1 /* expert.c
2 * Collecting Expert information.
3 *
4 * Implemented as a tap named "expert".
5 *
6 * Wireshark - Network traffic analyzer
7 * By Gerald Combs <gerald@wireshark.org>
8 * Copyright 1998 Gerald Combs
9 *
10 * SPDX-License-Identifier: GPL-2.0-or-later
11 */
12
13 #include "config.h"
14 #define WS_LOG_DOMAIN LOG_DOMAIN_EPAN
15
16 #include <stdio.h>
17 #include <stdlib.h>
18
19 #include "packet.h"
20 #include "expert.h"
21 #include "uat.h"
22 #include "prefs.h"
23 #include <epan/wmem_scopes.h>
24 #include "tap.h"
25
26 #include <wsutil/wslog.h>
27
28 /* proto_expert cannot be static because it's referenced in the
29 * print routines
30 */
31 int proto_expert = -1;
32
33 static int proto_malformed = -1;
34
35 static int expert_tap = -1;
36 static int highest_severity = 0;
37
38 static int ett_expert = -1;
39 static int ett_subexpert = -1;
40
41 static int hf_expert_msg = -1;
42 static int hf_expert_group = -1;
43 static int hf_expert_severity = -1;
44
45 struct expert_module
46 {
47 const char *proto_name;
48 int proto_id; /* Cache this for registering hfs */
49 };
50
51 /* List which stores protocols and expert_info that have been registered */
52 typedef struct _gpa_expertinfo_t {
53 guint32 len;
54 guint32 allocated_len;
55 expert_field_info **ei;
56 } gpa_expertinfo_t;
57 static gpa_expertinfo_t gpa_expertinfo;
58
59 /* Hash table of abbreviations and IDs */
60 static GHashTable *gpa_name_map = NULL;
61
62 /* Deregistered expert infos */
63 static GPtrArray *deregistered_expertinfos = NULL;
64
65 const value_string expert_group_vals[] = {
66 { PI_CHECKSUM, "Checksum" },
67 { PI_SEQUENCE, "Sequence" },
68 { PI_RESPONSE_CODE, "Response" },
69 { PI_REQUEST_CODE, "Request" },
70 { PI_UNDECODED, "Undecoded" },
71 { PI_REASSEMBLE, "Reassemble" },
72 { PI_MALFORMED, "Malformed" },
73 { PI_DEBUG, "Debug" },
74 { PI_PROTOCOL, "Protocol" },
75 { PI_SECURITY, "Security" },
76 { PI_COMMENTS_GROUP, "Comment" },
77 { PI_DECRYPTION, "Decryption" },
78 { PI_ASSUMPTION, "Assumption" },
79 { PI_DEPRECATED, "Deprecated" },
80 { 0, NULL }
81 };
82
83 const value_string expert_severity_vals[] = {
84 { PI_ERROR, "Error" },
85 { PI_WARN, "Warning" },
86 { PI_NOTE, "Note" },
87 { PI_CHAT, "Chat" },
88 { PI_COMMENT, "Comment" },
89 { 1, "Ok" },
90 { 0, NULL }
91 };
92
93 /* Possible values for a checksum evaluation */
94 const value_string expert_checksum_vals[] = {
95 { EXPERT_CHECKSUM_DISABLED, "Disabled" },
96 { EXPERT_CHECKSUM_UNKNOWN, "Unknown" },
97 { EXPERT_CHECKSUM_GOOD, "Good" },
98 { EXPERT_CHECKSUM_BAD, "Bad" },
99 { 0, NULL }
100 };
101
102 static expert_field_info *expert_registrar_get_byname(const char *field_name);
103
104 /*----------------------------------------------------------------------------*/
105 /* UAT for customizing severity levels. */
106 /*----------------------------------------------------------------------------*/
107 typedef struct
108 {
109 char *field;
110 guint32 severity;
111 } expert_level_entry_t;
112
113 static expert_level_entry_t *uat_expert_entries = NULL;
114 static guint expert_level_entry_count = 0;
115 /* Array of field names currently in UAT */
116 static GArray *uat_saved_fields = NULL;
117
UAT_CSTRING_CB_DEF(uat_expert_entries,field,expert_level_entry_t)118 UAT_CSTRING_CB_DEF(uat_expert_entries, field, expert_level_entry_t)
119 UAT_VS_DEF(uat_expert_entries, severity, expert_level_entry_t, guint32, PI_ERROR, "Error")
120
121 static gboolean uat_expert_update_cb(void *r, char **err)
122 {
123 expert_level_entry_t *rec = (expert_level_entry_t *)r;
124
