* By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ * SPDX-License-Identifier: GPL-2.0-or-later
*/
#include <config.h>
#include <glib.h>
#include <epan/exceptions.h>
-#include <epan/epan-int.h>
#include <epan/epan.h>
#include <wsutil/clopts_common.h>
#include <wsutil/file_util.h>
#include <wsutil/privileges.h>
#include <wsutil/report_message.h>
-#include <ws_version_info.h>
+#include <version_info.h>
#include <wiretap/wtap_opttypes.h>
#include <wiretap/pcapng.h>
#include <epan/print.h>
#include <epan/addr_resolv.h>
#include "ui/util.h"
-#include "ui/ui_util.h"
+#include "ui/ws_ui_util.h"
#include "ui/decode_as_utils.h"
#include "ui/filter_files.h"
#include "ui/tap_export_pdu.h"
-#include "register.h"
+#include "ui/failure_message.h"
#include <epan/epan_dissect.h>
#include <epan/tap.h>
+#include <epan/uat-int.h>
+
+#include <codecs/codecs.h>
#include "log.h"
#define INIT_FAILED 1
#define EPAN_INIT_FAIL 2
+capture_file cfile;
+
static guint32 cum_bytes;
-static const frame_data *ref;
static frame_data ref_frame;
-static frame_data *prev_dis;
-static frame_data *prev_cap;
-
-static const char *cf_open_error_message(int err, gchar *err_info,
- gboolean for_writing, int file_type);
static void failure_warning_message(const char *msg_format, va_list ap);
static void open_failure_message(const char *filename, int err,
static void write_failure_message(const char *filename, int err);
static void failure_message_cont(const char *msg_format, va_list ap);
-capture_file cfile;
-
static void
print_current_user(void) {
gchar *cur_user, *cur_group;
/*
* Attempt to get the pathname of the executable file.
*/
- init_progfile_dir_error = init_progfile_dir(argv[0], main);
+ init_progfile_dir_error = init_progfile_dir(argv[0]);
if (init_progfile_dir_error != NULL) {
fprintf(stderr, "sharkd: Can't get pathname of sharkd program: %s.\n",
init_progfile_dir_error);
timestamp_set_precision(TS_PREC_AUTO);
timestamp_set_seconds_type(TS_SECONDS_DEFAULT);
- wtap_init();
-
-#ifdef HAVE_PLUGINS
- /* Register all the plugin types we have. */
- epan_register_plugin_types(); /* Types known to libwireshark */
-
- /* Scan for plugins. This does *not* call their registration routines;
- that's done later. */
- scan_plugins(REPORT_LOAD_FAILURE);
-
- /* Register all libwiretap plugin modules. */
- register_all_wiretap_modules();
-#endif
+ wtap_init(TRUE);
/* Register all dissectors; we must do this before checking for the
"-G" flag, as the "-G" flag dumps information registered by the
dissectors, and we must do it before we read the preferences, in
case any dissectors register preferences. */
- if (!epan_init(register_all_protocols, register_all_protocol_handoffs, NULL,
- NULL)) {
+ if (!epan_init(NULL, NULL, TRUE)) {
ret = EPAN_INIT_FAIL;
goto clean_exit;
}
+ codecs_init();
+
/* Load libwireshark settings from the current profile. */
prefs_p = epan_load_settings();
read_filter_list(CFILTER_LIST);
if (!color_filters_init(&err_msg, NULL)) {
- fprintf(stderr, "color_filters_init() failed %s\n", err_msg);
+ fprintf(stderr, "%s\n", err_msg);
g_free(err_msg);
}
/* Build the column format array */
build_column_format_array(&cfile.cinfo, prefs_p->num_cols, TRUE);
+#ifdef HAVE_MAXMINDDB
+ /* mmdbresolve is started from mmdb_resolve_start(), which is called from epan_load_settings via: read_prefs -> (...) uat_load_all -> maxmind_db_post_update_cb.
