1 %top { 2 /* Must come first for _LARGE_FILE_API on AIX. */ 3 #ifdef HAVE_CONFIG_H 4 #include <config.h> 5 #endif 6 7 /* 8 * Must come first to avoid warnings on Windows. 9 * 10 * Flex-generated scanners may only include <inttypes.h> if __STDC_VERSION__ 11 * is defined with a value >= 199901, meaning "full C99", and MSVC may not 12 * define it with that value, because it isn't 100% C99-compliant, even 13 * though it has an <inttypes.h> capable of defining everything the Flex 14 * scanner needs. 15 * 16 * We, however, will include it if we know we have an MSVC version that has 17 * it; this means that we may define the INTn_MAX and UINTn_MAX values in 18 * scanner.c, and then include <stdint.h>, which may define them differently 19 * (same value, but different string of characters), causing compiler warnings. 20 * 21 * If we include it here, and they're defined, that'll prevent scanner.c 22 * from defining them. So we include <pcap/pcap-inttypes.h>, to get 23 * <inttypes.h> if we have it. 24 */ 25 #include <pcap/pcap-inttypes.h> 26 27 /* 28 * grammar.h requires gencode.h and sometimes breaks in a polluted namespace 29 * (see ftmacros.h), so include it early. 30 */ 31 #include "gencode.h" 32 #include "grammar.h" 33 34 #include "diag-control.h" 35 } 36 37 /* 38 * We want a reentrant scanner. 39 */ 40 %option reentrant 41 42 /* 43 * And we need to pass the compiler state to the scanner. 44 */ 45 %option extra-type="compiler_state_t *" 46 47 /* 48 * We don't use input, so don't generate code for it. 49 */ 50 %option noinput 51 52 /* 53 * We don't use unput, so don't generate code for it. 54 */ 55 %option nounput 56 57 /* 58 * We don't read from the terminal. 59 */ 60 %option never-interactive 61 62 /* 63 * We want to stop processing when we get to the end of the input. 64 */ 65 %option noyywrap 66 67 /* 68 * We want to generate code that can be used by a reentrant parser 69 * generated by Bison or Berkeley YACC. 70 */ 71 %option bison-bridge 72 73 %{ 74 /* 75 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 76 * The Regents of the University of California. All rights reserved. 77 * 78 * Redistribution and use in source and binary forms, with or without 79 * modification, are permitted provided that: (1) source code distributions 80 * retain the above copyright notice and this paragraph in its entirety, (2) 81 * distributions including binary code include the above copyright notice and 82 * this paragraph in its entirety in the documentation or other materials 83 * provided with the distribution, and (3) all advertising materials mentioning 84 * features or use of this software display the following acknowledgement: 85 * ``This product includes software developed by the University of California, 86 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 87 * the University nor the names of its contributors may be used to endorse 88 * or promote products derived from this software without specific prior 89 * written permission. 