
15 #include <errno.h>
16
17 #include <wsutil/file_util.h>
18 #include <wsutil/tempfile.h>
19 #ifdef HAVE_PLUGINS
20 #include <wsutil/plugins.h>
21 #endif
22 #include <wsutil/ws_assert.h>
23
24 #include "wtap-int.h"
25 #include "wtap_modules.h"
26 #include "file_wrappers.h"
27 #include "required_file_handlers.h"
28 #include <wsutil/buffer.h>
29 #include <wsutil/str_util.h>
30
31 #include "lanalyzer.h"
32 #include "ngsniffer.h"
33 #include "radcom.h"
34 #include "ascendtext.h"
35 #include "nettl.h"
36 #include "libpcap.h"
37 #include "snoop.h"
38 #include "iptrace.h"
39 #include "iseries.h"
40 #include "netmon.h"
41 #include "netxray.h"
42 #include "toshiba.h"
43 #include "eyesdn.h"
44 #include "i4btrace.h"
45 #include "csids.h"
46 #include "pppdump.h"
47 #include "peekclassic.h"
48 #include "peektagged.h"
49 #include "vms.h"
50 #include "dbs-etherwatch.h"
51 #include "visual.h"
52 #include "cosine.h"
53 #include "5views.h"
54 #include "erf.h"
55 #include "hcidump.h"
56 #include "logcat.h"
57 #include "logcat_text.h"
58 #include "json.h"
59 #include "observer.h"
60 #include "k12.h"
61 #include "ber.h"
62 #include "catapult_dct2000.h"
63 #include "mp4.h"
64 #include "mp2t.h"
65 #include "mpeg.h"
66 #include "netscreen.h"
67 #include "commview.h"
68 #include "pcapng.h"
69 #include "aethra.h"
70 #include "btsnoop.h"
71 #include "tnef.h"
72 #include "dct3trace.h"
73 #include "packetlogger.h"
74 #include "daintree-sna.h"
75 #include "netscaler.h"
76 #include "mime_file.h"
77 #include "ipfix.h"
78 #include "vwr.h"
79 #include "camins.h"
80 #include "stanag4607.h"
81 #include "capsa.h"
82 #include "nettrace_3gpp_32_423.h"
83 #include "mplog.h"
84 #include "dpa400.h"
85 #include "rfc7468.h"
86 #include "ruby_marshal.h"
87 #include "systemd_journal.h"
88 #include "log3gpp.h"
89 #include "candump.h"
90 #include "busmaster.h"
91 #include "cllog.h"
92 #include "blf.h"
93 #include "eri_enb_log.h"
94 #include "autosar_dlt.h"
95 #include "rtpdump.h"
96 #include "ems.h"
97
98
99 /*
100 * Add an extension, and all compressed versions thereof if requested,
101 * to a GSList of extensions.
102 */
103 static GSList *
104 add_extensions(GSList *extensions, const char *extension,
105 GSList *compression_type_extensions)
106 {
107 /*
108 * Add the specified extension.
109 */
110 extensions = g_slist_prepend(extensions, g_strdup(extension));
111
112 /*
113 * Add whatever compressed versions we were supplied.
114 */
115 for (GSList *compression_type_extension = compression_type_extensions;
116 compression_type_extension != NULL;
117 compression_type_extension = g_slist_next(compression_type_extension)) {
118 extensions = g_slist_prepend(extensions,
119 ws_strdup_printf("%s.%s", extension,
120 (const char *)compression_type_extension->data));
121 }
122
123 return extensions;
124 }
125
126 /*
127 * File types that can be identified by file extensions.
128 *
129 * These are used in file open dialogs to offer choices of extensions
130 * for which to filter. Note that the first field can list more than
131 * one type of file, because, for example, ".cap" is a popular
132 * extension used by a number of capture file types.
133 *
134 * File types that *don't* have a file extension used for them should
135 * *not* be placed here; if there's nothing to put in the last field
136 * of the structure, don't put an entry here, not even one with an
137 * empty string for the extensions list.
138 *
139 * All added file types, regardless of extension or lack thereof,
140 * must also be added open_info_base[] below.
141 */
142 static const struct file_extension_info file_type_extensions_base[] = {
143 { "Wireshark/tcpdump/... - pcap", true, "pcap;cap;dmp" },
144 { "Wireshark/... - pcapng", true, "pcapng;ntar;scap" },
145 { "Network Monitor, Surveyor, NetScaler", true, "cap" },
146 { "Sun snoop", true, "snoop" },
147 { "InfoVista 5View capture", true, "5vw" },
148 { "Sniffer (DOS)", true, "cap;enc;trc;fdc;syc" },
149 { "Cinco NetXRay, Sniffer (Windows)", true, "cap;caz" },
150 { "Endace ERF capture", true, "erf" },
151 { "EyeSDN USB S0/E1 ISDN trace format", true, "trc" },
152 { "HP-UX nettl trace", true, "trc0;trc1" },
153 { "Viavi Observer", true, "bfr" },
154 { "Colasoft Capsa", true, "cscpkt" },
155 { "Novell LANalyzer", true, "tr1" },
156 { "Tektronix K12xx 32-bit .rf5 format", true, "rf5" },
157 { "Savvius *Peek", true, "pkt;tpc;apc;wpz" },
158 { "Catapult DCT2000 trace (.out format)", true, "out" },
159 { "Micropross mplog", true, "mplog" },
160 { "TamoSoft CommView NCF", true, "ncf" },
161 { "TamoSoft CommView NCFX", true, "ncfx" },
162 { "Symbian OS btsnoop", true, "log" },
163 { "XML files (including Gammu DCT3 traces)", true, "xml" },
164 { "macOS PacketLogger", true, "pklg" },
165 { "Daintree SNA", true, "dcf" },
166 { "IPFIX File Format", true, "pfx;ipfix" },
167 { "Aethra .aps file", true, "aps" },
168 { "MPEG2 transport stream", true, "mp2t;ts;mpg" },
169 { "Ixia IxVeriWave .vwr Raw 802.11 Capture", true, "vwr" },
170 { "CAM Inspector file", true, "camins" },
171 { "BLF file", true, "blf" },
172 { "AUTOSAR DLT file", true, "dlt" },
173 { "MPEG files", false, "mpeg;mpg;mp3" },
174 { "Transport-Neutral Encapsulation Format", false, "tnef" },
175 { "JPEG/JFIF files", false, "jpg;jpeg;jfif" },
176 { "JavaScript Object Notation file", false, "json" },
177 { "MP4 file", false, "mp4" },
178 { "RTPDump file", false, "rtp;rtpdump" },
179 { "EMS file", false, "ems" },
180 };
181
182 #define N_FILE_TYPE_EXTENSIONS (sizeof file_type_extensions_base / sizeof file_type_extensions_base[0])
183
184 static const struct file_extension_info* file_type_extensions;
185
186 static GArray* file_type_extensions_arr;
187
188 /* initialize the extensions array if it has not been initialized yet */
189 static void
190 init_file_type_extensions(void)
191 {
192
193 if (file_type_extensions_arr) return;
194
195 file_type_extensions_arr = g_array_new(false,true,sizeof(struct file_extension_info));
196
197 g_array_append_vals(file_type_extensions_arr,file_type_extensions_base,N_FILE_TYPE_EXTENSIONS);
198
199 file_type_extensions = (struct file_extension_info*)(void *)file_type_extensions_arr->data;
200 }
201
202 void
203 wtap_register_file_type_extension(const struct file_extension_info *ei)
204 {
205 init_file_type_extensions();
206
207 g_array_append_val(file_type_extensions_arr,*ei);
208
209 file_type_extensions = (const struct file_extension_info*)(void *)file_type_extensions_arr->data;
210 }
211
212 int
213 wtap_get_num_file_type_extensions(void)
214 {
215 return file_type_extensions_arr->len;
216 }
217
218 const char *
219 wtap_get_file_extension_type_name(int extension_type)
220 {
221 return file_type_extensions[extension_type].name;
222 }
223
224 static GSList *
225 add_extensions_for_file_extensions_type(int extension_type, GSList *extensions,
226 GSList *compression_type_extensions)
227 {
228 char **extensions_set, **extensionp, *extension;
229
230 /*
231 * Split the extension-list string into a set of extensions.
232 */
233 extensions_set = g_strsplit(file_type_extensions[extension_type].extensions,
234 ";", 0);
235
236 /*
237 * Add each of those extensions to the list.
238 */
239 for (extensionp = extensions_set; *extensionp != NULL; extensionp++) {
240 extension = *extensionp;
241
242 /*
243 * Add the extension, and all compressed variants
244 * of it.
245 */
246 extensions = add_extensions(extensions, extension,
247 compression_type_extensions);
248 }
249
250 g_strfreev(extensions_set);
251 return extensions;
252 }
253
254 /* Return a list of file extensions that are used by the specified file
255 * extension type.
256 *
257 * All strings in the list are allocated with g_malloc() and must be freed
258 * with g_free().
259 */
260 GSList *
261 wtap_get_file_extension_type_extensions(unsigned extension_type)
262 {
263 GSList *extensions, *compression_type_extensions;
264
265 if (extension_type >= file_type_extensions_arr->len)
266 return NULL; /* not a valid extension type */
267
268 extensions = NULL; /* empty list, to start with */
269
270 /*
271 * Get compression-type extensions, if any.
272 */
273 compression_type_extensions = wtap_get_all_compression_type_extensions_list();
274
275 /*
276 * Add all this file extension type's extensions, with compressed
277 * variants.
278 */
279 extensions = add_extensions_for_file_extensions_type(extension_type,
280 extensions, compression_type_extensions);
281
282 g_slist_free(compression_type_extensions);
283
284 return extensions;
285 }
286
287 /*
288 * The open_file_* routines must return:
289 *
290 * WTAP_OPEN_ERROR on an I/O error;
291 *
292 * WTAP_OPEN_MINE if the file they're reading is one of the types
293 * it handles;
294 *
295 * WTAP_OPEN_NOT_MINE if the file they're reading isn't the type
296 * they're checking for.
297 *
298 * If the routine handles this type of file, it must set the "file_type"
299 * field in the "struct wtap" to the type of the file.
300 *
301 * Note that the routine does *not* have to free the private data pointer on
302 * error. The caller takes care of that by calling wtap_close on error.
303 * (See https://gitlab.com/wireshark/wireshark/-/issues/8518)
304 *
305 * However, the caller *does* have to free the private data pointer when
306 * returning WTAP_OPEN_NOT_MINE, since the next file type will be called
307 * and will likely just overwrite the pointer.
308 *
309 * The names are used in file open dialogs to select, for files that
310 * don't have magic numbers and that could potentially be files of
311 * more than one type based on the heuristics, a particular file
312 * type to interpret it as, if the file name has no extension, the
313 * extension isn't sufficient to determine the appropriate file type,
314 * or the extension is wrong.
315 *
316 * NOTE: when adding file formats to this list you may also want to add them
317 * to the following files so that the various desktop environments will
318 * know that Wireshark can open the file:
319 * 1) resources/freedesktop/org.wireshark.Wireshark-mime.xml (for freedesktop.org environments)
320 * 2) packaging/macosx/WiresharkInfo.plist.in (for macOS)
321 *
322 * If your file format has a commonly-used extension (e.g., ".pcap") then you
323 * should probably also add it to file_type_extensions_base[] (in this file),
324 * to the list of "<glob pattern=...>" entries for this file format in
325 * resources/freedesktop/org.wireshark.Wireshark-mime.xml, to the
326 * CFBundleTypeExtensions array for this file format in
327 * packaging/macosx/WiresharkInfo.plist, and to the PushFileExtensions macro
328 * in packaging/nsis/wireshark-common.nsh and the File Associations in
329 * packaging/wix/ComponentGroups.wxi (for Windows).
