*
* $Id$
*
- * Ethereal - Network traffic analyzer
- * By Gerald Combs <gerald@ethereal.com>
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
* This program is free software; you can redistribute it and/or
#include <glib.h>
+#include "gnuc_format_check.h"
#include "ipv4.h"
#include "nstime.h"
#include "tvbuff.h"
#include "ftypes/ftypes.h"
-/** The header-field index for the special text pseudo-field. Exported by libethereal.dll */
-ETH_VAR_IMPORT int hf_text_only;
+/** The header-field index for the special text pseudo-field. Exported by libwireshark.dll */
+WS_VAR_IMPORT int hf_text_only;
/** the maximum length of a protocol field string representation */
#define ITEM_LABEL_LENGTH 240
} \
}
+/** Macro used for reporting errors in dissectors; it throws a
+ * DissectorError exception, with the string passed as an argument
+ * as the message for the exception, so that it can show up in
+ * the Info column and the protocol tree.
+ *
+ * If that string is dynamically allocated, it should be allocated with
+ * ep_alloc(); using ep_strdup_printf() would work.
+ *
+ * If the WIRESHARK_ABORT_ON_DISSECTOR_BUG environment variable is set,
+ * it will call abort(), instead, to make it easier to get a stack trace.
+ *
+ * @param message string to use as the message
+ */
+#define REPORT_DISSECTOR_BUG(message) \
+ ((getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL) ? \
+ abort() : \
+ THROW_MESSAGE(DissectorError, message))
+
/** Macro used for assertions in dissectors; it doesn't abort, it just
* throws a DissectorError exception, with the assertion failure
* message as a parameter, so that it can show up in the protocol tree.
+ *
+ * @param expression expression to test in the assertion
*/
#define DISSECTOR_ASSERT(expression) \
- ((void) ((expression) ? 0 : \
+ ((void) ((expression) ? (void)0 : \
__DISSECTOR_ASSERT (expression, __FILE__, __LINE__)))
+#if 0
+/* win32: using a debug breakpoint (int 3) can be very handy while debugging,
+ * as the assert handling of GTK/GLib is currently not very helpful */
+#define DISSECTOR_ASSERT(expression) \
+{ if(!(expression)) _asm { int 3}; }
+#endif
+
+/** Same as DISSECTOR_ASSERT(), but will throw DissectorError exception
+ * unconditionally, much like GLIB's g_assert_not_reached works.
+ */
+#define DISSECTOR_ASSERT_NOT_REACHED() \
+ (REPORT_DISSECTOR_BUG( \
+ ep_strdup_printf("%s:%u: failed assertion \"DISSECTOR_ASSERT_NOT_REACHED\"", \
+ __FILE__, __LINE__)))
+
#define __DISSECTOR_ASSERT_STRINGIFY(s) # s
#define __DISSECTOR_ASSERT(expression, file, lineno) \
- (THROW_MESSAGE(DissectorError, \
- g_strdup_printf("%s:%u: failed assertion \"%s\"", \
+ (REPORT_DISSECTOR_BUG( \
+ ep_strdup_printf("%s:%u: failed assertion \"%s\"", \
file, lineno, __DISSECTOR_ASSERT_STRINGIFY(expression))))
-/** GNUC has the ability to check format strings that follow the syntax used in printf and others.
- Hide the differences between different compilers in this GNUC_FORMAT_CHECK macro.