90 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 91 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 92 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 93 */ 94 95 #include <string.h> 96 97 #include "pcap-int.h" 98 99 /* 100 * Earlier versions of Flex don't declare these, so we declare them 101 * ourselves to squelch warnings. 102 */ 103 int pcap_get_column(yyscan_t); 104 void pcap_set_column(int, yyscan_t); 105 106 #ifdef INET6 107 108 #ifdef _WIN32 109 #include <winsock2.h> 110 #include <ws2tcpip.h> 111 /* 112 * To quote the MSDN page for getaddrinfo() at 113 * 114 * https://msdn.microsoft.com/en-us/library/windows/desktop/ms738520(v=vs.85).aspx 115 * 116 * "Support for getaddrinfo on Windows 2000 and older versions 117 * The getaddrinfo function was added to the Ws2_32.dll on Windows XP and 118 * later. To execute an application that uses this function on earlier 119 * versions of Windows, then you need to include the Ws2tcpip.h and 120 * Wspiapi.h files. When the Wspiapi.h include file is added, the 121 * getaddrinfo function is defined to the WspiapiGetAddrInfo inline 122 * function in the Wspiapi.h file. At runtime, the WspiapiGetAddrInfo 123 * function is implemented in such a way that if the Ws2_32.dll or the 124 * Wship6.dll (the file containing getaddrinfo in the IPv6 Technology 125 * Preview for Windows 2000) does not include getaddrinfo, then a 126 * version of getaddrinfo is implemented inline based on code in the 127 * Wspiapi.h header file. This inline code will be used on older Windows 128 * platforms that do not natively support the getaddrinfo function." 129 * 130 * We use getaddrinfo(), so we include Wspiapi.h here. 131 */ 132 #include <wspiapi.h> 133 #else /* _WIN32 */ 134 #include <sys/socket.h> /* for "struct sockaddr" in "struct addrinfo" */ 135 #include <netdb.h> /* for "struct addrinfo" */ 136 #endif /* _WIN32 */ 137 138 /* Workaround for AIX 4.3 */ 139 #if !defined(AI_NUMERICHOST) 140 #define AI_NUMERICHOST 0x04 141 #endif 142 143 #endif /*INET6*/ 144 145 #include <pcap/namedb.h> 146 #include "grammar.h" 147 148 #ifdef HAVE_OS_PROTO_H 149 #include "os-proto.h" 150 #endif 151 152 static int stou(char *, YYSTYPE *, compiler_state_t *); 153 154 /* 155 * Disable diagnostics in the code generated by Flex. 156 */ 157 DIAG_OFF_FLEX 158 159 %} 160 161 N ([0-9]+|(0X|0x)[0-9A-Fa-f]+) 162 B ([0-9A-Fa-f][0-9A-Fa-f]?) 163 B2 ([0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f]) 164 W ([0-9A-Fa-f][0-9A-Fa-f]?[0-9A-Fa-f]?[0-9A-Fa-f]?) 165 166 %a 18400 167 %o 21500 168 %e 7600 169 %k 4550 170 %p 27600 171 %n 2000 172 173 V680 {W}:{W}:{W}:{W}:{W}:{W}:{W}:{W} 174 175 V670 ::{W}:{W}:{W}:{W}:{W}:{W}:{W} 176 V671 {W}::{W}:{W}:{W}:{W}:{W}:{W} 177 V672 {W}:{W}::{W}:{W}:{W}:{W}:{W} 178 V673 {W}:{W}:{W}::{W}:{W}:{W}:{W} 179 V674 {W}:{W}:{W}:{W}::{W}:{W}:{W} 180 V675 {W}:{W}:{W}:{W}:{W}::{W}:{W} 181 V676 {W}:{W}:{W}:{W}:{W}:{W}::{W} 182 V677 {W}:{W}:{W}:{W}:{W}:{W}:{W}:: 183 184 V660 ::{W}:{W}:{W}:{W}:{W}:{W} 185 V661 {W}::{W}:{W}:{W}:{W}:{W} 186 V662 {W}:{W}::{W}:{W}:{W}:{W} 187 V663 {W}:{W}:{W}::{W}:{W}:{W} 188 V664 {W}:{W}:{W}:{W}::{W}:{W} 189 V665 {W}:{W}:{W}:{W}:{W}::{W} 190 V666 {W}:{W}:{W}:{W}:{W}:{W}:: 