Replace JSON-GLib by custom JSON dumper library
[metze/wireshark/wip.git] / epan / proto.c
1 /* proto.c
2  * Routines for protocol tree
3  *
4  * Wireshark - Network traffic analyzer
5  * By Gerald Combs <gerald@wireshark.org>
6  * Copyright 1998 Gerald Combs
7  *
8  * SPDX-License-Identifier: GPL-2.0-or-later
9  */
10
11 #include "config.h"
12
13 #include <stdio.h>
14 #include <string.h>
15 #include <glib.h>
16 #include <float.h>
17 #include <errno.h>
18
19 #include <wsutil/bits_ctz.h>
20 #include <wsutil/bits_count_ones.h>
21 #include <wsutil/sign_ext.h>
22 #include <wsutil/utf8_entities.h>
23 #include <wsutil/json_dumper.h>
24
25 #include <ftypes/ftypes-int.h>
26
27 #include "packet.h"
28 #include "exceptions.h"
29 #include "ptvcursor.h"
30 #include "strutil.h"
31 #include "addr_resolv.h"
32 #include "address_types.h"
33 #include "oids.h"
34 #include "proto.h"
35 #include "epan_dissect.h"
36 #include "tvbuff.h"
37 #include "wmem/wmem.h"
38 #include "charsets.h"
39 #include "column-utils.h"
40 #include "to_str-int.h"
41 #include "to_str.h"
42 #include "osi-utils.h"
43 #include "expert.h"
44 #include "show_exception.h"
45 #include "in_cksum.h"
46 #include "register-int.h"
47
48 #include <wsutil/ws_printf.h> /* ws_debug_printf */
49 #include <wsutil/crash_info.h>
50
51 /* Ptvcursor limits */
52 #define SUBTREE_ONCE_ALLOCATION_NUMBER 8
53 #define SUBTREE_MAX_LEVELS 256
54
55 /* Throw an exception if our tree exceeds these. */
56 /* XXX - These should probably be preferences */
57 #define MAX_TREE_ITEMS (1 * 1000 * 1000)
58 #define MAX_TREE_LEVELS (5 * 100)
59
60 typedef struct __subtree_lvl {
61         gint        cursor_offset;
62         proto_item *it;
63         proto_tree *tree;
64 } subtree_lvl;
65
66 struct ptvcursor {
67         subtree_lvl *pushed_tree;
68         guint8       pushed_tree_index;
69         guint8       pushed_tree_max;
70         proto_tree  *tree;
71         tvbuff_t    *tvb;
72         gint         offset;
73 };
74
75 #define cVALS(x) (const value_string*)(x)
76
77 /** See inlined comments.
78  @param tree the tree to append this item to
79  @param free_block a code block to call to free resources if this returns
80  @return NULL if 'tree' is null */
81 #define CHECK_FOR_NULL_TREE_AND_FREE(tree, free_block)                  \
82         if (!tree) {                                                    \
83                 free_block;                                             \
84                 return NULL;                                            \
85         }
86
87 /** See inlined comments.
88  @param tree the tree to append this item to
89  @param free_block a code block to call to free resources if this returns
90  @return NULL if 'tree' is null */
91 #define CHECK_FOR_NULL_TREE(tree) \
92         CHECK_FOR_NULL_TREE_AND_FREE(tree, ((void)0))
93
94 /** See inlined comments.
95  @param tree the tree to append this item to
96  @param hfindex field index
97  @param hfinfo header_field
98  @param free_block a code block to call to free resources if this returns
99  @return the header field matching 'hfinfo' */
100 #define TRY_TO_FAKE_THIS_ITEM_OR_FREE(tree, hfindex, hfinfo, free_block) \
101         /* If this item is not referenced we don't have to do much work \
102            at all but we should still return a node so that field items \
103            below this node (think proto_item_add_subtree()) will still  \
104            have somewhere to attach to or else filtering will not work  \
105            (they would be ignored since tree would be NULL).            \
106            DON'T try to fake a node where PTREE_FINFO(tree) is NULL     \
107            since dissectors that want to do proto_item_set_len() or     \
108            other operations that dereference this would crash.          \
109            We fake FT_PROTOCOL unless some clients have requested us    \
110            not to do so.                                                \
111         */                                                              \
112         PTREE_DATA(tree)->count++;                                      \
113         PROTO_REGISTRAR_GET_NTH(hfindex, hfinfo);                       \
114         if (PTREE_DATA(tree)->count > MAX_TREE_ITEMS) {                 \
115                 free_block;                                             \
116                 if (getenv("WIRESHARK_ABORT_ON_TOO_MANY_ITEMS") != NULL) \
117                         g_error("Adding %s would put more than %d items in the tree -- possible infinite loop", \
118                             hfinfo->abbrev, MAX_TREE_ITEMS);            \
119                 /* Let the exception handler add items to the tree */   \
120                 PTREE_DATA(tree)->count = 0;                            \
121                 THROW_MESSAGE(DissectorError,                           \
122                         wmem_strdup_printf(wmem_packet_scope(),         \
123                             "Adding %s would put more than %d items in the tree -- possible infinite loop", \
124                             hfinfo->abbrev, MAX_TREE_ITEMS));           \
125         }                                                               \
126         if (!(PTREE_DATA(tree)->visible)) {                             \
127                 if (PTREE_FINFO(tree)) {                                \
128                         if ((hfinfo->ref_type != HF_REF_TYPE_DIRECT)    \
129                             && (hfinfo->type != FT_PROTOCOL ||          \
130                                 PTREE_DATA(tree)->fake_protocols)) {    \
131                                 free_block;                             \
132                                 /* just return tree back to the caller */\
133                                 return tree;                            \
134                         }                                               \
135                 }                                                       \
136         }
137
138 /** See inlined comments.
139  @param tree the tree to append this item to
140  @param hfindex field index
141  @param hfinfo header_field
142  @return the header field matching 'hfinfo' */
143 #define TRY_TO_FAKE_THIS_ITEM(tree, hfindex, hfinfo) \
144         TRY_TO_FAKE_THIS_ITEM_OR_FREE(tree, hfindex, hfinfo, ((void)0))
145
146
147 /** See inlined comments.
148  @param pi the created protocol item we're about to return */
149 #define TRY_TO_FAKE_THIS_REPR(pi)       \
150         g_assert(pi);                   \
151         if (!(PTREE_DATA(pi)->visible)) { \
152                 /* If the tree (GUI) isn't visible it's pointless for us to generate the protocol \
153                  * items string representation */ \
154                 return pi; \
155         }
156 /* Same as above but returning void */
157 #define TRY_TO_FAKE_THIS_REPR_VOID(pi)  \
158         if (!pi)                        \
159                 return;                 \
160         if (!(PTREE_DATA(pi)->visible)) { \
161                 /* If the tree (GUI) isn't visible it's pointless for us to generate the protocol \
162                  * items string representation */ \
163                 return; \
164         }
165 /* Similar to above, but allows a NULL tree */
166 #define TRY_TO_FAKE_THIS_REPR_NESTED(pi)        \
167         if ((pi == NULL) || (!(PTREE_DATA(pi)->visible))) { \
168                 /* If the tree (GUI) isn't visible it's pointless for us to generate the protocol \
169                  * items string representation */ \
170                 return pi; \
171         }
172
173 static const char *hf_try_val_to_str(guint32 value, const header_field_info *hfinfo);
174 static const char *hf_try_val64_to_str(guint64 value, const header_field_info *hfinfo);
175 static int hfinfo_container_bitwidth(const header_field_info *hfinfo);
176
177 static void label_mark_truncated(char *label_str, gsize name_pos);
178 #define LABEL_MARK_TRUNCATED_START(label_str) label_mark_truncated(label_str, 0)
179
180 static void fill_label_boolean(field_info *fi, gchar *label_str);
181 static void fill_label_bitfield_char(field_info *fi, gchar *label_str);
182 static void fill_label_bitfield(field_info *fi, gchar *label_str, gboolean is_signed);
183 static void fill_label_bitfield64(field_info *fi, gchar *label_str, gboolean is_signed);
184 static void fill_label_bitfield_varint(field_info *fi, gchar *label_str, gboolean is_signed);
185 static void fill_label_bitfield_varint64(field_info *fi, gchar *label_str, gboolean is_signed);
186 static void fill_label_char(field_info *fi, gchar *label_str);
187 static void fill_label_number(field_info *fi, gchar *label_str, gboolean is_signed);
188 static void fill_label_number64(field_info *fi, gchar *label_str, gboolean is_signed);
189
190 static const char *hfinfo_char_value_format_display(int display, char buf[7], guint32 value);
191 static const char *hfinfo_number_value_format_display(const header_field_info *hfinfo, int display, char buf[32], guint32 value);
192 static const char *hfinfo_number_value_format_display64(const header_field_info *hfinfo, int display, char buf[48], guint64 value);
193 static const char *hfinfo_char_vals_format(const header_field_info *hfinfo, char buf[32], guint32 value);
194 static const char *hfinfo_number_vals_format(const header_field_info *hfinfo, char buf[32], guint32 value);
195 static const char *hfinfo_number_vals_format64(const header_field_info *hfinfo, char buf[48], guint64 value);
196 static const char *hfinfo_number_value_format(const header_field_info *hfinfo, char buf[32], guint32 value);
197 static const char *hfinfo_number_value_format64(const header_field_info *hfinfo, char buf[48], guint64 value);
198 static const char *hfinfo_char_value_format(const header_field_info *hfinfo, char buf[32], guint32 value);
199 static const char *hfinfo_numeric_value_format(const header_field_info *hfinfo, char buf[32], guint32 value);
200 static const char *hfinfo_numeric_value_format64(const header_field_info *hfinfo, char buf[48], guint64 value);
201
202 static void proto_cleanup_base(void);
203
204 static proto_item *
205 proto_tree_add_node(proto_tree *tree, field_info *fi);
206
207 static void
208 get_hfi_length(header_field_info *hfinfo, tvbuff_t *tvb, const gint start, gint *length,
209                 gint *item_length, const guint encoding);
210
211 static gint
212 get_full_length(header_field_info *hfinfo, tvbuff_t *tvb, const gint start,
213                 gint length, guint item_length, const gint encoding);
214
215 static field_info *
216 new_field_info(proto_tree *tree, header_field_info *hfinfo, tvbuff_t *tvb,
217                const gint start, const gint item_length);
218
219 static proto_item *
220 proto_tree_add_pi(proto_tree *tree, header_field_info *hfinfo, tvbuff_t *tvb,
221                   gint start, gint *length);
222
223 static void
224 proto_tree_set_representation_value(proto_item *pi, const char *format, va_list ap);
225 static void
226 proto_tree_set_representation(proto_item *pi, const char *format, va_list ap);
227
228 static void
229 proto_tree_set_protocol_tvb(field_info *fi, tvbuff_t *tvb, const char* field_data);
230 static void
231 proto_tree_set_bytes(field_info *fi, const guint8* start_ptr, gint length);
232 static void
233 proto_tree_set_bytes_tvb(field_info *fi, tvbuff_t *tvb, gint offset, gint length);
234 static void
235 proto_tree_set_bytes_gbytearray(field_info *fi, const GByteArray *value);
236 static void
237 proto_tree_set_time(field_info *fi, const nstime_t *value_ptr);
238 static void
239 proto_tree_set_string(field_info *fi, const char* value);
240 static void
241 proto_tree_set_ax25(field_info *fi, const guint8* value);
242 static void
243 proto_tree_set_ax25_tvb(field_info *fi, tvbuff_t *tvb, gint start);
244 static void
245 proto_tree_set_vines(field_info *fi, const guint8* value);
246 static void
247 proto_tree_set_vines_tvb(field_info *fi, tvbuff_t *tvb, gint start);
248 static void
249 proto_tree_set_ether(field_info *fi, const guint8* value);
250 static void
251 proto_tree_set_ether_tvb(field_info *fi, tvbuff_t *tvb, gint start);
252 static void
253 proto_tree_set_ipxnet(field_info *fi, guint32 value);
254 static void
255 proto_tree_set_ipv4(field_info *fi, guint32 value);
256 static void
257 proto_tree_set_ipv6(field_info *fi, const guint8* value_ptr);
258 static void
259 proto_tree_set_ipv6_tvb(field_info *fi, tvbuff_t *tvb, gint start, gint length);
260 static void
261 proto_tree_set_fcwwn_tvb(field_info *fi, tvbuff_t *tvb, gint start, gint length);
262 static void
263 proto_tree_set_guid(field_info *fi, const e_guid_t *value_ptr);
264 static void
265 proto_tree_set_guid_tvb(field_info *fi, tvbuff_t *tvb, gint start, const guint encoding);
266 static void
267 proto_tree_set_oid(field_info *fi, const guint8* value_ptr, gint length);
268 static void
269 proto_tree_set_oid_tvb(field_info *fi, tvbuff_t *tvb, gint start, gint length);
270 static void
271 proto_tree_set_system_id(field_info *fi, const guint8* value_ptr, gint length);
272 static void
273 proto_tree_set_system_id_tvb(field_info *fi, tvbuff_t *tvb, gint start, gint length);
274 static void
275 proto_tree_set_boolean(field_info *fi, guint64 value);
276 static void
277 proto_tree_set_float(field_info *fi, float value);
278 static void
279 proto_tree_set_double(field_info *fi, double value);
280 static void
281 proto_tree_set_uint(field_info *fi, guint32 value);
282 static void
283 proto_tree_set_int(field_info *fi, gint32 value);
284 static void
285 proto_tree_set_uint64(field_info *fi, guint64 value);
286 static void
287 proto_tree_set_int64(field_info *fi, gint64 value);
288 static void
289 proto_tree_set_eui64(field_info *fi, const guint64 value);
290 static void
291 proto_tree_set_eui64_tvb(field_info *fi, tvbuff_t *tvb, gint start, const guint encoding);
292
293 /* Handle type length mismatch (now filterable) expert info */
294 static int proto_type_length_mismatch = -1;
295 static expert_field ei_type_length_mismatch_error = EI_INIT;
296 static expert_field ei_type_length_mismatch_warn = EI_INIT;
297 static void register_type_length_mismatch(void);
298
299 /* Handle number string decoding errors with expert info */
300 static int proto_number_string_decoding_error = -1;
301 static expert_field ei_number_string_decoding_failed_error = EI_INIT;
302 static expert_field ei_number_string_decoding_erange_error = EI_INIT;
303 static void register_number_string_decoding_error(void);
304
305 /* Handle string errors expert info */
306 static int proto_string_errors = -1;
307 static expert_field ei_string_trailing_characters = EI_INIT;
308 static void register_string_errors(void);
309
310 static int proto_register_field_init(header_field_info *hfinfo, const int parent);
311
312 /* special-case header field used within proto.c */
313 static header_field_info hfi_text_only =
314         { "Text item",  "text", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL };
315 int hf_text_only = -1;
316
317 /* Structure for information about a protocol */
318 struct _protocol {
319         const char *name;               /* long description */
320         const char *short_name;         /* short description */
321         const char *filter_name;        /* name of this protocol in filters */
322         GPtrArray  *fields;             /* fields for this protocol */
323         int         proto_id;           /* field ID for this protocol */
324         gboolean    is_enabled;         /* TRUE if protocol is enabled */
325         gboolean    enabled_by_default; /* TRUE if protocol is enabled by default */
326         gboolean    can_toggle;         /* TRUE if is_enabled can be changed */
327         int         parent_proto_id;    /* Used to identify "pino"s (Protocol In Name Only).