- @param archetype one of: printf, scanf, strftime or strfmon
- @param string_index specifies which argument is the format string argument (starting from 1)
- @param first_to_check is the number of the first argument to check against the format string
- @todo as this check is also done at some other places too, move this macro to a more central place? */
-#if __GNUC__ >= 2
- #define GNUC_FORMAT_CHECK(archetype, string_index, first_to_check) __attribute__((format (archetype, string_index, first_to_check)))
-#else
- #define GNUC_FORMAT_CHECK(archetype, string_index, first_to_check)
-#endif
-
-
/** radix for decimal values, used in header_field_info.display */
typedef enum {
BASE_NONE, /**< none */
BASE_DEC, /**< decimal */
BASE_HEX, /**< hexadecimal */
- BASE_OCT /**< octal */
+ BASE_OCT, /**< octal */
+ BASE_DEC_HEX, /**< decimal (hexadecimal) */
+ BASE_HEX_DEC /**< hexadecimal (decimal) */
} base_display_e;
+#define IS_BASE_DUAL(b) ((b)==BASE_DEC_HEX||(b)==BASE_HEX_DEC)
+
/** information describing a header field */
typedef struct _header_field_info header_field_info;
/** information describing a header field */
struct _header_field_info {
/* ---------- set by dissector --------- */
- char *name; /**< full name of this field */
- char *abbrev; /**< abbreviated name of this field */
+ const char *name; /**< full name of this field */
+ const char *abbrev; /**< abbreviated name of this field */
enum ftenum type; /**< field type, one of FT_ (from ftypes.h) */
int display; /**< one of BASE_, or number of field bits for FT_BOOLEAN */
- const void *strings; /**< _value_string (or true_false_string for FT_BOOLEAN), typically converted by VALS() or TFS() */
+ const void *strings; /**< _value_string (or true_false_string for FT_BOOLEAN), typically converted by VALS() or TFS() If this is an FT_PROTOCOL then it points to the associated protocol_t structure*/
guint32 bitmask; /**< FT_BOOLEAN only: bitmask of interesting bits */
- char *blurb; /**< Brief description of field. */
+ const char *blurb; /**< Brief description of field. */
/* ------- set by proto routines (prefilled by HFILL macro, see below) ------ */
int id; /**< Field ID */
int parent; /**< parent protocol tree */
+ /* This field keeps track of whether a field is
+ * referenced in any filter or not and if so how
+ * many times. If a filter is being referenced the
+ * refcount for the parent protocol is updated as well
+ */
+ int ref_count; /**< is this field referenced by a filter or not */
int bitshift; /**< bits to shift (FT_BOOLEAN only) */
header_field_info *same_name_next; /**< Link to next hfinfo with same abbrev*/
header_field_info *same_name_prev; /**< Link to previous hfinfo with same abbrev*/
* _header_field_info. If new fields are added or removed, it should
* be changed as necessary.
*/
-#define HFILL 0, 0, 0, NULL, NULL
+#define HFILL 0, 0, 0, 0, NULL, NULL
/** Used when registering many fields at once, using proto_register_field_array() */
typedef struct hf_register_info {
header_field_info *hfinfo; /**< pointer to registered field information */
gint start; /**< current start of data in field_info.ds_tvb */
gint length; /**< current data length of item in field_info.ds_tvb */
- gint tree_type; /**< ETT_ */
+ gint tree_type; /**< one of ETT_ or -1 */
item_label_t *rep; /**< string for GUI tree */
- int flags; /**< one of FI_HIDDEN, ... */
+ int flags; /**< bitfield like FI_GENERATED, ... */
tvbuff_t *ds_tvb; /**< data source tvbuff */
fvalue_t value;
} field_info;
/** The protocol field should not be shown in the tree (it's used for filtering only),
* used in field_info.flags. */
-#define FI_HIDDEN 0x0001
-/** The protocol field should be displayed as "generated by Ethereal",
+/* HIDING PROTOCOL FIELDS IS DEPRECATED, IT'S CONSIDERED TO BE BAD GUI DESIGN! */
+#define FI_HIDDEN 0x0001
+/** The protocol field should be displayed as "generated by Wireshark",
* used in field_info.flags. */
-#define FI_GENERATED 0x0002
+#define FI_GENERATED 0x0002
+/* The protocol field is actually a URL */
+#define FI_URL 0x0004
+
/** convenience macro to get field_info.flags */
#define FI_GET_FLAG(fi, flag) (fi->flags & flag)
/** convenience macro to set field_info.flags */
