(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-tcp.c) |
| |
| 2972 | | | dissect_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) |
| 2973 | | | { |
| 2974 | | | guint8 th_off_x2; |
| 2975 | | | guint16 th_sum; |
| 2976 | | | guint16 th_urp; |
| 2977 | | | proto_tree *tcp_tree = NULL, *field_tree = NULL; |
| 2978 | | | proto_item *ti = NULL, *tf, *hidden_item; |
| 2979 | | | int offset = 0; |
| 2980 | | | emem_strbuf_t *flags_strbuf = ep_strbuf_new_label("<None>"); |
| 2981 | | | const gchar *fstr[] = {"FIN", "SYN", "RST", "PSH", "ACK", "URG", "ECN", "CWR"}; |
| 2982 | | | gint i; |
| 2983 | | | guint bpos; |
| 2984 | | | guint optlen; |
| 2985 | | | guint32 nxtseq = 0; |
| 2986 | | | guint reported_len; |
| 2987 | | | vec_t cksum_vec[4]; |
| 2988 | | | guint32 phdr[2]; |
| 2989 | | | guint16 computed_cksum; |
| 2990 | | | guint16 real_window; |
| 2991 | | | guint length_remaining; |
| 2992 | | | gboolean desegment_ok; |
| 2993 | | | struct tcpinfo tcpinfo; |
| 2994 | | | struct *tcph; |
| 2995 | | | proto_item *tf_syn = NULL, *tf_fin = NULL, *tf_rst = NULL; |
| 2996 | | | conversation_t *conv=NULL; |
| 2997 | | | struct tcp_analysis *tcpd=NULL; |
| 2998 | | | struct tcp_per_packet_data_t *tcppd=NULL; |
| 2999 | | | proto_item *item; |
| 3000 | | | proto_tree *checksum_tree; |
| 3001 | | | nstime_t ts; |
| 3002 | | | |
| 3003 | | | |
| 3004 | | | tcph=ep_alloc(sizeof(struct )); |
| 3005 | | | SET_ADDRESS(&tcph->ip_src, pinfo->src.type, pinfo->src.len, pinfo->src.data);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/address.h |
| |
66 | #define SET_ADDRESS(addr, addr_type, addr_len, addr_data) { \ |
67 | (addr)->type = (addr_type); \ |
68 | (addr)->len = (addr_len); \ |
69 | (addr)->data = (addr_data); \ |
70 | } |
| |
|
| 3006 | | | SET_ADDRESS(&tcph->ip_dst, pinfo->dst.type, pinfo->dst.len, pinfo->dst.data);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/address.h |
| |
66 | #define SET_ADDRESS(addr, addr_type, addr_len, addr_data) { \ |
67 | (addr)->type = (addr_type); \ |
68 | (addr)->len = (addr_len); \ |
69 | (addr)->data = (addr_data); \ |
70 | } |
| |
|
| 3007 | | | |
| 3008 | | | if (check_col(pinfo->cinfo, COL_PROTOCOL)) |
| 3009 | | | col_set_str(pinfo->cinfo, COL_PROTOCOL, "TCP"); |
| 3010 | | | |
| 3011 | | | |
| 3012 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 3013 | | | col_clear(pinfo->cinfo, COL_INFO); |
| 3014 | | | |
| 3015 | | | tcph->th_sport = tvb_get_ntohs(tvb, offset); |
| 3016 | | | tcph->th_dport = tvb_get_ntohs(tvb, offset + 2); |
| 3017 | | | if (check_col(pinfo->cinfo, COL_INFO)) { |
| 3018 | | | col_append_fstr(pinfo->cinfo, COL_INFO, "%s > %s", |
| 3019 | | | get_tcp_port(tcph->th_sport), get_tcp_port(tcph->th_dport)); |
| 3020 | | | } |
| 3021 | | | if (tree) { |
| 3022 | | | if (tcp_summary_in_tree) { |
| 3023 | | | ti = proto_tree_add_protocol_format(tree, proto_tcp, tvb, 0, -1, |
| 3024 | | | "Transmission Control Protocol, Src Port: %s (%u), Dst Port: %s (%u)", |
| 3025 | | | get_tcp_port(tcph->th_sport), tcph->th_sport, |
| 3026 | | | get_tcp_port(tcph->th_dport), tcph->th_dport); |
| 3027 | | | } |
| 3028 | | | else { |
| 3029 | | | ti = proto_tree_add_item(tree, proto_tcp, tvb, 0, -1, FALSE); |
| 3030 | | | } |
| 3031 | | | tcp_tree = proto_item_add_subtree(ti, ett_tcp); |
| 3032 | | | pinfo->tcp_tree=tcp_tree; |
| 3033 | | | |
| 3034 | | | proto_tree_add_uint_format(tcp_tree, hf_tcp_srcport, tvb, offset, 2, tcph->th_sport, |
| 3035 | | | "Source port: %s (%u)", get_tcp_port(tcph->th_sport), tcph->th_sport); |
| 3036 | | | proto_tree_add_uint_format(tcp_tree, hf_tcp_dstport, tvb, offset + 2, 2, tcph->th_dport, |
| 3037 | | | "Destination port: %s (%u)", get_tcp_port(tcph->th_dport), tcph->th_dport); |
| 3038 | | | hidden_item = proto_tree_add_uint(tcp_tree, hf_tcp_port, tvb, offset, 2, tcph->th_sport); |
| 3039 | | | PROTO_ITEM_SET_HIDDEN(hidden_item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
319 | #define PROTO_ITEM_SET_HIDDEN(proto_item) \ |
320 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_HIDDEN) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3040 | | | hidden_item = proto_tree_add_uint(tcp_tree, hf_tcp_port, tvb, offset + 2, 2, tcph->th_dport); |
| 3041 | | | PROTO_ITEM_SET_HIDDEN(hidden_item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
319 | #define PROTO_ITEM_SET_HIDDEN(proto_item) \ |
