static int analyzer_smtp_event_process_begin(struct event *evt, void *obj, struct proto_process_stack *stack, unsigned int stack_index) {
struct analyzer *analyzer = obj;
struct analyzer_smtp_priv *apriv = analyzer->priv;
struct proto_process_stack *s = &stack[stack_index];
if (!s->ce)
return POM_ERR;
// Only process stuff if we have the DATA event or if we already have an event
struct event_reg *evt_reg = event_get_reg(evt);
struct data *evt_data = event_get_data(evt);
struct analyzer_smtp_ce_priv *cpriv = conntrack_get_priv(s->ce, analyzer);
// It's expected that an SMTP connection will always contain at least one message
// So we always create the cpriv and event, no matter what
if (!cpriv) {
cpriv = malloc(sizeof(struct analyzer_smtp_ce_priv));
if (!cpriv) {
pom_oom(sizeof(struct analyzer_smtp_ce_priv));
return POM_ERR;
}
memset(cpriv, 0, sizeof(struct analyzer_smtp_ce_priv));
if (conntrack_add_priv(s->ce, analyzer, cpriv, analyzer_smtp_ce_priv_cleanup) != POM_OK) {
free(cpriv);
return POM_ERR;
}
}
if (!cpriv->evt_msg) {
cpriv->evt_msg = event_alloc(apriv->evt_msg);
if (!cpriv->evt_msg)
return POM_ERR;
}
struct data *msg_data = event_get_data(cpriv->evt_msg);
if (evt_reg == apriv->evt_cmd) {
if (!cpriv->common_data_fetched)
analyzer_smtp_event_fetch_common_data(cpriv, stack, stack_index, POM_DIR_REVERSE(s->direction));
// Process commands
// A message was being transmitted and we recevied a new command
if (event_is_started(cpriv->evt_msg)) {
event_process_end(cpriv->evt_msg);
cpriv->evt_msg = NULL;
}
char *cmd = PTYPE_STRING_GETVAL(evt_data[proto_smtp_cmd_name].value);
if (!cmd)
return POM_OK;
char *arg = PTYPE_STRING_GETVAL(evt_data[proto_smtp_cmd_arg].value);
if (arg) {
while (*arg == ' ')
arg++;
}
if (!strcasecmp(cmd, "MAIL")) {
if (strncasecmp(arg, "FROM:", strlen("FROM:"))) {
pomlog(POMLOG_DEBUG "Unparseable MAIL command");
return POM_OK;
}
arg += strlen("FROM:");
while (*arg == ' ')
arg++;
if (*arg == '<')
arg++;
size_t len;
char *end = strchr(arg, '>');
if (end)
len = end - arg;
else
len = strlen(arg);
PTYPE_STRING_SETVAL_N(msg_data[analyzer_smtp_msg_from].value, arg, len);
data_set(msg_data[analyzer_smtp_msg_from]);
cpriv->last_cmd = analyzer_smtp_last_cmd_mail_from;
} else if (!strcasecmp(cmd, "RCPT")) {
if (strncasecmp(arg, "TO:", strlen("TO:"))) {
pomlog(POMLOG_DEBUG "Unparseable RCPT command");
return POM_OK;
}
arg += strlen("TO:");
while (*arg == ' ')
arg++;
if (*arg == '<')
arg++;
size_t len;
char *end = strchr(arg, '>');
if (end)
len = end - arg;
else
len = strlen(arg);
struct ptype *to = ptype_alloc("string");
if (!to)
return POM_ERR;
PTYPE_STRING_SETVAL_N(to, arg, len);
if (data_item_add_ptype(msg_data, analyzer_smtp_msg_to, strdup("to"), to) != POM_OK) {
ptype_cleanup(to);
return POM_ERR;
}
cpriv->last_cmd = analyzer_smtp_last_cmd_rcpt_to;
} else if (!strcasecmp(cmd, "DATA")) {
cpriv->last_cmd = analyzer_smtp_last_cmd_data;
if (!event_is_started(cpriv->evt_msg)) {
analyzer_smtp_event_fill_common_data(cpriv, msg_data);
event_process_begin(cpriv->evt_msg, stack, stack_index, event_get_timestamp(evt));
} else {
pomlog(POMLOG_DEBUG "Message event already started !");
}
} else if (!strcasecmp(cmd, "RSET")) {
// Cleanup the event
event_cleanup(cpriv->evt_msg);
cpriv->evt_msg = NULL;
cpriv->last_cmd = analyzer_smtp_last_cmd_other;
} else if (!strcasecmp(cmd, "HELO") || !strcasecmp(cmd, "EHLO")) {
if (cpriv->client_hello) {
