void
proto_register_adb(void)
{
module_t *module;
expert_module_t *expert_module;
static hf_register_info hf[] = {
{ &hf_command,
{ "Command", "adb.command",
FT_UINT32, BASE_HEX, VALS(command_vals), 0x00,
NULL, HFILL }
},
{ &hf_argument_0,
{ "Argument 0", "adb.argument.0",
FT_UINT32, BASE_HEX, NULL, 0x00,
NULL, HFILL }
},
{ &hf_argument_1,
{ "Argument 0", "adb.argument.1",
FT_UINT32, BASE_HEX, NULL, 0x00,
NULL, HFILL }
},
{ &hf_data_length,
{ "Data Length", "adb.data_length",
FT_UINT32, BASE_DEC, NULL, 0x00,
NULL, HFILL }
},
{ &hf_data_crc32,
{ "Data CRC32", "adb.data_crc32",
FT_UINT32, BASE_HEX, NULL, 0x00,
NULL, HFILL }
},
{ &hf_magic,
{ "Magic", "adb.magic",
FT_UINT32, BASE_HEX, VALS(magic_vals), 0x00,
NULL, HFILL }
},
{ &hf_version,
{ "Version", "adb.version",
FT_UINT32, BASE_HEX, NULL, 0x00,
NULL, HFILL }
},
{ &hf_max_data,
{ "Max Data", "adb.max_data",
FT_UINT32, BASE_DEC, NULL, 0x00,
NULL, HFILL }
},
{ &hf_auth_type,
{ "Type", "adb.auth_type",
FT_UINT32, BASE_HEX, VALS(auth_type_vals), 0x00,
NULL, HFILL }
},
{ &hf_online,
{ "Online", "adb.online",
FT_BOOLEAN, 32, TFS(&tfs_no_yes), 0x00,
NULL, HFILL }
},
{ &hf_sequence,
{ "Sequence", "adb.sequence",
FT_UINT32, BASE_DEC, NULL, 0x00,
NULL, HFILL }
},
{ &hf_zero,
{ "Zero", "adb.zero",
FT_UINT32, BASE_HEX, NULL, 0x00,
NULL, HFILL }
},
{ &hf_local_id,
{ "Local ID", "adb.local_id",
FT_UINT32, BASE_DEC, NULL, 0x00,
NULL, HFILL }
},
{ &hf_remote_id,
{ "Remote ID", "adb.remote_id",
FT_UINT32, BASE_DEC, NULL, 0x00,
NULL, HFILL }
},
{ &hf_data,
{ "Data", "adb.data",
FT_NONE, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_service,
{ "Service", "adb.service",
FT_STRING, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_data_fragment,
{ "Data Fragment", "adb.data_fragment",
FT_NONE, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_service_start_in_frame,
{ "Service Start in Frame", "adb.service_start_in_frame",
FT_FRAMENUM, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_close_local_in_frame,
{ "Local Service Close in Frame", "adb.close_local_in_frame",
FT_FRAMENUM, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_close_remote_in_frame,
{ "Remote Service Close in Frame", "adb.close_remote_in_frame",
FT_FRAMENUM, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_command_in_frame,
{ "Command in Frame", "adb.command_in_frame",
FT_FRAMENUM, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_completed_in_frame,
{ "Completed in Frame", "adb.completed_in_frame",
FT_FRAMENUM, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_connection_info,
{ "Info", "adb.connection_info",
FT_STRINGZ, STR_ASCII, NULL, 0x00,
NULL, HFILL }
}
};
static gint *ett[] = {
&ett_adb,
&ett_adb_arg0,
&ett_adb_arg1,
&ett_adb_crc,
&ett_adb_magic
};
static ei_register_info ei[] = {
{ &ei_invalid_magic, { "adb.expert.invalid_magic", PI_PROTOCOL, PI_WARN, "Invalid Magic", EXPFILL }},
{ &ei_invalid_crc, { "adb.expert.crc_error", PI_PROTOCOL, PI_ERROR, "CRC32 Error", EXPFILL }},
};
command_info = wmem_tree_new_autoreset(wmem_epan_scope(), wmem_file_scope());
service_info = wmem_tree_new_autoreset(wmem_epan_scope(), wmem_file_scope());
proto_adb = proto_register_protocol("Android Debug Bridge", "ADB", "adb");
adb_handle = register_dissector("adb", dissect_adb, proto_adb);
proto_register_field_array(proto_adb, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
expert_module = expert_register_protocol(proto_adb);
expert_register_field_array(expert_module, ei, array_length(ei));
module = prefs_register_protocol(proto_adb, NULL);
prefs_register_static_text_preference(module, "version",
"ADB protocol version is compatible prior to: adb 1.0.31",
"Version of protocol supported by this dissector.");
}
static void
save_command(guint32 cmd, guint32 arg0, guint32 arg1, guint32 data_length,
guint32 crc32, service_data_t *service_data, gint proto, void *data,
packet_info *pinfo, service_data_t **returned_service_data,
command_data_t **returned_command_data)
{
wmem_tree_key_t key[6];
guint32 interface_id;
guint32 bus_id;
guint32 device_address;
guint32 side_id;
guint32 frame_number;
command_data_t *command_data;
wmem_tree_t *wmem_tree;
gint direction = P2P_DIR_UNKNOWN;
usb_conv_info_t *usb_conv_info = (usb_conv_info_t *) data;
frame_number = pinfo->num;
if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID)
interface_id = pinfo->phdr->interface_id;
else
interface_id = 0;
if (proto == proto_usb) {
usb_conv_info = (usb_conv_info_t *) data;
DISSECTOR_ASSERT(usb_conv_info);
direction = usb_conv_info->direction;
bus_id = usb_conv_info->bus_id;
device_address = usb_conv_info->device_address;
key[0].length = 1;
key[0].key = &interface_id;
key[1].length = 1;
key[1].key = &bus_id;
key[2].length = 1;
key[2].key = &device_address;
key[3].length = 1;
key[3].key = &side_id;
key[4].length = 1;
key[4].key = &frame_number;
key[5].length = 0;
key[5].key = NULL;
} else { /* tcp */
if (pinfo->destport == ADB_TCP_PORT)
direction = P2P_DIR_SENT;
else
direction = P2P_DIR_RECV;
key[0].length = 1;
key[0].key = &interface_id;
key[1].length = 1;
key[2].length = 1;
if (direction == P2P_DIR_SENT) {
key[1].key = &pinfo->srcport;
key[2].key = &pinfo->destport;
} else {
key[1].key = &pinfo->destport;
key[2].key = &pinfo->srcport;
}
key[3].length = 1;
key[3].key = &side_id;
key[4].length = 1;
key[4].key = &frame_number;
key[5].length = 0;
key[5].key = NULL;
}
if (direction == P2P_DIR_SENT)
if (cmd == A_CLSE)
side_id = arg1; /* OUT: local id */
else
side_id = arg0; /* OUT: local id */
else
side_id = arg1; /* IN: remote id */
if (cmd == A_OPEN) {
service_data = wmem_new(wmem_file_scope(), service_data_t);
service_data->start_in_frame = pinfo->num;
service_data->close_local_in_frame = max_in_frame;
service_data->close_remote_in_frame = max_in_frame;
service_data->local_id = arg0;
service_data->remote_id = arg1;
service_data->service = "unknown";
wmem_tree_insert32_array(service_info, key, service_data);
}
command_data = wmem_new(wmem_file_scope(), command_data_t);
command_data->command = cmd;
command_data->arg0 = arg0;
command_data->arg1 = arg1;
command_data->command_in_frame = pinfo->num;
command_data->response_in_frame = max_in_frame;
command_data->crc32 = crc32;
command_data->data_length = data_length;
if (data_length == 0)
command_data->completed_in_frame = pinfo->num;
else
command_data->completed_in_frame = max_in_frame;
command_data->reassemble_data_length = 0;
command_data->reassemble_data = (guint8 *) wmem_alloc(wmem_file_scope(), command_data->data_length);
key[3].length = 1;
key[3].key = &frame_number;
key[4].length = 0;
key[4].key = NULL;
wmem_tree_insert32_array(command_info, key, command_data);
if (direction == P2P_DIR_SENT)
if (command_data->command == A_CLSE)
side_id = command_data->arg1; /* OUT: local id */
else
side_id = command_data->arg0; /* OUT: local id */
else
side_id = command_data->arg1; /* IN: remote id */
key[3].length = 1;
key[3].key = &side_id;
key[4].length = 0;
key[4].key = NULL;
wmem_tree = (wmem_tree_t *) wmem_tree_lookup32_array(service_info, key);
if (wmem_tree) {
service_data = (service_data_t *) wmem_tree_lookup32_le(wmem_tree, frame_number);
}
if (cmd == A_OKAY) {
if (!service_data) {
if (direction == P2P_DIR_SENT)
side_id = command_data->arg0; /* OUT: local id */
else
side_id = command_data->arg1; /* IN: remote id */
wmem_tree = (wmem_tree_t *) wmem_tree_lookup32_array(service_info, key);
if (wmem_tree) {
service_data = (service_data_t *) wmem_tree_lookup32_le(wmem_tree, frame_number);
}
}
if (service_data && service_data->remote_id == 0 && direction == P2P_DIR_RECV) {
if (direction == P2P_DIR_SENT) {
service_data->remote_id = arg1;
} else {
service_data->remote_id = arg0;
}
side_id = service_data->remote_id;
key[4].length = 1;
key[4].key = &frame_number;
key[5].length = 0;
key[5].key = NULL;
wmem_tree_insert32_array(service_info, key, service_data);
}
} else if (cmd == A_CLSE) {
if (service_data) {
if (direction == P2P_DIR_RECV && service_data->local_id == arg1)
service_data->close_local_in_frame = pinfo->num;
else if (direction == P2P_DIR_SENT && service_data->remote_id == arg1)
service_data->close_remote_in_frame = pinfo->num;
}
}
DISSECTOR_ASSERT(returned_service_data && returned_command_data);
*returned_service_data = service_data;
*returned_command_data = command_data;
}
static gint
dissect_adb(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
{
proto_item *main_item;
proto_tree *main_tree;
proto_item *arg0_item;
proto_tree *arg0_tree;
proto_item *arg1_item;
proto_tree *arg1_tree;
proto_item *magic_item;
proto_item *crc_item;
proto_tree *crc_tree = NULL;
proto_item *sub_item;
gint offset = 0;
guint32 command;
guint32 arg0;
guint32 arg1;
guint32 data_length = 0;
guint32 crc32 = 0;
usb_conv_info_t *usb_conv_info = NULL;
wmem_tree_key_t key[5];
guint32 interface_id;
guint32 bus_id;
guint32 device_address;
guint32 side_id;
guint32 frame_number;
gboolean is_command = TRUE;
gboolean is_next_fragment = FALSE;
gboolean is_service = FALSE;
gint proto;
gint direction = P2P_DIR_UNKNOWN;
wmem_tree_t *wmem_tree;
command_data_t *command_data = NULL;
service_data_t *service_data = NULL;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "ADB");
col_clear(pinfo->cinfo, COL_INFO);
main_item = proto_tree_add_item(tree, proto_adb, tvb, offset, -1, ENC_NA);
main_tree = proto_item_add_subtree(main_item, ett_adb);
frame_number = pinfo->num;
/* XXX: Why? If interface is USB only first try is correct
* (and seems strange...), in other cases standard check for
* previous protocol is correct */
proto = (gint) GPOINTER_TO_INT(wmem_list_frame_data(/*wmem_list_frame_prev*/(wmem_list_tail(pinfo->layers))));
if (proto != proto_usb) {
proto = (gint) GPOINTER_TO_INT(wmem_list_frame_data(wmem_list_frame_prev(wmem_list_tail(pinfo->layers))));
}
if (proto == proto_usb) {
usb_conv_info = (usb_conv_info_t *) data;
DISSECTOR_ASSERT(usb_conv_info);
direction = usb_conv_info->direction;
} else if (proto == proto_tcp) {
if (pinfo->destport == ADB_TCP_PORT)
direction = P2P_DIR_SENT;
else
direction = P2P_DIR_RECV;
} else {
return offset;
}
if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID)
interface_id = pinfo->phdr->interface_id;
else
interface_id = 0;
if (proto == proto_usb) {
bus_id = usb_conv_info->bus_id;
device_address = usb_conv_info->device_address;
key[0].length = 1;
key[0].key = &interface_id;
key[1].length = 1;
key[1].key = &bus_id;
key[2].length = 1;
key[2].key = &device_address;
key[3].length = 0;
key[3].key = NULL;
} else { /* tcp */
key[0].length = 1;
key[0].key = &interface_id;
key[1].length = 1;
key[2].length = 1;
if (direction == P2P_DIR_SENT) {