330 */
331 static const struct open_info open_info_base[] = {
332 /* Open routines that look for magic numbers */
333 { "Wireshark/tcpdump/... - pcap", OPEN_INFO_MAGIC, libpcap_open, NULL, NULL, NULL },
334 { "Wireshark/... - pcapng", OPEN_INFO_MAGIC, pcapng_open, NULL, NULL, NULL },
335 { "Sniffer (DOS)", OPEN_INFO_MAGIC, ngsniffer_open, NULL, NULL, NULL },
336 { "Snoop, Shomiti/Finisar Surveyor", OPEN_INFO_MAGIC, snoop_open, NULL, NULL, NULL },
337 { "AIX iptrace", OPEN_INFO_MAGIC, iptrace_open, NULL, NULL, NULL },
338 { "Microsoft Network Monitor", OPEN_INFO_MAGIC, netmon_open, NULL, NULL, NULL },
339 { "Cinco NetXray/Sniffer (Windows)", OPEN_INFO_MAGIC, netxray_open, NULL, NULL, NULL },
340 { "RADCOM WAN/LAN analyzer", OPEN_INFO_MAGIC, radcom_open, NULL, NULL, NULL },
341 { "HP-UX nettl trace", OPEN_INFO_MAGIC, nettl_open, NULL, NULL, NULL },
342 { "Visual Networks traffic capture", OPEN_INFO_MAGIC, visual_open, NULL, NULL, NULL },
343 { "InfoVista 5View capture", OPEN_INFO_MAGIC, _5views_open, NULL, NULL, NULL },
344 { "Viavi Observer", OPEN_INFO_MAGIC, observer_open, NULL, NULL, NULL },
345 { "Savvius tagged", OPEN_INFO_MAGIC, peektagged_open, NULL, NULL, NULL },
346 { "Colasoft Capsa", OPEN_INFO_MAGIC, capsa_open, NULL, NULL, NULL },
347 { "DBS Etherwatch (VMS)", OPEN_INFO_MAGIC, dbs_etherwatch_open, NULL, NULL, NULL },
348 { "Tektronix K12xx 32-bit .rf5 format", OPEN_INFO_MAGIC, k12_open, NULL, NULL, NULL },
349 { "Catapult DCT2000 trace (.out format)", OPEN_INFO_MAGIC, catapult_dct2000_open, NULL, NULL, NULL },
350 { "Aethra .aps file", OPEN_INFO_MAGIC, aethra_open, NULL, NULL, NULL },
351 { "Symbian OS btsnoop", OPEN_INFO_MAGIC, btsnoop_open, "log", NULL, NULL },
352 { "EyeSDN USB S0/E1 ISDN trace format", OPEN_INFO_MAGIC, eyesdn_open, NULL, NULL, NULL },
353 { "Transport-Neutral Encapsulation Format", OPEN_INFO_MAGIC, tnef_open, NULL, NULL, NULL },
354 /* 3GPP TS 32.423 Trace must come before MIME Files as it's XML based*/
355 { "3GPP TS 32.423 Trace format", OPEN_INFO_MAGIC, nettrace_3gpp_32_423_file_open, NULL, NULL, NULL },
356 /* Gammu DCT3 trace must come before MIME files as it's XML based*/
357 { "Gammu DCT3 trace", OPEN_INFO_MAGIC, dct3trace_open, NULL, NULL, NULL },
358 { "BLF Logfile", OPEN_INFO_MAGIC, blf_open, NULL, NULL, NULL },
359 { "AUTOSAR DLT Logfile", OPEN_INFO_MAGIC, autosar_dlt_open, NULL, NULL, NULL },
360 { "RTPDump files", OPEN_INFO_MAGIC, rtpdump_open, NULL, NULL, NULL },
361 { "MIME Files Format", OPEN_INFO_MAGIC, mime_file_open, NULL, NULL, NULL },
362 { "Micropross mplog", OPEN_INFO_MAGIC, mplog_open, NULL, NULL, NULL },
363 { "Unigraf DPA-400 capture", OPEN_INFO_MAGIC, dpa400_open, NULL, NULL, NULL },
364 { "RFC 7468 files", OPEN_INFO_MAGIC, rfc7468_open, NULL, NULL, NULL },
365
366 /* Open routines that have no magic numbers and require heuristics. */
367 { "Novell LANalyzer", OPEN_INFO_HEURISTIC, lanalyzer_open, "tr1", NULL, NULL },
368 /*
369 * PacketLogger must come before MPEG, because its files
370 * are sometimes grabbed by mpeg_open.
371 */
372 { "macOS PacketLogger", OPEN_INFO_HEURISTIC, packetlogger_open, "pklg", NULL, NULL },
373 /* Some MPEG files have magic numbers, others just have heuristics. */
374 { "MPEG", OPEN_INFO_HEURISTIC, mpeg_open, "mpeg;mpg;mp3", NULL, NULL },
375 { "Daintree SNA", OPEN_INFO_HEURISTIC, daintree_sna_open, "dcf", NULL, NULL },
376 { "STANAG 4607 Format", OPEN_INFO_HEURISTIC, stanag4607_open, NULL, NULL, NULL },
377 { "ASN.1 Basic Encoding Rules", OPEN_INFO_HEURISTIC, ber_open, NULL, NULL, NULL },
378 /*
379 * I put NetScreen *before* erf, because there were some
380 * false positives with my test-files (Sake Blok, July 2007)
381 *
382 * I put VWR *after* ERF, because there were some cases where
383 * ERF files were misidentified as vwr files (Stephen
384 * Donnelly, August 2013; see bug 9054)
385 *
386 * I put VWR *after* Peek Classic, CommView, iSeries text,
387 * Toshiba text, K12 text, VMS tcpiptrace text, and NetScaler,
388 * because there were some cases where files of those types were
389 * misidentified as vwr files (Guy Harris, December 2013)
390 */
391 { "NetScreen snoop text file", OPEN_INFO_HEURISTIC, netscreen_open, "txt", NULL, NULL },
392 { "Endace ERF capture", OPEN_INFO_HEURISTIC, erf_open, "erf", NULL, NULL },
393 { "IPFIX File Format", OPEN_INFO_HEURISTIC, ipfix_open, "pfx;ipfix",NULL, NULL },
394 { "K12 text file", OPEN_INFO_HEURISTIC, k12text_open, "txt", NULL, NULL },
395 { "Savvius classic", OPEN_INFO_HEURISTIC, peekclassic_open, "pkt;tpc;apc;wpz", NULL, NULL },
396 { "pppd log (pppdump format)", OPEN_INFO_HEURISTIC, pppdump_open, NULL, NULL, NULL },
397 { "IBM iSeries comm. trace", OPEN_INFO_HEURISTIC, iseries_open, "txt", NULL, NULL },
398 { "I4B ISDN trace", OPEN_INFO_HEURISTIC, i4btrace_open, NULL, NULL, NULL },
399 { "MPEG2 transport stream", OPEN_INFO_HEURISTIC, mp2t_open, "mp2t;ts;mpg", NULL, NULL },
400 { "CSIDS IPLog", OPEN_INFO_HEURISTIC, csids_open, NULL, NULL, NULL },
401 { "TCPIPtrace (VMS)", OPEN_INFO_HEURISTIC, vms_open, "txt", NULL, NULL },
402 { "CoSine IPSX L2 capture", OPEN_INFO_HEURISTIC, cosine_open, "txt", NULL, NULL },
403 { "Bluetooth HCI dump", OPEN_INFO_HEURISTIC, hcidump_open, NULL, NULL, NULL },
404 { "TamoSoft CommView NCF", OPEN_INFO_HEURISTIC, commview_ncf_open, "ncf", NULL, NULL },
405 { "TamoSoft CommView NCFX", OPEN_INFO_HEURISTIC, commview_ncfx_open, "ncfx", NULL, NULL },
406 { "NetScaler", OPEN_INFO_HEURISTIC, nstrace_open, "cap", NULL, NULL },
407 { "Android Logcat Binary format", OPEN_INFO_HEURISTIC, logcat_open, "logcat", NULL, NULL },
408 { "Android Logcat Text formats", OPEN_INFO_HEURISTIC, logcat_text_open, "txt", NULL, NULL },
409 { "Candump log", OPEN_INFO_HEURISTIC, candump_open, NULL, NULL, NULL },
410 { "Busmaster log", OPEN_INFO_HEURISTIC, busmaster_open, NULL, NULL, NULL },
411 { "CSS Electronics CLX000 CAN log", OPEN_INFO_MAGIC, cllog_open, "txt", NULL, NULL },
412 { "Ericsson eNode-B raw log", OPEN_INFO_MAGIC, eri_enb_log_open, NULL, NULL, NULL },
413 { "Systemd Journal", OPEN_INFO_HEURISTIC, systemd_journal_open, "log;jnl;journal", NULL, NULL },
414
415 /* ASCII trace files from Telnet sessions. */
416 { "Lucent/Ascend access server trace", OPEN_INFO_HEURISTIC, ascend_open, "txt", NULL, NULL },
417 { "Toshiba Compact ISDN Router snoop", OPEN_INFO_HEURISTIC, toshiba_open, "txt", NULL, NULL },
418
419 { "EGNOS Message Server (EMS) file", OPEN_INFO_HEURISTIC, ems_open, "ems", NULL, NULL },
420
421 /* Extremely weak heuristics - put them at the end. */
422 { "Ixia IxVeriWave .vwr Raw Capture", OPEN_INFO_HEURISTIC, vwr_open, "vwr", NULL, NULL },
423 { "CAM Inspector file", OPEN_INFO_HEURISTIC, camins_open, "camins", NULL, NULL },
424 { "JavaScript Object Notation", OPEN_INFO_HEURISTIC, json_open, "json", NULL, NULL },
425 { "Ruby Marshal Object", OPEN_INFO_HEURISTIC, ruby_marshal_open, "", NULL, NULL },
426 { "3gpp phone log", OPEN_INFO_MAGIC, log3gpp_open, "log", NULL, NULL },
427 { "MP4 media file", OPEN_INFO_MAGIC, mp4_open, "mp4", NULL, NULL },
428
429 };
430
431 /* this is only used to build the dynamic array on load, do NOT use this
432 * for anything else, because the size of the actual array will change if
433 * Lua scripts register a new file reader.
434 */
435 #define N_OPEN_INFO_ROUTINES ((sizeof open_info_base / sizeof open_info_base[0]))
436
437 static GArray *open_info_arr;
438
439 /* this always points to the top of the created array */
440 struct open_info *open_routines;
441
442 /* this points to the first OPEN_INFO_HEURISTIC type in the array */
443 static unsigned heuristic_open_routine_idx;
444
445 static void
446 set_heuristic_routine(void)
447 {
448 unsigned i;
449 ws_assert(open_info_arr != NULL);
450
451 for (i = 0; i < open_info_arr->len; i++) {
452 if (open_routines[i].type == OPEN_INFO_HEURISTIC) {
453 heuristic_open_routine_idx = i;
454 break;
455 }
456 /* sanity check */
457 ws_assert(open_routines[i].type == OPEN_INFO_MAGIC);
458 }
459
460 ws_assert(heuristic_open_routine_idx > 0);
461 }
462
463 void
464 init_open_routines(void)
465 {
466 unsigned int i;
467 struct open_info *i_open;
468
469 if (open_info_arr)
470 return;
471
472 open_info_arr = g_array_new(true,true,sizeof(struct open_info));
473
474 g_array_append_vals(open_info_arr, open_info_base, N_OPEN_INFO_ROUTINES);
475
476 open_routines = (struct open_info *)(void*) open_info_arr->data;
477
478 /* Populate the extensions_set list now */
479 for (i = 0, i_open = open_routines; i < open_info_arr->len; i++, i_open++) {
480 if (i_open->extensions != NULL)
481 i_open->extensions_set = g_strsplit(i_open->extensions, ";", 0);
482 }
483
484 set_heuristic_routine();
485 }
486
487 /*
488 * Registers a new file reader - currently only called by wslua code for
489 * Lua readers and by compiled file reader plugins.
490 *
491 * If first_routine is true, the reader added before other readers of its
492 * type (magic or heuristic). This should be done only in cases where
493 * this reader's open test must be performed early, to avoid false
494 * positives for other readers' tests treating files for this reader
495 * as being for another reader.
496 *
497 * XXX - given that there is no guarantee that registration routines will
498 * be called in a given order, all this really does is divide readers for
499 * a given type (magic or heuristic) into two categories, with open routines
500 * for readers in the first category (first_routine true) all being called
501 * before readers in the second category; it does not guarantee a particular
502 * total order for open routines.
503 *
504 * Checks for an existing reader of the same name and errors if it finds one;
505 * if you want to handle that condition more gracefully, call
506 * wtap_has_open_info() first.
507 */
508 void
509 wtap_register_open_info(struct open_info *oi, const bool first_routine)
510 {
511 if (!oi || !oi->name) {
512 ws_error("No open_info name given to register");
513 return;
514 }
515
516 /* verify name doesn't already exist */
517 if (wtap_has_open_info(oi->name)) {
518 ws_error("Name given to register_open_info already exists");
519 return;
520 }
521
522 if (oi->extensions != NULL)
523 oi->extensions_set = g_strsplit(oi->extensions, ";", 0);
524
525 /* if it's magic and first, prepend it; if it's heuristic and not first,
526 append it; if it's anything else, stick it in the middle */
527 if (first_routine && oi->type == OPEN_INFO_MAGIC) {
528 g_array_prepend_val(open_info_arr, *oi);
529 } else if (!first_routine && oi->type == OPEN_INFO_HEURISTIC) {
530 g_array_append_val(open_info_arr, *oi);
531 } else {
532 g_array_insert_val(open_info_arr, heuristic_open_routine_idx, *oi);
533 }
534
535 open_routines = (struct open_info *)(void*) open_info_arr->data;
536 set_heuristic_routine();
537 }
538
539 /* De-registers a file reader by removing it from the GArray based on its name.
540 * This function must NOT be called during wtap_open_offline(), since it changes the array.
541 * Note: this function will error if it doesn't find the given name; if you want to handle
542 * that condition more gracefully, call wtap_has_open_info() first.
543 */
544 void
545 wtap_deregister_open_info(const char *name)
546 {
547 unsigned i;
548
549 if (!name) {
550 ws_error("Missing open_info name to de-register");
551 return;
552 }
553
554 for (i = 0; i < open_info_arr->len; i++) {
555 if (open_routines[i].name && strcmp(open_routines[i].name, name) == 0) {
556 g_strfreev(open_routines[i].extensions_set);
557 open_info_arr = g_array_remove_index(open_info_arr, i);
558 set_heuristic_routine();
559 return;
560 }
561 }
562
563 ws_error("deregister_open_info: name not found");
564 }
565
566 /* Determines if a open routine short name already exists
567 */
568 bool
569 wtap_has_open_info(const char *name)
570 {
571 unsigned i;
572
573 if (!name) {
574 ws_error("No name given to wtap_has_open_info!");
575 return false;
576 }
577
578
579 for (i = 0; i < open_info_arr->len; i++) {
580 if (open_routines[i].name && strcmp(open_routines[i].name, name) == 0) {
581 return true;
582 }
583 }
584
585 return false;
586 }
587
588 bool
589 wtap_uses_lua_filehandler(const wtap* wth)
590 {
591 if (wth && wth->wslua_data != NULL) {
592 /*
593 * Currently, wslua_data is set if and only if using a Lua
594 * file handler.
595 */
596 return true;
597 }
598
599 return false;
600 }
601
602 /*
603 * Visual C++ on Win32 systems doesn't define these. (Old UNIX systems don't
604 * define them either.)
605 *
606 * Visual C++ on Win32 systems doesn't define S_IFIFO, it defines _S_IFIFO.
607 */
608 #ifndef S_ISREG
609 #define S_ISREG(mode) (((mode) & S_IFMT) == S_IFREG)
610 #endif
611 #ifndef S_IFIFO
612 #define S_IFIFO _S_IFIFO
613 #endif
614 #ifndef S_ISFIFO
615 #define S_ISFIFO(mode) (((mode) & S_IFMT) == S_IFIFO)
616 #endif
617 #ifndef S_ISDIR
618 #define S_ISDIR(mode) (((mode) & S_IFMT) == S_IFDIR)
619 #endif
620
621 /* returns the 'type' number to use for wtap_open_offline based on the
622 * passed-in name (the name in the open_info struct). It returns WTAP_TYPE_AUTO
623 * on failure, which is the number 0. The 'type' number is the entry's index+1,
624 * because that's what wtap_open_offline() expects it to be.
625 */
626 unsigned int
627 open_info_name_to_type(const char *name)
628 {
629 unsigned int i;
630
631 if (!name)
632 return WTAP_TYPE_AUTO;
633
634 for (i = 0; i < open_info_arr->len; i++) {
635 if (open_routines[i].name != NULL &&
636 strcmp(name, open_routines[i].name) == 0)
637 return i+1;
638 }
639
640 return WTAP_TYPE_AUTO; /* no such file type */
641 }
642
643 static char *
644 get_file_extension(const char *pathname)
645 {
646 char *filename;
647 char **components;
648 size_t ncomponents;
649 char *extensionp;
650
651 /*
652 * Is the pathname empty?
653 */
654 if (strcmp(pathname, "") == 0)
655 return NULL; /* no extension */
656
657 /*
658 * Find the last component of the pathname.
659 */
660 filename = g_path_get_basename(pathname);
661
662 /*
663 * Does it have an extension?
664 */
665 if (strchr(filename, '.') == NULL) {
666 g_free(filename);
667 return NULL; /* no extension whatsoever */
668 }
669
670 /*
671 * Yes. Fold it to lowercase, since open_routines[] has
672 * its extensions in lowercase.
673 */
674 ascii_strdown_inplace(filename);
675
676 /*
677 * Split it into components separated by ".".
678 */
679 components = g_strsplit(filename, ".", 0);
680 g_free(filename);
681
682 /*
683 * Count the components.
684 */
685 for (ncomponents = 0; components[ncomponents] != NULL; ncomponents++)
686 ;
687
688 if (ncomponents == 0) {
689 g_strfreev(components);
690 return NULL; /* no components */
691 }
692 if (ncomponents == 1) {
693 g_strfreev(components);
694 return NULL; /* only one component, with no "." */
695 }
696
697 /*
698 * Get compression-type extensions, if any.
699 */
700 GSList *compression_type_extensions = wtap_get_all_compression_type_extensions_list();
701
702 /*
703 * Is the last component one of the extensions used for compressed
704 * files?
705 */
706 extensionp = components[ncomponents - 1];
707 for (GSList *compression_type_extension = compression_type_extensions;
708 compression_type_extension != NULL;
709 compression_type_extension = g_slist_next(compression_type_extension)) {
710 if (strcmp(extensionp, (const char *)compression_type_extension->data) == 0) {
711 /*
712 * Yes, so it's one of the compressed-file extensions.
713 * Is there an extension before that?
714 */
715 if (ncomponents == 2) {
716 g_slist_free(compression_type_extensions);
717 g_strfreev(components);
718 return NULL; /* no, only two components */
719 }
720
721 /*
722 * Yes, return that extension.
723 */
724 g_slist_free(compression_type_extensions);
725 extensionp = g_strdup(components[ncomponents - 2]);
726 g_strfreev(components);
727 return extensionp;
728 }
729 }
730
731 g_slist_free(compression_type_extensions);
732
733 /*
734 * The extension isn't one of the compressed-file extensions;
735 * return it.
736 */
737 extensionp = g_strdup(extensionp);
738 g_strfreev(components);
739 return extensionp;
740 }
741
742 /*
743 * Check if file extension is used in this heuristic
744 */
745 static bool
746 heuristic_uses_extension(unsigned int i, const char *extension)
747 {
748 char **extensionp;
749
750 /*
751 * Does this file type *have* any extensions?
752 */
753 if (open_routines[i].extensions == NULL)
754 return false; /* no */
755
756 /*
757 * Check each of them against the specified extension.
758 */
759 for (extensionp = open_routines[i].extensions_set; *extensionp != NULL;
760 extensionp++) {
761 if (strcmp(extension, *extensionp) == 0) {
762 return true; /* it's one of them */
763 }
764 }
765
766 return false; /* it's not one of them */
767 }
768
769 /* Opens a file and prepares a wtap struct.
770 * If "do_random" is true, it opens the file twice; the second open
771 * allows the application to do random-access I/O without moving
772 * the seek offset for sequential I/O, which is used by Wireshark
773 * so that it can do sequential I/O to a capture file that's being
774 * written to as new packets arrive independently of random I/O done
775 * to display protocol trees for packets when they're selected.
776 */
777 wtap *
778 wtap_open_offline(const char *filename, unsigned int type, int *err, char **err_info,
779 bool do_random)
780 {
781 int fd;
782 ws_statb64 statb;
783 bool ispipe = false;
784 wtap *wth;
785 unsigned int i;
786 bool use_stdin = false;
787 char *extension;
788 wtap_block_t shb;
789
790 *err = 0;
791 *err_info = NULL;
792
793 /* open standard input if filename is '-' */
794 if (strcmp(filename, "-") == 0)
795 use_stdin = true;
796
797 /* First, make sure the file is valid */
798 if (use_stdin) {
799 if (ws_fstat64(0, &statb) < 0) {
800 *err = errno;
801 return NULL;
802 }
803 } else {
804 if (ws_stat64(filename, &statb) < 0) {
805 *err = errno;
806 return NULL;
807 }
808 }
809 if (S_ISFIFO(statb.st_mode)) {
810 /*
811 * Opens of FIFOs are allowed only when not opening
812 * for random access.
813 *
814 * Currently, we do seeking when trying to find out
815 * the file type, but our I/O routines do some amount
816 * of buffering, and do backward seeks within the buffer
817 * if possible, so at least some file types can be
818 * opened from pipes, so we don't completely disallow opens
819 * of pipes.
820 */
821 if (do_random) {
822 *err = WTAP_ERR_RANDOM_OPEN_PIPE;
823 return NULL;
824 }
825 ispipe = true;
826 } else if (S_ISDIR(statb.st_mode)) {
827 /*
828 * Return different errors for "this is a directory"
829 * and "this is some random special file type", so
830 * the user can get a potentially more helpful error.
831 */
832 *err = EISDIR;
833 return NULL;
834 } else if (! S_ISREG(statb.st_mode)) {
835 *err = WTAP_ERR_NOT_REGULAR_FILE;
836 return NULL;
837 }
838
839 /*
840 * We need two independent descriptors for random access, so
841 * they have different file positions. If we're opening the
842 * standard input, we can only dup it to get additional
843 * descriptors, so we can't have two independent descriptors,
844 * and thus can't do random access.
845 */
846 if (use_stdin && do_random) {
847 *err = WTAP_ERR_RANDOM_OPEN_STDIN;
848 return NULL;
849 }
850
851 errno = ENOMEM;
852 wth = g_new0(wtap, 1);
853
854 /* Open the file */
855 errno = WTAP_ERR_CANT_OPEN;
856 if (use_stdin) {
857 /*
858 * We dup FD 0, so that we don't have to worry about
859 * a file_close of wth->fh closing the standard
860 * input of the process.
861 */
862 fd = ws_dup(0);
863 if (fd < 0) {
864 *err = errno;
865 g_free(wth);
866 return NULL;
867 }
868 #ifdef _WIN32
869 if (_setmode(fd, O_BINARY) == -1) {
870 /* "Shouldn't happen" */
871 *err = errno;
872 g_free(wth);
873 return NULL;
874 }
875 #endif
876 if (!(wth->fh = file_fdopen(fd))) {
877 *err = errno;
878 ws_close(fd);
879 g_free(wth);
880 return NULL;
881 }
882 } else {
883 if (!(wth->fh = file_open(filename))) {
884 *err = errno;
885 g_free(wth);
886 return NULL;
887 }
888 }
889
890 if (do_random) {
891 if (!(wth->random_fh = file_open(filename))) {
892 *err = errno;
893 file_close(wth->fh);
894 g_free(wth);
895 return NULL;
896 }
897 } else
898 wth->random_fh = NULL;
899
900 /* initialization */
901 wth->ispipe = ispipe;
902 wth->file_encap = WTAP_ENCAP_UNKNOWN;
903 wth->subtype_sequential_close = NULL;
904 wth->subtype_close = NULL;
905 wth->file_tsprec = WTAP_TSPREC_USEC;
906 wth->pathname = g_strdup(filename);
907 wth->priv = NULL;
908 wth->wslua_data = NULL;
909 wth->shb_hdrs = g_array_new(false, false, sizeof(wtap_block_t));
910 shb = wtap_block_create(WTAP_BLOCK_SECTION);
911 if (shb)
912 g_array_append_val(wth->shb_hdrs, shb);
913
914 /* Initialize the array containing a list of interfaces. pcapng_open and
915 * erf_open needs this (and libpcap_open for ERF encapsulation types).
916 * Always initing it here saves checking for a NULL ptr later. */
917 wth->interface_data = g_array_new(false, false, sizeof(wtap_block_t));
918 /*
919 * Next interface data that wtap_get_next_interface_description()
920 * will return.
921 */
922 wth->next_interface_data = 0;
923
924 wth->shb_iface_to_global = g_array_new(false, false, sizeof(unsigned));
925 g_array_append_val(wth->shb_iface_to_global, wth->interface_data->len);
926
927 if (wth->random_fh) {
928 wth->fast_seek = g_ptr_array_new();
929
930 file_set_random_access(wth->fh, false, wth->fast_seek);
931 file_set_random_access(wth->random_fh, true, wth->fast_seek);
932 }
933
934 /* 'type' is 1 greater than the array index */
935 if (type != WTAP_TYPE_AUTO && type <= open_info_arr->len) {
936 int result;
937
938 if (file_seek(wth->fh, 0, SEEK_SET, err) == -1) {
939 /* I/O error - give up */
940 wtap_close(wth);
941 return NULL;
942 }
943
944 /* Set wth with wslua data if any - this is how we pass the data
945 * to the file reader, kinda like the priv member but not free'd later.
946 * It's ok for this to copy a NULL.
947 */
948 wth->wslua_data = open_routines[type - 1].wslua_data;
949
950 result = (*open_routines[type - 1].open_routine)(wth, err, err_info);
951
952 switch (result) {
953 case WTAP_OPEN_ERROR:
954 /* Error - give up */
955 wtap_close(wth);
956 return NULL;
957
958 case WTAP_OPEN_NOT_MINE:
959 /* No error, but not that type of file */
960 goto fail;
961
962 case WTAP_OPEN_MINE:
963 /* We found the file type */
964 goto success;
965 }
966 }
967
968 /* Try all file types that support magic numbers */
969 for (i = 0; i < heuristic_open_routine_idx; i++) {
970 /* Seek back to the beginning of the file; the open routine
971 * for the previous file type may have left the file
972 * position somewhere other than the beginning, and the
973 * open routine for this file type will probably want
974 * to start reading at the beginning.
975 *
976 * Initialize the data offset while we're at it.
977 */
978 if (file_seek(wth->fh, 0, SEEK_SET, err) == -1) {
979 /* Error - give up */
980 wtap_close(wth);
981 return NULL;
982 }
983
984 /* Set wth with wslua data if any - this is how we pass the data
985 * to the file reader, kinda like the priv member but not free'd later.
986 * It's ok for this to copy a NULL.
987 */
988 wth->wslua_data = open_routines[i].wslua_data;
989
990 switch ((*open_routines[i].open_routine)(wth, err, err_info)) {
991
992 case WTAP_OPEN_ERROR:
993 /* Error - give up */
994 wtap_close(wth);
995 return NULL;
996
997 case WTAP_OPEN_NOT_MINE:
998 /* No error, but not that type of file */
999 break;
1000
1001 case WTAP_OPEN_MINE:
1002 /* We found the file type */
1003 goto success;
1004 }
1005 }
1006
1007
1008 /* Does this file's name have an extension? */
1009 extension = get_file_extension(filename);
1010 if (extension != NULL) {
1011 /* Yes - try the heuristic types that use that extension first. */
1012 for (i = heuristic_open_routine_idx; i < open_info_arr->len; i++) {
1013 /* Does this type use that extension? */
1014 if (heuristic_uses_extension(i, extension)) {
1015 /* Yes. */
1016 if (file_seek(wth->fh, 0, SEEK_SET, err) == -1) {
1017 /* Error - give up */
1018 g_free(extension);
1019 wtap_close(wth);
1020 return NULL;
1021 }
1022
1023 /* Set wth with wslua data if any - this is how we pass the data
1024 * to the file reader, kind of like priv but not free'd later.
1025 */
1026 wth->wslua_data = open_routines[i].wslua_data;
1027
1028 switch ((*open_routines[i].open_routine)(wth,
1029 err, err_info)) {
1030
1031 case WTAP_OPEN_ERROR:
1032 /* Error - give up */
1033 g_free(extension);
1034 wtap_close(wth);
1035 return NULL;
1036
1037 case WTAP_OPEN_NOT_MINE:
1038 /* No error, but not that type of file */
1039 break;
1040
1041 case WTAP_OPEN_MINE:
1042 /* We found the file type */
1043 g_free(extension);
1044 goto success;
1045 }
1046 }
1047 }
1048
1049 /*
1050 * Now try the heuristic types that have no extensions
1051 * to check; we try those before the ones that have
1052 * extensions that *don't* match this file's extension,
1053 * on the theory that files of those types generally
1054 * have one of the type's extensions, and, as this file
1055 * *doesn't* have one of those extensions, it's probably
1056 * *not* one of those files.
1057 */
1058 for (i = heuristic_open_routine_idx; i < open_info_arr->len; i++) {
1059 /* Does this type have any extensions? */
1060 if (open_routines[i].extensions == NULL) {
1061 /* No. */
1062 if (file_seek(wth->fh, 0, SEEK_SET, err) == -1) {
1063 /* Error - give up */
1064 g_free(extension);
1065 wtap_close(wth);
1066 return NULL;
1067 }
1068
1069 /* Set wth with wslua data if any - this is how we pass the data
1070 * to the file reader, kind of like priv but not free'd later.