pomlog(POMLOG_DEBUG "We already have a client hello !");
free(cpriv->client_hello);
}
cpriv->client_hello = strdup(arg);
if (!cpriv->client_hello) {
pom_oom(strlen(arg) + 1);
return POM_ERR;
}
cpriv->last_cmd = analyzer_smtp_last_cmd_other;
} else if (!strcasecmp(cmd, "AUTH")) {
if (!strncasecmp(arg, "PLAIN", strlen("PLAIN"))) {
arg += strlen("PLAIN");
while (*arg == ' ')
arg++;
if (cpriv->evt_auth) {
event_process_end(cpriv->evt_auth);
cpriv->evt_auth = NULL;
}
if (strlen(arg)) {
if (analyzer_smtp_parse_auth_plain(apriv, cpriv, arg) == POM_OK) {
event_process_begin(cpriv->evt_auth, stack, stack_index, event_get_timestamp(evt));
cpriv->last_cmd = analyzer_smtp_last_cmd_auth_plain_creds;
}
} else {
cpriv->last_cmd = analyzer_smtp_last_cmd_auth_plain;
}
} else if (!strncasecmp(arg, "LOGIN", strlen("LOGIN"))) {
arg += strlen("LOGIN");
while (*arg == ' ')
arg++;
if (cpriv->evt_auth) {
event_process_end(cpriv->evt_auth);
cpriv->evt_auth = NULL;
}
cpriv->evt_auth = event_alloc(apriv->evt_auth);
if (!cpriv->evt_auth)
return POM_ERR;
struct data *auth_data = event_get_data(cpriv->evt_auth);
analyzer_smtp_event_fill_common_data(cpriv, auth_data);
// Set the authentication type
PTYPE_STRING_SETVAL(auth_data[analyzer_smtp_auth_type].value, "LOGIN");
data_set(auth_data[analyzer_smtp_auth_type]);
if (strlen(arg)) {
char *username = NULL;
size_t out_len = 0;
struct ptype *username_pt = NULL;
if (decoder_decode_simple("base64", arg, strlen(arg), &username, &out_len) == POM_OK) {
username_pt = ptype_alloc("string");
if (username_pt) {
PTYPE_STRING_SETVAL_P(username_pt, username);
if (data_item_add_ptype(auth_data, analyzer_smtp_auth_params, strdup("username"), username_pt) != POM_OK) {
ptype_cleanup(username_pt);
event_cleanup(cpriv->evt_auth);
cpriv->evt_auth = NULL;
username_pt = NULL;
}
} else {
free(username);
}
}
if (!username_pt) {
cpriv->last_cmd = analyzer_smtp_last_cmd_other;
event_process_begin(cpriv->evt_auth, stack, stack_index, event_get_timestamp(evt));
}
} else {
cpriv->last_cmd = analyzer_smtp_last_cmd_auth_login;
}
}
} else if (cpriv->last_cmd == analyzer_smtp_last_cmd_auth_plain) {
// We are expecting the credentials right now
if (analyzer_smtp_parse_auth_plain(apriv, cpriv, cmd) == POM_OK) {
event_process_begin(cpriv->evt_auth, stack, stack_index, event_get_timestamp(evt));
cpriv->last_cmd = analyzer_smtp_last_cmd_auth_plain_creds;
} else {
cpriv->last_cmd = analyzer_smtp_last_cmd_other;
}
} else if (cpriv->last_cmd == analyzer_smtp_last_cmd_auth_login) {
char *username = NULL;
size_t out_len = 0;
struct ptype *username_pt = NULL;
if (decoder_decode_simple("base64", cmd, strlen(cmd), &username, &out_len) == POM_OK) {
username_pt = ptype_alloc("string");
if (username_pt) {
PTYPE_STRING_SETVAL_P(username_pt, username);
struct data *auth_data = event_get_data(cpriv->evt_auth);
if (data_item_add_ptype(auth_data, analyzer_smtp_auth_params, strdup("username"), username_pt) != POM_OK) {
ptype_cleanup(username_pt);
event_process_end(cpriv->evt_auth);
cpriv->evt_auth = NULL;
username_pt = NULL;
}
} else {
free(username);
}
}
if (!username_pt) {
cpriv->last_cmd = analyzer_smtp_last_cmd_other;
} else {
event_process_begin(cpriv->evt_auth, stack, stack_index, event_get_timestamp(evt));
cpriv->last_cmd = analyzer_smtp_last_cmd_auth_login_user;
}
} else if (cpriv->last_cmd == analyzer_smtp_last_cmd_auth_login_user) {
char *password = NULL;
size_t out_len = 0;