key[1].key = &pinfo->srcport;
key[2].key = &pinfo->destport;
} else {
key[1].key = &pinfo->destport;
key[2].key = &pinfo->srcport;
}
key[3].length = 0;
key[3].key = NULL;
}
wmem_tree = (wmem_tree_t *) wmem_tree_lookup32_array(command_info, key);
if (wmem_tree) {
command_data = (command_data_t *) wmem_tree_lookup32_le(wmem_tree, frame_number);
if (command_data && command_data->completed_in_frame >= frame_number &&
command_data->command_in_frame <= frame_number) {
if (command_data->command_in_frame != frame_number) {
is_command = FALSE;
is_next_fragment = TRUE;
}
data_length = command_data->data_length;
crc32 = command_data->crc32;
if (direction == P2P_DIR_SENT)
if (command_data->command == A_CLSE)
side_id = command_data->arg1; /* OUT: local id */
else
side_id = command_data->arg0; /* OUT: local id */
else
if (command_data->command == A_OKAY) {
side_id = command_data->arg1; /* IN: remote id */
} else
side_id = command_data->arg1; /* IN: remote id */
key[3].length = 1;
key[3].key = &side_id;
key[4].length = 0;
key[4].key = NULL;
wmem_tree = (wmem_tree_t *) wmem_tree_lookup32_array(service_info, key);
if (wmem_tree) {
service_data = (service_data_t *) wmem_tree_lookup32_le(wmem_tree, frame_number);
if (service_data && command_data->command == A_OPEN) {
is_service = TRUE;
}
}
}
}
/* Simple heuristics to check if packet is command or data */
if ((command_data && command_data->completed_in_frame <= frame_number) || !command_data) {
if (tvb_reported_length(tvb) < 24) {
is_command = FALSE;
} else if (tvb_reported_length(tvb) >= 24) {
command = tvb_get_letohl(tvb, offset);
if (command != A_SYNC && command != A_CLSE && command != A_WRTE &&
command != A_AUTH && command != A_CNXN && command != A_OPEN && command != A_OKAY)
is_command = FALSE;
else if (command != (0xFFFFFFFF ^ tvb_get_letohl(tvb, offset + 20)))
is_command = FALSE;
if (is_command) {
data_length = tvb_get_letohl(tvb, offset + 12);
crc32 = tvb_get_letohl(tvb, offset + 16);
}
if (command == A_OPEN) is_service = TRUE;
}
}
if (service_data && !(command_data->command == A_OPEN && is_next_fragment)) {
sub_item = proto_tree_add_string(main_tree, hf_service, tvb, offset, 0, service_data->service);
PROTO_ITEM_SET_GENERATED(sub_item);
}
if (service_data) {
sub_item = proto_tree_add_uint(main_tree, hf_service_start_in_frame, tvb, offset, 0, service_data->start_in_frame);
PROTO_ITEM_SET_GENERATED(sub_item);
if (service_data->close_local_in_frame < max_in_frame) {
sub_item = proto_tree_add_uint(main_tree, hf_close_local_in_frame, tvb, offset, 0, service_data->close_local_in_frame);
PROTO_ITEM_SET_GENERATED(sub_item);
}
if (service_data->close_remote_in_frame < max_in_frame) {
sub_item = proto_tree_add_uint(main_tree, hf_close_remote_in_frame, tvb, offset, 0, service_data->close_remote_in_frame);
PROTO_ITEM_SET_GENERATED(sub_item);
}
}
if (is_command) {
proto_tree_add_item(main_tree, hf_command, tvb, offset, 4, ENC_LITTLE_ENDIAN);
command = tvb_get_letohl(tvb, offset);
offset += 4;
col_append_str(pinfo->cinfo, COL_INFO, val_to_str_const(command, command_vals, "Unknown command"));
arg0_item = proto_tree_add_item(main_tree, hf_argument_0, tvb, offset, 4, ENC_LITTLE_ENDIAN);
arg0_tree = proto_item_add_subtree(arg0_item, ett_adb_arg0);
arg0 = tvb_get_letohl(tvb, offset);
offset += 4;
arg1_item = proto_tree_add_item(main_tree, hf_argument_1, tvb, offset, 4, ENC_LITTLE_ENDIAN);
arg1_tree = proto_item_add_subtree(arg1_item, ett_adb_arg1);
arg1 = tvb_get_letohl(tvb, offset);
offset += 4;
switch (command) {
case A_CNXN:
proto_tree_add_item(arg0_tree, hf_version, tvb, offset - 8, 4, ENC_LITTLE_ENDIAN);
proto_tree_add_item(arg1_tree, hf_max_data, tvb, offset - 4, 4, ENC_LITTLE_ENDIAN);
col_append_fstr(pinfo->cinfo, COL_INFO, "(version=%u.%u.%u, max_data=%u)", tvb_get_guint8(tvb, offset - 5), tvb_get_guint8(tvb, offset - 6), tvb_get_letohs(tvb, offset - 7), tvb_get_letohl(tvb, offset - 4));
break;
case A_AUTH:
proto_tree_add_item(arg0_tree, hf_auth_type, tvb, offset - 8, 4, ENC_LITTLE_ENDIAN);
proto_tree_add_item(arg1_tree, hf_zero, tvb, offset - 4, 4, ENC_LITTLE_ENDIAN);
col_append_fstr(pinfo->cinfo, COL_INFO, "(type=%s, 0)", val_to_str_const(tvb_get_letohl(tvb, offset - 8), auth_type_vals, "Unknown"));
break;
case A_OPEN:
proto_tree_add_item(arg0_tree, hf_local_id, tvb, offset - 8, 4, ENC_LITTLE_ENDIAN);
proto_tree_add_item(arg1_tree, hf_zero, tvb, offset - 4, 4, ENC_LITTLE_ENDIAN);
col_append_fstr(pinfo->cinfo, COL_INFO, "(local=%u, 0)", tvb_get_letohl(tvb, offset - 8));
break;
case A_WRTE:
proto_tree_add_item(arg0_tree, hf_zero, tvb, offset - 8, 4, ENC_LITTLE_ENDIAN);
proto_tree_add_item(arg1_tree, hf_remote_id, tvb, offset - 4, 4, ENC_LITTLE_ENDIAN);
col_append_fstr(pinfo->cinfo, COL_INFO, "(0, remote=%u)", tvb_get_letohl(tvb, offset - 4));
break;
case A_CLSE:
case A_OKAY:
proto_tree_add_item(arg0_tree, hf_local_id, tvb, offset - 8, 4, ENC_LITTLE_ENDIAN);
proto_tree_add_item(arg1_tree, hf_remote_id, tvb, offset - 4, 4, ENC_LITTLE_ENDIAN);
col_append_fstr(pinfo->cinfo, COL_INFO, "(local=%u, remote=%u)", tvb_get_letohl(tvb, offset - 8), tvb_get_letohl(tvb, offset - 4));
break;
case A_SYNC:
proto_tree_add_item(arg0_tree, hf_online, tvb, offset - 8, 4, ENC_LITTLE_ENDIAN);
proto_tree_add_item(arg1_tree, hf_sequence, tvb, offset - 4, 4, ENC_LITTLE_ENDIAN);
col_append_fstr(pinfo->cinfo, COL_INFO, "(online=%s, sequence=%u)", tvb_get_letohl(tvb, offset - 8) ? "Yes": "No", tvb_get_letohl(tvb, offset - 4));
break;
}
proto_tree_add_item(main_tree, hf_data_length, tvb, offset, 4, ENC_LITTLE_ENDIAN);
offset += 4;
if (data_length > 0)
col_append_fstr(pinfo->cinfo, COL_INFO, " length=%u ", data_length);
crc_item = proto_tree_add_item(main_tree, hf_data_crc32, tvb, offset, 4, ENC_LITTLE_ENDIAN);
crc_tree = proto_item_add_subtree(crc_item, ett_adb_crc);
crc32 = tvb_get_letohl(tvb, offset);
offset += 4;
magic_item = proto_tree_add_item(main_tree, hf_magic, tvb, offset, 4, ENC_LITTLE_ENDIAN);
if ((tvb_get_letohl(tvb, offset) ^ 0xFFFFFFFF) != command) {
proto_tree *expert_tree;
expert_tree = proto_item_add_subtree(magic_item, ett_adb_magic);
proto_tree_add_expert(expert_tree, pinfo, &ei_invalid_magic, tvb, offset, 4);
}
if (!pinfo->fd->flags.visited)
save_command(command, arg0, arg1, data_length, crc32, service_data, proto, data, pinfo, &service_data, &command_data);
offset += 4;
}
if (!pinfo->fd->flags.visited && command_data) {
if (command_data->command_in_frame != frame_number) {
is_command = FALSE;
is_next_fragment = TRUE;
}
data_length = command_data->data_length;
crc32 = command_data->crc32;
if ((command_data->command_in_frame != frame_number && tvb_captured_length(tvb) == data_length) ||
(command_data->command_in_frame == frame_number && tvb_captured_length(tvb) == data_length + 24)
) {
command_data->reassemble_data_length = command_data->data_length;
command_data->completed_in_frame = frame_number;
}
}
if (is_next_fragment && command_data) {
sub_item = proto_tree_add_uint(main_tree, hf_command_in_frame, tvb, offset, 0, command_data->command_in_frame);
PROTO_ITEM_SET_GENERATED(sub_item);
sub_item = proto_tree_add_uint(main_tree, hf_command, tvb, offset, 0, command_data->command);
PROTO_ITEM_SET_GENERATED(sub_item);
sub_item = proto_tree_add_uint(main_tree, hf_data_length, tvb, offset, 0, command_data->data_length);
PROTO_ITEM_SET_GENERATED(sub_item);
crc_item = proto_tree_add_uint(main_tree, hf_data_crc32, tvb, offset, 0, command_data->crc32);
crc_tree = proto_item_add_subtree(crc_item, ett_adb_crc);
PROTO_ITEM_SET_GENERATED(crc_item);
}
if (command_data && command_data->completed_in_frame != frame_number) {
sub_item = proto_tree_add_uint(main_tree, hf_completed_in_frame, tvb, offset, 0, command_data->completed_in_frame);
PROTO_ITEM_SET_GENERATED(sub_item);
}
if (tvb_captured_length_remaining(tvb, offset) > 0 && (!is_command || data_length > 0)) {
guint32 crc = 0;
guint32 i_offset;
if ((!pinfo->fd->flags.visited && command_data && command_data->reassemble_data_length < command_data->data_length) || data_length > (guint32) tvb_captured_length_remaining(tvb, offset)) { /* need reassemble */
if (!pinfo->fd->flags.visited && command_data && command_data->reassemble_data_length < command_data->data_length) {
tvb_memcpy(tvb, command_data->reassemble_data + command_data->reassemble_data_length, offset, tvb_captured_length_remaining(tvb, offset));
command_data->reassemble_data_length += tvb_captured_length_remaining(tvb, offset);
if (command_data->reassemble_data_length >= command_data->data_length)
command_data->completed_in_frame = frame_number;
}
proto_tree_add_item(main_tree, hf_data_fragment, tvb, offset, -1, ENC_NA);
col_append_str(pinfo->cinfo, COL_INFO, "Data Fragment");
offset = tvb_captured_length(tvb);
if (service_data && command_data && command_data->reassemble_data_length >= command_data->data_length && frame_number == command_data->completed_in_frame) {
tvbuff_t *next_tvb;
adb_service_data_t adb_service_data;
next_tvb = tvb_new_child_real_data(tvb, command_data->reassemble_data, command_data->reassemble_data_length, command_data->reassemble_data_length);
add_new_data_source(pinfo, next_tvb, "ADB Reassembled Data");
adb_service_data.service = service_data->service;
adb_service_data.direction = direction;
adb_service_data.session_key_length = 3;
adb_service_data.session_key = (guint32 *) wmem_alloc(wmem_packet_scope(), adb_service_data.session_key_length * sizeof(guint32));
adb_service_data.session_key[0] = interface_id;
if (proto == proto_usb) {
adb_service_data.session_key[1] = usb_conv_info->bus_id;
adb_service_data.session_key[2] = usb_conv_info->device_address;
} else { /* tcp */
if (direction == P2P_DIR_SENT) {
adb_service_data.session_key[1] = pinfo->srcport;
adb_service_data.session_key[2] = pinfo->destport;
} else {
adb_service_data.session_key[1] = pinfo->destport;
adb_service_data.session_key[2] = pinfo->srcport;
}
}
call_dissector_with_data(adb_service_handle, next_tvb, pinfo, tree, &adb_service_data);
}
} else { /* full message */
for (i_offset = 0; i_offset < data_length; ++i_offset)
crc += tvb_get_guint8(tvb, offset + i_offset);
if (crc32 > 0 && crc32 != crc)
proto_tree_add_expert(crc_tree, pinfo, &ei_invalid_crc, tvb, offset, -1);
if (is_service) {
proto_tree_add_item(main_tree, hf_service, tvb, offset, -1, ENC_ASCII | ENC_NA);
if (!pinfo->fd->flags.visited && service_data) {
service_data->service = tvb_get_stringz_enc(wmem_file_scope(), tvb, offset, NULL, ENC_ASCII);
}
col_append_fstr(pinfo->cinfo, COL_INFO, "Service: %s", tvb_get_stringz_enc(wmem_packet_scope(), tvb, offset, NULL, ENC_ASCII));
