1 %top { 2 /* Must come first for _LARGE_FILE_API on AIX. */ 3 #ifdef HAVE_CONFIG_H 4 #include <config.h> 5 #endif 6 7 /* 8 * Must come first to avoid warnings on Windows. 9 * 10 * Flex-generated scanners may only include <inttypes.h> if __STDC_VERSION__ 11 * is defined with a value >= 199901, meaning "full C99", and MSVC may not 12 * define it with that value, because it isn't 100% C99-compliant, even 13 * though it has an <inttypes.h> capable of defining everything the Flex 14 * scanner needs. 15 * 16 * We, however, will include it if we know we have an MSVC version that has 17 * it; this means that we may define the INTn_MAX and UINTn_MAX values in 18 * scanner.c, and then include <stdint.h>, which may define them differently 19 * (same value, but different string of characters), causing compiler warnings. 20 * 21 * If we include it here, and they're defined, that'll prevent scanner.c 22 * from defining them. So we include <pcap/pcap-inttypes.h>, to get 23 * <inttypes.h> if we have it. 24 */ 25 #include <pcap/pcap-inttypes.h> 26 27 #include "diag-control.h" 28 } 29 30 /* 31 * We want a reentrant scanner. 32 */ 33 %option reentrant 34 35 /* 36 * And we need to pass the compiler state to the scanner. 37 */ 38 %option extra-type="compiler_state_t *" 39 40 /* 41 * We don't use input, so don't generate code for it. 42 */ 43 %option noinput 44 45 /* 46 * We don't use unput, so don't generate code for it. 47 */ 48 %option nounput 49 50 /* 51 * We don't read from the terminal. 52 */ 53 %option never-interactive 54 55 /* 56 * We want to stop processing when we get to the end of the input. 57 */ 58 %option noyywrap 59 60 /* 61 * We want to generate code that can be used by a reentrant parser 62 * generated by Bison or Berkeley YACC. 63 */ 64 %option bison-bridge 65 66 %{ 67 /* 68 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 69 * The Regents of the University of California. All rights reserved. 70 * 71 * Redistribution and use in source and binary forms, with or without 72 * modification, are permitted provided that: (1) source code distributions 73 * retain the above copyright notice and this paragraph in its entirety, (2) 74 * distributions including binary code include the above copyright notice and 75 * this paragraph in its entirety in the documentation or other materials 76 * provided with the distribution, and (3) all advertising materials mentioning 77 * features or use of this software display the following acknowledgement: 78 * ``This product includes software developed by the University of California, 79 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 80 * the University nor the names of its contributors may be used to endorse 81 * or promote products derived from this software without specific prior 82 * written permission. 83 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 84 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 85 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 86 */ 87 88 #include <string.h> 89 90 #include "pcap-int.h" 91 92 #include "gencode.h" 93 94 #include "grammar.h" 95 96 /* 97 * Earlier versions of Flex don't declare these, so we declare them 98 * ourselves to squelch warnings. 