3 * Routines for reading a binary file containing a ruby marshal object
5 * Copyright 2018, Dario Lombardo <lomato@gmail.com>
7 * SPDX-License-Identifier: GPL-2.0-or-later
15 #include "file_wrappers.h"
17 #include "ruby_marshal.h"
20 * Impose a not-too-large limit on the maximum file size, to avoid eating
21 * up 99% of the (address space, swap partition, disk space for swap/page
22 * files); if we were to return smaller chunks and let the dissector do
23 * reassembly, it would *still* have to allocate a buffer the size of
24 * the file, so it's not as if we'd neve try to allocate a buffer the
27 * For now, go for 50MB.
29 #define MAX_FILE_SIZE (50*1024*1024)
31 static gboolean ruby_marshal_read_file(wtap *wth, FILE_T fh, wtap_rec *rec,
32 Buffer *buf, int *err, gchar **err_info)
37 if ((file_size = wtap_file_size(wth, err)) == -1)
40 if (file_size > MAX_FILE_SIZE) {
42 * Don't blow up trying to allocate space for an
43 * immensely-large file.
45 *err = WTAP_ERR_BAD_FILE;
46 *err_info = g_strdup_printf("ruby_marshal: File has %" G_GINT64_MODIFIER "d-byte packet, bigger than maximum of %u",
47 file_size, MAX_FILE_SIZE);
50 packet_size = (int)file_size;
52 rec->rec_type = REC_TYPE_PACKET;
53 rec->presence_flags = 0;
55 rec->rec_header.packet_header.caplen = packet_size;
56 rec->rec_header.packet_header.len = packet_size;
61 return wtap_read_packet_bytes(fh, buf, packet_size, err, err_info);
64 static gboolean ruby_marshal_seek_read(wtap *wth, gint64 seek_off, wtap_rec *rec, Buffer *buf,
65 int *err, gchar **err_info)
67 /* there is only one packet */
73 if (file_seek(wth->random_fh, seek_off, SEEK_SET, err) == -1)
76 return ruby_marshal_read_file(wth, wth->random_fh, rec, buf, err, err_info);
79 static gboolean ruby_marshal_read(wtap *wth, int *err, gchar **err_info, gint64 *data_offset)
85 offset = file_tell(wth->fh);
87 /* there is only ever one packet */
91 *data_offset = offset;
93 return ruby_marshal_read_file(wth, wth->fh, &wth->rec, wth->rec_data, err, err_info);
96 static gboolean is_ruby_marshal(const guint8* filebuf)
98 if (filebuf[0] != RUBY_MARSHAL_MAJOR)
100 if (filebuf[1] != RUBY_MARSHAL_MINOR)
102 switch (filebuf[2]) {
129 wtap_open_return_val ruby_marshal_open(wtap *wth, int *err, gchar **err_info)
134 filebuf = (guint8*)g_malloc0(MAX_FILE_SIZE);
136 return WTAP_OPEN_ERROR;
138 bytes_read = file_read(filebuf, MAX_FILE_SIZE, wth->fh);
139 if (bytes_read < 0) {
141 *err = file_error(wth->fh, err_info);
143 return WTAP_OPEN_ERROR;
145 if (bytes_read == 0) {
146 /* empty file, not *anybody's* */
148 return WTAP_OPEN_NOT_MINE;
151 if (!is_ruby_marshal(filebuf)) {
153 return WTAP_OPEN_NOT_MINE;
156 if (file_seek(wth->fh, 0, SEEK_SET, err) == -1) {
158 return WTAP_OPEN_ERROR;
161 wth->file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_RUBY_MARSHAL;
162 wth->file_encap = WTAP_ENCAP_RUBY_MARSHAL;
163 wth->file_tsprec = WTAP_TSPREC_SEC;
164 wth->subtype_read = ruby_marshal_read;
165 wth->subtype_seek_read = ruby_marshal_seek_read;
166 wth->snapshot_length = 0;
169 return WTAP_OPEN_MINE;
173 * Editor modelines - http://www.wireshark.org/tools/modelines.html
178 * indent-tabs-mode: nil
181 * vi: set shiftwidth=4 tabstop=8 expandtab:
182 * :indentSize=4:tabSize=8:noTabs=true: