2 * Routines for PostgreSQL v3 protocol dissection.
3 * <http://www.postgresql.org/docs/current/static/protocol.html>
4 * Copyright 2004 Abhijit Menon-Sen <ams@oryx.com>
8 * Ethereal - Network traffic analyzer
9 * By Gerald Combs <gerald@ethereal.com>
10 * Copyright 1998 Gerald Combs
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version 2
15 * of the License, or (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
32 #include <epan/packet.h>
33 #include <epan/conversation.h>
34 #include <epan/prefs.h>
36 #include "packet-tcp.h"
37 #include "reassemble.h"
40 static int proto_pgsql = -1;
41 static int hf_frontend = -1;
42 static int hf_type = -1;
43 static int hf_length = -1;
44 static int hf_parameter_name = -1;
45 static int hf_parameter_value = -1;
46 static int hf_query = -1;
47 static int hf_authtype = -1;
48 static int hf_passwd = -1;
49 static int hf_salt = -1;
50 static int hf_statement = -1;
51 static int hf_portal = -1;
52 static int hf_tag = -1;
53 static int hf_status = -1;
54 static int hf_copydata = -1;
55 static int hf_error = -1;
56 static int hf_pid = -1;
57 static int hf_key = -1;
58 static int hf_condition = -1;
59 static int hf_text = -1;
60 static int hf_tableoid = -1;
61 static int hf_typeoid = -1;
62 static int hf_oid = -1;
63 static int hf_format = -1;
64 static int hf_val_name = -1;
65 static int hf_val_idx = -1;
66 static int hf_val_length = -1;
67 static int hf_val_data = -1;
68 static int hf_val_mod = -1;
69 static int hf_severity = -1;
70 static int hf_code = -1;
71 static int hf_message = -1;
72 static int hf_detail = -1;
73 static int hf_hint = -1;
74 static int hf_position = -1;
75 static int hf_where = -1;
76 static int hf_file = -1;
77 static int hf_line = -1;
78 static int hf_routine = -1;
80 static gint ett_pgsql = -1;
81 static gint ett_values = -1;
83 static guint pgsql_port = 5432;
84 static gboolean pgsql_desegment = TRUE;
85 static gboolean first_message = TRUE;
87 static void dissect_pgsql_fe_msg(guchar, guint32, guint32, tvbuff_t *, proto_tree *);
88 static void dissect_pgsql_be_msg(guchar, guint32, guint32, tvbuff_t *, proto_tree *);
89 static void dissect_pgsql_msg(tvbuff_t *, packet_info *, proto_tree *);
90 static void dissect_pgsql(tvbuff_t *, packet_info *, proto_tree *);
91 static char *identify(gboolean, guchar);
92 static guint pgsql_length(tvbuff_t *, int);
94 static const value_string auth_types[] = {
98 { 3, "Plaintext password" },
99 { 4, "crypt()ed password" },
100 { 5, "MD5 password" },
101 { 6, "SCM credentials" },
105 static const value_string status_vals[] = {
107 { 'T', "In a transaction" },
108 { 'E', "In a failed transaction" },
112 static const value_string format_vals[] = {
120 proto_reg_handoff_pgsql(void)
122 dissector_handle_t pgsql_handle;
124 pgsql_handle = create_dissector_handle(dissect_pgsql, proto_pgsql);
125 dissector_add("tcp.port", pgsql_port, pgsql_handle);
130 proto_register_pgsql(void)
132 static hf_register_info hf[] = {
134 { "Frontend", "pgsql.frontend", FT_BOOLEAN, BASE_NONE, NULL, 0,
135 "True for messages from the frontend, false otherwise.",
139 { "Type", "pgsql.type", FT_STRING, BASE_NONE, NULL, 0,
