diff options
author | Guy Harris <guy@alum.mit.edu> | 2018-02-03 16:41:13 -0800 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 2018-02-04 00:41:55 +0000 |
commit | 0c781eeef7a5322de2e96bb77b1029db35b4b2bc (patch) | |
tree | c0499f7b8fe9810a4ed6212e6638237045445966 /wiretap | |
parent | 3d574a4b2b462e42d767635db9a76f4c10c521c8 (diff) |
Disallow registration of some block type values for plugins.
Don't allow overriding of the block types we support in libwiretap - it
won't work anyway, as we check for those types first, and only look for
plugins for types we don't support.
Don't allow registering for any of the reserved types; if you aren't
going to use a local type, you have to get your type registered.
We *do* allow registering plugins for types that are registered but that
we don't support natively.
Change-Id: I2046d297b0503d3a77c83166b07ca226c0b18e82
Reviewed-on: https://code.wireshark.org/review/25583
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'wiretap')
-rw-r--r-- | wiretap/pcapng.c | 54 | ||||
-rw-r--r-- | wiretap/pcapng_module.h | 28 |
2 files changed, 72 insertions, 10 deletions
diff --git a/wiretap/pcapng.c b/wiretap/pcapng.c index 26dfe119bc..41e722f17b 100644 --- a/wiretap/pcapng.c +++ b/wiretap/pcapng.c @@ -249,6 +249,60 @@ register_pcapng_block_type_handler(guint block_type, block_reader reader, { block_handler *handler; + /* + * Is this a known block type? + */ + switch (block_type) { + + case BLOCK_TYPE_SHB: + case BLOCK_TYPE_IDB: + case BLOCK_TYPE_PB: + case BLOCK_TYPE_SPB: + case BLOCK_TYPE_NRB: + case BLOCK_TYPE_ISB: + case BLOCK_TYPE_EPB: + case BLOCK_TYPE_SYSDIG_EVENT: + /* + * Yes; we already handle it, and don't allow a replacement to + * be registeted (if there's a bug in our code, or there's + * something we don't handle in that block, submit a change + * to the main Wireshark source). + */ + g_warning("Attempt to register plugin for block type 0x%08x not allowed", + block_type); + return; + + case BLOCK_TYPE_IRIG_TS: + case BLOCK_TYPE_ARINC_429: + case BLOCK_TYPE_SYSDIG_EVF: + /* + * Yes, and we don't already handle it. Allow a plugin to + * handle it. + * + * (But why not submit the plugin source to Wireshark?) + */ + break; + + default: + /* + * No; is it a local block type? + */ + if (!(block_type & 0x80000000)) { + /* + * No; don't allow a plugin to be registered for it, as + * the block type needs to be registered before it's used. + */ + g_warning("Attempt to register plugin for reserved block type 0x%08x not allowed", + block_type); + return; + } + + /* + * Yes; allow the registration. + */ + break; + } + if (block_handlers == NULL) { /* * Create the table of block handlers. diff --git a/wiretap/pcapng_module.h b/wiretap/pcapng_module.h index 5eee195b84..048f14cf85 100644 --- a/wiretap/pcapng_module.h +++ b/wiretap/pcapng_module.h @@ -9,17 +9,26 @@ #ifndef __PCAP_MODULE_H__ #define __PCAP_MODULE_H__ -/* Block type codes in the file */ -#define BLOCK_TYPE_IDB 0x00000001 /* Interface Description Block */ -#define BLOCK_TYPE_PB 0x00000002 /* Packet Block (obsolete) */ -#define BLOCK_TYPE_SPB 0x00000003 /* Simple Packet Block */ -#define BLOCK_TYPE_NRB 0x00000004 /* Name Resolution Block */ -#define BLOCK_TYPE_ISB 0x00000005 /* Interface Statistics Block */ -#define BLOCK_TYPE_EPB 0x00000006 /* Enhanced Packet Block */ +/* + * These are the officially registered block types, from the pcapng + * specification. + * + * XXX - Dear Sysdig People: please add your blocks to the spec! + */ +#define BLOCK_TYPE_SHB 0x0A0D0D0A /* Section Header Block */ +#define BLOCK_TYPE_IDB 0x00000001 /* Interface Description Block */ +#define BLOCK_TYPE_PB 0x00000002 /* Packet Block (obsolete) */ +#define BLOCK_TYPE_SPB 0x00000003 /* Simple Packet Block */ +#define BLOCK_TYPE_NRB 0x00000004 /* Name Resolution Block */ +#define BLOCK_TYPE_ISB 0x00000005 /* Interface Statistics Block */ +#define BLOCK_TYPE_EPB 0x00000006 /* Enhanced Packet Block */ +#define BLOCK_TYPE_IRIG_TS 0x00000007 /* IRIG Timestamp Block */ +#define BLOCK_TYPE_ARINC_429 0x00000008 /* ARINC 429 in AFDX Encapsulation Information Block */ #define BLOCK_TYPE_SYSDIG_EVENT 0x00000204 /* Sysdig Event Block */ #define BLOCK_TYPE_SYSDIG_EVF 0x00000208 /* Sysdig Event Block with flags */ -#define BLOCK_TYPE_SHB 0x0A0D0D0A /* Section Header Block */ -/* TODO: the following are not yet well defined in the draft spec: + +/* TODO: the following are not yet well defined in the draft spec, + * and do not yet have block type values assigned to them: * Compression Block * Encryption Block * Fixed Length Block @@ -57,4 +66,3 @@ void register_pcapng_option_handler(guint block_type, guint option_code, option_handler_fn hfunc); #endif /* __PCAP_MODULE_H__ */ - |