4 * Wireshark - Network traffic analyzer
5 * By Gerald Combs <gerald@wireshark.org>
7 * Copyright 1998 Gerald Combs
9 * SPDX-License-Identifier: GPL-2.0-or-later
17 #include <epan/epan.h>
18 #include <wsutil/unicode-utils.h>
19 #include <epan/wmem/wmem.h>
20 #include "guid-utils.h"
28 static wmem_tree_t *guid_to_name_tree = NULL;
32 /* try to resolve an DCE/RPC interface name to its name using the Windows registry entries */
33 /* XXX - might be better to fill all interfaces into our database at startup instead of searching each time */
35 ResolveWin32UUID(e_guid_t if_id, char *uuid_name, int uuid_name_max_len)
39 DWORD uuid_max_size = MAX_PATH;
42 reg_uuid_name=wmem_alloc(wmem_packet_scope(), (MAX_PATH*sizeof(TCHAR))+1);
43 reg_uuid_str=wmem_alloc(wmem_packet_scope(), (MAX_PATH*sizeof(TCHAR))+1);
45 if(uuid_name_max_len < 2){
48 reg_uuid_name[0] = '\0';
49 StringCchPrintf(reg_uuid_str, MAX_PATH, _T("SOFTWARE\\Classes\\Interface\\{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}"),
50 if_id.data1, if_id.data2, if_id.data3,
51 if_id.data4[0], if_id.data4[1],
52 if_id.data4[2], if_id.data4[3],
53 if_id.data4[4], if_id.data4[5],
54 if_id.data4[6], if_id.data4[7]);
55 if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, reg_uuid_str, 0, KEY_QUERY_VALUE, &hKey) == ERROR_SUCCESS) {
56 if (RegQueryValueEx(hKey, NULL, NULL, NULL, (LPBYTE)reg_uuid_name, &uuid_max_size) == ERROR_SUCCESS && uuid_max_size <= MAX_PATH) {
57 g_snprintf(uuid_name, uuid_name_max_len, "%s", utf_16to8(reg_uuid_name));
59 return (int) strlen(uuid_name);
63 return 0; /* we didn't find anything anyhow. Please don't use the string! */
69 /* store a guid to name mapping */
71 guids_add_guid(const e_guid_t *guid, const gchar *name)
73 wmem_tree_key_t guidkey[2];
102 wmem_tree_insert32_array(guid_to_name_tree, &guidkey[0], (gchar *) name);
106 /* retrieve the registered name for this GUID */
108 guids_get_guid_name(const e_guid_t *guid)
110 wmem_tree_key_t guidkey[2];
114 static char *uuid_name;
125 g[2]|=guid->data4[1];
127 g[2]|=guid->data4[2];
129 g[2]|=guid->data4[3];
133 g[3]|=guid->data4[5];
135 g[3]|=guid->data4[6];
137 g[3]|=guid->data4[7];
143 if((name = (char *)wmem_tree_lookup32_array(guid_to_name_tree, &guidkey[0]))){
148 /* try to resolve the mapping from the Windows registry */
149 /* XXX - prefill the resolving database with all the Windows registry entries once at init only (instead of searching each time)? */
150 uuid_name=wmem_alloc(wmem_packet_scope(), 128);
151 if(ResolveWin32UUID(*guid, uuid_name, 128)) {
163 guid_to_name_tree=wmem_tree_new(wmem_epan_scope());
164 /* XXX here is a good place to read a config file with wellknown guids */
168 /* Tries to match a guid against its name.
169 Returns the associated string ptr on a match.
170 Formats uuid number and returns the resulting string, if name is unknown.
171 (derived from val_to_str) */
173 guids_resolve_guid_to_str(const e_guid_t *guid)
177 name=guids_get_guid_name(guid);
182 return wmem_strdup_printf(wmem_packet_scope(), "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
183 guid->data1, guid->data2, guid->data3,
184 guid->data4[0], guid->data4[1],
185 guid->data4[2], guid->data4[3],
186 guid->data4[4], guid->data4[5],
187 guid->data4[6], guid->data4[7]);
190 int guid_cmp(const e_guid_t *g1, const e_guid_t *g2)
192 if (g1->data1 != g2->data1) {
193 return (g1->data1 < g2->data1) ? -1 : 1;
196 if (g1->data2 != g2->data2) {
197 return (g1->data2 < g2->data2) ? -1 : 1;
200 if (g1->data3 != g2->data3) {
201 return (g1->data3 < g2->data3) ? -1 : 1;
204 return memcmp(&g1->data4[0], &g2->data4[0], 8);
208 * Editor modelines - http://www.wireshark.org/tools/modelines.html
213 * indent-tabs-mode: t
216 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
217 * :indentSize=8:tabSize=8:noTabs=false: