4 * Wireshark - Network traffic analyzer
5 * By Gerald Combs <gerald@wireshark.org>
6 * Copyright 2001 Gerald Combs
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
29 #include "dfilter-int.h"
31 #include "syntax-tree.h"
32 #include "sttype-range.h"
33 #include "sttype-test.h"
34 #include "sttype-function.h"
36 #include <epan/exceptions.h>
37 #include <epan/packet.h>
39 /* Enable debug logging by defining AM_CFLAGS
40 * so that it contains "-DDEBUG_dfilter".
41 * Usage: DebugLog(("Error: string=%s\n", str)); */
44 printf("%s:%u: ", __FILE__, __LINE__); \
52 semcheck(stnode_t *st_node);
54 typedef gboolean (*FtypeCanFunc)(enum ftenum);
56 /* Compares to ftenum_t's and decides if they're
57 * compatible or not (if they're the same basic type) */
59 compatible_ftypes(ftenum_t a, ftenum_t b)
64 case FT_FLOAT: /* XXX - should be able to compare with INT */
65 case FT_DOUBLE: /* XXX - should be able to compare with INT */
66 case FT_ABSOLUTE_TIME:
67 case FT_RELATIVE_TIME:
71 case FT_INT64: /* XXX - should be able to compare with INT */
72 case FT_UINT64: /* XXX - should be able to compare with INT */
80 return (b == FT_ETHER || b == FT_BYTES || b == FT_UINT_BYTES || b == FT_GUID || b == FT_OID);
122 g_assert_not_reached();
125 g_assert_not_reached();
129 /* Creates a FT_UINT32 fvalue with a given value. */
131 mk_uint32_fvalue(guint32 val)
135 fv = fvalue_new(FT_UINT32);
136 fvalue_set_integer(fv, val);
141 /* Try to make an fvalue from a string using a value_string or true_false_string.
142 * This works only for ftypes that are integers. Returns the created fvalue_t*
143 * or NULL if impossible. */
145 mk_fvalue_from_val_string(header_field_info *hfinfo, char *s)
147 static const true_false_string default_tf = { "True", "False" };
148 const true_false_string *tf = &default_tf;
149 const value_string *vals;
152 switch(hfinfo->type) {
157 case FT_ABSOLUTE_TIME:
158 case FT_RELATIVE_TIME:
188 g_assert_not_reached();
191 /* Reset the dfilter error message, since *something* interesting
192 * will happen, and the error message will be more interesting than
193 * any error message I happen to have now. */
194 dfilter_error_msg = NULL;
196 /* TRUE/FALSE *always* exist for FT_BOOLEAN. */
197 if (hfinfo->type == FT_BOOLEAN) {
198 if (hfinfo->strings) {
199 tf = hfinfo->strings;
202 if (strcasecmp(s, tf->true_string) == 0) {
203 return mk_uint32_fvalue(TRUE);
205 else if (strcasecmp(s, tf->false_string) == 0) {
206 return mk_uint32_fvalue(FALSE);
209 dfilter_fail("\"%s\" cannot be found among the possible values for %s.",
215 /* Do val_strings exist? */
216 if (!hfinfo->strings) {
217 dfilter_fail("%s cannot accept strings as values.",
222 vals = hfinfo->strings;
223 while (vals->strptr != NULL) {
224 if (strcasecmp(s, vals->strptr) == 0) {
225 return mk_uint32_fvalue(vals->value);
229 dfilter_fail("\"%s\" cannot be found among the possible values for %s.",
235 is_bytes_type(enum ftenum type)
250 case FT_ABSOLUTE_TIME:
251 case FT_RELATIVE_TIME:
273 g_assert_not_reached();
276 g_assert_not_reached();
280 /* Check the semantics of an existence test. */
282 check_exists(stnode_t *st_arg1)
288 DebugLog((" 4 check_exists() [%u]\n", i++));
289 switch (stnode_type_id(st_arg1)) {
294 case STTYPE_UNPARSED:
295 dfilter_fail("\"%s\" is neither a field nor a protocol name.",
296 stnode_data(st_arg1));
302 * XXX - why not? Shouldn't "eth[3:2]" mean
303 * "check whether the 'eth' field is present and
304 * has at least 2 bytes starting at an offset of
307 dfilter_fail("You cannot test whether a range is present.");
311 case STTYPE_FUNCTION:
312 /* XXX - Maybe we should change functions so they can return fields,
313 * in which case the 'exist' should be fine. */
314 dfilter_fail("You cannot test whether a function is present.");
318 case STTYPE_UNINITIALIZED:
322 case STTYPE_NUM_TYPES:
323 g_assert_not_reached();
327 struct check_drange_sanity_args {
332 /* Q: Where are sttype_range_drange() and sttype_range_hfinfo() defined?
