static void
check_drange_node_sanity(gpointer data, gpointer user_data)
{
drange_node* drnode = data;
struct check_drange_sanity_args *args = user_data;
gint start_offset, end_offset, length;
header_field_info *hfinfo;
switch (drange_node_get_ending(drnode)) {
case LENGTH:
length = drange_node_get_length(drnode);
if (length <= 0) {
if (!args->err) {
args->err = TRUE;
start_offset = drange_node_get_start_offset(drnode);
hfinfo = sttype_range_hfinfo(args->st);
dfilter_fail("Range %d:%d specified for \"%s\" isn't valid, "
"as length %d isn't positive",
start_offset, length,
hfinfo->abbrev,
length);
}
}
break;
case OFFSET:
/*
* Make sure the start offset isn't beyond the end
* offset. This applies to negative offsets too.
*/
/* XXX - [-ve - +ve] is probably pathological, but isn't
* disallowed.
* [+ve - -ve] is probably pathological too, and happens to be
* disallowed.
*/
start_offset = drange_node_get_start_offset(drnode);
end_offset = drange_node_get_end_offset(drnode);
if (start_offset > end_offset) {
if (!args->err) {
args->err = TRUE;
hfinfo = sttype_range_hfinfo(args->st);
dfilter_fail("Range %d-%d specified for \"%s\" isn't valid, "
"as %d is greater than %d",
start_offset, end_offset,
hfinfo->abbrev,
start_offset, end_offset);
}
}
break;
case TO_THE_END:
break;
case UNINITIALIZED:
default:
g_assert_not_reached();
}
}
/* returns register number */
static int
dfw_append_mk_range(dfwork_t *dfw, stnode_t *node)
{
int hf_reg, reg;
header_field_info *hfinfo;
dfvm_insn_t *insn;
dfvm_value_t *val;
hfinfo = sttype_range_hfinfo(node);
hf_reg = dfw_append_read_tree(dfw, hfinfo);
insn = dfvm_insn_new(MK_RANGE);
val = dfvm_value_new(REGISTER);
val->value.numeric = hf_reg;
insn->arg1 = val;
val = dfvm_value_new(REGISTER);
reg =dfw->next_register++;
val->value.numeric = reg;
insn->arg2 = val;
val = dfvm_value_new(DRANGE);
val->value.drange = sttype_range_drange(node);
insn->arg3 = val;
sttype_range_remove_drange(node);
dfw_append_insn(dfw, insn);
return reg;
}
static void
check_relation_LHS_RANGE(const char *relation_string, FtypeCanFunc can_func _U_,
gboolean allow_partial_value,
stnode_t *st_node,
stnode_t *st_arg1, stnode_t *st_arg2)
{
stnode_t *new_st;
sttype_id_t type1, type2;
header_field_info *hfinfo1, *hfinfo2;
df_func_def_t *funcdef;
ftenum_t ftype1, ftype2;
fvalue_t *fvalue;
char *s;
drange_node *rn;
type1 = stnode_type_id(st_arg1);
type2 = stnode_type_id(st_arg2);
hfinfo1 = sttype_range_hfinfo(st_arg1);
ftype1 = hfinfo1->type;
DebugLog((" 5 check_relation_LHS_RANGE(%s)\n", relation_string));
if (!ftype_can_slice(ftype1)) {
dfilter_fail("\"%s\" is a %s and cannot be sliced into a sequence of bytes.",
hfinfo1->abbrev, ftype_pretty_name(ftype1));
THROW(TypeError);
}
check_drange_sanity(st_arg1);
if (type2 == STTYPE_FIELD) {
DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_FIELD)\n"));
hfinfo2 = stnode_data(st_arg2);
ftype2 = hfinfo2->type;
if (!is_bytes_type(ftype2)) {
if (!ftype_can_slice(ftype2)) {
dfilter_fail("\"%s\" is a %s and cannot be converted into a sequence of bytes.",
hfinfo2->abbrev,
ftype_pretty_name(ftype2));
THROW(TypeError);
}
/* Convert entire field to bytes */