125 if (expert_registrar_get_byname(rec->field) == NULL) {
126 *err = g_strdup_printf("Expert Info field doesn't exist");
127 return FALSE;
128 }
129 return TRUE;
130 }
131
uat_expert_copy_cb(void * n,const void * o,size_t siz _U_)132 static void *uat_expert_copy_cb(void *n, const void *o, size_t siz _U_)
133 {
134 expert_level_entry_t *new_record = (expert_level_entry_t*)n;
135 const expert_level_entry_t *old_record = (const expert_level_entry_t *)o;
136
137 new_record->field = g_strdup(old_record->field);
138
139 new_record->severity = old_record->severity;
140
141 return new_record;
142 }
143
uat_expert_free_cb(void * r)144 static void uat_expert_free_cb(void*r)
145 {
146 expert_level_entry_t *rec = (expert_level_entry_t *)r;
147
148 g_free(rec->field);
149 }
150
uat_expert_post_update_cb(void)151 static void uat_expert_post_update_cb(void)
152 {
153 guint i;
154 expert_field_info *field;
155
156 /* Reset any of the previous list of expert info fields to their original severity */
157 for ( i = 0 ; i < uat_saved_fields->len; i++ ) {
158 field = g_array_index(uat_saved_fields, expert_field_info*, i);
159 if (field != NULL) {
160 field->severity = field->orig_severity;
161 }
162 }
163
164 g_array_set_size(uat_saved_fields, 0);
165
166 for (i = 0; i < expert_level_entry_count; i++)
167 {
168 field = expert_registrar_get_byname(uat_expert_entries[i].field);
169 if (field != NULL)
170 {
171 field->severity = uat_expert_entries[i].severity;
172 g_array_append_val(uat_saved_fields, field);
173 }
174 }
175 }
176
177 #define EXPERT_REGISTRAR_GET_NTH(eiindex, expinfo) \
178 if((guint)eiindex >= gpa_expertinfo.len && wireshark_abort_on_dissector_bug) \
179 ws_error("Unregistered expert info! index=%d", eiindex); \
180 DISSECTOR_ASSERT_HINT((guint)eiindex < gpa_expertinfo.len, "Unregistered expert info!"); \
181 DISSECTOR_ASSERT_HINT(gpa_expertinfo.ei[eiindex] != NULL, "Unregistered expert info!"); \
182 expinfo = gpa_expertinfo.ei[eiindex];
183
184 void
expert_packet_init(void)185 expert_packet_init(void)
186 {
187 module_t *module_expert;
188 uat_t *expert_uat;
189
190 static hf_register_info hf[] = {
191 { &hf_expert_msg,
192 { "Message", "_ws.expert.message", FT_STRING, BASE_NONE, NULL, 0, "Wireshark expert information", HFILL }
193 },
194 { &hf_expert_group,
195 { "Group", "_ws.expert.group", FT_UINT32, BASE_NONE, VALS(expert_group_vals), 0, "Wireshark expert group", HFILL }
196 },
197 { &hf_expert_severity,
198 { "Severity level", "_ws.expert.severity", FT_UINT32, BASE_NONE, VALS(expert_severity_vals), 0, "Wireshark expert severity level", HFILL }
199 }
200 };
201 static gint *ett[] = {
202 &ett_expert,
203 &ett_subexpert
204 };
205
206 /* UAT for overriding severity levels */
207 static uat_field_t custom_expert_fields[] = {
208 UAT_FLD_CSTRING(uat_expert_entries, field, "Field name", "Expert Info filter name"),
209 UAT_FLD_VS(uat_expert_entries, severity, "Severity", expert_severity_vals, "Custom severity level"),
210 UAT_END_FIELDS
211 };
212
213 if (expert_tap == -1) {
214 expert_tap = register_tap("expert");
215 }
216
217 if (proto_expert == -1) {
218 proto_expert = proto_register_protocol("Expert Info", "Expert", "_ws.expert");
219 proto_register_field_array(proto_expert, hf, array_length(hf));
220 proto_register_subtree_array(ett, array_length(ett));
221 proto_set_cant_toggle(proto_expert);
222
223 module_expert = prefs_register_protocol(proto_expert, NULL);
224
225 expert_uat = uat_new("Expert Info Severity Level Configuration",
226 sizeof(expert_level_entry_t),
227 "expert_severity",
228 TRUE,