99 */ 100 int pcap_get_column(yyscan_t); 101 void pcap_set_column(int, yyscan_t); 102 103 #ifdef INET6 104 105 #ifdef _WIN32 106 #include <winsock2.h> 107 #include <ws2tcpip.h> 108 /* 109 * To quote the MSDN page for getaddrinfo() at 110 * 111 * https://msdn.microsoft.com/en-us/library/windows/desktop/ms738520(v=vs.85).aspx 112 * 113 * "Support for getaddrinfo on Windows 2000 and older versions 114 * The getaddrinfo function was added to the Ws2_32.dll on Windows XP and 115 * later. To execute an application that uses this function on earlier 116 * versions of Windows, then you need to include the Ws2tcpip.h and 117 * Wspiapi.h files. When the Wspiapi.h include file is added, the 118 * getaddrinfo function is defined to the WspiapiGetAddrInfo inline 119 * function in the Wspiapi.h file. At runtime, the WspiapiGetAddrInfo 120 * function is implemented in such a way that if the Ws2_32.dll or the 121 * Wship6.dll (the file containing getaddrinfo in the IPv6 Technology 122 * Preview for Windows 2000) does not include getaddrinfo, then a 123 * version of getaddrinfo is implemented inline based on code in the 124 * Wspiapi.h header file. This inline code will be used on older Windows 125 * platforms that do not natively support the getaddrinfo function." 126 * 127 * We use getaddrinfo(), so we include Wspiapi.h here. 128 */ 129 #include <wspiapi.h> 130 #else /* _WIN32 */ 131 #include <sys/socket.h> /* for "struct sockaddr" in "struct addrinfo" */ 132 #include <netdb.h> /* for "struct addrinfo" */ 133 #endif /* _WIN32 */ 134 135 /* Workaround for AIX 4.3 */ 136 #if !defined(AI_NUMERICHOST) 137 #define AI_NUMERICHOST 0x04 138 #endif 139 140 #endif /*INET6*/ 141 142 #include <pcap/namedb.h> 143 #include "grammar.h" 144 145 #ifdef HAVE_OS_PROTO_H 146 #include "os-proto.h" 147 #endif 148 149 static int stou(char *, YYSTYPE *, compiler_state_t *); 150 151 /* 152 * Disable diagnostics in the code generated by Flex. 153 */ 154 DIAG_OFF_FLEX 155 156 %} 157 158 N ([0-9]+|(0X|0x)[0-9A-Fa-f]+) 159 B ([0-9A-Fa-f][0-9A-Fa-f]?) 160 B2 ([0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f]) 161 W ([0-9A-Fa-f][0-9A-Fa-f]?[0-9A-Fa-f]?[0-9A-Fa-f]?) 162 163 %a 18400 164 %o 21500 165 %e 7600 166 %k 4550 167 %p 27600 168 %n 2000 169 170 V680 {W}:{W}:{W}:{W}:{W}:{W}:{W}:{W} 171 172 V670 ::{W}:{W}:{W}:{W}:{W}:{W}:{W} 173 V671 {W}::{W}:{W}:{W}:{W}:{W}:{W} 174 V672 {W}:{W}::{W}:{W}:{W}:{W}:{W} 175 V673 {W}:{W}:{W}::{W}:{W}:{W}:{W} 176 V674 {W}:{W}:{W}:{W}::{W}:{W}:{W} 177 V675 {W}:{W}:{W}:{W}:{W}::{W}:{W} 178 V676 {W}:{W}:{W}:{W}:{W}:{W}::{W} 179 V677 {W}:{W}:{W}:{W}:{W}:{W}:{W}:: 180 181 V660 ::{W}:{W}:{W}:{W}:{W}:{W} 182 V661 {W}::{W}:{W}:{W}:{W}:{W} 183 V662 {W}:{W}::{W}:{W}:{W}:{W} 184 V663 {W}:{W}:{W}::{W}:{W}:{W} 185 V664 {W}:{W}:{W}:{W}::{W}:{W} 186 V665 {W}:{W}:{W}:{W}:{W}::{W} 187 V666 {W}:{W}:{W}:{W}:{W}:{W}:: 188 189 V650 ::{W}:{W}:{W}:{W}:{W} 190 V651 {W}::{W}:{W}:{W}:{W} 191 V652 {W}:{W}::{W}:{W}:{W} 