]> The Tcpdump Group git mirrors - libpcap/blob - scanner.l
projects / libpcap / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
In the open request, reject capture sources that are URLs.
[libpcap] / scanner.l
1 %top {
2 /* Must come first for _LARGE_FILE_API on AIX. */
3 #ifdef HAVE_CONFIG_H
4 #include <config.h>
5 #endif
6
7 /*
8 * Must come first to avoid warnings on Windows.
9 *
10 * Flex-generated scanners may only include <inttypes.h> if __STDC_VERSION__
11 * is defined with a value >= 199901, meaning "full C99", and MSVC may not
12 * define it with that value, because it isn't 100% C99-compliant, even
13 * though it has an <inttypes.h> capable of defining everything the Flex
14 * scanner needs.
15 *
16 * We, however, will include it if we know we have an MSVC version that has
17 * it; this means that we may define the INTn_MAX and UINTn_MAX values in
18 * scanner.c, and then include <stdint.h>, which may define them differently
19 * (same value, but different string of characters), causing compiler warnings.
20 *
21 * If we include it here, and they're defined, that'll prevent scanner.c
22 * from defining them. So we include <pcap/pcap-inttypes.h>, to get
23 * <inttypes.h> if we have it.
24 */
25 #include <pcap/pcap-inttypes.h>
26
27 #include "diag-control.h"
28 }
29
30 /*
31 * We want a reentrant scanner.
32 */
33 %option reentrant
34
35 /*
36 * And we need to pass the compiler state to the scanner.
37 */
38 %option extra-type="compiler_state_t *"
39
40 /*
41 * We don't use input, so don't generate code for it.
42 */
43 %option noinput
44
45 /*
46 * We don't use unput, so don't generate code for it.
47 */
48 %option nounput
49
50 /*
51 * We don't read from the terminal.
52 */
53 %option never-interactive
54
55 /*
56 * We want to stop processing when we get to the end of the input.
57 */
58 %option noyywrap
59
60 /*
61 * We want to generate code that can be used by a reentrant parser
62 * generated by Bison or Berkeley YACC.
63 */
64 %option bison-bridge
65
66 %{
67 /*
68 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
69 * The Regents of the University of California. All rights reserved.
70 *
71 * Redistribution and use in source and binary forms, with or without
72 * modification, are permitted provided that: (1) source code distributions
73 * retain the above copyright notice and this paragraph in its entirety, (2)
74 * distributions including binary code include the above copyright notice and
75 * this paragraph in its entirety in the documentation or other materials
76 * provided with the distribution, and (3) all advertising materials mentioning
77 * features or use of this software display the following acknowledgement:
78 * ``This product includes software developed by the University of California,
79 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
80 * the University nor the names of its contributors may be used to endorse
81 * or promote products derived from this software without specific prior
82 * written permission.
83 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
84 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
85 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
86 */
87
88 #include <string.h>
89
90 #include "pcap-int.h"
91
92 #include "gencode.h"
93
94 #include "grammar.h"
95
96 /*
97 * Earlier versions of Flex don't declare these, so we declare them
98 * ourselves to squelch warnings.
99 */
100 int pcap_get_column(yyscan_t);
101 void pcap_set_column(int, yyscan_t);
102
103 #ifdef INET6
104
105 #ifdef _WIN32
106 #include <winsock2.h>
107 #include <ws2tcpip.h>
108 /*
109 * To quote the MSDN page for getaddrinfo() at
110 *
111 * https://msdn.microsoft.com/en-us/library/windows/desktop/ms738520(v=vs.85).aspx
112 *
113 * "Support for getaddrinfo on Windows 2000 and older versions
114 * The getaddrinfo function was added to the Ws2_32.dll on Windows XP and
115 * later. To execute an application that uses this function on earlier
116 * versions of Windows, then you need to include the Ws2tcpip.h and
117 * Wspiapi.h files. When the Wspiapi.h include file is added, the
118 * getaddrinfo function is defined to the WspiapiGetAddrInfo inline
119 * function in the Wspiapi.h file. At runtime, the WspiapiGetAddrInfo
120 * function is implemented in such a way that if the Ws2_32.dll or the
121 * Wship6.dll (the file containing getaddrinfo in the IPv6 Technology
122 * Preview for Windows 2000) does not include getaddrinfo, then a
123 * version of getaddrinfo is implemented inline based on code in the
124 * Wspiapi.h header file. This inline code will be used on older Windows
125 * platforms that do not natively support the getaddrinfo function."