140 "A one-byte message type identifier.", HFILL }
143 { "Length", "pgsql.length", FT_UINT32, BASE_DEC, NULL, 0,
144 "The length of the message (not including the type).",
147 { &hf_parameter_name,
148 { "Parameter name", "pgsql.parameter_name", FT_STRINGZ,
149 BASE_NONE, NULL, 0, "The name of a database parameter.",
152 { &hf_parameter_value,
153 { "Parameter value", "pgsql.parameter_value", FT_STRINGZ,
154 BASE_NONE, NULL, 0, "The value of a database parameter.",
158 { "Query", "pgsql.query", FT_STRINGZ, BASE_NONE, NULL, 0,
159 "A query string.", HFILL }
162 { "Password", "pgsql.password", FT_STRINGZ, BASE_NONE, NULL, 0,
163 "A password.", HFILL }
166 { "Authentication type", "pgsql.authtype", FT_INT32, BASE_DEC,
168 "The type of authentication requested by the backend.", HFILL }
171 { "Salt value", "pgsql.salt", FT_BYTES, BASE_HEX, NULL, 0,
172 "The salt to use while encrypting a password.", HFILL }
175 { "Statement", "pgsql.statement", FT_STRINGZ, BASE_NONE, NULL, 0,
176 "The name of a prepared statement.", HFILL }
179 { "Portal", "pgsql.portal", FT_STRINGZ, BASE_NONE, NULL, 0,
180 "The name of a portal.", HFILL }
183 { "Tag", "pgsql.tag", FT_STRINGZ, BASE_NONE, NULL, 0,
184 "A completion tag.", HFILL }
187 { "Status", "pgsql.status", FT_UINT8, BASE_DEC, VALS(status_vals),
188 0, "The transaction status of the backend.", HFILL }
191 { "Copy data", "pgsql.copydata", FT_BYTES, BASE_NONE, NULL, 0,
192 "Data sent following a Copy-in or Copy-out response.", HFILL }
195 { "Error", "pgsql.error", FT_STRINGZ, BASE_NONE, NULL, 0,
196 "An error message.", HFILL }
199 { "PID", "pgsql.pid", FT_UINT32, BASE_DEC, NULL, 0,
200 "The process ID of a backend.", HFILL }
203 { "Key", "pgsql.key", FT_UINT32, BASE_DEC, NULL, 0,
204 "The secret key used by a particular backend.", HFILL }
207 { "Condition", "pgsql.condition", FT_STRINGZ, BASE_NONE, NULL, 0,
208 "The name of a NOTIFY condition.", HFILL }
211 { "Text", "pgsql.text", FT_STRINGZ, BASE_NONE, NULL, 0,
212 "Text from the backend.", HFILL }
215 { "Table OID", "pgsql.oid.table", FT_UINT32, BASE_DEC, NULL, 0,
216 "The object identifier of a table.", HFILL }
219 { "Type OID", "pgsql.oid.type", FT_UINT32, BASE_DEC, NULL, 0,
220 "The object identifier of a type.", HFILL }
223 { "OID", "pgsql.oid", FT_UINT32, BASE_DEC, NULL, 0,
224 "An object identifier.", HFILL }
227 { "Format", "pgsql.format", FT_UINT16, BASE_DEC, VALS(format_vals),
228 0, "A format specifier.", HFILL }
231 { "Column name", "pgsql.col.name", FT_STRINGZ, BASE_NONE, NULL, 0,
232 "The name of a column.", HFILL }
235 { "Column index", "pgsql.col.index", FT_UINT32, BASE_DEC, NULL, 0,
236 "The position of a column within a row.", HFILL }
239 { "Column length", "pgsql.val.length", FT_INT32, BASE_DEC, NULL, 0,
240 "The length of a parameter value, in bytes. -1 means NULL.",
244 { "Data", "pgsql.val.data", FT_BYTES, BASE_NONE, NULL, 0,
245 "Parameter data.", HFILL }
248 { "Type modifier", "pgsql.col.typemod", FT_INT32, BASE_DEC, NULL, 0,
249 "The type modifier for a column.", HFILL }
252 { "Severity", "pgsql.severity", FT_STRINGZ, BASE_NONE, NULL, 0,
253 "Message severity.", HFILL }