offset = tvb_captured_length(tvb);
} else if (command_data && command_data->command == A_CNXN) {
gchar *info;
gint len;
info = tvb_get_stringz_enc(wmem_packet_scope(), tvb, offset, &len, ENC_ASCII);
col_append_fstr(pinfo->cinfo, COL_INFO, "Connection Info: %s", info);
proto_tree_add_item(main_tree, hf_connection_info, tvb, offset, len, ENC_ASCII | ENC_NA);
offset += len;
} else {
col_append_str(pinfo->cinfo, COL_INFO, "Data");
/* Decode service payload */
if (service_data) {
tvbuff_t *next_tvb;
adb_service_data_t adb_service_data;
adb_service_data.service = service_data->service;
adb_service_data.direction = direction;
adb_service_data.session_key_length = 3;
adb_service_data.session_key = (guint32 *) wmem_alloc(wmem_packet_scope(), adb_service_data.session_key_length * sizeof(guint32));
adb_service_data.session_key[0] = interface_id;
if (proto == proto_usb) {
adb_service_data.session_key[1] = usb_conv_info->bus_id;
adb_service_data.session_key[2] = usb_conv_info->device_address;
} else { /* tcp */
if (direction == P2P_DIR_SENT) {
adb_service_data.session_key[1] = pinfo->srcport;
adb_service_data.session_key[2] = pinfo->destport;
} else {
adb_service_data.session_key[1] = pinfo->destport;
adb_service_data.session_key[2] = pinfo->srcport;
}
}
next_tvb = tvb_new_subset(tvb, offset, tvb_captured_length_remaining(tvb, offset), tvb_captured_length_remaining(tvb, offset));
call_dissector_with_data(adb_service_handle, next_tvb, pinfo, tree, &adb_service_data);
} else {
proto_item *data_item;
gchar *data_str;
data_item = proto_tree_add_item(main_tree, hf_data, tvb, offset, data_length, ENC_NA);
data_str = tvb_format_text(tvb, offset, data_length);
proto_item_append_text(data_item, ": %s", data_str);
col_append_fstr(pinfo->cinfo, COL_INFO, " Raw: %s", data_str);
}
offset = tvb_captured_length(tvb);
}
}
}
return offset;
}
gcp_ctx_t* gcp_ctx(gcp_msg_t* m, gcp_trx_t* t, guint32 c_id, gboolean persistent) {
gcp_ctx_t* context = NULL;
gcp_ctx_t** context_p = NULL;
if ( !m || !t ) return NULL;
if (persistent) {
wmem_tree_key_t ctx_key[4];
wmem_tree_key_t trx_key[4];
ctx_key[0].length = 1;
ctx_key[0].key = &(m->hi_addr);
ctx_key[1].length = 1;
ctx_key[1].key = &(m->lo_addr);
ctx_key[2].length = 1;
ctx_key[2].key = &(c_id);
ctx_key[3].length = 0;
ctx_key[3].key = NULL;
trx_key[0].length = 1;
trx_key[0].key = &(m->hi_addr);
trx_key[1].length = 1;
trx_key[1].key = &(m->lo_addr);
trx_key[2].length = 1;
trx_key[2].key = &(t->id);
trx_key[3].length = 0;
trx_key[3].key = NULL;
if (m->committed) {
if (( context = (gcp_ctx_t *)wmem_tree_lookup32_array(ctxs_by_trx,trx_key) )) {
return context;
} if ((context_p = (gcp_ctx_t **)wmem_tree_lookup32_array(ctxs,ctx_key))) {
context = *context_p;
do {
if (context->initial->framenum <= m->framenum) {
return context;
}
} while(( context = context->prev ));
DISSECTOR_ASSERT(! "a context should exist");
}
} else {
if (c_id == CHOOSE_CONTEXT) {
if (! ( context = (gcp_ctx_t *)wmem_tree_lookup32_array(ctxs_by_trx,trx_key))) {
context = wmem_new(wmem_file_scope(), gcp_ctx_t);
context->initial = m;
context->cmds = NULL;
context->id = c_id;
context->terms.last = &(context->terms);
context->terms.next = NULL;
context->terms.term = NULL;
wmem_tree_insert32_array(ctxs_by_trx,trx_key,context);
}
} else {
if (( context = (gcp_ctx_t *)wmem_tree_lookup32_array(ctxs_by_trx,trx_key) )) {
if (( context_p = (gcp_ctx_t **)wmem_tree_lookup32_array(ctxs,ctx_key) )) {
if (context != *context_p) {
if(context->id != CHOOSE_CONTEXT) {
context = wmem_new(wmem_file_scope(), gcp_ctx_t);
}
context->initial = m;
context->id = c_id;
context->cmds = NULL;
context->terms.last = &(context->terms);
context->terms.next = NULL;
context->terms.term = NULL;
context->prev = *context_p;
*context_p = context;
}
} else {
context_p = wmem_new(wmem_file_scope(), gcp_ctx_t*);
*context_p = context;
context->initial = m;
context->id = c_id;
wmem_tree_insert32_array(ctxs,ctx_key,context_p);
}
} else if (! ( context_p = (gcp_ctx_t**)wmem_tree_lookup32_array(ctxs,ctx_key) )) {
context = wmem_new(wmem_file_scope(), gcp_ctx_t);
context->initial = m;
context->id = c_id;
context->cmds = NULL;
context->terms.last = &(context->terms);
context->terms.next = NULL;
context->terms.term = NULL;
context_p = wmem_new(wmem_file_scope(), gcp_ctx_t*);
*context_p = context;
wmem_tree_insert32_array(ctxs,ctx_key,context_p);
} else {
context = *context_p;
}
}
void
proto_register_hci_usb(void)
{
module_t *module;
static hf_register_info hf[] = {
{ &hf_msg_fragments,
{ "Message fragments", "hci_usb.msg.fragments",
FT_NONE, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_msg_fragment,
{ "Message fragment", "hci_usb.msg.fragment",
FT_FRAMENUM, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_msg_fragment_overlap,
{ "Message fragment overlap", "hci_usb.msg.fragment.overlap",
FT_BOOLEAN, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_msg_fragment_overlap_conflicts,
{ "Message fragment overlapping with conflicting data", "hci_usb.msg.fragment.overlap.conflicts",
FT_BOOLEAN, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_msg_fragment_multiple_tails,
{ "Message has multiple tail fragments", "hci_usb.msg.fragment.multiple_tails",
FT_BOOLEAN, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_msg_fragment_too_long_fragment,
{ "Message fragment too long", "hci_usb.msg.fragment.too_long_fragment",
FT_BOOLEAN, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_msg_fragment_error,
{ "Message defragmentation error", "hci_usb.msg.fragment.error",
FT_FRAMENUM, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_msg_fragment_count,
{ "Message fragment count", "hci_usb.msg.fragment.count",
FT_UINT32, BASE_DEC, NULL, 0x00,
NULL, HFILL }
},
{ &hf_msg_reassembled_in,
{ "Reassembled in", "hci_usb.msg.reassembled.in",
FT_FRAMENUM, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_msg_reassembled_length,
{ "Reassembled MP2T length", "hci_usb.msg.reassembled.length",
FT_UINT32, BASE_DEC, NULL, 0x00,
NULL, HFILL }
},
{ &hf_bthci_usb_packet_fragment,
{ "Packet Fragment", "hci_usb.packet.fragment",
FT_NONE, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_bthci_usb_packet_complete,
{ "Packet Complete", "hci_usb.packet.complete",
FT_NONE, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_bthci_usb_packet_unknown_fragment,
{ "Unknown Packet Fragment", "hci_usb.packet.unknown_fragment",
FT_NONE, BASE_NONE, NULL, 0x00,
NULL, HFILL }
},
{ &hf_bthci_usb_setup_request,
{ "bRequest", "hci_usb.setup.bRequest",
FT_UINT8, BASE_DEC | BASE_EXT_STRING, &request_vals_ext, 0x0,
NULL, HFILL }},
{ &hf_bthci_usb_setup_value,
{ "wValue", "hci_usb.setup.wValue",
FT_UINT16, BASE_HEX, NULL, 0x0,
NULL, HFILL }},
{ &hf_bthci_usb_setup_adapter_id,
{ "Adapter ID", "hci_usb.setup.adapter_id",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_bthci_usb_setup_length,
{ "wLength", "hci_usb.setup.wLength",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_bthci_usb_data,
{ "Unknown Data", "hci_usb.data",
FT_NONE, BASE_NONE, NULL, 0x00,
NULL, HFILL }
}
};
static gint *ett[] = {
&ett_hci_usb,
&ett_hci_usb_msg_fragment,
&ett_hci_usb_msg_fragments,
};
reassembly_table_register(&hci_usb_reassembly_table,
&addresses_reassembly_table_functions);
fragment_info_table = wmem_tree_new_autoreset(wmem_epan_scope(), wmem_file_scope());
proto_hci_usb = proto_register_protocol("Bluetooth HCI USB Transport", "HCI_USB", "hci_usb");
proto_register_field_array(proto_hci_usb, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
hci_usb_handle = register_dissector("hci_usb", dissect_hci_usb, proto_hci_usb);
module = prefs_register_protocol_subtree("Bluetooth", proto_hci_usb, NULL);
prefs_register_static_text_preference(module, "bthci_usb.version",
"Bluetooth HCI USB Transport from Core 4.0",
"Version of protocol supported by this dissector.");
}
static ros_call_response_t *
ros_match_call_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint invokeId, gboolean isInvoke)
{
ros_call_response_t rcr, *rcrp=NULL;
ros_conv_info_t *ros_info = ros_info_items;
/* first see if we have already matched this */
rcr.invokeId=invokeId;
rcr.is_request = isInvoke;
if(isInvoke) {
rcr.req_frame=pinfo->num;
rcr.rep_frame=0;
} else {
rcr.req_frame=0;
rcr.rep_frame=pinfo->num;
}
rcrp=(ros_call_response_t *)g_hash_table_lookup(ros_info->matched, &rcr);
if(rcrp) {
/* we have found a match */
rcrp->is_request=rcr.is_request;
} else {
/* we haven't found a match - try and match it up */
if(isInvoke) {
/* this a a request - add it to the unmatched list */
/* check that we don't already have one of those in the
unmatched list and if so remove it */
rcr.invokeId=invokeId;
rcrp=(ros_call_response_t *)g_hash_table_lookup(ros_info->unmatched, &rcr);
if(rcrp){
g_hash_table_remove(ros_info->unmatched, rcrp);
}
/* if we can't reuse the old one, grab a new chunk */
if(!rcrp){
rcrp=wmem_new(wmem_file_scope(), ros_call_response_t);
}
rcrp->invokeId=invokeId;
rcrp->req_frame=pinfo->num;
rcrp->req_time=pinfo->abs_ts;
rcrp->rep_frame=0;
rcrp->is_request=TRUE;
g_hash_table_insert(ros_info->unmatched, rcrp, rcrp);
return NULL;
} else {
/* this is a result - it should be in our unmatched list */
rcr.invokeId=invokeId;
rcrp=(ros_call_response_t *)g_hash_table_lookup(ros_info->unmatched, &rcr);
if(rcrp){
if(!rcrp->rep_frame){
g_hash_table_remove(ros_info->unmatched, rcrp);
rcrp->rep_frame=pinfo->num;
rcrp->is_request=FALSE;
g_hash_table_insert(ros_info->matched, rcrp, rcrp);
}
}
}
}
if(rcrp){ /* we have found a match */
proto_item *item = NULL;
if(rcrp->is_request){
item=proto_tree_add_uint(tree, hf_ros_response_in, tvb, 0, 0, rcrp->rep_frame);
PROTO_ITEM_SET_GENERATED (item);
} else {
nstime_t ns;
item=proto_tree_add_uint(tree, hf_ros_response_to, tvb, 0, 0, rcrp->req_frame);
PROTO_ITEM_SET_GENERATED (item);
nstime_delta(&ns, &pinfo->abs_ts, &rcrp->req_time);
item=proto_tree_add_time(tree, hf_ros_time, tvb, 0, 0, &ns);
PROTO_ITEM_SET_GENERATED (item);
}
}
return rcrp;
}
/* initialize the tap t38_info and the conversation */
static void
init_t38_info_conv(packet_info *pinfo)
{
/* tap info */
t38_info_current++;
if (t38_info_current==MAX_T38_MESSAGES_IN_PACKET) {
t38_info_current=0;
}
t38_info = &t38_info_arr[t38_info_current];
t38_info->seq_num = 0;
t38_info->type_msg = 0;
t38_info->data_value = 0;
t38_info->t30ind_value =0;
t38_info->setup_frame_number = 0;
t38_info->Data_Field_field_type_value = 0;
t38_info->desc[0] = '\0';
t38_info->desc_comment[0] = '\0';
t38_info->time_first_t4_data = 0;
t38_info->frame_num_first_t4_data = 0;
/*
p_t38_packet_conv hold the conversation info in each of the packets.
