Merge remote-tracking branch 'origin/topic/jsiwek/val_mgr'

* origin/topic/jsiwek/val_mgr:
  Pre-allocate and re-use Vals for bool, int, count, enum and empty string
  Preallocate booleans and small counts

I added a tiny change to CompHash to make sure that nothing messes this
up in the future.

aux/bifcl

@@ -1 +1 @@
-Subproject commit e96b7d0f3d7e1ae0af8c8bdea9d53fd00b23eb62
+Subproject commit 0fae77f96abe63c93c2b8ab902651ad42e5d6de4

src/CompHash.cc

@@ -685,9 +685,16 @@ const char* CompositeHash::RecoverOneVal(const HashKey* k, const char* kp0,
 		kp1 = reinterpret_cast<const char*>(kp+1);
 
 		if ( tag == TYPE_ENUM )
-			pval = new EnumVal(*kp, t->AsEnumType());
+			pval = t->AsEnumType()->GetVal(*kp);
+		else if ( tag == TYPE_BOOL )
+			pval = val_mgr->GetBool(*kp);
+		else if ( tag == TYPE_INT )
+			pval = val_mgr->GetInt(*kp);
 		else
-			pval = new Val(*kp, tag);
+			{
+			reporter->InternalError("bad internal unsigned int in CompositeHash::RecoverOneVal()");
+			pval = 0;
+			}
 		}
 		break;
 
@@ -699,11 +706,11 @@ const char* CompositeHash::RecoverOneVal(const HashKey* k, const char* kp0,
 		switch ( tag ) {
 		case TYPE_COUNT:
 		case TYPE_COUNTER:
-			pval = new Val(*kp, tag);
+			pval = val_mgr->GetCount(*kp);
 			break;
 
 		case TYPE_PORT:
-			pval = port_mgr->Get(*kp);
+			pval = val_mgr->GetPort(*kp);
 			break;
 
 		default:

src/Conn.cc

@@ -327,8 +327,8 @@ void Connection::HistoryThresholdEvent(EventHandlerPtr e, bool is_orig,
 
 	val_list* vl = new val_list;
 	vl->append(BuildConnVal());
-	vl->append(new Val(is_orig, TYPE_BOOL));
-	vl->append(new Val(threshold, TYPE_COUNT));
+	vl->append(val_mgr->GetBool(is_orig));
+	vl->append(val_mgr->GetCount(threshold));
 
 	ConnectionEvent(e, 0, vl);
 	}
@@ -408,14 +408,14 @@ RecordVal* Connection::BuildConnVal()
 
 		RecordVal* id_val = new RecordVal(conn_id);
 		id_val->Assign(0, new AddrVal(orig_addr));
-		id_val->Assign(1, port_mgr->Get(ntohs(orig_port), prot_type));
+		id_val->Assign(1, val_mgr->GetPort(ntohs(orig_port), prot_type));
 		id_val->Assign(2, new AddrVal(resp_addr));
-		id_val->Assign(3, port_mgr->Get(ntohs(resp_port), prot_type));
+		id_val->Assign(3, val_mgr->GetPort(ntohs(resp_port), prot_type));
 
 		RecordVal* orig_endp = new RecordVal(endpoint);
-		orig_endp->Assign(0, new Val(0, TYPE_COUNT));
-		orig_endp->Assign(1, new Val(0, TYPE_COUNT));
-		orig_endp->Assign(4, new Val(orig_flow_label, TYPE_COUNT));
+		orig_endp->Assign(0, val_mgr->GetCount(0));
+		orig_endp->Assign(1, val_mgr->GetCount(0));
+		orig_endp->Assign(4, val_mgr->GetCount(orig_flow_label));
 
 		const int l2_len = sizeof(orig_l2_addr);
 		char null[l2_len]{};
@@ -424,9 +424,9 @@ RecordVal* Connection::BuildConnVal()
 			orig_endp->Assign(5, new StringVal(fmt_mac(orig_l2_addr, l2_len)));
 
 		RecordVal* resp_endp = new RecordVal(endpoint);
-		resp_endp->Assign(0, new Val(0, TYPE_COUNT));
-		resp_endp->Assign(1, new Val(0, TYPE_COUNT));
-		resp_endp->Assign(4, new Val(resp_flow_label, TYPE_COUNT));
+		resp_endp->Assign(0, val_mgr->GetCount(0));
+		resp_endp->Assign(1, val_mgr->GetCount(0));
+		resp_endp->Assign(4, val_mgr->GetCount(resp_flow_label));
 
 		if ( memcmp(&resp_l2_addr, &null, l2_len) != 0 )
 			resp_endp->Assign(5, new StringVal(fmt_mac(resp_l2_addr, l2_len)));
@@ -436,7 +436,7 @@ RecordVal* Connection::BuildConnVal()
 		conn_val->Assign(2, resp_endp);
 		// 3 and 4 are set below.
 		conn_val->Assign(5, new TableVal(string_set));	// service
-		conn_val->Assign(6, new StringVal(""));	// history
+		conn_val->Assign(6, val_mgr->GetEmptyString());	// history
 
 		if ( ! uid )
 			uid.Set(bits_per_uid);
@@ -447,10 +447,10 @@ RecordVal* Connection::BuildConnVal()
 			conn_val->Assign(8, encapsulation->GetVectorVal());
 
 		if ( vlan != 0 )
-			conn_val->Assign(9, new Val(vlan, TYPE_INT));
+			conn_val->Assign(9, val_mgr->GetInt(vlan));
 
 		if ( inner_vlan != 0 )
-			conn_val->Assign(10, new Val(inner_vlan, TYPE_INT));
+			conn_val->Assign(10, val_mgr->GetInt(inner_vlan));
 
 		}
 
@@ -547,7 +547,7 @@ Val* Connection::BuildVersionVal(const char* s, int len)
 		;
 
 	if ( s != e )
-		major = new Val(atoi(s), TYPE_INT);
+		major = val_mgr->GetInt(atoi(s));
 
 	// Find second number seperated only by punctuation chars -
 	// that's the minor version.
@@ -557,7 +557,7 @@ Val* Connection::BuildVersionVal(const char* s, int len)
 		;
 
 	if ( s != e )
-		minor = new Val(atoi(s), TYPE_INT);
+		minor = val_mgr->GetInt(atoi(s));
 
 	// Find second number seperated only by punctuation chars; -
 	// that's the minor version.
@@ -567,7 +567,7 @@ Val* Connection::BuildVersionVal(const char* s, int len)
 		;
 
 	if ( s != e )
-		minor2 = new Val(atoi(s), TYPE_INT);
+		minor2 = val_mgr->GetInt(atoi(s));
 
 	// Anything after following punctuation and until next white space is
 	// an additional version string.
@@ -604,10 +604,10 @@ Val* Connection::BuildVersionVal(const char* s, int len)
 		}
 
 	RecordVal* version = new RecordVal(software_version);
-	version->Assign(0, major ? major : new Val(-1, TYPE_INT));
-	version->Assign(1, minor ? minor : new Val(-1, TYPE_INT));
-	version->Assign(2, minor2 ? minor2 : new Val(-1, TYPE_INT));
-	version->Assign(3, addl ? addl : new StringVal(""));
+	version->Assign(0, major ? major : val_mgr->GetInt(-1));
+	version->Assign(1, minor ? minor : val_mgr->GetInt(-1));
+	version->Assign(2, minor2 ? minor2 : val_mgr->GetInt(-1));
+	version->Assign(3, addl ? addl : val_mgr->GetEmptyString());
 
 	RecordVal* sw = new RecordVal(software);
 	sw->Assign(0, name);
@@ -1049,7 +1049,7 @@ void Connection::CheckFlowLabel(bool is_orig, uint32 flow_label)
 		if ( conn_val )
 			{
 			RecordVal *endp = conn_val->Lookup(is_orig ? 1 : 2)->AsRecordVal();
-			endp->Assign(4, new Val(flow_label, TYPE_COUNT));
+			endp->Assign(4, val_mgr->GetCount(flow_label));
 			}
 
 		if ( connection_flow_label_changed &&
@@ -1057,9 +1057,9 @@ void Connection::CheckFlowLabel(bool is_orig, uint32 flow_label)
 			{
 			val_list* vl = new val_list(4);
 			vl->append(BuildConnVal());
-			vl->append(new Val(is_orig, TYPE_BOOL));
-			vl->append(new Val(my_flow_label, TYPE_COUNT));
-			vl->append(new Val(flow_label, TYPE_COUNT));
+			vl->append(val_mgr->GetBool(is_orig));
+			vl->append(val_mgr->GetCount(my_flow_label));
+			vl->append(val_mgr->GetCount(flow_label));
 			ConnectionEvent(connection_flow_label_changed, 0, vl);
 			}
 

src/DNS_Mgr.cc

@@ -738,7 +738,7 @@ Val* DNS_Mgr::BuildMappingVal(DNS_Mapping* dm)
 	r->Assign(0, new Val(dm->CreationTime(), TYPE_TIME));
 	r->Assign(1, new StringVal(dm->ReqHost() ? dm->ReqHost() : ""));
 	r->Assign(2, new AddrVal(dm->ReqAddr()));
-	r->Assign(3, new Val(dm->Valid(), TYPE_BOOL));
+	r->Assign(3, val_mgr->GetBool(dm->Valid()));
 
 	Val* h = dm->Host();
 	r->Assign(4, h ? h : new StringVal("<none>"));

src/Event.cc

@@ -196,10 +196,10 @@ RecordVal* EventMgr::GetLocalPeerVal()
 	if ( ! src_val )
 		{
 		src_val = new RecordVal(peer);
-		src_val->Assign(0, new Val(0, TYPE_COUNT));
+		src_val->Assign(0, val_mgr->GetCount(0));
 		src_val->Assign(1, new AddrVal("127.0.0.1"));
-		src_val->Assign(2, port_mgr->Get(0));
-		src_val->Assign(3, new Val(true, TYPE_BOOL));
+		src_val->Assign(2, val_mgr->GetPort(0));
+		src_val->Assign(3, val_mgr->GetTrue());
 
 		Ref(peer_description);
 		src_val->Assign(4, peer_description);

src/Expr.cc

@@ -824,9 +824,11 @@ Val* BinaryExpr::Fold(Val* v1, Val* v2) const
 	else if ( ret_type->InternalType() == TYPE_INTERNAL_DOUBLE )
 		return new Val(d3, ret_type->Tag());
 	else if ( ret_type->InternalType() == TYPE_INTERNAL_UNSIGNED )
-		return new Val(u3, ret_type->Tag());
+		return val_mgr->GetCount(u3);
+	else if ( ret_type->Tag() == TYPE_BOOL )
+		return val_mgr->GetBool(i3);
 	else
-		return new Val(i3, ret_type->Tag());
+		return val_mgr->GetInt(i3);
 	}
 
 Val* BinaryExpr::StringFold(Val* v1, Val* v2) const
@@ -860,7 +862,7 @@ Val* BinaryExpr::StringFold(Val* v1, Val* v2) const
 		BadTag("BinaryExpr::StringFold", expr_name(tag));
 	}
 
-	return new Val(result, TYPE_BOOL);
+	return val_mgr->GetBool(result);
 	}
 
 
@@ -931,7 +933,7 @@ Val* BinaryExpr::SetFold(Val* v1, Val* v2) const
 		return 0;
 	}
 
-	return new Val(res, TYPE_BOOL);
+	return val_mgr->GetBool(res);
 	}
 
 Val* BinaryExpr::AddrFold(Val* v1, Val* v2) const
@@ -965,7 +967,7 @@ Val* BinaryExpr::AddrFold(Val* v1, Val* v2) const
 		BadTag("BinaryExpr::AddrFold", expr_name(tag));
 	}
 
-	return new Val(result, TYPE_BOOL);
+	return val_mgr->GetBool(result);
 	}
 
 Val* BinaryExpr::SubNetFold(Val* v1, Val* v2) const
@@ -978,7 +980,7 @@ Val* BinaryExpr::SubNetFold(Val* v1, Val* v2) const
 	if ( tag == EXPR_NE )
 		result = ! result;
 
-	return new Val(result, TYPE_BOOL);
+	return val_mgr->GetBool(result);
 	}
 
 void BinaryExpr::SwapOps()
@@ -1127,7 +1129,10 @@ Val* IncrExpr::DoSingleEval(Frame* f, Val* v) const
 	 if ( IsVector(ret_type->Tag()) )
 		 ret_type = Type()->YieldType();
 
-	 return new Val(k, ret_type->Tag());
+	if ( ret_type->Tag() == TYPE_INT )
+		return val_mgr->GetInt(k);
+	else
+		return val_mgr->GetCount(k);
 	 }
 
 
@@ -1199,7 +1204,7 @@ ComplementExpr::ComplementExpr(Expr* arg_op) : UnaryExpr(EXPR_COMPLEMENT, arg_op
 
 Val* ComplementExpr::Fold(Val* v) const
 	{
-	return new Val(~ v->InternalUnsigned(), type->Tag());
+	return val_mgr->GetCount(~ v->InternalUnsigned());
 	}
 
 IMPLEMENT_SERIAL(ComplementExpr, SER_COMPLEMENT_EXPR);
@@ -1232,7 +1237,7 @@ NotExpr::NotExpr(Expr* arg_op) : UnaryExpr(EXPR_NOT, arg_op)
 
 Val* NotExpr::Fold(Val* v) const
 	{
-	return new Val(! v->InternalInt(), type->Tag());
+	return val_mgr->GetBool(! v->InternalInt());
 	}
 
 IMPLEMENT_SERIAL(NotExpr, SER_NOT_EXPR);
@@ -1282,7 +1287,7 @@ Val* PosExpr::Fold(Val* v) const
 	if ( t == TYPE_DOUBLE || t == TYPE_INTERVAL || t == TYPE_INT )
 		return v->Ref();
 	else
-		return new Val(v->CoerceToInt(), type->Tag());
+		return val_mgr->GetInt(v->CoerceToInt());
 	}
 
 IMPLEMENT_SERIAL(PosExpr, SER_POS_EXPR);
@@ -1332,7 +1337,7 @@ Val* NegExpr::Fold(Val* v) const
 	else if ( v->Type()->Tag() == TYPE_INTERVAL )
 		return new IntervalVal(- v->InternalDouble(), 1.0);
 	else
-		return new Val(- v->CoerceToInt(), TYPE_INT);
+		return val_mgr->GetInt(- v->CoerceToInt());
 	}
 
 
@@ -1968,7 +1973,7 @@ Val* BoolExpr::Eval(Frame* f) const
 				(! op1->IsZero() && ! op2->IsZero()) :
 				(! op1->IsZero() || ! op2->IsZero());
 
-			result->Assign(i, new Val(local_result, TYPE_BOOL));
+			result->Assign(i, val_mgr->GetBool(local_result));
 			}
 		else
 			result->Assign(i, 0);
@@ -2150,9 +2155,9 @@ Val* EqExpr::Fold(Val* v1, Val* v2) const
 		RE_Matcher* re = v1->AsPattern();
 		const BroString* s = v2->AsString();
 		if ( tag == EXPR_EQ )
-			return new Val(re->MatchExactly(s), TYPE_BOOL);
+			return val_mgr->GetBool(re->MatchExactly(s));
 		else
-			return new Val(! re->MatchExactly(s), TYPE_BOOL);
+			return val_mgr->GetBool(! re->MatchExactly(s));
 		}
 
 	else
@@ -3371,10 +3376,10 @@ Val* HasFieldExpr::Fold(Val* v) const
 	rec_to_look_at = v->AsRecordVal();
 
 	if ( ! rec_to_look_at )
-		return new Val(0, TYPE_BOOL);
+		return val_mgr->GetBool(0);
 
 	RecordVal* r = rec_to_look_at->Ref()->AsRecordVal();
-	Val* ret = new Val(r->Lookup(field) != 0, TYPE_BOOL);
+	Val* ret = val_mgr->GetBool(r->Lookup(field) != 0);
 	Unref(r);
 
 	return ret;
@@ -3983,10 +3988,10 @@ Val* ArithCoerceExpr::FoldSingleVal(Val* v, InternalTypeTag t) const
 		return new Val(v->CoerceToDouble(), TYPE_DOUBLE);
 
 	case TYPE_INTERNAL_INT:
-		return new Val(v->CoerceToInt(), TYPE_INT);
+		return val_mgr->GetInt(v->CoerceToInt());
 
 	case TYPE_INTERNAL_UNSIGNED:
-		return new Val(v->CoerceToUnsigned(), TYPE_COUNT);
+		return val_mgr->GetCount(v->CoerceToUnsigned());
 
 	default:
 		Internal("bad type in CoerceExpr::Fold");
@@ -4639,7 +4644,7 @@ Val* InExpr::Fold(Val* v1, Val* v2) const
 		{
 		RE_Matcher* re = v1->AsPattern();
 		const BroString* s = v2->AsString();
-		return new Val(re->MatchAnywhere(s) != 0, TYPE_BOOL);
+		return val_mgr->GetBool(re->MatchAnywhere(s) != 0);
 		}
 
 	if ( v2->Type()->Tag() == TYPE_STRING )
@@ -4648,12 +4653,12 @@ Val* InExpr::Fold(Val* v1, Val* v2) const
 		const BroString* s2 = v2->AsString();
 
 		// Could do better here e.g. Boyer-Moore if done repeatedly.
-		return new Val(strstr_n(s2->Len(), s2->Bytes(), s1->Len(), reinterpret_cast<const unsigned char*>(s1->CheckString())) != -1, TYPE_BOOL);
+		return val_mgr->GetBool(strstr_n(s2->Len(), s2->Bytes(), s1->Len(), reinterpret_cast<const unsigned char*>(s1->CheckString())) != -1);
 		}
 
 	if ( v1->Type()->Tag() == TYPE_ADDR &&
 	     v2->Type()->Tag() == TYPE_SUBNET )
-		return new Val(v2->AsSubNetVal()->Contains(v1->AsAddr()), TYPE_BOOL);
+		return val_mgr->GetBool(v2->AsSubNetVal()->Contains(v1->AsAddr()));
 
 	Val* res;
 
@@ -4663,9 +4668,9 @@ Val* InExpr::Fold(Val* v1, Val* v2) const
 		res = v2->AsTableVal()->Lookup(v1, false);
 
 	if ( res )
-		return new Val(1, TYPE_BOOL);
+		return val_mgr->GetBool(1);
 	else
-		return new Val(0, TYPE_BOOL);
+		return val_mgr->GetBool(0);
 	}
 
 IMPLEMENT_SERIAL(InExpr, SER_IN_EXPR);
@@ -5589,9 +5594,9 @@ Val* IsExpr::Fold(Val* v) const
 		return 0;
 
 	if ( can_cast_value_to_type(v, t) )
-		return new Val(1, TYPE_BOOL);
+		return val_mgr->GetBool(1);
 	else
-		return new Val(0, TYPE_BOOL);
+		return val_mgr->GetBool(0);
 	}
 
 void IsExpr::ExprDescribe(ODesc* d) const
@@ -5834,28 +5839,3 @@ int expr_greater(const Expr* e1, const Expr* e2)
 	{
 	return int(e1->Tag()) > int(e2->Tag());
 	}
-
-static Expr* make_constant(BroType* t, double d)
-	{
-	Val* v = 0;
-	switch ( t->InternalType() ) {
-	case TYPE_INTERNAL_INT:		v = new Val(bro_int_t(d), t->Tag()); break;
-	case TYPE_INTERNAL_UNSIGNED:	v = new Val(bro_uint_t(d), t->Tag()); break;
-	case TYPE_INTERNAL_DOUBLE:	v = new Val(double(d), t->Tag()); break;
-
-	default:
-		reporter->InternalError("bad type in make_constant()");
-	}
-
-	return new ConstExpr(v);
-	}
-
-Expr* make_zero(BroType* t)
-	{
-	return make_constant(t, 0.0);
-	}
-
-Expr* make_one(BroType* t)
-	{
-	return make_constant(t, 1.0);
-	}

src/Expr.h

@@ -1144,10 +1144,6 @@ val_list* eval_list(Frame* f, const ListExpr* l);
 // a canonical form.
 extern int expr_greater(const Expr* e1, const Expr* e2);
 
-// Return constants of the given type.
-Expr* make_zero(BroType* t);
-Expr* make_one(BroType* t);
-
 // True if the given Val* has a vector type
 inline bool is_vector(Expr* e)	{ return e->Type()->Tag() == TYPE_VECTOR; }
 

src/Func.cc

@@ -386,7 +386,7 @@ Val* BroFunc::Call(val_list* args, Frame* parent) const
 		loop_over_list(*args, i)
 			Unref((*args)[i]);
 
-		return Flavor() == FUNC_FLAVOR_HOOK ? new Val(true, TYPE_BOOL) : 0;
+		return Flavor() == FUNC_FLAVOR_HOOK ? val_mgr->GetTrue() : 0;
 		}
 
