1################################################## 2# Samba4 NDR parser generator for IDL structures 3# Copyright tridge@samba.org 2000-2003 4# Copyright tpot@samba.org 2001,2005 5# Copyright jelmer@samba.org 2004-2005 6# Portions based on idl2eth.c by Ronnie Sahlberg 7# released under the GNU GPL 8 9=pod 10 11=head1 NAME 12 13Parse::Pidl::Wireshark::NDR - Parser generator for Wireshark 14 15=cut 16 17package Parse::Pidl::Wireshark::NDR; 18 19use strict; 20use Parse::Pidl::Typelist qw(getType); 21use Parse::Pidl::Util qw(has_property ParseExpr property_matches make_str); 22use Parse::Pidl::NDR qw(ContainsString GetNextLevel); 23use Parse::Pidl::Dump qw(DumpTypedef DumpFunction); 24use Parse::Pidl::Wireshark::Conformance qw(ReadConformance); 25use File::Basename; 26 27use vars qw($VERSION); 28$VERSION = '0.01'; 29 30sub error($$) 31{ 32 my ($e,$t) = @_; 33 print "$e->{FILE}:$e->{LINE}: $t\n"; 34} 35 36my @ett; 37 38my %hf_used = (); 39my %return_types = (); 40my %dissector_used = (); 41 42my $conformance = undef; 43 44my %ptrtype_mappings = ( 45 "unique" => "NDR_POINTER_UNIQUE", 46 "ref" => "NDR_POINTER_REF", 47 "ptr" => "NDR_POINTER_PTR" 48); 49 50sub StripPrefixes($) 51{ 52 my ($s) = @_; 53 54 foreach (@{$conformance->{strip_prefixes}}) { 55 $s =~ s/^$_\_//g; 56 } 57 58 return $s; 59} 60 61# Convert a IDL structure field name (e.g access_mask) to a prettier 62# string like 'Access Mask'. 63 64sub field2name($) 65{ 66 my($field) = shift; 67 68 $field =~ s/_/ /g; # Replace underscores with spaces 69 $field =~ s/(\w+)/\u\L$1/g; # Capitalise each word 70 71 return $field; 72} 73 74my %res = (); 75my $tabs = ""; 76my $cur_fn = undef; 77sub pidl_fn_start($) 78{ 79 my $fn = shift; 80 $cur_fn = $fn; 81} 82sub pidl_fn_end($) 83{ 84 my $fn = shift; 85 die("Inconsistent state: $fn != $cur_fn") if ($fn ne $cur_fn); 86 $cur_fn = undef; 87} 88 89sub pidl_code($) 90{ 91 my $d = shift; 92 return if (defined($cur_fn) and defined($conformance->{manual}->{$cur_fn})); 93 94 if ($d) { 95 $res{code} .= $tabs; 96 $res{code} .= $d; 97 } 98 $res{code} .="\n"; 99} 100 101sub pidl_hdr($) { my $x = shift; $res{hdr} .= "$x\n"; } 102sub pidl_def($) { my $x = shift; $res{def} .= "$x\n"; } 103 104sub indent() 105{ 106 $tabs .= "\t"; 107} 108 109sub deindent() 110{ 111 $tabs = substr($tabs, 0, -1); 112} 113 114sub PrintIdl($) 115{ 116 my $idl = shift; 117 118 foreach (split /\n/, $idl) { 119 pidl_code "/* IDL: $_ */"; 120 } 121 122 pidl_code ""; 123} 124 125##################################################################### 126# parse the interface definitions 127sub Interface($) 128{ 129 my($interface) = @_; 130 Const($_,$interface->{NAME}) foreach (@{$interface->{CONSTS}}); 131 Typedef($_,$interface->{NAME}) foreach (@{$interface->{TYPES}}); 132 Function($_,$interface->{NAME}) foreach (@{$interface->{FUNCTIONS}}); 133} 134 135sub Enum($$$) 136{ 137 my ($e,$name,$ifname) = @_; 138 my $valsstring = "$ifname\_$name\_vals"; 139 my $dissectorname = "$ifname\_dissect\_enum\_".StripPrefixes($name); 140 141 return if (defined($conformance->{noemit}->{StripPrefixes($name)})); 142 143 foreach (@{$e->{ELEMENTS}}) { 144 if (/([^=]*)=(.*)/) { 145 pidl_hdr "#define $1 ($2)"; 146 } 147 } 148 149 pidl_hdr "extern const value_string $valsstring\[];"; 150 pidl_hdr "int $dissectorname(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep, int hf_index, guint32 *param);"; 151 152 pidl_def "const value_string ".$valsstring."[] = {"; 153 foreach (@{$e->{ELEMENTS}}) { 154 next unless (/([^=]*)=(.*)/); 155 pidl_def "\t{ $1, \"$1\" },"; 156 } 157 158 pidl_def "{ 0, NULL }"; 159 pidl_def "};"; 160 161 pidl_fn_start $dissectorname; 162 pidl_code "int"; 163 pidl_code "$dissectorname(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep, int hf_index, guint32 *param)"; 164 pidl_code "{"; 165 indent; 166 pidl_code "offset = dissect_ndr_$e->{BASE_TYPE}(tvb, offset, pinfo, tree, drep, hf_index, param);"; 167 pidl_code "return offset;"; 168 deindent; 169 pidl_code "}\n"; 170 pidl_fn_end $dissectorname; 171 172 my $enum_size = $e->{BASE_TYPE}; 173 $enum_size =~ s/uint//g; 174 register_type($name, "offset = $dissectorname(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);", "FT_UINT$enum_size", "BASE_DEC", "0", "VALS($valsstring)", $enum_size / 8); 175} 176 177sub Bitmap($$$) 178{ 179 my ($e,$name,$ifname) = @_; 180 my $dissectorname = "$ifname\_dissect\_bitmap\_".StripPrefixes($name); 181 