256 { "Code", "pgsql.code", FT_STRINGZ, BASE_NONE, NULL, 0,
257 "SQLState code.", HFILL }
260 { "Message", "pgsql.message", FT_STRINGZ, BASE_NONE, NULL, 0,
261 "Error message.", HFILL }
264 { "Detail", "pgsql.detail", FT_STRINGZ, BASE_NONE, NULL, 0,
265 "Detailed error message.", HFILL }
268 { "Hint", "pgsql.hint", FT_STRINGZ, BASE_NONE, NULL, 0,
269 "A suggestion to resolve an error.", HFILL }
272 { "Position", "pgsql.position", FT_STRINGZ, BASE_NONE, NULL, 0,
273 "The index of the error within the query string.", HFILL }
276 { "Context", "pgsql.where", FT_STRINGZ, BASE_NONE, NULL, 0,
277 "The context in which an error occurred.", HFILL }
280 { "File", "pgsql.file", FT_STRINGZ, BASE_NONE, NULL, 0,
281 "The source-code file where an error was reported.", HFILL }
284 { "Line", "pgsql.line", FT_STRINGZ, BASE_NONE, NULL, 0,
285 "The line number on which an error was reported.", HFILL }
288 { "Routine", "pgsql.routine", FT_STRINGZ, BASE_NONE, NULL, 0,
289 "The routine that reported an error.", HFILL }
293 static gint *ett[] = {
300 proto_pgsql = proto_register_protocol("PostgreSQL", "PGSQL", "pgsql");
301 proto_register_field_array(proto_pgsql, hf, array_length(hf));
302 proto_register_subtree_array(ett, array_length(ett));
304 mod_pgsql = prefs_register_protocol(proto_pgsql, NULL);
305 prefs_register_uint_preference(
306 mod_pgsql, "tcp.port", "PGSQL TCP port", "Set the port for PGSQL "
307 "messages (if different from the default of 5432)", 10, &pgsql_port
312 /* This function is called once per TCP packet. It sets COL_PROTOCOL and
313 * identifies FE/BE messages by adding a ">" or "<" to COL_INFO. Then it
314 * arranges for each message to be dissected individually. */
317 dissect_pgsql(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
321 first_message = TRUE;
323 /* We don't use conversation data yet, but... */
324 cv = find_conversation(&pinfo->src, &pinfo->dst, pinfo->ptype,
325 pinfo->srcport, pinfo->destport, 0);
327 cv = conversation_new(&pinfo->src, &pinfo->dst, pinfo->ptype,
328 pinfo->srcport, pinfo->destport, 0);
331 if (check_col(pinfo->cinfo, COL_PROTOCOL))
332 col_set_str(pinfo->cinfo, COL_PROTOCOL, "PGSQL");
333 if (check_col(pinfo->cinfo, COL_INFO))
334 col_add_str(pinfo->cinfo, COL_INFO,
335 (pinfo->match_port == pinfo->destport) ?
338 tcp_dissect_pdus(tvb, pinfo, tree, pgsql_desegment, 5,
339 pgsql_length, dissect_pgsql_msg);
343 /* This function is called by tcp_dissect_pdus() to find the size of the
344 message starting at tvb[offset]. */
347 pgsql_length(tvbuff_t *tvb, int offset)
353 /* The length is either the four bytes after the type, or, if the
354 type is 0, the first four bytes. */
355 type = tvb_get_guint8(tvb, offset);
358 length = tvb_get_ntohl(tvb, offset+n);
363 /* This function is responsible for dissecting a single message. */
366 dissect_pgsql_msg(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
375 gboolean info = check_col(pinfo->cinfo, COL_INFO);
376 gboolean fe = (pinfo->match_port == pinfo->destport);
379 type = tvb_get_guint8(tvb, 0);
382 length = tvb_get_ntohl(tvb, n);
384 /* There are a few frontend messages that have no leading type byte.
