search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
MSWSP: fix dissect_mswsp_smb()
[wireshark-wip.git] / epan / dissectors / packet-banana.c
blobf59262f494d9cda786cd6638c5e3c6ba182ff0ec
1 /* packet-bananna.c
2 * Routines for the Twisted Banana serialization protocol dissection
3 * Copyright 2009, Gerald Combs <gerald@wireshark.org>
4 *
5 * $Id$
6 *
7 * Wireshark - Network traffic analyzer
8 * By Gerald Combs <gerald@wireshark.org>
9 * Copyright 1998 Gerald Combs
10 *
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version 2
14 * of the License, or (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
24 */
25
26 /*
27 * Based on "Banana Protocol Specifications"
28 * http://twistedmatrix.com/projects/core/documentation/specifications/banana.html
29 */
30
31 #include "config.h"
32
33 #include <glib.h>
34
35 #include <epan/packet.h>
36 #include <epan/prefs.h>
37 #include <epan/expert.h>
38
39 void proto_register_banana(void);
40 void proto_reg_handoff_banana(void);
41
42 /* Initialize the protocol and registered fields */
43 static int proto_banana = -1;
44 static int hf_banana_list = -1;
45 static int hf_banana_int = -1;
46 static int hf_banana_string = -1;
47 static int hf_banana_neg_int = -1;
48 static int hf_banana_float = -1;
49 static int hf_banana_lg_int = -1;
50 static int hf_banana_lg_neg_int = -1;
51 static int hf_banana_pb = -1;
52
53 /* Initialize the subtree pointers */
54 static gint ett_banana = -1;
55 static gint ett_list = -1;
56
57 static expert_field ei_banana_unknown_type = EI_INIT;
58 static expert_field ei_banana_too_many_value_bytes = EI_INIT;
59 static expert_field ei_banana_length_too_long = EI_INIT;
60 static expert_field ei_banana_value_too_large = EI_INIT;
61 static expert_field ei_banana_pb_error = EI_INIT;
62
63 static dissector_handle_t banana_handle;
64
65 #define BE_LIST 0x80
66 #define BE_INT 0x81
67 #define BE_STRING 0x82
68 #define BE_NEG_INT 0x83
69 #define BE_FLOAT 0x84
70 #define BE_LG_INT 0x85
71 #define BE_LG_NEG_INT 0x86
72 #define BE_PB 0x87
73
74 #define is_element(b) (b >= BE_LIST && b <= BE_PB)
75
76 static const value_string type_vals[] = {
77 { BE_LIST, "List" },
78 { BE_INT, "Integer" },
79 { BE_STRING, "String" },
80 { BE_NEG_INT, "Negative Integer" },
81 { BE_FLOAT, "Float" },
82 { BE_LG_INT, "Large Integer" },
83 { BE_LG_NEG_INT, "Large Negative Integer" },
84 { BE_PB, "pb Profile"},
85 { 0, NULL }
86 };
87
88 static const value_string pb_vals[] = {
89 { 0x01, "None" },
90 { 0x02, "class" },
91 { 0x03, "dereference" },
92 { 0x04, "reference" },
93 { 0x05, "dictionary" },
94 { 0x06, "function" },
95 { 0x07, "instance" },
96 { 0x08, "list" },
97 { 0x09, "module" },
98 { 0x0a, "persistent" },
99 { 0x0b, "tuple" },
100 { 0x0c, "unpersistable" },
101 { 0x0d, "copy" },
102 { 0x0e, "cache" },
103 { 0x0f, "cached" },
104 { 0x10, "remote" },
105 { 0x11, "local" },
106 { 0x12, "lcache" },
107 { 0x13, "version" },
108 { 0x14, "login" },
109 { 0x15, "password" },
110 { 0x16, "challenge" },
111 { 0x17, "logged_in" },
112 { 0x18, "not_logged_in" },
113 { 0x19, "cachemessage" },
114 { 0x1a, "message" },
115 { 0x1b, "answer" },
116 { 0x1c, "error" },
117 { 0x1d, "decref" },
118 { 0x1e, "decache" },
119 { 0x1f, "uncache" },
120 { 0, NULL }
121 };
122