p_t38_conv hold the conversation info used to reassemble the HDLC packets, and also the Setup info (e.g SDP)
If we already have p_t38_packet_conv in the packet, it means we already reassembled the HDLC packets, so we don't
need to use p_t38_conv
*/
p_t38_packet_conv = NULL;
p_t38_conv = NULL;
/* Use existing packet info if available */
p_t38_packet_conv = (t38_conv *)p_get_proto_data(wmem_file_scope(), pinfo, proto_t38, 0);
/* find the conversation used for Reassemble and Setup Info */
p_conv = find_conversation(pinfo->fd->num, &pinfo->net_dst, &pinfo->net_src,
pinfo->ptype,
pinfo->destport, pinfo->srcport, NO_ADDR_B | NO_PORT_B);
/* create a conv if it doen't exist */
if (!p_conv) {
p_conv = conversation_new(pinfo->fd->num, &pinfo->net_src, &pinfo->net_dst,
pinfo->ptype, pinfo->srcport, pinfo->destport, NO_ADDR_B | NO_PORT_B);
/* Set dissector */
conversation_set_dissector(p_conv, t38_udp_handle);
}
if (!p_t38_packet_conv) {
p_t38_conv = (t38_conv *)conversation_get_proto_data(p_conv, proto_t38);
/* create the conversation if it doen't exist */
if (!p_t38_conv) {
p_t38_conv = wmem_new(wmem_file_scope(), t38_conv);
p_t38_conv->setup_method[0] = '\0';
p_t38_conv->setup_frame_number = 0;
p_t38_conv->src_t38_info.reass_ID = 0;
p_t38_conv->src_t38_info.reass_start_seqnum = -1;
p_t38_conv->src_t38_info.reass_data_type = 0;
p_t38_conv->src_t38_info.last_seqnum = -1;
p_t38_conv->src_t38_info.packet_lost = 0;
p_t38_conv->src_t38_info.burst_lost = 0;
p_t38_conv->src_t38_info.time_first_t4_data = 0;
p_t38_conv->src_t38_info.additional_hdlc_data_field_counter = 0;
p_t38_conv->src_t38_info.seqnum_prev_data_field = -1;
p_t38_conv->dst_t38_info.reass_ID = 0;
p_t38_conv->dst_t38_info.reass_start_seqnum = -1;
p_t38_conv->dst_t38_info.reass_data_type = 0;
p_t38_conv->dst_t38_info.last_seqnum = -1;
p_t38_conv->dst_t38_info.packet_lost = 0;
p_t38_conv->dst_t38_info.burst_lost = 0;
p_t38_conv->dst_t38_info.time_first_t4_data = 0;
p_t38_conv->dst_t38_info.additional_hdlc_data_field_counter = 0;
p_t38_conv->dst_t38_info.seqnum_prev_data_field = -1;
conversation_add_proto_data(p_conv, proto_t38, p_t38_conv);
}
/* copy the t38 conversation info to the packet t38 conversation */
p_t38_packet_conv = wmem_new(wmem_file_scope(), t38_conv);
g_strlcpy(p_t38_packet_conv->setup_method, p_t38_conv->setup_method, MAX_T38_SETUP_METHOD_SIZE);
p_t38_packet_conv->setup_frame_number = p_t38_conv->setup_frame_number;
memcpy(&(p_t38_packet_conv->src_t38_info), &(p_t38_conv->src_t38_info), sizeof(t38_conv_info));
memcpy(&(p_t38_packet_conv->dst_t38_info), &(p_t38_conv->dst_t38_info), sizeof(t38_conv_info));
p_add_proto_data(wmem_file_scope(), pinfo, proto_t38, 0, p_t38_packet_conv);
}
if (ADDRESSES_EQUAL(&p_conv->key_ptr->addr1, &pinfo->net_src)) {
p_t38_conv_info = &(p_t38_conv->src_t38_info);
p_t38_packet_conv_info = &(p_t38_packet_conv->src_t38_info);
} else {
p_t38_conv_info = &(p_t38_conv->dst_t38_info);
p_t38_packet_conv_info = &(p_t38_packet_conv->dst_t38_info);
}
/* update t38_info */
t38_info->setup_frame_number = p_t38_packet_conv->setup_frame_number;
}
void
proto_register_usb_dfu(void)
{
module_t *module;
expert_module_t *expert_module;
static hf_register_info hf[] = {
{ &hf_setup_command,
{ "Command", "usbdfu.command",
FT_UINT8, BASE_DEC | BASE_EXT_STRING, &command_vals_ext, 0x0,
NULL, HFILL }
},
{ &hf_response,
{ "Response", "usbdfu.response",
FT_UINT8, BASE_DEC | BASE_EXT_STRING, &command_vals_ext, 0x0,
NULL, HFILL }
},
{ &hf_command_in_frame,
{ "Command Frame", "usbdfu.command_frame",
FT_FRAMENUM, BASE_NONE, NULL, 0x0,
NULL, HFILL }
},
{ &hf_setup_unused,
{ "Unused", "usbdfu.unused",
FT_UINT16, BASE_HEX, NULL, 0x0,
NULL, HFILL }
},
{ &hf_setup_interface,
{ "Interface", "usbdfu.interface",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_setup_length,
{ "Length", "usbdfu.length",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_setup_block_number,
{ "Block Number", "usbdfu.block_number",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_setup_timeout,
{ "Timeout", "usbdfu.timeout",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_state,
{ "State", "usbdfu.state",
FT_UINT8, BASE_DEC | BASE_EXT_STRING, &state_vals_ext, 0x0,
NULL, HFILL }
},
{ &hf_status,
{ "Status", "usbdfu.status",
FT_UINT8, BASE_HEX | BASE_EXT_STRING, &status_vals_ext, 0x0,
NULL, HFILL }
},
{ &hf_iString,
{ "iString", "usbdfu.iString",
FT_INT8, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_poll_timeout,
{ "Poll Timeout", "usbdfu.poll_timeout",
FT_UINT24, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_data,
{ "Data", "usbdfu.data",
FT_NONE, BASE_NONE, NULL, 0x0,
NULL, HFILL }
},
{ &hf_usb_dfu_descriptor,
{ "DFU Descriptor", "usbdfu.descriptor",
FT_NONE, BASE_NONE, NULL, 0x0,
NULL, HFILL }
},
{ &hf_usb_dfu_descriptor_bmAttributes_reserved,
{ "Reserved", "usbdfu.descriptor.bmAttributes.reserved",
FT_UINT8, BASE_HEX, NULL, 0xF0,
NULL, HFILL }
},
{ &hf_usb_dfu_descriptor_bmAttributes_WillDetach,
{ "Will Detach", "usbdfu.descriptor.bmAttributes.WillDetach",
FT_BOOLEAN, 8, NULL, 0x08,
NULL, HFILL }
},
{ &hf_usb_dfu_descriptor_bmAttributes_ManifestationTolerant,
{ "Manifestation Tolerant", "usbdfu.descriptor.bmAttributes.ManifestationTolerant",
FT_BOOLEAN, 8, NULL, 0x04,
NULL, HFILL }
},
{ &hf_usb_dfu_descriptor_bmAttributes_CanUpload,
{ "Can Upload", "usbdfu.descriptor.bmAttributes.CanUpload",
FT_BOOLEAN, 8, NULL, 0x02,
NULL, HFILL }
},
{ &hf_usb_dfu_descriptor_bmAttributes_CanDownload,
{ "Can Download", "usbdfu.descriptor.bmAttributes.CanDownload",
FT_BOOLEAN, 8, NULL, 0x01,
NULL, HFILL }
},
{ &hf_usb_dfu_descriptor_wDetachTimeOut,
{ "wDetachTimeOut", "usbdfu.descriptor.wDetachTimeOut",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_usb_dfu_descriptor_wTransferSize,
{ "wTransferSize", "usbdfu.descriptor.wTransferSize",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_usb_dfu_descriptor_bcdDFUVersion,
{ "bcdDFUVersion", "usbdfu.descriptor.bcdDFUVersion",
FT_UINT16, BASE_HEX, NULL, 0x0,
NULL, HFILL }
}
};
static ei_register_info ei[] = {
{ &ei_unexpected_response, { "usb_dfu.unexpected_response", PI_PROTOCOL, PI_ERROR, "Unexpected response for this command", EXPFILL }},
{ &ei_unknown_data, { "usb_dfu.unknown_data", PI_PROTOCOL, PI_NOTE, "Unknown data", EXPFILL }},
{ &ei_unexpected_data, { "usb_dfu.unexpected_data", PI_PROTOCOL, PI_WARN, "Unexpected data", EXPFILL }},
{ &ei_invalid_command_for_request_type, { "usb_dfu.invalid_command_for_request_type", PI_PROTOCOL, PI_WARN, "Invalid command for this Request Type", EXPFILL }},
{ &ei_descriptor_invalid_length, { "usb_dfu.descriptor.invalid_length", PI_PROTOCOL, PI_WARN, "Invalid Length", EXPFILL }},
};
static gint *ett[] = {
&ett_usb_dfu,
&ett_usb_dfu_descriptor,
&ett_command
};
command_info = wmem_tree_new_autoreset(wmem_epan_scope(), wmem_file_scope());
proto_usb_dfu = proto_register_protocol("USB Device Firmware Upgrade ", "USB DFU", "usbdfu");
proto_register_field_array(proto_usb_dfu, hf, array_length(hf));
proto_register_subtree_array(ett, array_length(ett));
usb_dfu_handle = new_register_dissector("usb_dfu", dissect_usb_dfu, proto_usb_dfu);
expert_module = expert_register_protocol(proto_usb_dfu);
expert_register_field_array(expert_module, ei, array_length(ei));
module = prefs_register_protocol(proto_usb_dfu, NULL);
prefs_register_static_text_preference(module, "version",
"USB DFU Specification 1.1",
"Version of protocol supported by this dissector.");
}
/* XXX - "packet comment" is passed into dissector as data, but currently doesn't have a use */
static int
dissect_file_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data)
{
proto_item *volatile ti = NULL;
guint cap_len = 0, frame_len = 0;
proto_tree *volatile fh_tree = NULL;
proto_tree *volatile tree;
proto_item *item;
const gchar *cap_plurality, *frame_plurality;
const color_filter_t *color_filter;
file_data_t *file_data = (file_data_t*)data;
tree=parent_tree;
pinfo->current_proto = "File";
/* if FILE is not referenced from any filters we don't need to worry about
generating any tree items. */
if(!proto_field_is_referenced(tree, proto_file)) {
tree=NULL;
} else {
gboolean old_visible;
/* Put in frame header information. */
cap_len = tvb_captured_length(tvb);
frame_len = tvb_reported_length(tvb);
cap_plurality = plurality(cap_len, "", "s");
frame_plurality = plurality(frame_len, "", "s");
ti = proto_tree_add_protocol_format(tree, proto_file, tvb, 0, -1,
"File record %u: %u byte%s",
pinfo->num, frame_len, frame_plurality);
proto_item_append_text(ti, ", %u byte%s",
cap_len, cap_plurality);
fh_tree = proto_item_add_subtree(ti, ett_file);
proto_tree_add_int(fh_tree, hf_file_ftap_encap, tvb, 0, 0, pinfo->pkt_encap);
proto_tree_add_uint(fh_tree, hf_file_record_number, tvb, 0, 0, pinfo->num);
proto_tree_add_uint_format(fh_tree, hf_file_record_len, tvb,
0, 0, frame_len, "Record Length: %u byte%s (%u bits)",
frame_len, frame_plurality, frame_len * 8);
ti = proto_tree_add_boolean(fh_tree, hf_file_marked, tvb, 0, 0,pinfo->fd->flags.marked);
PROTO_ITEM_SET_GENERATED(ti);
ti = proto_tree_add_boolean(fh_tree, hf_file_ignored, tvb, 0, 0,pinfo->fd->flags.ignored);
PROTO_ITEM_SET_GENERATED(ti);
if(proto_field_is_referenced(tree, hf_file_protocols)) {
/* we are going to be using proto_item_append_string() on
* hf_frame_protocols, and we must therefore disable the
* TRY_TO_FAKE_THIS_ITEM() optimisation for the tree by
* setting it as visible.
*
* See proto.h for details.
*/
old_visible = proto_tree_set_visible(fh_tree, TRUE);
ti = proto_tree_add_string(fh_tree, hf_file_protocols, tvb, 0, 0, "");
PROTO_ITEM_SET_GENERATED(ti);
proto_tree_set_visible(fh_tree, old_visible);
}
if(pinfo->fd->pfd != 0){
proto_item *ppd_item;
guint num_entries = g_slist_length(pinfo->fd->pfd);
guint i;
ppd_item = proto_tree_add_uint(fh_tree, hf_file_num_p_prot_data, tvb, 0, 0, num_entries);
PROTO_ITEM_SET_GENERATED(ppd_item);
for(i=0; i<num_entries; i++){
gchar* str = p_get_proto_name_and_key(wmem_file_scope(), pinfo, i);
proto_tree_add_string_format(fh_tree, hf_file_proto_name_and_key, tvb, 0, 0, str, "%s", str);
}
}
#if 0
if (show_file_off) {
proto_tree_add_int64_format_value(fh_tree, hf_frame_file_off, tvb,
0, 0, pinfo->fd->file_off,
"%" G_GINT64_MODIFIER "d (0x%" G_GINT64_MODIFIER "x)",
pinfo->fd->file_off, pinfo->fd->file_off);
}
#endif
}
if (pinfo->fd->flags.ignored) {
/* Ignored package, stop handling here */
col_set_str(pinfo->cinfo, COL_INFO, "<Ignored>");
proto_tree_add_boolean_format(tree, hf_file_ignored, tvb, 0, -1, TRUE, "This record is marked as ignored");
return tvb_captured_length(tvb);
}
/* Portable Exception Handling to trap Wireshark specific exceptions like BoundsError exceptions */
TRY {
#ifdef _MSC_VER
/* Win32: Visual-C Structured Exception Handling (SEH) to trap hardware exceptions
like memory access violations.
(a running debugger will be called before the except part below) */
/* Note: A Windows "exceptional exception" may leave the kazlib's (Portable Exception Handling)
stack in an inconsistent state thus causing a crash at some point in the
handling of the exception.
See: https://www.wireshark.org/lists/wireshark-dev/200704/msg00243.html
*/
__try {
#endif
if (!dissector_try_uint(file_encap_dissector_table, pinfo->pkt_encap,
tvb, pinfo, parent_tree)) {
col_set_str(pinfo->cinfo, COL_PROTOCOL, "UNKNOWN");
col_add_fstr(pinfo->cinfo, COL_INFO, "FTAP_ENCAP = %d",
pinfo->pkt_encap);
call_dissector(data_handle,tvb, pinfo, parent_tree);
}
#ifdef _MSC_VER
} __except(EXCEPTION_EXECUTE_HANDLER /* handle all exceptions */) {
switch(GetExceptionCode()) {
case(STATUS_ACCESS_VIOLATION):
show_exception(tvb, pinfo, parent_tree, DissectorError,
"STATUS_ACCESS_VIOLATION: dissector accessed an invalid memory address");
break;
case(STATUS_INTEGER_DIVIDE_BY_ZERO):
show_exception(tvb, pinfo, parent_tree, DissectorError,
"STATUS_INTEGER_DIVIDE_BY_ZERO: dissector tried an integer division by zero");
break;
case(STATUS_STACK_OVERFLOW):
show_exception(tvb, pinfo, parent_tree, DissectorError,
"STATUS_STACK_OVERFLOW: dissector overflowed the stack (e.g. endless loop)");
/* XXX - this will have probably corrupted the stack,
which makes problems later in the exception code */
break;
/* XXX - add other hardware exception codes as required */
default:
show_exception(tvb, pinfo, parent_tree, DissectorError,
g_strdup_printf("dissector caused an unknown exception: 0x%x", GetExceptionCode()));
}
}
#endif
}
CATCH_BOUNDS_AND_DISSECTOR_ERRORS {
show_exception(tvb, pinfo, parent_tree, EXCEPT_CODE, GET_MESSAGE);
}
ENDTRY;
if(proto_field_is_referenced(tree, hf_file_protocols)) {
wmem_strbuf_t *val = wmem_strbuf_new(wmem_packet_scope(), "");
wmem_list_frame_t *frame;
/* skip the first entry, it's always the "frame" protocol */
frame = wmem_list_frame_next(wmem_list_head(pinfo->layers));
if (frame) {
wmem_strbuf_append(val, proto_get_protocol_filter_name(GPOINTER_TO_UINT(wmem_list_frame_data(frame))));
frame = wmem_list_frame_next(frame);
}
while (frame) {
wmem_strbuf_append_c(val, ':');
wmem_strbuf_append(val, proto_get_protocol_filter_name(GPOINTER_TO_UINT(wmem_list_frame_data(frame))));
frame = wmem_list_frame_next(frame);
}
proto_item_append_string(ti, wmem_strbuf_get_str(val));
}
/* Call postdissectors if we have any (while trying to avoid another
* TRY/CATCH)
*/
if (have_postdissector()) {
TRY {
#ifdef _MSC_VER
/* Win32: Visual-C Structured Exception Handling (SEH)
to trap hardware exceptions like memory access violations */
/* (a running debugger will be called before the except part below) */
/* Note: A Windows "exceptional exception" may leave the kazlib's (Portable Exception Handling)
stack in an inconsistent state thus causing a crash at some point in the
handling of the exception.