182 register_ett("ett_$ifname\_$name"); 183 184 pidl_hdr "int $dissectorname(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep, int hf_index, guint32 param);"; 185 186 pidl_fn_start $dissectorname; 187 pidl_code "int"; 188 pidl_code "$dissectorname(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, guint8 *drep, int hf_index, guint32 param _U_)"; 189 pidl_code "{"; 190 indent; 191 pidl_code "proto_item *item = NULL;"; 192 pidl_code "proto_tree *tree = NULL;"; 193 pidl_code ""; 194 195 pidl_code "g$e->{BASE_TYPE} flags;"; 196 if ($e->{ALIGN} > 1) { 197 pidl_code "ALIGN_TO_$e->{ALIGN}_BYTES;"; 198 } 199 200 pidl_code ""; 201 202 pidl_code "if (parent_tree) {"; 203 indent; 204 pidl_code "item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, $e->{ALIGN}, TRUE);"; 205 pidl_code "tree = proto_item_add_subtree(item,ett_$ifname\_$name);"; 206 deindent; 207 pidl_code "}\n"; 208 209 pidl_code "offset = dissect_ndr_$e->{BASE_TYPE}(tvb, offset, pinfo, NULL, drep, -1, &flags);"; 210 211 pidl_code "proto_item_append_text(item, \": \");\n"; 212 pidl_code "if (!flags)"; 213 pidl_code "\tproto_item_append_text(item, \"(No values set)\");\n"; 214 215 foreach (@{$e->{ELEMENTS}}) { 216 next unless (/([^ ]*) (.*)/); 217 my ($en,$ev) = ($1,$2); 218 my $hf_bitname = "hf_$ifname\_$name\_$en"; 219 my $filtername = "$ifname\.$name\.$en"; 220 221 $hf_used{$hf_bitname} = 1; 222 223 register_hf_field($hf_bitname, field2name($en), $filtername, "FT_BOOLEAN", $e->{ALIGN} * 8, "TFS(&$name\_$en\_tfs)", $ev, ""); 224 225 pidl_def "static const true_false_string $name\_$en\_tfs = {"; 226 if (defined($conformance->{tfs}->{$hf_bitname})) { 227 pidl_def " $conformance->{tfs}->{$hf_bitname}->{TRUE_STRING},"; 228 pidl_def " $conformance->{tfs}->{$hf_bitname}->{FALSE_STRING},"; 229 $conformance->{tfs}->{$hf_bitname}->{USED} = 1; 230 } else { 231 pidl_def " \"$en is SET\","; 232 pidl_def " \"$en is NOT SET\","; 233 } 234 pidl_def "};"; 235 236 pidl_code "proto_tree_add_boolean(tree, $hf_bitname, tvb, offset-$e->{ALIGN}, $e->{ALIGN}, flags);"; 237 pidl_code "if (flags&$ev){"; 238 pidl_code "\tproto_item_append_text(item, \"$en\");"; 239 pidl_code "\tif (flags & (~$ev))"; 240 pidl_code "\t\tproto_item_append_text(item, \", \");"; 241 pidl_code "}"; 242 pidl_code "flags&=(~$ev);"; 243 pidl_code ""; 244 } 245 246 pidl_code "if (flags) {"; 247 pidl_code "\tproto_item_append_text(item, \"Unknown bitmap value 0x%x\", flags);"; 248 pidl_code "}\n"; 249 pidl_code "return offset;"; 250 deindent; 251 pidl_code "}\n"; 252 pidl_fn_end $dissectorname; 253 254 my $size = $e->{BASE_TYPE}; 255 $size =~ s/uint//g; 256 register_type($name, "offset = $dissectorname(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);", "FT_UINT$size", "BASE_HEX", "0", "NULL", $size/8); 257} 258 259sub ElementLevel($$$$$$) 260{ 261 my ($e,$l,$hf,$myname,$pn,$ifname) = @_; 262 263 my $param = 0; 264 265 if (defined($conformance->{dissectorparams}->{$myname})) { 266 $param = $conformance->{dissectorparams}->{$myname}->{PARAM}; 267 } 268 269 if ($l->{TYPE} eq "POINTER") { 270 my $type; 271 if ($l->{LEVEL} eq "TOP") { 272 $type = "toplevel"; 273 } elsif ($l->{LEVEL} eq "EMBEDDED") { 274 $type = "embedded"; 275 } 276 pidl_code "offset = dissect_ndr_$type\_pointer(tvb, offset, pinfo, tree, drep, $myname\_, $ptrtype_mappings{$l->{POINTER_TYPE}}, \"Pointer to ".field2name(StripPrefixes($e->{NAME})) . " ($e->{TYPE})\",$hf);"; 277 } elsif ($l->{TYPE} eq "ARRAY") { 278 if ($l->{IS_INLINE}) { 279 error($e->{ORIGINAL}, "Inline arrays not supported"); 280 } elsif ($l->{IS_FIXED}) { 281 pidl_code "int i;"; 282 pidl_code "for (i = 0; i < $l->{SIZE_IS}; i++)"; 283 pidl_code "\toffset = $myname\_(tvb, offset, pinfo, tree, drep);"; 284 } else { 285 my $type = ""; 286 $type .= "c" if ($l->{IS_CONFORMANT}); 287 $type .= "v" if ($l->{IS_VARYING}); 288 289 unless ($l->{IS_ZERO_TERMINATED}) { 290 pidl_code "offset = dissect_ndr_u" . $type . "array(tvb, offset, pinfo, tree, drep, $myname\_);"; 291 } else { 292 my $nl = GetNextLevel($e,$l); 293 pidl_code "char *data;"; 294 pidl_code ""; 295 pidl_code "offset = dissect_ndr_$type" . "string(tvb, offset, pinfo, tree, drep, sizeof(g$nl->{DATA_TYPE}), $hf, FALSE, &data);"; 296 pidl_code "proto_item_append_text(tree, \": %s\", data);"; 297 } 298 } 299 } elsif ($l->{TYPE} eq "DATA") { 300 if ($l->{DATA_TYPE} eq "string") { 301 my $bs = 2; # Byte size defaults to that of UCS2 302 303 304 ($bs = 1) if (property_matches($e, "flag", ".