| blob | 5873eec82702a2c716d42f3fd29dd9b9171445a4 |
1 /*
2 * netsniff-ng - the packet sniffing beast
3 * By Daniel Borkmann <daniel@netsniff-ng.org>
4 * Copyright 2012 Daniel Borkmann <dborkma@tik.ee.ethz.ch>,
5 * Swiss federal institute of technology (ETH Zurich)
6 * Subject to the GPL, version 2.
7 */
9 /* lex-func-prefix: yy */
11 %{
13 #include <stdio.h>
14 #include <stdlib.h>
15 #include <string.h>
16 #include <ctype.h>
17 #include <stdbool.h>
18 #include <arpa/inet.h>
20 #include "trafgen_parser.tab.h"
21 #include "xmalloc.h"
22 #include "built_in.h"
23 #include "str.h"
25 extern void yyerror(const char *);
27 static char *try_convert_shellcode(char *sstr)
28 {
29 bool found_any = false;
30 char *bstr, *ostr = sstr, *hay, *orig = sstr;
31 size_t j = 0, blen, slen = strlen(sstr), tot = 0;
32 const char *needle = "\\x";
34 sstr++;
35 slen -= 2;
37 if (slen % 4 != 0)
38 return orig;
40 blen = slen / 4;
41 hay = sstr;
42 while ((hay = strstr(hay, needle)) != NULL ) {
43 hay += strlen(needle) + 2;
44 found_any = true;
45 tot++;
46 }
48 if (blen != tot || !found_any)
49 return orig;
51 blen += 2;
52 bstr = xzmalloc(blen);
54 bstr[j++] = '\"';
55 while (j < blen - 1)
56 bstr[j++] = (uint8_t) strtoul(sstr + 2, &sstr, 16);
57 bstr[j++] = '\"';
59 xfree(ostr);
60 return bstr;
61 }
63 %}
65 %option align
66 %option nounput
67 %option noyywrap
68 %option noreject
69 %option 8bit
70 %option caseless
71 %option noinput
72 %option nodefault
74 number_oct ([0][0-9]+)
75 number_hex ([0]?[x][a-fA-F0-9]+)
76 number_bin ([0]?[b][0-1]+)
77 number_dec (([0])|([1-9][0-9]*))
78 number_ascii ([a-zA-Z])
80 a_hex ([a-fA-F0-9]+)
81 mac ({a_hex}:{a_hex}:{a_hex}:{a_hex}:{a_hex}:{a_hex})
82 ip4_addr ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
83 /* We're very permissive about IPv6 addresses the grammar accepts, as
84 * they can come in various different formats. In any case,
85 * inet_pton(AF_INET6, ...) will reject the invalid ones later on. */
86 ip6_addr (({a_hex}?:)?({a_hex}?:)?({a_hex}?:)?({a_hex}?:)?({a_hex}?:)?({a_hex}?:)?({a_hex}?:)?({a_hex})?)
88 %%
90 "cpu" { return K_CPU; }
91 "fill" { return K_FILL; }
92 "rnd" { return K_RND; }
93 "csum16" { return K_CSUMIP; }
94 "csumip" { return K_CSUMIP; }
95 "csumip4" { return K_CSUMIP; }
96 "csumicmp" { return K_CSUMIP; }
97 "csumicmp4" { return K_CSUMIP; }
98 "csumudp" { return K_CSUMUDP; }
99 "csumtcp" { return K_CSUMTCP; }
100 "csumudp6" { return K_CSUMUDP6; }
101 "csumtcp6" { return K_CSUMTCP6; }
102 "drnd" { return K_DRND; }
103 "dinc" { return K_DINC; }
104 "ddec" { return K_DDEC; }
105 "seqinc" { return K_SEQINC; }
106 "seqdec" { return K_SEQDEC; }
107 "const8"|"c8" { return K_CONST8; }
108 "const16"|"c16" { return K_CONST16; }
109 "const32"|"c32" { return K_CONST32; }
110 "const64"|"c64" { return K_CONST64; }
112 "prot"[o]? { return K_PROT; }
113 "tc"|"tclass" { return K_TC; }
115 /* Ethernet */
116 "daddr"|"da" { return K_DADDR; }
117 "saddr"|"sa" { return K_SADDR; }
118 "etype" { return K_ETYPE; }
119 "type" { return K_TYPE; }
121 /* VLAN (802.1Q & 802.1ad) */
122 "tpid" { return K_TPID; }
123 "tci" { return K_TCI; }
124 "pcp" { return K_PCP; }
125 "dei"|"cfi" { return K_DEI; }
126 "1ad" { return K_1AD; }
127 "1q" { return K_1Q; }
129 /* MPLS (Multi Protocol Label Switching) */
130 "lbl"|"label" { return K_LABEL; }
131 "last" { return K_LAST; }
132 "exp" { return K_EXP; }
134 /* ARP */
135 "sha"|"smac" { return K_SHA; }
136 "spa"|"sip" { return K_SPA; }
137 "tha"|"tmac" { return K_THA; }
138 "tpa"|"tip" { return K_TPA; }
139 "req"|"request" { return K_REQUEST; }
140 "reply" { return K_REPLY; }
141 "op"|"oper" { return K_OPER; }