#define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag)
-
-
/** One of these exists for the entire protocol tree. Each proto_node
* in the protocol tree points to the same copy. */
typedef struct {
GHashTable *interesting_hfids;
gboolean visible;
+ gint count;
} tree_data_t;
/** Each proto_tree, proto_item is one of these. */
/** A protocol item element. */
typedef proto_node proto_item;
+/* expert severities */
+#define PI_SEVERITY_MASK 0x001C /* mask usually for internal use only! */
+/** Usual workflow, e.g. TCP connection establishing */
+#define PI_CHAT 0x0004
+/** Notable messages, e.g. an application returned an "usual" error code like HTTP 404 */
+#define PI_NOTE 0x0008
+/** Warning, e.g. application returned an "unusual" error code */
+#define PI_WARN 0x000C
+/** Serious problems, e.g. [Malformed Packet] */
+#define PI_ERROR 0x0010
+
+/* expert "event groups" */
+#define PI_GROUP_MASK 0xFF00 /* mask usually for internal use only! */
+/** The protocol field has a bad checksum, usually PI_WARN */
+#define PI_CHECKSUM 0x0100
+/** The protocol field indicates a sequence problem (e.g. TCP window is zero) */
+#define PI_SEQUENCE 0x0200
+/** The protocol field indicates a bad application response code (e.g. HTTP 404), usually PI_NOTE */
+#define PI_RESPONSE_CODE 0x0400
+/** The protocol field indicates an application request (e.g. File Handle == xxxx), usually PI_CHAT */
+#define PI_REQUEST_CODE 0x0500
+/** The data is undecoded, the protocol dissection is incomplete here, usually PI_WARN */
+#define PI_UNDECODED 0x0800
+/** The protocol field indicates a reassemble (e.g. DCE/RPC defragmentation), usually PI_CHAT (or PI_ERROR) */
+#define PI_REASSEMBLE 0x1000
+/** The packet data is malformed, the dissector has "given up", usually PI_ERROR */
+#define PI_MALFORMED 0x2000
+/** A generic debugging message (shouldn't remain in production code!), usually PI_ERROR */
+#define PI_DEBUG 0x4000
+/** The protocol field indicates a security probem (e.g. unsecure implementation) */
+/*#define PI_SECURITY 0x8000*/
+
+/* add more, see http://wiki.wireshark.org/Development/ExpertInfo */
+
/** is this protocol field hidden from the protocol tree display (used for filtering only)? */
+/* HIDING PROTOCOL FIELDS IS DEPRECATED, IT'S CONSIDERED TO BE BAD GUI DESIGN! */
#define PROTO_ITEM_IS_HIDDEN(proto_item) \
- ((proto_item) ? FI_GET_FLAG(proto_item->finfo, FI_HIDDEN) : 0)
+ ((proto_item) ? FI_GET_FLAG((proto_item)->finfo, FI_HIDDEN) : 0)
/** mark this protocol field to be hidden from the protocol tree display (used for filtering only) */
+/* HIDING PROTOCOL FIELDS IS DEPRECATED, IT'S CONSIDERED TO BE BAD GUI DESIGN! */
#define PROTO_ITEM_SET_HIDDEN(proto_item) \
- ((proto_item) ? FI_SET_FLAG(proto_item->finfo, FI_HIDDEN) : 0)
-/** is this protocol field generated by Ethereal (and not read from the packet data)? */
+ ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_HIDDEN) : 0)
+/** is this protocol field generated by Wireshark (and not read from the packet data)? */
#define PROTO_ITEM_IS_GENERATED(proto_item) \
- ((proto_item) ? FI_GET_FLAG(proto_item->finfo, FI_GENERATED) : 0)
-/** mark this protocol field as generated by Ethereal (and not read from the packet data) */
+ ((proto_item) ? FI_GET_FLAG((proto_item)->finfo, FI_GENERATED) : 0)
+/** mark this protocol field as generated by Wireshark (and not read from the packet data) */
#define PROTO_ITEM_SET_GENERATED(proto_item) \
- ((proto_item) ? FI_SET_FLAG(proto_item->finfo, FI_GENERATED) : 0)
-
+ ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0)
+/* is this protocol field actually a URL */
+#define PROTO_ITEM_IS_URL(proto_item) \
+ ((proto_item) ? FI_GET_FLAG((proto_item)->finfo, FI_URL) : 0)
+/* mark this protocol field as a URL */
+#define PROTO_ITEM_SET_URL(proto_item) \
+ ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_URL) : 0)
typedef void (*proto_tree_foreach_func)(proto_node *, gpointer);
/** Frees memory used by proto routines. Called at program shutdown */
extern void proto_cleanup(void);
+/** This function takes a tree and a protocol id as parameter and
+ will return TRUE/FALSE for whether the protocol or any of the filterable
+ fields in the protocol is referenced by any fitlers.