126 *
127 * We use getaddrinfo(), so we include Wspiapi.h here.
128 */
129 #include <wspiapi.h>
130 #else /* _WIN32 */
131 #include <sys/socket.h> /* for "struct sockaddr" in "struct addrinfo" */
132 #include <netdb.h> /* for "struct addrinfo" */
133 #endif /* _WIN32 */
134
135 /* Workaround for AIX 4.3 */
136 #if !defined(AI_NUMERICHOST)
137 #define AI_NUMERICHOST 0x04
138 #endif
139
140 #endif /*INET6*/
141
142 #include <pcap/namedb.h>
143 #include "grammar.h"
144
145 #ifdef HAVE_OS_PROTO_H
146 #include "os-proto.h"
147 #endif
148
149 static int stou(char *, YYSTYPE *, compiler_state_t *);
150
151 /*
152 * Disable diagnostics in the code generated by Flex.
153 */
154 DIAG_OFF_FLEX
155
156 %}
157
158 N ([0-9]+|(0X|0x)[0-9A-Fa-f]+)
159 B ([0-9A-Fa-f][0-9A-Fa-f]?)
160 B2 ([0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f])
161 W ([0-9A-Fa-f][0-9A-Fa-f]?[0-9A-Fa-f]?[0-9A-Fa-f]?)
162
163 %a 18400
164 %o 21500
165 %e 7600
166 %k 4550
167 %p 27600
168 %n 2000
169
170 V680 {W}:{W}:{W}:{W}:{W}:{W}:{W}:{W}
171
172 V670 ::{W}:{W}:{W}:{W}:{W}:{W}:{W}
173 V671 {W}::{W}:{W}:{W}:{W}:{W}:{W}
174 V672 {W}:{W}::{W}:{W}:{W}:{W}:{W}
175 V673 {W}:{W}:{W}::{W}:{W}:{W}:{W}
176 V674 {W}:{W}:{W}:{W}::{W}:{W}:{W}
177 V675 {W}:{W}:{W}:{W}:{W}::{W}:{W}
178 V676 {W}:{W}:{W}:{W}:{W}:{W}::{W}
179 V677 {W}:{W}:{W}:{W}:{W}:{W}:{W}::
180
181 V660 ::{W}:{W}:{W}:{W}:{W}:{W}
182 V661 {W}::{W}:{W}:{W}:{W}:{W}
183 V662 {W}:{W}::{W}:{W}:{W}:{W}
184 V663 {W}:{W}:{W}::{W}:{W}:{W}
185 V664 {W}:{W}:{W}:{W}::{W}:{W}
186 V665 {W}:{W}:{W}:{W}:{W}::{W}
187 V666 {W}:{W}:{W}:{W}:{W}:{W}::
188
189 V650 ::{W}:{W}:{W}:{W}:{W}
190 V651 {W}::{W}:{W}:{W}:{W}
191 V652 {W}:{W}::{W}:{W}:{W}
192 V653 {W}:{W}:{W}::{W}:{W}
193 V654 {W}:{W}:{W}:{W}::{W}
194 V655 {W}:{W}:{W}:{W}:{W}::
195
196 V640 ::{W}:{W}:{W}:{W}
197 V641 {W}::{W}:{W}:{W}
198 V642 {W}:{W}::{W}:{W}
199 V643 {W}:{W}:{W}::{W}
200 V644 {W}:{W}:{W}:{W}::
201
202 V630 ::{W}:{W}:{W}
203 V631 {W}::{W}:{W}
204 V632 {W}:{W}::{W}
205 V633 {W}:{W}:{W}::
206
207 V620 ::{W}:{W}
208 V621 {W}::{W}
209 V622 {W}:{W}::
210
211 V610 ::{W}
212 V611 {W}::
213
214 V600 ::
215
216 V6604 {W}:{W}:{W}:{W}:{W}:{W}:{N}\.{N}\.{N}\.{N}
217
218 V6504 ::{W}:{W}:{W}:{W}:{W}:{N}\.{N}\.{N}\.{N}
219 V6514 {W}::{W}:{W}:{W}:{W}:{N}\.{N}\.{N}\.{N}
220 V6524 {W}:{W}::{W}:{W}:{W}:{N}\.{N}\.{N}\.{N}
221 V6534 {W}:{W}:{W}::{W}:{W}:{N}\.{N}\.{N}\.{N}
222 V6544 {W}:{W}:{W}:{W}::{W}:{N}\.{N}\.{N}\.{N}
223 V6554 {W}:{W}:{W}:{W}:{W}::{N}\.{N}\.{N}\.{N}
224
225 V6404 ::{W}:{W}:{W}:{W}:{N}\.{N}\.{N}\.{N}
226 V6414 {W}::{W}:{W}:{W}:{N}\.{N}\.{N}\.{N}
227 V6424 {W}:{W}::{W}:{W}:{N}\.{N}\.{N}\.{N}
228 V6434 {W}:{W}:{W}::{W}:{N}\.{N}\.{N}\.{N}
229 V6444 {W}:{W}:{W}:{W}::{N}\.{N}\.{N}\.{N}
230
231 V6304 ::{W}:{W}:{W}:{N}\.{N}\.{N}\.{N}