320 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_HIDDEN) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3042 | | | |
| 3043 | | | |
| 3044 | | | |
| 3045 | | | |
| 3046 | | | |
| 3047 | | | |
| 3048 | | | |
| 3049 | | | |
| 3050 | | | |
| 3051 | | | if (pinfo->layer_names != NULL && pinfo->layer_names->str != NULL) { |
| 3052 | | | |
| 3053 | | | |
| 3054 | | | |
| 3055 | | | if (strstr(pinfo->layer_names->str, "icmp:ip") != NULL) |
| 3056 | | | proto_tree_add_item(tcp_tree, hf_tcp_seq, tvb, offset + 4, 4, FALSE); |
| 3057 | | | } |
| 3058 | | | } |
| 3059 | | | |
| 3060 | | | |
| 3061 | | | |
| 3062 | | | |
| 3063 | | | pinfo->ptype = PT_TCP; |
| 3064 | | | pinfo->srcport = tcph->th_sport; |
| 3065 | | | pinfo->destport = tcph->th_dport; |
| 3066 | | | |
| 3067 | | | tcph->th_seq = tvb_get_ntohl(tvb, offset + 4); |
| 3068 | | | tcph->th_ack = tvb_get_ntohl(tvb, offset + 8); |
| 3069 | | | th_off_x2 = tvb_get_guint8(tvb, offset + 12); |
| 3070 | | | tcph->th_flags = tvb_get_guint8(tvb, offset + 13); |
| 3071 | | | tcph->th_win = tvb_get_ntohs(tvb, offset + 14); |
| 3072 | | | real_window = tcph->th_win; |
| 3073 | | | tcph->th_hlen = hi_nibble(th_off_x2) * 4; |
| 3074 | | | |
| 3075 | | | |
| 3076 | | | conv=get_tcp_conversation(pinfo); |
| 3077 | | | tcpd=get_tcp_conversation_data(conv,pinfo); |
| 3078 | | | |
| 3079 | | | item = proto_tree_add_uint(tcp_tree, hf_tcp_stream, tvb, offset, 0, conv->index); |
| 3080 | | | PROTO_ITEM_SET_GENERATED(item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3081 | | | |
| 3082 | | | |
| 3083 | | | |
| 3084 | | | |
| 3085 | | | |
| 3086 | | | |
| 3087 | | | |
| 3088 | | | |
| 3089 | | | if(tcpd && ((tcph->th_flags&(TH_SYN|TH_ACK))==TH_SYN) && |
| 3090 | | | (tcpd->fwd->base_seq!=0) && |
| 3091 | | | (tcph->th_seq!=tcpd->fwd->base_seq) ) { |
| 3092 | | | if (!(pinfo->fd->flags.visited)) { |
| 3093 | | | conv=conversation_new(pinfo->fd->num, &pinfo->src, &pinfo->dst, pinfo->ptype, pinfo->srcport, pinfo->destport, 0); |
| 3094 | | | tcpd=get_tcp_conversation_data(conv,pinfo); |
| 3095 | | | } |
| 3096 | | | if(!tcpd->ta) |
| 3097 | | | tcp_analyze_get_acked_struct(pinfo->fd->num, TRUE, tcpd); |
| 3098 | | | tcpd->ta->flags|=TCP_A_REUSED_PORTS; |
| 3099 | | | } |
| 3100 | | | |
| 3101 | | | |
| 3102 | | | |
| 3103 | | | if (tcp_calculate_ts) { |
| 3104 | | | tcppd = p_get_proto_data(pinfo->fd, proto_tcp); |
| 3105 | | | |
| 3106 | | | |
| 3107 | | | |
| 3108 | | | |
| 3109 | | | |
| 3110 | | | if (!(pinfo->fd->flags.visited)) |
| 3111 | | | tcp_calculate_timestamps(pinfo, tcpd, tcppd); |
| 3112 | | | |
| 3113 | | | |
| 3114 | | | if (tcpd && check_col(pinfo->cinfo, COL_REL_CONV_TIME)) { |
| 3115 | | | nstime_delta(&ts, &pinfo->fd->abs_ts, &tcpd->ts_first); |
| 3116 | | | col_set_time(pinfo->cinfo, COL_REL_CONV_TIME, &ts, "tcp.time_relative"); |
| 3117 | | | } |
| 3118 | | | |
| 3119 | | | if (check_col(pinfo->cinfo, COL_DELTA_CONV_TIME)) { |
| 3120 | | | if( tcppd ) |
| 3121 | | | col_set_time(pinfo->cinfo, COL_DELTA_CONV_TIME, &tcppd->ts_del, "tcp.time_delta"); |
| 3122 | | | } |
| 3123 | | | } |
| 3124 | | | |
| 3125 | | | |
| 3126 | | | |
| 3127 | | | |
| 3128 | | | |
| 3129 | | | |
| 3130 | | | |
| 3131 | | | |
| 3132 | | | |
| 3133 | | | |
| 3134 | | | |
| 3135 | | | |
| 3136 | | | |
| 3137 | | | |
| 3138 | | | |
| 3139 | | | |
| 3140 | | | |
| 3141 | | | reported_len = tvb_reported_length(tvb); |
| 3142 | | | |
| 3143 | | | if (!pinfo->fragmented && !pinfo->in_error_pkt) { |
| 3144 | | | if (reported_len < tcph->th_hlen) { |
| 3145 | | | proto_item *pi; |
| 3146 | | | pi = proto_tree_add_text(tcp_tree, tvb, offset, 0, |
| 3147 | | | "Short segment. Segment/fragment does not contain a full TCP " |
| 3148 | | | " (might be NMAP or someone else deliberately sending unusual packets)"); |
| 3149 | | | PROTO_ITEM_SET_GENERATED(pi);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3150 | | | expert_add_info_format(pinfo, pi, PI_MALFORMED, PI_WARN, "Short segment"); |
| 3151 | | | tcph->th_have_seglen = FALSE; |
| 3152 | | | } else { |
| 3153 | | | |
| 3154 | | | tcph->th_seglen = reported_len - tcph->th_hlen; |
| 3155 | | | tcph->th_have_seglen = TRUE; |
| 3156 | | | |
| 3157 | | | if (tree) { |
| 3158 | | | |
| 3159 | | | hidden_item = proto_tree_add_uint(ti, hf_tcp_len, tvb, offset+12, 1, tcph->th_seglen); |
| 3160 | | | PROTO_ITEM_SET_HIDDEN(hidden_item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