192 V653 {W}:{W}:{W}::{W}:{W} 193 V654 {W}:{W}:{W}:{W}::{W} 194 V655 {W}:{W}:{W}:{W}:{W}:: 195 196 V640 ::{W}:{W}:{W}:{W} 197 V641 {W}::{W}:{W}:{W} 198 V642 {W}:{W}::{W}:{W} 199 V643 {W}:{W}:{W}::{W} 200 V644 {W}:{W}:{W}:{W}:: 201 202 V630 ::{W}:{W}:{W} 203 V631 {W}::{W}:{W} 204 V632 {W}:{W}::{W} 205 V633 {W}:{W}:{W}:: 206 207 V620 ::{W}:{W} 208 V621 {W}::{W} 209 V622 {W}:{W}:: 210 211 V610 ::{W} 212 V611 {W}:: 213 214 V600 :: 215 216 V6604 {W}:{W}:{W}:{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 217 218 V6504 ::{W}:{W}:{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 219 V6514 {W}::{W}:{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 220 V6524 {W}:{W}::{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 221 V6534 {W}:{W}:{W}::{W}:{W}:{N}\.{N}\.{N}\.{N} 222 V6544 {W}:{W}:{W}:{W}::{W}:{N}\.{N}\.{N}\.{N} 223 V6554 {W}:{W}:{W}:{W}:{W}::{N}\.{N}\.{N}\.{N} 224 225 V6404 ::{W}:{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 226 V6414 {W}::{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 227 V6424 {W}:{W}::{W}:{W}:{N}\.{N}\.{N}\.{N} 228 V6434 {W}:{W}:{W}::{W}:{N}\.{N}\.{N}\.{N} 229 V6444 {W}:{W}:{W}:{W}::{N}\.{N}\.{N}\.{N} 230 231 V6304 ::{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 232 V6314 {W}::{W}:{W}:{N}\.{N}\.{N}\.{N} 233 V6324 {W}:{W}::{W}:{N}\.{N}\.{N}\.{N} 234 V6334 {W}:{W}:{W}::{N}\.{N}\.{N}\.{N} 235 236 V6204 ::{W}:{W}:{N}\.{N}\.{N}\.{N} 237 V6214 {W}::{W}:{N}\.{N}\.{N}\.{N} 238 V6224 {W}:{W}::{N}\.{N}\.{N}\.{N} 239 240 V6104 ::{W}:{N}\.{N}\.{N}\.{N} 241 V6114 {W}::{N}\.{N}\.{N}\.{N} 242 243 V6004 ::{N}\.{N}\.{N}\.{N} 244 245 246 V6 ({V680}|{V670}|{V671}|{V672}|{V673}|{V674}|{V675}|{V676}|{V677}|{V660}|{V661}|{V662}|{V663}|{V664}|{V665}|{V666}|{V650}|{V651}|{V652}|{V653}|{V654}|{V655}|{V640}|{V641}|{V642}|{V643}|{V644}|{V630}|{V631}|{V632}|{V633}|{V620}|{V621}|{V622}|{V610}|{V611}|{V600}|{V6604}|{V6504}|{V6514}|{V6524}|{V6534}|{V6544}|{V6554}|{V6404}|{V6414}|{V6424}|{V6434}|{V6444}|{V6304}|{V6314}|{V6324}|{V6334}|{V6204}|{V6214}|{V6224}|{V6104}|{V6114}|{V6004}) 247 248 MAC ({B}:{B}:{B}:{B}:{B}:{B}|{B}\-{B}\-{B}\-{B}\-{B}\-{B}|{B}\.{B}\.{B}\.{B}\.{B}\.{B}|{B2}\.{B2}\.{B2}|{B2}{3}) 249 250 251 252 %% 253 dst return DST; 254 src return SRC; 255 256 link|ether|ppp|slip return LINK; 257 fddi|tr|wlan return LINK; 258 arp return ARP; 259 rarp return RARP; 260 ip return IP; 261 sctp return SCTP; 262 tcp return TCP; 263 udp return UDP; 264 icmp return ICMP; 265 igmp return IGMP; 266 igrp return IGRP; 267 pim return PIM; 268 vrrp return VRRP; 269 carp return CARP; 270 radio return RADIO; 271 272 ip6 return IPV6; 273 icmp6 return ICMPV6; 274 ah return AH; 275 esp return ESP; 276 277 atalk return ATALK; 278 aarp return AARP; 279 decnet return DECNET; 280 lat return LAT; 281 sca return SCA; 282 moprc return MOPRC; 283 mopdl return MOPDL; 284 285 iso return ISO; 286 esis return ESIS; 287 es-is return ESIS; 288 isis return ISIS; 289 is-is return ISIS; 290 l1 return L1; 291 l2 return L2; 292 iih return IIH; 293 lsp return LSP; 294 snp return SNP; 295 csnp return CSNP; 296 psnp return PSNP; 297 298 clnp return CLNP; 299 300 stp return STP; 301 302 ipx return IPX; 303 304 netbeui return NETBEUI; 305 306 host return HOST; 307 net return NET; 308 mask return NETMASK; 309 port return PORT; 310 portrange return PORTRANGE; 311 proto return PROTO; 312 protochain return PROTOCHAIN; 313 314 gateway return GATEWAY; 315 316 type return TYPE; 317 subtype return SUBTYPE; 318 direction|dir return DIR; 319 address1|addr1 return ADDR1; 320 address2|addr2 return ADDR2; 321 address3|addr3 return ADDR3; 322 address4|addr4 return ADDR4; 323 ra return RA; 324 ta return TA; 325 326 less return LESS; 327 greater return GREATER; 328 byte return CBYTE; 329 broadcast return TK_BROADCAST; 330 multicast return TK_MULTICAST; 331 332 and|"&&" return AND; 333 or|"||" return OR; 334 not return '!'; 335 336 len|length return LEN; 337 inbound return INBOUND; 338 outbound return OUTBOUND; 339 340 ifindex return IFINDEX; 341 342 vlan return VLAN; 343 mpls return MPLS; 344 pppoed return PPPOED; 345 pppoes return PPPOES; 346 geneve return GENEVE; 347 348 lane return LANE; 349 llc return LLC; 350 metac return METAC; 351 bcc return BCC; 352 oam return OAM; 353 oamf4 return OAMF4; 354 oamf4ec return OAMF4EC; 355 oamf4sc return OAMF4SC; 356 sc return SC; 357 ilmic return ILMIC; 358 vpi return VPI; 359 vci return VCI; 360 connectmsg return CONNECTMSG; 361 metaconnect return METACONNECT; 362 363 on|ifname return PF_IFNAME; 364 rset|ruleset return PF_RSET; 365 rnr|rulenum return PF_RNR; 366 srnr|subrulenum return PF_SRNR; 367 reason return PF_REASON; 368 action return PF_ACTION; 369 370 fisu return FISU; 371 lssu return LSSU; 372 lsu return LSSU; 373 msu return MSU; 374 hfisu return HFISU; 375 hlssu return HLSSU; 376 hmsu return HMSU; 377 sio return SIO; 378 opc return OPC; 379 dpc return DPC; 380 sls return SLS; 381 hsio return HSIO; 382 hopc return HOPC; 383 hdpc return HDPC; 384 hsls return HSLS; 385 386 [ \r\n\t] ; 387 [+\-*/%:\[\]!<>()&|\^=] return yytext[0]; 388 ">=" return GEQ; 389 "<=" return LEQ; 390 "!=" return NEQ; 391 "==" return '='; 392 "<<" return LSH; 393 ">>" return RSH; 394 ${B} { yylval->s = sdup(yyextra, yytext); return AID; } 395 {MAC} { yylval->s = sdup(yyextra, yytext); return EID; } 396 {N} { return stou(yytext, yylval, yyextra); } 397 ({N}\.{N})|({N}\.{N}\.{N})|({N}\.{N}\.{N}\.{N}) { 398 yylval->s = sdup(yyextra, (char *)yytext); return HID; } 399 {V6} { 400 #ifdef INET6 401 struct addrinfo hints, *res; 402 memset(&hints, 0, sizeof(hints)); 403 hints.ai_family = AF_INET6; 404 hints.ai_flags = AI_NUMERICHOST; 405 if (getaddrinfo(yytext, NULL, &hints, &res)) { 406 bpf_set_error(yyextra, "bogus IPv6 address %s", yytext); 407 yylval->s = NULL; 408 } else { 409 freeaddrinfo(res); 410 yylval->s = sdup(yyextra, (char *)yytext); 411 } 412 #else 413 bpf_set_error(yyextra, "IPv6 address %s not supported", yytext); 414 yylval->s = NULL; 415 #endif /*INET6*/ 416 return HID6; 417 } 418 {B}:+({B}:+)+ { bpf_set_error(yyextra, "bogus ethernet address %s", yytext); yylval->s = NULL; return EID; } 419 icmptype { yylval->h = 0; return NUM; } 420 icmpcode { yylval->h = 1; return NUM; } 421 icmp-echoreply { yylval->h = 0; return NUM; } 422 icmp-unreach { yylval->h = 3; return NUM; } 423 icmp-sourcequench { yylval->h = 4; return NUM; } 424 icmp-redirect { yylval->h = 5; return NUM; } 425 icmp-echo { yylval->h = 8; return NUM; } 426 icmp-routeradvert { yylval->h = 9; return NUM; } 427 icmp-routersolicit { yylval->h = 10; return NUM; } 428 icmp-timxceed { yylval->h = 11; return NUM; } 429 icmp-paramprob { yylval->h = 12; return NUM; } 430 icmp-tstamp { yylval->h = 13; return NUM; } 431 icmp-tstampreply { yylval->h = 14; return NUM; } 432 icmp-ireq { yylval->h = 15; return NUM; } 433 icmp-ireqreply { yylval->h = 16; return NUM; } 434 icmp-maskreq { yylval->h = 17; return NUM; } 435 icmp-maskreply { yylval->h = 18; return NUM; } 436 437 icmp6type { yylval->h = 0; return NUM; } 438 icmp6code { yylval->h = 1; return NUM; } 439 440 icmp6-destinationunreach { yylval->h = 1; return NUM; } 441 icmp6-packettoobig { yylval->h = 2; return NUM; } 442 icmp6-timeexceeded { yylval->h = 3; return NUM; } 443 icmp6-parameterproblem { yylval->h = 4; return NUM; } 444 icmp6-echo { yylval->h = 128; return NUM; } 445 icmp6-echoreply { yylval->h = 129; return NUM; } 446 icmp6-multicastlistenerquery { yylval->h = 130; return NUM; } 447 icmp6-multicastlistenerreportv1 { yylval->h = 131; return NUM; } 448 icmp6-multicastlistenerdone { yylval->h = 132; return NUM; } 449 icmp6-routersolicit { yylval->h = 133; return NUM; } 450 icmp6-routeradvert { yylval->h = 134; return NUM; } 451 icmp6-neighborsolicit { yylval->h = 135; return NUM; } 452 icmp6-neighboradvert { yylval->h = 136; return NUM; } 453 icmp6-redirect { yylval->h = 137; return NUM; } 454 icmp6-routerrenum { yylval->h = 138; return NUM; } 455 icmp6-nodeinformationquery { yylval->h = 139; return NUM; } 456 icmp6-nodeinformationresponse { yylval->h = 140; return NUM; } 457 icmp6-ineighbordiscoverysolicit { yylval->h = 141; return NUM; } 458 icmp6-ineighbordiscoveryadvert { yylval->h = 142; return NUM; } 459 icmp6-multicastlistenerreportv2 { yylval->h = 143; return NUM; } 460 icmp6-homeagentdiscoveryrequest { yylval->h = 144; return NUM; } 461 icmp6-homeagentdiscoveryreply { yylval->h = 145; return NUM; } 462 icmp6-mobileprefixsolicit { yylval->h = 146; return NUM; } 463 icmp6-mobileprefixadvert { yylval->h = 147; return NUM; } 464 icmp6-certpathsolicit { yylval->h = 148; return NUM; } 465 icmp6-certpathadvert { yylval->h = 149; return NUM; } 466 icmp6-multicastrouteradvert { yylval->h = 151; return NUM; } 467 icmp6-multicastroutersolicit { yylval->h = 152; return NUM; } 468 icmp6-multicastrouterterm { yylval->h = 153; return NUM; } 469 470 tcpflags { yylval->h = 13; return NUM; } 471 tcp-fin { yylval->h = 0x01; return NUM; } 472 tcp-syn { yylval->h = 0x02; return NUM; } 473 tcp-rst { yylval->h = 0x04; return NUM; } 474 tcp-push { yylval->h = 0x08; return NUM; } 475 tcp-ack { yylval->h = 0x10; return NUM; } 476 tcp-urg { yylval->h = 0x20; return NUM; } 477 tcp-ece { yylval->h = 0x40; return NUM; } 478 tcp-cwr { yylval->h = 0x80; return NUM; } 479 [A-Za-z0-9]([-_.A-Za-z0-9]*[.A-Za-z0-9])? { 480 yylval->s = sdup(yyextra, (char *)yytext); return ID; } 481 "\\"[^ !