229 (void **)&uat_expert_entries,
230 &expert_level_entry_count,
231 UAT_AFFECTS_DISSECTION,
232 NULL,
233 uat_expert_copy_cb,
234 uat_expert_update_cb,
235 uat_expert_free_cb,
236 uat_expert_post_update_cb,
237 NULL,
238 custom_expert_fields);
239
240 prefs_register_uat_preference(module_expert,
241 "expert_severity_levels",
242 "Severity Level Configuration",
243 "A table that overrides Expert Info field severity levels to user configured levels",
244 expert_uat);
245
246 }
247
248 highest_severity = 0;
249
250 proto_malformed = proto_get_id_by_filter_name("_ws.malformed");
251 }
252
253 void
expert_init(void)254 expert_init(void)
255 {
256 gpa_expertinfo.len = 0;
257 gpa_expertinfo.allocated_len = 0;
258 gpa_expertinfo.ei = NULL;
259 gpa_name_map = g_hash_table_new_full(g_str_hash, g_str_equal, NULL, NULL);
260 uat_saved_fields = g_array_new(FALSE, FALSE, sizeof(expert_field_info*));
261 deregistered_expertinfos = g_ptr_array_new();
262 }
263
264 void
expert_packet_cleanup(void)265 expert_packet_cleanup(void)
266 {
267 }
268
269 void
expert_cleanup(void)270 expert_cleanup(void)
271 {
272 if (gpa_expertinfo.allocated_len) {
273 gpa_expertinfo.len = 0;
274 gpa_expertinfo.allocated_len = 0;
275 g_free(gpa_expertinfo.ei);
276 gpa_expertinfo.ei = NULL;
277 }
278
279 /* Free the abbrev/ID GTree */
280 if (gpa_name_map) {
281 g_hash_table_destroy(gpa_name_map);
282 gpa_name_map = NULL;
283 }
284
285 /* Free the UAT saved fields */
286 if (uat_saved_fields) {
287 g_array_free(uat_saved_fields, TRUE);
288 uat_saved_fields = NULL;
289 }
290
291 if (deregistered_expertinfos) {
292 g_ptr_array_free(deregistered_expertinfos, TRUE);
293 deregistered_expertinfos = NULL;
294 }
295 }
296
297
298 int
expert_get_highest_severity(void)299 expert_get_highest_severity(void)
300 {
301 return highest_severity;
302 }
303
304 void
expert_update_comment_count(guint64 count)305 expert_update_comment_count(guint64 count)
306 {
307 if (count==0 && highest_severity==PI_COMMENT)
308 highest_severity = 0;
309 }
310
expert_register_protocol(int id)311 expert_module_t *expert_register_protocol(int id)
312 {
313 expert_module_t *module;
314 protocol_t *protocol;
315
316 protocol = find_protocol_by_id(id);
317
318 module = wmem_new(wmem_epan_scope(), expert_module_t);
319 module->proto_id = id;
320 module->proto_name = proto_get_protocol_short_name(protocol);
321
322 return module;
323 }
324
325 void
expert_deregister_expertinfo(const char * abbrev)326 expert_deregister_expertinfo (const char *abbrev)
327 {
328 expert_field_info *expinfo = (expert_field_info*)g_hash_table_lookup(gpa_name_map, abbrev);
329 if (expinfo) {
330 g_ptr_array_add(deregistered_expertinfos, gpa_expertinfo.ei[expinfo->id]);
331 g_hash_table_steal(gpa_name_map, abbrev);
332 }
333 }
334
335 void
expert_deregister_protocol(expert_module_t * module)336 expert_deregister_protocol (expert_module_t *module)
337 {
338 wmem_free(wmem_epan_scope(), module);
339 }
340
341 static void
free_deregistered_expertinfo(gpointer data,gpointer user_data _U_)342 free_deregistered_expertinfo (gpointer data, gpointer user_data _U_)
343 {
344 expert_field_info *expinfo = (expert_field_info *) data;
345 gpa_expertinfo.ei[expinfo->id] = NULL; /* Invalidate this id */
346 }
347
348 void
expert_free_deregistered_expertinfos(void)349 expert_free_deregistered_expertinfos (void)
350 {
351 g_ptr_array_foreach(deregistered_expertinfos, free_deregistered_expertinfo, NULL);
352 g_ptr_array_free(deregistered_expertinfos, TRUE);
353 deregistered_expertinfos = g_ptr_array_new();
354 }
355