123 #define MAX_ELEMENT_VAL 2147483647 /* Max TE value */
124 #define MAX_ELEMENT_INT_LEN 4
125 #define MAX_ELEMENT_VAL_LEN 8
126
127 static range_t *global_banana_tcp_range = NULL;
128 static range_t *banana_tcp_range = NULL;
129
130 /* Dissect the packets */
131
132 static int
133 dissect_banana_element(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset) {
134 proto_item *ti;
135 proto_tree *list_tree;
136 guint8 byte = 0;
137 gint64 val = 0;
138 gint val_len = 0;
139 int start_offset = offset;
140 int old_offset;
141 int i;
142
143 /* Accumulate our value/length 'til we hit a valid type */
144 while (tvb_length_remaining(tvb, offset) > 0) {
145 byte = tvb_get_guint8(tvb, offset);
146 offset++;
147
148 if (byte & 0x80) {
149 if (is_element(byte)) {
150 break;
151 } else {
152 expert_add_info_format(pinfo, NULL, &ei_banana_unknown_type, "Unknown type %u", byte);
153 }
154 } else {
155 val_len++;
156 if (val_len > MAX_ELEMENT_VAL_LEN) {
157 expert_add_info(pinfo, NULL, &ei_banana_too_many_value_bytes);
158 }
159 val += byte + (val << 7);
160 }
161 }
162
163 /* Type */
164 switch (byte) {
165 case BE_LIST:
166 if (val > MAX_ELEMENT_VAL) {
167 expert_add_info_format(pinfo, NULL, &ei_banana_length_too_long, "List length %" G_GINT64_MODIFIER "d longer than we can handle", val);
168 }
169 ti = proto_tree_add_uint_format_value(tree, hf_banana_list, tvb, start_offset, offset - start_offset - 1, (guint32) val, "(%d items)", (gint) val);
170 list_tree = proto_item_add_subtree(ti, ett_list);
171 for (i = 0; i < val; i++) {
172 old_offset = offset;
173 offset += dissect_banana_element(tvb, pinfo, list_tree, offset);
174 if (offset <= old_offset) {
175 return offset - start_offset;
176 }
177 }
178 break;
179 case BE_INT:
180 if (val > MAX_ELEMENT_VAL) {
181 expert_add_info_format(pinfo, NULL, &ei_banana_value_too_large, "Integer value %" G_GINT64_MODIFIER "d too large", val);
182 }
183 proto_tree_add_uint(tree, hf_banana_int, tvb, start_offset, offset - start_offset, (guint32) val);
184 break;
185 case BE_STRING:
186 if (val > MAX_ELEMENT_VAL) {
187 expert_add_info_format(pinfo, NULL, &ei_banana_length_too_long, "String length %" G_GINT64_MODIFIER "d longer than we can handle", val);
188 }
189 proto_tree_add_item(tree, hf_banana_string, tvb, offset, (guint32) val, ENC_ASCII|ENC_NA);
190 offset += (gint) val;
191 break;
192 case BE_NEG_INT:
193 if (val > MAX_ELEMENT_VAL) {
194 expert_add_info_format(pinfo, NULL, &ei_banana_value_too_large, "Integer value -%" G_GINT64_MODIFIER "d too large", val);
195 }
196 proto_tree_add_int(tree, hf_banana_neg_int, tvb, start_offset, offset - start_offset, (gint32) val * -1);
197 break;
198 case BE_FLOAT:
199 proto_tree_add_item(tree, hf_banana_float, tvb, offset, 8, ENC_BIG_ENDIAN);
200 offset += 8;
201 break;
202 case BE_LG_INT:
203 proto_tree_add_item(tree, hf_banana_lg_int, tvb, start_offset, offset - start_offset, ENC_NA);
204 break;
205 case BE_LG_NEG_INT:
206 proto_tree_add_item(tree, hf_banana_lg_neg_int, tvb, start_offset, offset - start_offset, ENC_NA);
207 break;
208 case BE_PB:
209 if (val_len > 1) {
210 expert_add_info(pinfo, NULL, &ei_banana_pb_error);
211 }
212 /*
213 * The spec says the pb dictionary value comes after the tag.
214 * In real-world captures it comes before.