334 * A: Those functions are defined by macros in epan/dfilter/sttype-range.h
336 * The macro which creates them, STTYPE_ACCESSOR, is defined in
337 * epan/dfilter/syntax-tree.h.
339 * From http://www.ethereal.com/lists/ethereal-dev/200308/msg00070.html
343 check_drange_node_sanity(gpointer data, gpointer user_data)
345 drange_node* drnode = data;
346 struct check_drange_sanity_args *args = user_data;
347 gint start_offset, end_offset, length;
348 header_field_info *hfinfo;
350 switch (drange_node_get_ending(drnode)) {
353 length = drange_node_get_length(drnode);
357 start_offset = drange_node_get_start_offset(drnode);
358 hfinfo = sttype_range_hfinfo(args->st);
359 dfilter_fail("Range %d:%d specified for \"%s\" isn't valid, "
360 "as length %d isn't positive",
361 start_offset, length,
370 * Make sure the start offset isn't beyond the end
371 * offset. This applies to negative offsets too.
374 /* XXX - [-ve - +ve] is probably pathological, but isn't
376 * [+ve - -ve] is probably pathological too, and happens to be
379 start_offset = drange_node_get_start_offset(drnode);
380 end_offset = drange_node_get_end_offset(drnode);
381 if (start_offset > end_offset) {
384 hfinfo = sttype_range_hfinfo(args->st);
385 dfilter_fail("Range %d-%d specified for \"%s\" isn't valid, "
386 "as %d is greater than %d",
387 start_offset, end_offset,
389 start_offset, end_offset);
399 g_assert_not_reached();
404 check_drange_sanity(stnode_t *st)
406 struct check_drange_sanity_args args;
411 drange_foreach_drange_node(sttype_range_drange(st),
412 check_drange_node_sanity, &args);
419 /* If the LHS of a relation test is a FIELD, run some checks
420 * and possibly some modifications of syntax tree nodes. */
422 check_relation_LHS_FIELD(const char *relation_string, FtypeCanFunc can_func,
423 gboolean allow_partial_value,
424 stnode_t *st_node, stnode_t *st_arg1, stnode_t *st_arg2)
427 sttype_id_t type1, type2;
428 header_field_info *hfinfo1, *hfinfo2;
429 ftenum_t ftype1, ftype2;
434 type1 = stnode_type_id(st_arg1);
435 type2 = stnode_type_id(st_arg2);
437 hfinfo1 = stnode_data(st_arg1);
438 ftype1 = hfinfo1->type;
440 DebugLog((" 5 check_relation_LHS_FIELD(%s)\n", relation_string));
442 if (!can_func(ftype1)) {
443 dfilter_fail("%s (type=%s) cannot participate in '%s' comparison.",
444 hfinfo1->abbrev, ftype_pretty_name(ftype1),
449 if (type2 == STTYPE_FIELD) {
450 hfinfo2 = stnode_data(st_arg2);
451 ftype2 = hfinfo2->type;
453 if (!compatible_ftypes(ftype1, ftype2)) {
454 dfilter_fail("%s and %s are not of compatible types.",
455 hfinfo1->abbrev, hfinfo2->abbrev);
458 /* Do this check even though you'd think that if
459 * they're compatible, then can_func() would pass. */
460 if (!can_func(ftype2)) {
461 dfilter_fail("%s (type=%s) cannot participate in specified comparison.",
462 hfinfo2->abbrev, ftype_pretty_name(ftype2));