+ If this function returns FALSE then it is safe to skip any
+ proto_tree_add_...() calls and just treat the call as if the
+ dissector was called with tree==NULL.
+ If you reset the tree to NULL by this dissector returning FALSE,
+ you will still need to call any subdissector with the original value of
+ tree or filtering will break.
+
+ The purpose of this is to optimize wireshark for speed and make it
+ faster for when filters are being used.
+*/
+extern gboolean proto_field_is_referenced(proto_tree *tree, int proto_id);
+
/** Create a subtree under an existing item.
@return the current length */
extern int proto_item_get_len(proto_item *ti);
+/**
+ * Sets an expert info to the proto_item.
+ @param ti the item to set the expert info
+ @param group the group of this info (e.g. PI_CHECKSUM)
+ @param severity of this info (e.g. PI_ERROR)
+ @return TRUE if value was written
+ */
+extern gboolean proto_item_set_expert_flags(proto_item *ti, int group, int severity);
+
+
/** Creates a new proto_tree root.
/** Set the tree visible or invisible.
Is the parsing being done for a visible proto_tree or an invisible one?
By setting this correctly, the proto_tree creation is sped up by not
- having to call vsnprintf and copy strings around.
+ having to call g_vsnprintf and copy strings around.
@param tree the tree to be set
@param visible ... or not */
extern void
@return parent item */
extern proto_item* proto_tree_get_parent(proto_tree *tree);
+/** Get the root tree from any subtree.
+ @param tree the tree to get the root from
+ @return root tree */
+extern proto_tree* proto_tree_get_root(proto_tree *tree);
+
+/** Move an existing item behind another existing item.
+ @param tree the tree to which both items belong
+ @param fixed_item the item which keeps it's position
+ @param item_to_move the item which will be moved */
+extern void proto_tree_move_item(proto_tree *tree, proto_item *fixed_item, proto_item *item_to_move);
+
/** Add an item to a proto_tree, using the text label registered to that item.
proto_tree_add_bytes_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, const guint8* start_ptr);
-/** Add a formatted FT_BYTES to a proto_tree.
+/** Add a formatted FT_BYTES to a proto_tree, with the format generating
+ the string for the value and with the field name being included
+ automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param start_ptr pointer to the data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_bytes_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, const guint8* start_ptr, const char *format,
+ ...) GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_BYTES to a proto_tree, with the format generating
+ the entire string for the entry, including any field name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
proto_tree_add_time_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, nstime_t* value_ptr);
-/** Add a formatted FT_ABSOLUTE_TIME or FT_RELATIVE_TIME to a proto_tree.
+/** Add a formatted FT_ABSOLUTE_TIME or FT_RELATIVE_TIME to a proto_tree, with
+ the format generating the string for the value and with the field name
+ being included automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value_ptr pointer to the data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_time_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, nstime_t* value_ptr, const char *format, ...)
+ GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_ABSOLUTE_TIME or FT_RELATIVE_TIME to a proto_tree, with
+ the format generating the entire string for the entry, including any field
+ name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
proto_tree_add_ipxnet_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, guint32 value);
-/** Add a formatted FT_IPXNET to a proto_tree.
+/** Add a formatted FT_IPXNET to a proto_tree, with the format generating
+ the string for the value and with the field name being included
+ automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_ipxnet_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, guint32 value, const char *format, ...)
+ GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_IPXNET to a proto_tree, with the format generating
+ the entire string for the entry, including any field name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
proto_tree_add_ipv4_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, guint32 value);
-/** Add a formatted FT_IPv4 to a proto_tree.
+/** Add a formatted FT_IPv4 to a proto_tree, with the format generating
+ the string for the value and with the field name being included
+ automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_ipv4_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, guint32 value, const char *format, ...)
+ GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_IPv4 to a proto_tree, with the format generating
+ the entire string for the entry, including any field name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
proto_tree_add_ipv6_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, const guint8* value_ptr);
-/** Add a formatted FT_IPv6 to a proto_tree.
+/** Add a formatted FT_IPv6 to a proto_tree, with the format generating
+ the string for the value and with the field name being included
+ automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value_ptr data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_ipv6_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, const guint8* value_ptr, const char *format,
+ ...) GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_IPv6 to a proto_tree, with the format generating
+ the entire string for the entry, including any field name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
proto_tree_add_ether_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, const guint8* value);
-/** Add a formatted FT_ETHER to a proto_tree.