356 static int
expert_register_field_init(expert_field_info * expinfo,expert_module_t * module)357 expert_register_field_init(expert_field_info *expinfo, expert_module_t *module)
358 {
359 /* Check for valid group and severity vals */
360 switch (expinfo->group) {
361 case PI_CHECKSUM:
362 case PI_SEQUENCE:
363 case PI_RESPONSE_CODE:
364 case PI_REQUEST_CODE:
365 case PI_UNDECODED:
366 case PI_REASSEMBLE:
367 case PI_MALFORMED:
368 case PI_DEBUG:
369 case PI_PROTOCOL:
370 case PI_SECURITY:
371 case PI_COMMENTS_GROUP:
372 case PI_DECRYPTION:
373 case PI_ASSUMPTION:
374 case PI_DEPRECATED:
375 break;
376 default:
377 REPORT_DISSECTOR_BUG("Expert info for %s has invalid group=0x%08x\n", expinfo->name, expinfo->group);
378 }
379 switch (expinfo->severity) {
380 case PI_COMMENT:
381 case PI_CHAT:
382 case PI_NOTE:
383 case PI_WARN:
384 case PI_ERROR:
385 break;
386 default:
387 REPORT_DISSECTOR_BUG("Expert info for %s has invalid severity=0x%08x\n", expinfo->name, expinfo->severity);
388 }
389
390 expinfo->protocol = module->proto_name;
391
392 /* if we always add and never delete, then id == len - 1 is correct */
393 if (gpa_expertinfo.len >= gpa_expertinfo.allocated_len) {
394 if (!gpa_expertinfo.ei) {
395 gpa_expertinfo.allocated_len = PRE_ALLOC_EXPERT_FIELDS_MEM;
396 gpa_expertinfo.ei = (expert_field_info **)g_malloc(sizeof(expert_field_info *)*PRE_ALLOC_EXPERT_FIELDS_MEM);
397 } else {
398 gpa_expertinfo.allocated_len += 1000;
399 gpa_expertinfo.ei = (expert_field_info **)g_realloc(gpa_expertinfo.ei,
400 sizeof(expert_field_info *)*gpa_expertinfo.allocated_len);
401 }
402 }
403 gpa_expertinfo.ei[gpa_expertinfo.len] = expinfo;
404 gpa_expertinfo.len++;
405 expinfo->id = gpa_expertinfo.len - 1;
406 /* Save the original severity so it can be restored by the UAT */
407 expinfo->orig_severity = expinfo->severity;
408
409 /* save field name for lookup */
410 g_hash_table_insert(gpa_name_map, (gpointer) (expinfo->name), expinfo);
411
412 return expinfo->id;
413 }
414
415
416 /* for use with static arrays only, since we don't allocate our own copies
417 of the expert_field_info struct contained within the exp_register_info struct */
418 void
expert_register_field_array(expert_module_t * module,ei_register_info * exp,const int num_records)419 expert_register_field_array(expert_module_t *module, ei_register_info *exp, const int num_records)
420 {
421 int i;
422 ei_register_info *ptr = exp;
423
424 for (i = 0; i < num_records; i++, ptr++) {
425 /*
426 * Make sure we haven't registered this yet.
427 * Most fields have variables associated with them
428 * that are initialized to -1; some have array elements,
429 * or possibly uninitialized variables, so we also allow
430 * 0 (which is unlikely to be the field ID we get back
431 * from "expert_register_field_init()").
432 */
433 if (ptr->ids->ei != -1 && ptr->ids->ei != 0) {
434 fprintf(stderr,
435 "Duplicate field detected in call to expert_register_field_array: '%s' is already registered, name=%s\n",
436 ptr->eiinfo.summary, ptr->eiinfo.name);
437 return;
438 }
439
440 /* Register the field with the experts */
441 ptr->ids->ei = expert_register_field_init(&ptr->eiinfo, module);
442
443 /* Register with the header field info, so it's display filterable */
444 ptr->eiinfo.hf_info.p_id = &ptr->ids->hf;
445 ptr->eiinfo.hf_info.hfinfo.name = ptr->eiinfo.summary;
446 ptr->eiinfo.hf_info.hfinfo.abbrev = ptr->eiinfo.name;
447
448 proto_register_field_array(module->proto_id, &ptr->eiinfo.hf_info, 1);
449 }
450 }
451
452 /* Finds a record in the expert array by name.