319 | #define PROTO_ITEM_SET_HIDDEN(proto_item) \ |
320 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_HIDDEN) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3161 | | | |
| 3162 | | | } |
| 3163 | | | |
| 3164 | | | |
| 3165 | | | |
| 3166 | | | if(tcp_analyze_seq){ |
| 3167 | | | if(!(pinfo->fd->flags.visited)){ |
| 3168 | | | tcp_analyze_sequence_number(pinfo, tcph->th_seq, tcph->th_ack, tcph->th_seglen, tcph->th_flags, tcph->th_win, tcpd); |
| 3169 | | | } |
| 3170 | | | if(tcp_relative_seq){ |
| 3171 | | | tcp_get_relative_seq_ack(&(tcph->th_seq), &(tcph->th_ack), &(tcph->th_win), tcpd); |
| 3172 | | | } |
| 3173 | | | } |
| 3174 | | | |
| 3175 | | | |
| 3176 | | | nxtseq = tcph->th_seq + tcph->th_seglen; |
| 3177 | | | } |
| 3178 | | | } else |
| 3179 | | | tcph->th_have_seglen = FALSE; |
| 3180 | | | |
| 3181 | | | if (check_col(pinfo->cinfo, COL_INFO) || tree) { |
| 3182 | | | gboolean first_flag = TRUE; |
| 3183 | | | for (i = 0; i < 8; i++) { |
| 3184 | | | bpos = 1 << i; |
| 3185 | | | if (tcph->th_flags & bpos) { |
| 3186 | | | if (first_flag) { |
| 3187 | | | ep_strbuf_truncate(flags_strbuf, 0); |
| 3188 | | | } |
| 3189 | | | ep_strbuf_append_printf(flags_strbuf, "%s%s", first_flag ? "" : ", ", fstr[i]); |
| 3190 | | | first_flag = FALSE; |
| 3191 | | | } |
| 3192 | | | } |
| 3193 | | | } |
| 3194 | | | |
| 3195 | | | if (check_col(pinfo->cinfo, COL_INFO)) { |
| 3196 | | | col_append_fstr(pinfo->cinfo, COL_INFO, " [%s] Seq=%u", flags_strbuf->str, tcph->th_seq); |
| 3197 | | | if (tcph->th_flags&TH_ACK) { |
| 3198 | | | col_append_fstr(pinfo->cinfo, COL_INFO, " Ack=%u", tcph->th_ack); |
| 3199 | | | } |
| 3200 | | | if (tcph->th_flags&TH_SYN) { |
| 3201 | | | col_append_fstr(pinfo->cinfo, COL_INFO, " Win=%u", real_window); |
| 3202 | | | } else { |
| 3203 | | | col_append_fstr(pinfo->cinfo, COL_INFO, " Win=%u", tcph->th_win); |
| 3204 | | | } |
| 3205 | | | } |
| 3206 | | | |
| 3207 | | | if (tree) { |
| 3208 | | | if (tcp_summary_in_tree) { |
| 3209 | | | proto_item_append_text(ti, ", Seq: %u", tcph->th_seq); |
| 3210 | | | } |
| 3211 | | | if(tcp_relative_seq){ |
| 3212 | | | proto_tree_add_uint_format(tcp_tree, hf_tcp_seq, tvb, offset + 4, 4, tcph->th_seq, "Sequence number: %u (relative sequence number)", tcph->th_seq); |
| 3213 | | | } else { |
| 3214 | | | proto_tree_add_uint(tcp_tree, hf_tcp_seq, tvb, offset + 4, 4, tcph->th_seq); |
| 3215 | | | } |
| 3216 | | | } |
| 3217 | | | |
| 3218 | | | if (tcph->th_hlen < TCPH_MIN_LEN) { |
| 3219 | | | |
| 3220 | | | |
| 3221 | | | |
| 3222 | | | |
| 3223 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 3224 | | | col_append_fstr(pinfo->cinfo, COL_INFO, ", bogus TCP length (%u, must be at least %u)", |
| 3225 | | | tcph->th_hlen, TCPH_MIN_LEN); |
| 3226 | | | if (tree) { |
| 3227 | | | proto_tree_add_uint_format(tcp_tree, hf_tcp_hdr_len, tvb, offset + 12, 1, tcph->th_hlen, |
| 3228 | | | " length: %u bytes (bogus, must be at least %u)", tcph->th_hlen, |
| 3229 | | | TCPH_MIN_LEN); |
| 3230 | | | } |
| 3231 | | | return; |
| 3232 | | | } |
| 3233 | | | |
| 3234 | | | if (tree) { |
| 3235 | | | if (tcp_summary_in_tree) { |
| 3236 | | | if(tcph->th_flags&TH_ACK){ |
| 3237 | | | proto_item_append_text(ti, ", Ack: %u", tcph->th_ack); |
| 3238 | | | } |
| 3239 | | | if (tcph->th_have_seglen) |
| 3240 | | | proto_item_append_text(ti, ", Len: %u", tcph->th_seglen); |
| 3241 | | | } |
| 3242 | | | proto_item_set_len(ti, tcph->th_hlen); |
| 3243 | | | if (tcph->th_have_seglen) { |
| 3244 | | | if (nxtseq != tcph->th_seq) { |
| 3245 | | | if(tcp_relative_seq){ |
| 3246 | | | tf=proto_tree_add_uint_format(tcp_tree, hf_tcp_nxtseq, tvb, offset, 0, nxtseq, "Next sequence number: %u (relative sequence number)", nxtseq); |
| 3247 | | | } else { |
| 3248 | | | tf=proto_tree_add_uint(tcp_tree, hf_tcp_nxtseq, tvb, offset, 0, nxtseq); |
| 3249 | | | } |
| 3250 | | | PROTO_ITEM_SET_GENERATED(tf);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3251 | | | } |
| 3252 | | | } |
| 3253 | | | if (tcph->th_flags & TH_ACK) { |
| 3254 | | | if(tcp_relative_seq){ |
| 3255 | | | proto_tree_add_uint_format(tcp_tree, hf_tcp_ack, tvb, offset + 8, 4, tcph->th_ack, "Acknowledgement number: %u (relative ack number)", tcph->th_ack); |
| 3256 | | | } else { |
| 3257 | | | proto_tree_add_uint(tcp_tree, hf_tcp_ack, tvb, offset + 8, 4, tcph->th_ack); |
| 3258 | | | } |
| 3259 | | | } else { |