1071 */
1072 wth->wslua_data = open_routines[i].wslua_data;
1073
1074 switch ((*open_routines[i].open_routine)(wth,
1075 err, err_info)) {
1076
1077 case WTAP_OPEN_ERROR:
1078 /* Error - give up */
1079 g_free(extension);
1080 wtap_close(wth);
1081 return NULL;
1082
1083 case WTAP_OPEN_NOT_MINE:
1084 /* No error, but not that type of file */
1085 break;
1086
1087 case WTAP_OPEN_MINE:
1088 /* We found the file type */
1089 g_free(extension);
1090 goto success;
1091 }
1092 }
1093 }
1094
1095 /*
1096 * Now try the ones that have extensions where none of
1097 * them matches this file's extensions.
1098 */
1099 for (i = heuristic_open_routine_idx; i < open_info_arr->len; i++) {
1100 /*
1101 * Does this type have extensions and is this file's
1102 * extension one of them?
1103 */
1104 if (open_routines[i].extensions != NULL &&
1105 !heuristic_uses_extension(i, extension)) {
1106 /* Yes and no. */
1107 if (file_seek(wth->fh, 0, SEEK_SET, err) == -1) {
1108 /* Error - give up */
1109 g_free(extension);
1110 wtap_close(wth);
1111 return NULL;
1112 }
1113
1114 /* Set wth with wslua data if any - this is how we pass the data
1115 * to the file reader, kind of like priv but not free'd later.
1116 */
1117 wth->wslua_data = open_routines[i].wslua_data;
1118
1119 switch ((*open_routines[i].open_routine)(wth,
1120 err, err_info)) {
1121
1122 case WTAP_OPEN_ERROR:
1123 /* Error - give up */
1124 g_free(extension);
1125 wtap_close(wth);
1126 return NULL;
1127
1128 case WTAP_OPEN_NOT_MINE:
1129 /* No error, but not that type of file */
1130 break;
1131
1132 case WTAP_OPEN_MINE:
1133 /* We found the file type */
1134 g_free(extension);
1135 goto success;
1136 }
1137 }
1138 }
1139 g_free(extension);
1140 } else {
1141 /* No - try all the heuristics types in order. */
1142 for (i = heuristic_open_routine_idx; i < open_info_arr->len; i++) {
1143
1144 if (file_seek(wth->fh, 0, SEEK_SET, err) == -1) {
1145 /* Error - give up */
1146 wtap_close(wth);
1147 return NULL;
1148 }
1149
1150 /* Set wth with wslua data if any - this is how we pass the data
1151 * to the file reader, kind of like priv but not free'd later.
1152 */
1153 wth->wslua_data = open_routines[i].wslua_data;
1154
1155 switch ((*open_routines[i].open_routine)(wth, err, err_info)) {
1156
1157 case WTAP_OPEN_ERROR:
1158 /* Error - give up */
1159 wtap_close(wth);
1160 return NULL;
1161
1162 case WTAP_OPEN_NOT_MINE:
1163 /* No error, but not that type of file */
1164 break;
1165
1166 case WTAP_OPEN_MINE:
1167 /* We found the file type */
1168 goto success;
1169 }
1170 }
1171 }
1172
1173 fail:
1174
1175 /* Well, it's not one of the types of file we know about. */
1176 wtap_close(wth);
1177 *err = WTAP_ERR_FILE_UNKNOWN_FORMAT;
1178 return NULL;
1179
1180 success:
1181 return wth;
1182 }
1183
1184 /*
1185 * Given the pathname of the file we just closed with wtap_fdclose(), attempt
1186 * to reopen that file and assign the new file descriptor(s) to the sequential
1187 * stream and, if do_random is true, to the random stream. Used on Windows
1188 * after the rename of a file we had open was done or if the rename of a
1189 * file on top of a file we had open failed.
1190 *
1191 * This is only required by Wireshark, not TShark, and, at the point that
1192 * Wireshark is doing this, the sequential stream is closed, and the
1193 * random stream is open, so this refuses to open pipes, and only
1194 * reopens the random stream.
1195 */
1196 bool
1197 wtap_fdreopen(wtap *wth, const char *filename, int *err)
1198 {
1199 ws_statb64 statb;
1200
1201 /*
1202 * We need two independent descriptors for random access, so
1203 * they have different file positions. If we're opening the
1204 * standard input, we can only dup it to get additional
1205 * descriptors, so we can't have two independent descriptors,
1206 * and thus can't do random access.
1207 */
1208 if (strcmp(filename, "-") == 0) {
1209 *err = WTAP_ERR_RANDOM_OPEN_STDIN;
1210 return false;
1211 }
1212
1213 /* First, make sure the file is valid */
1214 if (ws_stat64(filename, &statb) < 0) {
1215 *err = errno;
1216 return false;
1217 }
1218 if (S_ISFIFO(statb.st_mode)) {
1219 /*
1220 * Opens of FIFOs are not allowed; see above.
1221 */
1222 *err = WTAP_ERR_RANDOM_OPEN_PIPE;
1223 return false;
1224 } else if (S_ISDIR(statb.st_mode)) {
1225 /*
1226 * Return different errors for "this is a directory"
1227 * and "this is some random special file type", so
1228 * the user can get a potentially more helpful error.
1229 */
1230 *err = EISDIR;
1231 return false;
1232 } else if (! S_ISREG(statb.st_mode)) {
1233 *err = WTAP_ERR_NOT_REGULAR_FILE;
1234 return false;
1235 }
1236
1237 /* Open the file */
1238 errno = WTAP_ERR_CANT_OPEN;
1239 if (!file_fdreopen(wth->random_fh, filename)) {
1240 *err = errno;
1241 return false;
1242 }
1243 if (strcmp(filename, wth->pathname) != 0) {
1244 g_free(wth->pathname);
1245 wth->pathname = g_strdup(filename);
1246 }
1247 return true;
1248 }
1249
1250 /* Table of the file types and subtypes for which we have support. */
1251
1252 /*
1253 * Pointer to the GArray holding the registered file types.
1254 */
1255 static GArray* file_type_subtype_table_arr;
1256
1257 /*
1258 * Pointer to the table of registered file types in that GArray.
1259 */
1260 static const struct file_type_subtype_info* file_type_subtype_table;
1261
1262 /*
1263 * Number of elements in the table for builtin file types/subtypes.
1264 */
1265 static unsigned wtap_num_builtin_file_types_subtypes;
1266
1267 /*
1268 * Required builtin types.
1269 */
1270 int pcap_file_type_subtype = -1;
1271 int pcap_nsec_file_type_subtype = -1;
1272 int pcapng_file_type_subtype = -1;
1273
1274 /*
1275 * Table for mapping old file type/subtype names to new ones for
1276 * backwards compatibility.
1277 */
1278 static GHashTable *type_subtype_name_map;
1279
1280 /*
1281 * Initialize the table of file types/subtypes with all the builtin
1282 * types/subtypes.
1283 */
1284 void
1285 wtap_init_file_type_subtypes(void)
1286 {
1287 /* Don't do this twice. */
1288 ws_assert(file_type_subtype_table_arr == NULL);
1289
1290 /*
1291 * Estimate the number of file types/subtypes as twice the
1292 * number of modules; that's probably an overestimate, as
1293 * the average number of file types/subtypes registered by
1294 * a module is > 1 but probably < 2, but that shouldn't
1295 * waste too much memory.
1296 *
1297 * Add on 7 more for pcapng, pcap, nanosecond pcap, and the
1298 * extra modified flavors of pcap.
1299 */
1300 file_type_subtype_table_arr = g_array_sized_new(false, true,
1301 sizeof(struct file_type_subtype_info), wtap_module_count*2 + 7);
1302 file_type_subtype_table = (const struct file_type_subtype_info*)(void *)file_type_subtype_table_arr->data;
1303
1304 /*
1305 * Initialize the hash table for mapping old file type/subtype
1306 * names to the corresponding new names.
1307 */
1308 type_subtype_name_map = g_hash_table_new_full(g_str_hash,
1309 g_str_equal, g_free, g_free);
1310
1311 /* No entries yet, so no builtin entries yet. */
1312 wtap_num_builtin_file_types_subtypes = 0;
1313
1314 /*
1315 * Register the builtin entries that aren't in the table.
1316 * First, do the required ones; register pcapng first, then
1317 * pcap, so, at the beginning of the table, we have pcapng,
1318 * pcap, nanosecond pcap, and the weird modified pcaps, so
1319 * searches for file types that can write a file format
1320 * start with pcapng, pcap, and nanosecond pcap.
1321 */
1322 register_pcapng();
1323 register_pcap();
1324
1325 /* Now register the ones found by the build process */
1326 for (unsigned i = 0; i < wtap_module_count; i++)
1327 wtap_module_reg[i].cb_func();
1328
1329 /* Update the number of builtin entries. */
1330 wtap_num_builtin_file_types_subtypes = file_type_subtype_table_arr->len;
1331 }
1332
1333 /*
1334 * Attempt to register a new file type/subtype; fails if a type/subtype
1335 * with that name is already registered.
1336 */
1337 int
1338 wtap_register_file_type_subtype(const struct file_type_subtype_info* fi)
1339 {
1340 struct file_type_subtype_info* finfo;
1341 unsigned file_type_subtype;
1342
1343 /*
1344 * Check for required fields (description and name).
1345 */
1346 if (!fi || !fi->description || !fi->name) {
1347 ws_warning("no file type info");
1348 return -1;
1349 }
1350
1351 /*
1352 * There must be at least one block type that this file
1353 * type/subtype supports.
1354 */
1355 if (fi->num_supported_blocks == 0 || fi->supported_blocks == NULL) {
1356 ws_warning("no blocks supported by file type \"%s\"", fi->name);
1357 return -1;
1358 }
1359
1360 /*
1361 * Is this type already registered?
1362 */
1363 if (wtap_name_to_file_type_subtype(fi->name) != -1) {
1364 /*
1365 * Yes. You don't get to replace an existing handler.
1366 */
1367 ws_warning("file type \"%s\" is already registered", fi->name);
1368 return -1;
1369 }
1370
1371 /*
1372 * Is there a freed entry in the array, due to a file type
1373 * being de-registered?
1374 *
1375 * Skip the built-in entries, as they're never deregistered.
1376 */
1377 for (file_type_subtype = wtap_num_builtin_file_types_subtypes;
1378 file_type_subtype < file_type_subtype_table_arr->len;
1379 file_type_subtype++) {
1380 if (file_type_subtype_table[file_type_subtype].name == NULL) {
1381 /*
1382 * We found such an entry.
1383 *
1384 * Get the pointer from the GArray, so that we get a
1385 * non-const pointer.
1386 */
1387 finfo = &g_array_index(file_type_subtype_table_arr, struct file_type_subtype_info, file_type_subtype);
1388
1389 /*
1390 * Fill in the entry with the new values.
1391 */
1392 *finfo = *fi;
1393
1394 return (int)file_type_subtype;
1395 }
1396 }
1397
1398 /*
1399 * There aren't any free slots, so add a new entry.
1400 * Get the number of current number of entries, which will
1401 * be the index of the new entry, then append this entry
1402 * to the end of the array, change file_type_subtype_table
1403 * in case the array had to get reallocated, and return
1404 * the index of the new entry.
1405 */
1406 file_type_subtype = file_type_subtype_table_arr->len;
1407 g_array_append_val(file_type_subtype_table_arr, *fi);
1408 file_type_subtype_table = (const struct file_type_subtype_info*)(void *)file_type_subtype_table_arr->data;
1409 return file_type_subtype;
1410 }
1411
1412 /* De-registers a file writer - they can never be removed from the GArray, but we can "clear" an entry.
1413 */
1414 void
1415 wtap_deregister_file_type_subtype(const int subtype)
1416 {
1417 struct file_type_subtype_info* finfo;
1418
1419 if (subtype < 0 || subtype >= (int)file_type_subtype_table_arr->len) {
1420 ws_error("invalid file type to de-register");
1421 return;
1422 }
1423 if ((unsigned)subtype < wtap_num_builtin_file_types_subtypes) {
1424 ws_error("built-in file types cannot be de-registered");
1425 return;
1426 }
1427
1428 /*
1429 * Get the pointer from the GArray, so that we get a non-const
1430 * pointer.
1431 */
1432 finfo = &g_array_index(file_type_subtype_table_arr, struct file_type_subtype_info, subtype);
1433 /*
1434 * Clear out this entry.
1435 */
1436 finfo->description = NULL;
1437 finfo->name = NULL;
1438 finfo->default_file_extension = NULL;
1439 finfo->additional_file_extensions = NULL;
1440 finfo->writing_must_seek = false;
1441 finfo->num_supported_blocks = 0;
1442 finfo->supported_blocks = NULL;
1443 finfo->can_write_encap = NULL;
1444 finfo->dump_open = NULL;
1445 finfo->wslua_info = NULL;
1446 }
1447
1448 /*
1449 * Given a GArray of WTAP_ENCAP_ types, return the per-file encapsulation
1450 * type that would be needed to write out a file with those types. If
1451 * there's only one type, it's that type, otherwise it's
1452 * WTAP_ENCAP_PER_PACKET.
1453 */
1454 int
1455 wtap_dump_required_file_encap_type(const GArray *file_encaps)
1456 {
1457 int encap;
1458
1459 encap = WTAP_ENCAP_PER_PACKET;
1460 if (file_encaps->len == 1) {
1461 /* OK, use the one-and-only encapsulation type. */
1462 encap = g_array_index(file_encaps, int, 0);
1463 }
1464 return encap;
1465 }
1466
1467 bool
1468 wtap_dump_can_write_encap(int file_type_subtype, int encap)
1469 {
1470 int result = 0;
1471
1472 if (file_type_subtype < 0 ||
1473 file_type_subtype >= (int)file_type_subtype_table_arr->len ||
1474 file_type_subtype_table[file_type_subtype].can_write_encap == NULL)
1475 return false;
1476
1477 result = (*file_type_subtype_table[file_type_subtype].can_write_encap)(encap);
1478
1479 if (result != 0) {
1480 /* if the err said to check wslua's can_write_encap, try that */
1481 if (result == WTAP_ERR_CHECK_WSLUA
1482 && file_type_subtype_table[file_type_subtype].wslua_info != NULL
1483 && file_type_subtype_table[file_type_subtype].wslua_info->wslua_can_write_encap != NULL) {
1484
1485 result = (*file_type_subtype_table[file_type_subtype].wslua_info->wslua_can_write_encap)(encap, file_type_subtype_table[file_type_subtype].wslua_info->wslua_data);
1486
1487 }
1488
1489 if (result != 0)
1490 return false;
1491 }
1492
1493 return true;
1494 }
1495
1496 /*
1497 * Return true if a capture with a given GArray of encapsulation types
1498 * and a given bitset of comment types can be written in a specified
1499 * format, and false if it can't.
1500 */
1501 static bool
1502 wtap_dump_can_write_format(int ft, const GArray *file_encaps,
1503 uint32_t required_comment_types)
1504 {
1505 unsigned i;
1506
1507 /*
1508 * Can we write in this format?
1509 */
1510 if (!wtap_dump_can_open(ft)) {
1511 /* No. */
1512 return false;
1513 }
1514
1515 /*
1516 * Yes. Can we write out all the required comments in this
1517 * format?
1518 */
1519 if (required_comment_types & WTAP_COMMENT_PER_SECTION) {
1520 if (wtap_file_type_subtype_supports_option(ft,
1521 WTAP_BLOCK_SECTION, OPT_COMMENT) == OPTION_NOT_SUPPORTED) {
1522 /* Not section comments. */
1523 return false;
1524 }
1525 }
1526 if (required_comment_types & WTAP_COMMENT_PER_INTERFACE) {
1527 if (wtap_file_type_subtype_supports_option(ft,
1528 WTAP_BLOCK_IF_ID_AND_INFO, OPT_COMMENT) == OPTION_NOT_SUPPORTED) {
1529 /* Not interface comments. */
1530 return false;
1531 }
1532 }
1533 if (required_comment_types & WTAP_COMMENT_PER_PACKET) {
1534 if (wtap_file_type_subtype_supports_option(ft,
1535 WTAP_BLOCK_PACKET, OPT_COMMENT) == OPTION_NOT_SUPPORTED) {
1536 /* Not packet comments. */
1537 return false;
1538 }
1539 }
1540
1541 /*
1542 * Yes. Is the required per-file encapsulation type supported?
1543 * This might be WTAP_ENCAP_PER_PACKET.
1544 */
1545 if (!wtap_dump_can_write_encap(ft, wtap_dump_required_file_encap_type(file_encaps))) {
1546 /* No. */
1547 return false;
1548 }
1549
1550 /*
1551 * Yes. Are all the individual encapsulation types supported?
1552 */
1553 for (i = 0; i < file_encaps->len; i++) {
1554 if (!wtap_dump_can_write_encap(ft,
1555 g_array_index(file_encaps, int, i))) {
1556 /* No - one of them isn't. */
1557 return false;
1558 }
1559 }
1560
1561 /* Yes - we're OK. */
1562 return true;
1563 }
1564
1565 /*
1566 * Return true if we can write a file with the given GArray of
1567 * encapsulation types and the given bitmask of comment types.
1568 */
1569 bool
1570 wtap_dump_can_write(const GArray *file_encaps, uint32_t required_comment_types)
1571 {
1572 int ft;
1573
1574 for (ft = 0; ft < (int)file_type_subtype_table_arr->len; ft++) {
1575 /* To save a file with Wiretap, Wiretap has to handle that format,
1576 * and its code to handle that format must be able to write a file
1577 * with this file's encapsulation types.
1578 */
1579 if (wtap_dump_can_write_format(ft, file_encaps, required_comment_types)) {
1580 /* OK, we can write it out in this type. */
1581 return true;
1582 }
1583 }
1584
1585 /* No, we couldn't save it in any format. */
1586 return false;
1587 }
1588
1589 /*
1590 * Sort by file type/subtype name.
1591 */
1592 static int
1593 compare_file_type_subtypes_by_name(gconstpointer a, gconstpointer b)
1594 {
1595 int file_type_subtype_a = *(const int *)a;
1596 int file_type_subtype_b = *(const int *)b;
1597
1598 return strcmp(wtap_file_type_subtype_name(file_type_subtype_a),
1599 wtap_file_type_subtype_name(file_type_subtype_b));
1600 }
1601
1602 /*
1603 * Sort by file type/subtype description.
1604 */
1605 static int
1606 compare_file_type_subtypes_by_description(gconstpointer a, gconstpointer b)
1607 {
1608 int file_type_subtype_a = *(const int *)a;
1609 int file_type_subtype_b = *(const int *)b;
1610
1611 return strcmp(wtap_file_type_subtype_description(file_type_subtype_a),
1612 wtap_file_type_subtype_description(file_type_subtype_b));
1613 }
1614
1615 /*
1616 * Get a GArray of file type/subtype values for file types/subtypes
1617 * that can be used to save a file of a given type/subtype with a given
1618 * GArray of encapsulation types and the given bitmask of comment types.
1619 */
1620 GArray *
1621 wtap_get_savable_file_types_subtypes_for_file(int file_type_subtype,
1622 const GArray *file_encaps, uint32_t required_comment_types,
1623 ft_sort_order sort_order)
1624 {
1625 GArray *savable_file_types_subtypes;
1626 int ft;
1627 int default_file_type_subtype = -1;
1628 int other_file_type_subtype = -1;
1629
1630 /* Can we save this file in its own file type/subtype? */
1631 if (wtap_dump_can_write_format(file_type_subtype, file_encaps,
1632 required_comment_types)) {
1633 /* Yes - make that the default file type/subtype. */
1634 default_file_type_subtype = file_type_subtype;
1635 } else if (wtap_dump_can_write_format(pcap_file_type_subtype,
1636 file_encaps,
1637 required_comment_types)) {
1638 /*
1639 * No, but we can write it as a pcap file; make that
1640 * the default file type/subtype.
1641 */
1642 default_file_type_subtype = pcap_file_type_subtype;
1643 } else if (wtap_dump_can_write_format(pcapng_file_type_subtype,
1644 file_encaps,
1645 required_comment_types)) {
1646 /*
1647 * No, but we can write it as a pcapng file; make that
1648 * the default file type/subtype.
1649 */
1650 default_file_type_subtype = pcapng_file_type_subtype;
1651 } else {
1652 /* OK, find the first file type/subtype we *can* save it as. */
1653 default_file_type_subtype = -1;
1654 for (ft = 0; ft < (int)file_type_subtype_table_arr->len; ft++) {
1655 if (wtap_dump_can_write_format(ft, file_encaps,
1656 required_comment_types)) {
1657 /* OK, got it. */
1658 default_file_type_subtype = ft;
1659 break;
1660 }
1661 }
1662 }
1663
1664 if (default_file_type_subtype == -1) {
1665 /* We don't support writing this file as any file type/subtype. */
1666 return NULL;
1667 }
1668
1669 /*
1670 * If the default is pcap, put pcapng right after it if we can
1671 * also write it in pcapng format; otherwise, if the default is
1672 * pcapng, put pcap right after it if we can also write it in
1673 * pcap format.
1674 */
1675 if (default_file_type_subtype == pcap_file_type_subtype) {
1676 if (wtap_dump_can_write_format(pcapng_file_type_subtype,
1677 file_encaps,
1678 required_comment_types))
1679 other_file_type_subtype = pcapng_file_type_subtype;
1680 } else if (default_file_type_subtype == pcapng_file_type_subtype) {
1681 if (wtap_dump_can_write_format(pcap_file_type_subtype,
1682 file_encaps,
1683 required_comment_types))
1684 other_file_type_subtype = pcap_file_type_subtype;
1685 }
1686
1687 /* Allocate the array. */
1688 savable_file_types_subtypes = g_array_new(false, false,
1689 sizeof (int));
1690
1691 /*
1692 * First, add the types we don't want to force to the
1693 * beginning of the list.
1694 */
1695 for (ft = 0; ft < (int)file_type_subtype_table_arr->len; ft++) {
1696 if (ft == default_file_type_subtype ||
1697 ft == other_file_type_subtype)
1698 continue; /* we will done this one later */
1699 if (wtap_dump_can_write_format(ft, file_encaps,
1700 required_comment_types)) {
1701 /* OK, we can write it out in this type. */
1702 g_array_append_val(savable_file_types_subtypes, ft);
1703 }
1704 }
1705
1706 /* Now, sort the list. */
1707 g_array_sort(savable_file_types_subtypes,
1708 (sort_order == FT_SORT_BY_NAME) ? compare_file_type_subtypes_by_name :
1709 compare_file_type_subtypes_by_description);
1710
1711 /*
1712 * If we have a type/subtype to put above the default one,
1713 * do so.
1714 *
1715 * We put this type at the beginning before putting the
1716 * default there, so the default is at the top.
1717 */
1718 if (other_file_type_subtype != -1)
1719 g_array_prepend_val(savable_file_types_subtypes,
1720 other_file_type_subtype);
1721
1722 /* Put the default file type/subtype first in the list. */
1723 g_array_prepend_val(savable_file_types_subtypes,
1724 default_file_type_subtype);
1725
1726 return savable_file_types_subtypes;
1727 }
1728
1729 /*
1730 * Get a GArray of all writable file type/subtype values.
1731 */
1732 GArray *
1733 wtap_get_writable_file_types_subtypes(ft_sort_order sort_order)
1734 {
1735 GArray *writable_file_types_subtypes;
1736 int ft;
1737
1738 /*
1739 * Allocate the array.
1740 * Pre-allocate room enough for all types.
1741 * XXX - that's overkill; just scan the table to find all the
1742 * writable types and count them.
1743 */
1744 writable_file_types_subtypes = g_array_sized_new(false, false,
1745 sizeof (int), file_type_subtype_table_arr->len);
1746
1747 /*
1748 * First, add the types we don't want to force to the
1749 * beginning of the list.
1750 */
1751 for (ft = 0; ft < (int)file_type_subtype_table_arr->len; ft++) {
1752 if (ft == pcap_file_type_subtype ||
1753 ft == pcapng_file_type_subtype)
1754 continue; /* we've already done these two */
1755 if (wtap_dump_can_open(ft)) {
1756 /* OK, we can write this type. */
1757 g_array_append_val(writable_file_types_subtypes, ft);
1758 }
1759 }
1760
1761 /* Now, sort the list. */
1762 g_array_sort(writable_file_types_subtypes,
1763 (sort_order == FT_SORT_BY_NAME) ? compare_file_type_subtypes_by_name :
1764 compare_file_type_subtypes_by_description);
1765
1766 /*
1767 * Now, put pcap and pcapng at the beginning, as they're
1768 * our "native" formats. Put pcapng there first, and
1769 * pcap before it.
1770 */
1771 if (pcapng_file_type_subtype != -1 &&
1772 wtap_dump_can_open(pcapng_file_type_subtype)) {
1773 /*
1774 * We can write pcapng. (If we can't, that's a huge
1775 * mistake.)
1776 */
1777 g_array_prepend_val(writable_file_types_subtypes,
1778 pcapng_file_type_subtype);
1779 }
1780 if (pcap_file_type_subtype != -1 &&
1781 wtap_dump_can_open(pcap_file_type_subtype)) {
1782 /*
1783 * We can write pcap. (If we can't, that's a huge
1784 * mistake.)
1785 */
1786 g_array_prepend_val(writable_file_types_subtypes,
1787 pcap_file_type_subtype);
1788 }
1789
1790 return writable_file_types_subtypes;
1791 }
1792
1793 /*
1794 * String describing the file type/subtype.
1795 */
1796 const char *
1797 wtap_file_type_subtype_description(int file_type_subtype)
1798 {
1799 if (file_type_subtype < 0 ||
1800 file_type_subtype >= (int)file_type_subtype_table_arr->len)
1801 return NULL;
1802 else
1803 return file_type_subtype_table[file_type_subtype].description;
1804 }
1805
1806 /*
1807 * Name to use in, say, a command-line flag specifying the type/subtype.
1808 */
1809 const char *
1810 wtap_file_type_subtype_name(int file_type_subtype)
1811 {
1812 if (file_type_subtype < 0 ||
1813 file_type_subtype >= (int)file_type_subtype_table_arr->len)
1814 return NULL;
1815 else
1816 return file_type_subtype_table[file_type_subtype].name;
1817 }
1818
1819 /*
1820 * Register a backwards-compatibility name.
1821 */
1822 void
1823 wtap_register_compatibility_file_subtype_name(const char *old_name,
1824 const char *new_name)
1825 {
1826 g_hash_table_insert(type_subtype_name_map, g_strdup(old_name),
1827 g_strdup(new_name));
1828 }
1829
1830 /*
1831 * Translate a name to a capture file type/subtype.
1832 */
1833 int
1834 wtap_name_to_file_type_subtype(const char *name)
1835 {
1836 char *new_name;
1837 int file_type_subtype;
1838
1839 /*
1840 * Is this name a backwards-compatibility name?
1841 */
1842 new_name = (char *)g_hash_table_lookup(type_subtype_name_map,
1843 (void *)name);
1844 if (new_name != NULL) {
1845 /*
1846 * Yes, and new_name is the name to which it should
1847 * be mapped.
