diff options
Diffstat (limited to 'plugins/transum/extractors.c')
| -rw-r--r-- | plugins/transum/extractors.c | 120 |
1 files changed, 120 insertions, 0 deletions
diff --git a/plugins/transum/extractors.c b/plugins/transum/extractors.c new file mode 100644 index 0000000000..f2c72371cc --- /dev/null +++ b/plugins/transum/extractors.c @@ -0,0 +1,120 @@ +/* extractors.c +* Routines for the TRANSUM response time analyzer post-dissector +* By Paul Offord <paul.offord@advance7.com> +* Copyright 2016 Advance Seven Limited +* +* Wireshark - Network traffic analyzer +* By Gerald Combs <gerald@wireshark.org> +* Copyright 1998 Gerald Combs +* +* This program is free software; you can redistribute it and/or +* modify it under the terms of the GNU General Public License +* as published by the Free Software Foundation; either version 2 +* of the License, or (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ +#include "config.h" +#include <epan/prefs.h> +#include <epan/packet.h> +#include "extractors.h" + +/* + This function extracts a field value (e.g. tcp.len) from a tree. Because a packet may contain + multiple values for the the field the extracted values are returned in a result_array. The + number of array entries is returned in element_count. + + Return is 0 if all went well. If this function return -1 it is probably because the tree did not + include the field defined by the field_id. + */ +int extract_uint(proto_tree *tree, int field_id, guint32 *result_array, size_t *element_count) +{ + GPtrArray *finfo_array = proto_find_finfo(tree, field_id); + + if (finfo_array == NULL) { + return -1; + } + + *element_count = g_ptr_array_len(finfo_array); + + for (int i = 0; i < *element_count && i < MAX_RETURNED_ELEMENTS; i++) + { + result_array[i] = fvalue_get_uinteger(&((field_info*)finfo_array->pdata[i])->value); + } + + g_ptr_array_free(finfo_array, TRUE); + + return 0; +} + +int extract_ui64(proto_tree *tree, int field_id, guint64 *result_array, size_t *element_count) +{ + GPtrArray *finfo_array = proto_find_finfo(tree, field_id); + + if (finfo_array == NULL) { + return -1; + } + + *element_count = g_ptr_array_len(finfo_array); + + for (int i = 0; i < *element_count && i < MAX_RETURNED_ELEMENTS; i++) + { + result_array[i] = fvalue_get_uinteger64(&((field_info*)finfo_array->pdata[i])->value); + } + + g_ptr_array_free(finfo_array, TRUE); + + return 0; +} + +int extract_si64(proto_tree *tree, int field_id, guint64 *result_array, size_t *element_count) +{ + GPtrArray *finfo_array = proto_find_finfo(tree, field_id); + + if (finfo_array == NULL) { + return -1; + } + + *element_count = g_ptr_array_len(finfo_array); + + for (int i = 0; i < *element_count && i < MAX_RETURNED_ELEMENTS; i++) + { + result_array[i] = fvalue_get_sinteger64(&((field_info*)finfo_array->pdata[i])->value); + } + + g_ptr_array_free(finfo_array, TRUE); + + return 0; +} + +int extract_bool(proto_tree *tree, int field_id, gboolean *result_array, size_t *element_count) +{ + GPtrArray *finfo_array = proto_find_finfo(tree, field_id); + + if (finfo_array == NULL) { + return -1; + } + + *element_count = g_ptr_array_len(finfo_array); + + for (int i = 0; i < *element_count && i < MAX_RETURNED_ELEMENTS; i++) + { + fvalue_t *fv = &(((field_info*)finfo_array->pdata[i])->value); + + if (fv->value.uinteger) + result_array[i] = TRUE; + else + result_array[i] = FALSE; + } + + g_ptr_array_free(finfo_array, TRUE); + + return 0; +} |