| 3260 | | | |
| 3261 | | | if(tvb_get_ntohl(tvb, offset+8) != 0){ |
| 3262 | | | proto_tree_add_text(tcp_tree, tvb, offset+8, 4,"Acknowledgement number: Broken TCP. The acknowledge field is nonzero while the ACK flag is not set"); |
| 3263 | | | } |
| 3264 | | | } |
| 3265 | | | proto_tree_add_uint_format(tcp_tree, hf_tcp_hdr_len, tvb, offset + 12, 1, tcph->th_hlen, |
| 3266 | | | " length: %u bytes", tcph->th_hlen); |
| 3267 | | | tf = proto_tree_add_uint_format(tcp_tree, hf_tcp_flags, tvb, offset + 13, 1, |
| 3268 | | | tcph->th_flags, "Flags: 0x%02x (%s)", tcph->th_flags, flags_strbuf->str); |
| 3269 | | | field_tree = proto_item_add_subtree(tf, ett_tcp_flags); |
| 3270 | | | proto_tree_add_boolean(field_tree, hf_tcp_flags_cwr, tvb, offset + 13, 1, tcph->th_flags); |
| 3271 | | | proto_tree_add_boolean(field_tree, hf_tcp_flags_ecn, tvb, offset + 13, 1, tcph->th_flags); |
| 3272 | | | proto_tree_add_boolean(field_tree, hf_tcp_flags_urg, tvb, offset + 13, 1, tcph->th_flags); |
| 3273 | | | proto_tree_add_boolean(field_tree, hf_tcp_flags_ack, tvb, offset + 13, 1, tcph->th_flags); |
| 3274 | | | proto_tree_add_boolean(field_tree, hf_tcp_flags_push, tvb, offset + 13, 1, tcph->th_flags); |
| 3275 | | | tf_rst = proto_tree_add_boolean(field_tree, hf_tcp_flags_reset, tvb, offset + 13, 1, tcph->th_flags); |
| 3276 | | | tf_syn = proto_tree_add_boolean(field_tree, hf_tcp_flags_syn, tvb, offset + 13, 1, tcph->th_flags); |
| 3277 | | | tf_fin = proto_tree_add_boolean(field_tree, hf_tcp_flags_fin, tvb, offset + 13, 1, tcph->th_flags); |
| 3278 | | | if(tcp_relative_seq |
| 3279 | | | && (tcph->th_win!=real_window) |
| 3280 | | | && !(tcph->th_flags&TH_SYN) ){ |
| 3281 | | | proto_tree_add_uint_format(tcp_tree, hf_tcp_window_size, tvb, offset + 14, 2, tcph->th_win, "Window size: %u (scaled)", tcph->th_win); |
| 3282 | | | } else { |
| 3283 | | | proto_tree_add_uint(tcp_tree, hf_tcp_window_size, tvb, offset + 14, 2, real_window); |
| 3284 | | | } |
| 3285 | | | } |
| 3286 | | | |
| 3287 | | | if(tcph->th_flags & TH_SYN) { |
| 3288 | | | if(tcph->th_flags & TH_ACK) |
| 3289 | | | expert_add_info_format(pinfo, tf_syn, PI_SEQUENCE, PI_CHAT, "Connection establish acknowledge (SYN+ACK): server port %s", |
| 3290 | | | get_tcp_port(tcph->th_sport)); |
| 3291 | | | else |
| 3292 | | | expert_add_info_format(pinfo, tf_syn, PI_SEQUENCE, PI_CHAT, "Connection establish request (SYN): server port %s", |
| 3293 | | | get_tcp_port(tcph->th_dport)); |
| 3294 | | | } |
| 3295 | | | if(tcph->th_flags & TH_FIN) |
| 3296 | | | |
| 3297 | | | expert_add_info_format(pinfo, tf_fin, PI_SEQUENCE, PI_CHAT, "Connection finish (FIN)"); |
| 3298 | | | if(tcph->th_flags & TH_RST) |
| 3299 | | | |
| 3300 | | | expert_add_info_format(pinfo, tf_rst, PI_SEQUENCE, PI_CHAT, "Connection reset (RST)"); |
| 3301 | | | |
| 3302 | | | |
| 3303 | | | |
| 3304 | | | tcpinfo.seq = tcph->th_seq; |
| 3305 | | | tcpinfo.nxtseq = nxtseq; |
| 3306 | | | tcpinfo.lastackseq = tcph->th_ack; |
| 3307 | | | |
| 3308 | | | |
| 3309 | | | tcpinfo.is_reassembled = FALSE; |
| 3310 | | | |
| 3311 | | | pinfo->private_data = &tcpinfo; |
| 3312 | | | |
| 3313 | | | |
| 3314 | | | |
| 3315 | | | |
| 3316 | | | pinfo->can_desegment = 0; |
| 3317 | | | th_sum = tvb_get_ntohs(tvb, offset + 16); |
| 3318 | | | if (!pinfo->fragmented && tvb_bytes_exist(tvb, 0, reported_len)) { |
| 3319 | | | |
| 3320 | | | |
| 3321 | | | |
| 3322 | | | |
| 3323 | | | |
| 3324 | | | |
| 3325 | | | if (tcp_check_checksum) { |
| 3326 | | | |
| 3327 | | | |
| 3328 | | | |
| 3329 | | | cksum_vec[0].ptr = pinfo->src.data; |
| 3330 | | | cksum_vec[0].len = pinfo->src.len; |
| 3331 | | | cksum_vec[1].ptr = pinfo->dst.data; |
| 3332 | | | cksum_vec[1].len = pinfo->dst.len; |
| 3333 | | | cksum_vec[2].ptr = (const guint8 *)phdr; |
| 3334 | | | switch (pinfo->src.type) { |
| 3335 | | | |
| 3336 | | | case AT_IPv4: |
| 3337 | | | phdr[0] = g_htonl((IP_PROTO_TCP<<16) + reported_len);
x /usr/include/glib-2.0/glib/gtypes.h |
| |
349 | #define g_htonl(val) (GUINT32_TO_BE (val)) |
| |
x /usr/lib/i386-linux-gnu/glib-2.0/include/glibconfig.h |
| |
196 | #define GUINT32_TO_BE(val) (GUINT32_SWAP_LE_BE (val)) |
| |
x /usr/include/glib-2.0/glib/gtypes.h |
| |
229 | # define GUINT32_SWAP_LE_BE(val) (GUINT32_SWAP_LE_BE_IA32 (val)) |
| |
x /usr/include/glib-2.0/glib/gtypes.h |
| |
203 | # define GUINT32_SWAP_LE_BE_IA32(val) \ |