1848 */
1849 name = new_name;
1850 }
1851 for (file_type_subtype = 0;
1852 file_type_subtype < (int)file_type_subtype_table_arr->len;
1853 file_type_subtype++) {
1854 if (file_type_subtype_table[file_type_subtype].name != NULL &&
1855 strcmp(name, file_type_subtype_table[file_type_subtype].name) == 0)
1856 return file_type_subtype;
1857 }
1858
1859 return -1; /* no such file type, or we can't write it */
1860 }
1861
1862 /*
1863 * Provide the file type/subtype for pcap.
1864 */
1865 int
1866 wtap_pcap_file_type_subtype(void)
1867 {
1868 /*
1869 * Make sure pcap was registered as a file type/subtype;
1870 * it's one of our "native" formats.
1871 */
1872 ws_assert(pcap_file_type_subtype != -1);
1873 return pcap_file_type_subtype;
1874 }
1875
1876 /*
1877 * Provide the file type/subtype for nanosecond-resolution pcap.
1878 */
1879 int
1880 wtap_pcap_nsec_file_type_subtype(void)
1881 {
1882 /*
1883 * Make sure nanosecond-resolution pcap was registered
1884 * as a file type/subtype; it's one of our "native" formats.
1885 */
1886 ws_assert(pcap_nsec_file_type_subtype != -1);
1887 return pcap_nsec_file_type_subtype;
1888 }
1889
1890 /*
1891 * Provide the file type/subtype for pcapng.
1892 */
1893 int
1894 wtap_pcapng_file_type_subtype(void)
1895 {
1896 /*
1897 * Make sure pcapng was registered as a file type/subtype;
1898 * it's one of our "native" formats.
1899 */
1900 ws_assert(pcapng_file_type_subtype != -1);
1901 return pcapng_file_type_subtype;
1902 }
1903
1904 /*
1905 * Determine if a file type/subtype can write a block of the given type.
1906 */
1907 block_support_t
1908 wtap_file_type_subtype_supports_block(int file_type_subtype,
1909 wtap_block_type_t type)
1910 {
1911 size_t num_supported_blocks;
1912 const struct supported_block_type *supported_blocks;
1913
1914 if (file_type_subtype < 0 ||
1915 file_type_subtype >= (int)file_type_subtype_table_arr->len) {
1916 /*
1917 * There's no such file type, so it can't support any
1918 * blocks.
1919 */
1920 return BLOCK_NOT_SUPPORTED;
1921 }
1922
1923 num_supported_blocks = file_type_subtype_table[file_type_subtype].num_supported_blocks;
1924 supported_blocks = file_type_subtype_table[file_type_subtype].supported_blocks;
1925
1926 for (size_t block_idx = 0; block_idx < num_supported_blocks;
1927 block_idx++) {
1928 if (supported_blocks[block_idx].type == type)
1929 return supported_blocks[block_idx].support;
1930 }
1931
1932 /*
1933 * Not found, which means not supported.
1934 */
1935 return BLOCK_NOT_SUPPORTED;
1936 }
1937
1938 /*
1939 * Determine if a file type/subtype, when writing a block of the given type,
1940 * can support adding the given option to the block.
1941 */
1942 option_support_t
1943 wtap_file_type_subtype_supports_option(int file_type_subtype,
1944 wtap_block_type_t type, unsigned option)
1945 {
1946 size_t num_supported_blocks;
1947 const struct supported_block_type *supported_blocks;
1948
1949 if (file_type_subtype < 0 ||
1950 file_type_subtype >= (int)file_type_subtype_table_arr->len) {
1951 /*
1952 * There's no such file type, so it can't support any
1953 * blocks, and thus can't support any options.
1954 */
1955 return OPTION_NOT_SUPPORTED;
1956 }
1957
1958 num_supported_blocks = file_type_subtype_table[file_type_subtype].num_supported_blocks;
1959 supported_blocks = file_type_subtype_table[file_type_subtype].supported_blocks;
1960
1961 for (size_t block_idx = 0; block_idx < num_supported_blocks;
1962 block_idx++) {
1963 if (supported_blocks[block_idx].type == type) {
1964 /*
1965 * OK, that block is known.
1966 * Is it supported?
1967 */
1968 if (supported_blocks[block_idx].support == BLOCK_NOT_SUPPORTED) {
1969 /*
1970 * No, so clearly the option isn't
1971 * supported in that block.
1972 */
1973 return OPTION_NOT_SUPPORTED;
1974 }
1975
1976 /*
1977 * Yes, so check the options.
1978 */
1979 size_t num_supported_options;
1980 const struct supported_option_type *supported_options;
1981
1982 num_supported_options = supported_blocks[block_idx].num_supported_options;
1983 supported_options = supported_blocks[block_idx].supported_options;
1984 for (size_t opt_idx = 0; opt_idx < num_supported_options;
1985 opt_idx++) {
1986 if (supported_options[opt_idx].opt == option)
1987 return supported_options[opt_idx].support;
1988 }
1989
1990 /*
1991 * Not found, which means not supported.
1992 */
1993 return OPTION_NOT_SUPPORTED;
1994 }
1995 }
1996
1997 /*
1998 * The block type wasn't found, which means it's not supported,
1999 * which means the option isn't supported in that block.
2000 */
2001 return OPTION_NOT_SUPPORTED;
2002 }
2003
2004 static GSList *
2005 add_extensions_for_file_type_subtype(int file_type_subtype, GSList *extensions,
2006 GSList *compression_type_extensions)
2007 {
2008 char **extensions_set, **extensionp;
2009 char *extension;
2010
2011 if (file_type_subtype < 0 ||
2012 file_type_subtype >= (int)file_type_subtype_table_arr->len) {
2013 /*
2014 * There's no such file type, so it has no extensions
2015 * to add.
2016 */
2017 return extensions;
2018 }
2019
2020 /*
2021 * Add the default extension, and all of the compressed variants
2022 * from the list of compressed-file extensions, if there is a
2023 * default extension.
2024 */
2025 if (file_type_subtype_table[file_type_subtype].default_file_extension != NULL) {
2026 extensions = add_extensions(extensions,
2027 file_type_subtype_table[file_type_subtype].default_file_extension,
2028 compression_type_extensions);
2029 }
2030
2031 if (file_type_subtype_table[file_type_subtype].additional_file_extensions != NULL) {
2032 /*
2033 * We have additional extensions; add them.
2034 *
2035 * First, split the extension-list string into a set of
2036 * extensions.
2037 */
2038 extensions_set = g_strsplit(file_type_subtype_table[file_type_subtype].additional_file_extensions,
2039 ";", 0);
2040
2041 /*
2042 * Add each of those extensions to the list.
2043 */
2044 for (extensionp = extensions_set; *extensionp != NULL;
2045 extensionp++) {
2046 extension = *extensionp;
2047
2048 /*
2049 * Add the extension, and all compressed variants
2050 * of it if requested.
2051 */
2052 extensions = add_extensions(extensions, extension,
2053 compression_type_extensions);
2054 }
2055
2056 g_strfreev(extensions_set);
2057 }
2058 return extensions;
2059 }
2060
2061 /* Return a list of file extensions that are used by the specified file
2062 * type/subtype.
2063 *
2064 * If include_compressed is true, the list will include compressed
2065 * extensions, e.g. not just "pcap" but also "pcap.gz" if we can read
2066 * gzipped files.
2067 *
2068 * All strings in the list are allocated with g_malloc() and must be freed
2069 * with g_free().
2070 */
2071 GSList *
2072 wtap_get_file_extensions_list(int file_type_subtype, bool include_compressed)
2073 {
2074 GSList *extensions, *compression_type_extensions;
2075
2076 if (file_type_subtype < 0 ||
2077 file_type_subtype >= (int)file_type_subtype_table_arr->len)
2078 return NULL; /* not a valid file type */
2079
2080 if (file_type_subtype_table[file_type_subtype].default_file_extension == NULL)
2081 return NULL; /* valid, but no extensions known */
2082
2083 extensions = NULL; /* empty list, to start with */
2084
2085 /*
2086 * Add all this file type's extensions, with compressed
2087 * variants if include_compressed is true.
2088 */
2089 if (include_compressed) {
2090 /*
2091 * Get compression-type extensions, if any.
2092 */
2093 compression_type_extensions = wtap_get_all_compression_type_extensions_list();
2094 } else {
2095 /*
2096 * We don't want the compressed file extensions.
2097 */
2098 compression_type_extensions = NULL;
2099 }
2100 extensions = add_extensions_for_file_type_subtype(file_type_subtype, extensions,
2101 compression_type_extensions);
2102
2103 g_slist_free(compression_type_extensions);
2104
2105 return extensions;
2106 }
2107
2108 /* Return a list of all extensions that are used by all capture file
2109 * types, including compressed extensions, e.g. not just "pcap" but
2110 * also "pcap.gz" if we can read gzipped files.
2111 *
2112 * "Capture files" means "include file types that correspond to
2113 * collections of network packets, but not file types that
2114 * store data that just happens to be transported over protocols
2115 * such as HTTP but that aren't collections of network packets",
2116 * so that it could be used for "All Capture Files" without picking
2117 * up JPEG files or files such as that - those aren't capture files,
2118 * and we *do* have them listed in the long list of individual file
2119 * types, so omitting them from "All Capture Files" is the right
2120 * thing to do.
2121 *
2122 * All strings in the list are allocated with g_malloc() and must be freed
2123 * with g_free().
2124 *
2125 * This is used to generate a list of extensions to look for if the user
2126 * chooses "All Capture Files" in a file open dialog.
2127 */
2128 GSList *
2129 wtap_get_all_capture_file_extensions_list(void)
2130 {
2131 GSList *extensions, *compression_type_extensions;
2132 unsigned int i;
2133
2134 init_file_type_extensions();
2135
2136 extensions = NULL; /* empty list, to start with */
2137
2138 /*
2139 * Get compression-type extensions, if any.
2140 */
2141 compression_type_extensions = wtap_get_all_compression_type_extensions_list();
2142
2143 for (i = 0; i < file_type_extensions_arr->len; i++) {
2144 /*
2145 * Is this a capture file, rather than one of the
2146 * other random file types we can read?
2147 */
2148 if (file_type_extensions[i].is_capture_file) {
2149 /*
2150 * Yes. Add all this file extension type's
2151 * extensions, with compressed variants.
2152 */
2153 extensions = add_extensions_for_file_extensions_type(i,
2154 extensions, compression_type_extensions);
2155 }
2156 }
2157
2158 g_slist_free(compression_type_extensions);
2159
2160 return extensions;
2161 }
2162
2163 /* Return a list of all extensions that are used by all file types that
2164 * we can read, including compressed extensions, e.g. not just "pcap" but
2165 * also "pcap.gz" if we can read gzipped files.
2166 *
2167 * "File type" means "include file types that correspond to collections
2168 * of network packets, as well as file types that store data that just
2169 * happens to be transported over protocols such as HTTP but that aren't
2170 * collections of network packets, and plain text files".
2171 *
2172 * All strings in the list are allocated with g_malloc() and must be freed
2173 * with g_free().
2174 *
2175 * This is used to get the "base name" for a file, by stripping off
2176 * compressed-file extensions and extensions that correspond to file
2177 * types that we know about.
2178 */
2179 GSList *
2180 wtap_get_all_file_extensions_list(void)
2181 {
2182 GSList *extensions, *compression_type_extensions;
2183
2184 extensions = NULL; /* empty list, to start with */
2185
2186 /*
2187 * Get compression-type extensions, if any.
2188 */
2189 compression_type_extensions = wtap_get_all_compression_type_extensions_list();
2190
2191 for (int ft = 0; ft < (int)file_type_subtype_table_arr->len; ft++) {
2192 extensions = add_extensions_for_file_type_subtype(ft, extensions,
2193 compression_type_extensions);
2194 }
2195
2196 g_slist_free(compression_type_extensions);
2197
2198 return extensions;
2199 }
2200
2201 /*
2202 * Free a list returned by wtap_get_file_extension_type_extensions(),
2203 * wtap_get_all_capture_file_extensions_list, wtap_get_file_extensions_list(),
2204 * or wtap_get_all_file_extensions_list().
2205 */
2206 void
2207 wtap_free_extensions_list(GSList *extensions)
2208 {
2209 GSList *extension;
2210
2211 for (extension = extensions; extension != NULL;
2212 extension = g_slist_next(extension)) {
2213 g_free(extension->data);
2214 }
2215 g_slist_free(extensions);
2216 }
2217
2218 /*
2219 * Return the default file extension to use with the specified file type
2220 * and subtype; that's just the extension, without any ".".
2221 */
2222 const char *
2223 wtap_default_file_extension(int file_type_subtype)
2224 {
2225 if (file_type_subtype < 0 ||
2226 file_type_subtype >= (int)file_type_subtype_table_arr->len)
2227 return NULL;
2228 else
2229 return file_type_subtype_table[file_type_subtype].default_file_extension;
2230 }
2231
2232 /*
2233 * Return whether we know how to write the specified file type.
2234 */
2235 bool
2236 wtap_dump_can_open(int file_type_subtype)
2237 {
2238 if (file_type_subtype < 0 ||
2239 file_type_subtype >= (int)file_type_subtype_table_arr->len ||
2240 file_type_subtype_table[file_type_subtype].dump_open == NULL)
2241 return false;
2242
2243 return true;
2244 }
2245
2246 /*
2247 * Return whether we know how to write a compressed file of the specified
2248 * file type.
2249 */
2250 #ifdef HAVE_ZLIB
2251 bool
2252 wtap_dump_can_compress(int file_type_subtype)
2253 {
2254 /*
2255 * If this is an unknown file type, or if we have to
2256 * seek when writing out a file with this file type,
2257 * return false.
