1 files changed, 113 insertions, 17 deletions
diff --git a/src/mongo/gotools/src/github.com/mongodb/mongo-tools/vendor/github.com/google/gopacket/pcapgo/read.go b/src/mongo/gotools/src/github.com/mongodb/mongo-tools/vendor/github.com/google/gopacket/pcapgo/read.go
index 922d4a1ddea..6ea1643a630 100644
--- a/src/mongo/gotools/src/github.com/mongodb/mongo-tools/vendor/github.com/google/gopacket/pcapgo/read.go
+++ b/src/mongo/gotools/src/github.com/mongodb/mongo-tools/vendor/github.com/google/gopacket/pcapgo/read.go
@@ -13,6 +13,9 @@ import (
 	"io"
 	"time"
 
+	"bufio"
+	"compress/gzip"
+
 	"github.com/google/gopacket"
 	"github.com/google/gopacket/layers"
 )
@@ -23,6 +26,9 @@ import (
 //
 // We currenty read v2.4 file format with nanosecond and microsecdond
 // timestamp resolution in little-endian and big-endian encoding.
+//
+// If the PCAP data is gzip compressed it is transparently uncompressed
+// by wrapping the given io.Reader with a gzip.Reader.
 type Reader struct {
 	r              io.Reader
 	byteOrder      binary.ByteOrder
@@ -34,13 +40,18 @@ type Reader struct {
 	snaplen  uint32
 	linkType layers.LinkType
 	// reusable buffer
-	buf []byte
+	buf [16]byte
+	// buffer for ZeroCopyReadPacketData
+	packetBuf []byte
 }
 
 const magicNanoseconds = 0xA1B23C4D
 const magicMicrosecondsBigendian = 0xD4C3B2A1
 const magicNanosecondsBigendian = 0x4D3CB2A1
 
+const magicGzip1 = 0x1f
+const magicGzip2 = 0x8b
+
 // NewReader returns a new reader object, for reading packet data from
 // the given reader. The reader must be open and header data is
 // read from it at this point.
@@ -60,6 +71,20 @@ func NewReader(r io.Reader) (*Reader, error) {
 }
 
 func (r *Reader) readHeader() error {
+	br := bufio.NewReader(r.r)
+	gzipMagic, err := br.Peek(2)
+	if err != nil {
+		return err
+	}
+
+	if gzipMagic[0] == magicGzip1 && gzipMagic[1] == magicGzip2 {
+		if r.r, err = gzip.NewReader(br); err != nil {
+			return err
+		}
+	} else {
+		r.r = br
+	}
+
 	buf := make([]byte, 24)
 	if n, err := io.ReadFull(r.r, buf); err != nil {
 		return err
@@ -79,43 +104,70 @@ func (r *Reader) readHeader() error {
 		r.byteOrder = binary.BigEndian
 		r.nanoSecsFactor = 1000
 	} else {
-		return errors.New(fmt.Sprintf("Unknown maigc %x", magic))
+		return fmt.Errorf("Unknown magic %x", magic)
 	}
 	if r.versionMajor = r.byteOrder.Uint16(buf[4:6]); r.versionMajor != versionMajor {
-		return errors.New(fmt.Sprintf("Unknown major version %d", r.versionMajor))
+		return fmt.Errorf("Unknown major version %d", r.versionMajor)
 	}
 	if r.versionMinor = r.byteOrder.Uint16(buf[6:8]); r.versionMinor != versionMinor {
-		return errors.New(fmt.Sprintf("Unknown minor version %d", r.versionMinor))
+		return fmt.Errorf("Unknown minor version %d", r.versionMinor)
 	}
 	// ignore timezone 8:12 and sigfigs 12:16
 	r.snaplen = r.byteOrder.Uint32(buf[16:20])
-	r.buf = make([]byte, r.snaplen+16)
 	r.linkType = layers.LinkType(r.byteOrder.Uint32(buf[20:24]))
 	return nil
 }
 
-// Read next packet from file
+// ReadPacketData reads next packet from file.
 func (r *Reader) ReadPacketData() (data []byte, ci gopacket.CaptureInfo, err error) {
 	if ci, err = r.readPacketHeader(); err != nil {
 		return
 	}
+	if ci.CaptureLength > int(r.snaplen) {
+		err = fmt.Errorf("capture length exceeds snap length: %d > %d", ci.CaptureLength, r.snaplen)
+		return
+	}
+	if ci.CaptureLength > ci.Length {
+		err = fmt.Errorf("capture length exceeds original packet length: %d > %d", ci.CaptureLength, ci.Length)
+		return
+	}
+	data = make([]byte, ci.CaptureLength)
+	_, err = io.ReadFull(r.r, data)
+	return data, ci, err
+}
 