*LIBNDR_FLAG_STR_ASCII.*")); 305 306 if (property_matches($e, "flag", ".*LIBNDR_FLAG_STR_SIZE4.*") and property_matches($e, "flag", ".*LIBNDR_FLAG_STR_LEN4.*")) { 307 pidl_code "char *data;\n"; 308 pidl_code "offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, drep, $bs, $hf, FALSE, &data);"; 309 pidl_code "proto_item_append_text(tree, \": %s\", data);"; 310 } elsif (property_matches($e, "flag", ".*LIBNDR_FLAG_STR_SIZE4.*")) { 311 pidl_code "offset = dissect_ndr_vstring(tvb, offset, pinfo, tree, drep, $bs, $hf, FALSE, NULL);"; 312 } else { 313 warn("Unable to handle string with flags $e->{PROPERTIES}->{flag}"); 314 } 315 } else { 316 my $call; 317 318 if ($conformance->{imports}->{$l->{DATA_TYPE}}) { 319 $call = $conformance->{imports}->{$l->{DATA_TYPE}}->{DATA}; 320 $conformance->{imports}->{$l->{DATA_TYPE}}->{USED} = 1; 321 } elsif (defined($conformance->{imports}->{"$pn.$e->{NAME}"})) { 322 $call = $conformance->{imports}->{"$pn.$e->{NAME}"}->{DATA}; 323 $conformance->{imports}->{"$pn.$e->{NAME}"}->{USED} = 1; 324 325 } elsif (defined($conformance->{types}->{$l->{DATA_TYPE}})) { 326 $call= $conformance->{types}->{$l->{DATA_TYPE}}->{DISSECTOR_NAME}; 327 $conformance->{types}->{$l->{DATA_TYPE}}->{USED} = 1; 328 } else { 329 pidl_code "offset = $ifname\_dissect_struct_" . $l->{DATA_TYPE} . "(tvb,offset,pinfo,tree,drep,$hf,$param);"; 330 331 return; 332 } 333 334 $call =~ s/\@HF\@/$hf/g; 335 $call =~ s/\@PARAM\@/$param/g; 336 pidl_code "$call"; 337 } 338 } elsif ($_->{TYPE} eq "SUBCONTEXT") { 339 my $num_bits = ($l->{HEADER_SIZE}*8); 340 pidl_code "guint$num_bits size;"; 341 pidl_code "int start_offset = offset;"; 342 pidl_code "tvbuff_t *subtvb;"; 343 pidl_code "offset = dissect_ndr_uint$num_bits(tvb, offset, pinfo, tree, drep, $hf, &size);"; 344 pidl_code "proto_tree_add_text(tree, tvb, start_offset, offset - start_offset + size, \"Subcontext size\");"; 345 346 pidl_code "subtvb = tvb_new_subset(tvb, offset, size, -1);"; 347 pidl_code "$myname\_(subtvb, 0, pinfo, tree, drep);"; 348 } else { 349 die("Unknown type `$_->{TYPE}'"); 350 } 351} 352 353sub Element($$$) 354{ 355 my ($e,$pn,$ifname) = @_; 356 357 my $dissectorname = "$ifname\_dissect\_element\_".StripPrefixes($pn)."\_".StripPrefixes($e->{NAME}); 358 359 my $call_code = "offset = $dissectorname(tvb, offset, pinfo, tree, drep);"; 360 361 my $type = find_type($e->{TYPE}); 362 363 if (not defined($type)) { 364 # default settings 365 $type = { 366 MASK => 0, 367 VALSSTRING => "NULL", 368 FT_TYPE => "FT_NONE", 369 BASE_TYPE => "BASE_HEX" 370 }; 371 } 372 373 if (ContainsString($e)) { 374 $type = { 375 MASK => 0, 376 VALSSTRING => "NULL", 377 FT_TYPE => "FT_STRING", 378 BASE_TYPE => "BASE_DEC" 379 }; 380 } 381 382 my $hf = register_hf_field("hf_$ifname\_$pn\_$e->{NAME}", field2name($e->{NAME}), "$ifname.$pn.$e->{NAME}", $type->{FT_TYPE}, $type->{BASE_TYPE}, $type->{VALSSTRING}, $type->{MASK}, ""); 383 $hf_used{$hf} = 1; 384 385 my $eltname = StripPrefixes($pn) . ".$e->{NAME}"; 386 if (defined($conformance->{noemit}->{$eltname})) { 387 return $call_code; 388 } 389 390 my $add = ""; 391 392 foreach (@{$e->{LEVELS}}) { 393 next if ($_->{TYPE} eq "SWITCH"); 394 pidl_def "static int $dissectorname$add(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep);"; 395 pidl_fn_start "$dissectorname$add"; 396 pidl_code "static int"; 397 pidl_code "$dissectorname$add(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)"; 398 pidl_code "{"; 399 indent; 400 401 ElementLevel($e,$_,$hf,$dissectorname.$add,$pn,$ifname); 402 403 pidl_code ""; 404 pidl_code "return offset;"; 405 deindent; 406 pidl_code "}\n"; 407 pidl_fn_end "$dissectorname$add"; 408 $add.="_"; 409 last if ($_->{TYPE} eq "ARRAY" and $_->{IS_ZERO_TERMINATED}); 410 } 411 412 return $call_code; 413} 414 415sub Function($$$) 416{ 417 my ($fn,$ifname) = @_; 418 419 my %dissectornames; 420 421 foreach (@{$fn->{ELEMENTS}}) { 422 $dissectornames{$_->{NAME}} = Element($_, $fn->{NAME}, $ifname) if not defined($dissectornames{$_->{NAME}}); 423 } 424 425 my $fn_name = $_->{NAME}; 426 $fn_name =~ s/^${ifname}_//; 427 428 PrintIdl DumpFunction($fn->{ORIGINAL}); 429 pidl_fn_start "$ifname\_dissect\_$fn_name\_response"; 430 pidl_code "static int"; 431 pidl_code "$ifname\_dissect\_${fn_name}_response(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)"; 432 pidl_code "{"; 433 indent; 434 if ( not