232 V6314 {W}::{W}:{W}:{N}\.{N}\.{N}\.{N}
233 V6324 {W}:{W}::{W}:{N}\.{N}\.{N}\.{N}
234 V6334 {W}:{W}:{W}::{N}\.{N}\.{N}\.{N}
235
236 V6204 ::{W}:{W}:{N}\.{N}\.{N}\.{N}
237 V6214 {W}::{W}:{N}\.{N}\.{N}\.{N}
238 V6224 {W}:{W}::{N}\.{N}\.{N}\.{N}
239
240 V6104 ::{W}:{N}\.{N}\.{N}\.{N}
241 V6114 {W}::{N}\.{N}\.{N}\.{N}
242
243 V6004 ::{N}\.{N}\.{N}\.{N}
244
245
246 V6 ({V680}|{V670}|{V671}|{V672}|{V673}|{V674}|{V675}|{V676}|{V677}|{V660}|{V661}|{V662}|{V663}|{V664}|{V665}|{V666}|{V650}|{V651}|{V652}|{V653}|{V654}|{V655}|{V640}|{V641}|{V642}|{V643}|{V644}|{V630}|{V631}|{V632}|{V633}|{V620}|{V621}|{V622}|{V610}|{V611}|{V600}|{V6604}|{V6504}|{V6514}|{V6524}|{V6534}|{V6544}|{V6554}|{V6404}|{V6414}|{V6424}|{V6434}|{V6444}|{V6304}|{V6314}|{V6324}|{V6334}|{V6204}|{V6214}|{V6224}|{V6104}|{V6114}|{V6004})
247
248 MAC ({B}:{B}:{B}:{B}:{B}:{B}|{B}\-{B}\-{B}\-{B}\-{B}\-{B}|{B}\.{B}\.{B}\.{B}\.{B}\.{B}|{B2}\.{B2}\.{B2}|{B2}{3})
249
250
251
252 %%
253 dst return DST;
254 src return SRC;
255
256 link|ether|ppp|slip return LINK;
257 fddi|tr|wlan return LINK;
258 arp return ARP;
259 rarp return RARP;
260 ip return IP;
261 sctp return SCTP;
262 tcp return TCP;
263 udp return UDP;
264 icmp return ICMP;
265 igmp return IGMP;
266 igrp return IGRP;
267 pim return PIM;
268 vrrp return VRRP;
269 carp return CARP;
270 radio return RADIO;
271
272 ip6 return IPV6;
273 icmp6 return ICMPV6;
274 ah return AH;
275 esp return ESP;
276
277 atalk return ATALK;
278 aarp return AARP;
279 decnet return DECNET;
280 lat return LAT;
281 sca return SCA;
282 moprc return MOPRC;
283 mopdl return MOPDL;
284
285 iso return ISO;
286 esis return ESIS;
287 es-is return ESIS;
288 isis return ISIS;
289 is-is return ISIS;
290 l1 return L1;
291 l2 return L2;
292 iih return IIH;
293 lsp return LSP;
294 snp return SNP;
295 csnp return CSNP;
296 psnp return PSNP;
297
298 clnp return CLNP;
299
300 stp return STP;
301
302 ipx return IPX;
303
304 netbeui return NETBEUI;
305
306 host return HOST;
307 net return NET;
308 mask return NETMASK;
309 port return PORT;
310 portrange return PORTRANGE;
311 proto return PROTO;
312 protochain return PROTOCHAIN;
313
314 gateway return GATEWAY;
315
316 type return TYPE;
317 subtype return SUBTYPE;
318 direction|dir return DIR;
319 address1|addr1 return ADDR1;
320 address2|addr2 return ADDR2;
321 address3|addr3 return ADDR3;
322 address4|addr4 return ADDR4;
323 ra return RA;
324 ta return TA;
325
326 less return LESS;
327 greater return GREATER;
328 byte return CBYTE;
329 broadcast return TK_BROADCAST;
330 multicast return TK_MULTICAST;
331
332 and|"&&" return AND;
333 or|"||" return OR;
334 not return '!';
335
336 len|length return LEN;
337 inbound return INBOUND;
338 outbound return OUTBOUND;
339
340 vlan return VLAN;
341 mpls return MPLS;