+ * Need to stop it, otherwise all sharkd will have same mmdbresolve process, including pipe descriptors to read and write. */
+ uat_clear(uat_get_table_by_name("MaxMind Database Paths"));
+#endif
+
ret = sharkd_loop();
clean_exit:
col_cleanup(&cfile.cinfo);
free_filter_lists();
+ codecs_cleanup();
wtap_cleanup();
free_progdirs();
-#ifdef HAVE_PLUGINS
- plugins_cleanup();
-#endif
return ret;
}
static const nstime_t *
-sharkd_get_frame_ts(void *data, guint32 frame_num)
+sharkd_get_frame_ts(struct packet_provider_data *prov, guint32 frame_num)
{
- capture_file *cf = (capture_file *) data;
-
- if (ref && ref->num == frame_num)
- return &ref->abs_ts;
+ if (prov->ref && prov->ref->num == frame_num)
+ return &prov->ref->abs_ts;
- if (prev_dis && prev_dis->num == frame_num)
- return &prev_dis->abs_ts;
+ if (prov->prev_dis && prov->prev_dis->num == frame_num)
+ return &prov->prev_dis->abs_ts;
- if (prev_cap && prev_cap->num == frame_num)
- return &prev_cap->abs_ts;
+ if (prov->prev_cap && prov->prev_cap->num == frame_num)
+ return &prov->prev_cap->abs_ts;
- if (cf->frames) {
- frame_data *fd = frame_data_sequence_find(cf->frames, frame_num);
+ if (prov->frames) {
+ frame_data *fd = frame_data_sequence_find(prov->frames, frame_num);
return (fd) ? &fd->abs_ts : NULL;
}
static epan_t *
sharkd_epan_new(capture_file *cf)
{
- epan_t *epan = epan_new();
-
- epan->data = cf;
- epan->get_frame_ts = sharkd_get_frame_ts;
- epan->get_interface_name = cap_file_get_interface_name;
- epan->get_interface_description = cap_file_get_interface_description;
- epan->get_user_comment = NULL;
-
- return epan;
+ static const struct packet_provider_funcs funcs = {
+ sharkd_get_frame_ts,
+ cap_file_provider_get_interface_name,
+ cap_file_provider_get_interface_description,
+ cap_file_provider_get_user_comment
+ };
+
+ return epan_new(&cf->provider, &funcs);
}
static gboolean
process_packet(capture_file *cf, epan_dissect_t *edt,
- gint64 offset, struct wtap_pkthdr *whdr,
- const guchar *pd)
+ gint64 offset, wtap_rec *rec, const guchar *pd)
{
frame_data fdlocal;
- guint32 framenum;
gboolean passed;
- /* The frame number of this packet is one more than the count of
- frames in this packet. */
- framenum = cf->count + 1;
-
/* If we're not running a display filter and we're not printing any
packet information, we don't need to do a dissection. This means
that all packets can be marked as 'passed'. */
passed = TRUE;
- frame_data_init(&fdlocal, framenum, whdr, offset, cum_bytes);
+ /* The frame number of this packet, if we add it to the set of frames,
+ would be one more than the count of frames in the file so far. */
+ frame_data_init(&fdlocal, cf->count + 1, rec, offset, cum_bytes);
/* If we're going to print packet information, or we're going to
run a read filter, or display filter, or we're going to process taps, set up to
epan_dissect_prime_with_dfilter(edt, cf->dfcode);
/* This is the first and only pass, so prime the epan_dissect_t
- with the fields postdissectors want on the first pass. */
- prime_epan_dissect_with_postdissector_wanted_fields(edt);
+ with the hfids postdissectors want on the first pass. */
+ prime_epan_dissect_with_postdissector_wanted_hfids(edt);
frame_data_set_before_dissect(&fdlocal, &cf->elapsed_time,
- &ref, prev_dis);
- if (ref == &fdlocal) {
+ &cf->provider.ref, cf->provider.prev_dis);
+ if (cf->provider.ref == &fdlocal) {
ref_frame = fdlocal;
- ref = &ref_frame;
+ cf->provider.ref = &ref_frame;
}
- epan_dissect_run(edt, cf->cd_t, whdr, frame_tvbuff_new(&fdlocal, pd), &fdlocal, NULL);
+ epan_dissect_run(edt, cf->cd_t, rec,
+ frame_tvbuff_new(&cf->provider, &fdlocal, pd),
+ &fdlocal, NULL);
/* Run the read filter if we have one. */
if (cf->rfcode)
if (passed) {
frame_data_set_after_dissect(&fdlocal, &cum_bytes);
- prev_cap = prev_dis = frame_data_sequence_add(cf->frames, &fdlocal);
+ cf->provider.prev_cap = cf->provider.prev_dis = frame_data_sequence_add(cf->provider.frames, &fdlocal);
/* If we're not doing dissection then there won't be any dependent frames.