204 | (__extension__ \ |
205 | ({ register guint32 __v, __x = ((guint32) (val)); \ |
206 | if (__builtin_constant_p (__x)) \ |
207 | __v = GUINT32_SWAP_LE_BE_CONSTANT (__x); \ |
208 | else \ |
209 | __asm__ ("bswap %0" \ |
210 | : "=r" (__v) \ |
211 | : "0" (__x)); \ |
212 | __v; })) |
| |
x /usr/include/glib-2.0/glib/gtypes.h |
| |
147 | #define GUINT32_SWAP_LE_BE_CONSTANT(val) ((guint32) ( \ |
148 | (((guint32) (val) & (guint32) 0x000000ffU) << 24) | \ |
149 | (((guint32) (val) & (guint32) 0x0000ff00U) << 8) | \ |
150 | (((guint32) (val) & (guint32) 0x00ff0000U) >> 8) | \ |
151 | (((guint32) (val) & (guint32) 0xff000000U) >> 24))) |
| |
|
| 3338 | | | cksum_vec[2].len = 4; |
| 3339 | | | break; |
| 3340 | | | |
| 3341 | | | case AT_IPv6: |
| 3342 | | | phdr[0] = g_htonl(reported_len);
x /usr/include/glib-2.0/glib/gtypes.h |
| |
349 | #define g_htonl(val) (GUINT32_TO_BE (val)) |
| |
x /usr/lib/i386-linux-gnu/glib-2.0/include/glibconfig.h |
| |
196 | #define GUINT32_TO_BE(val) (GUINT32_SWAP_LE_BE (val)) |
| |
x /usr/include/glib-2.0/glib/gtypes.h |
| |
229 | # define GUINT32_SWAP_LE_BE(val) (GUINT32_SWAP_LE_BE_IA32 (val)) |
| |
x /usr/include/glib-2.0/glib/gtypes.h |
| |
203 | # define GUINT32_SWAP_LE_BE_IA32(val) \ |
204 | (__extension__ \ |
205 | ({ register guint32 __v, __x = ((guint32) (val)); \ |
206 | if (__builtin_constant_p (__x)) \ |
207 | __v = GUINT32_SWAP_LE_BE_CONSTANT (__x); \ |
208 | else \ |
209 | __asm__ ("bswap %0" \ |
210 | : "=r" (__v) \ |
211 | : "0" (__x)); \ |
212 | __v; })) |
| |
x /usr/include/glib-2.0/glib/gtypes.h |
| |
147 | #define GUINT32_SWAP_LE_BE_CONSTANT(val) ((guint32) ( \ |
148 | (((guint32) (val) & (guint32) 0x000000ffU) << 24) | \ |
149 | (((guint32) (val) & (guint32) 0x0000ff00U) << 8) | \ |
150 | (((guint32) (val) & (guint32) 0x00ff0000U) >> 8) | \ |
151 | (((guint32) (val) & (guint32) 0xff000000U) >> 24))) |
| |
|
| 3343 | | | phdr[1] = g_htonl(IP_PROTO_TCP);
x /usr/include/glib-2.0/glib/gtypes.h |
| |
349 | #define g_htonl(val) (GUINT32_TO_BE (val)) |
| |
x /usr/lib/i386-linux-gnu/glib-2.0/include/glibconfig.h |
| |
196 | #define GUINT32_TO_BE(val) (GUINT32_SWAP_LE_BE (val)) |
| |
x /usr/include/glib-2.0/glib/gtypes.h |
| |
229 | # define GUINT32_SWAP_LE_BE(val) (GUINT32_SWAP_LE_BE_IA32 (val)) |
| |
x /usr/include/glib-2.0/glib/gtypes.h |
| |
203 | # define GUINT32_SWAP_LE_BE_IA32(val) \ |
204 | (__extension__ \ |
205 | ({ register guint32 __v, __x = ((guint32) (val)); \ |
206 | if (__builtin_constant_p (__x)) \ |
207 | __v = GUINT32_SWAP_LE_BE_CONSTANT (__x); \ |
208 | else \ |
209 | __asm__ ("bswap %0" \ |
210 | : "=r" (__v) \ |
211 | : "0" (__x)); \ |
212 | __v; })) |
| |
x /usr/include/glib-2.0/glib/gtypes.h |
| |
147 | #define GUINT32_SWAP_LE_BE_CONSTANT(val) ((guint32) ( \ |
148 | (((guint32) (val) & (guint32) 0x000000ffU) << 24) | \ |
149 | (((guint32) (val) & (guint32) 0x0000ff00U) << 8) | \ |
150 | (((guint32) (val) & (guint32) 0x00ff0000U) >> 8) | \ |
151 | (((guint32) (val) & (guint32) 0xff000000U) >> 24))) |
| |
|
| 3344 | | | cksum_vec[2].len = 8; |
| 3345 | | | break; |
| 3346 | | | |
| 3347 | | | default: |
| 3348 | | | |
| 3349 | | | DISSECTOR_ASSERT_NOT_REACHED();
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
131 | #define DISSECTOR_ASSERT_NOT_REACHED() \ |
132 | (REPORT_DISSECTOR_BUG( \ |
133 | ep_strdup_printf("%s:%u: failed assertion \"DISSECTOR_ASSERT_NOT_REACHED\"", \ |
134 | __FILE__, __LINE__))) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
106 | #define REPORT_DISSECTOR_BUG(message) \ |
107 | ((getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL) ? \ |
108 | abort() : \ |
109 | THROW_MESSAGE(DissectorError, message)) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/exceptions.h |
| |
226 | #define THROW_MESSAGE(x, y) \ |
227 | except_throw(XCEPT_GROUP_WIRESHARK, (x), (y)) |
| |
|
| 3350 | | | break; |
Unreachable Control Flow
The highlighted code will not execute under any circumstances. This may be because of: |
|
| 3351 | | | } |
| 3352 | | | cksum_vec[3].ptr = tvb_get_ptr(tvb, offset, reported_len); |
| 3353 | | | cksum_vec[3].len = reported_len; |
| 3354 | | | computed_cksum = in_cksum(cksum_vec, 4); |
| 3355 | | | if (computed_cksum == 0 && th_sum == 0xffff) { |
| 3356 | | | item = proto_tree_add_uint_format(tcp_tree, hf_tcp_checksum, tvb, |
| 3357 | | | offset + 16, 2, th_sum, |
| 3358 | | | "Checksum: 0x%04x [should be 0x0000 (see RFC 1624)]", th_sum); |
