static void
expert_set_info_vformat(packet_info *pinfo, proto_item *pi, int group, int severity, const char *format, va_list ap)
{
char formatted[ITEM_LABEL_LENGTH];
int tap;
expert_info_t *ei;
proto_tree *tree;
proto_item *ti;
/* if this packet isn't loaded because of a read filter, don't output anything */
if (pinfo == NULL || PINFO_FD_NUM(pinfo) == 0) {
return;
}
if (severity > highest_severity) {
highest_severity = severity;
}
if (pi != NULL && PITEM_FINFO(pi) != NULL) {
expert_set_item_flags(pi, group, severity);
}
col_add_str(pinfo->cinfo, COL_EXPERT, val_to_str(severity, expert_severity_vals, "Unknown (%u)"));
g_vsnprintf(formatted, ITEM_LABEL_LENGTH, format, ap);
tree = expert_create_tree(pi, group, severity, formatted);
ti = proto_tree_add_string(tree, hf_expert_msg, NULL, 0, 0, formatted);
PROTO_ITEM_SET_GENERATED(ti);
ti = proto_tree_add_uint_format_value(tree, hf_expert_severity, NULL, 0, 0, severity,
"%s", val_to_str_const(severity, expert_severity_vals, "Unknown"));
PROTO_ITEM_SET_GENERATED(ti);
ti = proto_tree_add_uint_format_value(tree, hf_expert_group, NULL, 0, 0, group,
"%s", val_to_str_const(group, expert_group_vals, "Unknown"));
PROTO_ITEM_SET_GENERATED(ti);
tap = have_tap_listener(expert_tap);
if (!tap)
return;
ei = ep_alloc(sizeof(expert_info_t));
ei->packet_num = PINFO_FD_NUM(pinfo);
ei->group = group;
ei->severity = severity;
ei->protocol = pinfo->current_proto;
ei->summary = ep_strdup(formatted);
/* if we have a proto_item (not a faked item), set expert attributes to it */
if (pi != NULL && PITEM_FINFO(pi) != NULL) {
ei->pitem = pi;
} else {
ei->pitem = NULL;
}
tap_queue_packet(expert_tap, pinfo, ei);
}
/* set's the PI_ flags to a protocol item
* (and its parent items till the toplevel) */
static void
expert_set_item_flags(proto_item *pi, const int group, const guint severity)
{
if (pi != NULL && PITEM_FINFO(pi) != NULL && (severity >= FI_GET_FLAG(PITEM_FINFO(pi), PI_SEVERITY_MASK))) {
FI_REPLACE_FLAGS(PITEM_FINFO(pi), PI_GROUP_MASK, group);
FI_REPLACE_FLAGS(PITEM_FINFO(pi), PI_SEVERITY_MASK, severity);
/* propagate till toplevel item */
pi = proto_item_get_parent(pi);
expert_set_item_flags(pi, group, severity);
}
}
/**
* This function is called for each node on the dissector tree, for a each packet,
* First, this function sees if this node is one of the keys (e.g. 'frame.number')
* we are looking for (nodes store the key in PITEM_FINFO(node)->hfinfo->abbrev).
* If we found an appropriate field, copy the native value or string representation
* of the value as appropriate.
*
* Finally, recurse on child nodes.