328                                        For dissectors that need a protocol name so they
329                                        can be added to a dissector table, but use the
330                                        parent_proto_id for things like enable/disable */
331         GList      *heur_list;          /* Heuristic dissectors associated with this protocol */
332 };
333
334 /* List of all protocols */
335 static GList *protocols = NULL;
336 static GList *pino_protocols = NULL;
337
338 /* Deregistered fields */
339 static GPtrArray *deregistered_fields = NULL;
340 static GPtrArray *deregistered_data = NULL;
341
342 /* indexed by prefix, contains initializers */
343 static GHashTable* prefixes = NULL;
344
345 /* Contains information about a field when a dissector calls
346  * proto_tree_add_item.  */
347 #define FIELD_INFO_NEW(pool, fi)  fi = wmem_new(pool, field_info)
348 #define FIELD_INFO_FREE(pool, fi) wmem_free(pool, fi)
349
350 /* Contains the space for proto_nodes. */
351 #define PROTO_NODE_INIT(node)                   \
352         node->first_child = NULL;               \
353         node->last_child = NULL;                \
354         node->next = NULL;
355
356 #define PROTO_NODE_FREE(pool, node)                     \
357         wmem_free(pool, node)
358
359 /* String space for protocol and field items for the GUI */
360 #define ITEM_LABEL_NEW(pool, il)                        \
361         il = wmem_new(pool, item_label_t);
362 #define ITEM_LABEL_FREE(pool, il)                       \
363         wmem_free(pool, il);
364
365 #define PROTO_REGISTRAR_GET_NTH(hfindex, hfinfo)                                                \
366         if((guint)hfindex >= gpa_hfinfo.len && getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG"))      \
367                 g_error("Unregistered hf! index=%d", hfindex);                                  \
368         DISSECTOR_ASSERT_HINT((guint)hfindex < gpa_hfinfo.len, "Unregistered hf!");     \
369         DISSECTOR_ASSERT_HINT(gpa_hfinfo.hfi[hfindex] != NULL, "Unregistered hf!");     \
370         hfinfo = gpa_hfinfo.hfi[hfindex];
371
372 /* List which stores protocols and fields that have been registered */
373 typedef struct _gpa_hfinfo_t {
374         guint32             len;
375         guint32             allocated_len;
376         header_field_info **hfi;
377 } gpa_hfinfo_t;
378
379 static gpa_hfinfo_t gpa_hfinfo;
380
381 /* Hash table of abbreviations and IDs */
382 static GHashTable *gpa_name_map = NULL;
383 static header_field_info *same_name_hfinfo;
384
385 /* Hash table protocol aliases. const char * -> const char * */
386 static GHashTable *gpa_protocol_aliases = NULL;
387
388 /*
389  * We're called repeatedly with the same field name when sorting a column.
390  * Cache our last gpa_name_map hit for faster lookups.
391  */
392 static char *last_field_name = NULL;
393 static header_field_info *last_hfinfo;
394
395 static void save_same_name_hfinfo(gpointer data)
396 {
397         same_name_hfinfo = (header_field_info*)data;
398 }
399
400 /* Points to the first element of an array of bits, indexed by
401    a subtree item type; that array element is TRUE if subtrees of
402    an item of that type are to be expanded. */
403 static guint32 *tree_is_expanded;
404
405 /* Number of elements in that array. */
406 int             num_tree_types;
407
408 /* Name hashtables for fast detection of duplicate names */
409 static GHashTable* proto_names        = NULL;
410 static GHashTable* proto_short_names  = NULL;
411 static GHashTable* proto_filter_names = NULL;
412
413 static gint
414 proto_compare_name(gconstpointer p1_arg, gconstpointer p2_arg)
415 {
416         const protocol_t *p1 = (const protocol_t *)p1_arg;
417         const protocol_t *p2 = (const protocol_t *)p2_arg;
418
419         return g_ascii_strcasecmp(p1->short_name, p2->short_name);
420 }
421
422 #ifdef HAVE_PLUGINS
423 static GSList *dissector_plugins = NULL;
424
425 void
426 proto_register_plugin(const proto_plugin *plug)
427 {
428         if (!plug) {
429                 /* XXX print useful warning */
430                 return;
431         }
432         dissector_plugins = g_slist_prepend(dissector_plugins, (proto_plugin *)plug);
433 }
434
435 static void
436 call_plugin_register_protoinfo(gpointer data, gpointer user_data _U_)
437 {
438         proto_plugin *plug = (proto_plugin *)data;
439
440         if (plug->register_protoinfo) {
441                 plug->register_protoinfo();
442         }
443 }
444
445 static void
446 call_plugin_register_handoff(gpointer data, gpointer user_data _U_)
447 {
448         proto_plugin *plug = (proto_plugin *)data;
449
450         if (plug->register_handoff) {
451                 plug->register_handoff();
452         }
453 }
454 #endif /* HAVE_PLUGINS */
455
456 /* initialize data structures and register protocols and fields */
457 void
458 proto_init(GSList *register_all_plugin_protocols_list,
459            GSList *register_all_plugin_handoffs_list,
460            register_cb cb,
461            gpointer client_data)
462 {
463         proto_cleanup_base();
464
465         proto_names        = g_hash_table_new(g_str_hash, g_str_equal);
466         proto_short_names  = g_hash_table_new(g_str_hash, g_str_equal);
467         proto_filter_names = g_hash_table_new(g_str_hash, g_str_equal);
468
469         gpa_hfinfo.len           = 0;
470         gpa_hfinfo.allocated_len = 0;
471         gpa_hfinfo.hfi           = NULL;
472         gpa_name_map             = g_hash_table_new_full(g_str_hash, g_str_equal, NULL, save_same_name_hfinfo);
473         gpa_protocol_aliases     = g_hash_table_new(g_str_hash, g_str_equal);
474         deregistered_fields      = g_ptr_array_new();
475         deregistered_data        = g_ptr_array_new();
476
477         /* Initialize the ftype subsystem */
478         ftypes_initialize();
479
480         /* Initialize the addres type subsystem */
481         address_types_initialize();
482
483         /* Register one special-case FT_TEXT_ONLY field for use when
484            converting wireshark to new-style proto_tree. These fields
485            are merely strings on the GUI tree; they are not filterable */
486         hf_text_only = proto_register_field_init(&hfi_text_only, -1);
487
488         /* Register the pseudo-protocols used for exceptions. */
489         register_show_exception();
490         register_type_length_mismatch();
491         register_number_string_decoding_error();
492         register_string_errors();
493
494         /* Have each built-in dissector register its protocols, fields,
495            dissector tables, and dissectors to be called through a
496            handle, and do whatever one-time initialization it needs to
497            do. */
498         register_all_protocols(cb, client_data);
499
500         /* Now call the registration routines for all epan plugins. */
501         for (GSList *l = register_all_plugin_protocols_list; l != NULL; l = l->next) {
502                 ((void (*)(register_cb, gpointer))l->data)(cb, client_data);
503         }
504
505 #ifdef HAVE_PLUGINS
506         /* Now call the registration routines for all dissector plugins. */
507         if (cb)
508                 (*cb)(RA_PLUGIN_REGISTER, NULL, client_data);
509         g_slist_foreach(dissector_plugins, call_plugin_register_protoinfo, NULL);
510 #endif
511
512         /* Now call the "handoff registration" routines of all built-in
513            dissectors; those routines register the dissector in other
514            dissectors' handoff tables, and fetch any dissector handles
515            they need. */
516         register_all_protocol_handoffs(cb, client_data);
517
518         /* Now do the same with epan plugins. */
519         for (GSList *l = register_all_plugin_handoffs_list; l != NULL; l = l->next) {
520                 ((void (*)(register_cb, gpointer))l->data)(cb, client_data);
521         }
522
523 #ifdef HAVE_PLUGINS
524         /* Now do the same with dissector plugins. */
525         if (cb)
526                 (*cb)(RA_PLUGIN_HANDOFF, NULL, client_data);
527         g_slist_foreach(dissector_plugins, call_plugin_register_handoff, NULL);
528 #endif
529
530         /* sort the protocols by protocol name */
531         protocols = g_list_sort(protocols, proto_compare_name);
532
533         /* We've assigned all the subtree type values; allocate the array
534            for them, and zero it out. */
535         tree_is_expanded = g_new0(guint32, (num_tree_types/32)+1);
536 }
537
538 static void
539 proto_cleanup_base(void)
540 {
541         protocol_t *protocol;
542         header_field_info *hfinfo;
543
544         /* Free the abbrev/ID hash table */
545         if (gpa_name_map) {
546                 g_hash_table_destroy(gpa_name_map);
547                 gpa_name_map = NULL;
548         }
549         if (gpa_protocol_aliases) {
550                 g_hash_table_destroy(gpa_protocol_aliases);
551                 gpa_protocol_aliases = NULL;
552         }
553         g_free(last_field_name);
554         last_field_name = NULL;
555
556         while (protocols) {
557                 protocol = (protocol_t *)protocols->data;
558                 PROTO_REGISTRAR_GET_NTH(protocol->proto_id, hfinfo);
559                 DISSECTOR_ASSERT(protocol->proto_id == hfinfo->id);
560
561                 g_slice_free(header_field_info, hfinfo);
562                 if (protocol->fields) {
563                         g_ptr_array_free(protocol->fields, TRUE);
564                 }
565                 g_list_free(protocol->heur_list);
566                 protocols = g_list_remove(protocols, protocol);
567                 g_free(protocol);
568         }
569
570         while (pino_protocols) {
571                 protocol = (protocol_t *)pino_protocols->data;
572                 PROTO_REGISTRAR_GET_NTH(protocol->proto_id, hfinfo);
573                 DISSECTOR_ASSERT(protocol->proto_id == hfinfo->id);
574                 DISSECTOR_ASSERT(protocol->fields == NULL); //helpers should not have any registered fields
575                 g_slice_free(header_field_info, hfinfo);
576                 DISSECTOR_ASSERT(protocol->heur_list == NULL); //helpers should not have a heuristic list
577                 pino_protocols = g_list_remove(pino_protocols, protocol);
578                 g_free(protocol);
579         }
580
581         if (proto_names) {
582                 g_hash_table_destroy(proto_names);
583                 proto_names = NULL;
584         }
585
586         if (proto_short_names) {
587                 g_hash_table_destroy(proto_short_names);
588                 proto_short_names = NULL;
589         }
590
591         if (proto_filter_names) {
592                 g_hash_table_destroy(proto_filter_names);
593                 proto_filter_names = NULL;
594         }
595
596         if (gpa_hfinfo.allocated_len) {
597                 gpa_hfinfo.len           = 0;
598                 gpa_hfinfo.allocated_len = 0;
599                 g_free(gpa_hfinfo.hfi);
600                 gpa_hfinfo.hfi           = NULL;
601         }
602
603         if (deregistered_fields) {
604                 g_ptr_array_free(deregistered_fields, TRUE);
605                 deregistered_fields = NULL;
606         }
607
608         if (deregistered_data) {
609                 g_ptr_array_free(deregistered_data, TRUE);
610                 deregistered_data = NULL;
611         }
612
613         g_free(tree_is_expanded);
614         tree_is_expanded = NULL;
615
616         if (prefixes)
617                 g_hash_table_destroy(prefixes);
618 }
619
620 void
621 proto_cleanup(void)
622 {
623         proto_free_deregistered_fields();
624         proto_cleanup_base();
625
626 #ifdef HAVE_PLUGINS
627         g_slist_free(dissector_plugins);
628         dissector_plugins = NULL;
629 #endif
630 }
631
632 static gboolean
633 proto_tree_traverse_pre_order(proto_tree *tree, proto_tree_traverse_func func,
634                               gpointer data)
635 {
636         proto_node *pnode = tree;
637         proto_node *child;
638         proto_node *current;
639
640         if (func(pnode, data))
641                 return TRUE;
642
643         child = pnode->first_child;
644         while (child != NULL) {
645                 /*
646                  * The routine we call might modify the child, e.g. by
647                  * freeing it, so we get the child's successor before
648                  * calling that routine.
649                  */
650                 current = child;
651                 child   = current->next;
652                 if (proto_tree_traverse_pre_order((proto_tree *)current, func, data))
653                         return TRUE;
654         }
655
656         return FALSE;
657 }
658
659 gboolean
660 proto_tree_traverse_post_order(proto_tree *tree, proto_tree_traverse_func func,
661                                gpointer data)
662 {
663         proto_node *pnode = tree;
664         proto_node *child;
665         proto_node *current;
666
667         child = pnode->first_child;
668         while (child != NULL) {
669                 /*
670                  * The routine we call might modify the child, e.g. by
671                  * freeing it, so we get the child's successor before
672                  * calling that routine.
673                  */
674                 current = child;
675                 child   = current->next;
676                 if (proto_tree_traverse_post_order((proto_tree *)current, func, data))
677                         return TRUE;
678         }
679         if (func(pnode, data))
680                 return TRUE;
681
682         return FALSE;
683 }
684
685 void
686 proto_tree_children_foreach(proto_tree *tree, proto_tree_foreach_func func,
687                             gpointer data)
688 {
689         proto_node *node = tree;
690         proto_node *current;
691
692         if (!node)
693                 return;
694
695         node = node->first_child;
696         while (node != NULL) {
697                 current = node;
698                 node    = current->next;
699                 func((proto_tree *)current, data);
700         }
701 }
702
703 static void
704 free_GPtrArray_value(gpointer key, gpointer value, gpointer user_data _U_)
705 {
706         GPtrArray         *ptrs = (GPtrArray *)value;
707         gint               hfid = GPOINTER_TO_UINT(key);
708         header_field_info *hfinfo;
709
710         PROTO_REGISTRAR_GET_NTH(hfid, hfinfo);
711         if (hfinfo->ref_type != HF_REF_TYPE_NONE) {
712                 /* when a field is referenced by a filter this also
713                    affects the refcount for the parent protocol so we need
714                    to adjust the refcount for the parent as well
715                 */
716                 if (hfinfo->parent != -1) {
717                         header_field_info *parent_hfinfo;
718                         PROTO_REGISTRAR_GET_NTH(hfinfo->parent, parent_hfinfo);
719                         parent_hfinfo->ref_type = HF_REF_TYPE_NONE;
720                 }
721                 hfinfo->ref_type = HF_REF_TYPE_NONE;
722         }
723
724         g_ptr_array_free(ptrs, TRUE);
725 }
726
727 static void
728 proto_tree_free_node(proto_node *node, gpointer data _U_)
729 {
730         field_info *finfo  = PNODE_FINFO(node);
731
732         proto_tree_children_foreach(node, proto_tree_free_node, NULL);
733
734         FVALUE_CLEANUP(&finfo->value);
735 }
736
737 void
738 proto_tree_reset(proto_tree *tree)
739 {
740         tree_data_t *tree_data = PTREE_DATA(tree);
741
742         proto_tree_children_foreach(tree, proto_tree_free_node, NULL);
743
744         /* free tree data */
745         if (tree_data->interesting_hfids) {
746                 /* Free all the GPtrArray's in the interesting_hfids hash. */
747                 g_hash_table_foreach(tree_data->interesting_hfids,
748                         free_GPtrArray_value, NULL);
749
750                 /* And then remove all values. */
751                 g_hash_table_remove_all(tree_data->interesting_hfids);
752         }
753
754         /* Reset track of the number of children */
755         tree_data->count = 0;
756
757         PROTO_NODE_INIT(tree);
758 }
759
760 /* frees the resources that the dissection a proto_tree uses */
761 void
762 proto_tree_free(proto_tree *tree)
763 {
764         tree_data_t *tree_data = PTREE_DATA(tree);
765
766         proto_tree_children_foreach(tree, proto_tree_free_node, NULL);
767
768         /* free tree data */
769         if (tree_data->interesting_hfids) {
770                 /* Free all the GPtrArray's in the interesting_hfids hash. */
771                 g_hash_table_foreach(tree_data->interesting_hfids,
772                         free_GPtrArray_value, NULL);
773
774                 /* And then destroy the hash. */
775                 g_hash_table_destroy(tree_data->interesting_hfids);
776         }
777
778         g_slice_free(tree_data_t, tree_data);
779
780         g_slice_free(proto_tree, tree);
781 }
782
783 /* Is the parsing being done for a visible proto_tree or an invisible one?
784  * By setting this correctly, the proto_tree creation is sped up by not
785  * having to call g_vsnprintf and copy strings around.
786  */
787 gboolean
788 proto_tree_set_visible(proto_tree *tree, gboolean visible)
789 {
790         gboolean old_visible = PTREE_DATA(tree)->visible;
791
792         PTREE_DATA(tree)->visible = visible;
793
794         return old_visible;
795 }
796
797 void
798 proto_tree_set_fake_protocols(proto_tree *tree, gboolean fake_protocols)
799 {
800         PTREE_DATA(tree)->fake_protocols = fake_protocols;
801 }
802
803 /* Assume dissector set only its protocol fields.
804    This function is called by dissectors and allows the speeding up of filtering
805    in wireshark; if this function returns FALSE it is safe to reset tree to NULL
806    and thus skip calling most of the expensive proto_tree_add_...()
807    functions.