defined($fn->{RETURN_TYPE})) { 435 } elsif ($fn->{RETURN_TYPE} eq "NTSTATUS" or $fn->{RETURN_TYPE} eq "WERROR") 436 { 437 pidl_code "guint32 status;\n"; 438 } elsif (my $type = getType($fn->{RETURN_TYPE})) { 439 if ($type->{DATA}->{TYPE} eq "ENUM") { 440 pidl_code "g".Parse::Pidl::Typelist::enum_type_fn($type->{DATA}) . " status;\n"; 441 } elsif ($type->{DATA}->{TYPE} eq "SCALAR") { 442 pidl_code "g$fn->{RETURN_TYPE} status;\n"; 443 } else { 444 print "$fn->{FILE}:$fn->{LINE}: error: return type `$fn->{RETURN_TYPE}' not yet supported\n"; 445 } 446 } else { 447 print "$fn->{FILE}:$fn->{LINE}: error: unknown return type `$fn->{RETURN_TYPE}'\n"; 448 } 449 450 foreach (@{$fn->{ELEMENTS}}) { 451 if (grep(/out/,@{$_->{DIRECTION}})) { 452 pidl_code "$dissectornames{$_->{NAME}}"; 453 pidl_code "offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);"; 454 pidl_code ""; 455 } 456 } 457 458 if (not defined($fn->{RETURN_TYPE})) { 459 } elsif ($fn->{RETURN_TYPE} eq "NTSTATUS") { 460 pidl_code "offset = dissect_ntstatus(tvb, offset, pinfo, tree, drep, hf\_$ifname\_status, &status);\n"; 461 pidl_code "if (status != 0 && check_col(pinfo->cinfo, COL_INFO))"; 462 pidl_code "\tcol_append_fstr(pinfo->cinfo, COL_INFO, \", Error: %s\", val_to_str(status, NT_errors, \"Unknown NT status 0x%08x\"));\n"; 463 $return_types{$ifname}->{"status"} = ["NTSTATUS", "NT Error"]; 464 } elsif ($fn->{RETURN_TYPE} eq "WERROR") { 465 pidl_code "offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep, hf\_$ifname\_werror, &status);\n"; 466 pidl_code "if (status != 0 && check_col(pinfo->cinfo, COL_INFO))"; 467 pidl_code "\tcol_append_fstr(pinfo->cinfo, COL_INFO, \", Error: %s\", val_to_str(status, WERR_errors, \"Unknown DOS error 0x%08x\"));\n"; 468 469 $return_types{$ifname}->{"werror"} = ["WERROR", "Windows Error"]; 470 } elsif (my $type = getType($fn->{RETURN_TYPE})) { 471 if ($type->{DATA}->{TYPE} eq "ENUM") { 472 my $return_type = "g".Parse::Pidl::Typelist::enum_type_fn($type->{DATA}); 473 my $return_dissect = "dissect_ndr_" .Parse::Pidl::Typelist::enum_type_fn($type->{DATA}); 474 475 pidl_code "offset = $return_dissect(tvb, offset, pinfo, tree, drep, hf\_$ifname\_$fn->{RETURN_TYPE}_status, &status);"; 476 pidl_code "if (status != 0 && check_col(pinfo->cinfo, COL_INFO))"; 477 pidl_code "\tcol_append_fstr(pinfo->cinfo, COL_INFO, \", Status: %s\", val_to_str(status, $ifname\_$fn->{RETURN_TYPE}\_vals, \"Unknown " . $fn->{RETURN_TYPE} . " error 0x%08x\"));\n"; 478 $return_types{$ifname}->{$fn->{RETURN_TYPE}."_status"} = [$fn->{RETURN_TYPE}, $fn->{RETURN_TYPE}]; 479 } elsif ($type->{DATA}->{TYPE} eq "SCALAR") { 480 pidl_code "offset = dissect_ndr_$fn->{RETURN_TYPE}(tvb, offset, pinfo, tree, drep, hf\_$ifname\_$fn->{RETURN_TYPE}_status, &status);"; 481 pidl_code "if (status != 0 && check_col(pinfo->cinfo, COL_INFO))"; 482 pidl_code "\tcol_append_fstr(pinfo->cinfo, COL_INFO, \", Status: %d\", status);\n"; 483 $return_types{$ifname}->{$fn->{RETURN_TYPE}."_status"} = [$fn->{RETURN_TYPE}, $fn->{RETURN_TYPE}]; 484 } 485 } 486 487 488 pidl_code "return offset;"; 489 deindent; 490 pidl_code "}\n"; 491 pidl_fn_end "$ifname\_dissect\_$fn_name\_response"; 492 493 pidl_fn_start "$ifname\_dissect\_$fn_name\_request"; 494 pidl_code "static int"; 495 pidl_code "$ifname\_dissect\_${fn_name}_request(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)"; 496 pidl_code "{"; 497 indent; 498 foreach (@{$fn->{ELEMENTS}}) { 499 if (grep(/in/,@{$_->{DIRECTION}})) { 500 pidl_code "$dissectornames{$_->{NAME}}"; 501 pidl_code "offset = dissect_deferred_pointers(pinfo, tvb, offset, drep);"; 502 } 503 504 } 505 506 pidl_code "return offset;"; 507 deindent; 508 pidl_code "}\n"; 509 pidl_fn_end "$ifname\_dissect\_$fn_name\_request"; 510} 511 512sub Struct($$$) 513{ 514 my ($e,$name,$ifname) = @_; 515 my $dissectorname = "$ifname\_dissect\_struct\_".StripPrefixes($name); 516 517 return if (defined($conformance->{noemit}->{StripPrefixes($name)})); 518 519 register_ett("ett_$ifname\_$name"); 520 521 my $res = ""; 522 ($res.="\t".Element($_, $name, $ifname)."