466 else if (type2 == STTYPE_STRING) {
467 s = stnode_data(st_arg2);
468 if (strcmp(relation_string, "matches") == 0) {
469 /* Convert to a FT_PCRE */
470 fvalue = fvalue_from_string(FT_PCRE, s, dfilter_fail);
472 fvalue = fvalue_from_string(ftype1, s, dfilter_fail);
474 /* check value_string */
475 fvalue = mk_fvalue_from_val_string(hfinfo1, s);
482 new_st = stnode_new(STTYPE_FVALUE, fvalue);
483 sttype_test_set2_args(st_node, st_arg1, new_st);
484 stnode_free(st_arg2);
486 else if (type2 == STTYPE_UNPARSED) {
487 s = stnode_data(st_arg2);
488 if (strcmp(relation_string, "matches") == 0) {
489 /* Convert to a FT_PCRE */
490 fvalue = fvalue_from_unparsed(FT_PCRE, s, FALSE, dfilter_fail);
492 fvalue = fvalue_from_unparsed(ftype1, s, allow_partial_value, dfilter_fail);
494 /* check value_string */
495 fvalue = mk_fvalue_from_val_string(hfinfo1, s);
502 new_st = stnode_new(STTYPE_FVALUE, fvalue);
503 sttype_test_set2_args(st_node, st_arg1, new_st);
504 stnode_free(st_arg2);
506 else if (type2 == STTYPE_RANGE) {
507 check_drange_sanity(st_arg2);
508 if (!is_bytes_type(ftype1)) {
509 if (!ftype_can_slice(ftype1)) {
510 dfilter_fail("\"%s\" is a %s and cannot be converted into a sequence of bytes.",
512 ftype_pretty_name(ftype1));
516 /* Convert entire field to bytes */
517 new_st = stnode_new(STTYPE_RANGE, NULL);
519 rn = drange_node_new();
520 drange_node_set_start_offset(rn, 0);
521 drange_node_set_to_the_end(rn);
522 /* st_arg1 is freed in this step */
523 sttype_range_set1(new_st, st_arg1, rn);
525 sttype_test_set2_args(st_node, new_st, st_arg2);
529 g_assert_not_reached();
534 check_relation_LHS_STRING(const char* relation_string,
535 FtypeCanFunc can_func _U_, gboolean allow_partial_value _U_,
537 stnode_t *st_arg1, stnode_t *st_arg2)
540 sttype_id_t type1, type2;
541 header_field_info *hfinfo2;
546 type1 = stnode_type_id(st_arg1);
547 type2 = stnode_type_id(st_arg2);
549 DebugLog((" 5 check_relation_LHS_STRING()\n"));
551 if (type2 == STTYPE_FIELD) {
552 hfinfo2 = stnode_data(st_arg2);
553 ftype2 = hfinfo2->type;
555 if (!can_func(ftype2)) {
556 dfilter_fail("%s (type=%s) cannot participate in '%s' comparison.",
557 hfinfo2->abbrev, ftype_pretty_name(ftype2),
562 s = stnode_data(st_arg1);
563 fvalue = fvalue_from_string(ftype2, s, dfilter_fail);
565 /* check value_string */
566 fvalue = mk_fvalue_from_val_string(hfinfo2, s);
572 new_st = stnode_new(STTYPE_FVALUE, fvalue);
573 sttype_test_set2_args(st_node, new_st, st_arg2);
574 stnode_free(st_arg1);
576 else if (type2 == STTYPE_STRING || type2 == STTYPE_UNPARSED) {
577 /* Well now that's silly... */
578 dfilter_fail("Neither \"%s\" nor \"%s\" are field or protocol names.",
579 stnode_data(st_arg1),
580 stnode_data(st_arg2));
583 else if (type2 == STTYPE_RANGE) {
584 check_drange_sanity(st_arg2);
585 s = stnode_data(st_arg1);
586 fvalue = fvalue_from_string(FT_BYTES, s, dfilter_fail);