-	var n int
-	data = r.buf[16 : 16+ci.CaptureLength]
-	if n, err = io.ReadFull(r.r, data); err != nil {
+// ZeroCopyReadPacketData reads next packet from file. The data buffer is owned by the Reader,
+// and each call to ZeroCopyReadPacketData invalidates data returned by the previous one.
+//
+// It is not true zero copy, as data is still copied from the underlying reader. However,
+// this method avoids allocating heap memory for every packet.
+func (r *Reader) ZeroCopyReadPacketData() (data []byte, ci gopacket.CaptureInfo, err error) {
+	if ci, err = r.readPacketHeader(); err != nil {
 		return
-	} else if n < ci.CaptureLength {
-		err = io.ErrUnexpectedEOF
 	}
-	return
+	if ci.CaptureLength > int(r.snaplen) {
+		err = fmt.Errorf("capture length exceeds snap length: %d > %d", ci.CaptureLength, r.snaplen)
+		return
+	}
+	if ci.CaptureLength > ci.Length {
+		err = fmt.Errorf("capture length exceeds original packet length: %d > %d", ci.CaptureLength, ci.Length)
+		return
+	}
+
+	if cap(r.packetBuf) < ci.CaptureLength {
+		snaplen := int(r.snaplen)
+		if snaplen < ci.CaptureLength {
+			snaplen = ci.CaptureLength
+		}
+		r.packetBuf = make([]byte, snaplen)
+	}
+	data = r.packetBuf[:ci.CaptureLength]
+	_, err = io.ReadFull(r.r, data)
+	return data, ci, err
 }
 
 func (r *Reader) readPacketHeader() (ci gopacket.CaptureInfo, err error) {
-	var n int
-	if n, err = io.ReadFull(r.r, r.buf[0:16]); err != nil {
-		return
-	} else if n < 16 {
-		err = io.ErrUnexpectedEOF
+	if _, err = io.ReadFull(r.r, r.buf[:]); err != nil {
 		return
 	}
 	ci.Timestamp = time.Unix(int64(r.byteOrder.Uint32(r.buf[0:4])), int64(r.byteOrder.Uint32(r.buf[4:8])*r.nanoSecsFactor)).UTC()
@@ -129,7 +181,51 @@ func (r *Reader) LinkType() layers.LinkType {
 	return r.linkType
 }
 
+// Snaplen returns the snapshot length of the capture file.
+func (r *Reader) Snaplen() uint32 {
+	return r.snaplen
+}
+
+// SetSnaplen sets the snapshot length of the capture file.
+//
+// This is useful when a pcap file contains packets bigger than then snaplen.
+// Pcapgo will error when reading packets bigger than snaplen, then it dumps those
+// packets and reads the next 16 bytes, which are part of the "faulty" packet's payload, but pcapgo
+// thinks it's the next header, which is probably also faulty because it's not really a packet header.
+// This can lead to a lot of faulty reads.
+//
+// The SetSnaplen function can be used to set a bigger snaplen to prevent those read errors.
+//
+// This snaplen situation can happen when a pcap writer doesn't truncate packets to the snaplen size while writing packets to file.
+// E.g. In Python, dpkt.pcap.Writer sets snaplen by default to 1500 (https://dpkt.readthedocs.io/en/latest/api/api_auto.html#dpkt.pcap.Writer)
+// but doesn't enforce this when writing packets (https://dpkt.readthedocs.io/en/latest/_modules/dpkt/pcap.html#Writer.writepkt).
+// When reading, tools like tcpdump, tcpslice, mergecap and wireshark ignore the snaplen and use
+// their own defined snaplen.
+// E.g. When reading packets, tcpdump defines MAXIMUM_SNAPLEN (https://github.com/the-tcpdump-group/tcpdump/blob/6e80fcdbe9c41366df3fa244ffe4ac8cce2ab597/netdissect.h#L290)
+// and uses it (https://github.com/the-tcpdump-group/tcpdump/blob/66384fa15b04b47ad08c063d4728df3b9c1c0677/print.c#L343-L358).
+//
+// For further reading:
+//  - https://github.com/the-tcpdump-group/tcpdump/issues/389
+//  - https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808
+//  - https://www.wireshark.org/lists/wireshark-dev/201307/msg00061.html
+//  - https://github.com/wireshark/wireshark/blob/bfd51199e707c1d5c28732be34b44a9ee8a91cd8/wiretap/pcap-common.c#L723-L742
+//    - https://github.com/wireshark/wireshark/blob/f07fb6cdfc0904905627707b88450054e921f092/wiretap/libpcap.c#L592-L598
+//    - https://github.com/wireshark/wireshark/blob/f07fb6cdfc0904905627707b88450054e921f092/wiretap/libpcap.c#L714-L727
+//  - https://github.com/the-tcpdump-group/tcpdump/commit/d033c1bc381c76d13e4aface97a4f4ec8c3beca2
+//  - https://github.com/the-tcpdump-group/tcpdump/blob/88e87cb2cb74c5f939792171379acd9e0efd8b9a/netdissect.h#L263-L290
+func (r *Reader) SetSnaplen(newSnaplen uint32) {
+	r.snaplen = newSnaplen
+}
+
 // Reader formater
 func (r *Reader) String() string {
 	return fmt.Sprintf("PcapFile  maj: %x min: %x snaplen: %d linktype: %s", r.versionMajor, r.versionMinor, r.snaplen, r.linkType)
 }
+
+// Resolution returns the timestamp resolution of acquired timestamps before scaling to NanosecondTimestampResolution.
+func (r *Reader) Resolution() gopacket.TimestampResolution {
+	if r.nanoSecsFactor == 1 {
+		return gopacket.TimestampResolutionMicrosecond
+	}
+	return gopacket.TimestampResolutionNanosecond
+}