search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
MSWSP: add two more Property Sets
[wireshark-wip.git] / epan / dissectors / packet-frame.c
blobdac5775d61e36d7d511cd069be8c244bc91a1afe
1 /* packet-frame.c
2 *
3 * Top-most dissector. Decides dissector based on Wiretap Encapsulation Type.
4 *
5 * $Id$
6 *
7 * Wireshark - Network traffic analyzer
8 * By Gerald Combs <gerald@wireshark.org>
9 * Copyright 2000 Gerald Combs
10 *
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version 2
14 * of the License, or (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 */
25
26 #include "config.h"
27
28 #ifdef _MSC_VER
29 #include <windows.h>
30 #endif
31
32 #include <glib.h>
33
34 #include <wsutil/md5.h>
35
36 #include <epan/packet.h>
37 #include <epan/exceptions.h>
38 #include <epan/show_exception.h>
39 #include <epan/timestamp.h>
40 #include <epan/prefs.h>
41 #include <epan/tap.h>
42 #include <epan/expert.h>
43
44 #include "packet-frame.h"
45
46 #include "color.h"
47 #include "color_filters.h"
48
49 int proto_frame = -1;
50 static int proto_pkt_comment = -1;
51 int hf_frame_arrival_time = -1;
52 static int hf_frame_shift_offset = -1;
53 static int hf_frame_arrival_time_epoch = -1;
54 static int hf_frame_time_delta = -1;
55 static int hf_frame_time_delta_displayed = -1;
56 static int hf_frame_time_relative = -1;
57 static int hf_frame_time_reference = -1;
58 int hf_frame_number = -1;
59 int hf_frame_len = -1;
60 int hf_frame_capture_len = -1;
61 static int hf_frame_p2p_dir = -1;
62 static int hf_frame_file_off = -1;
63 static int hf_frame_md5_hash = -1;
64 static int hf_frame_marked = -1;
65 static int hf_frame_ignored = -1;
66 static int hf_link_number = -1;
67 static int hf_frame_protocols = -1;
68 static int hf_frame_color_filter_name = -1;
69 static int hf_frame_color_filter_text = -1;
70 static int hf_frame_interface_id = -1;
71 static int hf_frame_pack_flags = -1;
72 static int hf_frame_pack_direction = -1;
73 static int hf_frame_pack_reception_type = -1;
74 static int hf_frame_pack_fcs_length = -1;
75 static int hf_frame_pack_reserved = -1;
76 static int hf_frame_pack_crc_error = -1;
77 static int hf_frame_pack_wrong_packet_too_long_error = -1;
78 static int hf_frame_pack_wrong_packet_too_short_error = -1;
79 static int hf_frame_pack_wrong_inter_frame_gap_error = -1;
80 static int hf_frame_pack_unaligned_frame_error = -1;
81 static int hf_frame_pack_start_frame_delimiter_error = -1;
82 static int hf_frame_pack_preamble_error = -1;
83 static int hf_frame_pack_symbol_error = -1;
84 static int hf_frame_wtap_encap = -1;
85 static int hf_comments_text = -1;
86 static int hf_frame_num_p_prot_data = -1;
87
88 static gint ett_frame = -1;
89 static gint ett_flags = -1;
90 static gint ett_comments = -1;
91
92 static expert_field ei_comments_text = EI_INIT;
93 static expert_field ei_arrive_time_out_of_range = EI_INIT;
94
95 static int frame_tap = -1;
96
97 static dissector_handle_t data_handle;
98 static dissector_handle_t docsis_handle;
99
100 /* Preferences */
101 static gboolean show_file_off = FALSE;
102 static gboolean force_docsis_encap = FALSE;
103 static gboolean generate_md5_hash = FALSE;
104 static gboolean generate_epoch_time = TRUE;
105 static gboolean generate_bits_field = TRUE;
106
107 static const value_string p2p_dirs[] = {
108 { P2P_DIR_UNKNOWN, "Unknown" },
109 { P2P_DIR_SENT, "Sent" },
110 { P2P_DIR_RECV, "Received" },
111 { 0, NULL }
112 };
113
114 #define PACKET_WORD_DIRECTION_MASK 0x00000003
115 #define PACKET_WORD_RECEPTION_TYPE_MASK 0x0000001C
116 #define PACKET_WORD_FCS_LENGTH_MASK 0x000001E0
117 #define PACKET_WORD_RESERVED_MASK 0x0000FE00
118 #define PACKET_WORD_CRC_ERR_MASK 0x01000000
119 #define PACKET_WORD_PACKET_TOO_LONG_ERR_MASK 0x02000000
120 #define PACKET_WORD_PACKET_TOO_SHORT_ERR_MASK 0x04000000
121 #define PACKET_WORD_WRONG_INTER_FRAME_GAP_ERR_MASK 0x08000000
122 #define PACKET_WORD_UNALIGNED_FRAME_ERR_MASK 0x10000000
123 #define PACKET_WORD_START_FRAME_DELIMITER_ERR_MASK 0x20000000
124 #define PACKET_WORD_PREAMBLE_ERR_MASK 0x40000000
125 #define PACKET_WORD_SYMBOL_ERR_MASK 0x80000000
126
127 static const value_string packet_word_directions[] = {
128 { 0x00, "Not available" },
129 { 0x01, "Inbound" },
130 { 0x02, "Outbound" },
131 { 0x03, "Undefined" },
132 { 0, NULL }
133 };
134
135 static const value_string packet_word_reception_types[] = {
136 { 0x00, "Not specified" },
137 { 0x01, "Unicast" },
138 { 0x02, "Multicast" },
139 { 0x03, "Broadcast" },
140 { 0x04, "Promiscuous" },
141 { 0x05, "Undefined" },
142 { 0x06, "Undefined" },
143 { 0x07, "Undefined" },
144 { 0, NULL }
145 };
146
147 dissector_table_t wtap_encap_dissector_table;
148
149 /*
150 * Routine used to register frame end routine. The routine should only
151 * be registered when the dissector is used in the frame, not in the
152 * proto_register_XXX function.
153 */
154 void
155 register_frame_end_routine(packet_info *pinfo, void (*func)(void))
156 {
157 pinfo->frame_end_routines = g_slist_append(pinfo->frame_end_routines, (gpointer)func);
158 }
159
160 typedef void (*void_func_t)(void);
161
162 static void
163 call_frame_end_routine(gpointer routine, gpointer dummy _U_)
164 {
165 void_func_t func = (void_func_t)routine;
166 (*func)();
167 }
168
169 static void
170 dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
171 {
172 proto_item *volatile ti = NULL, *comment_item;
173 guint cap_len = 0, frame_len = 0;
174 proto_tree *volatile tree;
175 proto_tree *comments_tree;
176 proto_item *item;
177 const gchar *cap_plurality, *frame_plurality;
178
179 tree=parent_tree;
180
181 pinfo->current_proto = "Frame";
182
183 if (pinfo->pseudo_header != NULL) {
184 switch (pinfo->fd->lnk_t) {
185
186 case WTAP_ENCAP_WFLEET_HDLC:
187 case WTAP_ENCAP_CHDLC_WITH_PHDR:
188 case WTAP_ENCAP_PPP_WITH_PHDR:
189 case WTAP_ENCAP_SDLC:
190 case WTAP_ENCAP_BLUETOOTH_H4_WITH_PHDR:
191 pinfo->p2p_dir = pinfo->pseudo_header->p2p.sent ?
192 P2P_DIR_SENT : P2P_DIR_RECV;
193 break;
194
195 case WTAP_ENCAP_BLUETOOTH_HCI:
196 pinfo->p2p_dir = pinfo->pseudo_header->bthci.sent;
197 break;
198
199 case WTAP_ENCAP_LAPB:
200 case WTAP_ENCAP_FRELAY_WITH_PHDR:
201 pinfo->p2p_dir =
202 (pinfo->pseudo_header->x25.flags & FROM_DCE) ?
203 P2P_DIR_RECV : P2P_DIR_SENT;
204 break;
205
206 case WTAP_ENCAP_ISDN:
207 case WTAP_ENCAP_V5_EF:
208 case WTAP_ENCAP_DPNSS:
209 case WTAP_ENCAP_BACNET_MS_TP_WITH_PHDR:
210 pinfo->p2p_dir = pinfo->pseudo_header->isdn.uton ?
211 P2P_DIR_SENT : P2P_DIR_RECV;
212 break;
213
214 case WTAP_ENCAP_LINUX_LAPD:
215 pinfo->p2p_dir = (pinfo->pseudo_header->lapd.pkttype == 3 ||
216 pinfo->pseudo_header->lapd.pkttype == 4) ?
217 P2P_DIR_SENT : P2P_DIR_RECV;
218 break;
219
220 case WTAP_ENCAP_MTP2_WITH_PHDR:
221 pinfo->p2p_dir = pinfo->pseudo_header->mtp2.sent ?
222 P2P_DIR_SENT : P2P_DIR_RECV;
223 pinfo->link_number = pinfo->pseudo_header->mtp2.link_number;
224 pinfo->annex_a_used = pinfo->pseudo_header->mtp2.annex_a_used;
225 break;
226
227 case WTAP_ENCAP_GSM_UM:
228 pinfo->p2p_dir = pinfo->pseudo_header->gsm_um.uplink ?