new_st = stnode_new(STTYPE_RANGE, NULL);
rn = drange_node_new();
drange_node_set_start_offset(rn, 0);
drange_node_set_to_the_end(rn);
/* st_arg2 is freed in this step */
sttype_range_set1(new_st, st_arg2, rn);
sttype_test_set2_args(st_node, st_arg1, new_st);
}
}
else if (type2 == STTYPE_STRING) {
DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_STRING)\n"));
s = stnode_data(st_arg2);
if (strcmp(relation_string, "matches") == 0) {
/* Convert to a FT_PCRE */
fvalue = fvalue_from_string(FT_PCRE, s, dfilter_fail);
} else {
fvalue = fvalue_from_string(FT_BYTES, s, dfilter_fail);
}
if (!fvalue) {
DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_STRING): Could not convert from string!\n"));
THROW(TypeError);
}
new_st = stnode_new(STTYPE_FVALUE, fvalue);
sttype_test_set2_args(st_node, st_arg1, new_st);
stnode_free(st_arg2);
}
else if (type2 == STTYPE_UNPARSED) {
DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_UNPARSED)\n"));
s = stnode_data(st_arg2);
if (strcmp(relation_string, "matches") == 0) {
/* Convert to a FT_PCRE */
fvalue = fvalue_from_unparsed(FT_PCRE, s, FALSE, dfilter_fail);
} else {
fvalue = fvalue_from_unparsed(FT_BYTES, s, allow_partial_value, dfilter_fail);
}
if (!fvalue) {
DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_UNPARSED): Could not convert from string!\n"));
THROW(TypeError);
}
new_st = stnode_new(STTYPE_FVALUE, fvalue);
sttype_test_set2_args(st_node, st_arg1, new_st);
stnode_free(st_arg2);
}
else if (type2 == STTYPE_RANGE) {
DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_RANGE)\n"));
check_drange_sanity(st_arg2);
}
else if (type2 == STTYPE_FUNCTION) {
funcdef = sttype_function_funcdef(st_arg2);
ftype2 = funcdef->retval_ftype;
if (!is_bytes_type(ftype2)) {
if (!ftype_can_slice(ftype2)) {
dfilter_fail("Return value of function \"%s\" is a %s and cannot be converted into a sequence of bytes.",
funcdef->name,
ftype_pretty_name(ftype2));
THROW(TypeError);
}
/* XXX should I add a new drange node? */
}
check_function(st_arg2);
}
else {
g_assert_not_reached();
}
}
static void
check_relation_LHS_RANGE(const char *relation_string, FtypeCanFunc can_func _U_,
gboolean allow_partial_value,
stnode_t *st_node,
stnode_t *st_arg1, stnode_t *st_arg2)
{
stnode_t *new_st;
sttype_id_t type2;
header_field_info *hfinfo1, *hfinfo2;
df_func_def_t *funcdef;
ftenum_t ftype1, ftype2;
fvalue_t *fvalue;
char *s;
drange_node *rn;
int len_range;
type2 = stnode_type_id(st_arg2);
hfinfo1 = sttype_range_hfinfo(st_arg1);
ftype1 = hfinfo1->type;
DebugLog((" 5 check_relation_LHS_RANGE(%s)\n", relation_string));
if (!ftype_can_slice(ftype1)) {
dfilter_fail("\"%s\" is a %s and cannot be sliced into a sequence of bytes.",
hfinfo1->abbrev, ftype_pretty_name(ftype1));
THROW(TypeError);
}
check_drange_sanity(st_arg1);
if (type2 == STTYPE_FIELD) {
DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_FIELD)\n"));
hfinfo2 = stnode_data(st_arg2);
ftype2 = hfinfo2->type;
if (!is_bytes_type(ftype2)) {
if (!ftype_can_slice(ftype2)) {
dfilter_fail("\"%s\" is a %s and cannot be converted into a sequence of bytes.",
hfinfo2->abbrev,
ftype_pretty_name(ftype2));