191 192 V650 ::{W}:{W}:{W}:{W}:{W} 193 V651 {W}::{W}:{W}:{W}:{W} 194 V652 {W}:{W}::{W}:{W}:{W} 195 V653 {W}:{W}:{W}::{W}:{W} 196 V654 {W}:{W}:{W}:{W}::{W} 197 V655 {W}:{W}:{W}:{W}:{W}:: 198 199 V640 ::{W}:{W}:{W}:{W} 200 V641 {W}::{W}:{W}:{W} 201 V642 {W}:{W}::{W}:{W} 202 V643 {W}:{W}:{W}::{W} 203 V644 {W}:{W}:{W}:{W}:: 204 205 V630 ::{W}:{W}:{W} 206 V631 {W}::{W}:{W} 207 V632 {W}:{W}::{W} 208 V633 {W}:{W}:{W}:: 209 210 V620 ::{W}:{W} 211 V621 {W}::{W} 212 V622 {W}:{W}:: 213 214 V610 ::{W} 215 V611 {W}:: 216 217 V600 :: 218 219 V6604 {W}:{W}:{W}:{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 220 221 V6504 ::{W}:{W}:{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 222 V6514 {W}::{W}:{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 223 V6524 {W}:{W}::{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 224 V6534 {W}:{W}:{W}::{W}:{W}:{N}\.{N}\.{N}\.{N} 225 V6544 {W}:{W}:{W}:{W}::{W}:{N}\.{N}\.{N}\.{N} 226 V6554 {W}:{W}:{W}:{W}:{W}::{N}\.{N}\.{N}\.{N} 227 228 V6404 ::{W}:{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 229 V6414 {W}::{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 230 V6424 {W}:{W}::{W}:{W}:{N}\.{N}\.{N}\.{N} 231 V6434 {W}:{W}:{W}::{W}:{N}\.{N}\.{N}\.{N} 232 V6444 {W}:{W}:{W}:{W}::{N}\.{N}\.{N}\.{N} 233 234 V6304 ::{W}:{W}:{W}:{N}\.{N}\.{N}\.{N} 235 V6314 {W}::{W}:{W}:{N}\.{N}\.{N}\.{N} 236 V6324 {W}:{W}::{W}:{N}\.{N}\.{N}\.{N} 237 V6334 {W}:{W}:{W}::{N}\.{N}\.{N}\.{N} 238 239 V6204 ::{W}:{W}:{N}\.{N}\.{N}\.{N} 240 V6214 {W}::{W}:{N}\.{N}\.{N}\.{N} 241 V6224 {W}:{W}::{N}\.{N}\.{N}\.{N} 242 243 V6104 ::{W}:{N}\.{N}\.{N}\.{N} 244 V6114 {W}::{N}\.{N}\.{N}\.{N} 245 246 V6004 ::{N}\.{N}\.{N}\.{N} 247 248 249 V6 ({V680}|{V670}|{V671}|{V672}|{V673}|{V674}|{V675}|{V676}|{V677}|{V660}|{V661}|{V662}|{V663}|{V664}|{V665}|{V666}|{V650}|{V651}|{V652}|{V653}|{V654}|{V655}|{V640}|{V641}|{V642}|{V643}|{V644}|{V630}|{V631}|{V632}|{V633}|{V620}|{V621}|{V622}|{V610}|{V611}|{V600}|{V6604}|{V6504}|{V6514}|{V6524}|{V6534}|{V6544}|{V6554}|{V6404}|{V6414}|{V6424}|{V6434}|{V6444}|{V6304}|{V6314}|{V6324}|{V6334}|{V6204}|{V6214}|{V6224}|{V6104}|{V6114}|{V6004}) 250 251 MAC ({B}:{B}:{B}:{B}:{B}:{B}|{B}\-{B}\-{B}\-{B}\-{B}\-{B}|{B}\.{B}\.{B}\.{B}\.{B}\.{B}|{B2}\.{B2}\.{B2}|{B2}{3}) 252 253 254 255 %% 256 dst return DST; 257 src return SRC; 258 259 link|ether|ppp|slip return LINK; 260 fddi|tr|wlan return LINK; 261 arp return ARP; 262 rarp return RARP; 263 ip return IP; 264 sctp return SCTP; 265 tcp return TCP; 266 udp return UDP; 267 icmp return ICMP; 268 igmp return IGMP; 269 igrp return IGRP; 270 pim return PIM; 271 vrrp return VRRP; 272 carp return CARP; 273 radio return RADIO; 274 275 ip6 return IPV6; 276 icmp6 return ICMPV6; 277 ah return AH; 278 esp return ESP; 279 280 atalk return ATALK; 281 aarp return AARP; 282 decnet return DECNET; 283 lat return LAT; 284 sca return SCA; 285 moprc return MOPRC; 286 mopdl return MOPDL; 287 288 iso return ISO; 289 esis return ESIS; 290 es-is return ESIS; 291 isis return ISIS; 292 is-is return ISIS; 293 l1 return L1; 294 l2 return L2; 295 iih return IIH; 296 lsp