See: https://www.wireshark.org/lists/wireshark-dev/200704/msg00243.html
*/
__try {
#endif
call_all_postdissectors(tvb, pinfo, parent_tree);
#ifdef _MSC_VER
} __except(EXCEPTION_EXECUTE_HANDLER /* handle all exceptions */) {
switch(GetExceptionCode()) {
case(STATUS_ACCESS_VIOLATION):
show_exception(tvb, pinfo, parent_tree, DissectorError,
"STATUS_ACCESS_VIOLATION: dissector accessed an invalid memory address");
break;
case(STATUS_INTEGER_DIVIDE_BY_ZERO):
show_exception(tvb, pinfo, parent_tree, DissectorError,
"STATUS_INTEGER_DIVIDE_BY_ZERO: dissector tried an integer division by zero");
break;
case(STATUS_STACK_OVERFLOW):
show_exception(tvb, pinfo, parent_tree, DissectorError,
"STATUS_STACK_OVERFLOW: dissector overflowed the stack (e.g. endless loop)");
/* XXX - this will have probably corrupted the stack,
which makes problems later in the exception code */
break;
/* XXX - add other hardware exception codes as required */
default:
show_exception(tvb, pinfo, parent_tree, DissectorError,
g_strdup_printf("dissector caused an unknown exception: 0x%x", GetExceptionCode()));
}
}
#endif
}
CATCH_BOUNDS_AND_DISSECTOR_ERRORS {
show_exception(tvb, pinfo, parent_tree, EXCEPT_CODE, GET_MESSAGE);
}
ENDTRY;
}
/* Attempt to (re-)calculate color filters (if any). */
if (pinfo->fd->flags.need_colorize) {
color_filter = color_filters_colorize_packet(file_data->color_edt);
pinfo->fd->color_filter = color_filter;
pinfo->fd->flags.need_colorize = 0;
} else {
color_filter = pinfo->fd->color_filter;
}
if (color_filter) {
pinfo->fd->color_filter = color_filter;
item = proto_tree_add_string(fh_tree, hf_file_color_filter_name, tvb,
0, 0, color_filter->filter_name);
PROTO_ITEM_SET_GENERATED(item);
item = proto_tree_add_string(fh_tree, hf_file_color_filter_text, tvb,
0, 0, color_filter->filter_text);
PROTO_ITEM_SET_GENERATED(item);
}
tap_queue_packet(file_tap, pinfo, NULL);
if (pinfo->frame_end_routines) {
g_slist_foreach(pinfo->frame_end_routines, &call_file_record_end_routine, NULL);
g_slist_free(pinfo->frame_end_routines);
pinfo->frame_end_routines = NULL;
}
return tvb_captured_length(tvb);
}
acse_init(void)
{
if( acse_ctx_oid_table ){
g_hash_table_destroy(acse_ctx_oid_table);
acse_ctx_oid_table = NULL;
}
acse_ctx_oid_table = g_hash_table_new(acse_ctx_oid_hash,
acse_ctx_oid_equal);
}
static void
register_ctx_id_and_oid(packet_info *pinfo _U_, guint32 idx, char *oid)
{
acse_ctx_oid_t *aco, *tmpaco;
aco=wmem_new(wmem_file_scope(), acse_ctx_oid_t);
aco->ctx_id=idx;
aco->oid=wmem_strdup(wmem_file_scope(), oid);
/* if this ctx already exists, remove the old one first */
tmpaco=(acse_ctx_oid_t *)g_hash_table_lookup(acse_ctx_oid_table, aco);
if(tmpaco){
g_hash_table_remove(acse_ctx_oid_table, tmpaco);
}
g_hash_table_insert(acse_ctx_oid_table, aco, aco);
}
static char *
find_oid_by_ctx_id(packet_info *pinfo _U_, guint32 idx)
{
acse_ctx_oid_t aco, *tmpaco;
aco.ctx_id=idx;
static gint
dissect_usb_dfu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
{
proto_item *main_item;
proto_tree *main_tree;
proto_item *command_item;
proto_item *sub_item;
proto_tree *command_tree;
gint offset = 0;
gint p2p_dir_save;
guint8 command;
gint16 command_response = -1;
command_data_t *command_data = NULL;
wmem_tree_t *wmem_tree;
wmem_tree_key_t key[5];
guint32 bus_id;
guint32 device_address;
guint32 k_bus_id;
guint32 k_device_address;
guint32 k_frame_number;
gint32 block_number = -1;
usb_conv_info_t *usb_conv_info = (usb_conv_info_t *)data;
if (!usb_conv_info) return offset;
bus_id = usb_conv_info->bus_id;
device_address = usb_conv_info->device_address;
k_bus_id = bus_id;
k_device_address = device_address;
k_frame_number = pinfo->fd->num;
key[0].length = 1;
key[0].key = &k_bus_id;
key[1].length = 1;
key[1].key = &k_device_address;
main_item = proto_tree_add_item(tree, proto_usb_dfu, tvb, offset, -1, ENC_NA);
main_tree = proto_item_add_subtree(main_item, ett_usb_dfu);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "USB DFU");
p2p_dir_save = pinfo->p2p_dir;
pinfo->p2p_dir = (usb_conv_info->is_request) ? P2P_DIR_SENT : P2P_DIR_RECV;
switch (pinfo->p2p_dir) {
case P2P_DIR_SENT:
col_set_str(pinfo->cinfo, COL_INFO, "Sent ");
break;
case P2P_DIR_RECV:
col_set_str(pinfo->cinfo, COL_INFO, "Rcvd ");
break;
default:
col_add_fstr(pinfo->cinfo, COL_INFO, "Unknown direction ");
break;
}
if (usb_conv_info->is_setup) {
guint16 interface;
command_item = proto_tree_add_item(main_tree, hf_setup_command, tvb, offset, 1, ENC_NA);
command = tvb_get_guint8(tvb, offset);
if (!((usb_conv_info->setup_requesttype == 0x21 && (command == 0x00 || command == 0x01 || command == 0x04 || command == 0x06)) ||
(usb_conv_info->setup_requesttype == 0xa1 && (command == 0x02 || command == 0x03 || command == 0x05))))
expert_add_info(pinfo, command_item, &ei_invalid_command_for_request_type);
offset += 1;
col_append_fstr(pinfo->cinfo, COL_INFO, "Command: %s",
val_to_str_ext_const(command, &command_vals_ext, "Unknown"));
if (command == 0x00) { /* Detach */
proto_tree_add_item(main_tree, hf_setup_timeout, tvb, offset, 2, ENC_LITTLE_ENDIAN);
col_append_fstr(pinfo->cinfo, COL_INFO, " Timeout=%u", tvb_get_letohs(tvb, offset));
} else if (command == 0x01 || command == 0x02) { /* Download || Upload */
proto_tree_add_item(main_tree, hf_setup_block_number, tvb, offset, 2, ENC_LITTLE_ENDIAN);
col_append_fstr(pinfo->cinfo, COL_INFO, " Block Number=%u", tvb_get_letohs(tvb, offset));
block_number = tvb_get_letohs(tvb, offset);
} else {
proto_tree_add_item(main_tree, hf_setup_unused, tvb, offset, 2, ENC_LITTLE_ENDIAN);
}
offset += 2;
proto_tree_add_item(main_tree, hf_setup_interface, tvb, offset, 2, ENC_LITTLE_ENDIAN);
interface = tvb_get_letohs(tvb, offset);
offset += 2;
proto_tree_add_item(main_tree, hf_setup_length, tvb, offset, 2, ENC_LITTLE_ENDIAN);
offset += 2;
if (command == 0x01) { /* Download */
proto_tree_add_item(main_tree, hf_data, tvb, offset, -1, ENC_NA);
offset = tvb_length(tvb);
}
if (tvb_length_remaining(tvb, offset) > 0) {
proto_tree_add_expert(main_tree, pinfo, &ei_unexpected_data, tvb, offset, tvb_length_remaining(tvb, offset));
offset = tvb_length(tvb);
}
/* Save request info (command_data) */
if (!pinfo->fd->flags.visited && command != 21) {
key[2].length = 1;
key[2].key = &k_frame_number;
key[3].length = 0;
key[3].key = NULL;
command_data = wmem_new(wmem_file_scope(), command_data_t);
command_data->bus_id = bus_id;
command_data->device_address = device_address;
command_data->command = command;
command_data->interface = interface;
command_data->command_frame_number = pinfo->fd->num;
command_data->block_number = block_number;
wmem_tree_insert32_array(command_info, key, command_data);
}
pinfo->p2p_dir = p2p_dir_save;
return offset;
}
/* Get request info (command_data) */
key[2].length = 0;
key[2].key = NULL;
wmem_tree = (wmem_tree_t *) wmem_tree_lookup32_array(command_info, key);
if (wmem_tree) {
command_data = (command_data_t *) wmem_tree_lookup32_le(wmem_tree, pinfo->fd->num);
if (command_data) {
command_response = command_data->command;
block_number = command_data->block_number;
}
}
if (!command_data) {
col_append_str(pinfo->cinfo, COL_INFO, "Response: Unknown");
proto_tree_add_expert(main_tree, pinfo, &ei_unknown_data, tvb, offset, tvb_length_remaining(tvb, offset));
pinfo->p2p_dir = p2p_dir_save;
return tvb_length(tvb);
}
col_append_fstr(pinfo->cinfo, COL_INFO, "Response: %s",
val_to_str_ext_const(command_response, &command_vals_ext, "Unknown"));
command_item = proto_tree_add_uint(main_tree, hf_response, tvb, offset, 0, command_response);
command_tree = proto_item_add_subtree(command_item, ett_command);
PROTO_ITEM_SET_GENERATED(command_item);
if (command_data) {
command_item = proto_tree_add_uint(main_tree, hf_setup_interface, tvb, offset, 0, command_data->interface);
PROTO_ITEM_SET_GENERATED(command_item);
command_item = proto_tree_add_uint(main_tree, hf_command_in_frame, tvb, offset, 0, command_data->command_frame_number);
PROTO_ITEM_SET_GENERATED(command_item);
}
switch (command_response) {
case 0x02: /* Upload */
if (block_number != -1) {
sub_item = proto_tree_add_uint(main_tree, hf_setup_block_number, tvb, offset, 0, block_number);
PROTO_ITEM_SET_GENERATED(sub_item);
col_append_fstr(pinfo->cinfo, COL_INFO, " Block Number=%u", block_number);
}
proto_tree_add_item(main_tree, hf_data, tvb, offset, -1, ENC_NA);
offset = tvb_length(tvb);
break;
case 0x03: /* Get Status */
col_append_fstr(pinfo->cinfo, COL_INFO, " = Status: %s, PollTimeout: %u ms, State: %s",
val_to_str_ext_const(tvb_get_guint8(tvb, offset), &status_vals_ext, "Unknown"),
tvb_get_letoh24(tvb, offset + 1),
val_to_str_ext_const(tvb_get_guint8(tvb, offset + 4), &state_vals_ext, "Unknown"));
proto_tree_add_item(main_tree, hf_status, tvb, offset, 1, ENC_NA);
offset += 1;
proto_tree_add_item(main_tree, hf_poll_timeout, tvb, offset, 3, ENC_LITTLE_ENDIAN);
offset += 3;
proto_tree_add_item(main_tree, hf_state, tvb, offset, 1, ENC_NA);
offset += 1;
proto_tree_add_item(main_tree, hf_iString, tvb, offset, 1, ENC_NA);
offset += 1;
break;
case 0x05: /* Get State */
proto_tree_add_item(main_tree, hf_state, tvb, offset, 1, ENC_NA);
col_append_fstr(pinfo->cinfo, COL_INFO, " = %s",
val_to_str_ext_const(tvb_get_guint8(tvb, offset), &state_vals_ext, "Unknown"));
offset += 1;
break;
case 0x00: /* Detach */
case 0x01: /* Download */
case 0x04: /* Clear Status */
case 0x06: /* Abort */
default:
proto_tree_add_expert(command_tree, pinfo, &ei_unexpected_response, tvb, offset, 0);
if (tvb_length_remaining(tvb, offset) > 0) {
proto_tree_add_expert(main_tree, pinfo, &ei_unknown_data, tvb, offset, -1);
offset = tvb_length(tvb);
}
}
pinfo->p2p_dir = p2p_dir_save;
return offset;
}
/* Code to actually dissect the packets */
static void
dissect_brdwlk(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
/* Set up structures needed to add the protocol subtree and manage it */
proto_item *ti, *hidden_item;
proto_tree *brdwlk_tree = NULL;
tvbuff_t *next_tvb;
guint8 error, eof, sof;
int hdrlen = 2,
offset = 0;
gint len, reported_len, plen;
guint16 pkt_cnt;
gboolean dropped_packets;
fc_data_t fc_data;
/* Make entries in Protocol column and Info column on summary display */
col_set_str(pinfo->cinfo, COL_PROTOCOL, "Boardwalk");
col_clear(pinfo->cinfo, COL_INFO);
sof = (tvb_get_guint8(tvb, offset) & 0xF0) >> 4;
fc_data.sof_eof = 0;
if ((sof == FCM_DELIM_SOFI3) || (sof == FCM_DELIM_SOFI2) || (sof == FCM_DELIM_SOFI1)
|| (sof == FCM_DELIM_SOFI4)) {
fc_data.sof_eof = FC_DATA_SOF_FIRST_FRAME;
}
else if (sof == FCM_DELIM_SOFF) {
fc_data.sof_eof = FC_DATA_SOF_SOFF;
}
if (tree) {
ti = proto_tree_add_protocol_format(tree, proto_brdwlk, tvb, 0,
hdrlen, "Boardwalk");
brdwlk_tree = proto_item_add_subtree(ti, ett_brdwlk);
proto_tree_add_item(brdwlk_tree, hf_brdwlk_sof, tvb, offset, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(brdwlk_tree, hf_brdwlk_vsan, tvb, offset, 2, ENC_BIG_ENDIAN);
}
/* Locate EOF which is the last 4 bytes of the frame */
len = tvb_length_remaining(tvb, hdrlen);
reported_len = tvb_reported_length_remaining(tvb, hdrlen);
if (reported_len < 4) {
/*
* This packet is claimed not to even have enough data for
* a 4-byte EOF.
* Don't try to process the EOF.
*/
;
}
else if (len < reported_len) {
/*
* This packet is claimed to have enough data for a 4-byte EOF,
* but we didn't capture all of the packet.
* Slice off the 4-byte EOF from the reported length, and trim
* the captured length so it's no more than the reported length;
* that will slice off what of the EOF, if any, is in the
* captured length.
*/
reported_len -= 4;
if (len > reported_len)
len = reported_len;
}
else {
/*
* We have the entire packet, and it includes a 4-byte EOF.
* Slice it off, and put it into the tree if we're building
* a tree.