* More importantly, edt.pi.dependent_frames won't be initialized because
*/
if (edt && cf->dfcode) {
if (dfilter_apply_edt(cf->dfcode, edt)) {
- g_slist_foreach(edt->pi.dependent_frames, find_and_mark_frame_depended_upon, cf->frames);
+ g_slist_foreach(edt->pi.dependent_frames, find_and_mark_frame_depended_upon, cf->provider.frames);
}
}
{
/* Allocate a frame_data_sequence for all the frames. */
- cf->frames = new_frame_data_sequence();
+ cf->provider.frames = new_frame_data_sequence();
{
gboolean create_proto_tree;
*
* we're going to apply a display filter;
*
- * a postdissector wants field values on the first pass.
+ * a postdissector wants field values or protocols
+ * on the first pass.
*/
create_proto_tree =
- (cf->rfcode != NULL || cf->dfcode != NULL || postdissectors_want_fields());
+ (cf->rfcode != NULL || cf->dfcode != NULL || postdissectors_want_hfids());
/* We're not going to display the protocol tree on this pass,
so it's not going to be "visible". */
edt = epan_dissect_new(cf->epan, create_proto_tree, FALSE);
}
- while (wtap_read(cf->wth, &err, &err_info, &data_offset)) {
- if (process_packet(cf, edt, data_offset, wtap_phdr(cf->wth),
- wtap_buf_ptr(cf->wth))) {
+ while (wtap_read(cf->provider.wth, &err, &err_info, &data_offset)) {
+ if (process_packet(cf, edt, data_offset, wtap_get_rec(cf->provider.wth),
+ wtap_get_buf_ptr(cf->provider.wth))) {
/* Stop reading if we have the maximum number of packets;
* When the -c option has not been used, max_packet_count
* starts at 0, which practically means, never stop reading.
}
/* Close the sequential I/O side, to free up memory it requires. */
- wtap_sequential_close(cf->wth);
+ wtap_sequential_close(cf->provider.wth);
/* Allow the protocol dissectors to free up memory that they
* don't need after the sequential run-through of the packets. */
postseq_cleanup_all_protocols();
- prev_dis = NULL;
- prev_cap = NULL;
+ cf->provider.prev_dis = NULL;
+ cf->provider.prev_cap = NULL;
}
if (err != 0) {
- switch (err) {
-
- case WTAP_ERR_UNSUPPORTED:
- cmdarg_err("The file \"%s\" contains record data that sharkd doesn't support.\n(%s)",
- cf->filename,
- err_info != NULL ? err_info : "no information supplied");
- g_free(err_info);
- break;
-
- case WTAP_ERR_SHORT_READ:
- cmdarg_err("The file \"%s\" appears to have been cut short in the middle of a packet.",
- cf->filename);
- break;
-
- case WTAP_ERR_BAD_FILE:
- cmdarg_err("The file \"%s\" appears to be damaged or corrupt.\n(%s)",
- cf->filename,
- err_info != NULL ? err_info : "no information supplied");
- g_free(err_info);
- break;
-
- case WTAP_ERR_DECOMPRESS:
- cmdarg_err("The compressed file \"%s\" appears to be damaged or corrupt.\n"
- "(%s)", cf->filename,
- err_info != NULL ? err_info : "no information supplied");
- g_free(err_info);
- break;
-
- default:
- cmdarg_err("An error occurred while reading the file \"%s\": %s.",
- cf->filename, wtap_strerror(err));
- break;
- }
+ cfile_read_failure_message("sharkd", cf->filename, err, err_info);
}
return err;
{
wtap *wth;
gchar *err_info;
- char err_msg[2048+1];
wth = wtap_open_offline(fname, type, err, &err_info, TRUE);
if (wth == NULL)
/* The open succeeded. Fill in the information for this file. */
- /* Create new epan session for dissection. */
- epan_free(cf->epan);
- cf->epan = sharkd_epan_new(cf);
-
- cf->wth = wth;
+ cf->provider.wth = wth;
cf->f_datalen = 0; /* not used, but set it anyway */
/* Set the file name because we need it to set the follow stream filter.