453 * For the moment, this function is only used "internally"
454 * but may find a reason to be exported
455 */
456 static expert_field_info *
expert_registrar_get_byname(const char * field_name)457 expert_registrar_get_byname(const char *field_name)
458 {
459 expert_field_info *hfinfo;
460
461 if (!field_name)
462 return NULL;
463
464 hfinfo = (expert_field_info*)g_hash_table_lookup(gpa_name_map, field_name);
465
466 return hfinfo;
467 }
468
469 /**
470 * Get summary text of an expert_info field.
471 * This is intended for use in expert_add_info_format or proto_tree_add_expert_format
472 * to get the "base" string to then append additional information
473 */
expert_get_summary(expert_field * eiindex)474 const gchar* expert_get_summary(expert_field *eiindex)
475 {
476 expert_field_info *eiinfo;
477
478 /* Look up the item */
479 EXPERT_REGISTRAR_GET_NTH(eiindex->ei, eiinfo);
480
481 return eiinfo->summary;
482 }
483
484 /** clear flags according to the mask and set new flag values */
485 #define FI_REPLACE_FLAGS(fi, mask, flags_in) { \
486 (fi->flags = (fi)->flags & ~(mask)); \
487 (fi->flags = (fi)->flags | (flags_in)); \
488 }
489
490 /* set's the PI_ flags to a protocol item
491 * (and its parent items till the toplevel) */
492 static void
expert_set_item_flags(proto_item * pi,const int group,const guint severity)493 expert_set_item_flags(proto_item *pi, const int group, const guint severity)
494 {
495 if (pi != NULL && PITEM_FINFO(pi) != NULL && (severity >= FI_GET_FLAG(PITEM_FINFO(pi), PI_SEVERITY_MASK))) {
496 FI_REPLACE_FLAGS(PITEM_FINFO(pi), PI_GROUP_MASK, group);
497 FI_REPLACE_FLAGS(PITEM_FINFO(pi), PI_SEVERITY_MASK, severity);
498
499 /* propagate till toplevel item */
500 pi = proto_item_get_parent(pi);
501 expert_set_item_flags(pi, group, severity);
502 }
503 }
504
505 static proto_tree*
expert_create_tree(proto_item * pi,int group,int severity,const char * msg)506 expert_create_tree(proto_item *pi, int group, int severity, const char *msg)
507 {
508 proto_tree *tree;
509 proto_item *ti;
510
511 tree = proto_item_add_subtree(pi, ett_expert);
512 ti = proto_tree_add_protocol_format(tree, proto_expert, NULL, 0, 0, "Expert Info (%s/%s): %s",
513 val_to_str(severity, expert_severity_vals, "Unknown (%u)"),
514 val_to_str(group, expert_group_vals, "Unknown (%u)"),
515 msg);
516 proto_item_set_generated(ti);
517
518 if (group == PI_MALFORMED) {
519 /* Add hidden malformed protocol filter */
520 proto_item *malformed_ti = proto_tree_add_item(tree, proto_malformed, NULL, 0, 0, ENC_NA);
521 proto_item_set_hidden(malformed_ti);
522 }
523
524 return proto_item_add_subtree(ti, ett_subexpert);
525 }
526
527 static void
expert_set_info_vformat(packet_info * pinfo,proto_item * pi,int group,int severity,int hf_index,gboolean use_vaformat,const char * format,va_list ap)528 expert_set_info_vformat(packet_info *pinfo, proto_item *pi, int group, int severity, int hf_index, gboolean use_vaformat,
529 const char *format, va_list ap)
530 {
531 char formatted[ITEM_LABEL_LENGTH];
532 int tap;
533 expert_info_t *ei;
534 proto_tree *tree;
535 proto_item *ti;
536
537 if (pinfo == NULL && pi && pi->tree_data) {
538 pinfo = PTREE_DATA(pi)->pinfo;
539 }
540
541 /* if this packet isn't loaded because of a read filter, don't output anything */
542 if (pinfo == NULL || pinfo->num == 0) {
543 return;
544 }
545
546 if (severity > highest_severity) {
547 highest_severity = severity;
548 }
549