342 pppoed return PPPOED;
343 pppoes return PPPOES;
344 geneve return GENEVE;
345
346 lane return LANE;
347 llc return LLC;
348 metac return METAC;
349 bcc return BCC;
350 oam return OAM;
351 oamf4 return OAMF4;
352 oamf4ec return OAMF4EC;
353 oamf4sc return OAMF4SC;
354 sc return SC;
355 ilmic return ILMIC;
356 vpi return VPI;
357 vci return VCI;
358 connectmsg return CONNECTMSG;
359 metaconnect return METACONNECT;
360
361 on|ifname return PF_IFNAME;
362 rset|ruleset return PF_RSET;
363 rnr|rulenum return PF_RNR;
364 srnr|subrulenum return PF_SRNR;
365 reason return PF_REASON;
366 action return PF_ACTION;
367
368 fisu return FISU;
369 lssu return LSSU;
370 lsu return LSSU;
371 msu return MSU;
372 hfisu return HFISU;
373 hlssu return HLSSU;
374 hmsu return HMSU;
375 sio return SIO;
376 opc return OPC;
377 dpc return DPC;
378 sls return SLS;
379 hsio return HSIO;
380 hopc return HOPC;
381 hdpc return HDPC;
382 hsls return HSLS;
383
384 [ \r\n\t] ;
385 [+\-*/%:\[\]!<>()&|\^=] return yytext[0];
386 ">=" return GEQ;
387 "<=" return LEQ;
388 "!=" return NEQ;
389 "==" return '=';
390 "<<" return LSH;
391 ">>" return RSH;
392 ${B} { yylval->s = sdup(yyextra, yytext); return AID; }
393 {MAC} { yylval->s = sdup(yyextra, yytext); return EID; }
394 {N} { return stou(yytext, yylval, yyextra); }
395 ({N}\.{N})|({N}\.{N}\.{N})|({N}\.{N}\.{N}\.{N}) {
396 yylval->s = sdup(yyextra, (char *)yytext); return HID; }
397 {V6} {
398 #ifdef INET6
399 struct addrinfo hints, *res;
400 memset(&hints, 0, sizeof(hints));
401 hints.ai_family = AF_INET6;
402 hints.ai_flags = AI_NUMERICHOST;
403 if (getaddrinfo(yytext, NULL, &hints, &res)) {
404 bpf_set_error(yyextra, "bogus IPv6 address %s", yytext);
405 yylval->s = NULL;
406 } else {
407 freeaddrinfo(res);
408 yylval->s = sdup(yyextra, (char *)yytext);
409 }
410 #else
411 bpf_set_error(yyextra, "IPv6 address %s not supported", yytext);
412 yylval->s = NULL;
413 #endif /*INET6*/
414 return HID6;
415 }
416 {B}:+({B}:+)+ { bpf_set_error(yyextra, "bogus ethernet address %s", yytext); yylval->s = NULL; return EID; }
417 icmptype { yylval->h = 0; return NUM; }
418 icmpcode { yylval->h = 1; return NUM; }
419 icmp-echoreply { yylval->h = 0; return NUM; }
420 icmp-unreach { yylval->h = 3; return NUM; }
421 icmp-sourcequench { yylval->h = 4; return NUM; }
422 icmp-redirect { yylval->h = 5; return NUM; }
423 icmp-echo { yylval->h = 8; return NUM; }
424 icmp-routeradvert { yylval->h = 9; return NUM; }
425 icmp-routersolicit { yylval->h = 10; return NUM; }
426 icmp-timxceed { yylval->h = 11; return NUM; }
427 icmp-paramprob { yylval->h = 12; return NUM; }
428 icmp-tstamp { yylval->h = 13; return NUM; }
429 icmp-tstampreply { yylval->h = 14; return NUM; }
430 icmp-ireq { yylval->h = 15; return NUM; }