return LSP; 297 snp return SNP; 298 csnp return CSNP; 299 psnp return PSNP; 300 301 clnp return CLNP; 302 303 stp return STP; 304 305 ipx return IPX; 306 307 netbeui return NETBEUI; 308 309 host return HOST; 310 net return NET; 311 mask return NETMASK; 312 port return PORT; 313 portrange return PORTRANGE; 314 proto return PROTO; 315 protochain return PROTOCHAIN; 316 317 gateway return GATEWAY; 318 319 type return TYPE; 320 subtype return SUBTYPE; 321 direction|dir return DIR; 322 address1|addr1 return ADDR1; 323 address2|addr2 return ADDR2; 324 address3|addr3 return ADDR3; 325 address4|addr4 return ADDR4; 326 ra return RA; 327 ta return TA; 328 329 less return LESS; 330 greater return GREATER; 331 byte return CBYTE; 332 broadcast return TK_BROADCAST; 333 multicast return TK_MULTICAST; 334 335 and|"&&" return AND; 336 or|"||" return OR; 337 not return '!'; 338 339 len|length return LEN; 340 inbound return INBOUND; 341 outbound return OUTBOUND; 342 343 ifindex return IFINDEX; 344 345 vlan return VLAN; 346 mpls return MPLS; 347 pppoed return PPPOED; 348 pppoes return PPPOES; 349 geneve return GENEVE; 350 351 lane return LANE; 352 llc return LLC; 353 metac return METAC; 354 bcc return BCC; 355 oam return OAM; 356 oamf4 return OAMF4; 357 oamf4ec return OAMF4EC; 358 oamf4sc return OAMF4SC; 359 sc return SC; 360 ilmic return ILMIC; 361 vpi return VPI; 362 vci return VCI; 363 connectmsg return CONNECTMSG; 364 metaconnect return METACONNECT; 365 366 on|ifname return PF_IFNAME; 367 rset|ruleset return PF_RSET; 368 rnr|rulenum return PF_RNR; 369 srnr|subrulenum return PF_SRNR; 370 reason return PF_REASON; 371 action return PF_ACTION; 372 373 fisu return FISU; 374 lssu return LSSU; 375 lsu return LSSU; 376 msu return MSU; 377 hfisu return HFISU; 378 hlssu return HLSSU; 379 hmsu return HMSU; 380 sio return SIO; 381 opc return OPC; 382 dpc return DPC; 383 sls return SLS; 384 hsio return HSIO; 385 hopc return HOPC; 386 hdpc return HDPC; 387 hsls return HSLS; 388 389 [ \r\n\t] ; 390 [+\-*/%:\[\]!<>()&|\^=] return yytext[0]; 391 ">=" return GEQ; 392 "<=" return LEQ; 393 "!=" return NEQ; 394 "==" return '='; 395 "<<" return LSH; 396 ">>" return RSH; 397 ${B} { yylval->s = sdup(yyextra, yytext); return AID; } 398 {MAC} { yylval->s = sdup(yyextra, yytext); return EID; } 399 {N} { return stou(yytext, yylval, yyextra); } 400 ({N}\.{N})|({N}\.{N}\.{N})|({N}\.{N}\.{N}\.{N}) { 401 yylval->s = sdup(yyextra, (char *)yytext); return HID; } 402 {V6} { 403 #ifdef INET6 404 struct addrinfo hints, *res; 405 memset(&hints, 0, sizeof(hints)); 406 hints.ai_family = AF_INET6; 407 hints.ai_flags = AI_NUMERICHOST; 408 if (getaddrinfo(yytext, NULL, &hints, &res)) { 409 bpf_set_error(yyextra, "bogus IPv6 address %s", yytext); 410 yylval->s = NULL; 411 } else { 412 freeaddrinfo(res); 413 yylval->s = sdup(yyextra, (char *)yytext); 414 } 415 #else 416 bpf_set_error(yyextra, "IPv6 address %s not supported", yytext); 417 yylval->s = NULL; 418 #endif /*INET6*/ 419 return HID6; 420 } 421 {B}:+({B}:+)+ { bpf_set_error(yyextra, "bogus ethernet address %s", yytext); yylval->s = NULL; return EID; } 422 icmptype { yylval->h = 0; return NUM; } 423 icmpcode { yylval->h = 1; return NUM; } 424 icmp-echoreply { yylval->h = 0; return NUM; } 425 icmp-unreach { yylval->h = 3; return NUM; } 426 icmp-sourcequench { yylval->h = 4; return NUM; } 427 icmp-redirect { yylval->h = 5; return NUM; } 428 icmp-echo { yylval->h = 8; return NUM; } 429 icmp-routeradvert { yylval->h = 9; return NUM; } 430 icmp-routersolicit { yylval->h = 10; return NUM; } 431 icmp-timxceed { yylval->h = 11; return NUM; } 432 icmp-paramprob { yylval->h = 12; return NUM; } 433 icmp-tstamp { yylval->h = 13; return NUM; } 434 icmp-tstampreply { yylval->h = 14; return NUM; } 435 icmp-ireq { yylval->h = 15; return NUM; } 436 icmp-ireqreply { yylval->h = 16; return NUM; } 437 icmp-maskreq { yylval->h = 17; return NUM; } 438 icmp-maskreply { yylval->h = 18; return NUM; } 439 440 icmp6type { yylval->h = 0; return NUM; } 441 icmp6code { yylval->h = 1; return NUM; } 442 443 icmp6-destinationunreach { yylval->h = 1; return NUM; } 444 icmp6-packettoobig { yylval->h = 2; return NUM; } 445 icmp6-timeexceeded { yylval->h = 3; return NUM; } 446 icmp6-parameterproblem { yylval->h = 4; return NUM; } 447 icmp6-echo { yylval->h = 128; return NUM; } 448 icmp6-echoreply { yylval->h = 129; return NUM; } 449 icmp6-multicastlistenerquery { yylval->h = 130; return NUM; } 450 icmp6-multicastlistenerreportv1 { yylval->h = 131; return NUM; } 451 icmp6-multicastlistenerdone { yylval->h = 132; return NUM; } 452 icmp6-routersolicit { yylval->h = 133; return NUM; } 453 icmp6-routeradvert { yylval->h = 134; return NUM; } 454 icmp6-neighborsolicit { yylval->h = 135; return NUM; } 455 icmp6-neighboradvert { yylval->h = 136; return NUM; } 456 icmp6-redirect { yylval->h = 137; return NUM; } 457 icmp6-routerrenum { yylval->h = 138; return NUM; } 458 icmp6-nodeinformationquery { yylval->h = 139; return NUM; } 459 icmp6-nodeinformationresponse { yylval->h = 140; return NUM; } 460 icmp6-ineighbordiscoverysolicit { yylval->h = 141; return NUM; } 461 icmp6-ineighbordiscoveryadvert { yylval->h = 142; return NUM; } 462 icmp6-multicastlistenerreportv2 { yylval->h = 143; return NUM; } 463 icmp6-homeagentdiscoveryrequest { yylval->h = 144; return NUM; } 464 icmp6-homeagentdiscoveryreply { yylval->h = 145; return NUM; } 465 icmp6-mobileprefixsolicit { yylval->h = 146; return NUM; } 466 icmp6-mobileprefixadvert { yylval->h = 147; return NUM; } 467 icmp6-certpathsolicit { yylval->h = 148; return NUM; } 468 icmp6-certpathadvert { yylval->h = 149; return NUM; } 469 icmp6-multicastrouteradvert { yylval->h = 151; return NUM; } 470 icmp6-multicastroutersolicit { yylval->h = 152; return NUM; } 471 icmp6-multicastrouterterm { yylval->h = 153; return NUM; } 472 473 tcpflags { yylval->h = 13; return NUM; } 474 tcp-fin { yylval->h = 0x01; return NUM; } 475 tcp-syn { yylval->h = 0x02; return NUM; } 476 tcp-rst { yylval->h = 0x04; return NUM; } 477 tcp-push { yylval->h = 0x08; return NUM; } 478 tcp-ack { yylval->h = 0x10; return NUM; } 479 tcp-urg { yylval->h = 0x20; return NUM; } 480 tcp-ece { yylval->h = 0x40; return NUM; } 481 tcp-cwr { yylval->h = 0x80; return NUM; } 482 [A-Za-z0-9]([-_.A-Za-z0-9]*[.A-Za-z0-9])? { 483 yylval->s = sdup(yyextra, (char *)yytext); return ID; } 484 "\\"[^ !