808    If the tree is visible we implicitly assume the field is referenced.
809 */
810 gboolean
811 proto_field_is_referenced(proto_tree *tree, int proto_id)
812 {
813         register header_field_info *hfinfo;
814
815
816         if (!tree)
817                 return FALSE;
818
819         if (PTREE_DATA(tree)->visible)
820                 return TRUE;
821
822         PROTO_REGISTRAR_GET_NTH(proto_id, hfinfo);
823         if (hfinfo->ref_type != HF_REF_TYPE_NONE)
824                 return TRUE;
825
826         if (hfinfo->type == FT_PROTOCOL && !PTREE_DATA(tree)->fake_protocols)
827                 return TRUE;
828
829         return FALSE;
830 }
831
832
833 /* Finds a record in the hfinfo array by id. */
834 header_field_info *
835 proto_registrar_get_nth(guint hfindex)
836 {
837         register header_field_info *hfinfo;
838
839         PROTO_REGISTRAR_GET_NTH(hfindex, hfinfo);
840         return hfinfo;
841 }
842
843
844 /*      Prefix initialization
845  *        this allows for a dissector to register a display filter name prefix
846  *        so that it can delay the initialization of the hf array as long as
847  *        possible.
848  */
849
850 /* compute a hash for the part before the dot of a display filter */
851 static guint
852 prefix_hash (gconstpointer key) {
853         /* end the string at the dot and compute its hash */
854         gchar* copy = g_strdup((const gchar *)key);
855         gchar* c    = copy;
856         guint tmp;
857
858         for (; *c; c++) {
859                 if (*c == '.') {
860                         *c = 0;
861                         break;
862                 }
863         }
864
865         tmp = g_str_hash(copy);
866         g_free(copy);
867         return tmp;
868 }
869
870 /* are both strings equal up to the end or the dot? */
871 static gboolean
872 prefix_equal (gconstpointer ap, gconstpointer bp) {
873         const gchar* a = (const gchar *)ap;
874         const gchar* b = (const gchar *)bp;
875
876         do {
877                 gchar ac = *a++;
878                 gchar bc = *b++;
879
880                 if ( (ac == '.' || ac == '\0') &&   (bc == '.' || bc == '\0') ) return TRUE;
881
882                 if ( (ac == '.' || ac == '\0') && ! (bc == '.' || bc == '\0') ) return FALSE;
883                 if ( (bc == '.' || bc == '\0') && ! (ac == '.' || ac == '\0') ) return FALSE;
884
885                 if (ac != bc) return FALSE;
886         } while (1);
887
888         return FALSE;
889 }
890
891 /* Register a new prefix for "delayed" initialization of field arrays */
892 void
893 proto_register_prefix(const char *prefix, prefix_initializer_t pi ) {
894         if (! prefixes ) {
895                 prefixes = g_hash_table_new(prefix_hash, prefix_equal);
896         }
897
898         g_hash_table_insert(prefixes, (gpointer)prefix, (gpointer)pi);
899 }
900
901 /* helper to call all prefix initializers */
902 static gboolean
903 initialize_prefix(gpointer k, gpointer v, gpointer u _U_) {
904         ((prefix_initializer_t)v)((const char *)k);
905         return TRUE;
906 }
907
908 /** Initialize every remaining uninitialized prefix. */
909 void
910 proto_initialize_all_prefixes(void) {
911         g_hash_table_foreach_remove(prefixes, initialize_prefix, NULL);
912 }
913
914 /* Finds a record in the hfinfo array by name.
915  * If it fails to find it in the already registered fields,
916  * it tries to find and call an initializer in the prefixes
917  * table and if so it looks again.
918  */
919
920 header_field_info *
921 proto_registrar_get_byname(const char *field_name)
922 {
923         header_field_info    *hfinfo;
924         prefix_initializer_t  pi;
925
926         if (!field_name)
927                 return NULL;
928
929         if (g_strcmp0(field_name, last_field_name) == 0) {
930                 return last_hfinfo;
931         }
932
933         hfinfo = (header_field_info *)g_hash_table_lookup(gpa_name_map, field_name);
934
935         if (hfinfo) {
936                 g_free(last_field_name);
937                 last_field_name = g_strdup(field_name);
938                 last_hfinfo = hfinfo;
939                 return hfinfo;
940         }
941
942         if (!prefixes)
943                 return NULL;
944
945         if ((pi = (prefix_initializer_t)g_hash_table_lookup(prefixes, field_name) ) != NULL) {
946                 pi(field_name);
947                 g_hash_table_remove(prefixes, field_name);
948         } else {
949                 return NULL;
950         }
951
952         hfinfo = (header_field_info *)g_hash_table_lookup(gpa_name_map, field_name);
953
954         if (hfinfo) {
955                 g_free(last_field_name);
956                 last_field_name = g_strdup(field_name);
957                 last_hfinfo = hfinfo;
958         }
959         return hfinfo;
960 }
961
962 header_field_info*
963 proto_registrar_get_byalias(const char *alias_name)
964 {
965         if (!alias_name) {
966                 return NULL;
967         }
968
969         /* Find our aliased protocol. */
970         char *an_copy = g_strdup(alias_name);
971         char *dot = strchr(an_copy, '.');
972         if (dot) {
973                 *dot = '\0';
974         }
975         const char *proto_pfx = (const char *) g_hash_table_lookup(gpa_protocol_aliases, an_copy);
976         if (!proto_pfx) {
977                 g_free(an_copy);
978                 return NULL;
979         }
980
981         /* Construct our aliased field and look it up. */
982         GString *filter_name = g_string_new(proto_pfx);
983         if (dot) {
984                 g_string_append_printf(filter_name, ".%s", dot+1);
985         }
986         header_field_info *hfinfo = proto_registrar_get_byname(filter_name->str);
987         g_free(an_copy);
988         g_string_free(filter_name, TRUE);
989
990         return hfinfo;
991 }
992
993 int
994 proto_registrar_get_id_byname(const char *field_name)
995 {
996         header_field_info *hfinfo;
997
998         hfinfo = proto_registrar_get_byname(field_name);
999
1000         if (!hfinfo)
1001                 return -1;
1002
1003         return hfinfo->id;
1004 }
1005
1006
1007 static void
1008 ptvcursor_new_subtree_levels(ptvcursor_t *ptvc)
1009 {
1010         subtree_lvl *pushed_tree;
1011
1012         DISSECTOR_ASSERT(ptvc->pushed_tree_max <= SUBTREE_MAX_LEVELS-SUBTREE_ONCE_ALLOCATION_NUMBER);
1013         ptvc->pushed_tree_max += SUBTREE_ONCE_ALLOCATION_NUMBER;
1014
1015         pushed_tree = (subtree_lvl *)wmem_alloc(wmem_packet_scope(), sizeof(subtree_lvl) * ptvc->pushed_tree_max);
1016         DISSECTOR_ASSERT(pushed_tree != NULL);
1017         if (ptvc->pushed_tree)
1018                 memcpy(pushed_tree, ptvc->pushed_tree, ptvc->pushed_tree_max - SUBTREE_ONCE_ALLOCATION_NUMBER);
1019         ptvc->pushed_tree = pushed_tree;
1020 }
1021
1022 static void
1023 ptvcursor_free_subtree_levels(ptvcursor_t *ptvc)
1024 {
1025         ptvc->pushed_tree       = NULL;
1026         ptvc->pushed_tree_max   = 0;
1027         DISSECTOR_ASSERT(ptvc->pushed_tree_index == 0);
1028         ptvc->pushed_tree_index = 0;
1029 }
1030
1031 /* Allocates an initializes a ptvcursor_t with 3 variables:
1032  *      proto_tree, tvbuff, and offset. */
1033 ptvcursor_t *
1034 ptvcursor_new(proto_tree *tree, tvbuff_t *tvb, gint offset)
1035 {
1036         ptvcursor_t *ptvc;
1037
1038         ptvc                    = (ptvcursor_t *)wmem_alloc(wmem_packet_scope(), sizeof(ptvcursor_t));
1039         ptvc->tree              = tree;
1040         ptvc->tvb               = tvb;
1041         ptvc->offset            = offset;
1042         ptvc->pushed_tree       = NULL;
1043         ptvc->pushed_tree_max   = 0;
1044         ptvc->pushed_tree_index = 0;
1045         return ptvc;
1046 }
1047
1048
1049 /* Frees memory for ptvcursor_t, but nothing deeper than that. */
1050 void
1051 ptvcursor_free(ptvcursor_t *ptvc)
1052 {
1053         ptvcursor_free_subtree_levels(ptvc);
1054         /*g_free(ptvc);*/
1055 }
1056
1057 /* Returns tvbuff. */
1058 tvbuff_t *
1059 ptvcursor_tvbuff(ptvcursor_t *ptvc)
1060 {
1061         return ptvc->tvb;
1062 }
1063
1064 /* Returns current offset. */
1065 gint
1066 ptvcursor_current_offset(ptvcursor_t *ptvc)
1067 {
1068         return ptvc->offset;
1069 }
1070
1071 proto_tree *
1072 ptvcursor_tree(ptvcursor_t *ptvc)
1073 {
1074         if (!ptvc)
1075                 return NULL;
1076
1077         return ptvc->tree;
1078 }
1079
1080 void
1081 ptvcursor_set_tree(ptvcursor_t *ptvc, proto_tree *tree)
1082 {
1083         ptvc->tree = tree;
1084 }
1085
1086 /* creates a subtree, sets it as the working tree and pushes the old working tree */
1087 proto_tree *
1088 ptvcursor_push_subtree(ptvcursor_t *ptvc, proto_item *it, gint ett_subtree)
1089 {
1090         subtree_lvl *subtree;
1091         if (ptvc->pushed_tree_index >= ptvc->pushed_tree_max)
1092                 ptvcursor_new_subtree_levels(ptvc);
1093
1094         subtree = ptvc->pushed_tree + ptvc->pushed_tree_index;
1095         subtree->tree = ptvc->tree;
1096         subtree->it= NULL;
1097         ptvc->pushed_tree_index++;
1098         return ptvcursor_set_subtree(ptvc, it, ett_subtree);
1099 }
1100
1101 /* pops a subtree */
1102 void
1103 ptvcursor_pop_subtree(ptvcursor_t *ptvc)
1104 {
1105         subtree_lvl *subtree;
1106
1107         if (ptvc->pushed_tree_index <= 0)
1108                 return;
1109
1110         ptvc->pushed_tree_index--;
1111         subtree = ptvc->pushed_tree + ptvc->pushed_tree_index;
1112         if (subtree->it != NULL)
1113                 proto_item_set_len(subtree->it, ptvcursor_current_offset(ptvc) - subtree->cursor_offset);
1114
1115         ptvc->tree = subtree->tree;
1116 }
1117
1118 /* saves the current tvb offset and the item in the current subtree level */
1119 static void
1120 ptvcursor_subtree_set_item(ptvcursor_t *ptvc, proto_item *it)
1121 {
1122         subtree_lvl *subtree;
1123
1124         DISSECTOR_ASSERT(ptvc->pushed_tree_index > 0);
1125
1126         subtree                = ptvc->pushed_tree + ptvc->pushed_tree_index - 1;
1127         subtree->it            = it;
1128         subtree->cursor_offset = ptvcursor_current_offset(ptvc);
1129 }
1130
1131 /* Creates a subtree and adds it to the cursor as the working tree but does not
1132  * save the old working tree */
1133 proto_tree *
1134 ptvcursor_set_subtree(ptvcursor_t *ptvc, proto_item *it, gint ett_subtree)
1135 {
1136         ptvc->tree = proto_item_add_subtree(it, ett_subtree);
1137         return ptvc->tree;
1138 }
1139
1140 static proto_tree *
1141 ptvcursor_add_subtree_item(ptvcursor_t *ptvc, proto_item *it, gint ett_subtree, gint length)
1142 {
1143         ptvcursor_push_subtree(ptvc, it, ett_subtree);
1144         if (length == SUBTREE_UNDEFINED_LENGTH)
1145                 ptvcursor_subtree_set_item(ptvc, it);
1146         return ptvcursor_tree(ptvc);
1147 }
1148
1149 /* Add an item to the tree and create a subtree
1150  * If the length is unknown, length may be defined as SUBTREE_UNDEFINED_LENGTH.
1151  * In this case, when the subtree will be closed, the parent item length will
1152  * be equal to the advancement of the cursor since the creation of the subtree.
1153  */
1154 proto_tree *
1155 ptvcursor_add_with_subtree(ptvcursor_t *ptvc, int hfindex, gint length,
1156                            const guint encoding, gint ett_subtree)
1157 {
1158         proto_item *it;
1159
1160         it = ptvcursor_add_no_advance(ptvc, hfindex, length, encoding);
1161         return ptvcursor_add_subtree_item(ptvc, it, ett_subtree, length);
1162 }
1163
1164 static proto_item *
1165 proto_tree_add_text_node(proto_tree *tree, tvbuff_t *tvb, gint start, gint length);
1166
1167 /* Add a text node to the tree and create a subtree
1168  * If the length is unknown, length may be defined as SUBTREE_UNDEFINED_LENGTH.
1169  * In this case, when the subtree will be closed, the item length will be equal
1170  * to the advancement of the cursor since the creation of the subtree.
1171  */
1172 proto_tree *
1173 ptvcursor_add_text_with_subtree(ptvcursor_t *ptvc, gint length,
1174                                 gint ett_subtree, const char *format, ...)
1175 {
1176         proto_item        *pi;
1177         va_list            ap;
1178         header_field_info *hfinfo;
1179         proto_tree        *tree;
1180
1181         tree = ptvcursor_tree(ptvc);
1182
1183         CHECK_FOR_NULL_TREE(tree);
1184
1185         TRY_TO_FAKE_THIS_ITEM(tree, hf_text_only, hfinfo);
1186
1187         pi = proto_tree_add_text_node(tree, ptvcursor_tvbuff(ptvc),
1188                                       ptvcursor_current_offset(ptvc), length);
1189
1190         TRY_TO_FAKE_THIS_REPR(pi);
1191
1192         va_start(ap, format);
1193         proto_tree_set_representation(pi, format, ap);
1194         va_end(ap);
1195
1196         return ptvcursor_add_subtree_item(ptvc, pi, ett_subtree, length);
1197 }
1198
1199 /* Add a text-only node, leaving it to our caller to fill the text in */
1200 static proto_item *
1201 proto_tree_add_text_node(proto_tree *tree, tvbuff_t *tvb, gint start, gint length)
1202 {
1203         proto_item *pi;
1204
1205         if (tree == NULL)
1206                 return NULL;
1207
1208         pi = proto_tree_add_pi(tree, &hfi_text_only, tvb, start, &length);
1209
1210         return pi;
1211 }
1212
1213 /* (INTERNAL USE ONLY) Add a text-only node to the proto_tree */
1214 proto_item *
1215 proto_tree_add_text_internal(proto_tree *tree, tvbuff_t *tvb, gint start, gint length,
1216                     const char *format, ...)
1217 {
1218         proto_item        *pi;
1219         va_list            ap;
1220         header_field_info *hfinfo;
1221
1222         if (length == -1) {
1223                 length = tvb_captured_length(tvb) ? tvb_ensure_captured_length_remaining(tvb, start) : 0;
1224         } else {
1225                 tvb_ensure_bytes_exist(tvb, start, length);
1226         }
1227
1228         CHECK_FOR_NULL_TREE(tree);
1229
1230         TRY_TO_FAKE_THIS_ITEM(tree, hf_text_only, hfinfo);
1231
1232         pi = proto_tree_add_text_node(tree, tvb, start, length);
1233
1234         TRY_TO_FAKE_THIS_REPR(pi);
1235
1236         va_start(ap, format);
1237         proto_tree_set_representation(pi, format, ap);
1238         va_end(ap);
1239
1240         return pi;
1241 }
1242
1243 /* (INTERNAL USE ONLY) Add a text-only node to the proto_tree (va_list version) */
1244 proto_item *
1245 proto_tree_add_text_valist_internal(proto_tree *tree, tvbuff_t *tvb, gint start,
1246                            gint length, const char *format, va_list ap)
1247 {
1248         proto_item        *pi;
1249         header_field_info *hfinfo;
1250
1251         if (length == -1) {
1252                 length = tvb_captured_length(tvb) ? tvb_ensure_captured_length_remaining(tvb, start) : 0;
1253         } else {
1254                 tvb_ensure_bytes_exist(tvb, start, length);
1255         }
1256
1257         CHECK_FOR_NULL_TREE(tree);
1258
1259         TRY_TO_FAKE_THIS_ITEM(tree, hf_text_only, hfinfo);
1260
1261         pi = proto_tree_add_text_node(tree, tvb, start, length);
1262
1263         TRY_TO_FAKE_THIS_REPR(pi);
1264
1265         proto_tree_set_representation(pi, format, ap);
1266
1267         return pi;
1268 }
1269
1270 /* Add a text-only node that creates a subtree underneath.