 	Frame* f = new Frame(frame_size, this, args);
@@ -464,7 +464,7 @@ Val* BroFunc::Call(val_list* args, Frame* parent) const
 			if ( flow == FLOW_BREAK )
 				{
 				// Short-circuit execution of remaining hook handler bodies.
-				result = new Val(false, TYPE_BOOL);
+				result = val_mgr->GetFalse();
 				break;
 				}
 			}
@@ -478,7 +478,7 @@ Val* BroFunc::Call(val_list* args, Frame* parent) const
 	if ( Flavor() == FUNC_FLAVOR_HOOK )
 		{
 		if ( ! result )
-			result = new Val(true, TYPE_BOOL);
+			result = val_mgr->GetTrue();
 		}
 
 	// Warn if the function returns something, but we returned from

src/IP.cc

@@ -46,13 +46,13 @@ static VectorVal* BuildOptionsVal(const u_char* data, int len)
 		{
 		const struct ip6_opt* opt = (const struct ip6_opt*) data;
 		RecordVal* rv = new RecordVal(hdrType(ip6_option_type, "ip6_option"));
-		rv->Assign(0, new Val(opt->ip6o_type, TYPE_COUNT));
+		rv->Assign(0, val_mgr->GetCount(opt->ip6o_type));
 
 		if ( opt->ip6o_type == 0 )
 			{
 			// Pad1 option
-			rv->Assign(1, new Val(0, TYPE_COUNT));
-			rv->Assign(2, new StringVal(""));
+			rv->Assign(1, val_mgr->GetCount(0));
+			rv->Assign(2, val_mgr->GetEmptyString());
 			data += sizeof(uint8);
 			len -= sizeof(uint8);
 			}
@@ -60,7 +60,7 @@ static VectorVal* BuildOptionsVal(const u_char* data, int len)
 			{
 			// PadN or other option
 			uint16 off = 2 * sizeof(uint8);
-			rv->Assign(1, new Val(opt->ip6o_len, TYPE_COUNT));
+			rv->Assign(1, val_mgr->GetCount(opt->ip6o_len));
 			rv->Assign(2, new StringVal(
 			        new BroString(data + off, opt->ip6o_len, 1)));
 			data += opt->ip6o_len + off;
@@ -82,11 +82,11 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		{
 		rv = new RecordVal(hdrType(ip6_hdr_type, "ip6_hdr"));
 		const struct ip6_hdr* ip6 = (const struct ip6_hdr*)data;
-		rv->Assign(0, new Val((ntohl(ip6->ip6_flow) & 0x0ff00000)>>20, TYPE_COUNT));
-		rv->Assign(1, new Val(ntohl(ip6->ip6_flow) & 0x000fffff, TYPE_COUNT));
-		rv->Assign(2, new Val(ntohs(ip6->ip6_plen), TYPE_COUNT));
-		rv->Assign(3, new Val(ip6->ip6_nxt, TYPE_COUNT));
-		rv->Assign(4, new Val(ip6->ip6_hlim, TYPE_COUNT));
+		rv->Assign(0, val_mgr->GetCount((ntohl(ip6->ip6_flow) & 0x0ff00000)>>20));
+		rv->Assign(1, val_mgr->GetCount(ntohl(ip6->ip6_flow) & 0x000fffff));
+		rv->Assign(2, val_mgr->GetCount(ntohs(ip6->ip6_plen)));
+		rv->Assign(3, val_mgr->GetCount(ip6->ip6_nxt));
+		rv->Assign(4, val_mgr->GetCount(ip6->ip6_hlim));
 		rv->Assign(5, new AddrVal(IPAddr(ip6->ip6_src)));
 		rv->Assign(6, new AddrVal(IPAddr(ip6->ip6_dst)));
 		if ( ! chain )
@@ -100,8 +100,8 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		{
 		rv = new RecordVal(hdrType(ip6_hopopts_type, "ip6_hopopts"));
 		const struct ip6_hbh* hbh = (const struct ip6_hbh*)data;
-		rv->Assign(0, new Val(hbh->ip6h_nxt, TYPE_COUNT));
-		rv->Assign(1, new Val(hbh->ip6h_len, TYPE_COUNT));
+		rv->Assign(0, val_mgr->GetCount(hbh->ip6h_nxt));
+		rv->Assign(1, val_mgr->GetCount(hbh->ip6h_len));
 		uint16 off = 2 * sizeof(uint8);
 		rv->Assign(2, BuildOptionsVal(data + off, Length() - off));
 
@@ -112,8 +112,8 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		{
 		rv = new RecordVal(hdrType(ip6_dstopts_type, "ip6_dstopts"));
 		const struct ip6_dest* dst = (const struct ip6_dest*)data;
-		rv->Assign(0, new Val(dst->ip6d_nxt, TYPE_COUNT));
-		rv->Assign(1, new Val(dst->ip6d_len, TYPE_COUNT));
+		rv->Assign(0, val_mgr->GetCount(dst->ip6d_nxt));
+		rv->Assign(1, val_mgr->GetCount(dst->ip6d_len));
 		uint16 off = 2 * sizeof(uint8);
 		rv->Assign(2, BuildOptionsVal(data + off, Length() - off));
 		}
@@ -123,10 +123,10 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		{
 		rv = new RecordVal(hdrType(ip6_routing_type, "ip6_routing"));
 		const struct ip6_rthdr* rt = (const struct ip6_rthdr*)data;
-		rv->Assign(0, new Val(rt->ip6r_nxt, TYPE_COUNT));
-		rv->Assign(1, new Val(rt->ip6r_len, TYPE_COUNT));
-		rv->Assign(2, new Val(rt->ip6r_type, TYPE_COUNT));
-		rv->Assign(3, new Val(rt->ip6r_segleft, TYPE_COUNT));
+		rv->Assign(0, val_mgr->GetCount(rt->ip6r_nxt));
+		rv->Assign(1, val_mgr->GetCount(rt->ip6r_len));
+		rv->Assign(2, val_mgr->GetCount(rt->ip6r_type));
+		rv->Assign(3, val_mgr->GetCount(rt->ip6r_segleft));
 		uint16 off = 4 * sizeof(uint8);
 		rv->Assign(4, new StringVal(new BroString(data + off, Length() - off, 1)));
 		}
@@ -136,28 +136,28 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		{
 		rv = new RecordVal(hdrType(ip6_fragment_type, "ip6_fragment"));
 		const struct ip6_frag* frag = (const struct ip6_frag*)data;
-		rv->Assign(0, new Val(frag->ip6f_nxt, TYPE_COUNT));
-		rv->Assign(1, new Val(frag->ip6f_reserved, TYPE_COUNT));
-		rv->Assign(2, new Val((ntohs(frag->ip6f_offlg) & 0xfff8)>>3, TYPE_COUNT));
-		rv->Assign(3, new Val((ntohs(frag->ip6f_offlg) & 0x0006)>>1, TYPE_COUNT));
-		rv->Assign(4, new Val(ntohs(frag->ip6f_offlg) & 0x0001, TYPE_BOOL));
-		rv->Assign(5, new Val(ntohl(frag->ip6f_ident), TYPE_COUNT));
+		rv->Assign(0, val_mgr->GetCount(frag->ip6f_nxt));
+		rv->Assign(1, val_mgr->GetCount(frag->ip6f_reserved));
+		rv->Assign(2, val_mgr->GetCount((ntohs(frag->ip6f_offlg) & 0xfff8)>>3));
+		rv->Assign(3, val_mgr->GetCount((ntohs(frag->ip6f_offlg) & 0x0006)>>1));
+		rv->Assign(4, val_mgr->GetBool(ntohs(frag->ip6f_offlg) & 0x0001));
+		rv->Assign(5, val_mgr->GetCount(ntohl(frag->ip6f_ident)));
 		}
 		break;
 
 	case IPPROTO_AH:
 		{
 		rv = new RecordVal(hdrType(ip6_ah_type, "ip6_ah"));
-		rv->Assign(0, new Val(((ip6_ext*)data)->ip6e_nxt, TYPE_COUNT));
-		rv->Assign(1, new Val(((ip6_ext*)data)->ip6e_len, TYPE_COUNT));
-		rv->Assign(2, new Val(ntohs(((uint16*)data)[1]), TYPE_COUNT));
-		rv->Assign(3, new Val(ntohl(((uint32*)data)[1]), TYPE_COUNT));
+		rv->Assign(0, val_mgr->GetCount(((ip6_ext*)data)->ip6e_nxt));
+		rv->Assign(1, val_mgr->GetCount(((ip6_ext*)data)->ip6e_len));
+		rv->Assign(2, val_mgr->GetCount(ntohs(((uint16*)data)[1])));
+		rv->Assign(3, val_mgr->GetCount(ntohl(((uint32*)data)[1])));
 
 		if ( Length() >= 12 )
 			{
 			// Sequence Number and ICV fields can only be extracted if
 			// Payload Len was non-zero for this header.
-			rv->Assign(4, new Val(ntohl(((uint32*)data)[2]), TYPE_COUNT));
+			rv->Assign(4, val_mgr->GetCount(ntohl(((uint32*)data)[2])));
 			uint16 off = 3 * sizeof(uint32);
 			rv->Assign(5, new StringVal(new BroString(data + off, Length() - off, 1)));
 			}
@@ -168,8 +168,8 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		{
 		rv = new RecordVal(hdrType(ip6_esp_type, "ip6_esp"));
 		const uint32* esp = (const uint32*)data;
-		rv->Assign(0, new Val(ntohl(esp[0]), TYPE_COUNT));
-		rv->Assign(1, new Val(ntohl(esp[1]), TYPE_COUNT));
+		rv->Assign(0, val_mgr->GetCount(ntohl(esp[0])));
+		rv->Assign(1, val_mgr->GetCount(ntohl(esp[1])));
 		}
 		break;
 
@@ -178,14 +178,14 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		{
 		rv = new RecordVal(hdrType(ip6_mob_type, "ip6_mobility_hdr"));
 		const struct ip6_mobility* mob = (const struct ip6_mobility*) data;
-		rv->Assign(0, new Val(mob->ip6mob_payload, TYPE_COUNT));
-		rv->Assign(1, new Val(mob->ip6mob_len, TYPE_COUNT));
-		rv->Assign(2, new Val(mob->ip6mob_type, TYPE_COUNT));
-		rv->Assign(3, new Val(mob->ip6mob_rsv, TYPE_COUNT));
-		rv->Assign(4, new Val(ntohs(mob->ip6mob_chksum), TYPE_COUNT));
+		rv->Assign(0, val_mgr->GetCount(mob->ip6mob_payload));
+		rv->Assign(1, val_mgr->GetCount(mob->ip6mob_len));
+		rv->Assign(2, val_mgr->GetCount(mob->ip6mob_type));
+		rv->Assign(3, val_mgr->GetCount(mob->ip6mob_rsv));
+		rv->Assign(4, val_mgr->GetCount(ntohs(mob->ip6mob_chksum)));
 
 		RecordVal* msg = new RecordVal(hdrType(ip6_mob_msg_type, "ip6_mobility_msg"));
-		msg->Assign(0, new Val(mob->ip6mob_type, TYPE_COUNT));
+		msg->Assign(0, val_mgr->GetCount(mob->ip6mob_type));
 
 		uint16 off = sizeof(ip6_mobility);
 		const u_char* msg_data = data + off;
@@ -194,7 +194,7 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		case 0:
 			{
 			RecordVal* m = new RecordVal(hdrType(ip6_mob_brr_type, "ip6_mobility_brr"));
-			m->Assign(0, new Val(ntohs(*((uint16*)msg_data)), TYPE_COUNT));
+			m->Assign(0, val_mgr->GetCount(ntohs(*((uint16*)msg_data))));
 			off += sizeof(uint16);
 			m->Assign(1, BuildOptionsVal(data + off, Length() - off));
 			msg->Assign(1, m);
@@ -204,8 +204,8 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		case 1:
 			{
 			RecordVal* m = new RecordVal(hdrType(ip6_mob_brr_type, "ip6_mobility_hoti"));
-			m->Assign(0, new Val(ntohs(*((uint16*)msg_data)), TYPE_COUNT));
-			m->Assign(1, new Val(ntohll(*((uint64*)(msg_data + sizeof(uint16)))), TYPE_COUNT));
+			m->Assign(0, val_mgr->GetCount(ntohs(*((uint16*)msg_data))));
+			m->Assign(1, val_mgr->GetCount(ntohll(*((uint64*)(msg_data + sizeof(uint16))))));
 			off += sizeof(uint16) + sizeof(uint64);
 			m->Assign(2, BuildOptionsVal(data + off, Length() - off));
 			msg->Assign(2, m);
@@ -215,8 +215,8 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		case 2:
 			{
 			RecordVal* m = new RecordVal(hdrType(ip6_mob_brr_type, "ip6_mobility_coti"));
-			m->Assign(0, new Val(ntohs(*((uint16*)msg_data)), TYPE_COUNT));
-			m->Assign(1, new Val(ntohll(*((uint64*)(msg_data + sizeof(uint16)))), TYPE_COUNT));
+			m->Assign(0, val_mgr->GetCount(ntohs(*((uint16*)msg_data))));
+			m->Assign(1, val_mgr->GetCount(ntohll(*((uint64*)(msg_data + sizeof(uint16))))));
 			off += sizeof(uint16) + sizeof(uint64);
 			m->Assign(2, BuildOptionsVal(data + off, Length() - off));
 			msg->Assign(3, m);
@@ -226,9 +226,9 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		case 3:
 			{
 			RecordVal* m = new RecordVal(hdrType(ip6_mob_brr_type, "ip6_mobility_hot"));
-			m->Assign(0, new Val(ntohs(*((uint16*)msg_data)), TYPE_COUNT));
-			m->Assign(1, new Val(ntohll(*((uint64*)(msg_data + sizeof(uint16)))), TYPE_COUNT));
-			m->Assign(2, new Val(ntohll(*((uint64*)(msg_data + sizeof(uint16) + sizeof(uint64)))), TYPE_COUNT));
+			m->Assign(0, val_mgr->GetCount(ntohs(*((uint16*)msg_data))));
+			m->Assign(1, val_mgr->GetCount(ntohll(*((uint64*)(msg_data + sizeof(uint16))))));
+			m->Assign(2, val_mgr->GetCount(ntohll(*((uint64*)(msg_data + sizeof(uint16) + sizeof(uint64))))));
 			off += sizeof(uint16) + 2 * sizeof(uint64);
 			m->Assign(3, BuildOptionsVal(data + off, Length() - off));
 			msg->Assign(4, m);
@@ -238,9 +238,9 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		case 4:
 			{
 			RecordVal* m = new RecordVal(hdrType(ip6_mob_brr_type, "ip6_mobility_cot"));
-			m->Assign(0, new Val(ntohs(*((uint16*)msg_data)), TYPE_COUNT));
-			m->Assign(1, new Val(ntohll(*((uint64*)(msg_data + sizeof(uint16)))), TYPE_COUNT));
-			m->Assign(2, new Val(ntohll(*((uint64*)(msg_data + sizeof(uint16) + sizeof(uint64)))), TYPE_COUNT));
+			m->Assign(0, val_mgr->GetCount(ntohs(*((uint16*)msg_data))));
+			m->Assign(1, val_mgr->GetCount(ntohll(*((uint64*)(msg_data + sizeof(uint16))))));
+			m->Assign(2, val_mgr->GetCount(ntohll(*((uint64*)(msg_data + sizeof(uint16) + sizeof(uint64))))));
 			off += sizeof(uint16) + 2 * sizeof(uint64);
 			m->Assign(3, BuildOptionsVal(data + off, Length() - off));
 			msg->Assign(5, m);
@@ -250,12 +250,12 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		case 5:
 			{
 			RecordVal* m = new RecordVal(hdrType(ip6_mob_brr_type, "ip6_mobility_bu"));
-			m->Assign(0, new Val(ntohs(*((uint16*)msg_data)), TYPE_COUNT));
-			m->Assign(1, new Val(ntohs(*((uint16*)(msg_data + sizeof(uint16)))) & 0x8000, TYPE_BOOL));
-			m->Assign(2, new Val(ntohs(*((uint16*)(msg_data + sizeof(uint16)))) & 0x4000, TYPE_BOOL));
-			m->Assign(3, new Val(ntohs(*((uint16*)(msg_data + sizeof(uint16)))) & 0x2000, TYPE_BOOL));
-			m->Assign(4, new Val(ntohs(*((uint16*)(msg_data + sizeof(uint16)))) & 0x1000, TYPE_BOOL));
-			m->Assign(5, new Val(ntohs(*((uint16*)(msg_data + 2*sizeof(uint16)))), TYPE_COUNT));
+			m->Assign(0, val_mgr->GetCount(ntohs(*((uint16*)msg_data))));
+			m->Assign(1, val_mgr->GetBool(ntohs(*((uint16*)(msg_data + sizeof(uint16)))) & 0x8000));
+			m->Assign(2, val_mgr->GetBool(ntohs(*((uint16*)(msg_data + sizeof(uint16)))) & 0x4000));
+			m->Assign(3, val_mgr->GetBool(ntohs(*((uint16*)(msg_data + sizeof(uint16)))) & 0x2000));
+			m->Assign(4, val_mgr->GetBool(ntohs(*((uint16*)(msg_data + sizeof(uint16)))) & 0x1000));
+			m->Assign(5, val_mgr->GetCount(ntohs(*((uint16*)(msg_data + 2*sizeof(uint16))))));
 			off += 3 * sizeof(uint16);
 			m->Assign(6, BuildOptionsVal(data + off, Length() - off));
 			msg->Assign(6, m);
@@ -265,10 +265,10 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		case 6:
 			{
 			RecordVal* m = new RecordVal(hdrType(ip6_mob_brr_type, "ip6_mobility_back"));
-			m->Assign(0, new Val(*((uint8*)msg_data), TYPE_COUNT));
-			m->Assign(1, new Val(*((uint8*)(msg_data + sizeof(uint8))) & 0x80, TYPE_BOOL));
-			m->Assign(2, new Val(ntohs(*((uint16*)(msg_data + sizeof(uint16)))), TYPE_COUNT));
-			m->Assign(3, new Val(ntohs(*((uint16*)(msg_data + 2*sizeof(uint16)))), TYPE_COUNT));
+			m->Assign(0, val_mgr->GetCount(*((uint8*)msg_data)));
+			m->Assign(1, val_mgr->GetBool(*((uint8*)(msg_data + sizeof(uint8))) & 0x80));
+			m->Assign(2, val_mgr->GetCount(ntohs(*((uint16*)(msg_data + sizeof(uint16))))));
+			m->Assign(3, val_mgr->GetCount(ntohs(*((uint16*)(msg_data + 2*sizeof(uint16))))));
 			off += 3 * sizeof(uint16);
 			m->Assign(4, BuildOptionsVal(data + off, Length() - off));
 			msg->Assign(7, m);
@@ -278,7 +278,7 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const
 		case 7:
 			{
 			RecordVal* m = new RecordVal(hdrType(ip6_mob_brr_type, "ip6_mobility_be"));
-			m->Assign(0, new Val(*((uint8*)msg_data), TYPE_COUNT));
+			m->Assign(0, val_mgr->GetCount(*((uint8*)msg_data)));
 			const in6_addr* hoa = (const in6_addr*)(msg_data + sizeof(uint16));
 			m->Assign(1, new AddrVal(IPAddr(*hoa)));
 			off += sizeof(uint16) + sizeof(in6_addr);
@@ -311,12 +311,12 @@ RecordVal* IP_Hdr::BuildIPHdrVal() const
 	if ( ip4 )
 		{
 		rval = new RecordVal(hdrType(ip4_hdr_type, "ip4_hdr"));
-		rval->Assign(0, new Val(ip4->ip_hl * 4, TYPE_COUNT));
-		rval->Assign(1, new Val(ip4->ip_tos, TYPE_COUNT));
-		rval->Assign(2, new Val(ntohs(ip4->ip_len), TYPE_COUNT));
-		rval->Assign(3, new Val(ntohs(ip4->ip_id), TYPE_COUNT));
-		rval->Assign(4, new Val(ip4->ip_ttl, TYPE_COUNT));
-		rval->Assign(5, new Val(ip4->ip_p, TYPE_COUNT));
+		rval->Assign(0, val_mgr->GetCount(ip4->ip_hl * 4));
+		rval->Assign(1, val_mgr->GetCount(ip4->ip_tos));
+		rval->Assign(2, val_mgr->GetCount(ntohs(ip4->ip_len)));
+		rval->Assign(3, val_mgr->GetCount(ntohs(ip4->ip_id)));
+		rval->Assign(4, val_mgr->GetCount(ip4->ip_ttl));
+		rval->Assign(5, val_mgr->GetCount(ip4->ip_p));
 		rval->Assign(6, new AddrVal(ip4->ip_src.s_addr));
 		rval->Assign(7, new AddrVal(ip4->ip_dst.s_addr));
 		}
@@ -370,14 +370,14 @@ RecordVal* IP_Hdr::BuildPktHdrVal(RecordVal* pkt_hdr, int sindex) const
 		int tcp_hdr_len = tp->th_off * 4;
 		int data_len = PayloadLen() - tcp_hdr_len;
 
