From 6f8cfc795c0fa8078b373bbf20aa221b39bae0e2 Mon Sep 17 00:00:00 2001
From: Reinhold Kainhofer <reinhold@kainhofer.com>
Date: Mon, 19 Dec 2011 17:54:09 +0100
Subject: [PATCH] magicolor wireshark plugin: Some more dissecting

---
 wireshark-plugin-magicolor/packet-magicolor.c | 129 +++++++++++++++---
 1 file changed, 108 insertions(+), 21 deletions(-)

diff --git a/wireshark-plugin-magicolor/packet-magicolor.c b/wireshark-plugin-magicolor/packet-magicolor.c
index f916521..e77bf44 100644
--- a/wireshark-plugin-magicolor/packet-magicolor.c
+++ b/wireshark-plugin-magicolor/packet-magicolor.c
@@ -36,6 +36,7 @@
 
 static int proto_magicolor = -1;
 static gint ett_magicolor = -1;
+static gint ett_argument = -1;
 
 /* Variables for magicolor packets */
 static int hf_magicolor_cmdtype = -1;
@@ -142,29 +143,51 @@ dissect_magicolor (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
 
     if (cmdtype == 0x03) {
       guint32 arglen = tvb_get_letohl (tvb, 2);
-      col_add_fstr (pinfo->cinfo, COL_INFO, "Scanner cmd (%s), arglen=%d", 
+      col_add_fstr (pinfo->cinfo, COL_INFO, "Scanner cmd (%s), arglen=%d",
                     match_strval (command, scanner_commands), arglen);
-      proto_tree_add_item (magicolor_tree, hf_magicolor_arglen, tvb, offset, 4, ENC_LITTLE_ENDIAN);
-      offset += 4;
-      proto_tree_add_item (magicolor_tree, hf_magicolor_arg, tvb, offset, arglen, ENC_LITTLE_ENDIAN);
-      offset += arglen;
-      switch (command) {
-        case 0x08:
-        case 0x09:
-        case 0x0a:
-        case 0x0b:
-        case 0x0c:
-        case 0x0d:
-        case 0x0e:
-        case 0x0f:
-        case 0x12:
-        case 0x10:
-          break;
-      }
-      proto_tree_add_item (magicolor_tree, hf_magicolor_final, tvb, offset, 4, ENC_LITTLE_ENDIAN);
-      offset += 4;
+      guint8 nritems = 0;
+      do {
+        proto_item *argitem = NULL;
+        proto_item *argtree = NULL;
+        arglen = tvb_get_letohl (tvb, offset);
+        if (arglen == 0) { /* Final 0x00000000 marker encountered */
+          proto_tree_add_item (magicolor_tree, hf_magicolor_final, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+          offset += 4;
+          continue;
+        } else {
+          /* TODO: Somehow add the item number here */
+          proto_tree_add_item (magicolor_tree, hf_magicolor_arglen, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+          offset += 4;
+          ++nritems;
+        }
+        /* TODO: Somehow add the item number here */
+        argitem = proto_tree_add_item (magicolor_tree, hf_magicolor_arg, tvb, offset, arglen, ENC_LITTLE_ENDIAN);
+        argtree = proto_item_add_subtree (argitem, ett_argument);
+        offset += arglen;
+        switch (command) {
+          case 0x08: /* start scan */
+            break;
+          case 0x09: /* poll for error */
+            break;
+          case 0x0a: /* stop scan / cleanup s*/
+            break;
+          case 0x0b: /* query image parameters */
+            break;
+          case 0x0c: /* scan settings */
+            break;
+          case 0x0d: /* get status */
+            break;
+          case 0x0e: /* read data */
+            break;
+          case 0x0f: /* unknown (get buttons?) */
+            break;
+          case 0x12: /* end of scan */
+            break;
+          case 0x10: /* Unknown: Set button wait */
+            break;
+        }
+      } while (arglen > 0);
 
-    /* TODO: Loop until we encounter a 0x00000000 arglen value, don't hardcode just one argument! */
 /*       return tvb_length(tvb); */
       return offset;
     }
@@ -224,6 +247,70 @@ proto_register_magicolor(void)
           NULL, 0x0,
           NULL, HFILL },
     },
+
+    { &hf_magicolor_expected_size,
+        { "Expected data size", "magicolor.expected_size",
+          FT_UINT32, BASE_DEC_HEX,
+          NULL, 0x0,
+          NULL, HFILL },
+    },
+    { &hf_magicolor_unknown,
+        { "FIXME: UNKNOWN", "magicolor.unknown",
+          FT_BYTES, BASE_NONE,
+          NULL, 0x0,
+          NULL, HFILL },
+    },
+
+    { &hf_magicolor_resolution,
+        { "Scan resolution", "magicolor.resolution",
+          FT_UINT8, BASE_HEX,
+          VALS(strings_resolution), 0x0,
+          NULL, HFILL },
+    },
+    { &hf_magicolor_color,
+        { "Color type", "magicolor.color",
+          FT_UINT8, BASE_HEX,
+          VALS(strings_color), 0x0,
+          NULL, HFILL },
+    },
+    { &hf_magicolor_brightness,
+        { "Brightness (1-9)", "magicolor.brightnes",
+          FT_UINT8, BASE_DEX,
+          NULL, 0x0,
+          NULL, HFILL },
+    },
+    { &hf_magicolor_xstart,
+        { "X start", "magicolor.xstart",
+          FT_UINT16, BASE_DEC_HEX,
+          NULL, 0x0,
+          NULL, HFILL },
+    },
+    { &hf_magicolor_ystart,
+        { "X start", "magicolor.xstart",
+          FT_UINT16, BASE_DEC_HEX,
+          NULL, 0x0,
+          NULL, HFILL },
+    },
+    { &hf_magicolor_xextent,
+        { "X extent", "magicolor.xextent",
+          FT_UINT16, BASE_DEC_HEX,
+          NULL, 0x0,
+          NULL, HFILL },
+    },
+    { &hf_magicolor_yextent,
+        { "X extent", "magicolor.xextent",
+          FT_UINT16, BASE_DEC_HEX,
+          NULL, 0x0,
+          NULL, HFILL },
+    },
+    { &hf_magicolor_source,
+        { "Scan source", "magicolor.scansource",
+          FT_UINT8, BASE_HEX,
+          VALS(strings_scansource), 0x0,
+          NULL, HFILL },
+    },
+    
+    
   };
   static gint *ett_magicolor_arr[] = { /* protocol subtree array */
     &ett_magicolor
-- 
GitLab