1271  */
1272 proto_tree *
1273 proto_tree_add_subtree(proto_tree *tree, tvbuff_t *tvb, gint start, gint length, gint idx, proto_item **tree_item, const char *text)
1274 {
1275         return proto_tree_add_subtree_format(tree, tvb, start, length, idx, tree_item, "%s", text);
1276 }
1277
1278 /* Add a text-only node that creates a subtree underneath.
1279  */
1280 proto_tree *
1281 proto_tree_add_subtree_format(proto_tree *tree, tvbuff_t *tvb, gint start, gint length, gint idx, proto_item **tree_item, const char *format, ...)
1282 {
1283         proto_tree *pt;
1284         proto_item *pi;
1285         va_list     ap;
1286
1287         va_start(ap, format);
1288         pi = proto_tree_add_text_valist_internal(tree, tvb, start, length, format, ap);
1289         va_end(ap);
1290
1291         if (tree_item != NULL)
1292                 *tree_item = pi;
1293
1294         pt = proto_item_add_subtree(pi, idx);
1295
1296         return pt;
1297 }
1298
1299 /* Add a text-only node for debugging purposes. The caller doesn't need
1300  * to worry about tvbuff, start, or length. Debug message gets sent to
1301  * STDOUT, too */
1302 proto_item *
1303 proto_tree_add_debug_text(proto_tree *tree, const char *format, ...)
1304 {
1305         proto_item *pi;
1306         va_list     ap;
1307
1308         pi = proto_tree_add_text_node(tree, NULL, 0, 0);
1309
1310         if (pi) {
1311                 va_start(ap, format);
1312                 proto_tree_set_representation(pi, format, ap);
1313                 va_end(ap);
1314         }
1315         va_start(ap, format);
1316         vprintf(format, ap);
1317         va_end(ap);
1318         ws_debug_printf("\n");
1319
1320         return pi;
1321 }
1322
1323 proto_item *
1324 proto_tree_add_format_text(proto_tree *tree, tvbuff_t *tvb, gint start, gint length)
1325 {
1326         proto_item        *pi;
1327         header_field_info *hfinfo;
1328
1329         CHECK_FOR_NULL_TREE(tree);
1330
1331         TRY_TO_FAKE_THIS_ITEM(tree, hf_text_only, hfinfo);
1332
1333         pi = proto_tree_add_text_node(tree, tvb, start, length);
1334
1335         TRY_TO_FAKE_THIS_REPR(pi);
1336
1337         proto_item_set_text(pi, "%s", tvb_format_text(tvb, start, length));
1338
1339         return pi;
1340 }
1341
1342 proto_item *
1343 proto_tree_add_format_wsp_text(proto_tree *tree, tvbuff_t *tvb, gint start, gint length)
1344 {
1345         proto_item        *pi;
1346         header_field_info *hfinfo;
1347         gchar             *str;
1348
1349         CHECK_FOR_NULL_TREE(tree);
1350
1351         TRY_TO_FAKE_THIS_ITEM(tree, hf_text_only, hfinfo);
1352
1353         pi = proto_tree_add_text_node(tree, tvb, start, length);
1354
1355         TRY_TO_FAKE_THIS_REPR(pi);
1356
1357         str = tvb_format_text_wsp(NULL, tvb, start, length);
1358         proto_item_set_text(pi, "%s", str);
1359         wmem_free(NULL, str);
1360
1361         return pi;
1362 }
1363
1364 void proto_report_dissector_bug(const char *format, ...)
1365 {
1366         va_list args;
1367
1368         if (getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL) {
1369                 /*
1370                  * Try to have the error message show up in the crash
1371                  * information.
1372                  */
1373                 va_start(args, format);
1374                 ws_vadd_crash_info(format, args);
1375                 va_end(args);
1376
1377                 /*
1378                  * Print the error message.
1379                  */
1380                 va_start(args, format);
1381                 vfprintf(stderr, format, args);
1382                 va_end(args);
1383                 putc('\n', stderr);
1384
1385                 /*
1386                  * And crash.
1387                  */
1388                 abort();
1389         } else {
1390                 va_start(args, format);
1391                 VTHROW_FORMATTED(DissectorError, format, args);
1392                 va_end(args);
1393         }
1394 }
1395
1396 /* We could probably get away with changing is_error to a minimum length value. */
1397 static void
1398 report_type_length_mismatch(proto_tree *tree, const gchar *descr, int length, gboolean is_error) {
1399
1400         if (is_error) {
1401                 expert_add_info_format(NULL, tree, &ei_type_length_mismatch_error, "Trying to fetch %s with length %d", descr, length);
1402         } else {
1403                 expert_add_info_format(NULL, tree, &ei_type_length_mismatch_warn, "Trying to fetch %s with length %d", descr, length);
1404         }
1405
1406         if (is_error) {
1407                 THROW(ReportedBoundsError);
1408         }
1409 }
1410
1411 static guint32
1412 get_uint_value(proto_tree *tree, tvbuff_t *tvb, gint offset, gint length, const guint encoding)
1413 {
1414         guint32 value;
1415         gboolean length_error;
1416
1417         switch (length) {
1418
1419         case 1:
1420                 value = tvb_get_guint8(tvb, offset);
1421                 if (encoding & ENC_ZIGBEE) {
1422                         if (value == 0xFF) { /* Invalid Zigbee length, set to 0 */
1423                                 value = 0;
1424                         }
1425                 }
1426                 break;
1427
1428         case 2:
1429                 value = (encoding & ENC_LITTLE_ENDIAN) ? tvb_get_letohs(tvb, offset)
1430                                                        : tvb_get_ntohs(tvb, offset);
1431                 if (encoding & ENC_ZIGBEE) {
1432                         if (value == 0xFFFF) { /* Invalid Zigbee length, set to 0 */
1433                                 value = 0;
1434                         }
1435                 }
1436                 break;
1437
1438         case 3:
1439                 value = (encoding & ENC_LITTLE_ENDIAN) ? tvb_get_letoh24(tvb, offset)
1440                                                        : tvb_get_ntoh24(tvb, offset);
1441                 break;
1442
1443         case 4:
1444                 value = (encoding & ENC_LITTLE_ENDIAN) ? tvb_get_letohl(tvb, offset)
1445                                                        : tvb_get_ntohl(tvb, offset);
1446                 break;
1447
1448         default:
1449                 if (length < 1) {
1450                         length_error = TRUE;
1451                         value = 0;
1452                 } else {
1453                         length_error = FALSE;
1454                         value = (encoding & ENC_LITTLE_ENDIAN) ? tvb_get_letohl(tvb, offset)
1455                                                                : tvb_get_ntohl(tvb, offset);
1456                 }
1457                 report_type_length_mismatch(tree, "an unsigned integer", length, length_error);
1458                 break;
1459         }
1460         return value;
1461 }
1462
1463 static inline guint64
1464 get_uint64_value(proto_tree *tree, tvbuff_t *tvb, gint offset, guint length, const guint encoding)
1465 {
1466         guint64 value;
1467         gboolean length_error;
1468
1469         switch (length) {
1470
1471         case 1:
1472                 value = tvb_get_guint8(tvb, offset);
1473                 break;
1474
1475         case 2:
1476                 value = (encoding & ENC_LITTLE_ENDIAN) ? tvb_get_letohs(tvb, offset)
1477                                                        : tvb_get_ntohs(tvb, offset);
1478                 break;
1479
1480         case 3:
1481                 value = (encoding & ENC_LITTLE_ENDIAN) ? tvb_get_letoh24(tvb, offset)
1482                                                        : tvb_get_ntoh24(tvb, offset);
1483                 break;
1484
1485         case 4:
1486                 value = (encoding & ENC_LITTLE_ENDIAN) ? tvb_get_letohl(tvb, offset)
1487                                                        : tvb_get_ntohl(tvb, offset);
1488                 break;
1489
1490         case 5:
1491                 value = (encoding & ENC_LITTLE_ENDIAN) ? tvb_get_letoh40(tvb, offset)
1492                                                        : tvb_get_ntoh40(tvb, offset);
1493                 break;
1494
1495         case 6:
1496                 value = (encoding & ENC_LITTLE_ENDIAN) ? tvb_get_letoh48(tvb, offset)
1497                                                        : tvb_get_ntoh48(tvb, offset);
1498                 break;
1499
1500         case 7:
1501                 value = (encoding & ENC_LITTLE_ENDIAN) ? tvb_get_letoh56(tvb, offset)
1502                                                        : tvb_get_ntoh56(tvb, offset);
1503                 break;
1504
1505         case 8:
1506                 value = (encoding & ENC_LITTLE_ENDIAN) ? tvb_get_letoh64(tvb, offset)
1507                                                        : tvb_get_ntoh64(tvb, offset);
1508                 break;
1509
1510         default:
1511                 if (length < 1) {
1512                         length_error = TRUE;
1513                         value = 0;
1514                 } else {
1515                         length_error = FALSE;
1516                         value = (encoding & ENC_LITTLE_ENDIAN) ? tvb_get_letoh64(tvb, offset)
1517                                                                : tvb_get_ntoh64(tvb, offset);
1518                 }
1519                 report_type_length_mismatch(tree, "an unsigned integer", length, length_error);
1520                 break;
1521         }
1522         return value;
1523 }
1524
1525 static gint32
1526 get_int_value(proto_tree *tree, tvbuff_t *tvb, gint offset, gint length, const guint encoding)
1527 {
1528         gint32 value;
1529         gboolean length_error;
1530
1531         switch (length) {
1532
1533         case 1:
1534                 value = tvb_get_gint8(tvb, offset);
1535                 break;
1536
1537         case 2:
1538                 value = encoding ? tvb_get_letohis(tvb, offset)
1539                                  : tvb_get_ntohis(tvb, offset);
1540                 break;
1541
1542         case 3:
1543                 value = encoding ? tvb_get_letohi24(tvb, offset)
1544                                  : tvb_get_ntohi24(tvb, offset);
1545                 break;
1546
1547         case 4:
1548                 value = encoding ? tvb_get_letohil(tvb, offset)
1549                                  : tvb_get_ntohil(tvb, offset);
1550                 break;
1551
1552         default:
1553                 if (length < 1) {
1554                         length_error = TRUE;
1555                         value = 0;
1556                 } else {
1557                         length_error = FALSE;
1558                         value = encoding ? tvb_get_letohil(tvb, offset)
1559                                          : tvb_get_ntohil(tvb, offset);
1560                 }
1561                 report_type_length_mismatch(tree, "a signed integer", length, length_error);
1562                 break;
1563         }
1564         return value;
1565 }
1566
1567 /* Note: this returns an unsigned int64, but with the appropriate bit(s) set to
1568  * be cast-able as a gint64. This is weird, but what the code has always done.
1569  */
1570 static inline guint64
1571 get_int64_value(proto_tree *tree, tvbuff_t *tvb, gint start, guint length, const guint encoding)
1572 {
1573         guint64 value = get_uint64_value(tree, tvb, start, length, encoding);
1574
1575         switch (length) {
1576                 case 7:
1577                         value = ws_sign_ext64(value, 56);
1578                         break;
1579                 case 6:
1580                         value = ws_sign_ext64(value, 48);
1581                         break;
1582                 case 5:
1583                         value = ws_sign_ext64(value, 40);
1584                         break;
1585                 case 4:
1586                         value = ws_sign_ext64(value, 32);
1587                         break;
1588                 case 3:
1589                         value = ws_sign_ext64(value, 24);
1590                         break;
1591                 case 2:
1592                         value = ws_sign_ext64(value, 16);
1593                         break;
1594                 case 1:
1595                         value = ws_sign_ext64(value, 8);
1596                         break;
1597         }
1598
1599         return value;
1600 }
1601
1602 /* For FT_STRING */
1603 static inline const guint8 *
1604 get_string_value(wmem_allocator_t *scope, tvbuff_t *tvb, gint start,
1605     gint length, gint *ret_length, const guint encoding)
1606 {
1607         if (length == -1) {
1608                 length = tvb_ensure_captured_length_remaining(tvb, start);
1609         }
1610         *ret_length = length;
1611         return tvb_get_string_enc(scope, tvb, start, length, encoding);
1612 }
1613
1614 /* For FT_STRINGZ */
1615 static inline const guint8 *
1616 get_stringz_value(wmem_allocator_t *scope, proto_tree *tree, tvbuff_t *tvb,
1617     gint start, gint length, gint *ret_length, const guint encoding)
1618 {
1619         const guint8 *value;
1620
1621         if (length < -1) {
1622                 report_type_length_mismatch(tree, "a string", length, TRUE);
1623         }
1624         if (length == -1) {
1625                 /* This can throw an exception */
1626                 value = tvb_get_stringz_enc(scope, tvb, start, &length, encoding);
1627         } else if (length == 0) {
1628                 value = "[Empty]";
1629         } else {
1630                 /* In this case, length signifies the length of the string.
1631                  *
1632                  * This could either be a null-padded string, which doesn't
1633                  * necessarily have a '\0' at the end, or a null-terminated
1634                  * string, with a trailing '\0'.  (Yes, there are cases
1635                  * where you have a string that's both counted and null-
1636                  * terminated.)
1637                  *
1638                  * In the first case, we must allocate a buffer of length
1639                  * "length+1", to make room for a trailing '\0'.
1640                  *
1641                  * In the second case, we don't assume that there is a
1642                  * trailing '\0' there, as the packet might be malformed.
1643                  * (XXX - should we throw an exception if there's no
1644                  * trailing '\0'?)  Therefore, we allocate a buffer of
1645                  * length "length+1", and put in a trailing '\0', just to
1646                  * be safe.
1647                  *
1648                  * (XXX - this would change if we made string values counted
1649                  * rather than null-terminated.)
1650                  */
1651                 value = tvb_get_string_enc(scope, tvb, start, length, encoding);
1652         }
1653         *ret_length = length;
1654         return value;
1655 }
1656
1657 /* For FT_UINT_STRING */
1658 static inline const guint8 *
1659 get_uint_string_value(wmem_allocator_t *scope, proto_tree *tree,
1660     tvbuff_t *tvb, gint start, gint length, gint *ret_length,
1661     const guint encoding)
1662 {
1663         guint32 n;
1664         const guint8 *value;
1665
1666         /* I believe it's ok if this is called with a NULL tree */
1667         if (encoding & ENC_ZIGBEE) {
1668                 n = get_uint_value(tree, tvb, start, length, encoding);
1669         } else {
1670                 n = get_uint_value(tree, tvb, start, length, encoding & ~ENC_CHARENCODING_MASK);
1671         }
1672         value = tvb_get_string_enc(scope, tvb, start + length, n, encoding);
1673         length += n;
1674         *ret_length = length;
1675         return value;
1676 }
1677
1678 /* For FT_STRINGZPAD */
1679 static inline const guint8 *
1680 get_stringzpad_value(wmem_allocator_t *scope, tvbuff_t *tvb, gint start,
1681     gint length, gint *ret_length, const guint encoding)
1682 {
1683         /*
1684          * XXX - currently, string values are null-
1685          * terminated, so a "zero-padded" string
1686          * isn't special.  If we represent string
1687          * values as something that includes a counted
1688          * array of bytes, we'll need to strip
1689          * trailing NULs.
1690          */
1691         if (length == -1) {
1692                 length = tvb_ensure_captured_length_remaining(tvb, start);
1693         }
1694         *ret_length = length;
1695         return tvb_get_string_enc(scope, tvb, start, length, encoding);
1696 }
1697
1698 /*
1699  * Epochs for various non-UN*X time stamp formats.