/* No user changes yet. */
cf->unsaved_changes = FALSE;
- cf->cd_t = wtap_file_type_subtype(cf->wth);
+ cf->cd_t = wtap_file_type_subtype(cf->provider.wth);
cf->open_type = type;
cf->count = 0;
cf->drops_known = FALSE;
cf->drops = 0;
- cf->snap = wtap_snapshot_length(cf->wth);
- if (cf->snap == 0) {
- /* Snapshot length not known. */
- cf->has_snap = FALSE;
- cf->snap = WTAP_MAX_PACKET_SIZE;
- } else
- cf->has_snap = TRUE;
+ cf->snap = wtap_snapshot_length(cf->provider.wth);
nstime_set_zero(&cf->elapsed_time);
- ref = NULL;
- prev_dis = NULL;
- prev_cap = NULL;
+ cf->provider.ref = NULL;
+ cf->provider.prev_dis = NULL;
+ cf->provider.prev_cap = NULL;
+
+ /* Create new epan session for dissection. */
+ epan_free(cf->epan);
+ cf->epan = sharkd_epan_new(cf);
cf->state = FILE_READ_IN_PROGRESS;
- wtap_set_cb_new_ipv4(cf->wth, add_ipv4_name);
- wtap_set_cb_new_ipv6(cf->wth, (wtap_new_ipv6_callback_t) add_ipv6_name);
+ wtap_set_cb_new_ipv4(cf->provider.wth, add_ipv4_name);
+ wtap_set_cb_new_ipv6(cf->provider.wth, (wtap_new_ipv6_callback_t) add_ipv6_name);
return CF_OK;
fail:
- g_snprintf(err_msg, sizeof err_msg,
- cf_open_error_message(*err, err_info, FALSE, cf->cd_t), fname);
- cmdarg_err("%s", err_msg);
+ cfile_open_failure_message("sharkd", fname, *err, err_info);
return CF_ERROR;
}
-static const char *
-cf_open_error_message(int err, gchar *err_info, gboolean for_writing,
- int file_type)
-{
- const char *errmsg;
- static char errmsg_errno[1024+1];
-
- if (err < 0) {
- /* Wiretap error. */
- switch (err) {
-
- case WTAP_ERR_NOT_REGULAR_FILE:
- errmsg = "The file \"%s\" is a \"special file\" or socket or other non-regular file.";
- break;
-
- case WTAP_ERR_RANDOM_OPEN_PIPE:
- /* Seen only when opening a capture file for reading. */
- errmsg = "The file \"%s\" is a pipe or FIFO; sharkd can't read pipe or FIFO files in two-pass mode.";
- break;
-
- case WTAP_ERR_FILE_UNKNOWN_FORMAT:
- /* Seen only when opening a capture file for reading. */
- errmsg = "The file \"%s\" isn't a capture file in a format sharkd understands.";
- break;
-
- case WTAP_ERR_UNSUPPORTED:
- /* Seen only when opening a capture file for reading. */
- g_snprintf(errmsg_errno, sizeof(errmsg_errno),
- "The file \"%%s\" contains record data that sharkd doesn't support.\n"
- "(%s)",
- err_info != NULL ? err_info : "no information supplied");
- g_free(err_info);
- errmsg = errmsg_errno;
- break;
-
- case WTAP_ERR_CANT_WRITE_TO_PIPE:
- /* Seen only when opening a capture file for writing. */
- g_snprintf(errmsg_errno, sizeof(errmsg_errno),
- "The file \"%%s\" is a pipe, and \"%s\" capture files can't be "
- "written to a pipe.", wtap_file_type_subtype_short_string(file_type));
- errmsg = errmsg_errno;
- break;
-
- case WTAP_ERR_UNWRITABLE_FILE_TYPE:
- /* Seen only when opening a capture file for writing. */
- errmsg = "sharkd doesn't support writing capture files in that format.";
- break;
-
- case WTAP_ERR_UNWRITABLE_ENCAP:
- /* Seen only when opening a capture file for writing. */
- g_snprintf(errmsg_errno, sizeof(errmsg_errno),
- "sharkd can't save this capture as a \"%s\" file.",
- wtap_file_type_subtype_short_string(file_type));
- errmsg = errmsg_errno;
- break;
-
- case WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED:
- if (for_writing) {
- g_snprintf(errmsg_errno, sizeof(errmsg_errno),
- "sharkd can't save this capture as a \"%s\" file.",
- wtap_file_type_subtype_short_string(file_type));
- errmsg = errmsg_errno;
- } else
- errmsg = "The file \"%s\" is a capture for a network type that sharkd doesn't support.";
- break;
-
- case WTAP_ERR_BAD_FILE:
- /* Seen only when opening a capture file for reading. */