229 P2P_DIR_SENT : P2P_DIR_RECV;
230 break;
231
232 }
233 }
234
235 if(pinfo->pkt_comment){
236 item = proto_tree_add_item(tree, proto_pkt_comment, tvb, 0, -1, ENC_NA);
237 comments_tree = proto_item_add_subtree(item, ett_comments);
238 comment_item = proto_tree_add_string_format(comments_tree, hf_comments_text, tvb, 0, -1,
239 pinfo->pkt_comment, "%s",
240 pinfo->pkt_comment);
241 expert_add_info_format(pinfo, comment_item, &ei_comments_text,
242 "%s", pinfo->pkt_comment);
243
244
245 }
246
247 /* if FRAME is not referenced from any filters we dont need to worry about
248 generating any tree items. */
249 if(!proto_field_is_referenced(tree, proto_frame)) {
250 tree=NULL;
251 if(pinfo->fd->flags.has_ts) {
252 if(pinfo->fd->abs_ts.nsecs < 0 || pinfo->fd->abs_ts.nsecs >= 1000000000)
253 expert_add_info(pinfo, NULL, &ei_arrive_time_out_of_range);
254 }
255 } else {
256 proto_tree *fh_tree;
257 gboolean old_visible;
258
259 /* Put in frame header information. */
260 cap_len = tvb_length(tvb);
261 frame_len = tvb_reported_length(tvb);
262
263 cap_plurality = plurality(cap_len, "", "s");
264 frame_plurality = plurality(frame_len, "", "s");
265
266 ti = proto_tree_add_protocol_format(tree, proto_frame, tvb, 0, -1,
267 "Frame %u: %u byte%s on wire",
268 pinfo->fd->num, frame_len, frame_plurality);
269 if (generate_bits_field)
270 proto_item_append_text(ti, " (%u bits)", frame_len * 8);
271 proto_item_append_text(ti, ", %u byte%s captured",
272 cap_len, cap_plurality);
273 if (generate_bits_field) {
274 proto_item_append_text(ti, " (%u bits)",
275 cap_len * 8);
276 }
277 if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) {
278 proto_item_append_text(ti, " on interface %u",
279 pinfo->phdr->interface_id);
280 }
281 if (pinfo->phdr->presence_flags & WTAP_HAS_PACK_FLAGS) {
282 if (pinfo->phdr->pack_flags & 0x00000001) {
283 proto_item_append_text(ti, " (inbound)");
284 pinfo->p2p_dir = P2P_DIR_RECV;
285 }
286 if (pinfo->phdr->pack_flags & 0x00000002) {
287 proto_item_append_text(ti, " (outbound)");
288 pinfo->p2p_dir = P2P_DIR_SENT;
289 }
290 }
291
292 fh_tree = proto_item_add_subtree(ti, ett_frame);
293
294 if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID && proto_field_is_referenced(tree, hf_frame_interface_id)) {
295 const char *interface_name = epan_get_interface_name(pinfo->epan, pinfo->phdr->interface_id);
296
297 if (interface_name)
298 proto_tree_add_uint_format_value(fh_tree, hf_frame_interface_id, tvb, 0, 0, pinfo->phdr->interface_id, "%u (%s)", pinfo->phdr->interface_id, interface_name);
299 else
300 proto_tree_add_uint(fh_tree, hf_frame_interface_id, tvb, 0, 0, pinfo->phdr->interface_id);
301 }
302
303 if (pinfo->phdr->presence_flags & WTAP_HAS_PACK_FLAGS) {
304 proto_tree *flags_tree;
305 proto_item *flags_item;
306
307 flags_item = proto_tree_add_uint(fh_tree, hf_frame_pack_flags, tvb, 0, 0, pinfo->phdr->pack_flags);
308 flags_tree = proto_item_add_subtree(flags_item, ett_flags);
309 proto_tree_add_uint(flags_tree, hf_frame_pack_direction, tvb, 0, 0, pinfo->phdr->pack_flags);
310 proto_tree_add_uint(flags_tree, hf_frame_pack_reception_type, tvb, 0, 0, pinfo->phdr->pack_flags);
311 proto_tree_add_uint(flags_tree, hf_frame_pack_fcs_length, tvb, 0, 0, pinfo->phdr->pack_flags);
312 proto_tree_add_uint(flags_tree, hf_frame_pack_reserved, tvb, 0, 0, pinfo->phdr->pack_flags);
313 proto_tree_add_boolean(flags_tree, hf_frame_pack_crc_error, tvb, 0, 0, pinfo->phdr->pack_flags);
314 proto_tree_add_boolean(flags_tree, hf_frame_pack_wrong_packet_too_long_error, tvb, 0, 0, pinfo->phdr->pack_flags);
315 proto_tree_add_boolean(flags_tree, hf_frame_pack_wrong_packet_too_short_error, tvb, 0, 0, pinfo->phdr->pack_flags);