-		tcp_hdr->Assign(0, port_mgr->Get(ntohs(tp->th_sport), TRANSPORT_TCP));
-		tcp_hdr->Assign(1, port_mgr->Get(ntohs(tp->th_dport), TRANSPORT_TCP));
-		tcp_hdr->Assign(2, new Val(uint32(ntohl(tp->th_seq)), TYPE_COUNT));
-		tcp_hdr->Assign(3, new Val(uint32(ntohl(tp->th_ack)), TYPE_COUNT));
-		tcp_hdr->Assign(4, new Val(tcp_hdr_len, TYPE_COUNT));
-		tcp_hdr->Assign(5, new Val(data_len, TYPE_COUNT));
-		tcp_hdr->Assign(6, new Val(tp->th_flags, TYPE_COUNT));
-		tcp_hdr->Assign(7, new Val(ntohs(tp->th_win), TYPE_COUNT));
+		tcp_hdr->Assign(0, val_mgr->GetPort(ntohs(tp->th_sport), TRANSPORT_TCP));
+		tcp_hdr->Assign(1, val_mgr->GetPort(ntohs(tp->th_dport), TRANSPORT_TCP));
+		tcp_hdr->Assign(2, val_mgr->GetCount(uint32(ntohl(tp->th_seq))));
+		tcp_hdr->Assign(3, val_mgr->GetCount(uint32(ntohl(tp->th_ack))));
+		tcp_hdr->Assign(4, val_mgr->GetCount(tcp_hdr_len));
+		tcp_hdr->Assign(5, val_mgr->GetCount(data_len));
+		tcp_hdr->Assign(6, val_mgr->GetCount(tp->th_flags));
+		tcp_hdr->Assign(7, val_mgr->GetCount(ntohs(tp->th_win)));
 
 		pkt_hdr->Assign(sindex + 2, tcp_hdr);
 		break;
@@ -388,9 +388,9 @@ RecordVal* IP_Hdr::BuildPktHdrVal(RecordVal* pkt_hdr, int sindex) const
 		const struct udphdr* up = (const struct udphdr*) data;
 		RecordVal* udp_hdr = new RecordVal(udp_hdr_type);
 
-		udp_hdr->Assign(0, port_mgr->Get(ntohs(up->uh_sport), TRANSPORT_UDP));
-		udp_hdr->Assign(1, port_mgr->Get(ntohs(up->uh_dport), TRANSPORT_UDP));
-		udp_hdr->Assign(2, new Val(ntohs(up->uh_ulen), TYPE_COUNT));
+		udp_hdr->Assign(0, val_mgr->GetPort(ntohs(up->uh_sport), TRANSPORT_UDP));
+		udp_hdr->Assign(1, val_mgr->GetPort(ntohs(up->uh_dport), TRANSPORT_UDP));
+		udp_hdr->Assign(2, val_mgr->GetCount(ntohs(up->uh_ulen)));
 
 		pkt_hdr->Assign(sindex + 3, udp_hdr);
 		break;
@@ -401,7 +401,7 @@ RecordVal* IP_Hdr::BuildPktHdrVal(RecordVal* pkt_hdr, int sindex) const
 		const struct icmp* icmpp = (const struct icmp *) data;
 		RecordVal* icmp_hdr = new RecordVal(icmp_hdr_type);
 
-		icmp_hdr->Assign(0, new Val(icmpp->icmp_type, TYPE_COUNT));
+		icmp_hdr->Assign(0, val_mgr->GetCount(icmpp->icmp_type));
 
 		pkt_hdr->Assign(sindex + 4, icmp_hdr);
 		break;
@@ -412,7 +412,7 @@ RecordVal* IP_Hdr::BuildPktHdrVal(RecordVal* pkt_hdr, int sindex) const
 		const struct icmp6_hdr* icmpp = (const struct icmp6_hdr*) data;
 		RecordVal* icmp_hdr = new RecordVal(icmp_hdr_type);
 
-		icmp_hdr->Assign(0, new Val(icmpp->icmp6_type, TYPE_COUNT));
+		icmp_hdr->Assign(0, val_mgr->GetCount(icmpp->icmp6_type));
 
 		pkt_hdr->Assign(sindex + 4, icmp_hdr);
 		break;
@@ -621,7 +621,7 @@ VectorVal* IPv6_Hdr_Chain::BuildVal() const
 		RecordVal* v = chain[i]->BuildRecordVal();
 		RecordVal* ext_hdr = new RecordVal(ip6_ext_hdr_type);
 		uint8 type = chain[i]->Type();
-		ext_hdr->Assign(0, new Val(type, TYPE_COUNT));
+		ext_hdr->Assign(0, val_mgr->GetCount(type));
 
 		switch (type) {
 		case IPPROTO_HOPOPTS:

src/OpaqueVal.cc

@@ -24,7 +24,7 @@ bool HashVal::Init()
 StringVal* HashVal::Get()
 	{
 	if ( ! valid )
-		return new StringVal("");
+		return val_mgr->GetEmptyString();
 
 	StringVal* result = DoGet();
 	valid = false;
@@ -55,7 +55,7 @@ bool HashVal::DoFeed(const void*, size_t)
 StringVal* HashVal::DoGet()
 	{
 	assert(! "missing implementation of DoGet()");
-	return new StringVal("");
+	return val_mgr->GetEmptyString();
 	}
 
 HashVal::HashVal(OpaqueType* t) : OpaqueVal(t)
@@ -135,7 +135,7 @@ bool MD5Val::DoFeed(const void* data, size_t size)
 StringVal* MD5Val::DoGet()
 	{
 	if ( ! IsValid() )
-		return new StringVal("");
+		return val_mgr->GetEmptyString();
 
 	u_char digest[MD5_DIGEST_LENGTH];
 	md5_final(&ctx, digest);
@@ -245,7 +245,7 @@ bool SHA1Val::DoFeed(const void* data, size_t size)
 StringVal* SHA1Val::DoGet()
 	{
 	if ( ! IsValid() )
-		return new StringVal("");
+		return val_mgr->GetEmptyString();
 
 	u_char digest[SHA_DIGEST_LENGTH];
 	sha1_final(&ctx, digest);
@@ -357,7 +357,7 @@ bool SHA256Val::DoFeed(const void* data, size_t size)
 StringVal* SHA256Val::DoGet()
 	{
 	if ( ! IsValid() )
-		return new StringVal("");
+		return val_mgr->GetEmptyString();
 
 	u_char digest[SHA256_DIGEST_LENGTH];
 	sha256_final(&ctx, digest);

src/PersistenceSerializer.cc

@@ -191,7 +191,7 @@ void PersistenceSerializer::RaiseFinishedSendState()
 	{
 	val_list* vl = new val_list;
 	vl->append(new AddrVal(htonl(remote_host)));
-	vl->append(port_mgr->Get(remote_port));
+	vl->append(val_mgr->GetPort(remote_port));
 
 	mgr.QueueEvent(finished_send_state, vl);
 	reporter->Log("Serialization done.");

src/RemoteSerializer.cc

@@ -1806,12 +1806,12 @@ void RemoteSerializer::PeerConnected(Peer* peer)
 RecordVal* RemoteSerializer::MakePeerVal(Peer* peer)
 	{
 	RecordVal* v = new RecordVal(::peer);
-	v->Assign(0, new Val(uint32(peer->id), TYPE_COUNT));
+	v->Assign(0, val_mgr->GetCount(uint32(peer->id)));
 	// Sic! Network order for AddrVal, host order for PortVal.
 	v->Assign(1, new AddrVal(peer->ip));
-	v->Assign(2, port_mgr->Get(peer->port, TRANSPORT_TCP));
-	v->Assign(3, new Val(false, TYPE_BOOL));
-	v->Assign(4, new StringVal(""));	// set when received
+	v->Assign(2, val_mgr->GetPort(peer->port, TRANSPORT_TCP));
+	v->Assign(3, val_mgr->GetFalse());
+	v->Assign(4, val_mgr->GetEmptyString());	// set when received
 	v->Assign(5, peer->peer_class.size() ?
 			new StringVal(peer->peer_class.c_str()) : 0);
 	return v;
@@ -2262,7 +2262,7 @@ bool RemoteSerializer::ProcessPongMsg()
 
 	val_list* vl = new val_list;
 	vl->append(current_peer->val->Ref());
-	vl->append(new Val((unsigned int) ntohl(args->seq), TYPE_COUNT));
+	vl->append(val_mgr->GetCount((unsigned int) ntohl(args->seq)));
 	vl->append(new Val(current_time(true) - ntohd(args->time1),
 				TYPE_INTERVAL));
 	vl->append(new Val(ntohd(args->time2), TYPE_INTERVAL));
@@ -2727,8 +2727,8 @@ bool RemoteSerializer::ProcessLogCreateWriter()
 
 	fmt.EndRead();
 
-	id_val = new EnumVal(id, internal_type("Log::ID")->AsEnumType());
-	writer_val = new EnumVal(writer, internal_type("Log::Writer")->AsEnumType());
+	id_val = internal_type("Log::ID")->AsEnumType()->GetVal(id);
+	writer_val = internal_type("Log::Writer")->AsEnumType()->GetVal(writer);
 
 	if ( ! log_mgr->CreateWriterForRemoteLog(id_val, writer_val, info, num_fields, fields) )
 		{
@@ -2800,8 +2800,8 @@ bool RemoteSerializer::ProcessLogWrite()
 				}
 			}
 
-		id_val = new EnumVal(id, internal_type("Log::ID")->AsEnumType());
-		writer_val = new EnumVal(writer, internal_type("Log::Writer")->AsEnumType());
+		id_val = internal_type("Log::ID")->AsEnumType()->GetVal(id);
+		writer_val = internal_type("Log::Writer")->AsEnumType()->GetVal(writer);
 
 		success = log_mgr->WriteFromRemote(id_val, writer_val, path, num_fields, vals);
 
@@ -3008,16 +3008,16 @@ void RemoteSerializer::Log(LogLevel level, const char* msg, Peer* peer,
 		{
 		val_list* vl = new val_list();
 		vl->append(peer->val->Ref());
-		vl->append(new Val(level, TYPE_COUNT));
-		vl->append(new Val(src, TYPE_COUNT));
+		vl->append(val_mgr->GetCount(level));
+		vl->append(val_mgr->GetCount(src));
 		vl->append(new StringVal(msg));
 		mgr.QueueEvent(remote_log_peer, vl);
 		}
 	else
 		{
 		val_list* vl = new val_list();
-		vl->append(new Val(level, TYPE_COUNT));
-		vl->append(new Val(src, TYPE_COUNT));
+		vl->append(val_mgr->GetCount(level));
+		vl->append(val_mgr->GetCount(src));
 		vl->append(new StringVal(msg));
 		mgr.QueueEvent(remote_log, vl);
 		}

src/RuleAction.cc

@@ -24,7 +24,7 @@ void RuleActionEvent::DoAction(const Rule* parent, RuleEndpointState* state,
 		if ( data )
 			vl->append(new StringVal(len, (const char*)data));
 		else
-			vl->append(new StringVal(""));
+			vl->append(val_mgr->GetEmptyString());
 
 		mgr.QueueEvent(signature_match, vl);
 		}

src/RuleCondition.cc

@@ -168,7 +168,7 @@ bool RuleConditionEval::DoMatch(Rule* rule, RuleEndpointState* state,
 	if ( data )
 		args.append(new StringVal(len, (const char*) data));
 	else
-		args.append(new StringVal(""));
+		args.append(val_mgr->GetEmptyString());
 
 	bool result = 0;
 

src/RuleMatcher.cc

@@ -65,8 +65,8 @@ Val* RuleMatcher::BuildRuleStateValue(const Rule* rule,
 	RecordVal* val = new RecordVal(signature_state);
 	val->Assign(0, new StringVal(rule->ID()));
 	val->Assign(1, state->GetAnalyzer()->BuildConnVal());
-	val->Assign(2, new Val(state->is_orig, TYPE_BOOL));
-	val->Assign(3, new Val(state->payload_size, TYPE_COUNT));
+	val->Assign(2, val_mgr->GetBool(state->is_orig));
+	val->Assign(3, val_mgr->GetCount(state->payload_size));
 	return val;
 	}
 

src/Sessions.cc

@@ -979,7 +979,7 @@ FragReassembler* NetSessions::NextFragment(double t, const IP_Hdr* ip,
 	ListVal* key = new ListVal(TYPE_ANY);
 	key->Append(new AddrVal(ip->SrcAddr()));
 	key->Append(new AddrVal(ip->DstAddr()));
-	key->Append(new Val(frag_id, TYPE_COUNT));
+	key->Append(val_mgr->GetCount(frag_id));
 
 	HashKey* h = ch->ComputeHash(key, 1);
 	if ( ! h )

src/SmithWaterman.cc

@@ -94,13 +94,13 @@ VectorVal* BroSubstring::VecToPolicy(Vec* vec)
 
 				RecordVal* align_val = new RecordVal(sw_align_type);
 				align_val->Assign(0, new StringVal(new BroString(*align.string)));
-				align_val->Assign(1, new Val(align.index, TYPE_COUNT));
+				align_val->Assign(1, val_mgr->GetCount(align.index));
 
 				aligns->Assign(j+1, align_val);
 				}
 
 			st_val->Assign(1, aligns);
-			st_val->Assign(2, new Val(bst->IsNewAlignment(), TYPE_BOOL));
+			st_val->Assign(2, val_mgr->GetBool(bst->IsNewAlignment()));
 			result->Assign(i+1, st_val);
 			}
 		}

src/StateAccess.cc

@@ -252,6 +252,14 @@ bool StateAccess::MergeTables(TableVal* dst, Val* src)
 	return true;
 	}
 
+static Val* GetInteger(bro_int_t n, TypeTag t)
+	{
+	if ( t == TYPE_INT )
+		return val_mgr->GetInt(n);
+
+	return val_mgr->GetCount(n);
+	}
+
 void StateAccess::Replay()
 	{
 	// For simplicity we assume that we only replay unserialized accesses.
@@ -298,7 +306,7 @@ void StateAccess::Replay()
 			bro_int_t amount =
 				op1.val->CoerceToInt() - op2->CoerceToInt();
 
-			target.id->SetVal(new Val(v->CoerceToInt() + amount, t),
+			target.id->SetVal(GetInteger(v->CoerceToInt() + amount, t),
 						OP_INCR);
 			}
 		break;
@@ -392,7 +400,7 @@ void StateAccess::Replay()
 			t = v->Type()->AsTableType()->YieldType()->Tag();
 			Val* lookup_op1 = v->AsTableVal()->Lookup(op1.val);
 			int delta = lookup_op1->CoerceToInt() + amount;
-			Val* new_val = new Val(delta, t);
+			Val* new_val = GetInteger(delta, t);
 			v->AsTableVal()->Assign(op1.val, new_val, OP_INCR );
 			}
 
@@ -407,7 +415,7 @@ void StateAccess::Replay()
 					v->AsRecordVal()->Lookup(idx);
 				bro_int_t delta =
 					lookup_field->CoerceToInt() + amount;
-				Val* new_val = new Val(delta, t);
+				Val* new_val = GetInteger(delta, t);
 				v->AsRecordVal()->Assign(idx, new_val, OP_INCR);
 				}
 			else
@@ -420,7 +428,7 @@ void StateAccess::Replay()
 			t = v->Type()->AsVectorType()->YieldType()->Tag();
 			Val* lookup_op1 = v->AsVectorVal()->Lookup(index);
 			int delta = lookup_op1->CoerceToInt() + amount;
-			Val* new_val = new Val(delta, t);
+			Val* new_val = GetInteger(delta, t);
 			v->AsVectorVal()->Assign(index, new_val);
 			}
 

src/Stats.cc

@@ -313,7 +313,7 @@ void ProfileLogger::Log()
 		val_list* vl = new val_list;
 		Ref(file);
 		vl->append(new Val(file));
-		vl->append(new Val(expensive, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(expensive));
 		mgr.Dispatch(new Event(profiling_update, vl));
 		}
 	}
@@ -372,7 +372,7 @@ void SampleLogger::SegmentProfile(const char* /* name */,
 	val_list* vl = new val_list(2);
 	vl->append(load_samples->Ref());
 	vl->append(new IntervalVal(dtime, Seconds));
-	vl->append(new Val(dmem, TYPE_INT));
+	vl->append(val_mgr->GetInt(dmem));
 
 	mgr.QueueEvent(load_sample, vl);
 	}

src/Stmt.cc

@@ -1479,7 +1479,7 @@ Val* ForStmt::DoExec(Frame* f, Val* v, stmt_flow_type& flow) const
 			// Set the loop variable to the current index, and make
 			// another pass over the loop body.
 			f->SetElement((*loop_vars)[0]->Offset(),
-					new Val(i, TYPE_COUNT));
+					val_mgr->GetCount(i));
 			flow = FLOW_NEXT;
 			ret = body->Exec(f, flow);
 

src/Tag.cc

@@ -11,7 +11,7 @@ Tag::Tag(EnumType* etype, type_t arg_type, subtype_t arg_subtype)
 	subtype = arg_subtype;
 	int64_t i = (int64)(type) | ((int64)subtype << 31);
 	Ref(etype);
-	val = new EnumVal(i, etype);
+	val = etype->GetVal(i);
 	}
 
 Tag::Tag(EnumVal* arg_val)
@@ -85,7 +85,7 @@ EnumVal* Tag::AsEnumVal(EnumType* etype) const
 		{
 		assert(type == 0 && subtype == 0);
 		Ref(etype);
-		val = new EnumVal(0, etype);
+		val = etype->GetVal(0);
 		}
 
 	return val;

src/TunnelEncapsulation.cc

@@ -22,11 +22,11 @@ RecordVal* EncapsulatingConn::GetRecordVal() const
 
 	RecordVal* id_val = new RecordVal(conn_id);
 	id_val->Assign(0, new AddrVal(src_addr));
-	id_val->Assign(1, port_mgr->Get(ntohs(src_port), proto));
+	id_val->Assign(1, val_mgr->GetPort(ntohs(src_port), proto));
 	id_val->Assign(2, new AddrVal(dst_addr));
-	id_val->Assign(3, port_mgr->Get(ntohs(dst_port), proto));
+	id_val->Assign(3, val_mgr->GetPort(ntohs(dst_port), proto));
 	rv->Assign(0, id_val);
-	rv->Assign(1, new EnumVal(type, BifType::Enum::Tunnel::Type));
+	rv->Assign(1, BifType::Enum::Tunnel::Type->GetVal(type));
 
 	rv->Assign(2, new StringVal(uid.Base62("C").c_str()));
 

src/Type.cc

@@ -1445,10 +1445,14 @@ EnumType::EnumType(EnumType* e)
 
 	for ( NameMap::iterator it = e->names.begin(); it != e->names.end(); ++it )
 		names[it->first] = it->second;
+
+	vals = e->vals;
 	}
 
 EnumType::~EnumType()
 	{
+	for ( auto& kv : vals )
+		Unref(kv.second);
 	}
 
 // Note, we use reporter->Error() here (not Error()) to include the current script
@@ -1524,6 +1528,9 @@ void EnumType::CheckAndAddName(const string& module_name, const char* name,
 
 	AddNameInternal(module_name, name, val, is_export);
 
+	if ( vals.find(val) == vals.end() )
+		vals[val] = new EnumVal(this, val);
+
 	set<BroType*> types = BroType::GetAliases(GetName());
 	set<BroType*>::const_iterator it;
 
@@ -1571,6 +1578,23 @@ EnumType::enum_name_list EnumType::Names() const
 	return n;
 	}
 
+EnumVal* EnumType::GetVal(bro_int_t i)
+	{
+	auto it = vals.find(i);
+	EnumVal* rval;
+
+	if ( it == vals.end() )
+		{
+		rval = new EnumVal(this, i);
+		vals[i] = rval;
+		}
+	else
+		rval = it->second;
+
+	::Ref(rval);
+	return rval;
+	}
+
 void EnumType::DescribeReST(ODesc* d, bool roles_only) const
 	{
 	d->Add(":bro:type:`enum`");
@@ -1690,6 +1714,7 @@ bool EnumType::DoUnserialize(UnserialInfo* info)
 
 		names[name] = val;
 		delete [] name; // names[name] converts to std::string
+		vals[val] = new EnumVal(this, val);
 		}
 
 	return true;

src/Type.h

@@ -5,6 +5,7 @@
 
 #include <string>
 #include <set>
+#include <unordered_map>
 #include <map>
 #include <list>
 
@@ -75,6 +76,7 @@ class Serializer;
 class VectorType;
 class TypeType;
 class OpaqueType;
+class EnumVal;
 
 const int DOES_NOT_MATCH_INDEX = 0;
 const int MATCHES_INDEX_SCALAR = 1;
@@ -572,6 +574,8 @@ public:
 
 	void DescribeReST(ODesc* d, bool roles_only = false) const override;
 
+	EnumVal* GetVal(bro_int_t i);
+
 protected:
 	EnumType() { counter = 0; }
 
@@ -587,6 +591,9 @@ protected:
 	typedef std::map<std::string, bro_int_t> NameMap;
 	NameMap names;
 