- g_snprintf(errmsg_errno, sizeof(errmsg_errno),
- "The file \"%%s\" appears to be damaged or corrupt.\n"
- "(%s)",
- err_info != NULL ? err_info : "no information supplied");
- g_free(err_info);
- errmsg = errmsg_errno;
- break;
-
- case WTAP_ERR_CANT_OPEN:
- if (for_writing)
- errmsg = "The file \"%s\" could not be created for some unknown reason.";
- else
- errmsg = "The file \"%s\" could not be opened for some unknown reason.";
- break;
-
- case WTAP_ERR_SHORT_READ:
- errmsg = "The file \"%s\" appears to have been cut short"
- " in the middle of a packet or other data.";
- break;
-
- case WTAP_ERR_SHORT_WRITE:
- errmsg = "A full header couldn't be written to the file \"%s\".";
- break;
-
- case WTAP_ERR_COMPRESSION_NOT_SUPPORTED:
- errmsg = "This file type cannot be written as a compressed file.";
- break;
-
- case WTAP_ERR_DECOMPRESS:
- /* Seen only when opening a capture file for reading. */
- g_snprintf(errmsg_errno, sizeof(errmsg_errno),
- "The compressed file \"%%s\" appears to be damaged or corrupt.\n"
- "(%s)",
- err_info != NULL ? err_info : "no information supplied");
- g_free(err_info);
- errmsg = errmsg_errno;
- break;
-
- default:
- g_snprintf(errmsg_errno, sizeof(errmsg_errno),
- "The file \"%%s\" could not be %s: %s.",
- for_writing ? "created" : "opened",
- wtap_strerror(err));
- errmsg = errmsg_errno;
- break;
- }
- } else
- errmsg = file_open_error_message(err, for_writing);
- return errmsg;
-}
-
/*
* General errors and warnings are reported with an console message
* in sharkd.
return load_cap_file(&cfile, 0, 0);
}
+frame_data *
+sharkd_get_frame(guint32 framenum)
+{
+ return frame_data_sequence_find(cfile.provider.frames, framenum);
+}
+
int
-sharkd_dissect_request(unsigned int framenum, void (*cb)(packet_info *, proto_tree *, struct epan_column_info *, const GSList *, void *), int dissect_bytes, int dissect_columns, int dissect_tree, void *data)
+sharkd_dissect_request(guint32 framenum, guint32 frame_ref_num, guint32 prev_dis_num, sharkd_dissect_func_t cb, guint32 dissect_flags, void *data)
{
frame_data *fdata;
- column_info *cinfo = (dissect_columns) ? &cfile.cinfo : NULL;
+ column_info *cinfo = (dissect_flags & SHARKD_DISSECT_FLAG_COLUMNS) ? &cfile.cinfo : NULL;
epan_dissect_t edt;
gboolean create_proto_tree;
- struct wtap_pkthdr phdr; /* Packet header */
- Buffer buf; /* Packet data */
+ wtap_rec rec; /* Record metadata */
+ Buffer buf; /* Record data */
int err;
char *err_info = NULL;
- fdata = frame_data_sequence_find(cfile.frames, framenum);
+ fdata = sharkd_get_frame(framenum);
if (fdata == NULL)
return -1;
- wtap_phdr_init(&phdr);
+ wtap_rec_init(&rec);
ws_buffer_init(&buf, 1500);
- if (!wtap_seek_read(cfile.wth, fdata->file_off, &phdr, &buf, &err, &err_info)) {
+ if (!wtap_seek_read(cfile.provider.wth, fdata->file_off, &rec, &buf, &err, &err_info)) {
+ wtap_rec_cleanup(&rec);
ws_buffer_free(&buf);
return -1; /* error reading the record */
}
- create_proto_tree = (dissect_tree) || (cinfo && have_custom_cols(cinfo));
- epan_dissect_init(&edt, cfile.epan, create_proto_tree, dissect_tree);
+ create_proto_tree = ((dissect_flags & SHARKD_DISSECT_FLAG_PROTO_TREE) ||
+ ((dissect_flags & SHARKD_DISSECT_FLAG_COLOR) && color_filters_used()) ||
+ (cinfo && have_custom_cols(cinfo)));
+ epan_dissect_init(&edt, cfile.epan, create_proto_tree, (dissect_flags & SHARKD_DISSECT_FLAG_PROTO_TREE));
+
+ if (dissect_flags & SHARKD_DISSECT_FLAG_COLOR) {
+ color_filters_prime_edt(&edt);
+ fdata->flags.need_colorize = 1;
+ }
if (cinfo)
col_custom_prime_edt(&edt, cinfo);
* XXX - need to catch an OutOfMemoryError exception and
* attempt to recover from it.