316 proto_tree_add_boolean(flags_tree, hf_frame_pack_wrong_inter_frame_gap_error, tvb, 0, 0, pinfo->phdr->pack_flags);
317 proto_tree_add_boolean(flags_tree, hf_frame_pack_unaligned_frame_error, tvb, 0, 0, pinfo->phdr->pack_flags);
318 proto_tree_add_boolean(flags_tree, hf_frame_pack_start_frame_delimiter_error, tvb, 0, 0, pinfo->phdr->pack_flags);
319 proto_tree_add_boolean(flags_tree, hf_frame_pack_preamble_error, tvb, 0, 0, pinfo->phdr->pack_flags);
320 proto_tree_add_boolean(flags_tree, hf_frame_pack_symbol_error, tvb, 0, 0, pinfo->phdr->pack_flags);
321 }
322
323 proto_tree_add_int(fh_tree, hf_frame_wtap_encap, tvb, 0, 0, pinfo->fd->lnk_t);
324
325 if (pinfo->fd->flags.has_ts) {
326 proto_tree_add_time(fh_tree, hf_frame_arrival_time, tvb,
327 0, 0, &(pinfo->fd->abs_ts));
328 if(pinfo->fd->abs_ts.nsecs < 0 || pinfo->fd->abs_ts.nsecs >= 1000000000) {
329 expert_add_info_format(pinfo, ti, &ei_arrive_time_out_of_range,
330 "Arrival Time: Fractional second %09ld is invalid,"
331 " the valid range is 0-1000000000",
332 (long) pinfo->fd->abs_ts.nsecs);
333 }
334 item = proto_tree_add_time(fh_tree, hf_frame_shift_offset, tvb,
335 0, 0, &(pinfo->fd->shift_offset));
336 PROTO_ITEM_SET_GENERATED(item);
337
338 if(generate_epoch_time) {
339 proto_tree_add_time(fh_tree, hf_frame_arrival_time_epoch, tvb,
340 0, 0, &(pinfo->fd->abs_ts));
341 }
342
343 if (proto_field_is_referenced(tree, hf_frame_time_delta)) {
344 nstime_t del_cap_ts;
345
346 frame_delta_abs_time(pinfo->epan, pinfo->fd, pinfo->fd->num - 1, &del_cap_ts);
347
348 item = proto_tree_add_time(fh_tree, hf_frame_time_delta, tvb,
349 0, 0, &(del_cap_ts));
350 PROTO_ITEM_SET_GENERATED(item);
351 }
352
353 if (proto_field_is_referenced(tree, hf_frame_time_delta_displayed)) {
354 nstime_t del_dis_ts;
355
356 frame_delta_abs_time(pinfo->epan, pinfo->fd, pinfo->fd->prev_dis_num, &del_dis_ts);
357
358 item = proto_tree_add_time(fh_tree, hf_frame_time_delta_displayed, tvb,
359 0, 0, &(del_dis_ts));
360 PROTO_ITEM_SET_GENERATED(item);
361 }
362
363 item = proto_tree_add_time(fh_tree, hf_frame_time_relative, tvb,
364 0, 0, &(pinfo->rel_ts));
365 PROTO_ITEM_SET_GENERATED(item);
366
367 if(pinfo->fd->flags.ref_time){
368 ti = proto_tree_add_item(fh_tree, hf_frame_time_reference, tvb, 0, 0, ENC_NA);
369 PROTO_ITEM_SET_GENERATED(ti);
370 }
371 }
372
373 proto_tree_add_uint(fh_tree, hf_frame_number, tvb,
374 0, 0, pinfo->fd->num);
375
376 proto_tree_add_uint_format(fh_tree, hf_frame_len, tvb,
377 0, 0, frame_len, "Frame Length: %u byte%s (%u bits)",
378 frame_len, frame_plurality, frame_len * 8);
379
380 proto_tree_add_uint_format(fh_tree, hf_frame_capture_len, tvb,
381 0, 0, cap_len, "Capture Length: %u byte%s (%u bits)",
382 cap_len, cap_plurality, cap_len * 8);
383
384 if (generate_md5_hash) {
385 const guint8 *cp;
386 md5_state_t md_ctx;
387 md5_byte_t digest[16];
388 const gchar *digest_string;
389
390 cp = tvb_get_ptr(tvb, 0, cap_len);
391
392 md5_init(&md_ctx);
393 md5_append(&md_ctx, cp, cap_len);
394 md5_finish(&md_ctx, digest);
395
396 digest_string = bytestring_to_str(digest, 16, '\0');
397 ti = proto_tree_add_string(fh_tree, hf_frame_md5_hash, tvb, 0, 0, digest_string);
398 PROTO_ITEM_SET_GENERATED(ti);
399 }
400
401 ti = proto_tree_add_boolean(fh_tree, hf_frame_marked, tvb, 0, 0,pinfo->fd->flags.marked);
402 PROTO_ITEM_SET_GENERATED(ti);
403
404 ti = proto_tree_add_boolean(fh_tree, hf_frame_ignored, tvb, 0, 0,pinfo->fd->flags.ignored);
405 PROTO_ITEM_SET_GENERATED(ti);
406
407 if(proto_field_is_referenced(tree, hf_frame_protocols)) {
408 /* we are going to be using proto_item_append_string() on
409 * hf_frame_protocols, and we must therefore disable the
410 * TRY_TO_FAKE_THIS_ITEM() optimisation for the tree by
411 * setting it as visible.
412 *
413 * See proto.h for details.
