int dumpling(u8 * buf, const char *dumpfile, u8 mode) { u32 base; u16 len; if(mode == NON_LEGACY) { if(!checksum(buf, buf[0x05]) || !memcmp(buf + 0x10, "_DMI_", 5) == 0 || !checksum(buf + 0x10, 0x0F)) return 0; base = DWORD(buf + 0x18); len = WORD(buf + 0x16); } else { if(!checksum(buf, 0x0F)) return 0; base = DWORD(buf + 0x08); len = WORD(buf + 0x06); } u8 *buff; if((buff = mem_chunk(NULL, base, len, DEFAULT_MEM_DEV)) != NULL) { //. Part 1. #ifdef NDEBUG printf("# Writing %d bytes to %s.\n", len, dumpfile); #endif write_dump(32, len, buff, dumpfile, 0); free(buff); //. Part 2. if(mode != LEGACY) { u8 crafted[32]; memcpy(crafted, buf, 32); overwrite_dmi_address(crafted + 0x10); #ifdef NDEBUG printf("# Writing %d bytes to %s.\n", crafted[0x05], dumpfile); #endif write_dump(0, crafted[0x05], crafted, dumpfile, 1); } else { u8 crafted[16]; memcpy(crafted, buf, 16); overwrite_dmi_address(crafted); #ifdef NDEBUG printf("# Writing %d bytes to %s.\n", 0x0F, dumpfile); #endif write_dump(0, 0x0F, crafted, dumpfile, 1); } } else { fprintf(stderr, "Failed to read table, sorry.\n"); } //. TODO: Cleanup return 1; }
int main(int argc, char **argv) { char *ptr; //open_dump("test.out"); open_dump("-"); struct dumper d; d.width = 16; d.height = 2; d.data = malloc( sizeof(char) * d.width * d.height ); memset(d.data, '0', sizeof(char) * d.width * d.height); ptr = d.data; ptr[5] = '1'; write_dump(&d); dump_close(); return 0; }
static int send_complete (krb5_context context, slave *s, const char *database, uint32_t current_version, uint32_t oldest_version, uint32_t initial_log_tstamp) { krb5_error_code ret; krb5_storage *dump = NULL; uint32_t vno = 0; krb5_data data; int fd = -1; struct stat st; char *dfn; ret = asprintf(&dfn, "%s/ipropd.dumpfile", hdb_db_dir(context)); if (ret == -1 || !dfn) { krb5_warn(context, ENOMEM, "Cannot allocate memory"); return ENOMEM; } fd = open(dfn, O_CREAT|O_RDWR, 0600); if (fd == -1) { ret = errno; krb5_warn(context, ret, "Cannot open/create iprop dumpfile %s", dfn); free(dfn); return ret; } free(dfn); dump = krb5_storage_from_fd(fd); if (!dump) { ret = errno; krb5_warn(context, ret, "krb5_storage_from_fd"); goto done; } for (;;) { ret = flock(fd, LOCK_SH); if (ret == -1) { ret = errno; krb5_warn(context, ret, "flock(fd, LOCK_SH)"); goto done; } if (krb5_storage_seek(dump, 0, SEEK_SET) == (off_t)-1) { ret = errno; krb5_warn(context, ret, "krb5_storage_seek(dump, 0, SEEK_SET)"); goto done; } vno = 0; ret = krb5_ret_uint32(dump, &vno); if (ret && ret != HEIM_ERR_EOF) { krb5_warn(context, ret, "krb5_ret_uint32(dump, &vno)"); goto done; } if (fstat(fd, &st) == -1) { ret = errno; krb5_warn(context, ret, "send_complete: could not stat dump file"); goto done; } /* * If the current dump has an appropriate version, then we can * break out of the loop and send the file below. */ if (ret == 0 && vno != 0 && st.st_mtime > initial_log_tstamp && vno >= oldest_version && vno <= current_version) break; if (verbose) krb5_warnx(context, "send_complete: dumping HDB"); /* * Otherwise, we may need to write a new dump file. We * obtain an exclusive lock on the fd. Because this is * not guaranteed to be an upgrade of our existing shared * lock, someone else may have written a new dumpfile while * we were waiting and so we must first check the vno of * the dump to see if that happened. If it did, we need * to go back to the top of the loop so that we can downgrade * our lock to a shared one. */ ret = flock(fd, LOCK_EX); if (ret == -1) { ret = errno; krb5_warn(context, ret, "flock(fd, LOCK_EX)"); goto done; } ret = krb5_storage_seek(dump, 0, SEEK_SET); if (ret == -1) { ret = errno; krb5_warn(context, ret, "krb5_storage_seek(dump, 0, SEEK_SET)"); goto done; } vno = 0; ret = krb5_ret_uint32(dump, &vno); if (ret && ret != HEIM_ERR_EOF) { krb5_warn(context, ret, "krb5_ret_uint32(dump, &vno)"); goto done; } if (fstat(fd, &st) == -1) { ret = errno; krb5_warn(context, ret, "send_complete: could not stat dump file"); goto done; } /* check if someone wrote a better version for us */ if (ret == 0 && vno != 0 && st.st_mtime > initial_log_tstamp && vno >= oldest_version && vno <= current_version) continue; /* Now, we know that we must write a new dump file. */ ret = write_dump(context, dump, database, current_version); if (ret) goto done; /* * And we must continue to the top of the loop so that we can * downgrade to a shared lock. */ } /* * Leaving the above loop, dump should have a ptr right after the initial * 4 byte DB version number and we should have a shared lock on the file * (which we may have just created), so we are reading to simply blast * the data down the wire. */ for (;;) { ret = krb5_ret_data(dump, &data); if (ret == HEIM_ERR_EOF) { ret = 0; /* EOF is not an error, it's success */ goto done; } if (ret) { krb5_warn(context, ret, "krb5_ret_data(dump, &data)"); slave_dead(context, s); goto done; } ret = krb5_write_priv_message(context, s->ac, &s->fd, &data); krb5_data_free(&data); if (ret) { krb5_warn (context, ret, "krb5_write_priv_message"); slave_dead(context, s); goto done; } } done: if (!ret) { s->version = vno; slave_seen(s); } if (fd != -1) close(fd); if (dump) krb5_storage_free(dump); return ret; }
void process_packet(struct pcap_pkthdr* pkthdr, u_char* packet) { struct eth_hdr *eth; struct ip_hdr *ip; struct tcp_hdr *tcp; char *payload; int size_ip, size_tcp, payload_size; u_int mp3_len; struct dump *dp; // -------------------------------------------------------- eth = (struct eth_hdr *) packet; if (ntohs (eth->ether_type) != 0x0800) { return; } ip = (struct ip_hdr*)(packet + SIZE_ETHERNET); if (ip->ip_p != IPPROTO_TCP) { return; } size_ip = IP_HL(ip)*4; if (size_ip < 20) { printf("Invalid IP header length: %u bytes\n", size_ip); return; } tcp = (struct tcp_hdr*)(packet + SIZE_ETHERNET + size_ip); size_tcp = TH_OFF(tcp)*4; if (size_tcp < 20) { printf("Invalid TCP header length: %u bytes\n", size_tcp); return; } payload = (u_char *)(packet + SIZE_ETHERNET + size_ip + size_tcp); payload_size = ntohs(ip->ip_len) - (size_ip + size_tcp); // -------------------------------------------------------- //check_old_streams(); if ((dp = get_dump_stream(ntohs(tcp->th_dport))) != NULL) { if (dp->next_seq != ntohl(tcp->th_seq)) { struct payload *old; //printf("invalid seq number got: %u expected: %u\n", ntohl(tcp->th_seq), dp->next_seq); store_packet(dp, ntohl(tcp->th_seq), payload, payload_size); /* try to find the valid packet */ old = find_valid_seq(dp, ntohl(tcp->th_seq)); if (old) { write_dump(dp, old->data, old->length); return; } if (++dp->fail_count > 5) { close_dump_stream(dp, 1); } return; } write_dump(dp, payload, payload_size); } else if ((mp3_len = contain_mp3(payload, payload_size)) > 0) { char *start; start = strstr(payload, "\r\n\r\n") + 4; dp = create_dump_stream(ntohs(tcp->th_dport), ntohl(tcp->th_seq), mp3_len, payload, payload_size, start); dp->current_size += payload_size - (start - payload); fwrite(start, 1, dp->current_size, dp->file); dp->next_seq += payload_size; } }