215 */
216 proto_tree_add_item(tree, hf_banana_pb, tvb, offset - 2, 1, ENC_BIG_ENDIAN);
217 break;
218 default:
219 return 0;
220 break;
221 }
222 return offset - start_offset;
223 }
224
225 static int
226 dissect_banana(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) {
227 guint8 byte = 0;
228 gint offset = 0, old_offset;
229 proto_item *ti;
230 proto_tree *banana_tree;
231
232 /* Check that there's enough data */
233 if (tvb_length(tvb) < 2)
234 return 0;
235
236 /* Fill in our protocol and info columns */
237 col_set_str(pinfo->cinfo, COL_PROTOCOL, "Banana");
238
239 while (tvb_length_remaining(tvb, offset) > 0 && offset < MAX_ELEMENT_VAL_LEN) {
240 byte = tvb_get_guint8(tvb, offset);
241 if (is_element(byte))
242 break;
243 offset++;
244 }
245 col_add_fstr(pinfo->cinfo, COL_INFO, "First element: %s",
246 val_to_str(byte, type_vals, "Unknown type: %u"));
247
248 /* Create display subtree for the protocol */
249 ti = proto_tree_add_item(tree, proto_banana, tvb, 0, -1, ENC_NA);
250 banana_tree = proto_item_add_subtree(ti, ett_banana);
251
252 offset = 0;
253 old_offset = -1;
254 while (offset > old_offset) {
255 old_offset = offset;
256 offset += dissect_banana_element(tvb, pinfo, banana_tree, offset);
257 }
258
259 /* Return the amount of data this dissector was able to dissect */
260 return tvb_length(tvb);
261 }
262
263 static void
264 banana_prefs(void) {
265 dissector_delete_uint_range("tcp.port", banana_tcp_range, banana_handle);
266 g_free(banana_tcp_range);
267 banana_tcp_range = range_copy(global_banana_tcp_range);
268 dissector_add_uint_range("tcp.port", banana_tcp_range, banana_handle);
269 }
270
271 /* Register the protocol with Wireshark */
272
273 void
274 proto_register_banana(void)
275 {
276 static hf_register_info hf[] = {
277 { &hf_banana_list,
278 { "List Length", "banana.list",
279 FT_UINT32, BASE_DEC, NULL, 0,
280 "Banana list", HFILL }
281 },
282 { &hf_banana_int,
283 { "Integer", "banana.int",
284 FT_UINT32, BASE_DEC, NULL, 0,
285 "Banana integer", HFILL }
286 },
287 { &hf_banana_string,
288 { "String", "banana.string",
289 FT_STRING, BASE_NONE, NULL, 0,
290 "Banana string", HFILL }
291 },
292 { &hf_banana_neg_int,
293 { "Negative Integer", "banana.neg_int",
294 FT_INT32, BASE_DEC, NULL, 0,
295 "Banana negative integer", HFILL }
296 },
297 { &hf_banana_float,
298 { "Float", "banana.float",
299 FT_DOUBLE, BASE_NONE, NULL, 0,
300 "Banana float", HFILL }
301 },
302 { &hf_banana_lg_int,
303 { "Float", "banana.lg_int",
304 FT_BYTES, BASE_NONE, NULL, 0,
305 "Banana large integer", HFILL }
306 },
307 { &hf_banana_lg_neg_int,
308 { "Float", "banana.lg_neg_int",
309 FT_BYTES, BASE_NONE, NULL, 0,
310 "Banana large negative integer", HFILL }
311 },
312 { &hf_banana_pb,
313 { "pb Profile Value", "banana.pb",
314 FT_UINT8, BASE_HEX, VALS(pb_vals), 0,
315 "Banana Perspective Broker Profile Value", HFILL }
316 }
317 };
318
319 module_t *banana_module;
320 expert_module_t* expert_banana;
321
322 /* Setup protocol subtree array */
323 static gint *ett[] = {
324 &ett_banana,
325 &ett_list
326 };
327
328 static ei_register_info ei[] = {
329 { &ei_banana_unknown_type, { "banana.unknown_type", PI_UNDECODED, PI_ERROR, "Unknown type", EXPFILL }},
330 { &ei_banana_too_many_value_bytes, { "banana.too_many_value_bytes", PI_UNDECODED, PI_ERROR, "Too many value/length bytes", EXPFILL }},
331 { &ei_banana_length_too_long, { "banana.length_too_long", PI_UNDECODED, PI_ERROR, "Length too long", EXPFILL }},
332 { &ei_banana_value_too_large, { "banana.value_too_large", PI_MALFORMED, PI_ERROR, "Value too large", EXPFILL }},
333 { &ei_banana_pb_error, { "banana.pb_error", PI_MALFORMED, PI_ERROR, "More than 1 byte before pb", EXPFILL }},
334 };
335
336 /* Register the protocol name and description */
337 proto_banana = proto_register_protocol("Twisted Banana", "Banana", "banana");
338
339 /* Required function calls to register the header fields and subtrees used */
340 proto_register_field_array(proto_banana, hf, array_length(hf));
341 proto_register_subtree_array(ett, array_length(ett));
342 expert_banana = expert_register_protocol(proto_banana);
343 expert_register_field_array(expert_banana, ei, array_length(ei));
344
345 /* Initialize dissector preferences */
346 banana_module = prefs_register_protocol(proto_banana, banana_prefs);
347 banana_tcp_range = range_empty();
348 prefs_register_range_preference(banana_module, "tcp.port", "TCP Ports", "Banana TCP Port range", &global_banana_tcp_range, 65535);
349 }
350
351 void
352 proto_reg_handoff_banana(void)
353 {
354 banana_handle = new_create_dissector_handle(dissect_banana, proto_banana);
355 }
356
357 /*
358 * Editor modelines - http://www.wireshark.org/tools/modelines.html
359 *
360 * Local variables:
361 * c-basic-offset: 4
362 * tab-width: 8
363 * indent-tabs-mode: nil
364 * End:
365 *
366 * ex: set shiftwidth=4 tabstop=8 expandtab:
367 * :indentSize=4:tabSize=8:noTabs=true:
368 */
369
370