\n\n") foreach (@{$e->{ELEMENTS}}); 523 524 pidl_hdr "int $dissectorname(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, guint8 *drep, int hf_index, guint32 param _U_);"; 525 526 pidl_fn_start $dissectorname; 527 pidl_code "int"; 528 pidl_code "$dissectorname(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, guint8 *drep, int hf_index, guint32 param _U_)"; 529 pidl_code "{"; 530 indent; 531 pidl_code "proto_item *item = NULL;"; 532 pidl_code "proto_tree *tree = NULL;"; 533 pidl_code "int old_offset;"; 534 pidl_code ""; 535 536 if ($e->{ALIGN} > 1) { 537 pidl_code "ALIGN_TO_$e->{ALIGN}_BYTES;"; 538 } 539 pidl_code ""; 540 541 pidl_code "old_offset = offset;"; 542 pidl_code ""; 543 pidl_code "if (parent_tree) {"; 544 indent; 545 pidl_code "item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, TRUE);"; 546 pidl_code "tree = proto_item_add_subtree(item, ett_$ifname\_$name);"; 547 deindent; 548 pidl_code "}"; 549 550 pidl_code "\n$res"; 551 552 pidl_code "proto_item_set_len(item, offset-old_offset);\n"; 553 pidl_code "return offset;"; 554 deindent; 555 pidl_code "}\n"; 556 pidl_fn_end $dissectorname; 557 558 register_type($name, "offset = $dissectorname(tvb,offset,pinfo,tree,drep,\@HF\@,\@PARAM\@);", "FT_NONE", "BASE_NONE", 0, "NULL", 0); 559} 560 561sub Union($$$) 562{ 563 my ($e,$name,$ifname) = @_; 564 565 my $dissectorname = "$ifname\_dissect_".StripPrefixes($name); 566 567 return if (defined($conformance->{noemit}->{StripPrefixes($name)})); 568 569 register_ett("ett_$ifname\_$name"); 570 571 my $res = ""; 572 foreach (@{$e->{ELEMENTS}}) { 573 $res.="\n\t\t$_->{CASE}:\n"; 574 if ($_->{TYPE} ne "EMPTY") { 575 $res.="\t\t\t".Element($_, $name, $ifname)."\n"; 576 } 577 $res.="\t\tbreak;\n"; 578 } 579 580 my $switch_type; 581 my $switch_dissect; 582 my $switch_dt = getType($e->{SWITCH_TYPE}); 583 if ($switch_dt->{DATA}->{TYPE} eq "ENUM") { 584 $switch_type = "g".Parse::Pidl::Typelist::enum_type_fn($switch_dt->{DATA}); 585 $switch_dissect = "dissect_ndr_" .Parse::Pidl::Typelist::enum_type_fn($switch_dt->{DATA}); 586 } elsif ($switch_dt->{DATA}->{TYPE} eq "SCALAR") { 587 $switch_type = "g$e->{SWITCH_TYPE}"; 588 $switch_dissect = "dissect_ndr_$e->{SWITCH_TYPE}"; 589 } 590 591 pidl_fn_start $dissectorname; 592 pidl_code "static int"; 593 pidl_code "$dissectorname(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, guint8 *drep, int hf_index, guint32 param _U_)"; 594 pidl_code "{"; 595 indent; 596 pidl_code "proto_item *item = NULL;"; 597 pidl_code "proto_tree *tree = NULL;"; 598 pidl_code "int old_offset;"; 599 pidl_code "$switch_type level;"; 600 pidl_code ""; 601 602 if ($e->{ALIGN} > 1) { 603 pidl_code "ALIGN_TO_$e->{ALIGN}_BYTES;"; 604 } 605 606 pidl_code ""; 607 608 pidl_code "old_offset = offset;"; 609 pidl_code "if (parent_tree) {"; 610 indent; 611 pidl_code "item = proto_tree_add_text(parent_tree, tvb, offset, -1, \"$name\");"; 612 pidl_code "tree = proto_item_add_subtree(item, ett_$ifname\_$name);"; 613 deindent; 614 pidl_code "}"; 615 616 pidl_code ""; 617 618 pidl_code "offset = $switch_dissect(tvb, offset, pinfo, tree, drep, hf_index, &level);"; 619 620 pidl_code "switch(level) {$res\t}"; 621 pidl_code "proto_item_set_len(item, offset-old_offset);\n"; 622 pidl_code "return offset;"; 623 deindent; 624 pidl_code "}"; 625 pidl_fn_end $dissectorname; 626 627 register_type($name, "offset = $dissectorname(tvb, offset, pinfo, tree, drep, \@HF\@, \@PARAM\@);", "FT_NONE", "BASE_NONE", 0, "NULL", 0); 628} 629 630sub Const($$) 631{ 632 my ($const,$ifname) = @_; 633 634 if (!defined($const->{ARRAY_LEN}[0])) { 635 pidl_hdr "#define $const->{NAME}\t( $const->{VALUE} )\n"; 636 } else { 637 pidl_hdr "#define $const->{NAME}\t $const->{VALUE}\n"; 638 } 639} 640 641sub Typedef($$) 642{ 643 my ($e,$ifname) = @_; 644 645 PrintIdl DumpTypedef($e->{ORIGINAL}); 646 647 { 648 ENUM => \&Enum, 649 STRUCT => \&Struct, 650 UNION => \&Union, 651 BITMAP => \&Bitmap 652 }->{$e->{DATA}->{TYPE}}->($e->{DATA}, $e->{NAME}, $ifname); 653} 654 655sub RegisterInterface($) 656{ 657 my ($x) = @_; 658 659 pidl_fn_start "proto_register_dcerpc_$x->{NAME}"; 660 pidl_code "void proto_register_dcerpc_$x->{NAME}(void)"; 661 pidl_code "{"; 662 indent; 663 664 $res{code}.=DumpHfList()."\n"; 665 $res{code}.="\n".DumpEttList()."\n"; 666 667 if (defined($x->{UUID})) { 668 # These can be changed to non-pidl_code names if the old dissectors 669 # in epan/dissctors are deleted. 