385 We identify them by the fact that the first byte of their length
386 must be zero, and that the next four bytes are a unique tag. */
387 if (fe && type == '\0') {
388 guint32 tag = tvb_get_ntohl(tvb, 4);
390 if (length == 16 && tag == 80877102)
391 typestr = "Cancel request";
392 else if (length == 8 && tag == 80877103)
393 typestr = "SSL request";
394 else if (tag == 196608)
395 typestr = "Startup message";
400 typestr = identify(fe, type);
404 /* This is a terrible hack. It makes the "Info" column reflect
405 the contents of every message in a TCP packet. Could it be
407 col_append_fstr(pinfo->cinfo, COL_INFO, "%s%c",
408 ( first_message ? "" : "/" ), type);
409 first_message = FALSE;
413 ti = proto_tree_add_item(tree, proto_pgsql, tvb, 0, -1, FALSE);
414 ptree = proto_item_add_subtree(ti, ett_pgsql);
419 proto_tree_add_text(ptree, tvb, 0, n, "Type: %s", typestr);
420 proto_tree_add_item_hidden(ptree, hf_type, tvb, 0, n, FALSE);
421 proto_tree_add_item(ptree, hf_length, tvb, n, 4, FALSE);
422 proto_tree_add_boolean_hidden(ptree, hf_frontend, tvb, 0, 0, fe);
426 dissect_pgsql_fe_msg(type, n, length, tvb, ptree);
428 dissect_pgsql_be_msg(type, n, length, tvb, ptree);
433 static const value_string fe_messages[] = {
434 { 'p', "Password message" },
435 { 'Q', "Simple query" },
443 { 'F', "Function call" },
444 { 'd', "Copy data" },
445 { 'c', "Copy completion" },
446 { 'f', "Copy failure" },
447 { 'X', "Termination" },
452 static void dissect_pgsql_fe_msg(guchar type, guint32 n, guint32 length,
453 tvbuff_t *tvb, proto_tree *tree)
464 s = tvb_get_stringz(tvb, n, &l);
465 proto_tree_add_string(tree, hf_passwd, tvb, n, l, s);
471 s = tvb_get_stringz(tvb, n, &l);
472 proto_tree_add_string(tree, hf_query, tvb, n, l, s);
478 s = tvb_get_stringz(tvb, n, &l);
479 proto_tree_add_string(tree, hf_statement, tvb, n, l, s);
483 s = tvb_get_stringz(tvb, n, &l);
484 proto_tree_add_string(tree, hf_query, tvb, n, l, s);
488 i = tvb_get_ntohs(tvb, n);
489 ti = proto_tree_add_text(tree, tvb, n, 2, "Parameters: %d", i);
490 shrub = proto_item_add_subtree(ti, ett_values);
493 proto_tree_add_item(shrub, hf_typeoid, tvb, n, 4, FALSE);
500 s = tvb_get_stringz(tvb, n, &l);
501 proto_tree_add_string(tree, hf_portal, tvb, n, l, s);
505 s = tvb_get_stringz(tvb, n, &l);
506 proto_tree_add_string(tree, hf_statement, tvb, n, l, s);
510 i = tvb_get_ntohs(tvb, n);
511 ti = proto_tree_add_text(tree, tvb, n, 2, "Parameter formats: %d", i);
512 shrub = proto_item_add_subtree(ti, ett_values);
515 proto_tree_add_item(shrub, hf_format, tvb, n, 2, FALSE);
519 i = tvb_get_ntohs(tvb, n);
520 ti = proto_tree_add_text(tree, tvb, n, 2, "Parameter values: %d", i);
521 shrub = proto_item_add_subtree(ti, ett_values);
524 l = tvb_get_ntohl(tvb, n);
525 proto_tree_add_int(shrub, hf_val_length, tvb, n, 4, l);
527 /* XXX - if we don't limit l here, the function will assert on very large values */
528 if (l > 0 && l < 1000000)
529 proto_tree_add_item(shrub, hf_val_data, tvb, n, l, FALSE);
533 i = tvb_get_ntohs(tvb, n);
534 ti = proto_tree_add_text(tree, tvb, n, 2, "Result formats: %d", i);
535 shrub = proto_item_add_subtree(ti, ett_values);
538 proto_tree_add_item(shrub, hf_format, tvb, n, 2, FALSE);
545 s = tvb_get_stringz(tvb, n, &l);