*/
static void proto_tree_get_node_field_values(proto_node *node, gpointer data)
{
stdata_edt_tuple_t *args;
field_info *fi;
gpointer field_index;
gpointer orig_key;
gboolean key_found;
args = data;
fi = PITEM_FINFO(node);
dprintf("fi->hfinfo->abbrev = %s\n", fi->hfinfo->abbrev);
key_found = g_hash_table_lookup_extended(args->stdata->field_indicies,
fi->hfinfo->abbrev,
&orig_key,
&field_index);
const gchar* val_str;
gulong actual_index = (gulong)(field_index);
if(key_found)
{
gulong type = fi->hfinfo->type;
if(type == FT_STRING)
{
dprintf("found a string!\n");
dprintf("string is: %s\n", (char*)fvalue_get(&(fi->value)));
dprintf("string as gnfvas: %s\n", get_node_field_value_as_string(fi, args->edt));
}
if(type == FT_NONE)
{
args->stdata->field_values_str[actual_index] = NULL;
args->stdata->field_values_native[actual_index] = 0;
args->stdata->field_types[actual_index] = FT_NONE;
}
else if(is_native_type(type) == TRUE)
{
// If we can natively store the type,
// do that and don't convert to a string
args->stdata->field_values_str[actual_index] = NULL;
memcpy(args->stdata->field_values_native[actual_index], &(fi->value), sizeof(fvalue_t));
args->stdata->field_types[actual_index] = type;
}
else
{
// As a last ditch options, convert the value to a string,
// and don't bother storing the native type
val_str = get_node_field_value_as_string(fi, args->edt);
args->stdata->field_values_str[actual_index] = val_str;
args->stdata->field_types[actual_index] = type;
}
}
/* Recurse here. */
if (node->first_child != NULL)
{
proto_tree_children_foreach(node,
proto_tree_get_node_field_values, args);
}
}
static void
expert_set_info_vformat(packet_info *pinfo, proto_item *pi, int group, int severity, int hf_index, gboolean use_vaformat,
const char *format, va_list ap)
{
char formatted[ITEM_LABEL_LENGTH];
int tap;
expert_info_t *ei;
proto_tree *tree;
proto_item *ti;
if (pinfo == NULL && pi && pi->tree_data) {
pinfo = PTREE_DATA(pi)->pinfo;
}
/* if this packet isn't loaded because of a read filter, don't output anything */
if (pinfo == NULL || pinfo->num == 0) {
return;
}
if (severity > highest_severity) {
highest_severity = severity;
}
/* XXX: can we get rid of these checks and make them programming errors instead now? */
if (pi != NULL && PITEM_FINFO(pi) != NULL) {
expert_set_item_flags(pi, group, severity);
}
if ((pi == NULL) || (PITEM_FINFO(pi) == NULL) ||
((guint)severity >= FI_GET_FLAG(PITEM_FINFO(pi), PI_SEVERITY_MASK))) {
col_add_str(pinfo->cinfo, COL_EXPERT, val_to_str(severity, expert_severity_vals, "Unknown (%u)"));
}
if (use_vaformat) {
g_vsnprintf(formatted, ITEM_LABEL_LENGTH, format, ap);
} else {
g_strlcpy(formatted, format, ITEM_LABEL_LENGTH);
}
tree = expert_create_tree(pi, group, severity, formatted);
if (hf_index == -1) {
/* If no filterable expert info, just add the message */
ti = proto_tree_add_string(tree, hf_expert_msg, NULL, 0, 0, formatted);
PROTO_ITEM_SET_GENERATED(ti);
} else {
/* If filterable expert info, hide the "generic" form of the message,
and generate the formatted filterable expert info */
ti = proto_tree_add_none_format(tree, hf_index, NULL, 0, 0, "%s", formatted);
PROTO_ITEM_SET_GENERATED(ti);
ti = proto_tree_add_string(tree, hf_expert_msg, NULL, 0, 0, formatted);
PROTO_ITEM_SET_HIDDEN(ti);
}
ti = proto_tree_add_uint_format_value(tree, hf_expert_severity, NULL, 0, 0, severity,
"%s", val_to_str_const(severity, expert_severity_vals, "Unknown"));
PROTO_ITEM_SET_GENERATED(ti);
ti = proto_tree_add_uint_format_value(tree, hf_expert_group, NULL, 0, 0, group,
"%s", val_to_str_const(group, expert_group_vals, "Unknown"));
PROTO_ITEM_SET_GENERATED(ti);
tap = have_tap_listener(expert_tap);
if (!tap)
return;
ei = wmem_new(wmem_packet_scope(), expert_info_t);
ei->packet_num = pinfo->num;
ei->group = group;
ei->severity = severity;
ei->hf_index = hf_index;
ei->protocol = pinfo->current_proto;
ei->summary = wmem_strdup(wmem_packet_scope(), formatted);
/* if we have a proto_item (not a faked item), set expert attributes to it */
if (pi != NULL && PITEM_FINFO(pi) != NULL) {
ei->pitem = pi;
}
/* XXX: remove this because we don't have an internal-only function now? */
else {
ei->pitem = NULL;
}
tap_queue_packet(expert_tap, pinfo, ei);
}