670 671 my $name = uc($x->{NAME}) . " (pidl)"; 672 my $short_name = uc($x->{NAME}); 673 my $filter_name = $x->{NAME}; 674 675 if (has_property($x, "helpstring")) { 676 $name = $x->{PROPERTIES}->{helpstring}; 677 } 678 679 if (defined($conformance->{protocols}->{$x->{NAME}})) { 680 $short_name = $conformance->{protocols}->{$x->{NAME}}->{SHORTNAME}; 681 $name = $conformance->{protocols}->{$x->{NAME}}->{LONGNAME}; 682 $filter_name = $conformance->{protocols}->{$x->{NAME}}->{FILTERNAME}; 683 } 684 685 pidl_code "proto_dcerpc_$x->{NAME} = proto_register_protocol(".make_str($name).", ".make_str($short_name).", ".make_str($filter_name).");"; 686 687 pidl_code "proto_register_field_array(proto_dcerpc_$x->{NAME}, hf, array_length (hf));"; 688 pidl_code "proto_register_subtree_array(ett, array_length(ett));"; 689 } else { 690 pidl_code "proto_dcerpc = proto_get_id_by_filter_name(\"dcerpc\");"; 691 pidl_code "proto_register_field_array(proto_dcerpc, hf, array_length(hf));"; 692 pidl_code "proto_register_subtree_array(ett, array_length(ett));"; 693 } 694 695 deindent; 696 pidl_code "}\n"; 697 pidl_fn_end "proto_register_dcerpc_$x->{NAME}"; 698} 699 700sub RegisterInterfaceHandoff($) 701{ 702 my $x = shift; 703 704 if (defined($x->{UUID})) { 705 pidl_fn_start "proto_reg_handoff_dcerpc_$x->{NAME}"; 706 pidl_code "void proto_reg_handoff_dcerpc_$x->{NAME}(void)"; 707 pidl_code "{"; 708 indent; 709 pidl_code "dcerpc_init_uuid(proto_dcerpc_$x->{NAME}, ett_dcerpc_$x->{NAME},"; 710 pidl_code "\t&uuid_dcerpc_$x->{NAME}, ver_dcerpc_$x->{NAME},"; 711 pidl_code "\t$x->{NAME}_dissectors, hf_$x->{NAME}_opnum);"; 712 deindent; 713 pidl_code "}"; 714 pidl_fn_end "proto_reg_handoff_dcerpc_$x->{NAME}"; 715 716 $hf_used{"hf_$x->{NAME}_opnum"} = 1; 717 } 718} 719 720sub ProcessInclude 721{ 722 my @includes = @_; 723 foreach (@includes) { 724 pidl_hdr "#include \"$_\"\n"; 725 } 726} 727 728sub ProcessImport 729{ 730 my @imports = @_; 731 foreach (@imports) { 732 next if($_ eq "security"); 733 s/\.idl\"$//; 734 s/^\"//; 735 pidl_hdr "#include \"packet-dcerpc-$_\.h\"\n"; 736 } 737} 738 739sub ProcessInterface($) 740{ 741 my ($x) = @_; 742 743 push(@{$conformance->{strip_prefixes}}, $x->{NAME}); 744 745 my $define = "__PACKET_DCERPC_" . uc($_->{NAME}) . "_H"; 746 pidl_hdr "#ifndef $define"; 747 pidl_hdr "#define $define"; 748 pidl_hdr ""; 749 750 pidl_def "static gint proto_dcerpc_$x->{NAME} = -1;"; 751 register_ett("ett_dcerpc_$x->{NAME}"); 752 register_hf_field("hf_$x->{NAME}_opnum", "Operation", "$x->{NAME}.opnum", "FT_UINT16", "BASE_DEC", "NULL", 0, ""); 753 754 if (defined($x->{UUID})) { 755 my $if_uuid = $x->{UUID}; 756 757 pidl_def "/* Version information */\n\n"; 758 759 pidl_def "static e_uuid_t uuid_dcerpc_$x->{NAME} = {"; 760 pidl_def "\t0x" . substr($if_uuid, 1, 8) 761 . ", 0x" . substr($if_uuid, 10, 4) 762 . ", 0x" . substr($if_uuid, 15, 4) . ","; 763 pidl_def "\t{ 0x" . substr($if_uuid, 20, 2) 764 . ", 0x" . substr($if_uuid, 22, 2) 765 . ", 0x" . substr($if_uuid, 25, 2) 766 . ", 0x" . substr($if_uuid, 27, 2) 767 . ", 0x" . substr($if_uuid, 29, 2) 768 . ", 0x" . substr($if_uuid, 31, 2) 769 . ", 0x" . substr($if_uuid, 33, 2) 770 . ", 0x" . substr($if_uuid, 35, 2) . " }"; 771 pidl_def "};"; 772 773 my $maj = $x->{VERSION}; 774 $maj =~ s/\.(.*)$//g; 775 pidl_def "static guint16 ver_dcerpc_$x->{NAME} = $maj;"; 776 pidl_def ""; 777 } 778 779 $return_types{$x->{NAME}} = {}; 780 781 Interface($x); 782 783 pidl_code "\n".DumpFunctionTable($x); 784 785 foreach (keys %{$return_types{$x->{NAME}}}) { 786 my ($type, $desc) = @{$return_types{$x->{NAME}}->{$_}}; 787 my $dt = find_type($type); 788 $dt or die("Unable to find information about return type `$type'"); 789 register_hf_field("hf_$x->{NAME}_$_", $desc, "$x->{NAME}.$_", $dt->{FT_TYPE}, "BASE_HEX", $dt->{VALSSTRING}, 0, ""); 790 $hf_used{"hf_$x->{NAME}_$_"} = 1; 791 } 792 793 RegisterInterface($x); 794 RegisterInterfaceHandoff($x); 795 796 pidl_hdr "#endif /* $define */"; 797} 798 799sub find_type($) 800{ 801 my $n = shift; 802 803 return $conformance->{types}->{$n}; 804} 805 806sub register_type($$$$$$$) 807{ 808 my ($type,$call,$ft,$base,$mask,$vals,$length) = @_; 809 810 $conformance->{types}->{$type} = { 811 NAME => $type, 812 DISSECTOR_NAME => $call, 813 FT_TYPE => $ft, 814 BASE_TYPE => $base, 815 MASK => $mask, 816 VALSSTRING => $vals, 817 ALIGNMENT => $length 818 }; 819} 820 821# Loads the default types 822sub Initialize($) 823{ 824 my $cnf_file = shift; 825 826 $conformance = { 827 imports => {}, 828 header_fields=> {} 829 }; 830 831 ReadConformance($cnf_file, $conformance) or print "Warning: No conformance file `$cnf_file'\n"; 832 833 foreach my $bytes (qw(1 2 4 8)) { 834 my $bits = $bytes * 8; 835 register_type("uint$bits", "offset = dissect_ndr_uint$bits(tvb, offset, pinfo, tree, drep, \@HF\@,NULL);", "FT_UINT$bits", "BASE_DEC", 0, "NULL", $bytes); 836 register_type("int$bits", "offset = dissect_ndr_uint$bits(tvb, offset, pinfo, tree, drep, \@HF\@, NULL);", "FT_INT$bits", "BASE_DEC", 0, "NULL", $bytes); 837 } 838 839 register_type("udlong", "offset = dissect_ndr_duint32(tvb, offset, pinfo, tree, drep, \@HF\@, NULL);", "FT_UINT64", "BASE_DEC", 0, "NULL", 4); 840 register_type("bool8", "offset = dissect_ndr_uint8(tvb, offset, pinfo, tree, drep, \@HF\@, NULL);","FT_INT8", "BASE_DEC", 0, "NULL", 1); 841 register_type("char", "offset = dissect_ndr_uint8(tvb, offset, pinfo, tree, drep, \@HF\@, NULL);","FT_INT8", "BASE_DEC", 0, "NULL", 1); 842 register_type("long", "offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep, \@HF\@, NULL);","FT_INT32", "BASE_DEC", 0, "NULL", 4); 843 register_type("dlong", "offset = dissect_ndr_duint32(tvb, offset, pinfo, tree, drep, \@HF\@, NULL);","FT_INT64", "BASE_DEC", 0, "NULL", 8); 844 register_type("GUID", "offset = dissect_ndr_uuid_t(tvb, offset, pinfo, tree, drep, \@HF\@, NULL);","FT_GUID", "BASE_NONE", 0, "NULL", 4); 845 register_type("policy_handle", "offset = dissect_nt_policy_hnd(tvb, offset, pinfo, tree, drep, \@HF\@, NULL, NULL, \@PARAM\@&0x01, \@PARAM\@&0x02);","FT_BYTES", "BASE_NONE", 0, "NULL", 4); 846 register_type("NTTIME", "offset = dissect_ndr_nt_NTTIME(tvb, offset, pinfo, tree, drep, \@HF\@);","FT_ABSOLUTE_TIME", "BASE_NONE", 0, "NULL", 4); 847 register_type("NTTIME_hyper", "offset = dissect_ndr_nt_NTTIME(tvb, offset, pinfo, tree, drep, \@HF\@);","FT_ABSOLUTE_TIME", "BASE_NONE", 0, "NULL", 4); 848 register_type("time_t", "offset = dissect_ndr_time_t(tvb, offset, pinfo,tree, drep, \@HF\@, NULL);","FT_ABSOLUTE_TIME", "BASE_DEC", 0, "NULL", 4); 849 register_type("NTTIME_1sec", "offset = dissect_ndr_nt_NTTIME(tvb, offset, pinfo, tree, drep, \@HF\@);", "FT_ABSOLUTE_TIME", "BASE_NONE", 0, "NULL", 4); 850 register_type("SID", " 851 dcerpc_info *di = (dcerpc_info *)pinfo->private_data; 852 853 di->hf_index = \@HF\@; 854 855 offset = dissect_ndr_nt_SID_with_options(tvb, offset, pinfo, tree, drep, param); 856 ","FT_STRING", "BASE_DEC", 0, "NULL", 4); 857 register_type("WERROR", 858 "offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep, \@HF\@, NULL);","FT_UINT32", "BASE_DEC", 0, "VALS(WERR_errors)", 4); 859 register_type("NTSTATUS", 860 "offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep, \@HF\@, NULL);","FT_UINT32", "BASE_DEC", 0, "VALS(NT_errors)", 4); 861 862} 863 864##################################################################### 865# Generate Wireshark parser and header code 866sub Parse($$$$) 867{ 868 my($ndr,$idl_file,$h_filename,$cnf_file) = @_; 869 Initialize($cnf_file); 870 871 return (undef, undef) if defined($conformance->{noemit_dissector}); 872 873 $tabs = ""; 874 875 %res = (code=>"",def=>"",hdr=>""); 876 @ett = (); 877 878 my $notice = 879"/* DO NOT EDIT 880 This filter was automatically generated 881 from $idl_file and $cnf_file. 882 883 Pidl is a perl based IDL compiler for DCE/RPC idl files. 884 It is maintained by the Samba team, not the Wireshark team. 885 Instructions on how to download and install Pidl can be 886 found at http://wiki.wireshark.org/Pidl 887*/ 888 889"; 890 891 pidl_hdr $notice; 892 893 $res{headers} = "\n"; 894 $res{headers} .= "#ifdef HAVE_CONFIG_H\n"; 895 $res{headers} .= "#include \"config.h\"\n"; 896 $res{headers} .= "#endif\n\n"; 897 $res{headers} .= "#include <glib.h>\n"; 898 $res{headers} .= "#include <string.h>\n"; 899 $res{headers} .= "#include <epan/packet.h>\n\n"; 900 901 $res{headers} .= "#include \"packet-dcerpc.h\"\n"; 902 $res{headers} .= "#include \"packet-dcerpc-nt.h\"\n"; 903 $res{headers} .= "#include \"packet-windows-common.h\"\n"; 904 905 my $h_basename = basename($h_filename); 906 907 $res{headers} .= "#include \"$h_basename\"\n"; 908 pidl_code ""; 909 910 # Wireshark protocol registration 911 912 foreach (@$ndr) { 913 ProcessInterface($_) if ($_->{TYPE} eq "INTERFACE"); 914 ProcessImport(@{$_->{PATHS}}) if ($_->{TYPE} eq "IMPORT"); 915 ProcessInclude(@{$_->{PATHS}}) if ($_->{TYPE} eq "INCLUDE"); 916 } 917 918 $res{ett} = DumpEttDeclaration(); 919 $res{hf} = DumpHfDeclaration(); 920 921 my $parser = $notice; 922 $parser.= $res{headers}; 923 $parser.=$res{ett}; 924 $parser.=$res{hf}; 925 $parser.=$res{def}; 926 $parser.=$conformance->{override}; 927 $parser.