546 proto_tree_add_string(tree, hf_portal, tvb, n, l, s);
550 ti = proto_tree_add_text(tree, tvb, n, 4, "Returns: ");
551 i = tvb_get_ntohl(tvb, n);
553 proto_item_append_text(ti, "all");
555 proto_item_append_text(ti, "%d", i);
556 proto_item_append_text(ti, " rows");
559 /* Describe, Close */
563 c = tvb_get_guint8(tvb, n);
571 s = tvb_get_stringz(tvb, n, &l);
572 proto_tree_add_string_hidden(tree, i, tvb, n, l, s);
574 tree, tvb, n-1, l, "%s: %s",
575 (c == 'P' ? "Portal" : "Statement"), s
581 /* Messages without a type identifier */
583 i = tvb_get_ntohl(tvb, n);
587 /* Startup message */
590 s = tvb_get_stringz(tvb, n, &l);
596 t = tvb_get_stringz(tvb, n+l, &i);
597 proto_tree_add_text(tree, tvb, n, l+i, "%s: %s", s, t);
602 if (length == 1 && tvb_get_guint8(tvb, n) == 0)
609 /* There's nothing to parse here, but what do we do if the
610 SSL negotiation succeeds? */
613 /* Cancellation request */
615 proto_tree_add_item(tree, hf_pid, tvb, n, 4, FALSE);
616 proto_tree_add_item(tree, hf_key, tvb, n+4, 4, FALSE);
623 proto_tree_add_item(tree, hf_copydata, tvb, n, length-n+1, FALSE);
628 s = tvb_get_stringz(tvb, n, &l);
629 proto_tree_add_string(tree, hf_error, tvb, n, l, s);
635 proto_tree_add_item(tree, hf_oid, tvb, n, 4, FALSE);
638 i = tvb_get_ntohs(tvb, n);
639 ti = proto_tree_add_text(tree, tvb, n, 2, "Parameter formats: %d", i);
640 shrub = proto_item_add_subtree(ti, ett_values);
643 proto_tree_add_item(shrub, hf_format, tvb, n, 2, FALSE);
647 i = tvb_get_ntohs(tvb, n);
648 ti = proto_tree_add_text(tree, tvb, n, 2, "Parameter values: %d", i);
649 shrub = proto_item_add_subtree(ti, ett_values);
652 l = tvb_get_ntohl(tvb, n);
653 proto_tree_add_item(shrub, hf_val_length, tvb, n, 4, FALSE);
656 proto_tree_add_item(shrub, hf_val_data, tvb, n, l, FALSE);
660 proto_tree_add_item(tree, hf_format, tvb, n, 2, FALSE);
666 static const value_string be_messages[] = {
667 { 'R', "Authentication request" },
668 { 'K', "Backend key data" },
669 { 'S', "Parameter status" },
670 { '1', "Parse completion" },
671 { '2', "Bind completion" },
672 { '3', "Close completion" },
673 { 'C', "Command completion" },
674 { 't', "Parameter description" },
675 { 'T', "Row description" },
677 { 'I', "Empty query" },
681 { 's', "Portal suspended" },
682 { 'Z', "Ready for query" },
683 { 'A', "Notification" },
684 { 'V', "Function call response" },
685 { 'G', "CopyIn response" },
686 { 'H', "CopyOut response" },
687 { 'd', "Copy data" },
688 { 'c', "Copy completion" },
693 static void dissect_pgsql_be_msg(guchar type, guint32 n, guint32 length,
694 tvbuff_t *tvb, proto_tree *tree)
703 /* Authentication request */
705 proto_tree_add_item(tree, hf_authtype, tvb, n, 4, FALSE);
706 i = tvb_get_ntohl(tvb, n);
707 if (i == 4 || i == 5) {
708 /* i -= (6-i); :-) */
710 l = (i == 4 ? 2 : 4);
711 proto_tree_add_item(tree, hf_salt, tvb, n, l, FALSE);
717 proto_tree_add_item(tree, hf_pid, tvb, n, 4, FALSE);
718 proto_tree_add_item(tree, hf_key, tvb, n+4, 4, FALSE);
721 /* Parameter status */
723 s = tvb_get_stringz(tvb, n, &l);
724 proto_tree_add_string_hidden(tree, hf_parameter_name, tvb, n, l, s);
726 t = tvb_get_stringz(tvb, n, &i);
727 proto_tree_add_string_hidden(tree, hf_parameter_value, tvb, n, i, t);