431 icmp-ireqreply { yylval->h = 16; return NUM; }
432 icmp-maskreq { yylval->h = 17; return NUM; }
433 icmp-maskreply { yylval->h = 18; return NUM; }
434
435 icmp6type { yylval->h = 0; return NUM; }
436 icmp6code { yylval->h = 1; return NUM; }
437
438 icmp6-destinationunreach { yylval->h = 1; return NUM; }
439 icmp6-packettoobig { yylval->h = 2; return NUM; }
440 icmp6-timeexceeded { yylval->h = 3; return NUM; }
441 icmp6-parameterproblem { yylval->h = 4; return NUM; }
442 icmp6-echo { yylval->h = 128; return NUM; }
443 icmp6-echoreply { yylval->h = 129; return NUM; }
444 icmp6-multicastlistenerquery { yylval->h = 130; return NUM; }
445 icmp6-multicastlistenerreportv1 { yylval->h = 131; return NUM; }
446 icmp6-multicastlistenerdone { yylval->h = 132; return NUM; }
447 icmp6-routersolicit { yylval->h = 133; return NUM; }
448 icmp6-routeradvert { yylval->h = 134; return NUM; }
449 icmp6-neighborsolicit { yylval->h = 135; return NUM; }
450 icmp6-neighboradvert { yylval->h = 136; return NUM; }
451 icmp6-redirect { yylval->h = 137; return NUM; }
452 icmp6-routerrenum { yylval->h = 138; return NUM; }
453 icmp6-nodeinformationquery { yylval->h = 139; return NUM; }
454 icmp6-nodeinformationresponse { yylval->h = 140; return NUM; }
455 icmp6-ineighbordiscoverysolicit { yylval->h = 141; return NUM; }
456 icmp6-ineighbordiscoveryadvert { yylval->h = 142; return NUM; }
457 icmp6-multicastlistenerreportv2 { yylval->h = 143; return NUM; }
458 icmp6-homeagentdiscoveryrequest { yylval->h = 144; return NUM; }
459 icmp6-homeagentdiscoveryreply { yylval->h = 145; return NUM; }
460 icmp6-mobileprefixsolicit { yylval->h = 146; return NUM; }
461 icmp6-mobileprefixadvert { yylval->h = 147; return NUM; }
462 icmp6-certpathsolicit { yylval->h = 148; return NUM; }
463 icmp6-certpathadvert { yylval->h = 149; return NUM; }
464 icmp6-multicastrouteradvert { yylval->h = 151; return NUM; }
465 icmp6-multicastroutersolicit { yylval->h = 152; return NUM; }
466 icmp6-multicastrouterterm { yylval->h = 153; return NUM; }
467
468 tcpflags { yylval->h = 13; return NUM; }
469 tcp-fin { yylval->h = 0x01; return NUM; }
470 tcp-syn { yylval->h = 0x02; return NUM; }
471 tcp-rst { yylval->h = 0x04; return NUM; }
472 tcp-push { yylval->h = 0x08; return NUM; }
473 tcp-ack { yylval->h = 0x10; return NUM; }
474 tcp-urg { yylval->h = 0x20; return NUM; }
475 tcp-ece { yylval->h = 0x40; return NUM; }
476 tcp-cwr { yylval->h = 0x80; return NUM; }
477 [A-Za-z0-9]([-_.A-Za-z0-9]*[.A-Za-z0-9])? {
478 yylval->s = sdup(yyextra, (char *)yytext); return ID; }
479 "\\"[^ !()\n\t]+ { yylval->s = sdup(yyextra, (char *)yytext + 1); return ID; }
480 . { return LEX_ERROR; }
481 %%
482
483 /*
484 * Turn diagnostics back on, so we check the code that we've written.