1700  */
1701 #define NTP_TIMEDIFF1900TO1970SEC G_GINT64_CONSTANT(2208988800) /* NTP Time Diff 1900 to 1970 in sec */
1702 #define NTP_TIMEDIFF1970TO2036SEC G_GINT64_CONSTANT(2085978496) /* NTP Time Diff 1970 to 2036 in sec */
1703 #define TOD_BASETIME G_GUINT64_CONSTANT(2208988800)     /* System/3x0 and z/Architecture TOD clock */
1704
1705 /* this can be called when there is no tree, so tree may be null */
1706 static void
1707 get_time_value(proto_tree *tree, tvbuff_t *tvb, const gint start,
1708                const gint length, const guint encoding, nstime_t *time_stamp,
1709                const gboolean is_relative)
1710 {
1711         guint32     tmpsecs;
1712         guint64     todsecs;
1713
1714         switch (encoding) {
1715
1716                 case ENC_TIME_SECS_NSECS|ENC_BIG_ENDIAN:
1717                         /*
1718                          * If the length is 16, 8-byte seconds, followed
1719                          * by 8-byte fractional time in nanoseconds,
1720                          * both big-endian.
1721                          *
1722                          * If the length is 12, 8-byte seconds, followed
1723                          * by 4-byte fractional time in nanoseconds,
1724                          * both big-endian.
1725                          *
1726                          * If the length is 8, 4-byte seconds, followed
1727                          * by 4-byte fractional time in nanoseconds,
1728                          * both big-endian.
1729                          *
1730                          * For absolute times, the seconds are seconds
1731                          * since the UN*X epoch.
1732                          */
1733                         if (length == 16) {
1734                                 time_stamp->secs  = (time_t)tvb_get_ntoh64(tvb, start);
1735                                 time_stamp->nsecs = (guint32)tvb_get_ntoh64(tvb, start+8);
1736                         } else if (length == 12) {
1737                                 time_stamp->secs  = (time_t)tvb_get_ntoh64(tvb, start);
1738                                 time_stamp->nsecs = tvb_get_ntohl(tvb, start+8);
1739                         } else if (length == 8) {
1740                                 time_stamp->secs  = (time_t)tvb_get_ntohl(tvb, start);
1741                                 time_stamp->nsecs = tvb_get_ntohl(tvb, start+4);
1742                         } else if (length == 4) {
1743                                 /*
1744                                  * Backwards compatibility.
1745                                  * ENC_TIME_SECS_NSECS is 0; using
1746                                  * ENC_BIG_ENDIAN by itself with a 4-byte
1747                                  * time-in-seconds value was done in the
1748                                  * past.
1749                                  */
1750                                 time_stamp->secs  = (time_t)tvb_get_ntohl(tvb, start);
1751                                 time_stamp->nsecs = 0;
1752                         } else {
1753                                 time_stamp->secs  = 0;
1754                                 time_stamp->nsecs = 0;
1755                                 report_type_length_mismatch(tree, "a timespec", length, (length < 4));
1756                         }
1757                         break;
1758
1759                 case ENC_TIME_SECS_NSECS|ENC_LITTLE_ENDIAN:
1760                         /*
1761                          * If the length is 16, 8-byte seconds, followed
1762                          * by 8-byte fractional time in nanoseconds,
1763                          * both little-endian.
1764                          *
1765                          * If the length is 12, 8-byte seconds, followed
1766                          * by 4-byte fractional time in nanoseconds,
1767                          * both little-endian.
1768                          *
1769                          * If the length is 8, 4-byte seconds, followed
1770                          * by 4-byte fractional time in nanoseconds,
1771                          * both little-endian.
1772                          *
1773                          * For absolute times, the seconds are seconds
1774                          * since the UN*X epoch.
1775                          */
1776                         if (length == 16) {
1777                                 time_stamp->secs  = (time_t)tvb_get_letoh64(tvb, start);
1778                                 time_stamp->nsecs = (guint32)tvb_get_letoh64(tvb, start+8);
1779                         } else if (length == 12) {
1780                                 time_stamp->secs  = (time_t)tvb_get_letoh64(tvb, start);
1781                                 time_stamp->nsecs = tvb_get_letohl(tvb, start+8);
1782                         } else if (length == 8) {
1783                                 time_stamp->secs  = (time_t)tvb_get_letohl(tvb, start);
1784                                 time_stamp->nsecs = tvb_get_letohl(tvb, start+4);
1785                         } else if (length == 4) {
1786                                 /*
1787                                  * Backwards compatibility.
1788                                  * ENC_TIME_SECS_NSECS is 0; using
1789                                  * ENC_LITTLE_ENDIAN by itself with a 4-byte
1790                                  * time-in-seconds value was done in the
1791                                  * past.
1792                                  */
1793                                 time_stamp->secs  = (time_t)tvb_get_letohl(tvb, start);
1794                                 time_stamp->nsecs = 0;
1795                         } else {
1796                                 time_stamp->secs  = 0;
1797                                 time_stamp->nsecs = 0;
1798                                 report_type_length_mismatch(tree, "a timespec", length, (length < 4));
1799                         }
1800                         break;
1801
1802                 case ENC_TIME_NTP|ENC_BIG_ENDIAN:
1803                         /*
1804                          * NTP time stamp, big-endian.
1805                          * Only supported for absolute times.
1806                          */
1807                         DISSECTOR_ASSERT(!is_relative);
1808
1809                         /* We need a temporary variable here so the unsigned math
1810                          * works correctly (for years > 2036 according to RFC 2030
1811                          * chapter 3).
1812                          *
1813                          * If bit 0 is set, the UTC time is in the range 1968-2036 and
1814                          * UTC time is reckoned from 0h 0m 0s UTC on 1 January 1900.
1815                          * If bit 0 is not set, the time is in the range 2036-2104 and
1816                          * UTC time is reckoned from 6h 28m 16s UTC on 7 February 2036.
1817                          */
1818                         tmpsecs  = tvb_get_ntohl(tvb, start);
1819                         if ((tmpsecs & 0x80000000) != 0)
1820                                 time_stamp->secs = (time_t)((gint64)tmpsecs - NTP_TIMEDIFF1900TO1970SEC);
1821                         else
1822                                 time_stamp->secs = (time_t)((gint64)tmpsecs + NTP_TIMEDIFF1970TO2036SEC);
1823
1824                         if (length == 8) {
1825                                 /*
1826                                  * Convert 1/2^32s of a second to nanoseconds.
1827                                  */
1828                                 time_stamp->nsecs = (int)(1000000000*(tvb_get_ntohl(tvb, start+4)/4294967296.0));
1829                         } else if (length == 4) {
1830                                 /*
1831                                  * Backwards compatibility.
1832                                  */
1833                                 time_stamp->nsecs = 0;
1834                         } else {
1835                                 time_stamp->secs  = 0;
1836                                 time_stamp->nsecs = 0;
1837                                 report_type_length_mismatch(tree, "an NTP time stamp", length, (length < 4));
1838                         }
1839                         break;
1840
1841                 case ENC_TIME_NTP|ENC_LITTLE_ENDIAN:
1842                         /*
1843                          * NTP time stamp, little-endian.
1844                          * Only supported for absolute times.
1845                          */
1846                         DISSECTOR_ASSERT(!is_relative);
1847
1848                         /* We need a temporary variable here so the unsigned math
1849                          * works correctly (for years > 2036 according to RFC 2030
1850                          * chapter 3).
1851                          *
1852                          * If bit 0 is set, the UTC time is in the range 1968-2036 and
1853                          * UTC time is reckoned from 0h 0m 0s UTC on 1 January 1900.
1854                          * If bit 0 is not set, the time is in the range 2036-2104 and
1855                          * UTC time is reckoned from 6h 28m 16s UTC on 7 February 2036.
1856                          */
1857                         tmpsecs  = tvb_get_letohl(tvb, start);
1858                         if ((tmpsecs & 0x80000000) != 0)
1859                                 time_stamp->secs = (time_t)((gint64)tmpsecs - NTP_TIMEDIFF1900TO1970SEC);
1860                         else
1861                                 time_stamp->secs = (time_t)((gint64)tmpsecs + NTP_TIMEDIFF1970TO2036SEC);
1862
1863                         if (length == 8) {
1864                                 /*
1865                                  * Convert 1/2^32s of a second to nanoseconds.
1866                                  */
1867                                 time_stamp->nsecs = (int)(1000000000*(tvb_get_letohl(tvb, start+4)/4294967296.0));
1868                         } else if (length == 4) {
1869                                 /*
1870                                  * Backwards compatibility.
1871                                  */
1872                                 time_stamp->nsecs = 0;
1873                         } else {
1874                                 time_stamp->secs  = 0;
1875                                 time_stamp->nsecs = 0;
1876                                 report_type_length_mismatch(tree, "an NTP time stamp", length, (length < 4));
1877                         }
1878                         break;
1879
1880                 case ENC_TIME_TOD|ENC_BIG_ENDIAN:
1881                         /*
1882                          * S/3x0 and z/Architecture TOD clock time stamp,
1883                          * big-endian.
1884                          * Only supported for absolute times.
1885                          */
1886                         DISSECTOR_ASSERT(!is_relative);
1887                         DISSECTOR_ASSERT(length == 8);
1888
1889                         if (length == 8) {
1890                                 todsecs  = tvb_get_ntoh64(tvb, start) >> 12;
1891                                 time_stamp->secs = (time_t)((todsecs  / 1000000) - TOD_BASETIME);
1892                                 time_stamp->nsecs = (int)((todsecs  % 1000000) * 1000);
1893                         } else {
1894                                 time_stamp->secs  = 0;
1895                                 time_stamp->nsecs = 0;
1896                                 report_type_length_mismatch(tree, "a TOD clock time stamp", length, (length < 4));
1897                         }
1898                         break;
1899
1900                 case ENC_TIME_TOD|ENC_LITTLE_ENDIAN:
1901                         /*
1902                          * S/3x0 and z/Architecture TOD clock time stamp,
1903                          * little-endian.
1904                          * Only supported for absolute times.
1905                          */
1906                         DISSECTOR_ASSERT(!is_relative);
1907
1908                         if (length == 8) {
1909                                 todsecs  = tvb_get_letoh64(tvb, start) >> 12 ;
1910                                 time_stamp->secs = (time_t)((todsecs  / 1000000) - TOD_BASETIME);
1911                                 time_stamp->nsecs = (int)((todsecs  % 1000000) * 1000);
1912                         } else {
1913                                 time_stamp->secs  = 0;
1914                                 time_stamp->nsecs = 0;
1915                                 report_type_length_mismatch(tree, "a TOD clock time stamp", length, (length < 4));
1916                         }
1917                         break;
1918
1919                 case ENC_TIME_RTPS|ENC_BIG_ENDIAN:
1920                         /*
1921                          * Time stamp using the same seconds/fraction format
1922                          * as NTP, but with the origin of the time stamp being
1923                          * the UNIX epoch rather than the NTP epoch; big-
1924                          * endian.
1925                          *
1926                          * Only supported for absolute times.
1927                          */
1928                         DISSECTOR_ASSERT(!is_relative);
1929
1930                         if (length == 8) {
1931                                 time_stamp->secs = (time_t)tvb_get_ntohl(tvb, start);
1932                                 /*
1933                                  * Convert 1/2^32s of a second to nanoseconds.
1934                                  */
1935                                 time_stamp->nsecs = (int)(1000000000*(tvb_get_ntohl(tvb, start+4)/4294967296.0));
1936                         } else {
1937                                 time_stamp->secs  = 0;
1938                                 time_stamp->nsecs = 0;
1939                                 report_type_length_mismatch(tree, "an RTPS time stamp", length, (length < 4));
1940                         }
1941                         break;
1942
1943                 case ENC_TIME_RTPS|ENC_LITTLE_ENDIAN:
1944                         /*
1945                          * Time stamp using the same seconds/fraction format
1946                          * as NTP, but with the origin of the time stamp being
1947                          * the UNIX epoch rather than the NTP epoch; little-
1948                          * endian.
1949                          *
1950                          * Only supported for absolute times.
1951                          */
1952                         DISSECTOR_ASSERT(!is_relative);
1953
1954                         if (length == 8) {
1955                                 time_stamp->secs = (time_t)tvb_get_letohl(tvb, start);
1956                                 /*
1957                                  * Convert 1/2^32s of a second to nanoseconds.
1958                                  */
1959                                 time_stamp->nsecs = (int)(1000000000*(tvb_get_letohl(tvb, start+4)/4294967296.0));
1960                         } else {
1961                                 time_stamp->secs  = 0;
1962                                 time_stamp->nsecs = 0;
1963                                 report_type_length_mismatch(tree, "an RTPS time stamp", length, (length < 4));
1964                         }
1965                         break;
1966
1967                 case ENC_TIME_SECS_USECS|ENC_BIG_ENDIAN:
1968                         /*
1969                          * 4-byte seconds, followed by 4-byte fractional
1970                          * time in microseconds, both big-endian.
1971                          * For absolute times, the seconds are seconds
1972                          * since the UN*X epoch.
1973                          */
1974                         if (length == 8) {
1975                                 time_stamp->secs  = (time_t)tvb_get_ntohl(tvb, start);
1976                                 time_stamp->nsecs = tvb_get_ntohl(tvb, start+4)*1000;
1977                         } else {
1978                                 time_stamp->secs  = 0;
1979                                 time_stamp->nsecs = 0;
1980                                 report_type_length_mismatch(tree, "a timeval", length, (length < 4));
1981                         }
1982                         break;
1983
1984                 case ENC_TIME_SECS_USECS|ENC_LITTLE_ENDIAN:
1985                         /*
1986                          * 4-byte seconds, followed by 4-byte fractional
1987                          * time in microseconds, both little-endian.
1988                          * For absolute times, the seconds are seconds
1989                          * since the UN*X epoch.
1990                          */
1991                         if (length == 8) {
1992                                 time_stamp->secs  = (time_t)tvb_get_letohl(tvb, start);
1993                                 time_stamp->nsecs = tvb_get_letohl(tvb, start+4)*1000;
1994                         } else {
1995                                 time_stamp->secs  = 0;
1996                                 time_stamp->nsecs = 0;
1997                                 report_type_length_mismatch(tree, "a timeval", length, (length < 4));
1998                         }
1999                         break;
2000
2001                 case ENC_TIME_SECS|ENC_BIG_ENDIAN:
2002                 case ENC_TIME_SECS|ENC_LITTLE_ENDIAN:
2003                         /*
2004                          * Seconds, 1 to 8 bytes.
2005                          * For absolute times, it's seconds since the
2006                          * UN*X epoch.
2007                          */
2008                         if (length >= 1 && length <= 8) {
2009                                 time_stamp->secs  = (time_t)get_uint64_value(tree, tvb, start, length, encoding);
2010                                 time_stamp->nsecs = 0;
2011                         } else {
2012                                 time_stamp->secs  = 0;
2013                                 time_stamp->nsecs = 0;
2014                                 report_type_length_mismatch(tree, "a time-in-seconds time stamp", length, (length < 4));
2015                         }
2016                         break;
2017
2018                 case ENC_TIME_MSECS|ENC_BIG_ENDIAN:
2019                         /*
2020                          * Milliseconds, 1 to 8 bytes.
2021                          * For absolute times, it's milliseconds since the
2022                          * UN*X epoch.
2023                          */
2024                         if (length >= 1 && length <= 8) {
2025                                 guint64 msecs;
2026
2027                                 msecs = get_uint64_value(tree, tvb, start, length, encoding);
2028                                 time_stamp->secs  = (time_t)(msecs / 1000);
2029                                 time_stamp->nsecs = (int)(msecs % 1000)*1000000;
2030                         } else {
2031                                 time_stamp->secs  = 0;
2032                                 time_stamp->nsecs = 0;
2033                                 report_type_length_mismatch(tree, "a time-in-milliseconds time stamp", length, (length < 4));
2034                         }
2035                         break;
2036
2037                 case ENC_TIME_RFC_3971|ENC_BIG_ENDIAN:
2038                         /*
2039                          * 1/64ths of a second since the UN*X epoch,
2040                          * big-endian.
2041                          *
2042                          * Only supported for absolute times.
2043                          */
2044                         DISSECTOR_ASSERT(!is_relative);
2045
2046                         if (length == 8) {
2047                                 /*
2048                                  * The upper 48 bits are seconds since the
2049                                  * UN*X epoch.
2050                                  */
2051                                 time_stamp->secs  = tvb_get_ntoh48(tvb, start);
2052                                 /*
2053                                  * The lower 16 bits are 1/2^16s of a second;
2054                                  * convert them to nanoseconds.