414 */
415 old_visible = proto_tree_set_visible(fh_tree, TRUE);
416 ti = proto_tree_add_string(fh_tree, hf_frame_protocols, tvb, 0, 0, "");
417 PROTO_ITEM_SET_GENERATED(ti);
418 proto_tree_set_visible(fh_tree, old_visible);
419 }
420
421 if(pinfo->fd->pfd != 0){
422 proto_item *ppd_item;
423 guint num_entries = g_slist_length(pinfo->fd->pfd);
424 guint i;
425 ppd_item = proto_tree_add_uint(fh_tree, hf_frame_num_p_prot_data, tvb, 0, 0, num_entries);
426 PROTO_ITEM_SET_GENERATED(ppd_item);
427 for(i=0; i<num_entries; i++){
428 proto_tree_add_text (fh_tree, tvb, 0, 0, "%s",p_get_proto_name_and_key(pinfo->fd, i));
429 }
430 }
431 /* Check for existences of P2P pseudo header */
432 if (pinfo->p2p_dir != P2P_DIR_UNKNOWN) {
433 proto_tree_add_int(fh_tree, hf_frame_p2p_dir, tvb,
434 0, 0, pinfo->p2p_dir);
435 }
436
437 /* Check for existences of MTP2 link number */
438 if ((pinfo->pseudo_header != NULL ) && (pinfo->fd->lnk_t == WTAP_ENCAP_MTP2_WITH_PHDR)) {
439 proto_tree_add_uint(fh_tree, hf_link_number, tvb,
440 0, 0, pinfo->link_number);
441 }
442
443 if (show_file_off) {
444 proto_tree_add_int64_format_value(fh_tree, hf_frame_file_off, tvb,
445 0, 0, pinfo->fd->file_off,
446 "%" G_GINT64_MODIFIER "d (0x%" G_GINT64_MODIFIER "x)",
447 pinfo->fd->file_off, pinfo->fd->file_off);
448 }
449
450 if(pinfo->fd->color_filter != NULL) {
451 const color_filter_t *color_filter = (const color_filter_t *)pinfo->fd->color_filter;
452 item = proto_tree_add_string(fh_tree, hf_frame_color_filter_name, tvb,
453 0, 0, color_filter->filter_name);
454 PROTO_ITEM_SET_GENERATED(item);
455 item = proto_tree_add_string(fh_tree, hf_frame_color_filter_text, tvb,
456 0, 0, color_filter->filter_text);
457 PROTO_ITEM_SET_GENERATED(item);
458 }
459 }
460
461 if (pinfo->fd->flags.ignored) {
462 /* Ignored package, stop handling here */
463 col_set_str(pinfo->cinfo, COL_INFO, "<Ignored>");
464 proto_tree_add_text (tree, tvb, 0, -1, "This frame is marked as ignored");
465 return;
466 }
467
468 /* Portable Exception Handling to trap Wireshark specific exceptions like BoundsError exceptions */
469 TRY {
470 #ifdef _MSC_VER
471 /* Win32: Visual-C Structured Exception Handling (SEH) to trap hardware exceptions
472 like memory access violations.
473 (a running debugger will be called before the except part below) */
474 /* Note: A Windows "exceptional exception" may leave the kazlib's (Portable Exception Handling)
475 stack in an inconsistent state thus causing a crash at some point in the
476 handling of the exception.
477 See: https://www.wireshark.org/lists/wireshark-dev/200704/msg00243.html
478 */
479 __try {
480 #endif
481 if ((force_docsis_encap) && (docsis_handle)) {
482 call_dissector(docsis_handle, tvb, pinfo, parent_tree);
483 } else {
484 if (!dissector_try_uint(wtap_encap_dissector_table, pinfo->fd->lnk_t,
485 tvb, pinfo, parent_tree)) {
486
487 col_set_str(pinfo->cinfo, COL_PROTOCOL, "UNKNOWN");
488 col_add_fstr(pinfo->cinfo, COL_INFO, "WTAP_ENCAP = %d",
489 pinfo->fd->lnk_t);
490 call_dissector(data_handle,tvb, pinfo, parent_tree);
491 }
492 }
493 #ifdef _MSC_VER
494 } __except(EXCEPTION_EXECUTE_HANDLER /* handle all exceptions */) {
495 switch(GetExceptionCode()) {
496 case(STATUS_ACCESS_VIOLATION):
497 show_exception(tvb, pinfo, parent_tree, DissectorError,
498 "STATUS_ACCESS_VIOLATION: dissector accessed an invalid memory address");
499 break;
500 case(STATUS_INTEGER_DIVIDE_BY_ZERO):
501 show_exception(tvb, pinfo, parent_tree, DissectorError,
502 "STATUS_INTEGER_DIVIDE_BY_ZERO: dissector tried an integer division by zero");
503 break;
504 case(STATUS_STACK_OVERFLOW):
505 show_exception(tvb, pinfo, parent_tree, DissectorError,
506 "STATUS_STACK_OVERFLOW: dissector overflowed the stack (e.g. endless loop)");
507 /* XXX - this will have probably corrupted the stack,
508 which makes problems later in the exception code */
509 break;
510 /* XXX - add other hardware exception codes as required */
511 default:
512 show_exception(tvb, pinfo, parent_tree, DissectorError,
513 g_strdup_printf("dissector caused an unknown exception: 0x%x", GetExceptionCode()));
514 }
515 }
516 #endif
517 }
518 CATCH_BOUNDS_AND_DISSECTOR_ERRORS {
519 show_exception(tvb, pinfo, parent_tree, EXCEPT_CODE, GET_MESSAGE);
520 }
521 ENDTRY;
522
523 if(proto_field_is_referenced(tree, hf_frame_protocols)) {
524 wmem_strbuf_t *val = wmem_strbuf_new(wmem_packet_scope(), "");
525 wmem_list_frame_t *frame;
526 /* skip the first entry, it's always the "frame" protocol */
527 frame = wmem_list_frame_next(wmem_list_head(pinfo->layers));
528 if (frame) {
529 wmem_strbuf_append(val, proto_get_protocol_filter_name(GPOINTER_TO_UINT(wmem_list_frame_data(frame))));
530 frame = wmem_list_frame_next(frame);
531 }
532 while (frame) {
533 wmem_strbuf_append_c(val, ':');
534 wmem_strbuf_append(val, proto_get_protocol_filter_name(GPOINTER_TO_UINT(wmem_list_frame_data(frame))));
535 frame = wmem_list_frame_next(frame);
536 }
537 proto_item_append_string(ti, wmem_strbuf_get_str(val));
538 }
539
540 /* Call postdissectors if we have any (while trying to avoid another
541 * TRY/CATCH)
542 */
543 if (have_postdissector()) {
544 TRY {
545 #ifdef _MSC_VER
546 /* Win32: Visual-C Structured Exception Handling (SEH)
547 to trap hardware exceptions like memory access violations */
548 /* (a running debugger will be called before the except part below) */
549 /* Note: A Windows "exceptional exception" may leave the kazlib's (Portable Exception Handling)
550 stack in an inconsistent state thus causing a crash at some point in the
551 handling of the exception.