struct ptype *password_pt = NULL;
if (decoder_decode_simple("base64", cmd, strlen(cmd), &password, &out_len) == POM_OK) {
password_pt = ptype_alloc("string");
if (password_pt) {
PTYPE_STRING_SETVAL_P(password_pt, password);
struct data *auth_data = event_get_data(cpriv->evt_auth);
if (data_item_add_ptype(auth_data, analyzer_smtp_auth_params, strdup("password"), password_pt) != POM_OK) {
ptype_cleanup(password_pt);
event_process_end(cpriv->evt_auth);
cpriv->evt_auth = NULL;
password_pt = NULL;
}
} else {
free(password);
}
}
if (!password_pt) {
cpriv->last_cmd = analyzer_smtp_last_cmd_other;
} else {
cpriv->last_cmd = analyzer_smtp_last_cmd_auth_login_pass;
}
} else {
cpriv->last_cmd = analyzer_smtp_last_cmd_other;
}
} else if (evt_reg == apriv->evt_reply) {
if (!cpriv->common_data_fetched)
analyzer_smtp_event_fetch_common_data(cpriv, stack, stack_index, s->direction);
// Process replies
uint16_t code = *PTYPE_UINT16_GETVAL(evt_data[proto_smtp_reply_code].value);
switch (cpriv->last_cmd) {
default:
case analyzer_smtp_last_cmd_other:
if (code == 220 && evt_data[proto_smtp_reply_text].items && evt_data[proto_smtp_reply_text].items->value) {
// STARTTLS returns 220 as well so ignore extra code 220
if (!cpriv->server_hello) {
char *helo = PTYPE_STRING_GETVAL(evt_data[proto_smtp_reply_text].items->value);
cpriv->server_hello = strdup(helo);
if (!cpriv->server_hello) {
pom_oom(strlen(helo) + 1);
return POM_ERR;
}
}
}
break;
case analyzer_smtp_last_cmd_mail_from:
if (code != 250) {
// FROM is invalid
data_unset(msg_data[analyzer_smtp_msg_from]);
}
break;
case analyzer_smtp_last_cmd_rcpt_to:
// For now just don't do anything
// It's best to keep a destination in there even if it's invalid or denied
break;
case analyzer_smtp_last_cmd_data:
if (code == 354) {
// The message is starting, keep last_cmd intact
return POM_OK;
}
// Message is over (if ever transmited)
if (event_is_started(cpriv->evt_msg)) {
struct data *msg_data = event_get_data(cpriv->evt_msg);
PTYPE_UINT16_SETVAL(msg_data[analyzer_smtp_msg_result].value, code);
data_set(msg_data[analyzer_smtp_msg_result]);
event_process_end(cpriv->evt_msg);
cpriv->evt_msg = NULL;
}
break;
case analyzer_smtp_last_cmd_auth_plain:
case analyzer_smtp_last_cmd_auth_login:
case analyzer_smtp_last_cmd_auth_login_user:
// Check if authentication phase can continue
if (code == 334) {
// Don't reset cpriv->last_cmd
return POM_OK;
} else {
struct data *evt_data = event_get_data(cpriv->evt_auth);
PTYPE_BOOL_SETVAL(evt_data[analyzer_smtp_auth_success].value, 0);
data_set(evt_data[analyzer_smtp_auth_success]);
event_process_end(cpriv->evt_auth);
cpriv->evt_auth = NULL;
}
break;
case analyzer_smtp_last_cmd_auth_plain_creds:
case analyzer_smtp_last_cmd_auth_login_pass: {
// We just processed the credentials
struct data *auth_data = event_get_data(cpriv->evt_auth);
char success = 0;
if (code == 235)
success = 1;
PTYPE_BOOL_SETVAL(auth_data[analyzer_smtp_auth_success].value, success);
data_set(auth_data[analyzer_smtp_auth_success]);
event_process_end(cpriv->evt_auth);
cpriv->evt_auth = NULL;
break;
}
}
cpriv->last_cmd = analyzer_smtp_last_cmd_other;
}
return POM_OK;
}
static int analyzer_rtp_pload_process(void *obj, struct packet *p, struct proto_process_stack *stack, unsigned int stack_index) {
struct analyzer *analyzer = obj;
struct analyzer_rtp_priv *priv = analyzer->priv;
struct proto_process_stack *pload_stack = &stack[stack_index];