550 /* XXX: can we get rid of these checks and make them programming errors instead now? */
551 if (pi != NULL && PITEM_FINFO(pi) != NULL) {
552 expert_set_item_flags(pi, group, severity);
553 }
554
555 if ((pi == NULL) || (PITEM_FINFO(pi) == NULL) ||
556 ((guint)severity >= FI_GET_FLAG(PITEM_FINFO(pi), PI_SEVERITY_MASK))) {
557 col_add_str(pinfo->cinfo, COL_EXPERT, val_to_str(severity, expert_severity_vals, "Unknown (%u)"));
558 }
559
560 if (use_vaformat) {
561 vsnprintf(formatted, ITEM_LABEL_LENGTH, format, ap);
562 } else {
563 (void) g_strlcpy(formatted, format, ITEM_LABEL_LENGTH);
564 }
565
566 tree = expert_create_tree(pi, group, severity, formatted);
567
568 if (hf_index == -1) {
569 /* If no filterable expert info, just add the message */
570 ti = proto_tree_add_string(tree, hf_expert_msg, NULL, 0, 0, formatted);
571 proto_item_set_generated(ti);
572 } else {
573 /* If filterable expert info, hide the "generic" form of the message,
574 and generate the formatted filterable expert info */
575 ti = proto_tree_add_none_format(tree, hf_index, NULL, 0, 0, "%s", formatted);
576 proto_item_set_generated(ti);
577 ti = proto_tree_add_string(tree, hf_expert_msg, NULL, 0, 0, formatted);
578 proto_item_set_hidden(ti);
579 }
580
581 ti = proto_tree_add_uint_format_value(tree, hf_expert_severity, NULL, 0, 0, severity,
582 "%s", val_to_str_const(severity, expert_severity_vals, "Unknown"));
583 proto_item_set_generated(ti);
584 ti = proto_tree_add_uint_format_value(tree, hf_expert_group, NULL, 0, 0, group,
585 "%s", val_to_str_const(group, expert_group_vals, "Unknown"));
586 proto_item_set_generated(ti);
587
588 tap = have_tap_listener(expert_tap);
589
590 if (!tap)
591 return;
592
593 ei = wmem_new(pinfo->pool, expert_info_t);
594
595 ei->packet_num = pinfo->num;
596 ei->group = group;
597 ei->severity = severity;
598 ei->hf_index = hf_index;
599 ei->protocol = pinfo->current_proto;
600 ei->summary = wmem_strdup(pinfo->pool, formatted);
601
602 /* if we have a proto_item (not a faked item), set expert attributes to it */
603 if (pi != NULL && PITEM_FINFO(pi) != NULL) {
604 ei->pitem = pi;
605 }
606 /* XXX: remove this because we don't have an internal-only function now? */
607 else {
608 ei->pitem = NULL;
609 }
610
611 tap_queue_packet(expert_tap, pinfo, ei);
612 }
613
614 /* Helper function for expert_add_info() to work around compiler's special needs on ARM */
615 static inline void
expert_add_info_internal(packet_info * pinfo,proto_item * pi,expert_field * expindex,...)616 expert_add_info_internal(packet_info *pinfo, proto_item *pi, expert_field *expindex, ...)
617 {
618 /* the va_list is ignored */
619 va_list unused;
620 expert_field_info *eiinfo;
621
622 /* Look up the item */
623 EXPERT_REGISTRAR_GET_NTH(expindex->ei, eiinfo);
624
625 va_start(unused, expindex);
626 expert_set_info_vformat(pinfo, pi, eiinfo->group, eiinfo->severity, *eiinfo->hf_info.p_id, FALSE, eiinfo->summary, unused);
627 va_end(unused);
628 }
629
630 void
expert_add_info(packet_info * pinfo,proto_item * pi,expert_field * expindex)631 expert_add_info(packet_info *pinfo, proto_item *pi, expert_field *expindex)
632 {
633 expert_add_info_internal(pinfo, pi, expindex);
634 }
635
636 void
expert_add_info_format(packet_info * pinfo,proto_item * pi,expert_field * expindex,const char * format,...)637 expert_add_info_format(packet_info *pinfo, proto_item *pi, expert_field *expindex, const char *format, ...)