552 See: https://www.wireshark.org/lists/wireshark-dev/200704/msg00243.html
553 */
554 __try {
555 #endif
556 call_all_postdissectors(tvb, pinfo, parent_tree);
557 #ifdef _MSC_VER
558 } __except(EXCEPTION_EXECUTE_HANDLER /* handle all exceptions */) {
559 switch(GetExceptionCode()) {
560 case(STATUS_ACCESS_VIOLATION):
561 show_exception(tvb, pinfo, parent_tree, DissectorError,
562 "STATUS_ACCESS_VIOLATION: dissector accessed an invalid memory address");
563 break;
564 case(STATUS_INTEGER_DIVIDE_BY_ZERO):
565 show_exception(tvb, pinfo, parent_tree, DissectorError,
566 "STATUS_INTEGER_DIVIDE_BY_ZERO: dissector tried an integer division by zero");
567 break;
568 case(STATUS_STACK_OVERFLOW):
569 show_exception(tvb, pinfo, parent_tree, DissectorError,
570 "STATUS_STACK_OVERFLOW: dissector overflowed the stack (e.g. endless loop)");
571 /* XXX - this will have probably corrupted the stack,
572 which makes problems later in the exception code */
573 break;
574 /* XXX - add other hardware exception codes as required */
575 default:
576 show_exception(tvb, pinfo, parent_tree, DissectorError,
577 g_strdup_printf("dissector caused an unknown exception: 0x%x", GetExceptionCode()));
578 }
579 }
580 #endif
581 }
582 CATCH_BOUNDS_AND_DISSECTOR_ERRORS {
583 show_exception(tvb, pinfo, parent_tree, EXCEPT_CODE, GET_MESSAGE);
584 }
585 ENDTRY;
586 }
587
588 tap_queue_packet(frame_tap, pinfo, NULL);
589
590
591 if (pinfo->frame_end_routines) {
592 g_slist_foreach(pinfo->frame_end_routines, &call_frame_end_routine, NULL);
593 g_slist_free(pinfo->frame_end_routines);
594 pinfo->frame_end_routines = NULL;
595 }
596 }
597
598 void
599 proto_register_frame(void)
600 {
601 static hf_register_info hf[] = {
602 { &hf_frame_arrival_time,
603 { "Arrival Time", "frame.time",
604 FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x0,
605 "Absolute time when this frame was captured", HFILL }},
606
607 { &hf_frame_shift_offset,
608 { "Time shift for this packet", "frame.offset_shift",
609 FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
610 "Time shift applied to this packet", HFILL }},
611
612 { &hf_frame_arrival_time_epoch,
613 { "Epoch Time", "frame.time_epoch",
614 FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
615 "Epoch time when this frame was captured", HFILL }},
616
617 { &hf_frame_time_delta,
618 { "Time delta from previous captured frame", "frame.time_delta",
619 FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
620 NULL, HFILL }},
621
622 { &hf_frame_time_delta_displayed,
623 { "Time delta from previous displayed frame", "frame.time_delta_displayed",
624 FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
625 NULL, HFILL }},
626
627 { &hf_frame_time_relative,
628 { "Time since reference or first frame", "frame.time_relative",
629 FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
630 "Time relative to time reference or first frame", HFILL }},
631
632 { &hf_frame_time_reference,
633 { "This is a Time Reference frame", "frame.ref_time",
634 FT_NONE, BASE_NONE, NULL, 0x0,
635 "This frame is a Time Reference frame", HFILL }},
636
637 { &hf_frame_number,
638 { "Frame Number", "frame.number",
639 FT_UINT32, BASE_DEC, NULL, 0x0,
640 NULL, HFILL }},
641
642 { &hf_frame_len,
643 { "Frame length on the wire", "frame.len",
644 FT_UINT32, BASE_DEC, NULL, 0x0,
645 NULL, HFILL }},
646
647 { &hf_frame_capture_len,
648 { "Frame length stored into the capture file", "frame.cap_len",
649 FT_UINT32, BASE_DEC, NULL, 0x0,
650 NULL, HFILL }},
651
652 { &hf_frame_md5_hash,
653 { "Frame MD5 Hash", "frame.md5_hash",
654 FT_STRING, BASE_NONE, NULL, 0x0,
655 NULL, HFILL }},
656
657 { &hf_frame_p2p_dir,
658 { "Point-to-Point Direction", "frame.p2p_dir",
659 FT_INT8, BASE_DEC, VALS(p2p_dirs), 0x0,
660 NULL, HFILL }},
661
662 { &hf_link_number,
663 { "Link Number", "frame.link_nr",