*/
- epan_dissect_run(&edt, cfile.cd_t, &phdr, frame_tvbuff_new_buffer(fdata, &buf), fdata, cinfo);
+ fdata->flags.ref_time = (framenum == frame_ref_num);
+ fdata->frame_ref_num = frame_ref_num;
+ fdata->prev_dis_num = prev_dis_num;
+ epan_dissect_run(&edt, cfile.cd_t, &rec,
+ frame_tvbuff_new_buffer(&cfile.provider, fdata, &buf),
+ fdata, cinfo);
if (cinfo) {
/* "Stringify" non frame_data vals */
epan_dissect_fill_in_columns(&edt, FALSE, TRUE/* fill_fd_columns */);
}
- cb(&edt.pi, dissect_tree ? edt.tree : NULL, cinfo, dissect_bytes ? edt.pi.data_src : NULL, data);
+ cb(&edt, (dissect_flags & SHARKD_DISSECT_FLAG_PROTO_TREE) ? edt.tree : NULL,
+ cinfo, (dissect_flags & SHARKD_DISSECT_FLAG_BYTES) ? edt.pi.data_src : NULL,
+ data);
epan_dissect_cleanup(&edt);
- wtap_phdr_cleanup(&phdr);
+ wtap_rec_cleanup(&rec);
ws_buffer_free(&buf);
return 0;
}
/* based on packet_list_dissect_and_cache_record */
int
-sharkd_dissect_columns(int framenum, column_info *cinfo, gboolean dissect_color)
+sharkd_dissect_columns(frame_data *fdata, guint32 frame_ref_num, guint32 prev_dis_num, column_info *cinfo, gboolean dissect_color)
{
- frame_data *fdata;
epan_dissect_t edt;
gboolean create_proto_tree;
- struct wtap_pkthdr phdr; /* Packet header */
- Buffer buf; /* Packet data */
+ wtap_rec rec; /* Record metadata */
+ Buffer buf; /* Record data */
int err;
char *err_info = NULL;
- fdata = frame_data_sequence_find(cfile.frames, framenum);
- if (fdata == NULL) {
- col_fill_in_error(cinfo, fdata, FALSE, TRUE/* fill_fd_columns */);
- return -1; /* error reading the record */
- }
-
- wtap_phdr_init(&phdr);
+ wtap_rec_init(&rec);
ws_buffer_init(&buf, 1500);
- if (!wtap_seek_read(cfile.wth, fdata->file_off, &phdr, &buf, &err, &err_info)) {
+ if (!wtap_seek_read(cfile.provider.wth, fdata->file_off, &rec, &buf, &err, &err_info)) {
col_fill_in_error(cinfo, fdata, FALSE, FALSE /* fill_fd_columns */);
+ wtap_rec_cleanup(&rec);
ws_buffer_free(&buf);
return -1; /* error reading the record */
}
* XXX - need to catch an OutOfMemoryError exception and
* attempt to recover from it.