*/
len -= 4;
reported_len -= 4;
offset = tvb_reported_length(tvb) - 4;
pkt_cnt = tvb_get_ntohs(tvb, offset);
if (tree) {
proto_tree_add_uint(brdwlk_tree, hf_brdwlk_pktcnt, tvb, offset,
2, pkt_cnt);
}
dropped_packets = FALSE;
if (pinfo->fd->flags.visited) {
/*
* This isn't the first pass, so we can't use the global
* "packet_count" variable to determine whether there were
* any dropped frames or not.
* We therefore attach a non-null pointer as frame data to
* any frame preceded by dropped packets.
*/
if (p_get_proto_data(wmem_file_scope(), pinfo, proto_brdwlk, 0) != NULL)
dropped_packets = TRUE;
} else {
/*
* This is the first pass, so we have to use the global
* "packet_count" variable to determine whether there were
* any dropped frames or not.
*
* XXX - can there be more than one stream of packets, so that
* we can't just use a global variable?
*/
if (pkt_cnt != packet_count + 1) {
if (!first_pkt &&
(pkt_cnt != 0 || (packet_count != BRDWLK_MAX_PACKET_CNT))) {
dropped_packets = TRUE;
/*
* Mark this frame as having been preceded by dropped
* packets. (The data we use as the frame data doesn't
* matter - it just matters that it's non-null.)
*/
p_add_proto_data(wmem_file_scope(), pinfo, proto_brdwlk, 0, &packet_count);
}
}
}
if (tree) {
hidden_item = proto_tree_add_boolean(brdwlk_tree, hf_brdwlk_drop,
tvb, offset, 0, dropped_packets);
PROTO_ITEM_SET_HIDDEN(hidden_item);
}
packet_count = pkt_cnt;
error=tvb_get_guint8(tvb, offset+2);
dissect_brdwlk_err(brdwlk_tree, tvb, offset+2);
eof = tvb_get_guint8(tvb, offset+3);
if (eof != FCM_DELIM_EOFN) {
fc_data.sof_eof |= FC_DATA_EOF_LAST_FRAME;
}
else if (eof != FCM_DELIM_EOFT) {
fc_data.sof_eof |= FC_DATA_EOF_INVALID;
}
if (tree) {
proto_tree_add_item(brdwlk_tree, hf_brdwlk_eof, tvb, offset+3,
1, ENC_BIG_ENDIAN);
}
if ((error & BRDWLK_HAS_PLEN) && tree) {
/* In newer Boardwalks, if this bit is set, the actual frame length
* is also provided. This length is the size between SOF & EOF
* including FC CRC.
*/
plen = tvb_get_ntohl(tvb, offset-4);
plen *= 4;
proto_tree_add_uint(brdwlk_tree, hf_brdwlk_plen, tvb, offset-4,
4, plen);
#if 0
/* XXX - this would throw an exception if it would increase
* the reported length.
*/
if (error & BRDWLK_TRUNCATED_BIT) {
tvb_set_reported_length(tvb, plen);
}
#endif
}
}
fc_data.ethertype = ETHERTYPE_BRDWALK;
next_tvb = tvb_new_subset(tvb, 2, len, reported_len);
call_dissector_with_data(fc_dissector_handle, next_tvb, pinfo, tree, &fc_data);
}
&hf_rtp_events_volume,
NULL
};
col_set_str(pinfo->cinfo, COL_PROTOCOL, "RTP EVENT");
col_clear(pinfo->cinfo, COL_INFO);
/* Get event fields */
rtp_evt = tvb_get_guint8(tvb, offset );
/* get tap info */
rtp_event_info.info_rtp_evt = rtp_evt;
p_conv_data = (struct _rtp_conversation_info *)p_get_proto_data(wmem_file_scope(), pinfo, proto_get_id_by_filter_name("rtp"), 0);
if (p_conv_data)
rtp_event_info.info_setup_frame_num = p_conv_data->frame_number;
else
rtp_event_info.info_setup_frame_num = 0;
col_add_fstr( pinfo->cinfo, COL_INFO,
"Payload type=RTP Event, %s",
val_to_str_ext( rtp_evt, &rtp_event_type_values_ext, "Unknown (%u)" ));
ti = proto_tree_add_item( tree, proto_rtp_events, tvb, offset, -1, ENC_NA );
rtp_events_tree = proto_item_add_subtree( ti, ett_rtp_events );
proto_tree_add_uint ( rtp_events_tree, hf_rtp_events_event, tvb, offset, 1, rtp_evt);
offset++;
gcp_msg_t* gcp_msg(packet_info* pinfo, int o, gboolean keep_persistent_data) {
gcp_msg_t* m;
guint32 framenum = (guint32)pinfo->fd->num;
guint32 offset = (guint32)o;
address* src = &(pinfo->src);
address* dst = &(pinfo->dst);
address* lo_addr;
address* hi_addr;
if (keep_persistent_data) {
wmem_tree_key_t key[3];
key[0].length = 1;
key[0].key = &(framenum);
key[1].length = 1;
key[1].key = &offset;
key[2].length = 0;
key[2].key =NULL;
if (( m = (gcp_msg_t *)wmem_tree_lookup32_array(msgs,key) )) {
m->committed = TRUE;
return m;
} else {
m = wmem_new(wmem_file_scope(), gcp_msg_t);
m->framenum = framenum;
m->time = pinfo->fd->abs_ts;
m->trxs = NULL;
m->committed = FALSE;
wmem_tree_insert32_array(msgs,key,m);
}
} else {
m = wmem_new0(wmem_packet_scope(), gcp_msg_t);
m->framenum = framenum;
m->trxs = NULL;
m->committed = FALSE;
}
if (CMP_ADDRESS(src, dst) < 0) {
lo_addr = src;
hi_addr = dst;
} else {
lo_addr = dst;
hi_addr = src;
}
switch(lo_addr->type) {
case AT_NONE:
m->lo_addr = 0;
m->hi_addr = 0;
break;
case AT_IPv4:
memcpy((guint8*)&(m->hi_addr),hi_addr->data,4);
memcpy((guint8*)&(m->lo_addr),lo_addr->data,4);
break;
case AT_SS7PC:
m->hi_addr = mtp3_pc_hash((const mtp3_addr_pc_t *)hi_addr->data);
m->lo_addr = mtp3_pc_hash((const mtp3_addr_pc_t *)lo_addr->data);
break;
default:
/* XXX: heuristic and error prone */
m->hi_addr = g_str_hash(address_to_str(wmem_packet_scope(), hi_addr));
m->lo_addr = g_str_hash(address_to_str(wmem_packet_scope(), lo_addr));
break;
}
return m;
}
static void
dissect_ata_pdu(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int offset, gboolean response, guint32 tag)
{
proto_item *tmp_item;
guint8 aflags;
guint64 lba;
ata_info_t *ata_info=NULL;
conversation_t *conversation;
/* only create a conversation for ATA commands */
conversation = find_or_create_conversation(pinfo);
if( !(pinfo->fd->flags.visited) ){
if(!response){
ata_info_t *tmp_ata_info;
/* first time we see this request so add a struct for request/response
matching */
ata_info=wmem_new(wmem_file_scope(), ata_info_t);
ata_info->tag=tag;
ata_info->conversation=conversation;
ata_info->request_frame=pinfo->fd->num;
ata_info->response_frame=0;
ata_info->cmd=tvb_get_guint8(tvb, offset+3);
ata_info->req_time=pinfo->fd->abs_ts;
tmp_ata_info=(ata_info_t *)g_hash_table_lookup(ata_cmd_unmatched, ata_info);
if(tmp_ata_info){
g_hash_table_remove(ata_cmd_unmatched, tmp_ata_info);
}
g_hash_table_insert(ata_cmd_unmatched, ata_info, ata_info);
} else {
ata_info_t tmp_ata_info;
/* first time we see this response so see if we can match it with
a request */
tmp_ata_info.tag=tag;
tmp_ata_info.conversation=conversation;
ata_info=(ata_info_t *)g_hash_table_lookup(ata_cmd_unmatched, &tmp_ata_info);
/* woo hoo we could, so no need to store this in unmatched any more,
move both request and response to the matched table */
if(ata_info){
ata_info->response_frame=pinfo->fd->num;
g_hash_table_remove(ata_cmd_unmatched, ata_info);
g_hash_table_insert(ata_cmd_matched, GUINT_TO_POINTER(ata_info->request_frame), ata_info);
g_hash_table_insert(ata_cmd_matched, GUINT_TO_POINTER(ata_info->response_frame), ata_info);
}
}
} else {
ata_info=(ata_info_t *)g_hash_table_lookup(ata_cmd_matched, GUINT_TO_POINTER(pinfo->fd->num));
}
if(ata_info){
if(response){
if(ata_info->request_frame){
nstime_t delta_ts;
tmp_item=proto_tree_add_uint(tree, hf_aoe_response_to, tvb, 0, 0, ata_info->request_frame);
PROTO_ITEM_SET_GENERATED(tmp_item);
nstime_delta(&delta_ts, &pinfo->fd->abs_ts, &ata_info->req_time);
tmp_item=proto_tree_add_time(tree, hf_aoe_time, tvb, offset, 0, &delta_ts);
PROTO_ITEM_SET_GENERATED(tmp_item);
}
} else {
if(ata_info->response_frame){
tmp_item=proto_tree_add_uint(tree, hf_aoe_response_in, tvb, 0, 0, ata_info->response_frame);
PROTO_ITEM_SET_GENERATED(tmp_item);
}
}
}
/* aflags */
aflags=tvb_get_guint8(tvb, offset);
proto_tree_add_item(tree, hf_aoe_aflags_e, tvb, offset, 1, ENC_BIG_ENDIAN);
if(aflags&AOE_AFLAGS_E){
proto_tree_add_item(tree, hf_aoe_aflags_d, tvb, offset, 1, ENC_BIG_ENDIAN);
}
if(aflags&AOE_AFLAGS_W){
proto_tree_add_item(tree, hf_aoe_aflags_a, tvb, offset, 1, ENC_BIG_ENDIAN);
}
proto_tree_add_item(tree, hf_aoe_aflags_w, tvb, offset, 1, ENC_BIG_ENDIAN);
offset++;
/* err/feature */
proto_tree_add_item(tree, hf_aoe_err_feature, tvb, offset, 1, ENC_BIG_ENDIAN);
offset++;
/* sector count */
proto_tree_add_item(tree, hf_aoe_sector_count, tvb, offset, 1, ENC_BIG_ENDIAN);
offset++;
/* ata command/status */
if(!response){
proto_tree_add_item(tree, hf_aoe_acmd, tvb, offset, 1, ENC_BIG_ENDIAN);
col_append_fstr(pinfo->cinfo, COL_INFO, " ATA:%s", val_to_str(tvb_get_guint8(tvb, offset), ata_cmd_vals, " Unknown ATA<0x%02x>"));
} else {
proto_tree_add_item(tree, hf_aoe_astatus, tvb, offset, 1, ENC_BIG_ENDIAN);
if(ata_info != NULL && ata_info->request_frame){
/* we don't know what command it was unless we saw the request_frame */
tmp_item=proto_tree_add_uint(tree, hf_aoe_acmd, tvb, 0, 0, ata_info->cmd);
PROTO_ITEM_SET_GENERATED(tmp_item);
col_append_fstr(pinfo->cinfo, COL_INFO, " ATA:%s", val_to_str(ata_info->cmd, ata_cmd_vals, " Unknown ATA<0x%02x>"));
}
}
offset++;
/*lba probably complete wrong */
lba=tvb_get_letohs(tvb, offset+4);
lba=(lba<<32)|tvb_get_letohl(tvb, offset);
offset+=8;
proto_tree_add_uint64(tree, hf_aoe_lba, tvb, offset-8, 6, lba);
}
/*
* Dissect a standard (reliable) ts2 packet, reassembling if required.
*/
static void ts2_standard_dissect(tvbuff_t *tvb, packet_info *pinfo, proto_tree *ts2_tree, ts2_conversation *conversation_data)
{
guint8 save_fragmented;
tvbuff_t *new_tvb, *next_tvb;
fragment_head *frag_msg ;
guint16 fragment_number;
ts2_frag *frag;
gboolean outoforder;
guint16 type = tvb_get_letohs(tvb, 2);
/*guint16 klass = tvb_get_letohs(tvb, 0);*/
proto_tree_add_item(ts2_tree, hf_ts2_seqnum, tvb, 12, 4, ENC_LITTLE_ENDIAN);
/* XXX: Following fragmentation stuff should be separate from the GUI stuff ?? */
/* Get our stored fragmentation data or create one! */
if ( ! ( frag = (ts2_frag *)p_get_proto_data(wmem_file_scope(), pinfo, proto_ts2, 0) ) ) {
frag = wmem_new(wmem_file_scope(), ts2_frag);
frag->frag_num=0;
}
/* decide if the packet is server to client or client to server
* then check its fragmentation
*/
if(!(pinfo->fd->flags.visited))
{
if(conversation_data->server_port == pinfo->srcport)
{
frag->fragmented = ts2_standard_find_fragments(tvb, &conversation_data->last_inorder_server_frame, &conversation_data->server_frag_size, &conversation_data->server_frag_num, &outoforder);
frag->frag_num=conversation_data->server_frag_num;
frag->frag_size=conversation_data->server_frag_size;
}
else
{
frag->fragmented = ts2_standard_find_fragments(tvb, &conversation_data->last_inorder_client_frame, &conversation_data->client_frag_size, &conversation_data->client_frag_num, &outoforder);
frag->frag_num=conversation_data->client_frag_num;
frag->frag_size=conversation_data->client_frag_size;
}
frag->outoforder=outoforder;
p_add_proto_data(wmem_file_scope(), pinfo, proto_ts2, 0, frag);
}
/* Get our stored fragmentation data */
frag = (ts2_frag *)p_get_proto_data(wmem_file_scope(), pinfo, proto_ts2, 0);
proto_tree_add_item(ts2_tree, hf_ts2_resend_count, tvb, 16, 2, ENC_LITTLE_ENDIAN);
proto_tree_add_item(ts2_tree, hf_ts2_fragmentnumber, tvb, 18, 2, ENC_LITTLE_ENDIAN);
ts2_add_checked_crc32(ts2_tree, hf_ts2_crc32, tvb, 20, tvb_get_letohl(tvb, 20));
/* Reassemble the packet if it's fragmented */
new_tvb = NULL;
if(frag && frag->fragmented)
{
save_fragmented = pinfo->fragmented;
frag_msg = NULL;
pinfo->fragmented = TRUE;
fragment_number = tvb_get_letohs(tvb, 18);
frag_msg = fragment_add_seq_check(&msg_reassembly_table, tvb, 24, pinfo, type, NULL, frag->frag_num, tvb_captured_length_remaining(tvb, 24), fragment_number);
new_tvb = process_reassembled_data(tvb, 24, pinfo,"Reassembled TeamSpeak2", frag_msg, &msg_frag_items, NULL, ts2_tree);
if (frag_msg) /* XXX: should be if (new_tvb) ?? */
{ /* Reassembled */
col_append_str(pinfo->cinfo, COL_INFO, " (Message Reassembled)");
}
else
{ /* Not last packet of reassembled Short Message */
col_append_fstr(pinfo->cinfo, COL_INFO," (Message fragment %u)", frag->frag_num);
}
if (new_tvb)
next_tvb = new_tvb;
else
next_tvb = tvb_new_subset_remaining(tvb, 24);
pinfo->fragmented = save_fragmented;
}
else
next_tvb = tvb_new_subset_remaining(tvb, 24);
/* If we have a full packet now dissect it */
if((new_tvb || (frag && !frag->fragmented)) && !frag->outoforder)
{
switch(type)
{
case TS2T_LOGINPART2:
ts2_parse_loginpart2(next_tvb, ts2_tree);
break;
case TS2T_CHANNELLIST:
ts2_parse_channellist(next_tvb, ts2_tree);
break;
case TS2T_PLAYERLIST:
ts2_parse_playerlist(next_tvb, ts2_tree);
break;
case TS2T_NEWPLAYERJOINED:
ts2_parse_newplayerjoined(next_tvb, ts2_tree);
break;
case TS2T_KNOWNPLAYERUPDATE:
ts2_parse_knownplayerupdate(next_tvb, ts2_tree);
break;
case TS2T_PLAYERLEFT:
ts2_parse_playerleft(next_tvb, ts2_tree);
break;
case TS2T_PLAYERKICKED:
ts2_parse_playerleft(next_tvb, ts2_tree);
break;
case TS2T_LOGINEND:
ts2_parse_loginend(next_tvb, ts2_tree);
break;
case TS2T_CHANGESTATUS:
ts2_parse_changestatus(next_tvb, ts2_tree);
break;
case TS2T_SWITCHCHANNEL:
ts2_parse_switchchannel(next_tvb, ts2_tree);
break;
case TS2T_CHANNELCHANGE:
ts2_parse_channelchange(next_tvb, ts2_tree);
break;
}
}
/* The packet is out of order, update the cinfo and ignore the packet */
if(frag && frag->outoforder)
col_append_str(pinfo->cinfo, COL_INFO, " (Out Of Order, ignored)");
}
static void
dissect_exec(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
/* Set up structures needed to add the protocol subtree and manage it */
proto_item *ti;
proto_tree *exec_tree=NULL;
/* Variables for extracting and displaying data from the packet */
guchar *field_stringz; /* Temporary storage for each field we extract */
gint length;
guint offset = 0;
conversation_t *conversation;
exec_hash_entry_t *hash_info;
conversation = find_or_create_conversation(pinfo);
/* Retrieve information from conversation
* or add it if it isn't there yet
*/
hash_info = (exec_hash_entry_t *)conversation_get_proto_data(conversation, proto_exec);
if(!hash_info){
hash_info = wmem_new(wmem_file_scope(), exec_hash_entry_t);
hash_info->first_packet_number = pinfo->fd->num;
hash_info->second_packet_number = 0;
hash_info->third_packet_number = 0;
hash_info->fourth_packet_number = 0;
hash_info->state = WAIT_FOR_STDERR_PORT; /* The first field we'll see */
/* Start with empty username and command strings */
hash_info->username=NULL;
hash_info->command=NULL;
/* These will be set on the first pass by the first
* four packets of the conversation
*/
hash_info->first_packet_state = NONE;
hash_info->second_packet_state = NONE;
hash_info->third_packet_state = NONE;
hash_info->fourth_packet_state = NONE;
conversation_add_proto_data(conversation, proto_exec, hash_info);
}
/* Store the number of the first three packets of this conversation
* as we reach them the first time */
if(!hash_info->second_packet_number
&& pinfo->fd->num > hash_info->first_packet_number){
/* We're on the second packet of the conversation */
hash_info->second_packet_number = pinfo->fd->num;
} else if(hash_info->second_packet_number
&& !hash_info->third_packet_number
&& pinfo->fd->num > hash_info->second_packet_number) {
/* We're on the third packet of the conversation */
hash_info->third_packet_number = pinfo->fd->num;
} else if(hash_info->third_packet_number
&& !hash_info->fourth_packet_number
&& pinfo->fd->num > hash_info->third_packet_number) {
/* We're on the fourth packet of the conversation */
hash_info->fourth_packet_number = pinfo->fd->num;
}
/* Save this packet's state so we can retrieve it if this packet
* is selected again later. If the packet's state was already stored,
* then retrieve it */
if(pinfo->fd->num == hash_info->first_packet_number){
if(hash_info->first_packet_state == NONE){
hash_info->first_packet_state = hash_info->state;
} else {
hash_info->state = hash_info->first_packet_state;
}
}
if(pinfo->fd->num == hash_info->second_packet_number){
if(hash_info->second_packet_state == NONE){
hash_info->second_packet_state = hash_info->state;
} else {
hash_info->state = hash_info->second_packet_state;
}
}
if(pinfo->fd->num == hash_info->third_packet_number){
if(hash_info->third_packet_state == NONE){
hash_info->third_packet_state = hash_info->state;
} else {
hash_info->state = hash_info->third_packet_state;
}
}
if(pinfo->fd->num == hash_info->fourth_packet_number){
if(hash_info->fourth_packet_state == NONE){
hash_info->fourth_packet_state = hash_info->state;
} else {
hash_info->state = hash_info->fourth_packet_state;
}
}
col_set_str(pinfo->cinfo, COL_PROTOCOL, "EXEC");
/* First, clear the info column */
col_clear(pinfo->cinfo, COL_INFO);
/*username */
if(hash_info->username && preference_info_show_username == TRUE){
col_append_fstr(pinfo->cinfo, COL_INFO, "Username:%s ", hash_info->username);
}
/* Command */
if(hash_info->command && preference_info_show_command == TRUE){
col_append_fstr(pinfo->cinfo, COL_INFO, "Command:%s ", hash_info->command);
}
/* create display subtree for the protocol */
ti = proto_tree_add_item(tree, proto_exec, tvb, 0, -1, ENC_NA);
exec_tree = proto_item_add_subtree(ti, ett_exec);
/* If this packet doesn't end with a null terminated string,
* then it must be session data only and we can skip looking
* for the other fields.
*/
if(tvb_find_guint8(tvb, tvb_length(tvb)-1, 1, '\0') == -1){
hash_info->state = WAIT_FOR_DATA;
}
if(hash_info->state == WAIT_FOR_STDERR_PORT
&& tvb_length_remaining(tvb, offset)){
field_stringz = tvb_get_stringz_enc(wmem_packet_scope(), tvb, offset, &length, ENC_ASCII);
/* Check if this looks like the stderr_port field.
* It is optional, so it may only be 1 character long
* (the NULL)
*/
if(length == 1 || (isdigit_string(field_stringz)
&& length <= EXEC_STDERR_PORT_LEN)){
proto_tree_add_string(exec_tree, hf_exec_stderr_port, tvb, offset, length, (gchar*)field_stringz);
/* Next field we need */
hash_info->state = WAIT_FOR_USERNAME;
} else {
/* Since the data doesn't match this field, it must be data only */
hash_info->state = WAIT_FOR_DATA;
}
/* Used if the next field is in the same packet */
offset += length;
}
if(hash_info->state == WAIT_FOR_USERNAME
&& tvb_length_remaining(tvb, offset)){
field_stringz = tvb_get_stringz_enc(wmem_packet_scope(), tvb, offset, &length, ENC_ASCII);
/* Check if this looks like the username field */
if(length != 1 && length <= EXEC_USERNAME_LEN
&& isprint_string(field_stringz)){
proto_tree_add_string(exec_tree, hf_exec_username, tvb, offset, length, (gchar*)field_stringz);
/* Store the username so we can display it in the
* info column of the entire conversation
*/
if(!hash_info->username){
hash_info->username=wmem_strdup(wmem_file_scope(), (gchar*)field_stringz);
}
/* Next field we need */
hash_info->state = WAIT_FOR_PASSWORD;
} else {
/* Since the data doesn't match this field, it must be data only */
hash_info->state = WAIT_FOR_DATA;
}
/* Used if the next field is in the same packet */
offset += length;
}
if(hash_info->state == WAIT_FOR_PASSWORD
&& tvb_length_remaining(tvb, offset)){
field_stringz = tvb_get_stringz_enc(wmem_packet_scope(), tvb, offset, &length, ENC_ASCII);
/* Check if this looks like the password field */
if(length != 1 && length <= EXEC_PASSWORD_LEN
&& isprint_string(field_stringz)){
proto_tree_add_string(exec_tree, hf_exec_password, tvb, offset, length, (gchar*)field_stringz);
/* Next field we need */
hash_info->state = WAIT_FOR_COMMAND;
} else {
/* Since the data doesn't match this field, it must be data only */
hash_info->state = WAIT_FOR_DATA;
}
/* Used if the next field is in the same packet */
offset += length;
/* Next field we are looking for */
hash_info->state = WAIT_FOR_COMMAND;
}
if(hash_info->state == WAIT_FOR_COMMAND
&& tvb_length_remaining(tvb, offset)){
field_stringz = tvb_get_stringz_enc(wmem_packet_scope(), tvb, offset, &length, ENC_ASCII);
/* Check if this looks like the command field */
if(length != 1 && length <= EXEC_COMMAND_LEN
&& isprint_string(field_stringz)){
proto_tree_add_string(exec_tree, hf_exec_command, tvb, offset, length, (gchar*)field_stringz);
/* Store the command so we can display it in the
* info column of the entire conversation
*/
if(!hash_info->command){
hash_info->command=wmem_strdup(wmem_file_scope(), (gchar*)field_stringz);
}
} else {
/* Since the data doesn't match this field, it must be data only */
hash_info->state = WAIT_FOR_DATA;
}
}
if(hash_info->state == WAIT_FOR_DATA
&& tvb_length_remaining(tvb, offset)){
if(pinfo->destport == EXEC_PORT){
/* Packet going to the server */
/* offset = 0 since the whole packet is data */
proto_tree_add_item(exec_tree, hf_exec_client_server_data, tvb, 0, -1, ENC_NA);
col_append_str(pinfo->cinfo, COL_INFO, "Client -> Server data");
} else {
/* This packet must be going back to the client */
/* offset = 0 since the whole packet is data */
proto_tree_add_item(exec_tree, hf_exec_server_client_data, tvb, 0, -1, ENC_NA);
col_append_str(pinfo->cinfo, COL_INFO, "Server -> Client Data");
}
}
/* We haven't seen all of the fields yet */
if(hash_info->state < WAIT_FOR_DATA){
col_set_str(pinfo->cinfo, COL_INFO, "Session Establishment");
}
}
static void
dissect_smb_direct_payload(tvbuff_t *tvb, packet_info *pinfo,
proto_tree *tree, guint32 remaining_length)
{
gboolean save_fragmented = pinfo->fragmented;
int save_visited = pinfo->fd->flags.visited;
conversation_t *conversation = NULL;
fragment_head *fd_head = NULL;
tvbuff_t *payload_tvb = NULL;
gboolean more_frags = FALSE;
gboolean fd_head_not_cached = FALSE;
heur_dtbl_entry_t *hdtbl_entry;
if (!smb_direct_reassemble) {
payload_tvb = tvb;
goto dissect_payload;
}
conversation = find_or_create_conversation(pinfo);
if (remaining_length > 0) {
more_frags = TRUE;
}
fd_head = (fragment_head *)p_get_proto_data(wmem_file_scope(), pinfo, proto_smb_direct, 0);
if (fd_head == NULL) {
fd_head_not_cached = TRUE;
pinfo->fd->flags.visited = 0;
fd_head = fragment_add_seq_next(&smb_direct_reassembly_table,
tvb, 0, pinfo,
conversation->index,
NULL, tvb_captured_length(tvb),
more_frags);
}
if (fd_head == NULL) {
/*
* We really want the fd_head and pass it to
* process_reassembled_data()
*
* So that individual fragments gets the
* reassembled in field.
*/
fd_head = fragment_get_reassembled_id(&smb_direct_reassembly_table,
pinfo,
conversation->index);
}
if (fd_head == NULL) {
/*
* we need more data...
*/
goto done;
}
if (fd_head_not_cached) {
p_add_proto_data(wmem_file_scope(), pinfo,
proto_smb_direct, 0, fd_head);
}
payload_tvb = process_reassembled_data(tvb, 0, pinfo,
"Reassembled SMB Direct",
fd_head,
&smb_direct_frag_items,
NULL, /* update_col_info*/
tree);
if (payload_tvb == NULL) {
/*
* we need more data...
*/
goto done;
}
dissect_payload:
pinfo->fragmented = FALSE;
if (!dissector_try_heuristic(smb_direct_heur_subdissector_list,
payload_tvb, pinfo, tree, &hdtbl_entry, NULL)) {
call_data_dissector(payload_tvb, pinfo, tree);
}
done:
pinfo->fragmented = save_fragmented;
pinfo->fd->flags.visited = save_visited;
return;
}
/* Set up an T38 conversation */
void t38_add_address(packet_info *pinfo,
address *addr, int port,
int other_port,
const gchar *setup_method, guint32 setup_frame_number)
{
address null_addr;
conversation_t* p_conversation;
t38_conv* p_conversation_data = NULL;
/*
* If this isn't the first time this packet has been processed,
* we've already done this work, so we don't need to do it
* again.
*/
if ((pinfo->fd->flags.visited) || (t38_udp_handle == NULL))
{
return;
}
SET_ADDRESS(&null_addr, AT_NONE, 0, NULL);
/*
* Check if the ip address and port combination is not
* already registered as a conversation.