struct proto_process_stack *s = &stack[stack_index - 1];
if (!s->ce)
return POM_ERR;
struct analyzer_rtp_ce_priv *cp = conntrack_get_priv(s->ce, obj);
if (!cp) {
cp = malloc(sizeof(struct analyzer_rtp_ce_priv));
if (!cp) {
pom_oom(sizeof(struct analyzer_rtp_ce_priv));
return POM_ERR;
}
memset(cp, 0, sizeof(struct analyzer_rtp_ce_priv));
if (conntrack_add_priv(s->ce, obj, cp, analyzer_rtp_ce_cleanup) != POM_OK)
return POM_ERR;
}
int dir = s->direction;
if (!cp->evt[dir]) {
cp->evt[dir] = event_alloc(priv->evt_rtp_stream);
if (!cp->evt[dir])
return POM_ERR;
struct data *evt_data = event_get_data(cp->evt[dir]);
ptype_copy(evt_data[analyzer_rtp_stream_ssrc].value, s->pkt_info->fields_value[proto_rtp_field_ssrc]);
data_set(evt_data[analyzer_rtp_stream_ssrc]);
// For now we always assume RTP is over UDP or TCP
if (stack_index > 2) {
struct proto_process_stack *l4_stack = &stack[stack_index - 2];
unsigned int i;
for (i = 0; !data_is_set(evt_data[analyzer_rtp_stream_src_port]) || !data_is_set(evt_data[analyzer_rtp_stream_dst_port]); i++) {
struct proto_reg_info *l4_info = proto_get_info(l4_stack->proto);
char *name = l4_info->pkt_fields[i].name;
if (!name)
break;
if (!data_is_set(evt_data[analyzer_rtp_stream_src_port]) && !strcmp(name, "sport")) {
ptype_copy(evt_data[analyzer_rtp_stream_src_port].value, l4_stack->pkt_info->fields_value[i]);
data_set(evt_data[analyzer_rtp_stream_src_port]);
} else if (!data_is_set(evt_data[analyzer_rtp_stream_dst_port]) && !strcmp(name, "dport")) {
ptype_copy(evt_data[analyzer_rtp_stream_dst_port].value, l4_stack->pkt_info->fields_value[i]);
data_set(evt_data[analyzer_rtp_stream_dst_port]);
}
}
}
if (stack_index > 3) {
struct proto_process_stack *l3_stack = &stack[stack_index - 3];
unsigned int i;
for (i = 0; !data_is_set(evt_data[analyzer_rtp_stream_src_addr]) || !data_is_set(evt_data[analyzer_rtp_stream_dst_addr]); i++) {
struct proto_reg_info *l3_info = proto_get_info(l3_stack->proto);
char *name = l3_info->pkt_fields[i].name;
if (!name)
break;
if (!data_is_set(evt_data[analyzer_rtp_stream_src_addr]) && !strcmp(name, "src")) {
evt_data[analyzer_rtp_stream_src_addr].value = ptype_alloc_from(l3_stack->pkt_info->fields_value[i]);
if (evt_data[analyzer_rtp_stream_src_addr].value)
data_set(evt_data[analyzer_rtp_stream_src_addr]);
} else if (!data_is_set(evt_data[analyzer_rtp_stream_dst_addr]) && !strcmp(name, "dst")) {
evt_data[analyzer_rtp_stream_dst_addr].value = ptype_alloc_from(l3_stack->pkt_info->fields_value[i]);
if (evt_data[analyzer_rtp_stream_dst_addr].value)
data_set(evt_data[analyzer_rtp_stream_dst_addr]);
}
}
}
struct proto *sess_proto = telephony_stream_info_get_sess_proto(s->ce);
if (sess_proto) {
struct proto_reg_info *proto_reg = proto_get_info(sess_proto);
PTYPE_STRING_SETVAL(evt_data[analyzer_rtp_stream_sess_proto].value, proto_reg->name);
data_set(evt_data[analyzer_rtp_stream_sess_proto]);
}
char *call_id = telephony_stream_info_get_call_id(s->ce);
if (call_id) {
PTYPE_STRING_SETVAL_P(evt_data[analyzer_rtp_stream_call_id].value, call_id);
data_set(evt_data[analyzer_rtp_stream_call_id]);
}
if (event_process_begin(cp->evt[dir], stack, stack_index, p->ts) != POM_OK)
return POM_ERR;
}
if (!cp->pload[dir]) {
cp->pload[dir] = pload_alloc(cp->evt[dir], 0);
if (!cp->pload[dir])
return POM_ERR;
struct telephony_codec_info info = { 0 };
if (telephony_stream_info_get_codec(&info, stack, stack_index - 1) == POM_OK) {