2258 */
2259 if (file_type_subtype < 0 ||
2260 file_type_subtype >= (int)file_type_subtype_table_arr->len ||
2261 file_type_subtype_table[file_type_subtype].writing_must_seek)
2262 return false;
2263
2264 return true;
2265 }
2266 #else
2267 bool
2268 wtap_dump_can_compress(int file_type_subtype _U_)
2269 {
2270 return false;
2271 }
2272 #endif
2273
2274 static bool wtap_dump_open_finish(wtap_dumper *wdh, int *err,
2275 char **err_info);
2276
2277 static WFILE_T wtap_dump_file_open(wtap_dumper *wdh, const char *filename);
2278 static WFILE_T wtap_dump_file_fdopen(wtap_dumper *wdh, int fd);
2279 static int wtap_dump_file_close(wtap_dumper *wdh);
2280
2281 static wtap_dumper *
2282 wtap_dump_init_dumper(int file_type_subtype, wtap_compression_type compression_type,
2283 const wtap_dump_params *params, int *err)
2284 {
2285 wtap_dumper *wdh;
2286 wtap_block_t descr, file_int_data;
2287 wtapng_if_descr_mandatory_t *descr_mand, *file_int_data_mand;
2288 GArray *interfaces = params->idb_inf ? params->idb_inf->interface_data : NULL;
2289
2290 /* Can we write files of this file type/subtype?
2291 *
2292 * This will fail if file_type_subtype isn't a valid
2293 * file type/subtype value, so, if it doesn't fail,
2294 * we know file_type_subtype is within the bounds of
2295 * the table of file types/subtypes.
2296 */
2297 if (!wtap_dump_can_open(file_type_subtype)) {
2298 /* Invalid type, or type we don't know how to write. */
2299 *err = WTAP_ERR_UNWRITABLE_FILE_TYPE;
2300 return false;
2301 }
2302
2303 /* OK, we know how to write that file type/subtype; can we write
2304 * the specified encapsulation type in that file type/subtype?
2305 */
2306 *err = (*file_type_subtype_table[file_type_subtype].can_write_encap)(params->encap);
2307 /* if the err said to check wslua's can_write_encap, try that */
2308 if (*err == WTAP_ERR_CHECK_WSLUA
2309 && file_type_subtype_table[file_type_subtype].wslua_info != NULL
2310 && file_type_subtype_table[file_type_subtype].wslua_info->wslua_can_write_encap != NULL) {
2311
2312 *err = (*file_type_subtype_table[file_type_subtype].wslua_info->wslua_can_write_encap)(params->encap, file_type_subtype_table[file_type_subtype].wslua_info->wslua_data);
2313 }
2314
2315 if (*err != 0) {
2316 /* No, we can't. */
2317 return NULL;
2318 }
2319
2320 /* Check whether we can open a capture file with that file type
2321 * and that encapsulation, and, if the compression type isn't
2322 * "uncompressed", whether we can write a *compressed* file
2323 * of that file type.
2324 * If we're doing compression, can this file type/subtype be
2325 written in compressed form?
2326 *
2327 * (The particular type doesn't matter - if the file can't
2328 * be written 100% sequentially, we can't compress it,
2329 * because we can't go back and overwrite something we've
2330 * already written.
2331 */
2332 if (compression_type != WTAP_UNCOMPRESSED &&
2333 !wtap_dump_can_compress(file_type_subtype)) {
2334 *err = WTAP_ERR_COMPRESSION_NOT_SUPPORTED;
2335 return NULL;
2336 }
2337
2338 /* Allocate a data structure for the output stream. */
2339 wdh = g_new0(wtap_dumper, 1);
2340 if (wdh == NULL) {
2341 *err = errno;
2342 return NULL;
2343 }
2344
2345 wdh->file_type_subtype = file_type_subtype;
2346 wdh->snaplen = params->snaplen;
2347 wdh->file_encap = params->encap;
2348 wdh->compression_type = compression_type;
2349 wdh->wslua_data = NULL;
2350 wdh->shb_iface_to_global = params->shb_iface_to_global;
2351 wdh->interface_data = g_array_new(false, false, sizeof(wtap_block_t));
2352
2353 /* Set Section Header Block data */
2354 wdh->shb_hdrs = params->shb_hdrs;
2355 /* Set Name Resolution Block data */
2356 wdh->nrbs_growing = params->nrbs_growing;
2357 /* Set Interface Description Block data */
2358 if (interfaces && interfaces->len) {
2359 if (!params->dont_copy_idbs) { /* XXX */
2360 unsigned itf_count;
2361
2362 /* Note: this memory is owned by wtap_dumper and will become
2363 * invalid after wtap_dump_close. */
2364 for (itf_count = 0; itf_count < interfaces->len; itf_count++) {
2365 file_int_data = g_array_index(interfaces, wtap_block_t, itf_count);
2366 file_int_data_mand = (wtapng_if_descr_mandatory_t*)wtap_block_get_mandatory_data(file_int_data);
2367 descr = wtap_block_make_copy(file_int_data);
2368 if ((params->encap != WTAP_ENCAP_PER_PACKET) && (params->encap != file_int_data_mand->wtap_encap)) {
2369 descr_mand = (wtapng_if_descr_mandatory_t*)wtap_block_get_mandatory_data(descr);
2370 descr_mand->wtap_encap = params->encap;
2371 }
2372 g_array_append_val(wdh->interface_data, descr);
2373 }
2374 }
2375 } else if (params->encap != WTAP_ENCAP_NONE && params->encap != WTAP_ENCAP_PER_PACKET) {
2376 /* Generate a fake IDB if we don't have one, unless the
2377 * file encapsulation is none. (WTAP_ENCAP_NONE either
2378 * means that there are no interfaces, or they will be
2379 * provided later when reading the file in single-pass mode.)
2380 *
2381 * For WTAP_ENCAP_PER_PACKET, we'll have to generate IDBs
2382 * from packet records as they come in. (pcapng does this now.)
2383 *
2384 * XXX File types should provide their own IDBs (possibly
2385 * fake ones generated by wtap_add_generated_idb()), in
2386 * order to support being used as inputs for mergecap where
2387 * pcapng is the output.
2388 */
2389 descr = wtap_dump_params_generate_idb(params);
2390 g_array_append_val(wdh->interface_data, descr);
2391 }
2392 /* Set Decryption Secrets Blocks */
2393 wdh->dsbs_initial = params->dsbs_initial;
2394 wdh->dsbs_growing = params->dsbs_growing;
2395 /* Set Sysdig meta events */
2396 wdh->mevs_growing = params->mevs_growing;
2397 return wdh;
2398 }
2399
2400 wtap_dumper *
2401 wtap_dump_open(const char *filename, int file_type_subtype,
2402 wtap_compression_type compression_type, const wtap_dump_params *params,
2403 int *err, char **err_info)
2404 {
2405 wtap_dumper *wdh;
2406 WFILE_T fh;
2407
2408 *err = 0;
2409 *err_info = NULL;
2410
2411 /* Allocate and initialize a data structure for the output stream. */
2412 wdh = wtap_dump_init_dumper(file_type_subtype, compression_type, params,
2413 err);
2414 if (wdh == NULL)
2415 return NULL;
2416
2417 /* In case "fopen()" fails but doesn't set "errno", set "errno"
2418 to a generic "the open failed" error. */
2419 errno = WTAP_ERR_CANT_OPEN;
2420 fh = wtap_dump_file_open(wdh, filename);
2421 if (fh == NULL) {
2422 *err = errno;
2423 g_free(wdh);
2424 return NULL; /* can't create file */
2425 }
2426 wdh->fh = fh;
2427
2428 if (!wtap_dump_open_finish(wdh, err, err_info)) {
2429 /* Get rid of the file we created; we couldn't finish
2430 opening it. */
2431 wtap_dump_file_close(wdh);
2432 ws_unlink(filename);
2433 g_free(wdh);
2434 return NULL;
2435 }
2436 return wdh;
2437 }
2438
2439 wtap_dumper *
2440 wtap_dump_open_tempfile(const char *tmpdir, char **filenamep, const char *pfx,
2441 int file_type_subtype, wtap_compression_type compression_type,
2442 const wtap_dump_params *params, int *err, char **err_info)
2443 {
2444 int fd;
2445 const char *ext;
2446 char sfx[16];
2447 wtap_dumper *wdh;
2448 WFILE_T fh;
2449
2450 /* No path name for the temporary file yet. */
2451 *filenamep = NULL;
2452
2453 *err = 0;
2454 *err_info = NULL;
2455
2456 /* Allocate and initialize a data structure for the output stream. */
2457 wdh = wtap_dump_init_dumper(file_type_subtype, compression_type, params,
2458 err);
2459 if (wdh == NULL)
2460 return NULL;
2461
2462 /* Choose an appropriate suffix for the file */
2463 ext = wtap_default_file_extension(file_type_subtype);
2464 if (ext == NULL)
2465 ext = "tmp";
2466 sfx[0] = '.';
2467 sfx[1] = '\0';
2468 (void) g_strlcat(sfx, ext, 16);
2469
2470 /* Choose a random name for the file */
2471 fd = create_tempfile(tmpdir, filenamep, pfx, sfx, NULL);
2472 if (fd == -1) {
2473 *err = WTAP_ERR_CANT_OPEN;
2474 g_free(wdh);
2475 return NULL; /* can't create file */
2476 }
2477
2478 /* In case "fopen()" fails but doesn't set "errno", set "errno"
2479 to a generic "the open failed" error. */
2480 errno = WTAP_ERR_CANT_OPEN;
2481 fh = wtap_dump_file_fdopen(wdh, fd);
2482 if (fh == NULL) {
2483 *err = errno;
2484 ws_close(fd);
2485 g_free(wdh);
2486 return NULL; /* can't create file */
2487 }
2488 wdh->fh = fh;
2489
2490 if (!wtap_dump_open_finish(wdh, err, err_info)) {
2491 /* Get rid of the file we created; we couldn't finish
2492 opening it. */
2493 wtap_dump_file_close(wdh);
2494 ws_unlink(*filenamep);
2495 g_free(wdh);
2496 return NULL;
2497 }
2498 return wdh;
2499 }
2500
2501 wtap_dumper *
2502 wtap_dump_fdopen(int fd, int file_type_subtype, wtap_compression_type compression_type,
2503 const wtap_dump_params *params, int *err, char **err_info)
2504 {
2505 wtap_dumper *wdh;
2506 WFILE_T fh;
2507
2508 *err = 0;
2509 *err_info = NULL;
2510
2511 /* Allocate and initialize a data structure for the output stream. */
2512 wdh = wtap_dump_init_dumper(file_type_subtype, compression_type, params,
2513 err);
2514 if (wdh == NULL)
2515 return NULL;
2516
2517 /* In case "fopen()" fails but doesn't set "errno", set "errno"
2518 to a generic "the open failed" error. */
2519 errno = WTAP_ERR_CANT_OPEN;
2520 fh = wtap_dump_file_fdopen(wdh, fd);
2521 if (fh == NULL) {
2522 *err = errno;
2523 g_free(wdh);
2524 return NULL; /* can't create standard I/O stream */
2525 }
2526 wdh->fh = fh;
2527
2528 if (!wtap_dump_open_finish(wdh, err, err_info)) {
2529 wtap_dump_file_close(wdh);
2530 g_free(wdh);
2531 return NULL;
2532 }
2533 return wdh;
2534 }
2535
2536 wtap_dumper *
2537 wtap_dump_open_stdout(int file_type_subtype, wtap_compression_type compression_type,
2538 const wtap_dump_params *params, int *err, char **err_info)
2539 {
2540 int new_fd;
2541 wtap_dumper *wdh;
2542
2543 /*
2544 * Duplicate the file descriptor, so that we can close the
2545 * wtap_dumper handle the same way we close any other
2546 * wtap_dumper handle, without closing the standard output.
2547 */
2548 new_fd = ws_dup(1);
2549 if (new_fd == -1) {
2550 /* dup failed */
2551 *err = errno;
2552 return NULL;
2553 }
2554 #ifdef _WIN32
2555 /*
2556 * Put the new descriptor into binary mode.
2557 *
2558 * XXX - even if the file format we're writing is a text
2559 * format?
2560 */
2561 if (_setmode(new_fd, O_BINARY) == -1) {
2562 /* "Should not happen" */
2563 *err = errno;
2564 ws_close(new_fd);
2565 return NULL;
2566 }
2567 #endif
2568
2569 wdh = wtap_dump_fdopen(new_fd, file_type_subtype, compression_type,
2570 params, err, err_info);
2571 if (wdh == NULL) {
2572 /* Failed; close the new FD */
2573 ws_close(new_fd);
2574 return NULL;
2575 }
2576 return wdh;
2577 }
2578
2579 static bool
2580 wtap_dump_open_finish(wtap_dumper *wdh, int *err, char **err_info)
2581 {
2582 int fd;
2583 bool cant_seek;
2584
2585 /* Can we do a seek on the file descriptor?
2586 If not, note that fact. */
2587 if (wdh->compression_type != WTAP_UNCOMPRESSED) {
2588 cant_seek = true;
2589 } else {
2590 fd = ws_fileno((FILE *)wdh->fh);
2591 if (ws_lseek64(fd, 1, SEEK_CUR) == (off_t) -1)
2592 cant_seek = true;
2593 else {
2594 /* Undo the seek. */
2595 ws_lseek64(fd, 0, SEEK_SET);
2596 cant_seek = false;
2597 }
2598 }
2599
2600 /* If this file type requires seeking, and we can't seek, fail. */
2601 if (file_type_subtype_table[wdh->file_type_subtype].writing_must_seek && cant_seek) {
2602 *err = WTAP_ERR_CANT_WRITE_TO_PIPE;
2603 return false;
2604 }
2605
2606 /* Set wdh with wslua data if any - this is how we pass the data
2607 * to the file writer.