| 3359 | | | |
| 3360 | | | checksum_tree = proto_item_add_subtree(item, ett_tcp_checksum); |
| 3361 | | | item = proto_tree_add_boolean(checksum_tree, hf_tcp_checksum_good, tvb, |
| 3362 | | | offset + 16, 2, FALSE); |
| 3363 | | | PROTO_ITEM_SET_GENERATED(item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3364 | | | item = proto_tree_add_boolean(checksum_tree, hf_tcp_checksum_bad, tvb, |
| 3365 | | | offset + 16, 2, FALSE); |
| 3366 | | | PROTO_ITEM_SET_GENERATED(item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3367 | | | expert_add_info_format(pinfo, item, PI_CHECKSUM, PI_WARN, "TCP Checksum 0xffff instead of 0x0000 (see RFC 1624)"); |
| 3368 | | | |
| 3369 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 3370 | | | col_append_str(pinfo->cinfo, COL_INFO, " [TCP CHECKSUM 0xFFFF]"); |
| 3371 | | | |
| 3372 | | | |
| 3373 | | | desegment_ok = TRUE; |
| 3374 | | | } else if (computed_cksum == 0) { |
| 3375 | | | item = proto_tree_add_uint_format(tcp_tree, hf_tcp_checksum, tvb, |
| 3376 | | | offset + 16, 2, th_sum, "Checksum: 0x%04x [correct]", th_sum); |
| 3377 | | | |
| 3378 | | | checksum_tree = proto_item_add_subtree(item, ett_tcp_checksum); |
| 3379 | | | item = proto_tree_add_boolean(checksum_tree, hf_tcp_checksum_good, tvb, |
| 3380 | | | offset + 16, 2, TRUE); |
| 3381 | | | PROTO_ITEM_SET_GENERATED(item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3382 | | | item = proto_tree_add_boolean(checksum_tree, hf_tcp_checksum_bad, tvb, |
| 3383 | | | offset + 16, 2, FALSE); |
| 3384 | | | PROTO_ITEM_SET_GENERATED(item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3385 | | | |
| 3386 | | | |
| 3387 | | | desegment_ok = TRUE; |
| 3388 | | | } else if (th_sum == 0) { |
| 3389 | | | |
| 3390 | | | item = proto_tree_add_uint_format(tcp_tree, hf_tcp_checksum, tvb, |
| 3391 | | | offset + 16, 2, th_sum, "Checksum: 0x%04x [Checksum Offloaded]", th_sum); |
| 3392 | | | |
| 3393 | | | checksum_tree = proto_item_add_subtree(item, ett_tcp_checksum); |
| 3394 | | | item = proto_tree_add_boolean(checksum_tree, hf_tcp_checksum_good, tvb, |
| 3395 | | | offset + 16, 2, FALSE); |
| 3396 | | | PROTO_ITEM_SET_GENERATED(item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3397 | | | item = proto_tree_add_boolean(checksum_tree, hf_tcp_checksum_bad, tvb, |
| 3398 | | | offset + 16, 2, FALSE); |
| 3399 | | | PROTO_ITEM_SET_GENERATED(item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3400 | | | |
| 3401 | | | |
| 3402 | | | desegment_ok = TRUE; |
| 3403 | | | } else { |
| 3404 | | | item = proto_tree_add_uint_format(tcp_tree, hf_tcp_checksum, tvb, |
| 3405 | | | offset + 16, 2, th_sum, |
| 3406 | | | "Checksum: 0x%04x [incorrect, should be 0x%04x (maybe caused by \"TCP checksum offload\"?)]", th_sum, |
| 3407 | | | in_cksum_shouldbe(th_sum, computed_cksum)); |
| 3408 | | | |
| 3409 | | | checksum_tree = proto_item_add_subtree(item, ett_tcp_checksum); |
| 3410 | | | item = proto_tree_add_boolean(checksum_tree, hf_tcp_checksum_good, tvb, |
| 3411 | | | offset + 16, 2, FALSE); |
| 3412 | | | PROTO_ITEM_SET_GENERATED(item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3413 | | | item = proto_tree_add_boolean(checksum_tree, hf_tcp_checksum_bad, tvb, |
| 3414 | | | offset + 16, 2, TRUE); |
| 3415 | | | PROTO_ITEM_SET_GENERATED(item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3416 | | | expert_add_info_format(pinfo, item, PI_CHECKSUM, PI_ERROR, "Bad checksum"); |
| 3417 | | | |
| 3418 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 3419 | | | col_append_str(pinfo->cinfo, COL_INFO, " [TCP CHECKSUM INCORRECT]"); |
| 3420 | | | |
| 3421 | | | |
| 3422 | | | desegment_ok = FALSE; |
| 3423 | | | pinfo->noreassembly_reason = " [incorrect TCP checksum]"; |
| 3424 | | | } |
| 3425 | | | } else { |
| 3426 | | | item = proto_tree_add_uint_format(tcp_tree, hf_tcp_checksum, tvb, |
| 3427 | | | offset + 16, 2, th_sum, "Checksum: 0x%04x [validation disabled]", th_sum); |
| 3428 | | | |
| 3429 | | | checksum_tree = proto_item_add_subtree(item, ett_tcp_checksum); |
| 3430 | | | item = proto_tree_add_boolean(checksum_tree, hf_tcp_checksum_good, tvb, |
| 3431 | | | offset + 16, 2, FALSE); |
| 3432 | | | PROTO_ITEM_SET_GENERATED(item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3433 | | | item = proto_tree_add_boolean(checksum_tree, hf_tcp_checksum_bad, tvb, |
| 3434 | | | offset + 16, 2, FALSE); |