638 {
639 va_list ap;
640 expert_field_info *eiinfo;
641
642 /* Look up the item */
643 EXPERT_REGISTRAR_GET_NTH(expindex->ei, eiinfo);
644
645 va_start(ap, format);
646 expert_set_info_vformat(pinfo, pi, eiinfo->group, eiinfo->severity, *eiinfo->hf_info.p_id, TRUE, format, ap);
647 va_end(ap);
648 }
649
650 /* Helper function for expert_add_expert() to work around compiler's special needs on ARM */
651 static inline proto_item *
proto_tree_add_expert_internal(proto_tree * tree,packet_info * pinfo,expert_field * expindex,tvbuff_t * tvb,gint start,gint length,...)652 proto_tree_add_expert_internal(proto_tree *tree, packet_info *pinfo, expert_field *expindex,
653 tvbuff_t *tvb, gint start, gint length, ...)
654 {
655 expert_field_info *eiinfo;
656 proto_item *ti;
657 gint item_length, captured_length;
658 va_list unused;
659
660 /* Look up the item */
661 EXPERT_REGISTRAR_GET_NTH(expindex->ei, eiinfo);
662
663 /* Make sure this doesn't throw an exception when adding the item */
664 item_length = length;
665 captured_length = tvb_captured_length_remaining(tvb, start);
666 if (captured_length < 0)
667 item_length = 0;
668 else if (captured_length < item_length)
669 item_length = captured_length;
670 ti = proto_tree_add_text_internal(tree, tvb, start, item_length, "%s", eiinfo->summary);
671 va_start(unused, length);
672 expert_set_info_vformat(pinfo, ti, eiinfo->group, eiinfo->severity, *eiinfo->hf_info.p_id, FALSE, eiinfo->summary, unused);
673 va_end(unused);
674
675 /* But make sure it throws an exception *after* adding the item */
676 if (length != -1) {
677 tvb_ensure_bytes_exist(tvb, start, length);
678 }
679 return ti;
680 }
681
682 proto_item *
proto_tree_add_expert(proto_tree * tree,packet_info * pinfo,expert_field * expindex,tvbuff_t * tvb,gint start,gint length)683 proto_tree_add_expert(proto_tree *tree, packet_info *pinfo, expert_field *expindex,
684 tvbuff_t *tvb, gint start, gint length)
685 {
686 return proto_tree_add_expert_internal(tree, pinfo, expindex, tvb, start, length);
687 }
688
689 proto_item *
proto_tree_add_expert_format(proto_tree * tree,packet_info * pinfo,expert_field * expindex,tvbuff_t * tvb,gint start,gint length,const char * format,...)690 proto_tree_add_expert_format(proto_tree *tree, packet_info *pinfo, expert_field *expindex,
691 tvbuff_t *tvb, gint start, gint length, const char *format, ...)
692 {
693 va_list ap;
694 expert_field_info *eiinfo;
695 gint item_length, captured_length;
696 proto_item *ti;
697
698 /* Look up the item */
699 EXPERT_REGISTRAR_GET_NTH(expindex->ei, eiinfo);
700
701 /* Make sure this doesn't throw an exception when adding the item */
702 item_length = length;
703 captured_length = tvb_captured_length_remaining(tvb, start);
704 if (captured_length < 0)
705 item_length = 0;
706 else if (captured_length < item_length)
707 item_length = captured_length;
708 va_start(ap, format);
709 ti = proto_tree_add_text_valist_internal(tree, tvb, start, item_length, format, ap);
710 va_end(ap);
711
712 va_start(ap, format);
713 expert_set_info_vformat(pinfo, ti, eiinfo->group, eiinfo->severity, *eiinfo->hf_info.p_id, TRUE, format, ap);
714 va_end(ap);
715
716 /* But make sure it throws an exception *after* adding the item */
717 if (length != -1) {
718 tvb_ensure_bytes_exist(tvb, start, length);
719 }
720 return ti;
721 }
722
723 /*
724 * Editor modelines - https://www.wireshark.org/tools/modelines.html
725 *
726 * Local variables:
727 * c-basic-offset: 8
728 * tab-width: 8
729 * indent-tabs-mode: t
730 * End:
731 *
732 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
733 * :indentSize=8:tabSize=8:noTabs=false:
734 */
735