1 /* packet_list_record.cpp
2 *
3 * Wireshark - Network traffic analyzer
4 * By Gerald Combs <gerald@wireshark.org>
5 * Copyright 1998 Gerald Combs
6 *
7 * SPDX-License-Identifier: GPL-2.0-or-later
8 */
9
10 #include "packet_list_record.h"
11
12 #include <file.h>
13
14 #include <epan/epan_dissect.h>
15 #include <epan/column-info.h>
16 #include <epan/column.h>
17 #include <epan/conversation.h>
18 #include <epan/wmem_scopes.h>
19
20 #include <epan/color_filters.h>
21
22 #include "frame_tvbuff.h"
23
24 #include <ui/qt/utils/qt_ui_utils.h>
25
26 #include <QStringList>
27
28 QMap<int, int> PacketListRecord::cinfo_column_;
29 unsigned PacketListRecord::col_data_ver_ = 1;
30 unsigned PacketListRecord::rows_color_ver_ = 1;
31
PacketListRecord(frame_data * frameData)32 PacketListRecord::PacketListRecord(frame_data *frameData) :
33 fdata_(frameData),
34 lines_(1),
35 line_count_changed_(false),
36 data_ver_(0),
37 color_ver_(0),
38 colorized_(false),
39 conv_index_(0),
40 read_failed_(false)
41 {
42 }
43
~PacketListRecord()44 PacketListRecord::~PacketListRecord()
45 {
46 col_text_.clear();
47 }
48
ensureColorized(capture_file * cap_file)49 void PacketListRecord::ensureColorized(capture_file *cap_file)
50 {
51 // packet_list_store.c:packet_list_get_value
52 Q_ASSERT(fdata_);
53
54 if (!cap_file) {
55 return;
56 }
57
58 //
59 // XXX - do we need to check whether the data versions match?
60 // If the record's color is already correct, we shouldn't need
61 // to redissect it to colorize it.
62 //
63 bool dissect_color = !colorized_ || ( color_ver_ != rows_color_ver_ );
64 if (data_ver_ != col_data_ver_ || dissect_color) {
65 dissect(cap_file, dissect_color);
66 }
67 }
68
69 // We might want to return a const char * instead. This would keep us from
70 // creating excessive QByteArrays, e.g. in PacketListModel::recordLessThan.
columnString(capture_file * cap_file,int column,bool colorized)71 const QString PacketListRecord::columnString(capture_file *cap_file, int column, bool colorized)
72 {
73 // packet_list_store.c:packet_list_get_value
74 Q_ASSERT(fdata_);
75
76 if (!cap_file || column < 0 || column >= cap_file->cinfo.num_cols) {
77 return QString();
78 }
79
80 //
81 // XXX - do we still need to check the colorization, given that we now
82 // have the ensureColorized() method to ensure that the record is
83 // properly colorized?
84 //
85 bool dissect_color = ( colorized && !colorized_ ) || ( color_ver_ != rows_color_ver_ );
86 if (column >= col_text_.count() || col_text_.at(column).isNull() || data_ver_ != col_data_ver_ || dissect_color) {
87 dissect(cap_file, dissect_color);
88 }
89
90 return col_text_.at(column);
91 }
92
resetColumns(column_info * cinfo)93 void PacketListRecord::resetColumns(column_info *cinfo)
94 {
95 invalidateAllRecords();
96
97 if (!cinfo) {
98 return;
99 }
100
101 cinfo_column_.clear();
102 int i, j;
103 for (i = 0, j = 0; i < cinfo->num_cols; i++) {
104 if (!col_based_on_frame_data(cinfo, i)) {
105 cinfo_column_[i] = j;
106 j++;
107 }
108 }
109 }
110
dissect(capture_file * cap_file,bool dissect_color)111 void PacketListRecord::dissect(capture_file *cap_file, bool dissect_color)
112 {
113 // packet_list_store.c:packet_list_dissect_and_cache_record
114 epan_dissect_t edt;
115 column_info *cinfo = NULL;
116 gboolean create_proto_tree;
117 wtap_rec rec; /* Record metadata */
118 Buffer buf; /* Record data */
119
120 gboolean dissect_columns = col_text_.isEmpty() || data_ver_ != col_data_ver_;
121
122 if (!cap_file) {
123 return;
124 }
125
126 if (dissect_columns) {
127 cinfo = &cap_file->cinfo;
128 }
129
130 wtap_rec_init(&rec);
131 ws_buffer_init(&buf, 1514);
132 if (read_failed_) {
133 read_failed_ = !cf_read_record_no_alert(cap_file, fdata_, &rec, &buf);
134 } else {
135 read_failed_ = !cf_read_record(cap_file, fdata_, &rec, &buf);
136 }
137
138 if (read_failed_) {
139 /*
140 * Error reading the record.
141 *
142 * Don't set the color filter for now (we might want
143 * to colorize it in some fashion to warn that the
144 * row couldn't be filled in or colorized), and
145 * set the columns to placeholder values, except
146 * for the Info column, where we'll put in an
147 * error message.
148 */
149 if (dissect_columns) {
150 col_fill_in_error(cinfo, fdata_, FALSE, FALSE /* fill_fd_columns */);
151
152 cacheColumnStrings(cinfo);
153 }
154 if (dissect_color) {
155 fdata_->color_filter = NULL;
156 colorized_ = true;
157 }
158 ws_buffer_free(&buf);
159 wtap_rec_cleanup(&rec);
160 return; /* error reading the record */
161 }
162
163 /*
164 * Determine whether we need to create a protocol tree.
165 * We do if:
166 *
167 * we're going to apply a color filter to this packet;
168 *
169 * we're need to fill in the columns and we have custom columns
170 * (which require field values, which currently requires that
171 * we build a protocol tree).