char *pload_type = telephony_codec_info_get_pload_type(&info);
if (pload_type)
pload_set_type(cp->pload[dir], pload_type);
}
}
if (pload_append(cp->pload[dir], pload_stack->pload, pload_stack->plen) != POM_OK)
return POM_ERR;
return POM_OK;
}
int registry_config_save(char *config_name) {
if (strlen(config_name) >= REGISTRY_CONFIG_NAME_MAX) {
pomlog(POMLOG_ERR "Configuration name too long, max %u characters.", REGISTRY_CONFIG_NAME_MAX);
return POM_ERR;
}
struct dataset_query *dsq_config_list = NULL, *dsq_config = NULL;
struct datastore *sys_dstore = system_datastore();
if (!sys_dstore)
return POM_ERR;
struct datastore_connection *dc = datastore_connection_new(sys_dstore);
if (!dc)
return POM_ERR;
dsq_config_list = datastore_dataset_query_open(sys_dstore, REGISTRY_CONFIG_LIST, registry_config_list_dataset_template, dc);
if (!dsq_config_list)
goto err;
if (datastore_dataset_query_set_string_condition(dsq_config_list, 0, PTYPE_OP_EQ, config_name) != POM_OK)
goto err;
dsq_config = datastore_dataset_query_open(sys_dstore, REGISTRY_CONFIG, registry_config_dataset_template, dc);
if (!dsq_config)
goto err;
if (datastore_transaction_begin(dc) != POM_OK)
goto err;
// Find out if we already have a config by that name
int res = datastore_dataset_read_single(dsq_config_list);
if (res == DATASET_QUERY_MORE) {
// Delete existing stuff about this config
if (datastore_dataset_query_set_uint64_condition(dsq_config, 0, PTYPE_OP_EQ, dsq_config_list->data_id) != POM_OK)
goto err;
if (datastore_dataset_delete(dsq_config_list) != DATASET_QUERY_OK)
goto err;
if (datastore_dataset_delete(dsq_config) != DATASET_QUERY_OK)
goto err;
}
if (res < 0)
goto err;
// Add the config to the config list
PTYPE_STRING_SETVAL(dsq_config_list->values[0].value, config_name);
PTYPE_TIMESTAMP_SETVAL(dsq_config_list->values[1].value, pom_gettimeofday());
if (datastore_dataset_write(dsq_config_list) != DATASET_QUERY_OK)
goto err;
PTYPE_UINT64_SETVAL(dsq_config->values[0].value, dsq_config_list->data_id);
registry_lock();
struct registry_class *cls;
// Browse each class
for (cls = registry_head; cls; cls = cls->next) {
// Browse each instance of the class
struct registry_instance *inst;
for (inst = cls->instances; inst; inst = inst->next) {
// Don't add the instance if it's not added by the user
if (cls->instance_add) {
// The system datastore will always exist
if (inst == sys_dstore->reg_instance)
continue;
char *buff = malloc(strlen(cls->name) + 1 + strlen(inst->name) + 1);
if (!buff) {
pom_oom(strlen(cls->name) + 1 + strlen(inst->name) + 1);
goto err_locked;
}
strcpy(buff, cls->name);
strcat(buff, ".");
strcat(buff, inst->name);
PTYPE_STRING_SETVAL_P(dsq_config->values[1].value, buff);
struct registry_param *p;
for (p = inst->params; p && strcmp(p->name, "type"); p = p->next);
if (p) {
dsq_config->values[2].is_null = 0;
char *type = PTYPE_STRING_GETVAL(p->value);
PTYPE_STRING_SETVAL(dsq_config->values[2].value, type);
} else {
dsq_config->values[2].is_null = 1;
}
PTYPE_UINT8_SETVAL(dsq_config->values[3].value, registry_config_instance);
if (datastore_dataset_write(dsq_config) != DATASET_QUERY_OK)
goto err_locked;
}
// Browse the parametrers and add the non default ones
struct registry_param *param;
for (param = inst->params; param; param = param->next) {
// Check if the parameter value is not the default one anymore
if (param->default_value) {
struct ptype *defval = ptype_alloc_from(param->value);