()\n\t]+ { yylval->s = sdup(yyextra, (char *)yytext + 1); return ID; } 482 . { return LEX_ERROR; } 483 %% 484 485 /* 486 * Turn diagnostics back on, so we check the code that we've written. 487 */ 488 DIAG_ON_FLEX 489 490 /* 491 * Convert string to 32-bit unsigned integer. Just like atoi(), but checks for 492 * preceding 0x or 0 and uses hex or octal instead of decimal. 493 * 494 * On success, sets yylval->h to the value and returns NUM. 495 * On failure, sets the BPF error string and returns LEX_ERROR, to force 496 * the parse to stop. 497 */ 498 static int 499 stou(char *yytext_arg, YYSTYPE *yylval_arg, compiler_state_t *yyextra_arg) 500 { 501 bpf_u_int32 n = 0; 502 unsigned int digit; 503 char *s = yytext_arg; 504 505 /* 506 * yytext_arg is guaranteed either to be a string of decimal digits 507 * or 0[xX] followed by a string of hex digits. 508 */ 509 if (*s == '0') { 510 if (s[1] == 'x' || s[1] == 'X') { 511 /* 512 * Begins with 0x or 0X, so hex. 513 * Guaranteed to be all hex digits following the 514 * prefix, so anything that's not 0-9 or a-f is 515 * A-F. 516 */ 517 s += 2; /* skip the prefix */ 518 while ((digit = *s++) != '\0') { 519 if (digit >= '0' && digit <= '9') 520 digit = digit - '0'; 521 else if (digit >= 'a' && digit <= 'f') 522 digit = digit - 'a' + 10; 523 else 524 digit = digit - 'A' + 10; 525 526 /* 527 * Check for overflow. 528 */ 529 if (n > 0xFFFFFFFU) { 530 /* 531 * We have more than 28 bits of 532 * number, and are about to 533 * add 4 more; that won't fit 534 * in 32 bits. 535 */ 536 bpf_set_error(yyextra_arg, 537 "number %s overflows 32 bits", 538 yytext_arg); 539 return LEX_ERROR; 540 } 541 n = (n << 4) + digit; 542 } 543 } else { 544 /* 545 * Begins with 0, but not 0x or 0X, so octal. 546 * Guaranteed to be all *decimal* digits following 547 * the prefix, so we need to catch 8 and 9 and 548 * report an error. 549 */ 550 s += 1; 551 while ((digit = *s++) != '\0') { 552 if (digit >= '0' && digit <= '7') 553 digit = digit - '0'; 554 else { 555 bpf_set_error(yyextra_arg, 556 "number %s contains non-octal digit", 557 yytext_arg); 558 return LEX_ERROR; 559 } 560 if (n > 03777777777U) { 561 /* 562 * We have more than 29 bits of 563 * number, and are about to add 564 * 3 more; that won't fit in 565 * 32 bits. 566 */ 567 bpf_set_error(yyextra_arg, 568 "number %s overflows 32 bits", 569 yytext_arg); 570 return LEX_ERROR; 571 } 572 n = (n << 3) + digit; 573 } 574 } 575 } else { 576 /* 577 * Decimal. 578 */ 579 while ((digit = *s++) != '\0') { 580 digit = digit - '0'; 581 #define CUTOFF_DEC (0xFFFFFFFFU / 10U) 582 #define CUTLIM_DEC (0xFFFFFFFFU % 10U) 583 if (n > CUTOFF_DEC || 584 (n == CUTOFF_DEC && digit > CUTLIM_DEC)) { 585 bpf_set_error(yyextra_arg, 586 "number %s overflows 32 bits", 587 yytext_arg); 588 return LEX_ERROR; 589 } 590 n = (n * 10) + digit; 591 } 592 } 593 594 yylval_arg->h = n; 595 return NUM; 596 } 597