+/** Add a formatted FT_ETHER to a proto_tree, with the format generating
+ the string for the value and with the field name being included
+ automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_ether_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, const guint8* value, const char *format, ...)
+ GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_ETHER to a proto_tree, with the format generating
+ the entire string for the entry, including any field name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
proto_tree_add_ether_format(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, const guint8* value, const char *format, ...) GNUC_FORMAT_CHECK(printf,7,8);
+/** Add a FT_GUID to a proto_tree.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value_ptr data to display
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_guid(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
+ gint length, const e_guid_t *value_ptr);
+
+/** Add a hidden FT_GUID to a proto_tree.
+ @deprecated use proto_tree_add_guid() and a subsequent call to PROTO_ITEM_SET_HIDDEN() instead */
+extern proto_item *
+proto_tree_add_guid_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
+ gint length, const e_guid_t *value_ptr);
+
+/** Add a formatted FT_GUID to a proto_tree, with the format generating
+ the string for the value and with the field name being included
+ automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value_ptr data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_guid_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, const e_guid_t *value_ptr, const char *format,
+ ...) GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_GUID to a proto_tree, with the format generating
+ the entire string for the entry, including any field name.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value_ptr data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_guid_format(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
+ gint length, const e_guid_t *value_ptr, const char *format, ...) GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a FT_OID to a proto_tree.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value_ptr data to display
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_oid(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
+ gint length, const guint8* value_ptr);
+
+/** Add a hidden FT_OID to a proto_tree.
+ @deprecated use proto_tree_add_oid() and a subsequent call to PROTO_ITEM_SET_HIDDEN() instead */
+extern proto_item *
+proto_tree_add_oid_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
+ gint length, const guint8* value_ptr);
+
+/** Add a formatted FT_OID to a proto_tree, with the format generating
+ the string for the value and with the field name being included
+ automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value_ptr data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_oid_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, const guint8* value_ptr, const char *format,
+ ...) GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_OID to a proto_tree, with the format generating
+ the entire string for the entry, including any field name.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value_ptr data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_oid_format(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
+ gint length, const guint8* value_ptr, const char *format, ...) GNUC_FORMAT_CHECK(printf,7,8);
+
/** Add a FT_STRING to a proto_tree.
@param tree the tree to append this item to
@param hfindex field index
proto_tree_add_string_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, const char* value);
-/** Add a formatted FT_STRING to a proto_tree.
+/** Add a formatted FT_STRING to a proto_tree, with the format generating
+ the string for the value and with the field name being included
+ automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_string_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, const char* value, const char *format, ...)
+ GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_STRING to a proto_tree, with the format generating
+ the entire string for the entry, including any field name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
proto_tree_add_boolean_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, guint32 value);
-/** Add a formatted FT_BOOLEAN to a proto_tree.
+/** Add a formatted FT_BOOLEAN to a proto_tree, with the format generating
+ the string for the value and with the field name being included
+ automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_boolean_format_value(proto_tree *tree, int hfindex,
+ tvbuff_t *tvb, gint start, gint length, guint32 value,
+ const char *format, ...) GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_BOOLEAN to a proto_tree, with the format generating
+ the entire string for the entry, including any field name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
proto_tree_add_float_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, float value);
-/** Add a formatted FT_FLOAT to a proto_tree.
+/** Add a formatted FT_FLOAT to a proto_tree, with the format generating
+ the string for the value and with the field name being included
+ automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_float_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, float value, const char *format, ...)
+ GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_FLOAT to a proto_tree, with the format generating
+ the entire string for the entry, including any field name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
proto_tree_add_double_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, double value);
-/** Add a formatted FT_DOUBLE to a proto_tree.
+/** Add a formatted FT_DOUBLE to a proto_tree, with the format generating
+ the string for the value and with the field name being included
+ automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_double_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, double value, const char *format, ...)
+ GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_DOUBLE to a proto_tree, with the format generating
+ the entire string for the entry, including any field name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
proto_tree_add_uint(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, guint32 value);
-/** Add a hidden of one of FT_UINT8, FT_UINT16, FT_UINT24 or FT_UINT32 to a proto_tree.