2055                                  *
2056                                  * XXX - this may give the impression of higher
2057                                  * precision than you actually get.
2058                                  */
2059                                 time_stamp->nsecs = (int)(1000000000*(tvb_get_ntohs(tvb, start+6)/65536.0));
2060                         } else {
2061                                 time_stamp->secs  = 0;
2062                                 time_stamp->nsecs = 0;
2063                                 report_type_length_mismatch(tree, "an RFC 3971-style time stamp", length, (length < 4));
2064                         }
2065                         break;
2066
2067                 case ENC_TIME_RFC_3971|ENC_LITTLE_ENDIAN:
2068                         /*
2069                          * 1/64ths of a second since the UN*X epoch,
2070                          * little-endian.
2071                          *
2072                          * Only supported for absolute times.
2073                          */
2074                         DISSECTOR_ASSERT(!is_relative);
2075
2076                         if (length == 8) {
2077                                 /*
2078                                  * XXX - this is assuming that, if anybody
2079                                  * were ever to use this format - RFC 3971
2080                                  * doesn't, because that's an Internet
2081                                  * protocol, and those use network byte
2082                                  * order, i.e. big-endian - they'd treat it
2083                                  * as a 64-bit count of 1/2^16s of a second,
2084                                  * putting the upper 48 bits at the end.
2085                                  *
2086                                  * The lower 48 bits are seconds since the
2087                                  * UN*X epoch.
2088                                  */
2089                                 time_stamp->secs  = tvb_get_letoh48(tvb, start+2);
2090                                 /*
2091                                  * The upper 16 bits are 1/2^16s of a second;
2092                                  * convert them to nanoseconds.
2093                                  *
2094                                  * XXX - this may give the impression of higher
2095                                  * precision than you actually get.
2096                                  */
2097                                 time_stamp->nsecs = (int)(1000000000*(tvb_get_letohs(tvb, start)/65536.0));
2098                         } else {
2099                                 time_stamp->secs  = 0;
2100                                 time_stamp->nsecs = 0;
2101                                 report_type_length_mismatch(tree, "an RFC 3971-style time stamp", length, (length < 4));
2102                         }
2103                         break;
2104
2105                 case ENC_TIME_SECS_NTP|ENC_BIG_ENDIAN:
2106                         /*
2107                          * NTP time stamp, with 1-second resolution (i.e.,
2108                          * seconds since the NTP epoch), big-endian.
2109                          * Only supported for absolute times.
2110                          */
2111                         DISSECTOR_ASSERT(!is_relative);
2112
2113                         if (length == 4) {
2114                                 /*
2115                                 * We need a temporary variable here so the unsigned math
2116                                 * works correctly (for years > 2036 according to RFC 2030
2117                                 * chapter 3).
2118                                 *
2119                                 * If bit 0 is set, the UTC time is in the range 1968-2036 and
2120                                 * UTC time is reckoned from 0h 0m 0s UTC on 1 January 1900.
2121                                 * If bit 0 is not set, the time is in the range 2036-2104 and
2122                                 * UTC time is reckoned from 6h 28m 16s UTC on 7 February 2036.
2123                                 */
2124                                 tmpsecs  = tvb_get_ntohl(tvb, start);
2125                                 if ((tmpsecs & 0x80000000) != 0)
2126                                         time_stamp->secs = (time_t)((gint64)tmpsecs - NTP_TIMEDIFF1900TO1970SEC);
2127                                 else
2128                                         time_stamp->secs = (time_t)((gint64)tmpsecs + NTP_TIMEDIFF1970TO2036SEC);
2129                                 time_stamp->nsecs = 0;
2130                         } else {
2131                                 time_stamp->secs  = 0;
2132                                 time_stamp->nsecs = 0;
2133                                 report_type_length_mismatch(tree, "an NTP seconds-only time stamp", length, (length < 4));
2134                         }
2135                         break;
2136
2137                 case ENC_TIME_SECS_NTP|ENC_LITTLE_ENDIAN:
2138                         /*
2139                          * NTP time stamp, with 1-second resolution (i.e.,
2140                          * seconds since the NTP epoch), little-endian.
2141                          * Only supported for absolute times.
2142                          */
2143                         DISSECTOR_ASSERT(!is_relative);
2144
2145                         /*
2146                          * We need a temporary variable here so the unsigned math
2147                          * works correctly (for years > 2036 according to RFC 2030
2148                          * chapter 3).
2149                          *
2150                          * If bit 0 is set, the UTC time is in the range 1968-2036 and
2151                          * UTC time is reckoned from 0h 0m 0s UTC on 1 January 1900.
2152                          * If bit 0 is not set, the time is in the range 2036-2104 and
2153                          * UTC time is reckoned from 6h 28m 16s UTC on 7 February 2036.
2154                          */
2155                         if (length == 4) {
2156                                 tmpsecs  = tvb_get_letohl(tvb, start);
2157                                 if ((tmpsecs & 0x80000000) != 0)
2158                                         time_stamp->secs = (time_t)((gint64)tmpsecs - NTP_TIMEDIFF1900TO1970SEC);
2159                                 else
2160                                         time_stamp->secs = (time_t)((gint64)tmpsecs + NTP_TIMEDIFF1970TO2036SEC);
2161                                 time_stamp->nsecs = 0;
2162                         } else {
2163                                 time_stamp->secs  = 0;
2164                                 time_stamp->nsecs = 0;
2165                                 report_type_length_mismatch(tree, "an NTP seconds-only time stamp", length, (length < 4));
2166                         }
2167                         break;
2168                 case ENC_TIME_MSEC_NTP | ENC_BIG_ENDIAN:
2169                         /*
2170                         * Milliseconds, 1 to 8 bytes.
2171                         * For absolute times, it's milliseconds since the
2172                         * NTP epoch.
2173                         */
2174                         if (length >= 1 && length <= 8) {
2175                                 guint64 msecs;
2176
2177                                 msecs = get_uint64_value(tree, tvb, start, length, encoding);
2178                                 tmpsecs = (guint32)(msecs / 1000);
2179                                 /*
2180                                 * If bit 0 is set, the UTC time is in the range 1968-2036 and
2181                                 * UTC time is reckoned from 0h 0m 0s UTC on 1 January 1900.
2182                                 * If bit 0 is not set, the time is in the range 2036-2104 and
2183                                 * UTC time is reckoned from 6h 28m 16s UTC on 7 February 2036.
2184                                 */
2185                                 if ((tmpsecs & 0x80000000) != 0)
2186                                         time_stamp->secs = (time_t)((gint64)tmpsecs - NTP_TIMEDIFF1900TO1970SEC);
2187                                 else
2188                                         time_stamp->secs = (time_t)((gint64)tmpsecs + NTP_TIMEDIFF1970TO2036SEC);
2189                                 time_stamp->nsecs = (int)(msecs % 1000)*1000000;
2190                         }
2191                         else {
2192                                 time_stamp->secs  = 0;
2193                                 time_stamp->nsecs = 0;
2194                                 report_type_length_mismatch(tree, "a time-in-milliseconds NTP time stamp", length, (length < 4));
2195                         }
2196                         break;
2197                 default:
2198                         DISSECTOR_ASSERT_NOT_REACHED();
2199                         break;
2200         }
2201 }
2202
2203 static void
2204 tree_data_add_maybe_interesting_field(tree_data_t *tree_data, field_info *fi)
2205 {
2206         const header_field_info *hfinfo = fi->hfinfo;
2207
2208         if (hfinfo->ref_type == HF_REF_TYPE_DIRECT) {
2209                 GPtrArray *ptrs = NULL;
2210
2211                 if (tree_data->interesting_hfids == NULL) {
2212                         /* Initialize the hash because we now know that it is needed */
2213                         tree_data->interesting_hfids =
2214                                 g_hash_table_new(g_direct_hash, NULL /* g_direct_equal */);
2215                 } else if (g_hash_table_size(tree_data->interesting_hfids)) {
2216                         ptrs = (GPtrArray *)g_hash_table_lookup(tree_data->interesting_hfids,
2217                                            GINT_TO_POINTER(hfinfo->id));
2218                 }
2219
2220                 if (!ptrs) {
2221                         /* First element triggers the creation of pointer array */
2222                         ptrs = g_ptr_array_new();
2223                         g_hash_table_insert(tree_data->interesting_hfids,
2224                                             GINT_TO_POINTER(hfinfo->id), ptrs);
2225                 }
2226
2227                 g_ptr_array_add(ptrs, fi);
2228         }
2229 }
2230
2231
2232 /*
2233  * Validates that field length bytes are available starting from
2234  * start (pos/neg). Throws an exception if they aren't.
2235  */
2236 static void
2237 test_length(header_field_info *hfinfo, tvbuff_t *tvb,
2238             gint start, gint length, const guint encoding)
2239 {
2240         gint size = length;
2241
2242         if (!tvb)
2243                 return;
2244
2245         if ((hfinfo->type == FT_STRINGZ) ||
2246             ((encoding & (ENC_VARINT_PROTOBUF|ENC_VARINT_QUIC)) &&
2247              (IS_FT_UINT(hfinfo->type) || IS_FT_INT(hfinfo->type)))) {
2248                 /* If we're fetching until the end of the TVB, only validate
2249                  * that the offset is within range.
2250                  */
2251                 if (length == -1)
2252                         size = 0;
2253         }
2254
2255         tvb_ensure_bytes_exist(tvb, start, size);
2256 }
2257
2258 static void
2259 detect_trailing_stray_characters(enum ftenum type, guint encoding, const char *string, gint length, proto_item *pi)
2260 {
2261         gboolean found_stray_character = FALSE;
2262
2263         if (!string)
2264                 return;
2265
2266         if (type != FT_STRING && type != FT_STRINGZ && type != FT_STRINGZPAD)
2267                 return;
2268
2269         switch (encoding & ENC_CHARENCODING_MASK) {
2270                 case ENC_ASCII:
2271                 case ENC_UTF_8:
2272                         for (gint i = (gint)strlen(string); i < length; i++) {
2273                                 if (string[i] != '\0') {
2274                                         found_stray_character = TRUE;
2275                                         break;
2276                                 }
2277                         }
2278                         break;
2279
2280                 default:
2281                         break;
2282         }
2283
2284         if (found_stray_character) {
2285                 expert_add_info(NULL, pi, &ei_string_trailing_characters);
2286         }
2287 }
2288
2289 /* Add an item to a proto_tree, using the text label registered to that item;
2290    the item is extracted from the tvbuff handed to it. */
2291 static proto_item *
2292 proto_tree_new_item(field_info *new_fi, proto_tree *tree,
2293                     tvbuff_t *tvb, gint start, gint length,
2294                     guint encoding)
2295 {
2296         proto_item *pi;
2297         guint32     value, n;
2298         guint64     value64;
2299         float       floatval;
2300         double      doubleval;
2301         const char *stringval = NULL;
2302         nstime_t    time_stamp;
2303         gboolean    length_error;
2304
2305         switch (new_fi->hfinfo->type) {
2306                 case FT_NONE:
2307                         /* no value to set for FT_NONE */
2308                         break;
2309
2310                 case FT_PROTOCOL:
2311                         proto_tree_set_protocol_tvb(new_fi, tvb, new_fi->hfinfo->name);
2312                         break;
2313
2314                 case FT_BYTES:
2315                         proto_tree_set_bytes_tvb(new_fi, tvb, start, length);
2316                         break;
2317
2318                 case FT_UINT_BYTES:
2319                         n = get_uint_value(tree, tvb, start, length, encoding);
2320                         proto_tree_set_bytes_tvb(new_fi, tvb, start + length, n);
2321
2322                         /* Instead of calling proto_item_set_len(), since we don't yet
2323                          * have a proto_item, we set the field_info's length ourselves. */
2324                         new_fi->length = n + length;
2325                         break;
2326
2327                 case FT_BOOLEAN:
2328                         /*
2329                          * Map all non-zero values to little-endian for
2330                          * backwards compatibility.
2331                          */
2332                         if (encoding)
2333                                 encoding = ENC_LITTLE_ENDIAN;
2334                         proto_tree_set_boolean(new_fi,
2335                                 get_uint64_value(tree, tvb, start, length, encoding));
2336                         break;
2337
2338                 case FT_CHAR:
2339                 /* XXX - make these just FT_UINT? */
2340                 case FT_UINT8:
2341                 case FT_UINT16:
2342                 case FT_UINT24:
2343                 case FT_UINT32:
2344                         if (encoding & ENC_VARINT_PROTOBUF) {
2345                                 new_fi->length = tvb_get_varint(tvb, start, (length == -1) ? FT_VARINT_MAX_LEN : length, &value64, encoding);
2346                                 new_fi->flags |= FI_VARINT;
2347                                 value = (guint32)value64;
2348                         } else if (encoding & ENC_VARINT_QUIC) {
2349                                 new_fi->length = tvb_get_varint(tvb, start, (length == -1) ? FT_VARINT_MAX_LEN : length, &value64, encoding);
2350                                 value = (guint32)value64;
2351                         } else {
2352                                 /*
2353                                  * Map all non-zero values to little-endian for
2354                                  * backwards compatibility.
2355                                  */
2356                                 if (encoding)
2357                                         encoding = ENC_LITTLE_ENDIAN;
2358
2359                                 value = get_uint_value(tree, tvb, start, length, encoding);
2360                         }
2361                         proto_tree_set_uint(new_fi, value);
2362                         break;
2363
2364                 case FT_UINT40:
2365                 case FT_UINT48:
2366                 case FT_UINT56:
2367                 case FT_UINT64:
2368
2369                         if (encoding & ENC_VARINT_PROTOBUF) {
2370                                 new_fi->length = tvb_get_varint(tvb, start, (length == -1) ? FT_VARINT_MAX_LEN : length, &value64, encoding);
2371                                 new_fi->flags |= FI_VARINT;
2372                         } else if (encoding & ENC_VARINT_QUIC) {
2373                                 new_fi->length = tvb_get_varint(tvb, start, (length == -1) ? FT_VARINT_MAX_LEN : length, &value64, encoding);
2374                         } else {
2375                                 /*
2376                                  * Map all other non-zero values to little-endian for
2377                                  * backwards compatibility.
2378                                  */
2379                                 if (encoding)
2380                                         encoding = ENC_LITTLE_ENDIAN;
2381
2382                                 value64 = get_uint64_value(tree, tvb, start, length, encoding);
2383                         }
2384                         proto_tree_set_uint64(new_fi, value64);
2385                         break;
2386
2387                 /* XXX - make these just FT_INT? */
2388                 case FT_INT8:
2389                 case FT_INT16:
2390                 case FT_INT24:
2391                 case FT_INT32:
2392                         /*
2393                          * Map all non-zero values to little-endian for
2394                          * backwards compatibility.
2395                          */
2396                         if (encoding)
2397                                 encoding = ENC_LITTLE_ENDIAN;
2398                         proto_tree_set_int(new_fi,
2399                                 get_int_value(tree, tvb, start, length, encoding));
2400                         break;
2401
2402                 case FT_INT40:
2403                 case FT_INT48:
2404                 case FT_INT56:
2405                 case FT_INT64:
2406                         /*
2407                          * Map all non-zero values to little-endian for
2408                          * backwards compatibility.
2409                          */
2410                         if (encoding)
2411                                 encoding = ENC_LITTLE_ENDIAN;
2412                         proto_tree_set_int64(new_fi,
2413                                 get_int64_value(tree, tvb, start, length, encoding));
2414                         break;
2415
2416                 case FT_IPv4:
2417                         /*
2418                          * Map all non-zero values to little-endian for
2419                          * backwards compatibility.
2420                          */
2421                         if (encoding)
2422                                 encoding = ENC_LITTLE_ENDIAN;
2423                         if (length != FT_IPv4_LEN) {
2424                                 length_error = length < FT_IPv4_LEN ? TRUE : FALSE;
2425                                 report_type_length_mismatch(tree, "an IPv4 address", length, length_error);
2426                         }
2427                         value = tvb_get_ipv4(tvb, start);
2428                         /*
2429                          * NOTE: to support code written when
2430                          * proto_tree_add_item() took a gboolean as its
2431                          * last argument, with FALSE meaning "big-endian"
2432                          * and TRUE meaning "little-endian", we treat any
2433                          * non-zero value of "encoding" as meaning
2434                          * "little-endian".