+	using ValMap = std::unordered_map<bro_int_t, EnumVal*>;
+	ValMap vals;
+
 	// The counter is initialized to 0 and incremented on every implicit
 	// auto-increment name that gets added (thus its > 0 if
 	// auto-increment is used).  Once an explicit value has been

src/Val.cc

@@ -417,19 +417,19 @@ Val* Val::SizeVal() const
 		// Return abs value. However abs() only works on ints and llabs
 		// doesn't work on Mac OS X 10.5. So we do it by hand
 		if ( val.int_val < 0 )
-			return new Val(-val.int_val, TYPE_COUNT);
+			return val_mgr->GetCount(-val.int_val);
 		else
-			return new Val(val.int_val, TYPE_COUNT);
+			return val_mgr->GetCount(val.int_val);
 
 	case TYPE_INTERNAL_UNSIGNED:
-		return new Val(val.uint_val, TYPE_COUNT);
+		return val_mgr->GetCount(val.uint_val);
 
 	case TYPE_INTERNAL_DOUBLE:
 		return new Val(fabs(val.double_val), TYPE_DOUBLE);
 
 	case TYPE_INTERNAL_OTHER:
 		if ( type->Tag() == TYPE_FUNC )
-			return new Val(val.func_val->FType()->ArgTypes()->Types()->length(), TYPE_COUNT);
+			return val_mgr->GetCount(val.func_val->FType()->ArgTypes()->Types()->length());
 
 		if ( type->Tag() == TYPE_FILE )
 			return new Val(val.file_val->Size(), TYPE_DOUBLE);
@@ -439,7 +439,7 @@ Val* Val::SizeVal() const
 		break;
 	}
 
-	return new Val(0, TYPE_COUNT);
+	return val_mgr->GetCount(0);
 	}
 
 unsigned int Val::MemoryAllocation() const
@@ -764,54 +764,17 @@ bool IntervalVal::DoUnserialize(UnserialInfo* info)
 	return true;
 	}
 
-PortManager::PortManager()
-	{
-	for ( auto i = 0u; i < ports.size(); ++i )
-		{
-		auto& arr = ports[i];
-		auto port_type = (TransportProto)i;
-
-		for ( auto j = 0u; j < arr.size(); ++j )
-			arr[j] = new PortVal(Mask(j, port_type), true);
-		}
-	}
-
-PortManager::~PortManager()
-	{
-	for ( auto& arr : ports )
-		for ( auto& pv : arr )
-			Unref(pv);
-	}
-
 PortVal* PortManager::Get(uint32 port_num) const
 	{
-	auto mask = port_num & PORT_SPACE_MASK;
-	port_num &= ~PORT_SPACE_MASK;
-
-	if ( mask == TCP_PORT_MASK )
-		return Get(port_num, TRANSPORT_TCP);
-	else if ( mask == UDP_PORT_MASK )
-		return Get(port_num, TRANSPORT_UDP);
-	else if ( mask == ICMP_PORT_MASK )
-		return Get(port_num, TRANSPORT_ICMP);
-	else
-		return Get(port_num, TRANSPORT_UNKNOWN);
+	return val_mgr->GetPort(port_num);
 	}
 
 PortVal* PortManager::Get(uint32 port_num, TransportProto port_type) const
 	{
-	if ( port_num >= 65536 )
-		{
-		reporter->Warning("bad port number %d", port_num);
-		port_num = 0;
+	return val_mgr->GetPort(port_num, port_type);
 	}
 
-	auto rval = ports[port_type][port_num];
-	::Ref(rval);
-	return rval;
-	}
-
-uint32 PortManager::Mask(uint32 port_num, TransportProto port_type) const
+uint32 PortVal::Mask(uint32 port_num, TransportProto port_type)
 	{
 	// Note, for ICMP one-way connections:
 	// src_port = icmp_type, dst_port = icmp_code.
@@ -844,7 +807,7 @@ uint32 PortManager::Mask(uint32 port_num, TransportProto port_type) const
 
 PortVal::PortVal(uint32 p, TransportProto port_type) : Val(TYPE_PORT)
 	{
-	auto port_num = port_mgr->Mask(p, port_type);
+	auto port_num = PortVal::Mask(p, port_type);
 	val.uint_val = static_cast<bro_uint_t>(port_num);
 	}
 
@@ -952,9 +915,9 @@ unsigned int AddrVal::MemoryAllocation() const
 Val* AddrVal::SizeVal() const
 	{
 	if ( val.addr_val->GetFamily() == IPv4 )
-		return new Val(32, TYPE_COUNT);
+		return val_mgr->GetCount(32);
 	else
-		return new Val(128, TYPE_COUNT);
+		return val_mgr->GetCount(128);
 	}
 
 IMPLEMENT_SERIAL(AddrVal, SER_ADDR_VAL);
@@ -1601,7 +1564,7 @@ int TableVal::Assign(Val* index, HashKey* k, Val* new_val, Opcode op)
 			// A set.
 			if ( old_entry_val && remote_check_sync_consistency )
 				{
-				Val* has_old_val = new Val(1, TYPE_INT);
+				Val* has_old_val = val_mgr->GetInt(1);
 				StateAccess::Log(
 					new StateAccess(OP_ADD, this, index,
 							has_old_val));
@@ -2101,7 +2064,7 @@ Val* TableVal::Delete(const Val* index)
 			else
 				{
 				// A set.
-				Val* has_old_val = new Val(1, TYPE_INT);
+				Val* has_old_val = val_mgr->GetInt(1);
 				StateAccess::Log(
 					new StateAccess(OP_DEL, this, index,
 							has_old_val));
@@ -3271,7 +3234,7 @@ bool VectorVal::Assign(unsigned int index, Val* element, Opcode op)
 			{
 			if ( LoggingAccess() && op != OP_NONE )
 				{
-				Val* ival = new Val(index, TYPE_COUNT);
+				Val* ival = val_mgr->GetCount(index);
 				StateAccess::Log(new StateAccess(OP_ASSIGN_IDX,
 						this, ival, element,
 						(*val.vector_val)[index]));
@@ -3296,7 +3259,7 @@ bool VectorVal::Assign(unsigned int index, Val* element, Opcode op)
 		if ( element->IsMutableVal() )
 			element->AsMutableVal()->AddProperties(GetProperties());
 
-		Val* ival = new Val(index, TYPE_COUNT);
+		Val* ival = val_mgr->GetCount(index);
 
 		StateAccess::Log(new StateAccess(op == OP_INCR ?
 				OP_INCR_IDX : OP_ASSIGN_IDX,
@@ -3557,11 +3520,29 @@ Val* check_and_promote(Val* v, const BroType* t, int is_init)
 	Val* promoted_v;
 	switch ( it ) {
 	case TYPE_INTERNAL_INT:
-		promoted_v = new Val(v->CoerceToInt(), t_tag);
+		if ( t_tag == TYPE_INT )
+			promoted_v = val_mgr->GetInt(v->CoerceToInt());
+		else if ( t_tag == TYPE_BOOL )
+			promoted_v = val_mgr->GetBool(v->CoerceToInt());
+		else // enum
+			{
+			reporter->InternalError("bad internal type in check_and_promote()");
+			Unref(v);
+			return 0;
+			}
+
 		break;
 
 	case TYPE_INTERNAL_UNSIGNED:
-		promoted_v = new Val(v->CoerceToUnsigned(), t_tag);
+		if ( t_tag == TYPE_COUNT || t_tag == TYPE_COUNTER )
+			promoted_v = val_mgr->GetCount(v->CoerceToUnsigned());
+		else // port
+			{
+			reporter->InternalError("bad internal type in check_and_promote()");
+			Unref(v);
+			return 0;
+			}
+
 		break;
 
 	case TYPE_INTERNAL_DOUBLE:
@@ -3716,3 +3697,80 @@ bool can_cast_value_to_type(const BroType* s, BroType* t)
 	return false;
 	}
 
+ValManager::ValManager()
+	{
+	empty_string = new StringVal("");
+	b_false = Val::MakeBool(false);
+	b_true = Val::MakeBool(true);
+	counts = new Val*[PREALLOCATED_COUNTS];
+	ints = new Val*[PREALLOCATED_INTS];
+
+	for ( auto i = 0u; i < PREALLOCATED_COUNTS; ++i )
+		counts[i] = Val::MakeCount(i);
+
+	for ( auto i = 0u; i < PREALLOCATED_INTS; ++i )
+		ints[i] = Val::MakeInt(PREALLOCATED_INT_LOWEST + i);
+
+	for ( auto i = 0u; i < ports.size(); ++i )
+		{
+		auto& arr = ports[i];
+		auto port_type = (TransportProto)i;
+
+		for ( auto j = 0u; j < arr.size(); ++j )
+			arr[j] = new PortVal(PortVal::Mask(j, port_type), true);
+		}
+	}
+
+ValManager::~ValManager()
+	{
+	Unref(empty_string);
+	Unref(b_true);
+	Unref(b_false);
+
+	for ( auto i = 0u; i < PREALLOCATED_COUNTS; ++i )
+		Unref(counts[i]);
+
+	for ( auto i = 0u; i < PREALLOCATED_INTS; ++i )
+		Unref(ints[i]);
+
+	delete [] counts;
+	delete [] ints;
+
+	for ( auto& arr : ports )
+		for ( auto& pv : arr )
+			Unref(pv);
+	}
+
+StringVal* ValManager::GetEmptyString() const
+	{
+	::Ref(empty_string);
+	return empty_string;
+	}
+
+PortVal* ValManager::GetPort(uint32 port_num, TransportProto port_type) const
+	{
+	if ( port_num >= 65536 )
+		{
+		reporter->Warning("bad port number %d", port_num);
+		port_num = 0;
+		}
+
+	auto rval = ports[port_type][port_num];
+	::Ref(rval);
+	return rval;
+	}
+
+PortVal* ValManager::GetPort(uint32 port_num) const
+	{
+	auto mask = port_num & PORT_SPACE_MASK;
+	port_num &= ~PORT_SPACE_MASK;
+
+	if ( mask == TCP_PORT_MASK )
+		return GetPort(port_num, TRANSPORT_TCP);
+	else if ( mask == UDP_PORT_MASK )
+		return GetPort(port_num, TRANSPORT_UDP);
+	else if ( mask == ICMP_PORT_MASK )
+		return GetPort(port_num, TRANSPORT_ICMP);
+	else
+		return GetPort(port_num, TRANSPORT_UNKNOWN);
+	}

src/Val.h

@@ -21,6 +21,16 @@
 #include "StateAccess.h"
 #include "IPAddr.h"
 
+// We have four different port name spaces: TCP, UDP, ICMP, and UNKNOWN.
+// We distinguish between them based on the bits specified in the *_PORT_MASK
+// entries specified below.
+#define NUM_PORT_SPACES 4
+#define PORT_SPACE_MASK 0x30000
+
+#define TCP_PORT_MASK	0x10000
+#define UDP_PORT_MASK	0x20000
+#define ICMP_PORT_MASK	0x30000
+
 class Val;
 class Func;
 class BroFile;
@@ -52,7 +62,7 @@ typedef union {
 	// Used for bool, int, enum.
 	bro_int_t int_val;
 
-	// Used for count, counter, port, subnet.
+	// Used for count, counter, port.
 	bro_uint_t uint_val;
 
 	// Used for addr
@@ -77,6 +87,7 @@ typedef union {
 
 class Val : public BroObj {
 public:
+	BRO_DEPRECATED("use val_mgr->GetBool, GetFalse/GetTrue, GetInt, or GetCount instead")
 	Val(bool b, TypeTag t)
 		{
 		val.int_val = b;
@@ -86,6 +97,7 @@ public:
 #endif
 		}
 
+	BRO_DEPRECATED("use val_mgr->GetBool, GetFalse/GetTrue, GetInt, or GetCount instead")
 	Val(int32 i, TypeTag t)
 		{
 		val.int_val = bro_int_t(i);
@@ -95,6 +107,7 @@ public:
 #endif
 		}
 
+	BRO_DEPRECATED("use val_mgr->GetBool, GetFalse/GetTrue, GetInt, or GetCount instead")
 	Val(uint32 u, TypeTag t)
 		{
 		val.uint_val = bro_uint_t(u);
@@ -104,6 +117,7 @@ public:
 #endif
 		}
 
+	BRO_DEPRECATED("use val_mgr->GetBool, GetFalse/GetTrue, GetInt, or GetCount instead")
 	Val(int64 i, TypeTag t)
 		{
 		val.int_val = i;
@@ -113,6 +127,7 @@ public:
 #endif
 		}
 
+	BRO_DEPRECATED("use val_mgr->GetBool, GetFalse/GetTrue, GetInt, or GetCount instead")
 	Val(uint64 u, TypeTag t)
 		{
 		val.uint_val = u;
@@ -353,18 +368,34 @@ public:
 #endif
 
 protected:
-	Val(BroString* s, TypeTag t)
-		{
-		val.string_val = s;
-		type = base_type(t);
-#ifdef DEBUG
-		bound_id = 0;
-#endif
-		}
+
+	friend class EnumType;
+	friend class ValManager;
 
 	virtual void ValDescribe(ODesc* d) const;
 	virtual void ValDescribeReST(ODesc* d) const;
 
+	static Val* MakeBool(bool b)
+		{
+		auto rval = new Val(TYPE_BOOL);
+		rval->val.int_val = b;
+		return rval;
+		}
+
+	static Val* MakeInt(bro_int_t i)
+		{
+		auto rval = new Val(TYPE_INT);
+		rval->val.int_val = i;
+		return rval;
+		}
+
+	static Val* MakeCount(bro_uint_t u)
+		{
+		auto rval = new Val(TYPE_COUNT);
+		rval->val.uint_val = u;
+		return rval;
+		}
+
 	explicit Val(TypeTag t)
 		{
 		type = base_type(t);
@@ -398,6 +429,78 @@ protected:
 
 };
 
+class PortManager {
+public:
+	// Port number given in host order.
+	BRO_DEPRECATED("use val_mgr->GetPort() instead")
+	PortVal* Get(uint32 port_num, TransportProto port_type) const;
+
+	// Host-order port number already masked with port space protocol mask.
+	BRO_DEPRECATED("use val_mgr->GetPort() instead")
+	PortVal* Get(uint32 port_num) const;
+
+	// Returns a masked port number
+	BRO_DEPRECATED("use PortVal::Mask() instead")
+	uint32 Mask(uint32 port_num, TransportProto port_type) const;
+};
+
+extern PortManager* port_mgr;
+
+// Holds pre-allocated Val objects for those where it's more optimal to
+// re-use existing ones rather than allocate anew.
+class ValManager {
+public:
+
+	static constexpr bro_uint_t PREALLOCATED_COUNTS = 4096;
+	static constexpr bro_uint_t PREALLOCATED_INTS = 512;
+	static constexpr bro_int_t PREALLOCATED_INT_LOWEST = -255;
+	static constexpr bro_int_t PREALLOCATED_INT_HIGHEST =
+            PREALLOCATED_INT_LOWEST + PREALLOCATED_INTS - 1;
+
+	ValManager();
+
+	~ValManager();
+
+	inline Val* GetTrue() const
+		{ return b_true->Ref(); }
+
+	inline Val* GetFalse() const
+		{ return b_false->Ref(); }
+
+	inline Val* GetBool(bool b) const
+		{ return b ? b_true->Ref() : b_false->Ref(); }
+
+	inline Val* GetInt(int64 i) const
+		{
+		return i < PREALLOCATED_INT_LOWEST || i > PREALLOCATED_INT_HIGHEST ?
+		    Val::MakeInt(i) : ints[i - PREALLOCATED_INT_LOWEST]->Ref();
+		}
+
+	inline Val* GetCount(uint64 i) const
+		{
+		return i >= PREALLOCATED_COUNTS ? Val::MakeCount(i) : counts[i]->Ref();
+		}
+
+	StringVal* GetEmptyString() const;
+
+	// Port number given in host order.
+	PortVal* GetPort(uint32 port_num, TransportProto port_type) const;
+
+	// Host-order port number already masked with port space protocol mask.
+	PortVal* GetPort(uint32 port_num) const;
+
+private:
+
+	std::array<std::array<PortVal*, 65536>, NUM_PORT_SPACES> ports;
+	StringVal* empty_string;
+	Val* b_true;
+	Val* b_false;
+	Val** counts;
+	Val** ints;
+};
+
+extern ValManager* val_mgr;
+
 class MutableVal : public Val {
 public:
 	// Each MutableVal gets a globally unique ID that can be used to
@@ -494,47 +597,17 @@ protected:
 };
 
 
-// We have four different port name spaces: TCP, UDP, ICMP, and UNKNOWN.
-// We distinguish between them based on the bits specified in the *_PORT_MASK
-// entries specified below.
-#define NUM_PORT_SPACES 4
-#define PORT_SPACE_MASK 0x30000
-
-#define TCP_PORT_MASK	0x10000
-#define UDP_PORT_MASK	0x20000
-#define ICMP_PORT_MASK	0x30000
-
-class PortManager {
-public:
-	PortManager();
-	~PortManager();
-
-	// Port number given in host order.
-	PortVal* Get(uint32 port_num, TransportProto port_type) const;
-
-	// Host-order port number already masked with port space protocol mask.
-	PortVal* Get(uint32 port_num) const;
-
-	// Returns a masked port number
-	uint32 Mask(uint32 port_num, TransportProto port_type) const;
-
-private:
-	std::array<std::array<PortVal*, 65536>, NUM_PORT_SPACES> ports;
-};
-
-extern PortManager* port_mgr;
-
 class PortVal : public Val {
 public:
 	// Port number given in host order.
-	BRO_DEPRECATED("use port_mgr->Get() instead")
+	BRO_DEPRECATED("use val_mgr->GetPort() instead")
 	PortVal(uint32 p, TransportProto port_type);
 
 	// Host-order port number already masked with port space protocol mask.
-	BRO_DEPRECATED("use port_mgr->Get() instead")
+	BRO_DEPRECATED("use val_mgr->GetPort() instead")
 	explicit PortVal(uint32 p);
 
-	Val* SizeVal() const override	{ return new Val(val.uint_val, TYPE_INT); }
+	Val* SizeVal() const override	{ return val_mgr->GetInt(val.uint_val); }
 
 	// Returns the port number in host order (not including the mask).
 	uint32 Port() const;
@@ -556,9 +629,12 @@ public:
 			return TRANSPORT_UNKNOWN;
 		}
 
+	// Returns a masked port number
+	static uint32 Mask(uint32 port_num, TransportProto port_type);
+
 protected:
 	friend class Val;
-	friend class PortManager;
+	friend class ValManager;
 	PortVal()	{}
 	PortVal(uint32 p, bool unused);
 
@@ -628,7 +704,7 @@ public:
 	StringVal(int length, const char* s);
 
 	Val* SizeVal() const override
-		{ return new Val(val.string_val->Len(), TYPE_COUNT); }
+		{ return val_mgr->GetCount(val.string_val->Len()); }
 
 	int Len()		{ return AsString()->Len(); }
 	const u_char* Bytes()	{ return AsString()->Bytes(); }
@@ -681,7 +757,7 @@ public:
 
 	TypeTag BaseTag() const		{ return tag; }
 
-	Val* SizeVal() const override	{ return new Val(vals.length(), TYPE_COUNT); }
+	Val* SizeVal() const override	{ return val_mgr->GetCount(vals.length()); }
 
 	int Length() const		{ return vals.length(); }
 	Val* Index(const int n)		{ return vals[n]; }
@@ -789,7 +865,7 @@ public:
 	int Assign(Val* index, Val* new_val, Opcode op = OP_ASSIGN);
 	int Assign(Val* index, HashKey* k, Val* new_val, Opcode op = OP_ASSIGN);
 
-	Val* SizeVal() const override	{ return new Val(Size(), TYPE_COUNT); }
+	Val* SizeVal() const override	{ return val_mgr->GetCount(Size()); }
 
 	// Add the entire contents of the table to the given value,
 	// which must also be a TableVal.
@@ -940,7 +1016,7 @@ public:
 	~RecordVal() override;
 
 	Val* SizeVal() const override
-		{ return new Val(record_type->NumFields(), TYPE_COUNT); }
+		{ return val_mgr->GetCount(record_type->NumFields()); }
 
 	void Assign(int field, Val* new_val, Opcode op = OP_ASSIGN);
 	Val* Lookup(int field) const;	// Does not Ref() value.
@@ -1003,16 +1079,24 @@ protected:
 
 class EnumVal : public Val {
 public:
+
+	BRO_DEPRECATED("use t->GetVal(i) instead")
 	EnumVal(int i, EnumType* t) : Val(t)
 		{
 		val.int_val = i;
-		type = t;
 		}
 
-	Val* SizeVal() const override	{ return new Val(val.int_val, TYPE_INT); }
+	Val* SizeVal() const override	{ return val_mgr->GetInt(val.int_val); }
 
 protected:
 	friend class Val;
+	friend class EnumType;
+
+	EnumVal(EnumType* t, int i) : Val(t)
+		{
+		val.int_val = i;
+		}
+
 	EnumVal()	{}
 
 	void ValDescribe(ODesc* d) const override;
@@ -1027,7 +1111,7 @@ public:
 	~VectorVal() override;
 
 	Val* SizeVal() const override
-		{ return new Val(uint32(val.vector_val->size()), TYPE_COUNT); }
+		{ return val_mgr->GetCount(uint32(val.vector_val->size())); }
 
 	// Returns false if the type of the argument was wrong.
 	// The vector will automatically grow to accomodate the index.

src/analyzer/Analyzer.cc

@@ -668,7 +668,7 @@ void Analyzer::ProtocolConfirmation(Tag arg_tag)
 	val_list* vl = new val_list;
 	vl->append(BuildConnVal());
 	vl->append(tval);
-	vl->append(new Val(id, TYPE_COUNT));
+	vl->append(val_mgr->GetCount(id));
 	mgr.QueueEvent(protocol_confirmation, vl);
 
 	protocol_confirmed = true;
@@ -695,7 +695,7 @@ void Analyzer::ProtocolViolation(const char* reason, const char* data, int len)
 	val_list* vl = new val_list;
 	vl->append(BuildConnVal());
 	vl->append(tval);
-	vl->append(new Val(id, TYPE_COUNT));
+	vl->append(val_mgr->GetCount(id));
 	vl->append(r);
 	mgr.QueueEvent(protocol_violation, vl);
 	}

src/analyzer/Manager.cc

@@ -434,7 +434,7 @@ bool Manager::BuildInitialAnalyzerTree(Connection* conn)
 
 		if ( tcp_contents && ! reass )
 			{
-			auto dport = port_mgr->Get(ntohs(conn->RespPort()), TRANSPORT_TCP);
+			auto dport = val_mgr->GetPort(ntohs(conn->RespPort()), TRANSPORT_TCP);
 			Val* result;
 
 			if ( ! reass )

src/analyzer/analyzer.bif

@@ -11,13 +11,13 @@ module Analyzer;
 function Analyzer::__enable_analyzer%(id: Analyzer::Tag%) : bool
 	%{
 	bool result = analyzer_mgr->EnableAnalyzer(id->AsEnumVal());
-	return new Val(result, TYPE_BOOL);
+	return val_mgr->GetBool(result);
 	%}
 
 function Analyzer::__disable_analyzer%(id: Analyzer::Tag%) : bool
 	%{
 	bool result = analyzer_mgr->DisableAnalyzer(id->AsEnumVal());
-	return new Val(result, TYPE_BOOL);
+	return val_mgr->GetBool(result);
 	%}
 
 function Analyzer::__disable_all_analyzers%(%) : any
@@ -29,14 +29,14 @@ function Analyzer::__disable_all_analyzers%(%) : any
 function Analyzer::__register_for_port%(id: Analyzer::Tag, p: port%) : bool
 	%{
 	bool result = analyzer_mgr->RegisterAnalyzerForPort(id->AsEnumVal(), p);
-	return new Val(result, TYPE_BOOL);
+	return val_mgr->GetBool(result);
 	%}
 
 function Analyzer::__schedule_analyzer%(orig: addr, resp: addr, resp_p: port,
 					analyzer: Analyzer::Tag, tout: interval%) : bool
 	%{
 	analyzer_mgr->ScheduleAnalyzer(orig->AsAddr(), resp->AsAddr(), resp_p, analyzer->AsEnumVal(), tout);
-	return new Val(true, TYPE_BOOL);
+	return val_mgr->GetTrue();
 	%}
 
 function __name%(atype: Analyzer::Tag%) : string

src/analyzer/protocol/asn1/asn1.pac

@@ -109,7 +109,20 @@ Val* asn1_integer_to_val(const ASN1Integer* i, TypeTag t)
 
 Val* asn1_integer_to_val(const ASN1Encoding* i, TypeTag t)
 	{
-	return new Val(binary_to_int64(i->content()), t);
+	auto v = binary_to_int64(i->content());
+
+	switch ( t ) {
+	case TYPE_BOOL:
+		return val_mgr->GetBool(v);
+	case TYPE_INT:
+		return val_mgr->GetInt(v);
+	case TYPE_COUNT:
+	case TYPE_COUNTER:
+		return val_mgr->GetCount(v);
+	default:
+		reporter->Error("bad asn1_integer_to_val tag: %s", type_name(t));
+		return val_mgr->GetCount(v);
+	}
 	}
 
 StringVal* asn1_oid_to_val(const ASN1ObjectIdentifier* oid)
@@ -139,7 +152,7 @@ StringVal* asn1_oid_to_val(const ASN1Encoding* oid)
 
 	if ( ! subidentifier.empty() || subidentifiers.size() < 1 )
 		// Underflow.
-		return new StringVal("");
+		return val_mgr->GetEmptyString();
 
 	for ( size_t i = 0; i < subidentifiers.size(); ++i )
 		{

src/analyzer/protocol/backdoor/BackDoor.cc

@@ -112,14 +112,14 @@ RecordVal* BackDoorEndpoint::BuildStats()
 	{
 	RecordVal* stats = new RecordVal(backdoor_endp_stats);
 
-	stats->Assign(0, new Val(is_partial, TYPE_BOOL));
-	stats->Assign(1, new Val(num_pkts, TYPE_COUNT));
-	stats->Assign(2, new Val(num_8k0_pkts, TYPE_COUNT));
-	stats->Assign(3, new Val(num_8k4_pkts, TYPE_COUNT));
-	stats->Assign(4, new Val(num_lines, TYPE_COUNT));
-	stats->Assign(5, new Val(num_normal_lines, TYPE_COUNT));
-	stats->Assign(6, new Val(num_bytes, TYPE_COUNT));
-	stats->Assign(7, new Val(num_7bit_ascii, TYPE_COUNT));
+	stats->Assign(0, val_mgr->GetBool(is_partial));
+	stats->Assign(1, val_mgr->GetCount(num_pkts));
+	stats->Assign(2, val_mgr->GetCount(num_8k0_pkts));
+	stats->Assign(3, val_mgr->GetCount(num_8k4_pkts));
+	stats->Assign(4, val_mgr->GetCount(num_lines));
+	stats->Assign(5, val_mgr->GetCount(num_normal_lines));
+	stats->Assign(6, val_mgr->GetCount(num_bytes));
+	stats->Assign(7, val_mgr->GetCount(num_7bit_ascii));
 
 	return stats;
 	}
@@ -248,9 +248,9 @@ void BackDoorEndpoint::RloginSignatureFound(int len)
 
 	val_list* vl = new val_list;
 	vl->append(endp->TCP()->BuildConnVal());
-	vl->append(new Val(endp->IsOrig(), TYPE_BOOL));
-	vl->append(new Val(rlogin_num_null, TYPE_COUNT));
-	vl->append(new Val(len, TYPE_COUNT));
+	vl->append(val_mgr->GetBool(endp->IsOrig()));
+	vl->append(val_mgr->GetCount(rlogin_num_null));
+	vl->append(val_mgr->GetCount(len));
 
 	endp->TCP()->ConnectionEvent(rlogin_signature_found, vl);
 	}
@@ -340,8 +340,8 @@ void BackDoorEndpoint::TelnetSignatureFound(int len)
 	{
 	val_list* vl = new val_list;
 	vl->append(endp->TCP()->BuildConnVal());
-	vl->append(new Val(endp->IsOrig(), TYPE_BOOL));
-	vl->append(new Val(len, TYPE_COUNT));
+	vl->append(val_mgr->GetBool(endp->IsOrig()));
+	vl->append(val_mgr->GetCount(len));
 
 	endp->TCP()->ConnectionEvent(telnet_signature_found, vl);
 	}
@@ -647,7 +647,7 @@ void BackDoorEndpoint::SignatureFound(EventHandlerPtr e, int do_orig)
 	vl->append(endp->TCP()->BuildConnVal());
 
 	if ( do_orig )
-		vl->append(new Val(endp->IsOrig(), TYPE_BOOL));
+		vl->append(val_mgr->GetBool(endp->IsOrig()));
 
 	endp->TCP()->ConnectionEvent(e, vl);
 	}

src/analyzer/protocol/bittorrent/BitTorrent.cc

@@ -122,7 +122,7 @@ void BitTorrent_Analyzer::DeliverWeird(const char* msg, bool orig)
 		{
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 		vl->append(new StringVal(msg));
 		ConnectionEvent(bittorrent_peer_weird, vl);
 		}

src/analyzer/protocol/bittorrent/BitTorrentTracker.cc

@@ -249,7 +249,7 @@ void BitTorrentTracker_Analyzer::DeliverWeird(const char* msg, bool orig)
 		{
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 		vl->append(new StringVal(msg));
 		ConnectionEvent(bt_tracker_weird, vl);
 		}
@@ -405,7 +405,7 @@ bool BitTorrentTracker_Analyzer::ParseResponse(char* line)
 				{
 				val_list* vl = new val_list;
 				vl->append(BuildConnVal());
-				vl->append(new Val(res_status, TYPE_COUNT));
+				vl->append(val_mgr->GetCount(res_status));
 				vl->append(res_val_headers);
 				ConnectionEvent(bt_tracker_response_not_ok, vl);
 				res_val_headers = 0;
@@ -482,7 +482,7 @@ void BitTorrentTracker_Analyzer::ResponseBenc(int name_len, char* name,
 
 			RecordVal* peer = new RecordVal(bittorrent_peer);
 			peer->Assign(0, new AddrVal(ad));
-			peer->Assign(1, port_mgr->Get(pt, TRANSPORT_TCP));
+			peer->Assign(1, val_mgr->GetPort(pt, TRANSPORT_TCP));
 			res_val_peers->Assign(peer, 0);
 
 			Unref(peer);
@@ -505,7 +505,7 @@ void BitTorrentTracker_Analyzer::ResponseBenc(int name_len, char* name,
 	RecordVal* benc_value = new RecordVal(bittorrent_benc_value);
 	StringVal* name_ = new StringVal(name_len, name);
 
-	benc_value->Assign(type, new Val(value, TYPE_INT));
+	benc_value->Assign(type, val_mgr->GetInt(value));
 	res_val_benc->Assign(name_, benc_value);
 
 	Unref(name_);
@@ -791,7 +791,7 @@ void BitTorrentTracker_Analyzer::EmitResponse(void)
 
 	val_list* vl = new val_list;
 	vl->append(BuildConnVal());
-	vl->append(new Val(res_status, TYPE_COUNT));
+	vl->append(val_mgr->GetCount(res_status));
 	vl->append(res_val_headers);
 	vl->append(res_val_peers);
 	vl->append(res_val_benc);

src/analyzer/protocol/bittorrent/bittorrent-analyzer.pac

@@ -222,7 +222,7 @@ flow BitTorrent_Flow(is_orig: bool) {
 				connection()->bro_analyzer(),
 				connection()->bro_analyzer()->Conn(),
 				is_orig(),
-				port_mgr->Get(listen_port, TRANSPORT_TCP));
+				val_mgr->GetPort(listen_port, TRANSPORT_TCP));
 			}
 
 		return true;

src/analyzer/protocol/conn-size/ConnSize.cc

@@ -49,8 +49,8 @@ void ConnSize_Analyzer::ThresholdEvent(EventHandlerPtr f, uint64 threshold, bool
 
 	val_list* vl = new val_list;
 	vl->append(BuildConnVal());
-	vl->append(new Val(threshold, TYPE_COUNT));
-	vl->append(new Val(is_orig, TYPE_BOOL));
+	vl->append(val_mgr->GetCount(threshold));
+	vl->append(val_mgr->GetBool(is_orig));
 	ConnectionEvent(f, vl);
 	}
 
@@ -159,10 +159,10 @@ void ConnSize_Analyzer::UpdateConnVal(RecordVal *conn_val)
 	if ( bytesidx < 0 )
 		reporter->InternalError("'endpoint' record missing 'num_bytes_ip' field");
 
-	orig_endp->Assign(pktidx, new Val(orig_pkts, TYPE_COUNT));
-	orig_endp->Assign(bytesidx, new Val(orig_bytes, TYPE_COUNT));
-	resp_endp->Assign(pktidx, new Val(resp_pkts, TYPE_COUNT));
-	resp_endp->Assign(bytesidx, new Val(resp_bytes, TYPE_COUNT));
+	orig_endp->Assign(pktidx, val_mgr->GetCount(orig_pkts));
+	orig_endp->Assign(bytesidx, val_mgr->GetCount(orig_bytes));
+	resp_endp->Assign(pktidx, val_mgr->GetCount(resp_pkts));
+	resp_endp->Assign(bytesidx, val_mgr->GetCount(resp_bytes));
 
 	Analyzer::UpdateConnVal(conn_val);
 	}

src/analyzer/protocol/conn-size/functions.bif

@@ -32,11 +32,11 @@ function set_current_conn_bytes_threshold%(cid: conn_id, threshold: count, is_or
 	%{
 	analyzer::Analyzer* a = GetConnsizeAnalyzer(cid);
 	if ( ! a )
-		return new Val(0, TYPE_BOOL);
+		return val_mgr->GetBool(0);
 
 	static_cast<analyzer::conn_size::ConnSize_Analyzer*>(a)->SetThreshold(threshold, 1, is_orig);
 
-	return new Val(1, TYPE_BOOL);
+	return val_mgr->GetBool(1);
 	%}
 
 ## Sets a threshold for connection packets, overwtiting any potential old thresholds.
@@ -55,11 +55,11 @@ function set_current_conn_packets_threshold%(cid: conn_id, threshold: count, is_
 	%{
 	analyzer::Analyzer* a = GetConnsizeAnalyzer(cid);
 	if ( ! a )
-		return new Val(0, TYPE_BOOL);
+		return val_mgr->GetBool(0);
 
 	static_cast<analyzer::conn_size::ConnSize_Analyzer*>(a)->SetThreshold(threshold, 0, is_orig);
 
-	return new Val(1, TYPE_BOOL);
+	return val_mgr->GetBool(1);
 	%}
 
 ## Gets the current byte threshold size for a connection.
@@ -76,11 +76,9 @@ function get_current_conn_bytes_threshold%(cid: conn_id, is_orig: bool%): count
 	%{
 	analyzer::Analyzer* a = GetConnsizeAnalyzer(cid);
 	if ( ! a )
-		return new Val(0, TYPE_COUNT);
+		return val_mgr->GetCount(0);
 
-	return new Val(
-		static_cast<analyzer::conn_size::ConnSize_Analyzer*>(a)->GetThreshold(1, is_orig),
-		TYPE_COUNT);
+	return val_mgr->GetCount(static_cast<analyzer::conn_size::ConnSize_Analyzer*>(a)->GetThreshold(1, is_orig));
 	%}
 
 ## Gets the current packet threshold size for a connection.
@@ -97,10 +95,8 @@ function get_current_conn_packets_threshold%(cid: conn_id, is_orig: bool%): coun
 	%{
 	analyzer::Analyzer* a = GetConnsizeAnalyzer(cid);
 	if ( ! a )
-		return new Val(0, TYPE_COUNT);
+		return val_mgr->GetCount(0);
 
-	return new Val(
-		static_cast<analyzer::conn_size::ConnSize_Analyzer*>(a)->GetThreshold(0, is_orig),
-		TYPE_COUNT);
+	return val_mgr->GetCount(static_cast<analyzer::conn_size::ConnSize_Analyzer*>(a)->GetThreshold(0, is_orig));
 	%}
 

src/analyzer/protocol/dce-rpc/dce_rpc-analyzer.pac

@@ -42,7 +42,7 @@ refine connection DCE_RPC_Conn += {
 			                                   ${header.is_orig},
 			                                   fid,
 			                                   ${header.PTYPE},
-			                                   new EnumVal(${header.PTYPE}, BifType::Enum::DCE_RPC::PType));
+			                                   BifType::Enum::DCE_RPC::PType->GetVal(${header.PTYPE}));
 			}
 		return true;
 		%}

src/analyzer/protocol/dhcp/dhcp-analyzer.pac

@@ -36,7 +36,7 @@ refine flow DHCP_Flow += {
 
 		if ( code != 255 )
 			all_options->Assign(all_options->Size(),
-			                    new Val(code, TYPE_COUNT));
+			                    val_mgr->GetCount(code));
 
 		return true;
 		%}
@@ -58,11 +58,11 @@ refine flow DHCP_Flow += {
 			double secs = static_cast<double>(${msg.secs});
 
 			auto dhcp_msg_val = new RecordVal(BifType::Record::DHCP::Msg);
-			dhcp_msg_val->Assign(0, new Val(${msg.op}, TYPE_COUNT));
-			dhcp_msg_val->Assign(1, new Val(${msg.type}, TYPE_COUNT));
-			dhcp_msg_val->Assign(2, new Val(${msg.xid}, TYPE_COUNT));
+			dhcp_msg_val->Assign(0, val_mgr->GetCount(${msg.op}));
+			dhcp_msg_val->Assign(1, val_mgr->GetCount(${msg.type}));
+			dhcp_msg_val->Assign(2, val_mgr->GetCount(${msg.xid}));
 			dhcp_msg_val->Assign(3, new Val(secs, TYPE_INTERVAL));
-			dhcp_msg_val->Assign(4, new Val(${msg.flags}, TYPE_COUNT));
+			dhcp_msg_val->Assign(4, val_mgr->GetCount(${msg.flags}));
 			dhcp_msg_val->Assign(5, new AddrVal(htonl(${msg.ciaddr})));
 			dhcp_msg_val->Assign(6, new AddrVal(htonl(${msg.yiaddr})));
 			dhcp_msg_val->Assign(7, new AddrVal(htonl(${msg.siaddr})));

src/analyzer/protocol/dhcp/dhcp-options.pac

@@ -159,7 +159,7 @@ refine casetype OptionValue += {
 refine flow DHCP_Flow += {
 	function process_forwarding_option(v: OptionValue): bool
 		%{
-		${context.flow}->options->Assign(6, new Val(${v.forwarding} == 0 ? false : true, TYPE_BOOL));
+		${context.flow}->options->Assign(6, val_mgr->GetBool(${v.forwarding} == 0 ? false : true));
 
 		return true;
 		%}
@@ -345,7 +345,7 @@ refine flow DHCP_Flow += {
 		for ( int i = 0; i < num_parms; ++i )
 			{
 			uint8 param = (*plist)[i];
-			params->Assign(i, new Val(param, TYPE_COUNT));
+			params->Assign(i, val_mgr->GetCount(param));
 			}
 
 		${context.flow}->options->Assign(13, params);
@@ -397,7 +397,7 @@ refine casetype OptionValue += {
 refine flow DHCP_Flow += {
 	function process_max_message_size_option(v: OptionValue): bool
 		%{
-		${context.flow}->options->Assign(15, new Val(${v.max_msg_size}, TYPE_COUNT));
+		${context.flow}->options->Assign(15, val_mgr->GetCount(${v.max_msg_size}));
 
 		return true;
 		%}
@@ -502,7 +502,7 @@ refine flow DHCP_Flow += {
 	function process_client_id_option(v: OptionValue): bool
 		%{
 		RecordVal* client_id = new RecordVal(BifType::Record::DHCP::ClientID);
-		client_id->Assign(0, new Val(${v.client_id.hwtype}, TYPE_COUNT));
+		client_id->Assign(0, val_mgr->GetCount(${v.client_id.hwtype}));
 		client_id->Assign(1, new StringVal(fmt_mac(${v.client_id.hwaddr}.begin(), ${v.client_id.hwaddr}.length())));
 
 		${context.flow}->options->Assign(19, client_id);
@@ -562,9 +562,9 @@ refine flow DHCP_Flow += {
 	function process_client_fqdn_option(v: OptionValue): bool
 		%{
 		RecordVal* client_fqdn = new RecordVal(BifType::Record::DHCP::ClientFQDN);
-		client_fqdn->Assign(0, new Val(${v.client_fqdn.flags}, TYPE_COUNT));
-		client_fqdn->Assign(1, new Val(${v.client_fqdn.rcode1}, TYPE_COUNT));
-		client_fqdn->Assign(2, new Val(${v.client_fqdn.rcode2}, TYPE_COUNT));
+		client_fqdn->Assign(0, val_mgr->GetCount(${v.client_fqdn.flags}));
+		client_fqdn->Assign(1, val_mgr->GetCount(${v.client_fqdn.rcode1}));
+		client_fqdn->Assign(2, val_mgr->GetCount(${v.client_fqdn.rcode2}));
 		const char* domain_name = reinterpret_cast<const char*>(${v.client_fqdn.domain_name}.begin());
 		client_fqdn->Assign(3, new StringVal(${v.client_fqdn.domain_name}.length(), domain_name));
 