*/
- epan_dissect_run(&edt, cfile.cd_t, &phdr, frame_tvbuff_new_buffer(fdata, &buf), fdata, cinfo);
+ fdata->flags.ref_time = (fdata->num == frame_ref_num);
+ fdata->frame_ref_num = frame_ref_num;
+ fdata->prev_dis_num = prev_dis_num;
+ epan_dissect_run(&edt, cfile.cd_t, &rec,
+ frame_tvbuff_new_buffer(&cfile.provider, fdata, &buf),
+ fdata, cinfo);
if (cinfo) {
/* "Stringify" non frame_data vals */
}
epan_dissect_cleanup(&edt);
- wtap_phdr_cleanup(&phdr);
+ wtap_rec_cleanup(&rec);
ws_buffer_free(&buf);
return 0;
}
guint32 framenum;
frame_data *fdata;
Buffer buf;
- struct wtap_pkthdr phdr;
+ wtap_rec rec;
int err;
char *err_info = NULL;
create_proto_tree =
(have_filtering_tap_listeners() || (tap_flags & TL_REQUIRES_PROTO_TREE));
- wtap_phdr_init(&phdr);
+ wtap_rec_init(&rec);
ws_buffer_init(&buf, 1500);
epan_dissect_init(&edt, cfile.epan, create_proto_tree, FALSE);
reset_tap_listeners();
for (framenum = 1; framenum <= cfile.count; framenum++) {
- fdata = frame_data_sequence_find(cfile.frames, framenum);
+ fdata = sharkd_get_frame(framenum);
- if (!wtap_seek_read(cfile.wth, fdata->file_off, &phdr, &buf, &err, &err_info))
+ if (!wtap_seek_read(cfile.provider.wth, fdata->file_off, &rec, &buf, &err, &err_info))
break;
- epan_dissect_run_with_taps(&edt, cfile.cd_t, &phdr, frame_tvbuff_new(fdata, ws_buffer_start_ptr(&buf)), fdata, cinfo);
+ fdata->flags.ref_time = FALSE;
+ fdata->frame_ref_num = (framenum != 1) ? 1 : 0;
+ fdata->prev_dis_num = framenum - 1;
+ epan_dissect_run_with_taps(&edt, cfile.cd_t, &rec,
+ frame_tvbuff_new(&cfile.provider, fdata, ws_buffer_start_ptr(&buf)),
+ fdata, cinfo);
epan_dissect_reset(&edt);
}
- wtap_phdr_cleanup(&phdr);
+ wtap_rec_cleanup(&rec);
ws_buffer_free(&buf);
epan_dissect_cleanup(&edt);
{
dfilter_t *dfcode = NULL;
- guint32 framenum;
+ guint32 framenum, prev_dis_num = 0;
guint32 frames_count;
Buffer buf;
- struct wtap_pkthdr phdr;
+ wtap_rec rec;
int err;
char *err_info = NULL;
return -1;
}
+ /* if dfilter_compile() success, but (dfcode == NULL) all frames are matching */
+ if (dfcode == NULL) {
+ *result = NULL;
+ return 0;
+ }
+
frames_count = cfile.count;
- wtap_phdr_init(&phdr);
+ wtap_rec_init(&rec);
ws_buffer_init(&buf, 1500);
epan_dissect_init(&edt, cfile.epan, TRUE, FALSE);
result_bits = (guint8 *) g_malloc(2 + (frames_count / 8));
for (framenum = 1; framenum <= frames_count; framenum++) {
- frame_data *fdata = frame_data_sequence_find(cfile.frames, framenum);
+ frame_data *fdata = sharkd_get_frame(framenum);
if ((framenum & 7) == 0) {
result_bits[(framenum / 8) - 1] = passed_bits;
passed_bits = 0;
}
- if (!wtap_seek_read(cfile.wth, fdata->file_off, &phdr, &buf, &err, &err_info))
+ if (!wtap_seek_read(cfile.provider.wth, fdata->file_off, &rec, &buf, &err, &err_info))
break;
/* frame_data_set_before_dissect */
epan_dissect_prime_with_dfilter(&edt, dfcode);
- epan_dissect_run(&edt, cfile.cd_t, &phdr, frame_tvbuff_new_buffer(fdata, &buf), fdata, NULL);
+ fdata->flags.ref_time = FALSE;
+ fdata->frame_ref_num = (framenum != 1) ? 1 : 0;
+ fdata->prev_dis_num = prev_dis_num;
+ epan_dissect_run(&edt, cfile.cd_t, &rec,
+ frame_tvbuff_new_buffer(&cfile.provider, fdata, &buf),
+ fdata, NULL);
- if (dfilter_apply_edt(dfcode, &edt))
+ if (dfilter_apply_edt(dfcode, &edt)) {
passed_bits |= (1 << (framenum % 8));
+ prev_dis_num = framenum;
+ }
/* if passed or ref -> frame_data_set_after_dissect */
framenum--;
result_bits[framenum / 8] = passed_bits;
- wtap_phdr_cleanup(&phdr);
+ wtap_rec_cleanup(&rec);
ws_buffer_free(&buf);
epan_dissect_cleanup(&edt);
return framenum;
}
+const char *
+sharkd_get_user_comment(const frame_data *fd)
+{
+ return cap_file_provider_get_user_comment(&cfile.provider, fd);
+}
+
+int
+sharkd_set_user_comment(frame_data *fd, const gchar *new_comment)
+{
+ cap_file_provider_set_user_comment(&cfile.provider, fd, new_comment);
+ return 0;
+}
+
#include "version.h"
const char *sharkd_version(void)
{