664 FT_UINT16, BASE_DEC, NULL, 0x0,
665 NULL, HFILL }},
666
667 { &hf_frame_file_off,
668 { "File Offset", "frame.file_off",
669 FT_INT64, BASE_DEC, NULL, 0x0,
670 NULL, HFILL }},
671
672 { &hf_frame_marked,
673 { "Frame is marked", "frame.marked",
674 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
675 "Frame is marked in the GUI", HFILL }},
676
677 { &hf_frame_ignored,
678 { "Frame is ignored", "frame.ignored",
679 FT_BOOLEAN, BASE_NONE, NULL, 0x0,
680 "Frame is ignored by the dissectors", HFILL }},
681
682 { &hf_frame_protocols,
683 { "Protocols in frame", "frame.protocols",
684 FT_STRING, BASE_NONE, NULL, 0x0,
685 "Protocols carried by this frame", HFILL }},
686
687 { &hf_frame_color_filter_name,
688 { "Coloring Rule Name", "frame.coloring_rule.name",
689 FT_STRING, BASE_NONE, NULL, 0x0,
690 "The frame matched the coloring rule with this name", HFILL }},
691
692 { &hf_frame_color_filter_text,
693 { "Coloring Rule String", "frame.coloring_rule.string",
694 FT_STRING, BASE_NONE, NULL, 0x0,
695 "The frame matched this coloring rule string", HFILL }},
696
697 { &hf_frame_interface_id,
698 { "Interface id", "frame.interface_id",
699 FT_UINT32, BASE_DEC, NULL, 0x0,
700 NULL, HFILL }},
701
702 { &hf_frame_pack_flags,
703 { "Packet flags", "frame.packet_flags",
704 FT_UINT32, BASE_HEX, NULL, 0x0,
705 NULL, HFILL }},
706
707 { &hf_frame_pack_direction,
708 { "Direction", "frame.packet_flags_direction",
709 FT_UINT32, BASE_HEX, VALS(&packet_word_directions), PACKET_WORD_DIRECTION_MASK,
710 NULL, HFILL }},
711
712 { &hf_frame_pack_reception_type,
713 { "Reception type", "frame.packet_flags_reception_type",
714 FT_UINT32, BASE_DEC, VALS(&packet_word_reception_types), PACKET_WORD_RECEPTION_TYPE_MASK,
715 NULL, HFILL }},
716
717 { &hf_frame_pack_fcs_length,
718 { "FCS length", "frame.packet_flags_fcs_length",
719 FT_UINT32, BASE_DEC, NULL, PACKET_WORD_FCS_LENGTH_MASK,
720 NULL, HFILL }},
721
722 { &hf_frame_pack_reserved,
723 { "Reserved", "frame.packet_flags_reserved",
724 FT_UINT32, BASE_DEC, NULL, PACKET_WORD_RESERVED_MASK,
725 NULL, HFILL }},
726
727 { &hf_frame_pack_crc_error,
728 { "CRC error", "frame.packet_flags_crc_error",
729 FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_CRC_ERR_MASK,
730 NULL, HFILL }},
731
732 { &hf_frame_pack_wrong_packet_too_long_error,
733 { "Packet too long error", "frame.packet_flags_packet_too_error",
734 FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_PACKET_TOO_LONG_ERR_MASK,
735 NULL, HFILL }},
736
737 { &hf_frame_pack_wrong_packet_too_short_error,
738 { "Packet too short error", "frame.packet_flags_packet_too_short_error",
739 FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_PACKET_TOO_SHORT_ERR_MASK,
740 NULL, HFILL }},
741
742 { &hf_frame_pack_wrong_inter_frame_gap_error,
743 { "Wrong interframe gap error", "frame.packet_flags_wrong_inter_frame_gap_error",
744 FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_WRONG_INTER_FRAME_GAP_ERR_MASK,
745 NULL, HFILL }},
746
747 { &hf_frame_pack_unaligned_frame_error,
748 { "Unaligned frame error", "frame.packet_flags_unaligned_frame_error",
749 FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_UNALIGNED_FRAME_ERR_MASK,
750 NULL, HFILL }},
751
752 { &hf_frame_pack_start_frame_delimiter_error,
753 { "Start frame delimiter error", "frame.packet_flags_start_frame_delimiter_error",
754 FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_START_FRAME_DELIMITER_ERR_MASK,
755 NULL, HFILL }},
756
757 { &hf_frame_pack_preamble_error,
758 { "Preamble error", "frame.packet_flags_preamble_error",
759 FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_PREAMBLE_ERR_MASK,
760 NULL, HFILL }},
761
762 { &hf_frame_pack_symbol_error,
763 { "Symbol error", "frame.packet_flags_symbol_error",
764 FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_SYMBOL_ERR_MASK,
765 NULL, HFILL }},
766
767 { &hf_comments_text,
768 { "Comment", "frame.comment",
769 FT_STRING, BASE_NONE, NULL, 0x0,
770 NULL, HFILL }},
771
772 { &hf_frame_num_p_prot_data,
773 { "Number of per-protocol-data", "frame.p_prot_data",
774 FT_UINT32, BASE_DEC, NULL, 0x0,
775 NULL, HFILL }},
776 };
777
778 static hf_register_info hf_encap =
779 { &hf_frame_wtap_encap,
780 { "Encapsulation type", "frame.encap_type",
781 FT_INT16, BASE_DEC, NULL, 0x0,
782 NULL, HFILL }};
783
784 static gint *ett[] = {
785 &ett_frame,
786 &ett_flags,
787 &ett_comments
788 };
789
790 static ei_register_info ei[] = {
791 { &ei_comments_text, { "frame.comment.expert", PI_COMMENTS_GROUP, PI_COMMENT, "Formatted comment", EXPFILL }},
792 { &ei_arrive_time_out_of_range, { "frame.time_invalid", PI_SEQUENCE, PI_NOTE, "Arrival Time: Fractional second out of range (0-1000000000)", EXPFILL }},
793 };
794
795 module_t *frame_module;
796 expert_module_t* expert_frame;
797
798 if (hf_encap.hfinfo.strings == NULL) {
799 int encap_count = wtap_get_num_encap_types();
800 value_string *arr;
801 int i;
802
803 hf_encap.hfinfo.strings = arr = g_new(value_string, encap_count+1);
804
805 for (i = 0; i < encap_count; i++) {
806 arr[i].value = i;
807 arr[i].strptr = wtap_encap_string(i);
808 }
809 arr[encap_count].value = 0;
810 arr[encap_count].strptr = NULL;
811 }
812
813 wtap_encap_dissector_table = register_dissector_table("wtap_encap",
814 "Wiretap encapsulation type", FT_UINT32, BASE_DEC);
815
816 proto_frame = proto_register_protocol("Frame", "Frame", "frame");
817 proto_pkt_comment = proto_register_protocol("Packet comments", "Pkt_Comment", "pkt_comment");
818 proto_register_field_array(proto_frame, hf, array_length(hf));
819 proto_register_field_array(proto_frame, &hf_encap, 1);
820 proto_register_subtree_array(ett, array_length(ett));
821 expert_frame = expert_register_protocol(proto_frame);
822 expert_register_field_array(expert_frame, ei, array_length(ei));
823 register_dissector("frame",dissect_frame,proto_frame);
824
825 /* You can't disable dissection of "Frame", as that would be
826 tantamount to not doing any dissection whatsoever. */
827 proto_set_cant_toggle(proto_frame);
828
829 /* Our preferences */
830 frame_module = prefs_register_protocol(proto_frame, NULL);
831 prefs_register_bool_preference(frame_module, "show_file_off",
832 "Show File Offset", "Show offset of frame in capture file", &show_file_off);
833 prefs_register_bool_preference(frame_module, "force_docsis_encap",
834 "Treat all frames as DOCSIS frames", "Treat all frames as DOCSIS Frames", &force_docsis_encap);
835 prefs_register_bool_preference(frame_module, "generate_md5_hash",
836 "Generate an MD5 hash of each frame",
837 "Whether or not MD5 hashes should be generated for each frame, useful for finding duplicate frames.",
838 &generate_md5_hash);
839 prefs_register_bool_preference(frame_module, "generate_epoch_time",
840 "Generate an epoch time entry for each frame",
841 "Whether or not an Epoch time entry should be generated for each frame.",
842 &generate_epoch_time);
843 prefs_register_bool_preference(frame_module, "generate_bits_field",
844 "Show the number of bits in the frame",
845 "Whether or not the number of bits in the frame should be shown.",
846 &generate_bits_field);
847
848 frame_tap=register_tap("frame");
849 }
850
851 void
852 proto_reg_handoff_frame(void)
853 {
854 data_handle = find_dissector("data");
855 docsis_handle = find_dissector("docsis");
856 }
857
858 /*
859 * Editor modelines - http://www.wireshark.org/tools/modelines.html
860 *
861 * Local variables:
862 * c-basic-offset: 8
863 * tab-width: 8
864 * indent-tabs-mode: t
865 * End:
866 *
867 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
868 * :indentSize=8:tabSize=8:noTabs=false:
869 */