728 proto_tree_add_text(tree, tvb, n-l, l+i, "%s: %s", s, t);
733 /* Parameter description */
735 i = tvb_get_ntohs(tvb, n);
736 proto_tree_add_text(tree, tvb, n, 2, "Parameters: %d", i);
739 proto_tree_add_item(tree, hf_typeoid, tvb, n, 4, FALSE);
744 /* Row description */
746 i = tvb_get_ntohs(tvb, n);
747 ti = proto_tree_add_text(tree, tvb, n, 2, "Columns: %d", i);
748 shrub = proto_item_add_subtree(ti, ett_values);
752 s = tvb_get_stringz(tvb, n, &l);
753 ti = proto_tree_add_string(shrub, hf_val_name, tvb, n, l, s);
754 twig = proto_item_add_subtree(ti, ett_values);
757 proto_tree_add_item(twig, hf_tableoid, tvb, n, 4, FALSE);
759 proto_tree_add_item(twig, hf_val_idx, tvb, n, 2, FALSE);
761 proto_tree_add_item(twig, hf_typeoid, tvb, n, 4, FALSE);
763 proto_tree_add_item(twig, hf_val_length, tvb, n, 2, FALSE);
765 proto_tree_add_item(twig, hf_val_mod, tvb, n, 4, FALSE);
767 proto_tree_add_item(twig, hf_format, tvb, n, 2, FALSE);
774 i = tvb_get_ntohs(tvb, n);
775 ti = proto_tree_add_text(tree, tvb, n, 2, "Columns: %d", i);
776 shrub = proto_item_add_subtree(ti, ett_values);
779 l = tvb_get_ntohl(tvb, n);
780 proto_tree_add_int(shrub, hf_val_length, tvb, n, 4, l);
782 /* XXX - if we don't limit l here, the function will assert on very large values */
783 if (l > 0 && l < 1000000)
784 proto_tree_add_item(shrub, hf_val_data, tvb, n, l, FALSE);
789 /* Command completion */
791 s = tvb_get_stringz(tvb, n, &l);
792 proto_tree_add_string(tree, hf_tag, tvb, n, l, s);
798 proto_tree_add_item(tree, hf_status, tvb, n, 1, FALSE);
806 c = tvb_get_guint8(tvb, n);
809 s = tvb_get_stringz(tvb, n+1, &l);
812 case 'S': i = hf_severity; break;
813 case 'C': i = hf_code; break;
814 case 'M': i = hf_message; break;
815 case 'D': i = hf_detail; break;
816 case 'H': i = hf_hint; break;
817 case 'P': i = hf_position; break;
818 case 'W': i = hf_where; break;
819 case 'F': i = hf_file; break;
820 case 'L': i = hf_line; break;
821 case 'R': i = hf_routine; break;
823 proto_tree_add_string(tree, i, tvb, n, l+1, s);
829 /* NOTICE response */
831 proto_tree_add_item(tree, hf_pid, tvb, n, 4, FALSE);
833 s = tvb_get_stringz(tvb, n, &l);
834 proto_tree_add_string(tree, hf_condition, tvb, n, l, s);
837 s = tvb_get_stringz(tvb, n, &l);
839 proto_tree_add_string(tree, hf_text, tvb, n, l, s);
846 proto_tree_add_item(tree, hf_format, tvb, n, 1, FALSE);
848 i = tvb_get_ntohs(tvb, n);
849 ti = proto_tree_add_text(tree, tvb, n, 2, "Columns: %d", i);
850 shrub = proto_item_add_subtree(ti, ett_values);
853 proto_tree_add_item(shrub, hf_format, tvb, n, 2, FALSE);
860 proto_tree_add_item(tree, hf_copydata, tvb, n, length-n+1, FALSE);
863 /* Function call response */
865 l = tvb_get_ntohl(tvb, n);
866 proto_tree_add_int(tree, hf_val_length, tvb, n, 4, l);
868 proto_tree_add_item(tree, hf_val_data, tvb, n+4, l, FALSE);
874 /* This is like specifying VALS(messages) for hf_type, which we can't do
875 directly because of messages without type bytes, and because the type
876 interpretation depends on fe. */
878 static char *identify(gboolean fe, guchar type)
881 const value_string *messages;
884 messages = fe_messages;
886 messages = be_messages;
888 while (messages[i].strptr) {
889 if (messages[i].value == type)
890 return messages[i].strptr;