@@ -627,7 +627,7 @@ refine flow DHCP_Flow += {
 		      ptrsubopt != ${v.relay_agent_inf}->end(); ++ptrsubopt )
 			{
 			auto r = new RecordVal(BifType::Record::DHCP::SubOpt);
-			r->Assign(0, new Val((*ptrsubopt)->code(), TYPE_COUNT));
+			r->Assign(0, val_mgr->GetCount((*ptrsubopt)->code()));
 			r->Assign(1, bytestring_to_val((*ptrsubopt)->value()));
 
 			relay_agent_sub_opt->Assign(i, r);
@@ -657,7 +657,7 @@ refine casetype OptionValue += {
 refine flow DHCP_Flow += {
 	function process_auto_config_option(v: OptionValue): bool
 		%{
-		${context.flow}->options->Assign(23, new Val(${v.auto_config} == 0 ? false : true, TYPE_BOOL));
+		${context.flow}->options->Assign(23, val_mgr->GetBool(${v.auto_config} == 0 ? false : true));
 
 		return true;
 		%}

src/analyzer/protocol/dns/DNS.cc

@@ -48,9 +48,9 @@ int DNS_Interpreter::ParseMessage(const u_char* data, int len, int is_query)
 		{
 		val_list* vl = new val_list();
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(is_query, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(is_query));
 		vl->append(msg.BuildHdrVal());
-		vl->append(new Val(len, TYPE_COUNT));
+		vl->append(val_mgr->GetCount(len));
 
 		analyzer->ConnectionEvent(dns_message, vl);
 		}
@@ -608,7 +608,7 @@ int DNS_Interpreter::ParseRR_SOA(DNS_MsgInfo* msg,
 
 		r->Assign(0, new StringVal(new BroString(mname, mname_end - mname, 1)));
 		r->Assign(1, new StringVal(new BroString(rname, rname_end - rname, 1)));
-		r->Assign(2, new Val(serial, TYPE_COUNT));
+		r->Assign(2, val_mgr->GetCount(serial));
 		r->Assign(3, new IntervalVal(double(refresh), Seconds));
 		r->Assign(4, new IntervalVal(double(retry), Seconds));
 		r->Assign(5, new IntervalVal(double(expire), Seconds));
@@ -648,7 +648,7 @@ int DNS_Interpreter::ParseRR_MX(DNS_MsgInfo* msg,
 		vl->append(msg->BuildHdrVal());
 		vl->append(msg->BuildAnswerVal());
 		vl->append(new StringVal(new BroString(name, name_end - name, 1)));
-		vl->append(new Val(preference, TYPE_COUNT));
+		vl->append(val_mgr->GetCount(preference));
 
 		analyzer->ConnectionEvent(dns_MX_reply, vl);
 		}
@@ -692,9 +692,9 @@ int DNS_Interpreter::ParseRR_SRV(DNS_MsgInfo* msg,
 		vl->append(msg->BuildHdrVal());
 		vl->append(msg->BuildAnswerVal());
 		vl->append(new StringVal(new BroString(name, name_end - name, 1)));
-		vl->append(new Val(priority, TYPE_COUNT));
-		vl->append(new Val(weight, TYPE_COUNT));
-		vl->append(new Val(port, TYPE_COUNT));
+		vl->append(val_mgr->GetCount(priority));
+		vl->append(val_mgr->GetCount(weight));
+		vl->append(val_mgr->GetCount(port));
 
 		analyzer->ConnectionEvent(dns_SRV_reply, vl);
 		}
@@ -1364,7 +1364,7 @@ int DNS_Interpreter::ParseRR_CAA(DNS_MsgInfo* msg,
 	vl->append(analyzer->BuildConnVal());
 	vl->append(msg->BuildHdrVal());
 	vl->append(msg->BuildAnswerVal());
-	vl->append(new Val(flags, TYPE_COUNT));
+	vl->append(val_mgr->GetCount(flags));
 	vl->append(new StringVal(tag));
 	vl->append(new StringVal(value));
 
@@ -1386,8 +1386,8 @@ void DNS_Interpreter::SendReplyOrRejectEvent(DNS_MsgInfo* msg,
 	vl->append(analyzer->BuildConnVal());
 	vl->append(msg->BuildHdrVal());
 	vl->append(new StringVal(question_name));
-	vl->append(new Val(qtype, TYPE_COUNT));
-	vl->append(new Val(qclass, TYPE_COUNT));
+	vl->append(val_mgr->GetCount(qtype));
+	vl->append(val_mgr->GetCount(qclass));
 
 	analyzer->ConnectionEvent(event, vl);
 	}
@@ -1435,19 +1435,19 @@ Val* DNS_MsgInfo::BuildHdrVal()
 	{
 	RecordVal* r = new RecordVal(dns_msg);
 
-	r->Assign(0, new Val(id, TYPE_COUNT));
-	r->Assign(1, new Val(opcode, TYPE_COUNT));
-	r->Assign(2, new Val(rcode, TYPE_COUNT));
-	r->Assign(3, new Val(QR, TYPE_BOOL));
-	r->Assign(4, new Val(AA, TYPE_BOOL));
-	r->Assign(5, new Val(TC, TYPE_BOOL));
-	r->Assign(6, new Val(RD, TYPE_BOOL));
-	r->Assign(7, new Val(RA, TYPE_BOOL));
-	r->Assign(8, new Val(Z, TYPE_COUNT));
-	r->Assign(9, new Val(qdcount, TYPE_COUNT));
-	r->Assign(10, new Val(ancount, TYPE_COUNT));
-	r->Assign(11, new Val(nscount, TYPE_COUNT));
-	r->Assign(12, new Val(arcount, TYPE_COUNT));
+	r->Assign(0, val_mgr->GetCount(id));
+	r->Assign(1, val_mgr->GetCount(opcode));
+	r->Assign(2, val_mgr->GetCount(rcode));
+	r->Assign(3, val_mgr->GetBool(QR));
+	r->Assign(4, val_mgr->GetBool(AA));
+	r->Assign(5, val_mgr->GetBool(TC));
+	r->Assign(6, val_mgr->GetBool(RD));
+	r->Assign(7, val_mgr->GetBool(RA));
+	r->Assign(8, val_mgr->GetCount(Z));
+	r->Assign(9, val_mgr->GetCount(qdcount));
+	r->Assign(10, val_mgr->GetCount(ancount));
+	r->Assign(11, val_mgr->GetCount(nscount));
+	r->Assign(12, val_mgr->GetCount(arcount));
 
 	return r;
 	}
@@ -1457,10 +1457,10 @@ Val* DNS_MsgInfo::BuildAnswerVal()
 	RecordVal* r = new RecordVal(dns_answer);
 
 	Ref(query_name);
-	r->Assign(0, new Val(int(answer_type), TYPE_COUNT));
+	r->Assign(0, val_mgr->GetCount(int(answer_type)));
 	r->Assign(1, query_name);
-	r->Assign(2, new Val(atype, TYPE_COUNT));
-	r->Assign(3, new Val(aclass, TYPE_COUNT));
+	r->Assign(2, val_mgr->GetCount(atype));
+	r->Assign(3, val_mgr->GetCount(aclass));
 	r->Assign(4, new IntervalVal(double(ttl), Seconds));
 
 	return r;
@@ -1473,14 +1473,14 @@ Val* DNS_MsgInfo::BuildEDNS_Val()
 	RecordVal* r = new RecordVal(dns_edns_additional);
 
 	Ref(query_name);
-	r->Assign(0, new Val(int(answer_type), TYPE_COUNT));
+	r->Assign(0, val_mgr->GetCount(int(answer_type)));
 	r->Assign(1, query_name);
 
 	// type = 0x29 or 41 = EDNS
-	r->Assign(2, new Val(atype, TYPE_COUNT));
+	r->Assign(2, val_mgr->GetCount(atype));
 
 	// sender's UDP payload size, per RFC 2671 4.3
-	r->Assign(3, new Val(aclass, TYPE_COUNT));
+	r->Assign(3, val_mgr->GetCount(aclass));
 
 	// Need to break the TTL field into three components:
 	// initial: [------------- ttl (32) ---------------------]
@@ -1493,11 +1493,11 @@ Val* DNS_MsgInfo::BuildEDNS_Val()
 
 	unsigned int return_error = (ercode << 8) | rcode;
 
-	r->Assign(4, new Val(return_error, TYPE_COUNT));
-	r->Assign(5, new Val(version, TYPE_COUNT));
-	r->Assign(6, new Val(z, TYPE_COUNT));
+	r->Assign(4, val_mgr->GetCount(return_error));
+	r->Assign(5, val_mgr->GetCount(version));
+	r->Assign(6, val_mgr->GetCount(z));
 	r->Assign(7, new IntervalVal(double(ttl), Seconds));
-	r->Assign(8, new Val(is_query, TYPE_COUNT));
+	r->Assign(8, val_mgr->GetCount(is_query));
 
 	return r;
 	}
@@ -1508,16 +1508,16 @@ Val* DNS_MsgInfo::BuildTSIG_Val()
 	double rtime = tsig->time_s + tsig->time_ms / 1000.0;
 
 	Ref(query_name);
-	// r->Assign(0, new Val(int(answer_type), TYPE_COUNT));
+	// r->Assign(0, val_mgr->GetCount(int(answer_type)));
 	r->Assign(0, query_name);
-	r->Assign(1, new Val(int(answer_type), TYPE_COUNT));
+	r->Assign(1, val_mgr->GetCount(int(answer_type)));
 	r->Assign(2, new StringVal(tsig->alg_name));
 	r->Assign(3, new StringVal(tsig->sig));
 	r->Assign(4, new Val(rtime, TYPE_TIME));
 	r->Assign(5, new Val(double(tsig->fudge), TYPE_TIME));
-	r->Assign(6, new Val(tsig->orig_id, TYPE_COUNT));
-	r->Assign(7, new Val(tsig->rr_error, TYPE_COUNT));
-	r->Assign(8, new Val(is_query, TYPE_COUNT));
+	r->Assign(6, val_mgr->GetCount(tsig->orig_id));
+	r->Assign(7, val_mgr->GetCount(tsig->rr_error));
+	r->Assign(8, val_mgr->GetCount(is_query));
 
 	delete tsig;
 	tsig = 0;
@@ -1531,17 +1531,17 @@ Val* DNS_MsgInfo::BuildRRSIG_Val(RRSIG_DATA* rrsig)
 
 	Ref(query_name);
 	r->Assign(0, query_name);
-	r->Assign(1, new Val(int(answer_type), TYPE_COUNT));
-	r->Assign(2, new Val(rrsig->type_covered, TYPE_COUNT));
-	r->Assign(3, new Val(rrsig->algorithm, TYPE_COUNT));
-	r->Assign(4, new Val(rrsig->labels, TYPE_COUNT));
+	r->Assign(1, val_mgr->GetCount(int(answer_type)));
+	r->Assign(2, val_mgr->GetCount(rrsig->type_covered));
+	r->Assign(3, val_mgr->GetCount(rrsig->algorithm));
+	r->Assign(4, val_mgr->GetCount(rrsig->labels));
 	r->Assign(5, new IntervalVal(double(rrsig->orig_ttl), Seconds));
 	r->Assign(6, new Val(double(rrsig->sig_exp), TYPE_TIME));
 	r->Assign(7, new Val(double(rrsig->sig_incep), TYPE_TIME));
-	r->Assign(8, new Val(rrsig->key_tag, TYPE_COUNT));
+	r->Assign(8, val_mgr->GetCount(rrsig->key_tag));
 	r->Assign(9, new StringVal(rrsig->signer_name));
 	r->Assign(10, new StringVal(rrsig->signature));
-	r->Assign(11, new Val(is_query, TYPE_COUNT));
+	r->Assign(11, val_mgr->GetCount(is_query));
 
 	return r;
 	}
@@ -1552,12 +1552,12 @@ Val* DNS_MsgInfo::BuildDNSKEY_Val(DNSKEY_DATA* dnskey)
 
 	Ref(query_name);
 	r->Assign(0, query_name);
-	r->Assign(1, new Val(int(answer_type), TYPE_COUNT));
-	r->Assign(2, new Val(dnskey->dflags, TYPE_COUNT));
-	r->Assign(3, new Val(dnskey->dprotocol, TYPE_COUNT));
-	r->Assign(4, new Val(dnskey->dalgorithm, TYPE_COUNT));
+	r->Assign(1, val_mgr->GetCount(int(answer_type)));
+	r->Assign(2, val_mgr->GetCount(dnskey->dflags));
+	r->Assign(3, val_mgr->GetCount(dnskey->dprotocol));
+	r->Assign(4, val_mgr->GetCount(dnskey->dalgorithm));
 	r->Assign(5, new StringVal(dnskey->public_key));
-	r->Assign(6, new Val(is_query, TYPE_COUNT));
+	r->Assign(6, val_mgr->GetCount(is_query));
 
 	return r;
 	}
@@ -1568,16 +1568,16 @@ Val* DNS_MsgInfo::BuildNSEC3_Val(NSEC3_DATA* nsec3)
 
 	Ref(query_name);
 	r->Assign(0, query_name);
-	r->Assign(1, new Val(int(answer_type), TYPE_COUNT));
-	r->Assign(2, new Val(nsec3->nsec_flags, TYPE_COUNT));
-	r->Assign(3, new Val(nsec3->nsec_hash_algo, TYPE_COUNT));
-	r->Assign(4, new Val(nsec3->nsec_iter, TYPE_COUNT));
-	r->Assign(5, new Val(nsec3->nsec_salt_len, TYPE_COUNT));
+	r->Assign(1, val_mgr->GetCount(int(answer_type)));
+	r->Assign(2, val_mgr->GetCount(nsec3->nsec_flags));
+	r->Assign(3, val_mgr->GetCount(nsec3->nsec_hash_algo));
+	r->Assign(4, val_mgr->GetCount(nsec3->nsec_iter));
+	r->Assign(5, val_mgr->GetCount(nsec3->nsec_salt_len));
 	r->Assign(6, new StringVal(nsec3->nsec_salt));
-	r->Assign(7, new Val(nsec3->nsec_hlen, TYPE_COUNT));
+	r->Assign(7, val_mgr->GetCount(nsec3->nsec_hlen));
 	r->Assign(8, new StringVal(nsec3->nsec_hash));
 	r->Assign(9, nsec3->bitmaps);
-	r->Assign(10, new Val(is_query, TYPE_COUNT));
+	r->Assign(10, val_mgr->GetCount(is_query));
 
 	return r;
 	}
@@ -1588,12 +1588,12 @@ Val* DNS_MsgInfo::BuildDS_Val(DS_DATA* ds)
 
 	Ref(query_name);
 	r->Assign(0, query_name);
-	r->Assign(1, new Val(int(answer_type), TYPE_COUNT));
-	r->Assign(2, new Val(ds->key_tag, TYPE_COUNT));
-	r->Assign(3, new Val(ds->algorithm, TYPE_COUNT));
-	r->Assign(4, new Val(ds->digest_type, TYPE_COUNT));
+	r->Assign(1, val_mgr->GetCount(int(answer_type)));
+	r->Assign(2, val_mgr->GetCount(ds->key_tag));
+	r->Assign(3, val_mgr->GetCount(ds->algorithm));
+	r->Assign(4, val_mgr->GetCount(ds->digest_type));
 	r->Assign(5, new StringVal(ds->digest_val));
-	r->Assign(6, new Val(is_query, TYPE_COUNT));
+	r->Assign(6, val_mgr->GetCount(is_query));
 
 	return r;
 	}

src/analyzer/protocol/finger/Finger.cc

@@ -68,7 +68,7 @@ void Finger_Analyzer::DeliverStream(int length, const u_char* data, bool is_orig
 
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(long_cnt, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(long_cnt));
 		vl->append(new StringVal(at - line, line));
 		vl->append(new StringVal(end_of_line - host, host));
 

src/analyzer/protocol/ftp/FTP.cc

@@ -171,9 +171,9 @@ void FTP_Analyzer::DeliverStream(int length, const u_char* data, bool orig)
 				}
 			}
 
-		vl->append(new Val(reply_code, TYPE_COUNT));
+		vl->append(val_mgr->GetCount(reply_code));
 		vl->append(new StringVal(end_of_line - line, line));
-		vl->append(new Val(cont_resp, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(cont_resp));
 
 		f = ftp_reply;
 		}

src/analyzer/protocol/ftp/functions.bif

@@ -33,14 +33,14 @@ static Val* parse_port(const char* line)
 			}
 
 		r->Assign(0, new AddrVal(htonl(addr)));
-		r->Assign(1, port_mgr->Get(port, TRANSPORT_TCP));
-		r->Assign(2, new Val(good, TYPE_BOOL));
+		r->Assign(1, val_mgr->GetPort(port, TRANSPORT_TCP));
+		r->Assign(2, val_mgr->GetBool(good));
 		}
 	else
 		{
 		r->Assign(0, new AddrVal(uint32(0)));
-		r->Assign(1, port_mgr->Get(0, TRANSPORT_TCP));
-		r->Assign(2, new Val(0, TYPE_BOOL));
+		r->Assign(1, val_mgr->GetPort(0, TRANSPORT_TCP));
+		r->Assign(2, val_mgr->GetBool(0));
 		}
 
 	return r;
@@ -109,8 +109,8 @@ static Val* parse_eftp(const char* line)
 		}
 
 	r->Assign(0, new AddrVal(addr));
-	r->Assign(1, port_mgr->Get(port, TRANSPORT_TCP));
-	r->Assign(2, new Val(good, TYPE_BOOL));
+	r->Assign(1, val_mgr->GetPort(port, TRANSPORT_TCP));
+	r->Assign(2, val_mgr->GetBool(good));
 
 	return r;
 	}
@@ -214,7 +214,7 @@ function fmt_ftp_port%(a: addr, p: port%): string
 		{
 		builtin_error("conversion of non-IPv4 address in fmt_ftp_port",
 		              @ARG@[0]);
-		return new StringVal("");
+		return val_mgr->GetEmptyString();
 		}
 	%}
 

src/analyzer/protocol/gnutella/Gnutella.cc

@@ -82,8 +82,8 @@ void Gnutella_Analyzer::Done()
 
 				vl->append(BuildConnVal());
 				vl->append(new StringVal(p->msg));
-				vl->append(new Val((i == 0), TYPE_BOOL));
-				vl->append(new Val(p->msg_pos, TYPE_COUNT));
+				vl->append(val_mgr->GetBool((i == 0)));
+				vl->append(val_mgr->GetCount(p->msg_pos));
 
 				ConnectionEvent(gnutella_partial_binary_msg, vl);
 				}
@@ -195,7 +195,7 @@ void Gnutella_Analyzer::DeliverLines(int len, const u_char* data, bool orig)
 				val_list* vl = new val_list;
 
 				vl->append(BuildConnVal());
-				vl->append(new Val(orig, TYPE_BOOL));
+				vl->append(val_mgr->GetBool(orig));
 				vl->append(new StringVal(ms->headers.data()));
 
 				ConnectionEvent(gnutella_text_msg, vl);
@@ -240,17 +240,16 @@ void Gnutella_Analyzer::SendEvents(GnutellaMsgState* p, bool is_orig)
 		val_list* vl = new val_list;
 
 		vl->append(BuildConnVal());
-		vl->append(new Val(is_orig, TYPE_BOOL));
-		vl->append(new Val(p->msg_type, TYPE_COUNT));
-		vl->append(new Val(p->msg_ttl, TYPE_COUNT));
-		vl->append(new Val(p->msg_hops, TYPE_COUNT));
-		vl->append(new Val(p->msg_len, TYPE_COUNT));
+		vl->append(val_mgr->GetBool(is_orig));
+		vl->append(val_mgr->GetCount(p->msg_type));
+		vl->append(val_mgr->GetCount(p->msg_ttl));
+		vl->append(val_mgr->GetCount(p->msg_hops));
+		vl->append(val_mgr->GetCount(p->msg_len));
 		vl->append(new StringVal(p->payload));
-		vl->append(new Val(p->payload_len, TYPE_COUNT));
-		vl->append(new Val((p->payload_len <
-				    min(p->msg_len, (unsigned int)GNUTELLA_MAX_PAYLOAD)),
-				   TYPE_BOOL));
-		vl->append(new Val((p->payload_left == 0), TYPE_BOOL));
+		vl->append(val_mgr->GetCount(p->payload_len));
+		vl->append(val_mgr->GetBool(
+		    (p->payload_len < min(p->msg_len, (unsigned int)GNUTELLA_MAX_PAYLOAD))));
+		vl->append(val_mgr->GetBool((p->payload_left == 0)));
 
 		ConnectionEvent(gnutella_binary_msg, vl);
 		}

src/analyzer/protocol/gtpv1/gtpv1-analyzer.pac

@@ -4,21 +4,21 @@ RecordVal* BuildGTPv1Hdr(const GTPv1_Header* pdu)
 	{
 	RecordVal* rv = new RecordVal(BifType::Record::gtpv1_hdr);
 