172 *
173 * XXX - field extractors? (Not done for GTK+....)
174 */
175 create_proto_tree = ((dissect_color && color_filters_used()) ||
176 (dissect_columns && (have_custom_cols(cinfo) ||
177 have_field_extractors())));
178
179 epan_dissect_init(&edt, cap_file->epan,
180 create_proto_tree,
181 FALSE /* proto_tree_visible */);
182
183 /* Re-color when the coloring rules are changed via the UI. */
184 if (dissect_color) {
185 color_filters_prime_edt(&edt);
186 fdata_->need_colorize = 1;
187 }
188 if (dissect_columns)
189 col_custom_prime_edt(&edt, cinfo);
190
191 /*
192 * XXX - need to catch an OutOfMemoryError exception and
193 * attempt to recover from it.
194 */
195 epan_dissect_run(&edt, cap_file->cd_t, &rec,
196 frame_tvbuff_new_buffer(&cap_file->provider, fdata_, &buf),
197 fdata_, cinfo);
198
199 if (dissect_columns) {
200 /* "Stringify" non frame_data vals */
201 epan_dissect_fill_in_columns(&edt, FALSE, FALSE /* fill_fd_columns */);
202 cacheColumnStrings(cinfo);
203 }
204
205 if (dissect_color) {
206 colorized_ = true;
207 color_ver_ = rows_color_ver_;
208 }
209 data_ver_ = col_data_ver_;
210
211 struct conversation * conv = find_conversation_pinfo(&edt.pi, 0);
212 conv_index_ = ! conv ? 0 : conv->conv_index;
213
214 epan_dissect_cleanup(&edt);
215 ws_buffer_free(&buf);
216 wtap_rec_cleanup(&rec);
217 }
218
219 //#define MINIMIZE_STRING_COPYING 1
cacheColumnStrings(column_info * cinfo)220 void PacketListRecord::cacheColumnStrings(column_info *cinfo)
221 {
222 // packet_list_store.c:packet_list_change_record(PacketList *packet_list, PacketListRecord *record, gint col, column_info *cinfo)
223 if (!cinfo) {
224 return;
225 }
226
227 col_text_.clear();
228 lines_ = 1;
229 line_count_changed_ = false;
230
231 for (int column = 0; column < cinfo->num_cols; ++column) {
232 int col_lines = 1;
233
234 #ifdef MINIMIZE_STRING_COPYING
235 int text_col = cinfo_column_.value(column, -1);
236
237 /* Column based on frame_data or it already contains a value */
238 if (text_col < 0) {
239 col_fill_in_frame_data(fdata_, cinfo, column, FALSE);
240 col_text_ << QString(cinfo->columns[column].col_data);
241 continue;
242 }
243
244 switch (cinfo->col_fmt[column]) {
245 case COL_PROTOCOL:
246 case COL_INFO:
247 case COL_IF_DIR:
248 case COL_DCE_CALL:
249 case COL_8021Q_VLAN_ID:
250 case COL_EXPERT:
251 case COL_FREQ_CHAN:
252 if (cinfo->columns[column].col_data && cinfo->columns[column].col_data != cinfo->columns[column].col_buf) {
253 /* This is a constant string, so we don't have to copy it */
254 // XXX - ui/gtk/packet_list_store.c uses G_MAXUSHORT. We don't do proper UTF8
255 // truncation in either case.
256 int col_text_len = MIN(qstrlen(cinfo->col_data[column]) + 1, COL_MAX_INFO_LEN);
257 col_text_ << QString(QByteArray::fromRawData(cinfo->columns[column].col_data, col_text_len));
258 break;
259 }
260 /* !! FALL-THROUGH!! */
261
262 case COL_DEF_SRC:
263 case COL_RES_SRC: /* COL_DEF_SRC is currently just like COL_RES_SRC */
264 case COL_UNRES_SRC:
265 case COL_DEF_DL_SRC:
266 case COL_RES_DL_SRC:
267 case COL_UNRES_DL_SRC:
268 case COL_DEF_NET_SRC:
269 case COL_RES_NET_SRC:
270 case COL_UNRES_NET_SRC:
271 case COL_DEF_DST:
272 case COL_RES_DST: /* COL_DEF_DST is currently just like COL_RES_DST */
273 case COL_UNRES_DST:
274 case COL_DEF_DL_DST:
275 case COL_RES_DL_DST:
276 case COL_UNRES_DL_DST:
277 case COL_DEF_NET_DST:
278 case COL_RES_NET_DST:
279 case COL_UNRES_NET_DST:
280 default:
281 if (!get_column_resolved(column) && cinfo->col_expr.col_expr_val[column]) {
282 /* Use the unresolved value in col_expr_val */
283 // XXX Use QContiguousCache?
284 col_text_ << QString(cinfo->col_expr.col_expr_val[column]);
285 } else {
286 col_text_ << QString(cinfo->columns[column].col_data);
287 }
288 break;
289 }
290 #else // MINIMIZE_STRING_COPYING
291 QString col_str;
292 if (!get_column_resolved(column) && cinfo->col_expr.col_expr_val[column]) {
293 /* Use the unresolved value in col_expr_val */
294 col_str = QString(cinfo->col_expr.col_expr_val[column]);
295 } else {
296 int text_col = cinfo_column_.value(column, -1);
297
298 if (text_col < 0) {
299 col_fill_in_frame_data(fdata_, cinfo, column, FALSE);
300 }
301 col_str = QString(cinfo->columns[column].col_data);
302 }
303
304 col_text_ << col_str;
305 col_lines = col_str.count('\n');
306 if (col_lines > lines_) {
307 lines_ = col_lines;
308 line_count_changed_ = true;
309 }
310 #endif // MINIMIZE_STRING_COPYING
311 }
312 }
313