2435                          */
2436                         proto_tree_set_ipv4(new_fi, encoding ? GUINT32_SWAP_LE_BE(value) : value);
2437                         break;
2438
2439                 case FT_IPXNET:
2440                         if (length != FT_IPXNET_LEN) {
2441                                 length_error = length < FT_IPXNET_LEN ? TRUE : FALSE;
2442                                 report_type_length_mismatch(tree, "an IPXNET address", length, length_error);
2443                         }
2444                         proto_tree_set_ipxnet(new_fi,
2445                                 get_uint_value(tree, tvb, start, FT_IPXNET_LEN, ENC_BIG_ENDIAN));
2446                         break;
2447
2448                 case FT_IPv6:
2449                         if (length != FT_IPv6_LEN) {
2450                                 length_error = length < FT_IPv6_LEN ? TRUE : FALSE;
2451                                 report_type_length_mismatch(tree, "an IPv6 address", length, length_error);
2452                         }
2453                         proto_tree_set_ipv6_tvb(new_fi, tvb, start, length);
2454                         break;
2455
2456                 case FT_FCWWN:
2457                         if (length != FT_FCWWN_LEN) {
2458                                 length_error = length < FT_FCWWN_LEN ? TRUE : FALSE;
2459                                 report_type_length_mismatch(tree, "an FCWWN address", length, length_error);
2460                         }
2461                         proto_tree_set_fcwwn_tvb(new_fi, tvb, start, length);
2462                         break;
2463
2464                 case FT_AX25:
2465                         if (length != 7) {
2466                                 length_error = length < 7 ? TRUE : FALSE;
2467                                 report_type_length_mismatch(tree, "an AX.25 address", length, length_error);
2468                         }
2469                         proto_tree_set_ax25_tvb(new_fi, tvb, start);
2470                         break;
2471
2472                 case FT_VINES:
2473                         if (length != VINES_ADDR_LEN) {
2474                                 length_error = length < VINES_ADDR_LEN ? TRUE : FALSE;
2475                                 report_type_length_mismatch(tree, "a Vines address", length, length_error);
2476                         }
2477                         proto_tree_set_vines_tvb(new_fi, tvb, start);
2478                         break;
2479
2480                 case FT_ETHER:
2481                         if (length != FT_ETHER_LEN) {
2482                                 length_error = length < FT_ETHER_LEN ? TRUE : FALSE;
2483                                 report_type_length_mismatch(tree, "a MAC address", length, length_error);
2484                         }
2485                         proto_tree_set_ether_tvb(new_fi, tvb, start);
2486                         break;
2487
2488                 case FT_EUI64:
2489                         /*
2490                          * Map all non-zero values to little-endian for
2491                          * backwards compatibility.
2492                          */
2493                         if (encoding)
2494                                 encoding = ENC_LITTLE_ENDIAN;
2495                         if (length != FT_EUI64_LEN) {
2496                                 length_error = length < FT_EUI64_LEN ? TRUE : FALSE;
2497                                 report_type_length_mismatch(tree, "an EUI-64 address", length, length_error);
2498                         }
2499                         proto_tree_set_eui64_tvb(new_fi, tvb, start, encoding);
2500                         break;
2501                 case FT_GUID:
2502                         /*
2503                          * Map all non-zero values to little-endian for
2504                          * backwards compatibility.
2505                          */
2506                         if (encoding)
2507                                 encoding = ENC_LITTLE_ENDIAN;
2508                         if (length != FT_GUID_LEN) {
2509                                 length_error = length < FT_GUID_LEN ? TRUE : FALSE;
2510                                 report_type_length_mismatch(tree, "a GUID", length, length_error);
2511                         }
2512                         proto_tree_set_guid_tvb(new_fi, tvb, start, encoding);
2513                         break;
2514
2515                 case FT_OID:
2516                 case FT_REL_OID:
2517                         proto_tree_set_oid_tvb(new_fi, tvb, start, length);
2518                         break;
2519
2520                 case FT_SYSTEM_ID:
2521                         proto_tree_set_system_id_tvb(new_fi, tvb, start, length);
2522                         break;
2523
2524                 case FT_FLOAT:
2525                         /*
2526                          * NOTE: to support code written when
2527                          * proto_tree_add_item() took a gboolean as its
2528                          * last argument, with FALSE meaning "big-endian"
2529                          * and TRUE meaning "little-endian", we treat any
2530                          * non-zero value of "encoding" as meaning
2531                          * "little-endian".
2532                          *
2533                          * At some point in the future, we might
2534                          * support non-IEEE-binary floating-point
2535                          * formats in the encoding as well
2536                          * (IEEE decimal, System/3x0, VAX).
2537                          */
2538                         if (encoding)
2539                                 encoding = ENC_LITTLE_ENDIAN;
2540                         if (length != 4) {
2541                                 length_error = length < 4 ? TRUE : FALSE;
2542                                 report_type_length_mismatch(tree, "a single-precision floating point number", length, length_error);
2543                         }
2544                         if (encoding)
2545                                 floatval = tvb_get_letohieee_float(tvb, start);
2546                         else
2547                                 floatval = tvb_get_ntohieee_float(tvb, start);
2548                         proto_tree_set_float(new_fi, floatval);
2549                         break;
2550
2551                 case FT_DOUBLE:
2552                         /*
2553                          * NOTE: to support code written when
2554                          * proto_tree_add_item() took a gboolean as its
2555                          * last argument, with FALSE meaning "big-endian"
2556                          * and TRUE meaning "little-endian", we treat any
2557                          * non-zero value of "encoding" as meaning
2558                          * "little-endian".
2559                          *
2560                          * At some point in the future, we might
2561                          * support non-IEEE-binary floating-point
2562                          * formats in the encoding as well
2563                          * (IEEE decimal, System/3x0, VAX).
2564                          */
2565                         if (encoding == TRUE)
2566                                 encoding = ENC_LITTLE_ENDIAN;
2567                         if (length != 8) {
2568                                 length_error = length < 8 ? TRUE : FALSE;
2569                                 report_type_length_mismatch(tree, "a double-precision floating point number", length, length_error);
2570                         }
2571                         if (encoding)
2572                                 doubleval = tvb_get_letohieee_double(tvb, start);
2573                         else
2574                                 doubleval = tvb_get_ntohieee_double(tvb, start);
2575                         proto_tree_set_double(new_fi, doubleval);
2576                         break;
2577
2578                 case FT_STRING:
2579                         stringval = get_string_value(wmem_packet_scope(),
2580                             tvb, start, length, &length, encoding);
2581                         proto_tree_set_string(new_fi, stringval);
2582
2583                         /* Instead of calling proto_item_set_len(), since we
2584                          * don't yet have a proto_item, we set the
2585                          * field_info's length ourselves.
2586                          *
2587                          * XXX - our caller can't use that length to
2588                          * advance an offset unless they arrange that
2589                          * there always be a protocol tree into which
2590                          * we're putting this item.
2591                          */
2592                         new_fi->length = length;
2593                         break;
2594
2595                 case FT_STRINGZ:
2596                         stringval = get_stringz_value(wmem_packet_scope(),
2597                             tree, tvb, start, length, &length, encoding);
2598                         proto_tree_set_string(new_fi, stringval);
2599
2600                         /* Instead of calling proto_item_set_len(),
2601                          * since we don't yet have a proto_item, we
2602                          * set the field_info's length ourselves.
2603                          *
2604                          * XXX - our caller can't use that length to
2605                          * advance an offset unless they arrange that
2606                          * there always be a protocol tree into which
2607                          * we're putting this item.
2608                          */
2609                         new_fi->length = length;
2610                         break;
2611
2612                 case FT_UINT_STRING:
2613                         /*
2614                          * NOTE: to support code written when
2615                          * proto_tree_add_item() took a gboolean as its
2616                          * last argument, with FALSE meaning "big-endian"
2617                          * and TRUE meaning "little-endian", if the
2618                          * encoding value is TRUE, treat that as
2619                          * ASCII with a little-endian length.
2620                          *
2621                          * This won't work for code that passes
2622                          * arbitrary non-zero values; that code
2623                          * will need to be fixed.
2624                          */
2625                         if (encoding == TRUE)
2626                                 encoding = ENC_ASCII|ENC_LITTLE_ENDIAN;
2627                         stringval = get_uint_string_value(wmem_packet_scope(),
2628                             tree, tvb, start, length, &length, encoding);
2629                         proto_tree_set_string(new_fi, stringval);
2630
2631                         /* Instead of calling proto_item_set_len(), since we
2632                          * don't yet have a proto_item, we set the
2633                          * field_info's length ourselves.
2634                          *
2635                          * XXX - our caller can't use that length to
2636                          * advance an offset unless they arrange that
2637                          * there always be a protocol tree into which
2638                          * we're putting this item.
2639                          */
2640                         new_fi->length = length;
2641                         break;
2642
2643                 case FT_STRINGZPAD:
2644                         stringval = get_stringzpad_value(wmem_packet_scope(),
2645                             tvb, start, length, &length, encoding);
2646                         proto_tree_set_string(new_fi, stringval);
2647
2648                         /* Instead of calling proto_item_set_len(), since we
2649                          * don't yet have a proto_item, we set the
2650                          * field_info's length ourselves.
2651                          *
2652                          * XXX - our caller can't use that length to
2653                          * advance an offset unless they arrange that
2654                          * there always be a protocol tree into which
2655                          * we're putting this item.
2656                          */
2657                         new_fi->length = length;
2658                         break;
2659
2660                 case FT_ABSOLUTE_TIME:
2661                         /*
2662                          * Absolute times can be in any of a number of
2663                          * formats, and they can be big-endian or
2664                          * little-endian.
2665                          *
2666                          * Historically FT_TIMEs were only timespecs;
2667                          * the only question was whether they were stored
2668                          * in big- or little-endian format.
2669                          *
2670                          * For backwards compatibility, we interpret an
2671                          * encoding of 1 as meaning "little-endian timespec",
2672                          * so that passing TRUE is interpreted as that.
2673                          */
2674                         if (encoding == TRUE)
2675                                 encoding = ENC_TIME_SECS_NSECS|ENC_LITTLE_ENDIAN;
2676
2677                         get_time_value(tree, tvb, start, length, encoding, &time_stamp, FALSE);
2678
2679                         proto_tree_set_time(new_fi, &time_stamp);
2680                         break;
2681
2682                 case FT_RELATIVE_TIME:
2683                         /*
2684                          * Relative times can be in any of a number of
2685                          * formats, and they can be big-endian or
2686                          * little-endian.
2687                          *
2688                          * Historically FT_TIMEs were only timespecs;
2689                          * the only question was whether they were stored
2690                          * in big- or little-endian format.
2691                          *
2692                          * For backwards compatibility, we interpret an
2693                          * encoding of 1 as meaning "little-endian timespec",
2694                          * so that passing TRUE is interpreted as that.
2695                          */
2696                         if (encoding == TRUE)
2697                                 encoding = ENC_TIME_SECS_NSECS|ENC_LITTLE_ENDIAN;
2698
2699                         get_time_value(tree, tvb, start, length, encoding, &time_stamp, TRUE);
2700
2701                         proto_tree_set_time(new_fi, &time_stamp);
2702                         break;
2703                 case FT_IEEE_11073_SFLOAT:
2704                         if (encoding)
2705                                 encoding = ENC_LITTLE_ENDIAN;
2706                         if (length != 2) {
2707                                 length_error = length < 2 ? TRUE : FALSE;
2708                                 report_type_length_mismatch(tree, "a IEEE 11073 SFLOAT", length, length_error);
2709                         }
2710
2711                         fvalue_set_uinteger(&new_fi->value, tvb_get_guint16(tvb, start, encoding));
2712
2713                         break;
2714                 case FT_IEEE_11073_FLOAT:
2715                         if (encoding)
2716                                 encoding = ENC_LITTLE_ENDIAN;
2717                         if (length != 4) {
2718                                 length_error = length < 4 ? TRUE : FALSE;
2719                                 report_type_length_mismatch(tree, "a IEEE 11073 FLOAT", length, length_error);
2720                         }
2721
2722                         break;
2723                 default:
2724                         g_error("new_fi->hfinfo->type %d (%s) not handled\n",
2725                                         new_fi->hfinfo->type,
2726                                         ftype_name(new_fi->hfinfo->type));
2727                         DISSECTOR_ASSERT_NOT_REACHED();
2728                         break;
2729         }
2730         FI_SET_FLAG(new_fi, (encoding & ENC_LITTLE_ENDIAN) ? FI_LITTLE_ENDIAN : FI_BIG_ENDIAN);
2731
2732         /* Don't add new node to proto_tree until now so that any exceptions
2733          * raised by a tvbuff access method doesn't leave junk in the proto_tree. */
2734         /* XXX. wouldn't be better to add this item to tree, with some special flag (FI_EXCEPTION?)