=$res{code}; 928 929 my $header = "/* autogenerated by pidl */\n\n"; 930 $header.=$res{hdr}; 931 932 CheckUsed($conformance); 933 934 return ($parser,$header); 935} 936 937############################################################################### 938# ETT 939############################################################################### 940 941sub register_ett($) 942{ 943 my $name = shift; 944 945 push (@ett, $name); 946} 947 948sub DumpEttList() 949{ 950 my $res = "\tstatic gint *ett[] = {\n"; 951 foreach (@ett) { 952 $res .= "\t\t&$_,\n"; 953 } 954 955 return "$res\t};\n"; 956} 957 958sub DumpEttDeclaration() 959{ 960 my $res = "\n/* Ett declarations */\n"; 961 foreach (@ett) { 962 $res .= "static gint $_ = -1;\n"; 963 } 964 965 return "$res\n"; 966} 967 968############################################################################### 969# HF 970############################################################################### 971 972sub register_hf_field($$$$$$$$) 973{ 974 my ($index,$name,$filter_name,$ft_type,$base_type,$valsstring,$mask,$blurb) = @_; 975 976 if (defined ($conformance->{hf_renames}->{$index})) { 977 $conformance->{hf_renames}->{$index}->{USED} = 1; 978 return $conformance->{hf_renames}->{$index}->{NEWNAME}; 979 } 980 981 $conformance->{header_fields}->{$index} = { 982 INDEX => $index, 983 NAME => $name, 984 FILTER => $filter_name, 985 FT_TYPE => $ft_type, 986 BASE_TYPE => $base_type, 987 VALSSTRING => $valsstring, 988 MASK => $mask, 989 BLURB => $blurb 990 }; 991 992 if ((not defined($blurb) or $blurb eq "") and 993 defined($conformance->{fielddescription}->{$index})) { 994 $conformance->{header_fields}->{$index}->{BLURB} = 995 $conformance->{fielddescription}->{$index}->{DESCRIPTION}; 996 $conformance->{fielddescription}->{$index}->{USED} = 1; 997 } 998 999 return $index; 1000} 1001 1002sub DumpHfDeclaration() 1003{ 1004 my $res = ""; 1005 1006 $res = "\n/* Header field declarations */\n"; 1007 1008 foreach (keys %{$conformance->{header_fields}}) 1009 { 1010 $res .= "static gint $_ = -1;\n"; 1011 } 1012 1013 return "$res\n"; 1014} 1015 1016sub DumpHfList() 1017{ 1018 my $res = "\tstatic hf_register_info hf[] = {\n"; 1019 1020 foreach (values %{$conformance->{header_fields}}) 1021 { 1022 $res .= "\t{ &$_->{INDEX}, 1023 { ".make_str($_->{NAME}).", ".make_str($_->{FILTER}).", $_->{FT_TYPE}, $_->{BASE_TYPE}, $_->{VALSSTRING}, $_->{MASK}, ".make_str($_->{BLURB}).", HFILL }}, 1024"; 1025 } 1026 1027 return $res."\t};\n"; 1028} 1029 1030 1031############################################################################### 1032# Function table 1033############################################################################### 1034 1035sub DumpFunctionTable($) 1036{ 1037 my $if = shift; 1038 1039 my $res = "static dcerpc_sub_dissector $if->{NAME}\_dissectors[] = {\n"; 1040 foreach (@{$if->{FUNCTIONS}}) { 1041 my $fn_name = $_->{NAME}; 1042 $fn_name =~ s/^$if->{NAME}_//; 1043 $res.= "\t{ $_->{OPNUM}, \"$fn_name\",\n"; 1044 $res.= "\t $if->{NAME}_dissect_${fn_name}_request, $if->{NAME}_dissect_${fn_name}_response},\n"; 1045 } 1046 1047 $res .= "\t{ 0, NULL, NULL, NULL }\n"; 1048 1049 return "$res};\n"; 1050} 1051 1052sub CheckUsed($) 1053{ 1054 my $conformance = shift; 1055 foreach (values %{$conformance->{header_fields}}) { 1056 if (not defined($hf_used{$_->{INDEX}})) { 1057 print "$_->{POS}: warning: hf field `$_->{INDEX}' not used\n"; 1058 } 1059 } 1060 1061 foreach (values %{$conformance->{hf_renames}}) { 1062 if (not $_->{USED}) { 1063 print "$_->{POS}: warning: hf field `$_->{OLDNAME}' not used\n"; 1064 } 1065 } 1066 1067 foreach (values %{$conformance->{dissectorparams}}) { 1068 if (not $_->{USED}) { 1069 print "$_->{POS}: warning: dissector param never used\n"; 1070 } 1071 } 1072 1073 foreach (values %{$conformance->{imports}}) { 1074 if (not $_->{USED}) { 1075 print "$_->{POS}: warning: import never used\n"; 1076 } 1077 } 1078 1079 foreach (values %{$conformance->{types}}) { 1080 if (not $_->{USED} and defined($_->{POS})) { 1081 print "$_->{POS}: warning: type never used\n"; 1082 } 1083 } 1084 1085 foreach (values %{$conformance->{fielddescription}}) { 1086 if (not $_->{USED}) { 1087 print "$_->{POS}: warning: description never used\n"; 1088 } 1089 } 1090 1091 foreach (values %{$conformance->{tfs}}) { 1092 if (not $_->{USED}) { 1093 print "$_->{POS}: warning: True/False description never used\n"; 1094 } 1095 } 1096} 1097 10981; 1099