*/
p_conversation = find_conversation( setup_frame_number, addr, &null_addr, PT_UDP, port, other_port,
NO_ADDR_B | (!other_port ? NO_PORT_B : 0));
/*
* If not, create a new conversation.
*/
if ( !p_conversation || p_conversation->setup_frame != setup_frame_number) {
p_conversation = conversation_new( setup_frame_number, addr, &null_addr, PT_UDP,
(guint32)port, (guint32)other_port,
NO_ADDR2 | (!other_port ? NO_PORT2 : 0));
}
/* Set dissector */
conversation_set_dissector(p_conversation, t38_udp_handle);
/*
* Check if the conversation has data associated with it.
*/
p_conversation_data = (t38_conv*)conversation_get_proto_data(p_conversation, proto_t38);
/*
* If not, add a new data item.
*/
if ( ! p_conversation_data ) {
/* Create conversation data */
p_conversation_data = wmem_new(wmem_file_scope(), t38_conv);
conversation_add_proto_data(p_conversation, proto_t38, p_conversation_data);
}
/*
* Update the conversation data.
*/
g_strlcpy(p_conversation_data->setup_method, setup_method, MAX_T38_SETUP_METHOD_SIZE);
p_conversation_data->setup_frame_number = setup_frame_number;
p_conversation_data->src_t38_info.reass_ID = 0;
p_conversation_data->src_t38_info.reass_start_seqnum = -1;
p_conversation_data->src_t38_info.reass_data_type = 0;
p_conversation_data->src_t38_info.last_seqnum = -1;
p_conversation_data->src_t38_info.packet_lost = 0;
p_conversation_data->src_t38_info.burst_lost = 0;
p_conversation_data->src_t38_info.time_first_t4_data = 0;
p_conversation_data->dst_t38_info.reass_ID = 0;
p_conversation_data->dst_t38_info.reass_start_seqnum = -1;
p_conversation_data->dst_t38_info.reass_data_type = 0;
p_conversation_data->dst_t38_info.last_seqnum = -1;
p_conversation_data->dst_t38_info.packet_lost = 0;
p_conversation_data->dst_t38_info.burst_lost = 0;
p_conversation_data->dst_t38_info.time_first_t4_data = 0;
}
static gint
dissect_hci_usb(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
{
proto_item *ttree = NULL;
proto_tree *titem = NULL;
proto_item *pitem = NULL;
gint offset = 0;
usb_conv_info_t *usb_conv_info;
tvbuff_t *next_tvb = NULL;
bluetooth_data_t *bluetooth_data;
gint p2p_dir_save;
guint32 session_id;
fragment_head *reassembled;
bluetooth_data = (bluetooth_data_t *) data;
/* Reject the packet if data is NULL */
if (data == NULL)
return 0;
DISSECTOR_ASSERT(bluetooth_data->previous_protocol_data_type == BT_PD_USB_CONV_INFO);
usb_conv_info = bluetooth_data->previous_protocol_data.usb_conv_info;
titem = proto_tree_add_item(tree, proto_hci_usb, tvb, offset, -1, ENC_NA);
ttree = proto_item_add_subtree(titem, ett_hci_usb);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "HCI_USB");
p2p_dir_save = pinfo->p2p_dir;
pinfo->p2p_dir = (usb_conv_info->is_request) ? P2P_DIR_SENT : P2P_DIR_RECV;
switch (pinfo->p2p_dir) {
case P2P_DIR_SENT:
col_set_str(pinfo->cinfo, COL_INFO, "Sent");
break;
case P2P_DIR_RECV:
col_set_str(pinfo->cinfo, COL_INFO, "Rcvd");
break;
default:
col_set_str(pinfo->cinfo, COL_INFO, "UnknownDirection");
break;
}
if (usb_conv_info->is_setup) {
proto_tree_add_item(ttree, hf_bthci_usb_setup_request, tvb, offset, 1, ENC_LITTLE_ENDIAN);
offset += 1;
proto_tree_add_item(ttree, hf_bthci_usb_setup_value, tvb, offset, 2, ENC_LITTLE_ENDIAN);
offset += 2;
proto_tree_add_item(ttree, hf_bthci_usb_setup_adapter_id, tvb, offset, 2, ENC_LITTLE_ENDIAN);
offset += 2;
proto_tree_add_item(ttree, hf_bthci_usb_setup_length, tvb, offset, 2, ENC_LITTLE_ENDIAN);
offset += 2;
}
session_id = usb_conv_info->bus_id << 16 | usb_conv_info->device_address << 8 | ((pinfo->p2p_dir == P2P_DIR_RECV) ? 1 : 0 ) << 7 | usb_conv_info->endpoint;
bluetooth_data->adapter_id = usb_conv_info->bus_id << 8 | usb_conv_info->device_address;
/* TODO: adapter disconnect on some USB action, for now do not support adapter disconnection */
bluetooth_data->adapter_disconnect_in_frame = &max_disconnect_in_frame;
next_tvb = tvb_new_subset_remaining(tvb, offset);
if (!pinfo->fd->flags.visited && usb_conv_info->endpoint <= 0x02 &&
tvb_captured_length(tvb) == tvb_reported_length(tvb)) {
fragment_info_t *fragment_info;
fragment_info = (fragment_info_t *) wmem_tree_lookup32(fragment_info_table, session_id);
if (fragment_info == NULL) {
fragment_info = (fragment_info_t *) wmem_new(wmem_file_scope(), fragment_info_t);
fragment_info->fragment_id = 0;
fragment_info->remaining_length = 0;
wmem_tree_insert32(fragment_info_table, session_id, fragment_info);
}
if (fragment_info->fragment_id == 0) {
switch(usb_conv_info->endpoint)
{
case 0:
fragment_info->remaining_length = tvb_get_guint8(tvb, offset + 2) + 3;
break;
case 1:
fragment_info->remaining_length = tvb_get_guint8(tvb, offset + 1) + 2;
break;
case 2:
fragment_info->remaining_length = tvb_get_letohs(tvb, offset + 2) + 4;
break;
}
}
fragment_info->remaining_length -= tvb_reported_length_remaining(tvb, offset);
fragment_add_seq_check(&hci_usb_reassembly_table,
tvb, offset, pinfo, session_id, NULL,
fragment_info->fragment_id, tvb_reported_length_remaining(tvb, offset), (fragment_info->remaining_length == 0) ? FALSE : TRUE);
if (fragment_info->remaining_length > 0)
fragment_info->fragment_id += 1;
else
fragment_info->fragment_id = 0;
}
reassembled = fragment_get_reassembled_id(&hci_usb_reassembly_table, pinfo, session_id);
if (reassembled && pinfo->num < reassembled->reassembled_in) {
pitem = proto_tree_add_item(ttree, hf_bthci_usb_packet_fragment, tvb, offset, -1, ENC_NA);
PROTO_ITEM_SET_GENERATED(pitem);
col_append_str(pinfo->cinfo, COL_INFO, " Fragment");
} else if (reassembled && pinfo->num == reassembled->reassembled_in) {
pitem = proto_tree_add_item(ttree, hf_bthci_usb_packet_complete, tvb, offset, -1, ENC_NA);
PROTO_ITEM_SET_GENERATED(pitem);
if (reassembled->len > (guint) tvb_reported_length_remaining(tvb, offset)) {
next_tvb = process_reassembled_data(tvb, 0, pinfo,
"Reassembled HCI_USB",
reassembled, &hci_usb_msg_frag_items,
NULL, ttree);
}
switch(usb_conv_info->endpoint)
{
case 0:
call_dissector_with_data(bthci_cmd_handle, next_tvb, pinfo, tree, bluetooth_data);
break;
case 1:
call_dissector_with_data(bthci_evt_handle, next_tvb, pinfo, tree, bluetooth_data);
break;
case 2:
call_dissector_with_data(bthci_acl_handle, next_tvb, pinfo, tree, bluetooth_data);
break;
}
} else {
pitem = proto_tree_add_item(ttree, hf_bthci_usb_packet_unknown_fragment, tvb, offset, -1, ENC_NA);
PROTO_ITEM_SET_GENERATED(pitem);
}
if (usb_conv_info->endpoint == 0x03) {
call_dissector_with_data(bthci_sco_handle, next_tvb, pinfo, tree, bluetooth_data);
} else if (usb_conv_info->endpoint > 0x03) {
proto_tree_add_item(ttree, hf_bthci_usb_data, tvb, offset, -1, ENC_NA);
}
offset += tvb_reported_length_remaining(tvb, offset);
pinfo->p2p_dir = p2p_dir_save;
return offset;
}
/* Dissects a configuration frame (only the most important stuff, tries
* to be fast, does no GUI stuff) and returns a pointer to a config_frame
* struct that contains all the information from the frame needed to
* dissect a DATA frame.
*
* use 'config_frame_free()' to free the config_frame again
*/
static config_frame *config_frame_fast(tvbuff_t *tvb)
{
guint16 idcode, num_pmu;
gint offset;
config_frame *frame;
/* get a new frame and initialize it */
frame = wmem_new(wmem_file_scope(), config_frame);
frame->config_blocks = wmem_array_new(wmem_file_scope(), sizeof(config_block));
idcode = tvb_get_ntohs(tvb, 4);
frame->id = idcode;
num_pmu = tvb_get_ntohs(tvb, 18);
offset = 20; /* start of repeating blocks */
while (num_pmu) {
guint16 format_flags;
gint num_ph,
num_an,
num_dg;
gint i,
phunit,
anunit,
fnom;
config_block block;
/* initialize the block */
block.phasors = wmem_array_new(wmem_file_scope(), sizeof(phasor_info));
block.analogs = wmem_array_new(wmem_file_scope(), sizeof(analog_info));
/* copy the station name from the tvb to block, and add NULL byte */
tvb_memcpy(tvb, block.name, offset, CHNAM_LEN); offset += CHNAM_LEN;
block.name[CHNAM_LEN] = '\0';
block.id = tvb_get_ntohs(tvb, offset); offset += 2;
format_flags = tvb_get_ntohs(tvb, offset); offset += 2;
block.format_fr = (format_flags & 0x0008) ? floating_point : integer;
block.format_an = (format_flags & 0x0004) ? floating_point : integer;
block.format_ph = (format_flags & 0x0002) ? floating_point : integer;
block.phasor_notation = (format_flags & 0x0001) ? polar : rect;
num_ph = tvb_get_ntohs(tvb, offset); offset += 2;
num_an = tvb_get_ntohs(tvb, offset); offset += 2;
num_dg = tvb_get_ntohs(tvb, offset); offset += 2;
block.num_dg = num_dg;
/* the offset of the PHUNIT, ANUNIT, and FNOM blocks */
phunit = offset + (num_ph + num_an + num_dg * CHNAM_LEN) * CHNAM_LEN;
anunit = phunit + num_ph * 4;
fnom = anunit + num_an * 4 + num_dg * 4;
/* read num_ph phasor names and conversation factors */
for (i = 0; i != num_ph; i++) {
phasor_info pi;
guint32 conv;
/* copy the phasor name from the tvb, and add NULL byte */
tvb_memcpy(tvb, pi.name, offset, CHNAM_LEN); offset += CHNAM_LEN;
pi.name[CHNAM_LEN] = '\0';
conv = tvb_get_ntohl(tvb, phunit + 4 * i);
pi.unit = conv & 0xFF000000 ? A : V;
pi.conv = conv & 0x00FFFFFF;
wmem_array_append_one(block.phasors, pi);
}
/* read num_an analog value names and conversation factors */
for (i = 0; i != num_an; i++) {
analog_info ai;
guint32 conv;
/* copy the phasor name from the tvb, and add NULL byte */
tvb_memcpy(tvb, ai.name, offset, CHNAM_LEN); offset += CHNAM_LEN;
ai.name[CHNAM_LEN] = '\0';
conv = tvb_get_ntohl(tvb, anunit + 4 * i);
ai.conv = conv;
wmem_array_append_one(block.analogs, ai);
}
/* the names for the bits in the digital status words aren't saved,
there is no space to display them in the GUI anyway */
/* save FNOM */
block.fnom = tvb_get_ntohs(tvb, fnom) & 0x0001 ? 50 : 60;
offset = fnom + 2;
/* skip CFGCNT */
offset += 2;
wmem_array_append_one(frame->config_blocks, block);
num_pmu--;
}
return frame;
}
gcp_trx_t* gcp_trx(gcp_msg_t* m ,guint32 t_id , gcp_trx_type_t type, gboolean keep_persistent_data) {
gcp_trx_t* t = NULL;
gcp_trx_msg_t* trxmsg;
if ( !m ) return NULL;
if (keep_persistent_data) {
if (m->committed) {
for ( trxmsg = m->trxs; trxmsg; trxmsg = trxmsg->next) {
if (trxmsg->trx && trxmsg->trx->id == t_id) {
return trxmsg->trx;
}
}
DISSECTOR_ASSERT_NOT_REACHED();
} else {
wmem_tree_key_t key[4];
key[0].length = 1;
key[0].key = &(m->hi_addr);
key[1].length = 1;
key[1].key = &(m->lo_addr);
key[2].length = 1;
key[2].key = &(t_id);
key[3].length = 0;
key[3].key = NULL;
trxmsg = wmem_new(wmem_file_scope(), gcp_trx_msg_t);
t = (gcp_trx_t *)wmem_tree_lookup32_array(trxs,key);
if (!t) {
t = wmem_new(wmem_file_scope(), gcp_trx_t);
t->initial = m;
t->id = t_id;
t->type = type;
t->pendings = 0;
t->error = 0;
t->cmds = NULL;
wmem_tree_insert32_array(trxs,key,t);
}
/* XXX: request, reply and ack + point to frames where they are */
switch ( type ) {
case GCP_TRX_PENDING:
t->pendings++;
break;
default:
break;
}
}
} else {
t = wmem_new(wmem_packet_scope(), gcp_trx_t);
trxmsg = wmem_new(wmem_packet_scope(), gcp_trx_msg_t);
t->initial = NULL;
t->id = t_id;
t->type = type;
t->pendings = 0;
t->error = 0;
t->cmds = NULL;
}
DISSECTOR_ASSERT(trxmsg);
trxmsg->trx = t;
trxmsg->next = NULL;
trxmsg->last = trxmsg;
if (m->trxs) {
m->trxs->last = m->trxs->last->next = trxmsg;
} else {
m->trxs = trxmsg;
}
return t;
}