485 */
486 DIAG_ON_FLEX
487
488 /*
489 * Convert string to 32-bit unsigned integer. Just like atoi(), but checks for
490 * preceding 0x or 0 and uses hex or octal instead of decimal.
491 *
492 * On success, sets yylval->h to the value and returns NUM.
493 * On failure, sets the BPF error string and returns LEX_ERROR, to force
494 * the parse to stop.
495 */
496 static int
497 stou(char *yytext_arg, YYSTYPE *yylval_arg, compiler_state_t *yyextra_arg)
498 {
499 bpf_u_int32 n = 0;
500 unsigned int digit;
501 char *s = yytext_arg;
502
503 /*
504 * yytext_arg is guaranteed either to be a string of decimal digits
505 * or 0[xX] followed by a string of hex digits.
506 */
507 if (*s == '0') {
508 if (s[1] == 'x' || s[1] == 'X') {
509 /*
510 * Begins with 0x or 0X, so hex.
511 * Guaranteed to be all hex digits following the
512 * prefix, so anything that's not 0-9 or a-f is
513 * A-F.
514 */
515 s += 2; /* skip the prefix */
516 while ((digit = *s++) != '\0') {
517 if (digit >= '0' && digit <= '9')
518 digit = digit - '0';
519 else if (digit >= 'a' && digit <= 'f')
520 digit = digit - 'a' + 10;
521 else
522 digit = digit - 'A' + 10;
523
524 /*
525 * Check for overflow.
526 */
527 if (n > 0xFFFFFFFU) {
528 /*
529 * We have more than 28 bits of
530 * number, and are about to
531 * add 4 more; that won't fit
532 * in 32 bits.
533 */
534 bpf_set_error(yyextra_arg,
535 "number %s overflows 32 bits",
536 yytext_arg);
537 return LEX_ERROR;
538 }
539 n = (n << 4) + digit;
540 }
541 } else {
542 /*
543 * Begins with 0, but not 0x or 0X, so octal.
544 * Guaranteed to be all *decimal* digits following
545 * the prefix, so we need to catch 8 and 9 and
546 * report an error.
547 */
548 s += 1;
549 while ((digit = *s++) != '\0') {
550 if (digit >= '0' && digit <= '7')
551 digit = digit - '0';
552 else {
553 bpf_set_error(yyextra_arg,
554 "number %s contains non-octal digit",
555 yytext_arg);
556 return LEX_ERROR;
557 }
558 if (n > 03777777777U) {
559 /*
560 * We have more than 29 bits of
561 * number, and are about to add
562 * 3 more; that won't fit in
563 * 32 bits.
564 */
565 bpf_set_error(yyextra_arg,
566 "number %s overflows 32 bits",
567 yytext_arg);
568 return LEX_ERROR;
569 }
570 n = (n << 3) + digit;
571 }
572 }
573 } else {
574 /*
575 * Decimal.
576 */
577 while ((digit = *s++) != '\0') {
578 digit = digit - '0';
579 #define CUTOFF_DEC (0xFFFFFFFFU / 10U)
580 #define CUTLIM_DEC (0xFFFFFFFFU % 10U)
581 if (n > CUTOFF_DEC ||
582 (n == CUTOFF_DEC && digit > CUTLIM_DEC)) {
583 bpf_set_error(yyextra_arg,
584 "number %s overflows 32 bits",
585 yytext_arg);
586 return LEX_ERROR;
587 }
588 n = (n * 10) + digit;
589 }
590 }
591
592 yylval_arg->h = n;
593 return NUM;
594 }
[mirror] the LIBpcap interface to various kernel packet capture mechanism