()\n\t]+ { yylval->s = sdup(yyextra, (char *)yytext + 1); return ID; } 485 . { return LEX_ERROR; } 486 %% 487 488 /* 489 * Turn diagnostics back on, so we check the code that we've written. 490 */ 491 DIAG_ON_FLEX 492 493 /* 494 * Convert string to 32-bit unsigned integer. Just like atoi(), but checks for 495 * preceding 0x or 0 and uses hex or octal instead of decimal. 496 * 497 * On success, sets yylval->h to the value and returns NUM. 498 * On failure, sets the BPF error string and returns LEX_ERROR, to force 499 * the parse to stop. 500 */ 501 static int 502 stou(char *yytext_arg, YYSTYPE *yylval_arg, compiler_state_t *yyextra_arg) 503 { 504 bpf_u_int32 n = 0; 505 unsigned int digit; 506 char *s = yytext_arg; 507 508 /* 509 * yytext_arg is guaranteed either to be a string of decimal digits 510 * or 0[xX] followed by a string of hex digits. 511 */ 512 if (*s == '0') { 513 if (s[1] == 'x' || s[1] == 'X') { 514 /* 515 * Begins with 0x or 0X, so hex. 516 * Guaranteed to be all hex digits following the 517 * prefix, so anything that's not 0-9 or a-f is 518 * A-F. 519 */ 520 s += 2; /* skip the prefix */ 521 while ((digit = *s++) != '\0') { 522 if (digit >= '0' && digit <= '9') 523 digit = digit - '0'; 524 else if (digit >= 'a' && digit <= 'f') 525 digit = digit - 'a' + 10; 526 else 527 digit = digit - 'A' + 10; 528 529 /* 530 * Check for overflow. 531 */ 532 if (n > 0xFFFFFFFU) { 533 /* 534 * We have more than 28 bits of 535 * number, and are about to 536 * add 4 more; that won't fit 537 * in 32 bits. 538 */ 539 bpf_set_error(yyextra_arg, 540 "number %s overflows 32 bits", 541 yytext_arg); 542 return LEX_ERROR; 543 } 544 n = (n << 4) + digit; 545 } 546 } else { 547 /* 548 * Begins with 0, but not 0x or 0X, so octal. 549 * Guaranteed to be all *decimal* digits following 550 * the prefix, so we need to catch 8 and 9 and 551 * report an error. 552 */ 553 s += 1; 554 while ((digit = *s++) != '\0') { 555 if (digit >= '0' && digit <= '7') 556 digit = digit - '0'; 557 else { 558 bpf_set_error(yyextra_arg, 559 "number %s contains non-octal digit", 560 yytext_arg); 561 return LEX_ERROR; 562 } 563 if (n > 03777777777U) { 564 /* 565 * We have more than 29 bits of 566 * number, and are about to add 567 * 3 more; that won't fit in 568 * 32 bits. 569 */ 570 bpf_set_error(yyextra_arg, 571 "number %s overflows 32 bits", 572 yytext_arg); 573 return LEX_ERROR; 574 } 575 n = (n << 3) + digit; 576 } 577 } 578 } else { 579 /* 580 * Decimal. 581 */ 582 while ((digit = *s++) != '\0') { 583 digit = digit - '0'; 584 #define CUTOFF_DEC (0xFFFFFFFFU / 10U) 585 #define CUTLIM_DEC (0xFFFFFFFFU % 10U) 586 if (n > CUTOFF_DEC || 587 (n == CUTOFF_DEC && digit > CUTLIM_DEC)) { 588 bpf_set_error(yyextra_arg, 589 "number %s overflows 32 bits", 590 yytext_arg); 591 return LEX_ERROR; 592 } 593 n = (n * 10) + digit; 594 } 595 } 596 597 yylval_arg->h = n; 598 return NUM; 599 } 600