if (!defval)
goto err_locked;
if (ptype_parse_val(defval, param->default_value) != POM_OK) {
pomlog(POMLOG_ERR "Unable to parse default value !");
ptype_cleanup(defval);
goto err_locked;
}
if (ptype_compare_val(PTYPE_OP_EQ, param->value, defval)) {
// Param still has the default value, do nothing
ptype_cleanup(defval);
continue;
}
ptype_cleanup(defval);
}
char *buff = malloc(strlen(cls->name) + 1 + strlen(inst->name) + 1 + strlen(param->name) + 1);
if (!buff) {
pom_oom(strlen(cls->name) + 1 + strlen(inst->name) + 1 + strlen(param->name) + 1);
goto err_locked;
}
strcpy(buff, cls->name);
strcat(buff, ".");
strcat(buff, inst->name);
strcat(buff, ".");
strcat(buff, param->name);
PTYPE_STRING_SETVAL_P(dsq_config->values[1].value, buff);
char *value = ptype_print_val_alloc(param->value, NULL);
if (!value)
goto err_locked;
dsq_config->values[2].is_null = 0;
PTYPE_STRING_SETVAL_P(dsq_config->values[2].value, value);
PTYPE_UINT8_SETVAL(dsq_config->values[3].value, registry_config_instance_param);
if (datastore_dataset_write(dsq_config) != DATASET_QUERY_OK)
goto err_locked;
}
}
}
registry_config_serial++;
registry_serial++;
xmlrcpcmd_serial_inc();
registry_unlock();
if (datastore_transaction_commit(dc) != POM_OK)
goto err;
datastore_dataset_query_cleanup(dsq_config_list);
datastore_dataset_query_cleanup(dsq_config);
datastore_connection_release(dc);
pomlog("Registry configuration saved as \"%s\"", config_name);
return POM_OK;
err_locked:
registry_unlock();
err:
if (dsq_config_list)
datastore_dataset_query_cleanup(dsq_config_list);
if (dsq_config)
datastore_dataset_query_cleanup(dsq_config);
if (dc) {
datastore_transaction_rollback(dc);
datastore_connection_release(dc);
}
return POM_ERR;
}
static void analyzer_jpeg_exif_entry_analyze(ExifEntry *entry, void *pload) {
ExifIfd ifd = exif_content_get_ifd(entry->parent);
const char *tag_name = exif_tag_get_name_in_ifd(entry->tag, ifd);
if (!tag_name) // Unknown tag
return;
struct ptype *value = NULL;
// First parse ascii values
if (entry->format == EXIF_FORMAT_ASCII) {
char *str = malloc(entry->size);
if (!str) {
pom_oom(entry->size);
return;
}
memcpy(str, entry->data, entry->size);
// Make sure it's NULL terminated
str[entry->size - 1] = 0;
value = ptype_alloc("string");
if (!value) {
free(str);
return;
}
PTYPE_STRING_SETVAL_P(value, str);
} else if (entry->components == 1) {
ExifByteOrder byte_order = exif_data_get_byte_order(entry->parent->parent);
if (entry->format == EXIF_FORMAT_BYTE) {
value = ptype_alloc("uint8");
if (!value)
return;
PTYPE_UINT8_SETVAL(value, *entry->data);
} else if (entry->format == EXIF_FORMAT_SHORT) {
value = ptype_alloc("uint16");
if (!value)
return;
PTYPE_UINT16_SETVAL(value, exif_get_short(entry->data, byte_order));
} else if (entry->format == EXIF_FORMAT_LONG) {
value = ptype_alloc("uint32");
if (!value)
return;
PTYPE_UINT32_SETVAL(value, exif_get_long(entry->data, byte_order));
}
}
if (!value) {
// Fallback for types not parsed by us yet
// FIXME this is subject to the locale
char buff[256];
buff[sizeof(buff) - 1] = 0;
exif_entry_get_value(entry, buff, sizeof(buff) - 1);
value = ptype_alloc("string");
if (!value)
return;
PTYPE_STRING_SETVAL(value, buff);
}
char *key = strdup(tag_name);
if (!key) {
pom_oom(strlen(tag_name) + 1);
return;
}
struct data *data = analyzer_pload_buffer_get_data(pload);
data_item_add_ptype(data, analyzer_jpeg_pload_exif, key, value);
}