2735          *      to know which item caused exception? */
2736         pi = proto_tree_add_node(tree, new_fi);
2737
2738         detect_trailing_stray_characters(new_fi->hfinfo->type, encoding, stringval, length, pi);
2739
2740         return pi;
2741 }
2742
2743 proto_item *
2744 proto_tree_add_item_ret_int(proto_tree *tree, int hfindex, tvbuff_t *tvb,
2745                             const gint start, gint length,
2746                             const guint encoding, gint32 *retval)
2747 {
2748         header_field_info *hfinfo = proto_registrar_get_nth(hfindex);
2749         field_info        *new_fi;
2750         gint32             value;
2751
2752         DISSECTOR_ASSERT_HINT(hfinfo != NULL, "Not passed hfi!");
2753
2754         switch (hfinfo->type) {
2755         case FT_INT8:
2756         case FT_INT16:
2757         case FT_INT24:
2758         case FT_INT32:
2759                 break;
2760         default:
2761                 DISSECTOR_ASSERT_NOT_REACHED();
2762         }
2763
2764         /* length validation for native number encoding caught by get_uint_value() */
2765         /* length has to be -1 or > 0 regardless of encoding */
2766         if (length < -1 || length == 0)
2767                 REPORT_DISSECTOR_BUG("Invalid length %d passed to proto_tree_add_item_ret_int",
2768                         length);
2769
2770         if (encoding & ENC_STRING) {
2771                 REPORT_DISSECTOR_BUG("wrong encoding");
2772         }
2773         /* I believe it's ok if this is called with a NULL tree */
2774         value = get_int_value(tree, tvb, start, length, encoding);
2775
2776         if (retval) {
2777                 gint no_of_bits;
2778                 *retval = value;
2779                 if (hfinfo->bitmask) {
2780                         /* Mask out irrelevant portions */
2781                         *retval &= (guint32)(hfinfo->bitmask);
2782                         /* Shift bits */
2783                         *retval >>= hfinfo_bitshift(hfinfo);
2784                 }
2785                 no_of_bits = ws_count_ones(hfinfo->bitmask);
2786                 *retval = ws_sign_ext32(*retval, no_of_bits);
2787         }
2788
2789         CHECK_FOR_NULL_TREE(tree);
2790
2791         TRY_TO_FAKE_THIS_ITEM(tree, hfinfo->id, hfinfo);
2792
2793         new_fi = new_field_info(tree, hfinfo, tvb, start, length);
2794
2795         proto_tree_set_int(new_fi, value);
2796
2797         new_fi->flags |= (encoding & ENC_LITTLE_ENDIAN) ? FI_LITTLE_ENDIAN : FI_BIG_ENDIAN;
2798
2799         return proto_tree_add_node(tree, new_fi);
2800 }
2801
2802 proto_item *
2803 proto_tree_add_item_ret_uint(proto_tree *tree, int hfindex, tvbuff_t *tvb,
2804                              const gint start, gint length,
2805                              const guint encoding, guint32 *retval)
2806 {
2807         header_field_info *hfinfo = proto_registrar_get_nth(hfindex);
2808         field_info        *new_fi;
2809         guint32            value;
2810
2811         DISSECTOR_ASSERT_HINT(hfinfo != NULL, "Not passed hfi!");
2812
2813         switch (hfinfo->type) {
2814         case FT_CHAR:
2815         case FT_UINT8:
2816         case FT_UINT16:
2817         case FT_UINT24:
2818         case FT_UINT32:
2819                 break;
2820         default:
2821                 REPORT_DISSECTOR_BUG("field %s is not of type FT_CHAR, FT_UINT8, FT_UINT16, FT_UINT24, or FT_UINT32",
2822                     hfinfo->abbrev);
2823         }
2824
2825         /* length validation for native number encoding caught by get_uint_value() */
2826         /* length has to be -1 or > 0 regardless of encoding */
2827         if (length < -1 || length == 0)
2828                 REPORT_DISSECTOR_BUG("Invalid length %d passed to proto_tree_add_item_ret_uint",
2829                         length);
2830
2831         if (encoding & ENC_STRING) {
2832                 REPORT_DISSECTOR_BUG("wrong encoding");
2833         }
2834         /* I believe it's ok if this is called with a NULL tree */
2835         /* XXX - modify if we ever support EBCDIC FT_CHAR */
2836         if (encoding & (ENC_VARINT_PROTOBUF|ENC_VARINT_QUIC)) {
2837                 guint64 temp64;
2838                 tvb_get_varint(tvb, start, length, &temp64, encoding);
2839                 value = (guint32)temp64;
2840         } else {
2841                 value = get_uint_value(tree, tvb, start, length, encoding);
2842         }
2843
2844         if (retval) {
2845                 *retval = value;
2846                 if (hfinfo->bitmask) {
2847                         /* Mask out irrelevant portions */
2848                         *retval &= (guint32)(hfinfo->bitmask);
2849                         /* Shift bits */
2850                         *retval >>= hfinfo_bitshift(hfinfo);
2851                 }
2852         }
2853
2854         CHECK_FOR_NULL_TREE(tree);
2855
2856         TRY_TO_FAKE_THIS_ITEM(tree, hfinfo->id, hfinfo);
2857
2858         new_fi = new_field_info(tree, hfinfo, tvb, start, length);
2859
2860         proto_tree_set_uint(new_fi, value);
2861
2862         new_fi->flags |= (encoding & ENC_LITTLE_ENDIAN) ? FI_LITTLE_ENDIAN : FI_BIG_ENDIAN;
2863         if (encoding & ENC_VARINT_PROTOBUF) {
2864                 new_fi->flags |= FI_VARINT;
2865         }
2866         return proto_tree_add_node(tree, new_fi);
2867 }
2868
2869 /* Gets data from tvbuff, adds it to proto_tree, increments offset,
2870  * and returns proto_item* and uint value retreived*/
2871 proto_item *
2872 ptvcursor_add_ret_uint(ptvcursor_t *ptvc, int hfindex, gint length,
2873               const guint encoding, guint32 *retval)
2874 {
2875         field_info        *new_fi;
2876         header_field_info *hfinfo;
2877         gint               item_length;
2878         int                offset;
2879         guint32            value;
2880
2881         offset = ptvc->offset;
2882         PROTO_REGISTRAR_GET_NTH(hfindex, hfinfo);
2883
2884         switch (hfinfo->type) {
2885         case FT_CHAR:
2886         case FT_UINT8:
2887         case FT_UINT16:
2888         case FT_UINT24:
2889         case FT_UINT32:
2890                 break;
2891         default:
2892                 REPORT_DISSECTOR_BUG("field %s is not of type FT_CHAR, FT_UINT8, FT_UINT16, FT_UINT24, or FT_UINT32",
2893                     hfinfo->abbrev);
2894         }
2895
2896         get_hfi_length(hfinfo, ptvc->tvb, offset, &length, &item_length, encoding);
2897         test_length(hfinfo, ptvc->tvb, offset, item_length, encoding);
2898
2899         /* I believe it's ok if this is called with a NULL tree */
2900         /* XXX - modify if we ever support EBCDIC FT_CHAR */
2901         value = get_uint_value(ptvc->tree, ptvc->tvb, offset, item_length, encoding);
2902
2903         if (retval) {
2904                 *retval = value;
2905                 if (hfinfo->bitmask) {
2906                         /* Mask out irrelevant portions */
2907                         *retval &= (guint32)(hfinfo->bitmask);
2908                         /* Shift bits */
2909                         *retval >>= hfinfo_bitshift(hfinfo);
2910                 }
2911         }
2912
2913         ptvc->offset += get_full_length(hfinfo, ptvc->tvb, offset, length,
2914             item_length, encoding);
2915
2916         CHECK_FOR_NULL_TREE(ptvc->tree);
2917
2918         /* Coast clear. Try and fake it */
2919         TRY_TO_FAKE_THIS_ITEM(ptvc->tree, hfindex, hfinfo);
2920
2921         new_fi = new_field_info(ptvc->tree, hfinfo, ptvc->tvb, offset, item_length);
2922
2923         return proto_tree_new_item(new_fi, ptvc->tree, ptvc->tvb,
2924                 offset, length, encoding);
2925 }
2926
2927 /* Gets data from tvbuff, adds it to proto_tree, increments offset,
2928  * and returns proto_item* and int value retreived*/
2929 proto_item *
2930 ptvcursor_add_ret_int(ptvcursor_t *ptvc, int hfindex, gint length,
2931               const guint encoding, gint32 *retval)
2932 {
2933         field_info        *new_fi;
2934         header_field_info *hfinfo;
2935         gint               item_length;
2936         int                offset;
2937         guint32            value;
2938
2939         offset = ptvc->offset;
2940         PROTO_REGISTRAR_GET_NTH(hfindex, hfinfo);
2941
2942         switch (hfinfo->type) {
2943         case FT_INT8:
2944         case FT_INT16:
2945         case FT_INT24:
2946         case FT_INT32:
2947                 break;
2948         default:
2949                 REPORT_DISSECTOR_BUG("field %s is not of type FT_CHAR, FT_UINT8, FT_UINT16, FT_UINT24, or FT_UINT32",
2950                     hfinfo->abbrev);
2951         }
2952
2953         get_hfi_length(hfinfo, ptvc->tvb, offset, &length, &item_length, encoding);
2954         test_length(hfinfo, ptvc->tvb, offset, item_length, encoding);
2955
2956         /* I believe it's ok if this is called with a NULL tree */
2957         /* XXX - modify if we ever support EBCDIC FT_CHAR */
2958         value = get_int_value(ptvc->tree, ptvc->tvb, offset, item_length, encoding);
2959
2960         if (retval) {
2961                 gint no_of_bits;
2962                 *retval = value;
2963                 if (hfinfo->bitmask) {
2964                         /* Mask out irrelevant portions */
2965                         *retval &= (guint32)(hfinfo->bitmask);
2966                         /* Shift bits */
2967                         *retval >>= hfinfo_bitshift(hfinfo);
2968                 }
2969                 no_of_bits = ws_count_ones(hfinfo->bitmask);
2970                 *retval = ws_sign_ext32(*retval, no_of_bits);
2971         }
2972
2973         ptvc->offset += get_full_length(hfinfo, ptvc->tvb, offset, length,
2974             item_length, encoding);
2975
2976         CHECK_FOR_NULL_TREE(ptvc->tree);
2977
2978         /* Coast clear. Try and fake it */
2979         TRY_TO_FAKE_THIS_ITEM(ptvc->tree, hfindex, hfinfo);
2980
2981         new_fi = new_field_info(ptvc->tree, hfinfo, ptvc->tvb, offset, item_length);
2982
2983         return proto_tree_new_item(new_fi, ptvc->tree, ptvc->tvb,
2984                 offset, length, encoding);
2985 }
2986
2987 /* Gets data from tvbuff, adds it to proto_tree, increments offset,
2988  * and returns proto_item* and string value retreived */
2989 proto_item*
2990 ptvcursor_add_ret_string(ptvcursor_t* ptvc, int hf, gint length, const guint encoding, wmem_allocator_t *scope, const guint8 **retval)
2991 {
2992         header_field_info *hfinfo;
2993         field_info              *new_fi;
2994         const guint8    *value;
2995         gint                    item_length;
2996         int                             offset;
2997
2998         offset = ptvc->offset;
2999
3000         PROTO_REGISTRAR_GET_NTH(hf, hfinfo);
3001
3002         switch (hfinfo->type) {
3003         case FT_STRING:
3004                 value = get_string_value(scope, ptvc->tvb, offset, length, &item_length, encoding);
3005                 break;
3006         case FT_STRINGZ:
3007                 value = get_stringz_value(scope, ptvc->tree, ptvc->tvb, offset, length, &item_length, encoding);
3008                 break;
3009         case FT_UINT_STRING:
3010                 value = get_uint_string_value(scope, ptvc->tree, ptvc->tvb, offset, length, &item_length, encoding);
3011                 break;
3012         case FT_STRINGZPAD:
3013                 value = get_stringzpad_value(scope, ptvc->tvb, offset, length, &item_length, encoding);
3014                 break;
3015         default:
3016                 REPORT_DISSECTOR_BUG("field %s is not of type FT_STRING, FT_STRINGZ, FT_UINT_STRING, or FT_STRINGZPAD",
3017                     hfinfo->abbrev);
3018         }
3019
3020         if (retval)
3021                 *retval = value;
3022
3023         ptvc->offset += item_length;
3024
3025         CHECK_FOR_NULL_TREE(ptvc->tree);
3026
3027         TRY_TO_FAKE_THIS_ITEM(ptvc->tree, hfinfo->id, hfinfo);
3028
3029         new_fi = new_field_info(ptvc->tree, hfinfo, ptvc->tvb, offset, item_length);
3030
3031         return proto_tree_new_item(new_fi, ptvc->tree, ptvc->tvb,
3032                 offset, length, encoding);
3033 }
3034
3035 /* Gets data from tvbuff, adds it to proto_tree, increments offset,
3036  * and returns proto_item* and boolean value retreived */
3037 proto_item*
3038 ptvcursor_add_ret_boolean(ptvcursor_t* ptvc, int hfindex, gint length, const guint encoding, gboolean *retval)
3039 {
3040         header_field_info *hfinfo;
3041         field_info              *new_fi;
3042         gint                    item_length;
3043         int                             offset;
3044         guint64                 value, bitval;
3045
3046         offset = ptvc->offset;
3047         PROTO_REGISTRAR_GET_NTH(hfindex, hfinfo);
3048
3049         if (hfinfo->type != FT_BOOLEAN) {
3050                 REPORT_DISSECTOR_BUG("field %s is not of type FT_BOOLEAN",
3051                     hfinfo->abbrev);
3052         }
3053
3054         /* length validation for native number encoding caught by get_uint64_value() */
3055         /* length has to be -1 or > 0 regardless of encoding */
3056         if (length < -1 || length == 0)
3057                 REPORT_DISSECTOR_BUG("Invalid length %d passed to proto_tree_add_item_ret_uint",
3058                         length);
3059
3060         if (encoding & ENC_STRING) {
3061                 REPORT_DISSECTOR_BUG("wrong encoding");
3062         }
3063
3064         get_hfi_length(hfinfo, ptvc->tvb, offset, &length, &item_length, encoding);
3065         test_length(hfinfo, ptvc->tvb, offset, item_length, encoding);
3066
3067         /* I believe it's ok if this is called with a NULL tree */
3068         value = get_uint64_value(ptvc->tree, ptvc->tvb, offset, length, encoding);
3069
3070         if (retval) {
3071                 bitval = value;
3072                 if (hfinfo->bitmask) {
3073                         /* Mask out irrelevant portions */
3074                         bitval &= hfinfo->bitmask;
3075                 }
3076                 *retval = (bitval != 0);
3077         }
3078
3079         ptvc->offset += get_full_length(hfinfo, ptvc->tvb, offset, length,
3080             item_length, encoding);
3081
3082         CHECK_FOR_NULL_TREE(ptvc->tree);
3083
3084         TRY_TO_FAKE_THIS_ITEM(ptvc->tree, hfinfo->id, hfinfo);
3085
3086         new_fi = new_field_info(ptvc->tree, hfinfo, ptvc->tvb, offset, item_length);
3087
3088         return proto_tree_new_item(new_fi, ptvc->tree, ptvc->tvb,
3089                 offset, length, encoding);
3090 }
3091
3092 proto_item *
3093 proto_tree_add_item_ret_uint64(proto_tree *tree, int hfindex, tvbuff_t *tvb,
3094     const gint start, gint length, const guint encoding, guint64 *retval)
3095 {
3096         header_field_info *hfinfo = proto_registrar_get_nth(hfindex);
3097         field_info        *new_fi;
3098         guint64            value;
3099
3100         DISSECTOR_ASSERT_HINT(hfinfo != NULL, "Not passed hfi!");
3101
3102         switch (hfinfo->type) {
3103         case FT_UINT40:
3104         case FT_UINT48:
3105         case FT_UINT56:
3106         case FT_UINT64:
3107                 break;
3108         default:
3109                 REPORT_DISSECTOR_BUG("field %s is not of type FT_UINT40, FT_UINT48, FT_UINT56, or FT_UINT64",
3110                     hfinfo->abbrev);
3111         }
3112
3113         /* length validation for native number encoding caught by get_uint64_value() */
3114         /* length has to be -1 or > 0 regardless of encoding */
3115         if (length < -1 || length == 0)
3116                 REPORT_DISSECTOR_BUG("Invalid length %d passed to proto_tree_add_item_ret_uint",
3117                         length);
3118
3119         if (encoding & ENC_STRING) {
3120                 REPORT_DISSECTOR_BUG("wrong encoding");
3121         }
3122         /* I believe it's ok if this is called with a NULL tree */
3123         if (encoding & (ENC_VARINT_PROTOBUF|ENC_VARINT_QUIC)) {
3124                 tvb_get_varint(tvb, start, length, &value, encoding);
3125         } else {
3126                 value = get_uint64_value(tree, tvb, start, length, encoding);
3127         }
3128
3129         if (retval) {
3130                 *retval = value;
3131                 if (hfinfo->bitmask) {
3132                         /* Mask out irrelevant portions */
3133                         *retval &= hfinfo->bitmask;
3134                         /* Shift bits */
3135                         *retval >>= hfinfo_bitshift(hfinfo);
3136                 }
3137         }
3138
3139         CHECK_FOR_NULL_TREE(tree);
3140
3141         TRY_TO_FAKE_THIS_ITEM(tree, hfinfo->id, hfinfo);
3142
3143         new_fi = new_field_info(tree, hfinfo, tvb, start, length);
3144
3145         proto_tree_set_uint64(new_fi, value);
3146
3147         new_fi->flags |= (encoding & ENC_LITTLE_ENDIAN) ? FI_LITTLE_ENDIAN : FI_BIG_ENDIAN;
3148         if (encoding & ENC_VARINT_PROTOBUF) {
3149                 new_fi->flags |= FI_VARINT;
3150         }
3151
3152         return proto_tree_add_node(tree, new_fi);
3153 }
3154
3155 proto_item *
3156 proto_tree_add_item_ret_varint(proto_tree *tree, int hfindex, tvbuff_t *tvb,
3157     const gint start, gint length, const guint encoding, guint64 *retval, gint *lenretval)
3158 {
3159         header_field_info *hfinfo = proto_registrar_get_nth(hfindex);
3160         field_info      *new_fi;
3161         guint64         value;
3162
3163         DISSECTOR_ASSERT_HINT(hfinfo != NULL, "Not passed hfi!");
3164
3165         if ((!IS_FT_INT(hfinfo->type)) && (!IS_FT_UINT(hfinfo->type))) {
3166                 REPORT_DISSECTOR_BUG("field %s is not of type FT_UINT or FT_INT",
3167                     hfinfo->abbrev);
3168         }
3169
3170         /* length validation for native number encoding caught by get_uint64_value() */
3171         /* length has to be -1 or > 0 regardless of encoding */
3172         if (length == 0)
3173                 REPORT_DISSECTOR_BUG("Invalid length %d passed to proto_tree_add_item_ret_varint",
3174                         length);
3175
3176         if (encoding & ENC_STRING) {
3177                 REPORT_DISSECTOR_BUG("wrong encoding");
3178         }
3179
3180         length = tvb_get_varint(tvb, start, (length == -1) ? FT_VARINT_MAX_LEN : length, &value, encoding);
3181
3182         if (retval) {
3183                 *retval = value;
3184                 if (hfinfo->bitmask) {
3185                         /* Mask out irrelevant portions */
3186                         *retval &= hfinfo->bitmask;
3187                         /* Shift bits */
3188                         *retval >>= hfinfo_bitshift(hfinfo);
3189                 }
3190         }
3191
3192         if (lenretval) {
3193