2608 */
2609 if (file_type_subtype_table[wdh->file_type_subtype].wslua_info)
2610 wdh->wslua_data = file_type_subtype_table[wdh->file_type_subtype].wslua_info->wslua_data;
2611
2612 /* Now try to open the file for writing. */
2613 if (!(*file_type_subtype_table[wdh->file_type_subtype].dump_open)(wdh, err,
2614 err_info)) {
2615 return false;
2616 }
2617
2618 return true; /* success! */
2619 }
2620
2621 bool
2622 wtap_dump_add_idb(wtap_dumper *wdh, wtap_block_t idb, int *err,
2623 char **err_info)
2624 {
2625 if (wdh->subtype_add_idb == NULL) {
2626 /* Not supported. */
2627 *err = WTAP_ERR_UNWRITABLE_REC_TYPE;
2628 *err_info = g_strdup("Adding IDBs isn't supported by this file type");
2629 return false;
2630 }
2631 *err = 0;
2632 *err_info = NULL;
2633 return (wdh->subtype_add_idb)(wdh, idb, err, err_info);
2634 }
2635
2636 bool
2637 wtap_dump(wtap_dumper *wdh, const wtap_rec *rec,
2638 const uint8_t *pd, int *err, char **err_info)
2639 {
2640 *err = 0;
2641 *err_info = NULL;
2642 return (wdh->subtype_write)(wdh, rec, pd, err, err_info);
2643 }
2644
2645 bool
2646 wtap_dump_flush(wtap_dumper *wdh, int *err)
2647 {
2648 #ifdef HAVE_ZLIB
2649 if (wdh->compression_type == WTAP_GZIP_COMPRESSED) {
2650 if (gzwfile_flush((GZWFILE_T)wdh->fh) == -1) {
2651 *err = gzwfile_geterr((GZWFILE_T)wdh->fh);
2652 return false;
2653 }
2654 } else
2655 #endif
2656 {
2657 if (fflush((FILE *)wdh->fh) == EOF) {
2658 *err = errno;
2659 return false;
2660 }
2661 }
2662 return true;
2663 }
2664
2665 bool
2666 wtap_dump_close(wtap_dumper *wdh, bool *needs_reload,
2667 int *err, char **err_info)
2668 {
2669 bool ret = true;
2670
2671 *err = 0;
2672 *err_info = NULL;
2673 if (wdh->subtype_finish != NULL) {
2674 /* There's a finish routine for this dump stream. */
2675 if (!(wdh->subtype_finish)(wdh, err, err_info))
2676 ret = false;
2677 }
2678 errno = WTAP_ERR_CANT_CLOSE;
2679 if (wtap_dump_file_close(wdh) == EOF) {
2680 if (ret) {
2681 /* The per-format finish function succeeded,
2682 but the stream close didn't. Save the
2683 reason why, if our caller asked for it. */
2684 if (err != NULL)
2685 *err = errno;
2686 }
2687 ret = false;
2688 }
2689 if (needs_reload != NULL)
2690 *needs_reload = wdh->needs_reload;
2691 g_free(wdh->priv);
2692 wtap_block_array_free(wdh->interface_data);
2693 wtap_block_array_unref(wdh->dsbs_initial);
2694 g_free(wdh);
2695 return ret;
2696 }
2697
2698 int
2699 wtap_dump_file_type_subtype(wtap_dumper *wdh)
2700 {
2701 return wdh->file_type_subtype;
2702 }
2703
2704 int64_t
2705 wtap_get_bytes_dumped(wtap_dumper *wdh)
2706 {
2707 return wdh->bytes_dumped;
2708 }
2709
2710 void
2711 wtap_set_bytes_dumped(wtap_dumper *wdh, int64_t bytes_dumped)
2712 {
2713 wdh->bytes_dumped = bytes_dumped;
2714 }
2715
2716 bool
2717 wtap_addrinfo_list_empty(addrinfo_lists_t *addrinfo_lists)
2718 {
2719 return (addrinfo_lists == NULL) ||
2720 ((addrinfo_lists->ipv4_addr_list == NULL) &&
2721 (addrinfo_lists->ipv6_addr_list == NULL));
2722 }
2723
2724 bool
2725 wtap_dump_set_addrinfo_list(wtap_dumper *wdh, addrinfo_lists_t *addrinfo_lists)
2726 {
2727 if (!wdh || wdh->file_type_subtype < 0 ||
2728 wdh->file_type_subtype >= (int)file_type_subtype_table_arr->len ||
2729 wtap_file_type_subtype_supports_block(wdh->file_type_subtype, WTAP_BLOCK_NAME_RESOLUTION) == BLOCK_NOT_SUPPORTED)
2730 return false;
2731 wdh->addrinfo_lists = addrinfo_lists;
2732 return true;
2733 }
2734
2735 void
2736 wtap_dump_discard_name_resolution(wtap_dumper *wdh)
2737 {
2738 /* As below for DSBs. */
2739 if (wdh->nrbs_growing) {
2740 /*
2741 * Pretend we've written all of them.
2742 */
2743 wdh->nrbs_growing_written = wdh->nrbs_growing->len;
2744 }
2745 }
2746
2747 void
2748 wtap_dump_discard_decryption_secrets(wtap_dumper *wdh)
2749 {
2750 /*
2751 * This doesn't free the data, as it might be pointed to
2752 * from other structures; it merely marks all of them as
2753 * having been written to the file, so that they don't
2754 * get written by wtap_dump().
2755 *
2756 * XXX - our APIs for dealing with some metadata, such as
2757 * resolved names, decryption secrets, and interface
2758 * statistics is not very well oriented towards one-pass
2759 * programs; this needs to be cleaned up. See bug 15502.
2760 */
2761 if (wdh->dsbs_growing) {
2762 /*
2763 * Pretend we've written all of them.
2764 */
2765 wdh->dsbs_growing_written = wdh->dsbs_growing->len;
2766 }
2767 }
2768
2769 void
2770 wtap_dump_discard_sysdig_meta_events(wtap_dumper *wdh)
2771 {
2772 /* As above for DSBs. */
2773 if (wdh->mevs_growing) {
2774 /*
2775 * Pretend we've written all of them.
2776 */
2777 wdh->mevs_growing_written = wdh->mevs_growing->len;
2778 }
2779 }
2780
2781 /* internally open a file for writing (compressed or not) */
2782 #ifdef HAVE_ZLIB
2783 static WFILE_T
2784 wtap_dump_file_open(wtap_dumper *wdh, const char *filename)
2785 {
2786 if (wdh->compression_type == WTAP_GZIP_COMPRESSED) {
2787 return gzwfile_open(filename);
2788 } else {
2789 return ws_fopen(filename, "wb");
2790 }
2791 }
2792 #else
2793 static WFILE_T
2794 wtap_dump_file_open(wtap_dumper *wdh _U_, const char *filename)
2795 {
2796 return ws_fopen(filename, "wb");
2797 }
2798 #endif
2799
2800 /* internally open a file for writing (compressed or not) */
2801 #ifdef HAVE_ZLIB
2802 static WFILE_T
2803 wtap_dump_file_fdopen(wtap_dumper *wdh, int fd)
2804 {
2805 if (wdh->compression_type == WTAP_GZIP_COMPRESSED) {
2806 return gzwfile_fdopen(fd);
2807 } else {
2808 return ws_fdopen(fd, "wb");
2809 }
2810 }
2811 #else
2812 static WFILE_T
2813 wtap_dump_file_fdopen(wtap_dumper *wdh _U_, int fd)
2814 {
2815 return ws_fdopen(fd, "wb");
2816 }
2817 #endif
2818
2819 /* internally writing raw bytes (compressed or not). Updates wdh->bytes_dumped on success */
2820 bool
2821 wtap_dump_file_write(wtap_dumper *wdh, const void *buf, size_t bufsize, int *err)
2822 {
2823 size_t nwritten;
2824
2825 #ifdef HAVE_ZLIB
2826 if (wdh->compression_type == WTAP_GZIP_COMPRESSED) {
2827 nwritten = gzwfile_write((GZWFILE_T)wdh->fh, buf, (unsigned int) bufsize);
2828 /*
2829 * gzwfile_write() returns 0 on error.
2830 */
2831 if (nwritten == 0) {
2832 *err = gzwfile_geterr((GZWFILE_T)wdh->fh);
2833 return false;
2834 }
2835 } else
2836 #endif
2837 {
2838 errno = WTAP_ERR_CANT_WRITE;
2839 nwritten = fwrite(buf, 1, bufsize, (FILE *)wdh->fh);
2840 /*
2841 * At least according to the macOS man page,
2842 * this can return a short count on an error.
2843 */
2844 if (nwritten != bufsize) {
2845 if (ferror((FILE *)wdh->fh))
2846 *err = errno;
2847 else
2848 *err = WTAP_ERR_SHORT_WRITE;
2849 return false;
2850 }
2851 }
2852 wdh->bytes_dumped += bufsize;
2853 return true;
2854 }
2855
2856 /* internally close a file for writing (compressed or not) */
2857 static int
2858 wtap_dump_file_close(wtap_dumper *wdh)
2859 {
2860 #ifdef HAVE_ZLIB
2861 if (wdh->compression_type == WTAP_GZIP_COMPRESSED)
2862 return gzwfile_close((GZWFILE_T)wdh->fh);
2863 else
2864 #endif
2865 return fclose((FILE *)wdh->fh);
2866 }
2867
2868 int64_t
2869 wtap_dump_file_seek(wtap_dumper *wdh, int64_t offset, int whence, int *err)
2870 {
2871 #ifdef HAVE_ZLIB
2872 if (wdh->compression_type != WTAP_UNCOMPRESSED) {
2873 *err = WTAP_ERR_CANT_SEEK_COMPRESSED;
2874 return -1;
2875 } else
2876 #endif
2877 {
2878 if (-1 == ws_fseek64((FILE *)wdh->fh, offset, whence)) {
2879 *err = errno;
2880 return -1;
2881 } else
2882 {
2883 return 0;
2884 }
2885 }
2886 }
2887
2888 int64_t
2889 wtap_dump_file_tell(wtap_dumper *wdh, int *err)
2890 {
2891 int64_t rval;
2892 #ifdef HAVE_ZLIB
2893 if (wdh->compression_type != WTAP_UNCOMPRESSED) {
2894 *err = WTAP_ERR_CANT_SEEK_COMPRESSED;
2895 return -1;
2896 } else
2897 #endif
2898 {
2899 if (-1 == (rval = ws_ftell64((FILE *)wdh->fh))) {
2900 *err = errno;
2901 return -1;
2902 } else
2903 {
2904 return rval;
2905 }
2906 }
2907 }
2908
2909 void
2910 cleanup_open_routines(void)
2911 {
2912 unsigned i;
2913 struct open_info *i_open;
2914
2915 if (open_routines != NULL && open_info_arr) {
2916 for (i = 0, i_open = open_routines; i < open_info_arr->len; i++, i_open++) {
2917 if (i_open->extensions != NULL)
2918 g_strfreev(i_open->extensions_set);
2919 }
2920
2921 g_array_free(open_info_arr, true);
2922 open_info_arr = NULL;
2923 }
2924 }
2925
2926 /*
2927 * Allow built-in file handlers (but *not* plugin file handlers!) to
2928 * register a "backwards-compatibility" name and file type value, to
2929 * put in the Lua wtap_filetypes table.
2930 *
2931 * This is only to be used as long as we have that table; new Lua
2932 * code should use wtap_name_to_file_type_subtype() to look up
2933 * file types by their name, just as C code should.
2934 *
2935 * The backwards-ccmpatibility names are the old WTAP_FILE_TYPE_SUBTYPE_
2936 * #define name, with WTAP_FILE_TYPE_SUBTYPE_ removed.
2937 */
2938
2939 static GArray *backwards_compatibility_lua_names;
2940
2941 void
2942 // NOLINTNEXTLINE(misc-no-recursion)
2943 wtap_register_backwards_compatibility_lua_name(const char *name, int ft)
2944 {
2945 struct backwards_compatibiliity_lua_name entry;
2946
2947 /*
2948 * Create the table if it doesn't already exist.
2949 * Use the same size as we do for the file type/subtype table.
2950 */
2951 if (backwards_compatibility_lua_names == NULL) {
2952 backwards_compatibility_lua_names = g_array_sized_new(false,
2953 true, sizeof(struct backwards_compatibiliity_lua_name),
2954 wtap_module_count*2);
2955
2956 /*
2957 * Extra backwards compatibility hack - add entries
2958 * for time stamp precision values(!), as well as
2959 * for "UNKNOWN" and types that don't yet register
2960 * themselves.
2961 *
2962 * If new WS_TSPREC_ value are added, don't bother
2963 * adding them to this table; any Lua program that
2964 * would use them should use the wtap_tsprecs type.
2965 *
2966 * (Recursion: see "recursion".)
2967 */
2968 wtap_register_backwards_compatibility_lua_name("TSPREC_SEC",
2969 WTAP_TSPREC_SEC);
2970 wtap_register_backwards_compatibility_lua_name("TSPREC_DSEC",
2971 WTAP_TSPREC_100_MSEC);
2972 wtap_register_backwards_compatibility_lua_name("TSPREC_CSEC",
2973 WTAP_TSPREC_10_MSEC);
2974 wtap_register_backwards_compatibility_lua_name("TSPREC_MSEC",
2975 WTAP_TSPREC_MSEC);
2976 wtap_register_backwards_compatibility_lua_name("TSPREC_USEC",
2977 WTAP_TSPREC_USEC);
2978 wtap_register_backwards_compatibility_lua_name("TSPREC_NSEC",
2979 WTAP_TSPREC_NSEC);
2980 wtap_register_backwards_compatibility_lua_name("UNKNOWN",
2981 WTAP_FILE_TYPE_SUBTYPE_UNKNOWN);
2982 }
2983 entry.name = name;
2984 entry.ft = ft;
2985 g_array_append_val(backwards_compatibility_lua_names, entry);
2986 }
2987
2988 const GArray *
2989 get_backwards_compatibility_lua_table(void)
2990 {
2991 return backwards_compatibility_lua_names;
2992 }
2993
2994 /*
2995 * Editor modelines - https://www.wireshark.org/tools/modelines.html
2996 *
2997 * Local variables:
2998 * c-basic-offset: 8
2999 * tab-width: 8
3000 * indent-tabs-mode: t
3001 * End:
3002 *
3003 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
3004 * :indentSize=8:tabSize=8:noTabs=false:
3005 */
Metzes wireshark repo