| 3435 | | | PROTO_ITEM_SET_GENERATED(item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3436 | | | |
| 3437 | | | |
| 3438 | | | |
| 3439 | | | desegment_ok = TRUE; |
| 3440 | | | } |
| 3441 | | | } else { |
| 3442 | | | |
| 3443 | | | item = proto_tree_add_uint_format(tcp_tree, hf_tcp_checksum, tvb, |
| 3444 | | | offset + 16, 2, th_sum, "Checksum: 0x%04x [unchecked, not all data available]", th_sum); |
| 3445 | | | |
| 3446 | | | checksum_tree = proto_item_add_subtree(item, ett_tcp_checksum); |
| 3447 | | | item = proto_tree_add_boolean(checksum_tree, hf_tcp_checksum_good, tvb, |
| 3448 | | | offset + 16, 2, FALSE); |
| 3449 | | | PROTO_ITEM_SET_GENERATED(item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3450 | | | item = proto_tree_add_boolean(checksum_tree, hf_tcp_checksum_bad, tvb, |
| 3451 | | | offset + 16, 2, FALSE); |
| 3452 | | | PROTO_ITEM_SET_GENERATED(item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3453 | | | |
| 3454 | | | |
| 3455 | | | desegment_ok = FALSE; |
| 3456 | | | } |
| 3457 | | | |
| 3458 | | | if (desegment_ok) { |
| 3459 | | | |
| 3460 | | | if (tcp_desegment) { |
| 3461 | | | |
| 3462 | | | if (!pinfo->in_error_pkt) { |
| 3463 | | | |
| 3464 | | | |
| 3465 | | | |
| 3466 | | | pinfo->can_desegment = 2; |
| 3467 | | | } |
| 3468 | | | } |
| 3469 | | | } |
| 3470 | | | |
| 3471 | | | if (tcph->th_flags & TH_URG) { |
| 3472 | | | th_urp = tvb_get_ntohs(tvb, offset + 18); |
| 3473 | | | |
| 3474 | | | |
| 3475 | | | tcpinfo.urgent = TRUE; |
| 3476 | | | tcpinfo.urgent_pointer = th_urp; |
| 3477 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 3478 | | | col_append_fstr(pinfo->cinfo, COL_INFO, " Urg=%u", th_urp); |
| 3479 | | | if (tcp_tree != NULL) |
| 3480 | | | proto_tree_add_uint(tcp_tree, hf_tcp_urgent_pointer, tvb, offset + 18, 2, th_urp); |
| 3481 | | | } else |
| 3482 | | | tcpinfo.urgent = FALSE; |
| 3483 | | | |
| 3484 | | | if (tcph->th_have_seglen) { |
| 3485 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 3486 | | | col_append_fstr(pinfo->cinfo, COL_INFO, " Len=%u", tcph->th_seglen); |
| 3487 | | | } |
| 3488 | | | |
| 3489 | | | |
| 3490 | | | if (tcph->th_hlen > TCPH_MIN_LEN) { |
| 3491 | | | |
| 3492 | | | |
| 3493 | | | optlen = tcph->th_hlen - TCPH_MIN_LEN; |
| 3494 | | | tvb_ensure_bytes_exist(tvb, offset + 20, optlen); |
| 3495 | | | if (tcp_tree != NULL) { |
| 3496 | | | guint8 *p_options = ep_tvb_memdup(tvb, offset + 20, optlen); |
| 3497 | | | tf = proto_tree_add_bytes_format(tcp_tree, hf_tcp_options, tvb, offset + 20, |
| 3498 | | | optlen, p_options, "Options: (%u bytes)", optlen); |
| 3499 | | | field_tree = proto_item_add_subtree(tf, ett_tcp_options); |
| 3500 | | | } else |
| 3501 | | | field_tree = NULL; |
| 3502 | | | dissect_ip_tcp_options(tvb, offset + 20, optlen, |
| 3503 | | | tcpopts, N_TCP_OPTS, TCPOPT_EOL, pinfo, field_tree); |
| 3504 | | | } |
| 3505 | | | |
| 3506 | | | if(!pinfo->fd->flags.visited){ |
| 3507 | | | if((tcph->th_flags & (TH_SYN|TH_ACK))==(TH_SYN|TH_ACK)) { |
| 3508 | | | |
| 3509 | | | |
| 3510 | | | |
| 3511 | | | if(tcp_analyze_seq && tcp_relative_seq){ |
| 3512 | | | verify_tcp_window_scaling(tcpd); |
| 3513 | | | } |
| 3514 | | | |
| 3515 | | | |
| 3516 | | | |
| 3517 | | | |
| 3518 | | | |
| 3519 | | | if(tcpd && ((tcpd->rev->scps_capable) || (tcpd->fwd->scps_capable))) { |
| 3520 | | | verify_scps(pinfo, tf_syn, tcpd); |
| 3521 | | | } |
| 3522 | | | } |
| 3523 | | | } |
| 3524 | | | |
| 3525 | | | |
| 3526 | | | offset += tcph->th_hlen; |
| 3527 | | | |
| 3528 | | | |
| 3529 | | | |
| 3530 | | | length_remaining = tvb_length_remaining(tvb, offset); |
| 3531 | | | |
| 3532 | | | if (tcph->th_have_seglen) { |
| 3533 | | | if( data_out_file ) { |
| 3534 | | | reassemble_tcp( tcph->th_seq, |
| 3535 | | | tcph->th_ack, |
| 3536 | | | tcph->th_seglen, |
| 3537 | | | (gchar*)tvb_get_ptr(tvb, offset, length_remaining), |
| 3538 | | | length_remaining, |
| 3539 | | | ( tcph->th_flags & TH_SYN ), |
| 3540 | | | &pinfo->net_src, |
| 3541 | | | &pinfo->net_dst, |
| 3542 | | | pinfo->srcport, |
| 3543 | | | pinfo->destport); |
| 3544 | | | } |
| 3545 | | | } |
| 3546 | | | |
| 3547 | | | |
| 3548 | | | if(tcp_analyze_seq){ |
| 3549 | | | tcp_print_sequence_number_analysis(pinfo, tvb, tcp_tree, tcpd); |
| 3550 | | | } |
| 3551 | | | |
| 3552 | | | |
| 3553 | | | if(tcp_calculate_ts){ |
| 3554 | | | tcp_print_timestamps(pinfo, tvb, tcp_tree, tcpd, tcppd); |