THROW(TypeError);
}
/* Convert entire field to bytes */
new_st = stnode_new(STTYPE_RANGE, NULL);
rn = drange_node_new();
drange_node_set_start_offset(rn, 0);
drange_node_set_to_the_end(rn);
/* st_arg2 is freed in this step */
sttype_range_set1(new_st, st_arg2, rn);
sttype_test_set2_args(st_node, st_arg1, new_st);
}
}
else if (type2 == STTYPE_STRING) {
DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_STRING)\n"));
s = stnode_data(st_arg2);
if (strcmp(relation_string, "matches") == 0) {
/* Convert to a FT_PCRE */
fvalue = fvalue_from_string(FT_PCRE, s, dfilter_fail);
} else {
fvalue = fvalue_from_string(FT_BYTES, s, dfilter_fail);
}
if (!fvalue) {
DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_STRING): Could not convert from string!\n"));
THROW(TypeError);
}
new_st = stnode_new(STTYPE_FVALUE, fvalue);
sttype_test_set2_args(st_node, st_arg1, new_st);
stnode_free(st_arg2);
}
else if (type2 == STTYPE_UNPARSED) {
DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_UNPARSED)\n"));
s = stnode_data(st_arg2);
len_range = drange_get_total_length(sttype_range_drange(st_arg1));
if (strcmp(relation_string, "matches") == 0) {
/* Convert to a FT_PCRE */
fvalue = fvalue_from_unparsed(FT_PCRE, s, FALSE, dfilter_fail);
}
/* The RHS should be FT_BYTES. However, there is a special case where
* the range slice on the LHS is one byte long. In that case, it is natural
* for the user to specify a normal hex integer on the RHS, with the "0x"
* notation, as in "slice[0] == 0x10". We can't allow this for any
* slices that are longer than one byte, because then we'd have to know
* which endianness the byte string should be in. */
else if (len_range == 1 && strlen(s) == 4 && strncmp(s, "0x", 2) == 0) {
/* Even if the RHS string starts with "0x", it still could fail to
* be an integer. Try converting it here. */
fvalue = fvalue_from_unparsed(FT_UINT8, s, allow_partial_value, dfilter_fail);
if (fvalue) {
FVALUE_FREE(fvalue);
/* The value doees indeed fit into 8 bits. Create a BYTE_STRING
* from it. Since we know that the last 2 characters are a valid
* hex string, just use those directly. */
fvalue = fvalue_from_unparsed(FT_BYTES, s+2, allow_partial_value, dfilter_fail);
}
}
else {
fvalue = fvalue_from_unparsed(FT_BYTES, s, allow_partial_value, dfilter_fail);
}
if (!fvalue) {
DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_UNPARSED): Could not convert from string!\n"));
THROW(TypeError);
}
new_st = stnode_new(STTYPE_FVALUE, fvalue);
sttype_test_set2_args(st_node, st_arg1, new_st);
stnode_free(st_arg2);
}
else if (type2 == STTYPE_RANGE) {
DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_RANGE)\n"));
check_drange_sanity(st_arg2);
}
else if (type2 == STTYPE_FUNCTION) {
funcdef = sttype_function_funcdef(st_arg2);
ftype2 = funcdef->retval_ftype;
if (!is_bytes_type(ftype2)) {
if (!ftype_can_slice(ftype2)) {
dfilter_fail("Return value of function \"%s\" is a %s and cannot be converted into a sequence of bytes.",
funcdef->name,
ftype_pretty_name(ftype2));
THROW(TypeError);
}
/* XXX should I add a new drange node? */
}
check_function(st_arg2);
}
else {
g_assert_not_reached();
}
}