142 "htype" { return K_HTYPE; }
143 "ptype" { return K_PTYPE; }
145 /* IPv4 */
146 "ihl" { return K_IHL; }
147 "ver"|"version" { return K_VER; }
148 "ttl" { return K_TTL; }
149 "dscp" { return K_DSCP; }
150 "ecn" { return K_ECN; }
151 "tos" { return K_TOS; }
152 "len"|"length" { return K_LEN; }
153 "id" { return K_ID; }
154 "flags" { return K_FLAGS; }
155 "frag" { return K_FRAG; }
156 "csum" { return K_CSUM; }
157 "df" { return K_DF; }
158 "mf" { return K_MF; }
160 /* IPv6 */
161 "fl"|"flow" { return K_FLOW; }
162 "nh"|"nexthdr" { return K_NEXT_HDR; }
163 "hl"|"hoplimit" { return K_HOP_LIMIT; }
166 /* ICMPv4 */
167 "addr" { return K_ADDR; }
168 "mtu" { return K_MTU; }
170 /* ICMPv6 */
171 "code" { return K_CODE; }
172 "echorequest" { return K_ECHO_REQUEST; }
173 "echoreply" { return K_ECHO_REPLY; }
175 /* UDP */
176 "sp"|"sport" { return K_SPORT; }
177 "dp"|"dport" { return K_DPORT; }
179 /* TCP */
180 "seq" { return K_SEQ; }
181 "ackseq"|"aseq" { return K_ACK_SEQ; }
182 "doff"|hlen { return K_DOFF; }
183 "cwr" { return K_CWR; }
184 "ece"|"ecn" { return K_ECE; }
185 "urg" { return K_URG; }
186 "ack" { return K_ACK; }
187 "psh" { return K_PSH; }
188 "rst" { return K_RST; }
189 "syn" { return K_SYN; }
190 "fin" { return K_FIN; }
191 "win"|"window" { return K_WINDOW; }
192 "urgptr" { return K_URG_PTR; }
194 "eth" { return K_ETH; }
195 "vlan" { return K_VLAN; }
196 "mpls" { return K_MPLS; }
197 "arp" { return K_ARP; }
198 "ip4"|"ipv4" { return K_IP4; }
199 "ip6"|"ipv6" { return K_IP6; }
200 "icmp4"|"icmpv4" { return K_ICMP4; }
201 "icmp6"|"icmpv6" { return K_ICMP6; }
202 "udp" { return K_UDP; }
203 "tcp" { return K_TCP; }
205 [ ]*"-"[ ]* { return '-'; }
206 [ ]*"+"[ ]* { return '+'; }
207 [ ]*"*"[ ]* { return '*'; }
208 [ ]*"/"[ ]* { return '/'; }
209 [ ]*"%"[ ]* { return '%'; }
210 [ ]*"&"[ ]* { return '&'; }
211 [ ]*"|"[ ]* { return '|'; }
212 [ ]*"<"[ ]* { return '<'; }
213 [ ]*">"[ ]* { return '>'; }
214 [ ]*"^"[ ]* { return '^'; }
215 "{" { return '{'; }
216 "}" { return '}'; }
217 "(" { return '('; }
218 ")" { return ')'; }
219 "[" { return '['; }
220 "]" { return ']'; }
221 "," { return ','; }
222 ":" { return ':'; }
223 "=" { return '='; }
225 "\n" { yylineno++; }
227 "\""[^\"]+"\"" { yylval.str = try_convert_shellcode(xstrdup(yytext));
228 return string; }
230 ([ \t\n]+)? { return K_WHITE; }
232 "/*"([^\*]|\*[^/])*"*/" { return K_COMMENT; }
234 "#"[^\n]* { return K_COMMENT; }
236 {number_hex} { yylval.number = strtoul(yytext + (yytext[0] == 'x' ? 1 : 0),
237 NULL, 16);
238 return number; }
240 {number_dec} { yylval.number = strtol(yytext, NULL, 10);
241 return number; }
243 {number_oct} { yylval.number = strtol(yytext + 1, NULL, 8);
244 return number; }
246 {number_bin} { yylval.number = strtol(yytext + (yytext[0] == 'b' ? 1 : 2),
247 NULL, 2);
248 return number; }
250 {number_ascii} { yylval.number = (uint8_t) (*yytext);
251 return number; }
253 {mac} { if (str2mac(yytext, yylval.bytes, 256))
254 panic("Failed to parse MAC address %s\n", yytext);
255 return mac; }
257 {ip4_addr} { if (inet_pton(AF_INET, yytext, &yylval.ip4_addr) != 1)
258 panic("Failed to parse IPv4 address %s\n", yytext);
259 return ip4_addr; };
261 {ip6_addr} { if (inet_pton(AF_INET6, yytext, &yylval.ip6_addr) != 1)
262 panic("Failed to parse IPv6 address %s\n", yytext);
263 return ip6_addr; };
265 "'\\x"[a-fA-F0-9]{2}"'" { yylval.number = strtol(yytext + 3, NULL, 16);
266 return number; }
268 "'"."'" { yylval.number = (uint8_t) (*(yytext + 1));
269 return number; }
271 ";"[^\n]* {/* NOP */}
272 . { printf("Unknown character '%s'", yytext);
273 yyerror("lex Unknown character"); }
275 %%