| 3555 | | | } |
| 3556 | | | |
| 3557 | | | tap_queue_packet(tcp_tap, pinfo, tcph); |
| 3558 | | | |
| 3559 | | | |
| 3560 | | | |
| 3561 | | | |
| 3562 | | | |
| 3563 | | | if(tcpd && (tcph->th_flags & TH_FIN) |
| 3564 | | | && (tcpd->fwd->flags&TCP_FLOW_REASSEMBLE_UNTIL_FIN) ){ |
| 3565 | | | struct tcp_multisegment_pdu *msp; |
| 3566 | | | |
| 3567 | | | |
| 3568 | | | msp=se_tree_lookup32_le(tcpd->fwd->multisegment_pdus, tcph->th_seq-1); |
| 3569 | | | if(msp){ |
| 3570 | | | fragment_data *ipfd_head; |
| 3571 | | | |
| 3572 | | | ipfd_head = fragment_add(tvb, offset, pinfo, msp->first_frame, |
| 3573 | | | tcp_fragment_table, |
| 3574 | | | tcph->th_seq - msp->seq, |
| 3575 | | | tcph->th_seglen, |
| 3576 | | | FALSE ); |
| 3577 | | | if(ipfd_head){ |
| 3578 | | | tvbuff_t *next_tvb; |
| 3579 | | | |
| 3580 | | | |
| 3581 | | | next_tvb = tvb_new_real_data(ipfd_head->data, ipfd_head->datalen, ipfd_head->datalen); |
| 3582 | | | |
| 3583 | | | |
| 3584 | | | tvb_set_child_real_data_tvbuff(tvb, next_tvb); |
| 3585 | | | |
| 3586 | | | |
| 3587 | | | add_new_data_source(pinfo, next_tvb, "Reassembled TCP"); |
| 3588 | | | |
| 3589 | | | |
| 3590 | | | |
| 3591 | | | |
| 3592 | | | pinfo->can_desegment = 0; |
| 3593 | | | |
| 3594 | | | process_tcp_payload(next_tvb, 0, pinfo, tree, tcp_tree, tcph->th_sport, tcph->th_dport, tcph->th_seq, nxtseq, FALSE, tcpd); |
| 3595 | | | |
| 3596 | | | print_tcp_fragment_tree(ipfd_head, tree, tcp_tree, pinfo, next_tvb); |
| 3597 | | | |
| 3598 | | | return; |
| 3599 | | | } |
| 3600 | | | } |
| 3601 | | | } |
| 3602 | | | |
| 3603 | | | if (tcpd && (tcpd->fwd || tcpd->rev) && (tcpd->fwd->command || tcpd->rev->command)) { |
| 3604 | | | ti = proto_tree_add_text(tcp_tree, tvb, offset, 0, "Process Information"); |
| 3605 | | | PROTO_ITEM_SET_GENERATED(ti);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
325 | #define PROTO_ITEM_SET_GENERATED(proto_item) \ |
326 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_GENERATED) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 3606 | | | field_tree = proto_item_add_subtree(ti, ett_tcp_process_info); |
| 3607 | | | if (tcpd->fwd->command) { |
| 3608 | | | proto_tree_add_uint_format_value(field_tree, hf_tcp_proc_dst_uid, tvb, 0, 0, |
| 3609 | | | tcpd->fwd->process_uid, "%u", tcpd->fwd->process_uid); |
| 3610 | | | proto_tree_add_uint_format_value(field_tree, hf_tcp_proc_dst_pid, tvb, 0, 0, |
| 3611 | | | tcpd->fwd->process_pid, "%u", tcpd->fwd->process_pid); |
| 3612 | | | proto_tree_add_string_format_value(field_tree, hf_tcp_proc_dst_uname, tvb, 0, 0, |
| 3613 | | | tcpd->fwd->username, "%s", tcpd->fwd->username); |
| 3614 | | | proto_tree_add_string_format_value(field_tree, hf_tcp_proc_dst_cmd, tvb, 0, 0, |
| 3615 | | | tcpd->fwd->command, "%s", tcpd->fwd->command); |
| 3616 | | | } |
| 3617 | | | if (tcpd->rev->command) { |
| 3618 | | | proto_tree_add_uint_format_value(field_tree, hf_tcp_proc_src_uid, tvb, 0, 0, |
| 3619 | | | tcpd->rev->process_uid, "%u", tcpd->rev->process_uid); |
| 3620 | | | proto_tree_add_uint_format_value(field_tree, hf_tcp_proc_src_pid, tvb, 0, 0, |
| 3621 | | | tcpd->rev->process_pid, "%u", tcpd->rev->process_pid); |
| 3622 | | | proto_tree_add_string_format_value(field_tree, hf_tcp_proc_src_uname, tvb, 0, 0, |
| 3623 | | | tcpd->rev->username, "%s", tcpd->rev->username); |
| 3624 | | | proto_tree_add_string_format_value(field_tree, hf_tcp_proc_src_cmd, tvb, 0, 0, |
| 3625 | | | tcpd->rev->command, "%s", tcpd->rev->command); |
| 3626 | | | } |
| 3627 | | | } |
| 3628 | | | |
| 3629 | | | |
| 3630 | | | |
| 3631 | | | |
| 3632 | | | |
| 3633 | | | |
| 3634 | | | |
| 3635 | | | |
| 3636 | | | if (length_remaining != 0) { |
| 3637 | | | if (tcph->th_flags & TH_RST) { |
| 3638 | | | |
| 3639 | | | |
| 3640 | | | |
| 3641 | | | |
| 3642 | | | |
| 3643 | | | |
| 3644 | | | |
| 3645 | | | |
| 3646 | | | |
| 3647 | | | |
| 3648 | | | |
| 3649 | | | |
| 3650 | | | |
| 3651 | | | |
| 3652 | | | |
| 3653 | | | proto_tree_add_text(tcp_tree, tvb, offset, length_remaining, |
| 3654 | | | "Reset cause: %s", |
| 3655 | | | tvb_format_text(tvb, offset, length_remaining)); |
| 3656 | | | } else { |
| 3657 | | | dissect_tcp_payload(tvb, pinfo, offset, tcph->th_seq, nxtseq, |
| 3658 | | | tcph->th_sport, tcph->th_dport, tree, tcp_tree, tcpd); |
| 3659 | | | } |
| 3660 | | | } |
| 3661 | | | } |
| |