-	rv->Assign(0, new Val(pdu->version(), TYPE_COUNT));
-	rv->Assign(1, new Val(pdu->pt_flag(), TYPE_BOOL));
-	rv->Assign(2, new Val(pdu->rsv(), TYPE_BOOL));
-	rv->Assign(3, new Val(pdu->e_flag(), TYPE_BOOL));
-	rv->Assign(4, new Val(pdu->s_flag(), TYPE_BOOL));
-	rv->Assign(5, new Val(pdu->pn_flag(), TYPE_BOOL));
-	rv->Assign(6, new Val(pdu->msg_type(), TYPE_COUNT));
-	rv->Assign(7, new Val(pdu->length(), TYPE_COUNT));
-	rv->Assign(8, new Val(pdu->teid(), TYPE_COUNT));
+	rv->Assign(0, val_mgr->GetCount(pdu->version()));
+	rv->Assign(1, val_mgr->GetBool(pdu->pt_flag()));
+	rv->Assign(2, val_mgr->GetBool(pdu->rsv()));
+	rv->Assign(3, val_mgr->GetBool(pdu->e_flag()));
+	rv->Assign(4, val_mgr->GetBool(pdu->s_flag()));
+	rv->Assign(5, val_mgr->GetBool(pdu->pn_flag()));
+	rv->Assign(6, val_mgr->GetCount(pdu->msg_type()));
+	rv->Assign(7, val_mgr->GetCount(pdu->length()));
+	rv->Assign(8, val_mgr->GetCount(pdu->teid()));
 
 	if ( pdu->has_opt() )
 		{
-		rv->Assign(9, new Val(pdu->opt_hdr()->seq(), TYPE_COUNT));
-		rv->Assign(10, new Val(pdu->opt_hdr()->n_pdu(), TYPE_COUNT));
-		rv->Assign(11, new Val(pdu->opt_hdr()->next_type(), TYPE_COUNT));
+		rv->Assign(9, val_mgr->GetCount(pdu->opt_hdr()->seq()));
+		rv->Assign(10, val_mgr->GetCount(pdu->opt_hdr()->n_pdu()));
+		rv->Assign(11, val_mgr->GetCount(pdu->opt_hdr()->next_type()));
 		}
 
 	return rv;
@@ -26,64 +26,64 @@ RecordVal* BuildGTPv1Hdr(const GTPv1_Header* pdu)
 
 Val* BuildIMSI(const InformationElement* ie)
 	{
-	return new Val(ie->imsi()->value(), TYPE_COUNT);
+	return val_mgr->GetCount(ie->imsi()->value());
 	}
 
 Val* BuildRAI(const InformationElement* ie)
 	{
 	RecordVal* ev = new RecordVal(BifType::Record::gtp_rai);
-	ev->Assign(0, new Val(ie->rai()->mcc(), TYPE_COUNT));
-	ev->Assign(1, new Val(ie->rai()->mnc(), TYPE_COUNT));
-	ev->Assign(2, new Val(ie->rai()->lac(), TYPE_COUNT));
-	ev->Assign(3, new Val(ie->rai()->rac(), TYPE_COUNT));
+	ev->Assign(0, val_mgr->GetCount(ie->rai()->mcc()));
+	ev->Assign(1, val_mgr->GetCount(ie->rai()->mnc()));
+	ev->Assign(2, val_mgr->GetCount(ie->rai()->lac()));
+	ev->Assign(3, val_mgr->GetCount(ie->rai()->rac()));
 	return ev;
 	}
 
 Val* BuildRecovery(const InformationElement* ie)
 	{
-	return new Val(ie->recovery()->restart_counter(), TYPE_COUNT);
+	return val_mgr->GetCount(ie->recovery()->restart_counter());
 	}
 
 Val* BuildSelectionMode(const InformationElement* ie)
 	{
-	return new Val(ie->selection_mode()->mode(), TYPE_COUNT);
+	return val_mgr->GetCount(ie->selection_mode()->mode());
 	}
 
 Val* BuildTEID1(const InformationElement* ie)
 	{
-	return new Val(ie->teid1()->value(), TYPE_COUNT);
+	return val_mgr->GetCount(ie->teid1()->value());
 	}
 
 Val* BuildTEID_ControlPlane(const InformationElement* ie)
 	{
-	return new Val(ie->teidcp()->value(), TYPE_COUNT);
+	return val_mgr->GetCount(ie->teidcp()->value());
 	}
 
 Val* BuildNSAPI(const InformationElement* ie)
 	{
-	return new Val(ie->nsapi()->nsapi(), TYPE_COUNT);
+	return val_mgr->GetCount(ie->nsapi()->nsapi());
 	}
 
 Val* BuildChargingCharacteristics(const InformationElement* ie)
 	{
-	return new Val(ie->charging_characteristics()->value(), TYPE_COUNT);
+	return val_mgr->GetCount(ie->charging_characteristics()->value());
 	}
 
 Val* BuildTraceReference(const InformationElement* ie)
 	{
-	return new Val(ie->trace_reference()->value(), TYPE_COUNT);
+	return val_mgr->GetCount(ie->trace_reference()->value());
 	}
 
 Val* BuildTraceType(const InformationElement* ie)
 	{
-	return new Val(ie->trace_type()->value(), TYPE_COUNT);
+	return val_mgr->GetCount(ie->trace_type()->value());
 	}
 
 Val* BuildEndUserAddr(const InformationElement* ie)
 	{
 	RecordVal* ev = new RecordVal(BifType::Record::gtp_end_user_addr);
-	ev->Assign(0, new Val(ie->end_user_addr()->pdp_type_org(), TYPE_COUNT));
-	ev->Assign(1, new Val(ie->end_user_addr()->pdp_type_num(), TYPE_COUNT));
+	ev->Assign(0, val_mgr->GetCount(ie->end_user_addr()->pdp_type_org()));
+	ev->Assign(1, val_mgr->GetCount(ie->end_user_addr()->pdp_type_num()));
 
 	int len = ie->end_user_addr()->pdp_addr().length();
 
@@ -157,8 +157,7 @@ Val* BuildQoS_Profile(const InformationElement* ie)
 	const u_char* d = (const u_char*) ie->qos_profile()->data().data();
 	int len = ie->qos_profile()->data().length();
 
-	ev->Assign(0, new Val(ie->qos_profile()->alloc_retention_priority(),
-	                      TYPE_COUNT));
+	ev->Assign(0, val_mgr->GetCount(ie->qos_profile()->alloc_retention_priority()));
 	ev->Assign(1, new StringVal(new BroString(d, len, 0)));
 
 	return ev;
@@ -192,7 +191,7 @@ Val* BuildPrivateExt(const InformationElement* ie)
 	const uint8* d = ie->private_ext()->value().data();
 	int len = ie->private_ext()->value().length();
 
-	ev->Assign(0, new Val(ie->private_ext()->id(), TYPE_COUNT));
+	ev->Assign(0, val_mgr->GetCount(ie->private_ext()->id()));
 	ev->Assign(1, new StringVal(new BroString((const u_char*) d, len, 0)));
 
 	return ev;
@@ -200,17 +199,17 @@ Val* BuildPrivateExt(const InformationElement* ie)
 
 Val* BuildCause(const InformationElement* ie)
 	{
-	return new Val(ie->cause()->value(), TYPE_COUNT);
+	return val_mgr->GetCount(ie->cause()->value());
 	}
 
 Val* BuildReorderReq(const InformationElement* ie)
 	{
-	return new Val(ie->reorder_req()->req(), TYPE_BOOL);
+	return val_mgr->GetBool(ie->reorder_req()->req());
 	}
 
 Val* BuildChargingID(const InformationElement* ie)
 	{
-	return new Val(ie->charging_id()->value(), TYPE_COUNT);;
+	return val_mgr->GetCount(ie->charging_id()->value());;
 	}
 
 Val* BuildChargingGatewayAddr(const InformationElement* ie)
@@ -227,7 +226,7 @@ Val* BuildChargingGatewayAddr(const InformationElement* ie)
 
 Val* BuildTeardownInd(const InformationElement* ie)
 	{
-	return new Val(ie->teardown_ind()->ind(), TYPE_BOOL);
+	return val_mgr->GetBool(ie->teardown_ind()->ind());
 	}
 
 void CreatePDP_Request(const BroAnalyzer& a, const GTPv1_Header* pdu)

src/analyzer/protocol/http/HTTP.cc

@@ -614,11 +614,11 @@ Val* HTTP_Message::BuildMessageStat(const int interrupted, const char* msg)
 	RecordVal* stat = new RecordVal(http_message_stat);
 	int field = 0;
 	stat->Assign(field++, new Val(start_time, TYPE_TIME));
-	stat->Assign(field++, new Val(interrupted, TYPE_BOOL));
+	stat->Assign(field++, val_mgr->GetBool(interrupted));
 	stat->Assign(field++, new StringVal(msg));
-	stat->Assign(field++, new Val(body_length, TYPE_COUNT));
-	stat->Assign(field++, new Val(content_gap_length, TYPE_COUNT));
-	stat->Assign(field++, new Val(header_length, TYPE_COUNT));
+	stat->Assign(field++, val_mgr->GetCount(body_length));
+	stat->Assign(field++, val_mgr->GetCount(content_gap_length));
+	stat->Assign(field++, val_mgr->GetCount(header_length));
 	return stat;
 	}
 
@@ -648,7 +648,7 @@ void HTTP_Message::Done(const int interrupted, const char* detail)
 		{
 		val_list* vl = new val_list;
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(is_orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(is_orig));
 		vl->append(BuildMessageStat(interrupted, detail));
 		GetAnalyzer()->ConnectionEvent(http_message_done, vl);
 		}
@@ -681,7 +681,7 @@ void HTTP_Message::BeginEntity(mime::MIME_Entity* entity)
 		{
 		val_list* vl = new val_list();
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(is_orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(is_orig));
 		analyzer->ConnectionEvent(http_begin_entity, vl);
 		}
 	}
@@ -698,7 +698,7 @@ void HTTP_Message::EndEntity(mime::MIME_Entity* entity)
 		{
 		val_list* vl = new val_list();
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(is_orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(is_orig));
 		analyzer->ConnectionEvent(http_end_entity, vl);
 		}
 
@@ -739,7 +739,7 @@ void HTTP_Message::SubmitAllHeaders(mime::MIME_HeaderList& hlist)
 		{
 		val_list* vl = new val_list();
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(is_orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(is_orig));
 		vl->append(BuildHeaderTable(hlist));
 		analyzer->ConnectionEvent(http_all_headers, vl);
 		}
@@ -753,7 +753,7 @@ void HTTP_Message::SubmitAllHeaders(mime::MIME_HeaderList& hlist)
 
 		val_list* vl = new val_list();
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(is_orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(is_orig));
 		vl->append(ty);
 		vl->append(subty);
 		analyzer->ConnectionEvent(http_content_type, vl);
@@ -1177,8 +1177,8 @@ void HTTP_Analyzer::GenStats()
 	if ( http_stats )
 		{
 		RecordVal* r = new RecordVal(http_stats_rec);
-		r->Assign(0, new Val(num_requests, TYPE_COUNT));
-		r->Assign(1, new Val(num_replies, TYPE_COUNT));
+		r->Assign(0, val_mgr->GetCount(num_requests));
+		r->Assign(1, val_mgr->GetCount(num_replies));
 		r->Assign(2, new Val(request_version, TYPE_DOUBLE));
 		r->Assign(3, new Val(reply_version, TYPE_DOUBLE));
 
@@ -1447,7 +1447,7 @@ void HTTP_Analyzer::HTTP_Reply()
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
 		vl->append(new StringVal(fmt("%.1f", reply_version)));
-		vl->append(new Val(reply_code, TYPE_COUNT));
+		vl->append(val_mgr->GetCount(reply_code));
 		if ( reply_reason_phrase )
 			vl->append(reply_reason_phrase->Ref());
 		else
@@ -1699,7 +1699,7 @@ void HTTP_Analyzer::HTTP_Header(int is_orig, mime::MIME_Header* h)
 
 		val_list* vl = new val_list();
 		vl->append(BuildConnVal());
-		vl->append(new Val(is_orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(is_orig));
 		vl->append(mime::new_string_val(h->get_name())->ToUpper());
 		vl->append(mime::new_string_val(h->get_value()));
 		if ( DEBUG_http )
@@ -1835,8 +1835,8 @@ void HTTP_Analyzer::HTTP_EntityData(int is_orig, BroString* entity_data)
 		{
 		val_list* vl = new val_list();
 		vl->append(BuildConnVal());
-		vl->append(new Val(is_orig, TYPE_BOOL));
-		vl->append(new Val(entity_data->Len(), TYPE_COUNT));
+		vl->append(val_mgr->GetBool(is_orig));
+		vl->append(val_mgr->GetCount(entity_data->Len()));
 		vl->append(new StringVal(entity_data));
 		ConnectionEvent(http_entity_data, vl);
 		}

src/analyzer/protocol/icmp/ICMP.cc

@@ -225,11 +225,11 @@ RecordVal* ICMP_Analyzer::BuildICMPVal(const struct icmp* icmpp, int len,
 
 		icmp_conn_val->Assign(0, new AddrVal(Conn()->OrigAddr()));
 		icmp_conn_val->Assign(1, new AddrVal(Conn()->RespAddr()));
-		icmp_conn_val->Assign(2, new Val(icmpp->icmp_type, TYPE_COUNT));
-		icmp_conn_val->Assign(3, new Val(icmpp->icmp_code, TYPE_COUNT));
-		icmp_conn_val->Assign(4, new Val(len, TYPE_COUNT));
-		icmp_conn_val->Assign(5, new Val(ip_hdr->TTL(), TYPE_COUNT));
-		icmp_conn_val->Assign(6, new Val(icmpv6, TYPE_BOOL));
+		icmp_conn_val->Assign(2, val_mgr->GetCount(icmpp->icmp_type));
+		icmp_conn_val->Assign(3, val_mgr->GetCount(icmpp->icmp_code));
+		icmp_conn_val->Assign(4, val_mgr->GetCount(len));
+		icmp_conn_val->Assign(5, val_mgr->GetCount(ip_hdr->TTL()));
+		icmp_conn_val->Assign(6, val_mgr->GetBool(icmpv6));
 		}
 
 	Ref(icmp_conn_val);
@@ -352,18 +352,18 @@ RecordVal* ICMP_Analyzer::ExtractICMP4Context(int len, const u_char*& data)
 	RecordVal* id_val = new RecordVal(conn_id);
 
 	id_val->Assign(0, new AddrVal(src_addr));
-	id_val->Assign(1, port_mgr->Get(src_port, proto));
+	id_val->Assign(1, val_mgr->GetPort(src_port, proto));
 	id_val->Assign(2, new AddrVal(dst_addr));
-	id_val->Assign(3, port_mgr->Get(dst_port, proto));
+	id_val->Assign(3, val_mgr->GetPort(dst_port, proto));
 
 	iprec->Assign(0, id_val);
-	iprec->Assign(1, new Val(ip_len, TYPE_COUNT));
-	iprec->Assign(2, new Val(proto, TYPE_COUNT));
-	iprec->Assign(3, new Val(frag_offset, TYPE_COUNT));
-	iprec->Assign(4, new Val(bad_hdr_len, TYPE_BOOL));
-	iprec->Assign(5, new Val(bad_checksum, TYPE_BOOL));
-	iprec->Assign(6, new Val(MF, TYPE_BOOL));
-	iprec->Assign(7, new Val(DF, TYPE_BOOL));
+	iprec->Assign(1, val_mgr->GetCount(ip_len));
+	iprec->Assign(2, val_mgr->GetCount(proto));
+	iprec->Assign(3, val_mgr->GetCount(frag_offset));
+	iprec->Assign(4, val_mgr->GetBool(bad_hdr_len));
+	iprec->Assign(5, val_mgr->GetBool(bad_checksum));
+	iprec->Assign(6, val_mgr->GetBool(MF));
+	iprec->Assign(7, val_mgr->GetBool(DF));
 
 	return iprec;
 	}
@@ -411,19 +411,19 @@ RecordVal* ICMP_Analyzer::ExtractICMP6Context(int len, const u_char*& data)
 	RecordVal* id_val = new RecordVal(conn_id);
 
 	id_val->Assign(0, new AddrVal(src_addr));
-	id_val->Assign(1, port_mgr->Get(src_port, proto));
+	id_val->Assign(1, val_mgr->GetPort(src_port, proto));
 	id_val->Assign(2, new AddrVal(dst_addr));
-	id_val->Assign(3, port_mgr->Get(dst_port, proto));
+	id_val->Assign(3, val_mgr->GetPort(dst_port, proto));
 
 	iprec->Assign(0, id_val);
-	iprec->Assign(1, new Val(ip_len, TYPE_COUNT));
-	iprec->Assign(2, new Val(proto, TYPE_COUNT));
-	iprec->Assign(3, new Val(frag_offset, TYPE_COUNT));
-	iprec->Assign(4, new Val(bad_hdr_len, TYPE_BOOL));
+	iprec->Assign(1, val_mgr->GetCount(ip_len));
+	iprec->Assign(2, val_mgr->GetCount(proto));
+	iprec->Assign(3, val_mgr->GetCount(frag_offset));
+	iprec->Assign(4, val_mgr->GetBool(bad_hdr_len));
 	// bad_checksum is always false since IPv6 layer doesn't have a checksum.
-	iprec->Assign(5, new Val(0, TYPE_BOOL));
-	iprec->Assign(6, new Val(MF, TYPE_BOOL));
-	iprec->Assign(7, new Val(DF, TYPE_BOOL));
+	iprec->Assign(5, val_mgr->GetBool(0));
+	iprec->Assign(6, val_mgr->GetBool(MF));
+	iprec->Assign(7, val_mgr->GetBool(DF));
 
 	return iprec;
 	}
@@ -471,14 +471,14 @@ void ICMP_Analyzer::UpdateEndpointVal(RecordVal* endp, int is_orig)
 	int size = is_orig ? request_len : reply_len;
 	if ( size < 0 )
 		{
-		endp->Assign(0, new Val(0, TYPE_COUNT));
-		endp->Assign(1, new Val(int(ICMP_INACTIVE), TYPE_COUNT));
+		endp->Assign(0, val_mgr->GetCount(0));
+		endp->Assign(1, val_mgr->GetCount(int(ICMP_INACTIVE)));
 		}
 
 	else
 		{
-		endp->Assign(0, new Val(size, TYPE_COUNT));
-		endp->Assign(1, new Val(int(ICMP_ACTIVE), TYPE_COUNT));
+		endp->Assign(0, val_mgr->GetCount(size));
+		endp->Assign(1, val_mgr->GetCount(int(ICMP_ACTIVE)));
 		}
 	}
 
@@ -514,8 +514,8 @@ void ICMP_Analyzer::Echo(double t, const struct icmp* icmpp, int len,
 	val_list* vl = new val_list;
 	vl->append(BuildConnVal());
 	vl->append(BuildICMPVal(icmpp, len, ip_hdr->NextProto() != IPPROTO_ICMP, ip_hdr));
-	vl->append(new Val(iid, TYPE_COUNT));
-	vl->append(new Val(iseq, TYPE_COUNT));
+	vl->append(val_mgr->GetCount(iid));
+	vl->append(val_mgr->GetCount(iseq));
 	vl->append(new StringVal(payload));
 
 	ConnectionEvent(f, vl);
@@ -537,13 +537,13 @@ void ICMP_Analyzer::RouterAdvert(double t, const struct icmp* icmpp, int len,
 	val_list* vl = new val_list;
 	vl->append(BuildConnVal());
 	vl->append(BuildICMPVal(icmpp, len, 1, ip_hdr));
-	vl->append(new Val(icmpp->icmp_num_addrs, TYPE_COUNT)); // Cur Hop Limit
-	vl->append(new Val(icmpp->icmp_wpa & 0x80, TYPE_BOOL)); // Managed
-	vl->append(new Val(icmpp->icmp_wpa & 0x40, TYPE_BOOL)); // Other
-	vl->append(new Val(icmpp->icmp_wpa & 0x20, TYPE_BOOL)); // Home Agent
-	vl->append(new Val((icmpp->icmp_wpa & 0x18)>>3, TYPE_COUNT)); // Pref
-	vl->append(new Val(icmpp->icmp_wpa & 0x04, TYPE_BOOL)); // Proxy
-	vl->append(new Val(icmpp->icmp_wpa & 0x02, TYPE_COUNT)); // Reserved
+	vl->append(val_mgr->GetCount(icmpp->icmp_num_addrs)); // Cur Hop Limit
+	vl->append(val_mgr->GetBool(icmpp->icmp_wpa & 0x80)); // Managed
+	vl->append(val_mgr->GetBool(icmpp->icmp_wpa & 0x40)); // Other
+	vl->append(val_mgr->GetBool(icmpp->icmp_wpa & 0x20)); // Home Agent
+	vl->append(val_mgr->GetCount((icmpp->icmp_wpa & 0x18)>>3)); // Pref
+	vl->append(val_mgr->GetBool(icmpp->icmp_wpa & 0x04)); // Proxy
+	vl->append(val_mgr->GetCount(icmpp->icmp_wpa & 0x02)); // Reserved
 	vl->append(new IntervalVal((double)ntohs(icmpp->icmp_lifetime), Seconds));
 	vl->append(new IntervalVal((double)ntohl(reachable), Milliseconds));
 	vl->append(new IntervalVal((double)ntohl(retrans), Milliseconds));
@@ -567,9 +567,9 @@ void ICMP_Analyzer::NeighborAdvert(double t, const struct icmp* icmpp, int len,
 	val_list* vl = new val_list;
 	vl->append(BuildConnVal());
 	vl->append(BuildICMPVal(icmpp, len, 1, ip_hdr));
-	vl->append(new Val(icmpp->icmp_num_addrs & 0x80, TYPE_BOOL)); // Router
-	vl->append(new Val(icmpp->icmp_num_addrs & 0x40, TYPE_BOOL)); // Solicited
-	vl->append(new Val(icmpp->icmp_num_addrs & 0x20, TYPE_BOOL)); // Override
+	vl->append(val_mgr->GetBool(icmpp->icmp_num_addrs & 0x80)); // Router
+	vl->append(val_mgr->GetBool(icmpp->icmp_num_addrs & 0x40)); // Solicited
+	vl->append(val_mgr->GetBool(icmpp->icmp_num_addrs & 0x20)); // Override
 	vl->append(new AddrVal(tgtaddr));
 
 	int opt_offset = sizeof(in6_addr);
@@ -660,7 +660,7 @@ void ICMP_Analyzer::Context4(double t, const struct icmp* icmpp,
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
 		vl->append(BuildICMPVal(icmpp, len, 0, ip_hdr));
-		vl->append(new Val(icmpp->icmp_code, TYPE_COUNT));
+		vl->append(val_mgr->GetCount(icmpp->icmp_code));
 		vl->append(ExtractICMP4Context(caplen, data));
 		ConnectionEvent(f, vl);
 		}
@@ -700,7 +700,7 @@ void ICMP_Analyzer::Context6(double t, const struct icmp* icmpp,
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
 		vl->append(BuildICMPVal(icmpp, len, 1, ip_hdr));
-		vl->append(new Val(icmpp->icmp_code, TYPE_COUNT));
+		vl->append(val_mgr->GetCount(icmpp->icmp_code));
 		vl->append(ExtractICMP6Context(caplen, data));
 		ConnectionEvent(f, vl);
 		}
@@ -740,8 +740,8 @@ VectorVal* ICMP_Analyzer::BuildNDOptionsVal(int caplen, const u_char* data)
 			}
 