590 new_st = stnode_new(STTYPE_FVALUE, fvalue);
591 sttype_test_set2_args(st_node, new_st, st_arg2);
592 stnode_free(st_arg1);
595 g_assert_not_reached();
600 check_relation_LHS_UNPARSED(const char* relation_string,
601 FtypeCanFunc can_func, gboolean allow_partial_value,
603 stnode_t *st_arg1, stnode_t *st_arg2)
606 sttype_id_t type1, type2;
607 header_field_info *hfinfo2;
612 type1 = stnode_type_id(st_arg1);
613 type2 = stnode_type_id(st_arg2);
615 DebugLog((" 5 check_relation_LHS_UNPARSED()\n"));
617 if (type2 == STTYPE_FIELD) {
618 hfinfo2 = stnode_data(st_arg2);
619 ftype2 = hfinfo2->type;
621 if (!can_func(ftype2)) {
622 dfilter_fail("%s (type=%s) cannot participate in '%s' comparison.",
623 hfinfo2->abbrev, ftype_pretty_name(ftype2),
628 s = stnode_data(st_arg1);
629 fvalue = fvalue_from_unparsed(ftype2, s, allow_partial_value, dfilter_fail);
631 /* check value_string */
632 fvalue = mk_fvalue_from_val_string(hfinfo2, s);
638 new_st = stnode_new(STTYPE_FVALUE, fvalue);
639 sttype_test_set2_args(st_node, new_st, st_arg2);
640 stnode_free(st_arg1);
642 else if (type2 == STTYPE_STRING || type2 == STTYPE_UNPARSED) {
643 /* Well now that's silly... */
644 dfilter_fail("Neither \"%s\" nor \"%s\" are field or protocol names.",
645 stnode_data(st_arg1),
646 stnode_data(st_arg2));
649 else if (type2 == STTYPE_RANGE) {
650 check_drange_sanity(st_arg2);
651 s = stnode_data(st_arg1);
652 fvalue = fvalue_from_unparsed(FT_BYTES, s, allow_partial_value, dfilter_fail);
656 new_st = stnode_new(STTYPE_FVALUE, fvalue);
657 sttype_test_set2_args(st_node, new_st, st_arg2);
658 stnode_free(st_arg1);
661 g_assert_not_reached();
666 check_relation_LHS_RANGE(const char *relation_string, FtypeCanFunc can_func _U_,
667 gboolean allow_partial_value,
669 stnode_t *st_arg1, stnode_t *st_arg2)
672 sttype_id_t type1, type2;
673 header_field_info *hfinfo1, *hfinfo2;
674 ftenum_t ftype1, ftype2;
679 type1 = stnode_type_id(st_arg1);
680 type2 = stnode_type_id(st_arg2);
681 hfinfo1 = sttype_range_hfinfo(st_arg1);
682 ftype1 = hfinfo1->type;
684 DebugLog((" 5 check_relation_LHS_RANGE(%s)\n", relation_string));
686 if (!ftype_can_slice(ftype1)) {
687 dfilter_fail("\"%s\" is a %s and cannot be sliced into a sequence of bytes.",
688 hfinfo1->abbrev, ftype_pretty_name(ftype1));
692 check_drange_sanity(st_arg1);
694 if (type2 == STTYPE_FIELD) {
695 DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_FIELD)\n"));
696 hfinfo2 = stnode_data(st_arg2);
697 ftype2 = hfinfo2->type;
699 if (!is_bytes_type(ftype2)) {
700 if (!ftype_can_slice(ftype2)) {
701 dfilter_fail("\"%s\" is a %s and cannot be converted into a sequence of bytes.",
703 ftype_pretty_name(ftype2));
707 /* Convert entire field to bytes */
708 new_st = stnode_new(STTYPE_RANGE, NULL);
710 rn = drange_node_new();
711 drange_node_set_start_offset(rn, 0);
712 drange_node_set_to_the_end(rn);
713 /* st_arg2 is freed in this step */
714 sttype_range_set1(new_st, st_arg2, rn);
716 sttype_test_set2_args(st_node, st_arg1, new_st);
719 else if (type2 == STTYPE_STRING) {
720 DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_STRING)\n"));
721 s = stnode_data(st_arg2);
722 if (strcmp(relation_string, "matches") == 0) {
723 /* Convert to a FT_PCRE */
724 fvalue = fvalue_from_string(FT_PCRE, s, dfilter_fail);
726 fvalue = fvalue_from_string(FT_BYTES, s, dfilter_fail);
729 DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_STRING): Could not convert from string!\n"));
732 new_st = stnode_new(STTYPE_FVALUE, fvalue);
733 sttype_test_set2_args(st_node, st_arg1, new_st);
734 stnode_free(st_arg2);
736 else if (type2 == STTYPE_UNPARSED) {
737 DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_UNPARSED)\n"));
738 s = stnode_data(st_arg2);
739 if (strcmp(relation_string, "matches") == 0) {
740 /* Convert to a FT_PCRE */
741 fvalue = fvalue_from_unparsed(FT_PCRE, s, FALSE, dfilter_fail);
743 fvalue = fvalue_from_unparsed(FT_BYTES, s, allow_partial_value, dfilter_fail);
746 DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_UNPARSED): Could not convert from string!\n"));
749 new_st = stnode_new(STTYPE_FVALUE, fvalue);
750 sttype_test_set2_args(st_node, st_arg1, new_st);
751 stnode_free(st_arg2);
753 else if (type2 == STTYPE_RANGE) {
754 DebugLog((" 5 check_relation_LHS_RANGE(type2 = STTYPE_RANGE)\n"));
755 check_drange_sanity(st_arg2);
758 g_assert_not_reached();
763 check_param_entity(stnode_t *st_node)
770 e_type = stnode_type_id(st_node);
771 /* If there's an unparsed string, change it to an FT_STRING */
772 if (e_type == STTYPE_UNPARSED) {
773 s = stnode_data(st_node);
774 fvalue = fvalue_from_unparsed(FT_STRING, s, FALSE, dfilter_fail);
779 new_st = stnode_new(STTYPE_FVALUE, fvalue);
780 stnode_free(st_node);
788 /* If the LHS of a relation test is a FUNCTION, run some checks
789 * and possibly some modifications of syntax tree nodes. */
791 check_relation_LHS_FUNCTION(const char *relation_string, FtypeCanFunc can_func,
792 gboolean allow_partial_value,
793 stnode_t *st_node, stnode_t *st_arg1, stnode_t *st_arg2)
797 header_field_info *hfinfo2;
798 ftenum_t ftype1, ftype2;
803 df_func_def_t *funcdef;
807 type2 = stnode_type_id(st_arg2);
809 funcdef = sttype_function_funcdef(st_arg1);
810 ftype1 = funcdef->retval_ftype;
812 params = sttype_function_params(st_arg1);
813 num_params = g_slist_length(params);
814 if (num_params < funcdef->min_nargs) {
815 dfilter_fail("Function %s needs at least %u arguments.",
816 funcdef->name, funcdef->min_nargs);
819 else if (num_params > funcdef->max_nargs) {
820 dfilter_fail("Function %s can only accept %u arguments.",
821 funcdef->name, funcdef->max_nargs);
827 params->data = check_param_entity(params->data);