+/** Add a hidden FT_UINT8, FT_UINT16, FT_UINT24 or FT_UINT32 to a proto_tree.
@deprecated use proto_tree_add_uint() and a subsequent call to PROTO_ITEM_SET_HIDDEN() instead */
extern proto_item *
proto_tree_add_uint_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, guint32 value);
-/** Add a formatted of one of FT_UINT8, FT_UINT16, FT_UINT24 or FT_UINT32 to a proto_tree.
+/** Add a formatted FT_UINT8, FT_UINT16, FT_UINT24 or FT_UINT32 to a proto_tree,
+ with the format generating the string for the value and with the field
+ name being included automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_uint_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, guint32 value, const char *format, ...)
+ GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_UINT8, FT_UINT16, FT_UINT24 or FT_UINT32 to a proto_tree,
+ with the format generating the entire string for the entry, including any
+ field name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
proto_tree_add_uint64(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, guint64 value);
-/** Add a formatted FT_UINT64 to a proto_tree.
+/** Add a formatted FT_UINT64 to a proto_tree, with the format generating
+ the string for the value and with the field name being included
+ automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_uint64_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, guint64 value, const char *format, ...)
+ GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_UINT64 to a proto_tree, with the format generating
+ the entire string for the entry, including any field name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
proto_tree_add_int(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, gint32 value);
-/** Add a hidden of one of FT_INT8, FT_INT16, FT_INT24 or FT_INT32 to a proto_tree.
+/** Add a hidden FT_INT8, FT_INT16, FT_INT24 or FT_INT32 to a proto_tree.
@deprecated use proto_tree_add_int() and a subsequent call to PROTO_ITEM_SET_HIDDEN() instead */
extern proto_item *
proto_tree_add_int_hidden(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, gint32 value);
-/** Add a formatted of one of FT_INT8, FT_INT16, FT_INT24 or FT_INT32 to a proto_tree.
+/** Add a formatted FT_INT8, FT_INT16, FT_INT24 or FT_INT32 to a proto_tree,
+ with the format generating the string for the value and with the field
+ name being included automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_int_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, gint32 value, const char *format, ...)
+ GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_INT8, FT_INT16, FT_INT24 or FT_INT32 to a proto_tree,
+ with the format generating the entire string for the entry, including
+ any field name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
proto_tree_add_int64(proto_tree *tree, int hfindex, tvbuff_t *tvb, gint start,
gint length, gint64 value);
-/** Add a formatted FT_INT64 to a proto_tree.
+/** Add a formatted FT_INT64 to a proto_tree, with the format generating
+ the string for the value and with the field name being included
+ automatically.
+ @param tree the tree to append this item to
+ @param hfindex field index
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param value data to display
+ @param format printf like format string
+ @param ... printf like parameters
+ @return the newly created item */
+extern proto_item *
+proto_tree_add_int64_format_value(proto_tree *tree, int hfindex, tvbuff_t *tvb,
+ gint start, gint length, gint64 value, const char *format, ...)
+ GNUC_FORMAT_CHECK(printf,7,8);
+
+/** Add a formatted FT_INT64 to a proto_tree, with the format generating
+ the entire string for the entry, including any field name.
@param tree the tree to append this item to
@param hfindex field index
@param tvb the tv buffer of the current data
-/** Append a string to a protocol item.
+/** Append a string to a protocol item.<br>
+ NOTE: this function will break with the TRY_TO_FAKE_THIS_ITEM()
+ speed optimization.
+ Currently only WSP use this function so it is not that bad but try to
+ avoid using this one if possible.
+ IF you must use this function you MUST also disable the
+ TRY_TO_FAKE_THIS_ITEM() optimization for your dissector/function
+ using proto_item_append_string().
+ Do that by faking that the tree is visible by setting :
+ PTREE_DATA(tree)->visible=1; (see packet-wsp.c)
+ BEFORE you create the item you are later going to use
+ proto_item_append_string() on.
+
@param pi the item to append the string to
@param str the string to append */
extern void
/** Register a new protocol.
- @param name the name of the new protocol
+ @param name the full name of the new protocol
@param short_name abbreviated name of the new protocol
@param filter_name protocol name used for a display filter string
@return the new protocol handle */
extern int
-proto_register_protocol(char *name, char *short_name, char *filter_name);
+proto_register_protocol(const char *name, const char *short_name, const char *filter_name);
/** Register a header_field array.