828 funcdef->semcheck_param_function(param_i, params->data);
829 params = params->next;
832 DebugLog((" 5 check_relation_LHS_FUNCTION(%s)\n", relation_string));
834 if (!can_func(ftype1)) {
835 dfilter_fail("Function %s (type=%s) cannot participate in '%s' comparison.",
836 funcdef->name, ftype_pretty_name(ftype1),
841 if (type2 == STTYPE_FIELD) {
842 hfinfo2 = stnode_data(st_arg2);
843 ftype2 = hfinfo2->type;
845 if (!compatible_ftypes(ftype1, ftype2)) {
846 dfilter_fail("Function %s and %s are not of compatible types.",
847 funcdef->name, hfinfo2->abbrev);
850 /* Do this check even though you'd think that if
851 * they're compatible, then can_func() would pass. */
852 if (!can_func(ftype2)) {
853 dfilter_fail("%s (type=%s) cannot participate in specified comparison.",
854 hfinfo2->abbrev, ftype_pretty_name(ftype2));
858 else if (type2 == STTYPE_STRING) {
859 s = stnode_data(st_arg2);
860 if (strcmp(relation_string, "matches") == 0) {
861 /* Convert to a FT_PCRE */
862 fvalue = fvalue_from_string(FT_PCRE, s, dfilter_fail);
864 fvalue = fvalue_from_string(ftype1, s, dfilter_fail);
870 new_st = stnode_new(STTYPE_FVALUE, fvalue);
871 sttype_test_set2_args(st_node, st_arg1, new_st);
872 stnode_free(st_arg2);
874 else if (type2 == STTYPE_UNPARSED) {
875 s = stnode_data(st_arg2);
876 if (strcmp(relation_string, "matches") == 0) {
877 /* Convert to a FT_PCRE */
878 fvalue = fvalue_from_unparsed(FT_PCRE, s, FALSE, dfilter_fail);
880 fvalue = fvalue_from_unparsed(ftype1, s, allow_partial_value, dfilter_fail);
886 new_st = stnode_new(STTYPE_FVALUE, fvalue);
887 sttype_test_set2_args(st_node, st_arg1, new_st);
888 stnode_free(st_arg2);
890 else if (type2 == STTYPE_RANGE) {
891 check_drange_sanity(st_arg2);
892 if (!is_bytes_type(ftype1)) {
893 if (!ftype_can_slice(ftype1)) {
894 dfilter_fail("Function \"%s\" is a %s and cannot be converted into a sequence of bytes.",
896 ftype_pretty_name(ftype1));
900 /* Convert entire field to bytes */
901 new_st = stnode_new(STTYPE_RANGE, NULL);
903 rn = drange_node_new();
904 drange_node_set_start_offset(rn, 0);
905 drange_node_set_to_the_end(rn);
906 /* st_arg1 is freed in this step */
907 sttype_range_set1(new_st, st_arg1, rn);
909 sttype_test_set2_args(st_node, new_st, st_arg2);
913 g_assert_not_reached();
918 /* Check the semantics of any relational test. */
920 check_relation(const char *relation_string, gboolean allow_partial_value,
921 FtypeCanFunc can_func, stnode_t *st_node,
922 stnode_t *st_arg1, stnode_t *st_arg2)
927 header_field_info *hfinfo;
929 DebugLog((" 4 check_relation(\"%s\") [%u]\n", relation_string, i++));
931 /* Protocol can only be on LHS (for "contains" or "matches" operators).
932 * Check to see if protocol is on RHS. This catches the case where the
933 * user has written "fc" on the RHS, probably intending a byte value
934 * rather than the fibre channel protocol.