@param parent the protocol handle from proto_register_protocol()
/** Get name of registered header_field number n.
@param n item # n (0-indexed)
@return the name of this registered item */
-extern char* proto_registrar_get_name(int n);
+extern const char* proto_registrar_get_name(int n);
/** Get abbreviation of registered header_field number n.
@param n item # n (0-indexed)
@return the abbreviation of this registered item */
-extern char* proto_registrar_get_abbrev(int n);
+extern const char* proto_registrar_get_abbrev(int n);
/** Get the header_field information based upon a field or protocol id.
@param hfindex item # n (0-indexed)
@return -1 if item _is_ a protocol */
extern int proto_registrar_get_parent(int n);
-/** Is item #n a protocol?
+/** Is item # n a protocol?
@param n item # n (0-indexed)
@return TRUE if it's a protocol, FALSE if it's not */
extern gboolean proto_registrar_is_protocol(int n);
/** Given a protocol's filter_name.
@param filter_name the filter name to search for
@return proto_id */
-extern int proto_get_id_by_filter_name(gchar* filter_name);
+extern int proto_get_id_by_filter_name(const gchar* filter_name);
-/** Can item #n decoding be disabled?
+/** Can item # n decoding be disabled?
@param proto_id protocol id (0-indexed)
@return TRUE if it's a protocol, FALSE if it's not */
extern gboolean proto_can_toggle_protocol(int proto_id);
/** Get the protocol's name for the given protocol's item number.
@param proto_id protocol id (0-indexed)
@return its name */
-extern char *proto_get_protocol_name(int proto_id);
+extern const char *proto_get_protocol_name(int proto_id);
/** Get the protocol's item number, for the given protocol's "protocol_t".
@return its proto_id */
/** Get the protocol's short name, for the given protocol's "protocol_t".
@return its short name. */
-extern char *proto_get_protocol_short_name(protocol_t *protocol);
+extern const char *proto_get_protocol_short_name(protocol_t *protocol);
/** Is protocol's decoding enabled ?
@param protocol
/** Get a protocol's filter name by it's item number.
@param proto_id protocol id (0-indexed)
@return its filter name. */
-extern char *proto_get_protocol_filter_name(int proto_id);
+extern const char *proto_get_protocol_filter_name(int proto_id);
/** Enable / Disable protocol of the given item number.
@param proto_id protocol id (0-indexed)
* proto_get_finfo_ptr_array because it has to search through the tree. */
extern GPtrArray* proto_find_finfo(proto_tree *tree, int hfindex);
+/* Return GPtrArray* of field_info pointers containg all hfindexes that appear in
+* tree. */
+extern GPtrArray* proto_all_finfos(proto_tree *tree);
+
/** Dumps a glossary of the protocol registrations to STDOUT */
extern void proto_registrar_dump_protocols(void);
/** Points to the first element of an array of Booleans, indexed by
a subtree item type. That array element is TRUE if subtrees of
an item of that type are to be expanded. With MSVC and a
- libethereal.dll, we need a special declaration. */
-ETH_VAR_IMPORT gboolean *tree_is_expanded;
+ libwireshark.dll, we need a special declaration. */
+WS_VAR_IMPORT gboolean *tree_is_expanded;
/** Number of elements in the tree_is_expanded array. With MSVC and a
- * libethereal.dll, we need a special declaration. */
-ETH_VAR_IMPORT int num_tree_types;
+ * libwireshark.dll, we need a special declaration. */
+WS_VAR_IMPORT int num_tree_types;
/** glib doesn't have g_ptr_array_len of all things!*/
#ifndef g_ptr_array_len
extern gboolean
proto_can_match_selected(field_info *finfo, epan_dissect_t *edt);
-/** Construct a display filter string.
+/** Construct a "match selected" display filter string.
@param finfo field_info
@param edt epan dissecting
@return the display filter string */
extern char*
-proto_construct_dfilter_string(field_info *finfo, epan_dissect_t *edt);
+proto_construct_match_selected_string(field_info *finfo, epan_dissect_t *edt);
/** Find field from offset in tvb.
@param tree
git.samba.org / obnox / wireshark / wip.git / blobdiff