937 if (stnode_type_id(st_arg2) == STTYPE_FIELD) {
938 hfinfo = stnode_data(st_arg2);
939 if (hfinfo->type == FT_PROTOCOL)
940 dfilter_fail("Protocol (\"%s\") cannot appear on right-hand side of comparison.", hfinfo->abbrev);
944 switch (stnode_type_id(st_arg1)) {
946 check_relation_LHS_FIELD(relation_string, can_func,
947 allow_partial_value, st_node, st_arg1, st_arg2);
950 check_relation_LHS_STRING(relation_string, can_func,
951 allow_partial_value, st_node, st_arg1, st_arg2);
954 check_relation_LHS_RANGE(relation_string, can_func,
955 allow_partial_value, st_node, st_arg1, st_arg2);
957 case STTYPE_UNPARSED:
958 check_relation_LHS_UNPARSED(relation_string, can_func,
959 allow_partial_value, st_node, st_arg1, st_arg2);
961 case STTYPE_FUNCTION:
962 check_relation_LHS_FUNCTION(relation_string, can_func,
963 allow_partial_value, st_node, st_arg1, st_arg2);
966 case STTYPE_UNINITIALIZED:
971 g_assert_not_reached();
975 /* Check the semantics of any type of TEST */
977 check_test(stnode_t *st_node)
980 stnode_t *st_arg1, *st_arg2;
985 DebugLog((" 3 check_test(stnode_t *st_node = %p) [%u]\n", st_node, i));
987 sttype_test_get(st_node, &st_op, &st_arg1, &st_arg2);
990 case TEST_OP_UNINITIALIZED:
991 g_assert_not_reached();
995 check_exists(st_arg1);
1009 check_relation("==", FALSE, ftype_can_eq, st_node, st_arg1, st_arg2);
1012 check_relation("!=", FALSE, ftype_can_ne, st_node, st_arg1, st_arg2);
1015 check_relation(">", FALSE, ftype_can_gt, st_node, st_arg1, st_arg2);
1018 check_relation(">=", FALSE, ftype_can_ge, st_node, st_arg1, st_arg2);
1021 check_relation("<", FALSE, ftype_can_lt, st_node, st_arg1, st_arg2);
1024 check_relation("<=", FALSE, ftype_can_le, st_node, st_arg1, st_arg2);
1026 case TEST_OP_BITWISE_AND:
1027 check_relation("&", FALSE, ftype_can_bitwise_and, st_node, st_arg1, st_arg2);
1029 case TEST_OP_CONTAINS:
1030 check_relation("contains", TRUE, ftype_can_contains, st_node, st_arg1, st_arg2);
1032 case TEST_OP_MATCHES:
1034 check_relation("matches", TRUE, ftype_can_matches, st_node, st_arg1, st_arg2);
1036 dfilter_fail("This Ethereal version does not support the \"matches\" operation.");
1042 g_assert_not_reached();
1044 DebugLog((" 3 check_test(stnode_t *st_node = %p) [%u] - End\n", st_node, i++));
1048 /* Check the entire syntax tree. */
1050 semcheck(stnode_t *st_node)
1052 #ifdef DEBUG_dfilter
1055 DebugLog((" 2 semcheck(stnode_t *st_node = %p) [%u]\n", st_node, i++));
1056 /* The parser assures that the top-most syntax-tree
1057 * node will be a TEST node, no matter what. So assert that. */
1058 switch (stnode_type_id(st_node)) {
1060 check_test(st_node);
1063 g_assert_not_reached();
1068 /* Check the syntax tree for semantic errors, and convert
1069 * some of the nodes into the form they need to be in order to
1070 * later generate the DFVM bytecode. */
1072 dfw_semcheck(dfwork_t *dfw)
1074 #ifdef DEBUG_dfilter
1078 DebugLog(("1 dfw_semcheck(dfwork_t *dfw = %p) [%u]\n", dfw, i));
1079 /* Instead of having to check for errors at every stage of
1080 * the semantic-checking, the semantic-checking code will
1081 * throw an exception if a problem is found. */
1083 semcheck(dfw->st_root);
1086 DebugLog(("1 dfw_semcheck(dfwork_t *dfw = %p) [%u] - Returns FALSE\n",
1092 DebugLog(("1 dfw_semcheck(dfwork_t *dfw = %p) [%u] - Returns TRUE\n",