 		RecordVal* rv = new RecordVal(icmp6_nd_option_type);
-		rv->Assign(0, new Val(type, TYPE_COUNT));
-		rv->Assign(1, new Val(length, TYPE_COUNT));
+		rv->Assign(0, val_mgr->GetCount(type));
+		rv->Assign(1, val_mgr->GetCount(length));
 
 		// Adjust length to be in units of bytes, exclude type/length fields.
 		length = length * 8 - 2;
@@ -780,9 +780,9 @@ VectorVal* ICMP_Analyzer::BuildNDOptionsVal(int caplen, const u_char* data)
 				uint32 valid_life = *((const uint32*)(data + 2));
 				uint32 prefer_life = *((const uint32*)(data + 6));
 				in6_addr prefix = *((const in6_addr*)(data + 14));
-				info->Assign(0, new Val(prefix_len, TYPE_COUNT));
-				info->Assign(1, new Val(L_flag, TYPE_BOOL));
-				info->Assign(2, new Val(A_flag, TYPE_BOOL));
+				info->Assign(0, val_mgr->GetCount(prefix_len));
+				info->Assign(1, val_mgr->GetBool(L_flag));
+				info->Assign(2, val_mgr->GetBool(A_flag));
 				info->Assign(3, new IntervalVal((double)ntohl(valid_life), Seconds));
 				info->Assign(4, new IntervalVal((double)ntohl(prefer_life), Seconds));
 				info->Assign(5, new AddrVal(IPAddr(prefix)));
@@ -813,8 +813,7 @@ VectorVal* ICMP_Analyzer::BuildNDOptionsVal(int caplen, const u_char* data)
 			// MTU option
 			{
 			if ( caplen >= 6 )
-				rv->Assign(5, new Val(ntohl(*((const uint32*)(data + 2))),
-				                      TYPE_COUNT));
+				rv->Assign(5, val_mgr->GetCount(ntohl(*((const uint32*)(data + 2)))));
 			else
 				set_payload_field = true;
 

src/analyzer/protocol/ident/Ident.cc

@@ -85,8 +85,8 @@ void Ident_Analyzer::DeliverStream(int length, const u_char* data, bool is_orig)
 
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(port_mgr->Get(local_port, TRANSPORT_TCP));
-		vl->append(port_mgr->Get(remote_port, TRANSPORT_TCP));
+		vl->append(val_mgr->GetPort(local_port, TRANSPORT_TCP));
+		vl->append(val_mgr->GetPort(remote_port, TRANSPORT_TCP));
 
 		ConnectionEvent(ident_request, vl);
 
@@ -146,8 +146,8 @@ void Ident_Analyzer::DeliverStream(int length, const u_char* data, bool is_orig)
 			{
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(port_mgr->Get(local_port, TRANSPORT_TCP));
-			vl->append(port_mgr->Get(remote_port, TRANSPORT_TCP));
+			vl->append(val_mgr->GetPort(local_port, TRANSPORT_TCP));
+			vl->append(val_mgr->GetPort(remote_port, TRANSPORT_TCP));
 			vl->append(new StringVal(end_of_line - line, line));
 
 			ConnectionEvent(ident_error, vl);
@@ -180,8 +180,8 @@ void Ident_Analyzer::DeliverStream(int length, const u_char* data, bool is_orig)
 
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(port_mgr->Get(local_port, TRANSPORT_TCP));
-			vl->append(port_mgr->Get(remote_port, TRANSPORT_TCP));
+			vl->append(val_mgr->GetPort(local_port, TRANSPORT_TCP));
+			vl->append(val_mgr->GetPort(remote_port, TRANSPORT_TCP));
 			vl->append(new StringVal(end_of_line - line, line));
 			vl->append(new StringVal(sys_type_s));
 

src/analyzer/protocol/interconn/InterConn.cc

@@ -127,16 +127,16 @@ RecordVal* InterConnEndpoint::BuildStats()
 	{
 	RecordVal* stats = new RecordVal(interconn_endp_stats);
 
-	stats->Assign(0, new Val(num_pkts, TYPE_COUNT));
-	stats->Assign(1, new Val(num_keystrokes_two_in_a_row, TYPE_COUNT));
-	stats->Assign(2, new Val(num_normal_interarrivals, TYPE_COUNT));
-	stats->Assign(3, new Val(num_8k0_pkts, TYPE_COUNT));
-	stats->Assign(4, new Val(num_8k4_pkts, TYPE_COUNT));
-	stats->Assign(5, new Val(is_partial, TYPE_BOOL));
-	stats->Assign(6, new Val(num_bytes, TYPE_COUNT));
-	stats->Assign(7, new Val(num_7bit_ascii, TYPE_COUNT));
-	stats->Assign(8, new Val(num_lines, TYPE_COUNT));
-	stats->Assign(9, new Val(num_normal_lines, TYPE_COUNT));
+	stats->Assign(0, val_mgr->GetCount(num_pkts));
+	stats->Assign(1, val_mgr->GetCount(num_keystrokes_two_in_a_row));
+	stats->Assign(2, val_mgr->GetCount(num_normal_interarrivals));
+	stats->Assign(3, val_mgr->GetCount(num_8k0_pkts));
+	stats->Assign(4, val_mgr->GetCount(num_8k4_pkts));
+	stats->Assign(5, val_mgr->GetBool(is_partial));
+	stats->Assign(6, val_mgr->GetCount(num_bytes));
+	stats->Assign(7, val_mgr->GetCount(num_7bit_ascii));
+	stats->Assign(8, val_mgr->GetCount(num_lines));
+	stats->Assign(9, val_mgr->GetCount(num_normal_lines));
 
 	return stats;
 	}

src/analyzer/protocol/irc/IRC.cc

@@ -235,10 +235,10 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
-			vl->append(new Val(users, TYPE_INT));
-			vl->append(new Val(services, TYPE_INT));
-			vl->append(new Val(servers, TYPE_INT));
+			vl->append(val_mgr->GetBool(orig));
+			vl->append(val_mgr->GetInt(users));
+			vl->append(val_mgr->GetInt(services));
+			vl->append(val_mgr->GetInt(servers));
 
 			ConnectionEvent(irc_network_info, vl);
 			}
@@ -273,7 +273,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(type.c_str()));
 			vl->append(new StringVal(channel.c_str()));
 
@@ -318,10 +318,10 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
-			vl->append(new Val(users, TYPE_INT));
-			vl->append(new Val(services, TYPE_INT));
-			vl->append(new Val(servers, TYPE_INT));
+			vl->append(val_mgr->GetBool(orig));
+			vl->append(val_mgr->GetInt(users));
+			vl->append(val_mgr->GetInt(services));
+			vl->append(val_mgr->GetInt(servers));
 
 			ConnectionEvent(irc_server_info, vl);
 			}
@@ -341,8 +341,8 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
-			vl->append(new Val(channels, TYPE_INT));
+			vl->append(val_mgr->GetBool(orig));
+			vl->append(val_mgr->GetInt(channels));
 
 			ConnectionEvent(irc_channel_info, vl);
 			}
@@ -374,7 +374,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(eop - prefix, prefix));
 			vl->append(new StringVal(++msg));
 			ConnectionEvent(irc_global_users, vl);
@@ -399,7 +399,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(parts[0].c_str()));
 			vl->append(new StringVal(parts[1].c_str()));
 			vl->append(new StringVal(parts[2].c_str()));
@@ -438,7 +438,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(parts[0].c_str()));
 
 			ConnectionEvent(irc_whois_operator_line, vl);
@@ -469,7 +469,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(nick.c_str()));
 			TableVal* set = new TableVal(string_set);
 			for ( unsigned int i = 0; i < parts.size(); ++i )
@@ -505,7 +505,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 				val_list* vl = new val_list;
 
 				vl->append(BuildConnVal());
-				vl->append(new Val(orig, TYPE_BOOL));
+				vl->append(val_mgr->GetBool(orig));
 				vl->append(new StringVal(parts[1].c_str()));
 
 				const char* t = topic.c_str();
@@ -539,7 +539,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(parts[0].c_str()));
 			vl->append(new StringVal(parts[1].c_str()));
 			if ( parts[2][0] == '~' )
@@ -551,7 +551,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 			vl->append(new StringVal(parts[6].c_str()));
 			if ( parts[7][0] == ':' )
 				parts[7] = parts[7].substr(1);
-			vl->append(new Val(atoi(parts[7].c_str()), TYPE_INT));
+			vl->append(val_mgr->GetInt(atoi(parts[7].c_str())));
 			vl->append(new StringVal(parts[8].c_str()));
 
 			ConnectionEvent(irc_who_line, vl);
@@ -567,7 +567,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 				{
 				val_list* vl = new val_list;
 				vl->append(BuildConnVal());
-				vl->append(new Val(orig, TYPE_BOOL));
+				vl->append(val_mgr->GetBool(orig));
 				ConnectionEvent(irc_invalid_nick, vl);
 				}
 			break;
@@ -579,8 +579,8 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 				{
 				val_list* vl = new val_list;
 				vl->append(BuildConnVal());
-				vl->append(new Val(orig, TYPE_BOOL));
-				vl->append(new Val(code == 381, TYPE_BOOL));
+				vl->append(val_mgr->GetBool(orig));
+				vl->append(val_mgr->GetBool(code == 381));
 				ConnectionEvent(irc_oper_response, vl);
 				}
 			break;
@@ -594,9 +594,9 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 		default:
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(prefix.c_str()));
-			vl->append(new Val(code, TYPE_COUNT));
+			vl->append(val_mgr->GetCount(code));
 			vl->append(new StringVal(params.c_str()));
 
 			ConnectionEvent(irc_reply, vl);
@@ -664,18 +664,17 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(prefix.c_str()));
 			vl->append(new StringVal(target.c_str()));
 			vl->append(new StringVal(parts[1].c_str()));
 			vl->append(new StringVal(parts[2].c_str()));
 			vl->append(new AddrVal(htonl(raw_ip)));
-			vl->append(new Val(atoi(parts[4].c_str()), TYPE_COUNT));
+			vl->append(val_mgr->GetCount(atoi(parts[4].c_str())));
 			if ( parts.size() >= 6 )
-				vl->append(new Val(atoi(parts[5].c_str()),
-							TYPE_COUNT));
+				vl->append(val_mgr->GetCount(atoi(parts[5].c_str())));
 			else
-				vl->append(new Val(0, TYPE_COUNT));
+				vl->append(val_mgr->GetCount(0));
 
 			ConnectionEvent(irc_dcc_message, vl);
 			}
@@ -684,7 +683,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 			{
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(prefix.c_str()));
 			vl->append(new StringVal(target.c_str()));
 			vl->append(new StringVal(message.c_str()));
@@ -710,7 +709,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 		vl->append(new StringVal(prefix.c_str()));
 		vl->append(new StringVal(target.c_str()));
 		vl->append(new StringVal(message.c_str()));
@@ -735,7 +734,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 		vl->append(new StringVal(prefix.c_str()));
 		vl->append(new StringVal(target.c_str()));
 		vl->append(new StringVal(message.c_str()));
@@ -749,19 +748,19 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 		vector<string> parts = SplitWords(params, ' ');
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 
 		if ( parts.size() > 0 )
 			vl->append(new StringVal(parts[0].c_str()));
-		else vl->append(new StringVal(""));
+		else vl->append(val_mgr->GetEmptyString());
 
 		if ( parts.size() > 1 )
 			vl->append(new StringVal(parts[1].c_str()));
-		else vl->append(new StringVal(""));
+		else vl->append(val_mgr->GetEmptyString());
 
 		if ( parts.size() > 2 )
 			vl->append(new StringVal(parts[2].c_str()));
-		else vl->append(new StringVal(""));
+		else vl->append(val_mgr->GetEmptyString());
 
 		string realname;
 		for ( unsigned int i = 3; i < parts.size(); i++ )
@@ -785,7 +784,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 			{
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(parts[0].c_str()));
 			vl->append(new StringVal(parts[1].c_str()));
 
@@ -808,7 +807,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 		vl->append(new StringVal(prefix.c_str()));
 		vl->append(new StringVal(parts[0].c_str()));
 		vl->append(new StringVal(parts[1].c_str()));
@@ -824,7 +823,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 			vl->append(new StringVal(comment.c_str()));
 			}
 		else
-			vl->append(new StringVal(""));
+			vl->append(val_mgr->GetEmptyString());
 
 		ConnectionEvent(irc_kick_message, vl);
 		}
@@ -852,7 +851,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 
 		TableVal* list = new TableVal(irc_join_list);
 		vector<string> channels = SplitWords(parts[0], ',');
@@ -899,7 +898,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 
 		TableVal* list = new TableVal(irc_join_list);
 		string empty_string = "";
@@ -980,7 +979,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 		vl->append(new StringVal(nick.c_str()));
 		vl->append(set);
 		vl->append(new StringVal(message.c_str()));
@@ -1004,7 +1003,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 		vl->append(new StringVal(nickname.c_str()));
 		vl->append(new StringVal(message.c_str()));
 
@@ -1019,7 +1018,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 		vl->append(new StringVal(prefix.c_str()));
 		vl->append(new StringVal(nick.c_str()));
 
@@ -1045,12 +1044,12 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 		if ( parts.size() > 0 )
 			vl->append(new StringVal(parts[0].c_str()));
 		else
-			vl->append(new StringVal(""));
-		vl->append(new Val(oper, TYPE_BOOL));
+			vl->append(val_mgr->GetEmptyString());
+		vl->append(val_mgr->GetBool(oper));
 
 		ConnectionEvent(irc_who_message, vl);
 		}
@@ -1077,7 +1076,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 		vl->append(new StringVal(server.c_str()));
 		vl->append(new StringVal(users.c_str()));
 
@@ -1088,7 +1087,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 		{
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 		vl->append(new StringVal(prefix.c_str()));
 		if ( params[0] == ':' )
 			params = params.substr(1);
@@ -1107,7 +1106,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(prefix.c_str()));
 			vl->append(new StringVal(parts[0].c_str()));
 			vl->append(new StringVal(parts[1].c_str()));
@@ -1124,7 +1123,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 			{
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(prefix.c_str()));
 			vl->append(new StringVal(params.c_str()));
 
@@ -1139,7 +1138,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 		{
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 		vl->append(new StringVal(params.c_str()));
 		ConnectionEvent(irc_password_message, vl);
 		}
@@ -1161,7 +1160,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 
 		val_list* vl = new val_list;
 		vl->append(BuildConnVal());
-		vl->append(new Val(orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(orig));
 		vl->append(new StringVal(prefix.c_str()));
 		vl->append(new StringVal(server.c_str()));
 		vl->append(new StringVal(message.c_str()));
@@ -1176,7 +1175,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 			{
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(prefix.c_str()));
 			vl->append(new StringVal(command.c_str()));
 			vl->append(new StringVal(params.c_str()));
@@ -1191,7 +1190,7 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 			{
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(orig));
 			vl->append(new StringVal(prefix.c_str()));
 			vl->append(new StringVal(command.c_str()));
 			vl->append(new StringVal(params.c_str()));

src/analyzer/protocol/krb/KRB_TCP.h

@@ -22,7 +22,7 @@ public:
 	// Overriden from tcp::TCP_ApplicationAnalyzer.
 	void EndpointEOF(bool is_orig) override;
 
-	StringVal* GetAuthenticationInfo(const BroString* principal, const BroString* ciphertext, const bro_uint_t enctype) { return new StringVal(""); }
+	StringVal* GetAuthenticationInfo(const BroString* principal, const BroString* ciphertext, const bro_uint_t enctype) { return val_mgr->GetEmptyString(); }
 
 	static analyzer::Analyzer* Instantiate(Connection* conn)
 		{ return new KRB_Analyzer(conn); }

src/analyzer/protocol/krb/krb-analyzer.pac

@@ -10,19 +10,19 @@ RecordVal* proc_krb_kdc_options(const KRB_KDC_Options* opts)
 {
 	RecordVal* rv = new RecordVal(BifType::Record::KRB::KDC_Options);
 
-	rv->Assign(0, new Val(opts->forwardable(), TYPE_BOOL));
-	rv->Assign(1, new Val(opts->forwarded(), TYPE_BOOL));
-	rv->Assign(2, new Val(opts->proxiable(), TYPE_BOOL));
-	rv->Assign(3, new Val(opts->proxy(), TYPE_BOOL));
-	rv->Assign(4, new Val(opts->allow_postdate(), TYPE_BOOL));
-	rv->Assign(5, new Val(opts->postdated(), TYPE_BOOL));
-	rv->Assign(6, new Val(opts->renewable(), TYPE_BOOL));
-	rv->Assign(7, new Val(opts->opt_hardware_auth(), TYPE_BOOL));
-	rv->Assign(8, new Val(opts->disable_transited_check(), TYPE_BOOL));
-	rv->Assign(9, new Val(opts->renewable_ok(), TYPE_BOOL));
-	rv->Assign(10, new Val(opts->enc_tkt_in_skey(), TYPE_BOOL));
-	rv->Assign(11, new Val(opts->renew(), TYPE_BOOL));
-	rv->Assign(12, new Val(opts->validate(), TYPE_BOOL));
+	rv->Assign(0, val_mgr->GetBool(opts->forwardable()));
+	rv->Assign(1, val_mgr->GetBool(opts->forwarded()));
+	rv->Assign(2, val_mgr->GetBool(opts->proxiable()));
+	rv->Assign(3, val_mgr->GetBool(opts->proxy()));
+	rv->Assign(4, val_mgr->GetBool(opts->allow_postdate()));
+	rv->Assign(5, val_mgr->GetBool(opts->postdated()));
+	rv->Assign(6, val_mgr->GetBool(opts->renewable()));
+	rv->Assign(7, val_mgr->GetBool(opts->opt_hardware_auth()));
+	rv->Assign(8, val_mgr->GetBool(opts->disable_transited_check()));
+	rv->Assign(9, val_mgr->GetBool(opts->renewable_ok()));
+	rv->Assign(10, val_mgr->GetBool(opts->enc_tkt_in_skey()));
+	rv->Assign(11, val_mgr->GetBool(opts->renew()));
+	rv->Assign(12, val_mgr->GetBool(opts->validate()));
 
 	return rv;
 }
@@ -242,8 +242,8 @@ refine connection KRB_Conn += {
 		if ( krb_ap_request )
 			{
 			RecordVal* rv = new RecordVal(BifType::Record::KRB::AP_Options);
-			rv->Assign(0, new Val(${msg.ap_options.use_session_key}, TYPE_BOOL));
-			rv->Assign(1, new Val(${msg.ap_options.mutual_required}, TYPE_BOOL));
+			rv->Assign(0, val_mgr->GetBool(${msg.ap_options.use_session_key}));
+			rv->Assign(1, val_mgr->GetBool(${msg.ap_options.mutual_required}));
 
 			RecordVal* rvticket = proc_ticket(${msg.ticket});
 			StringVal* authenticationinfo = bro_analyzer()->GetAuthenticationInfo(rvticket->Lookup(2)->AsString(), rvticket->Lookup(4)->AsString(), rvticket->Lookup(3)->AsCount());

src/analyzer/protocol/krb/krb-padata.pac

@@ -36,7 +36,7 @@ VectorVal* proc_padata(const KRB_PA_Data_Sequence* data, const BroAnalyzer bro_a
 			case PA_PW_SALT:
 				{
 				RecordVal * type_val = new RecordVal(BifType::Record::KRB::Type_Value);
-				type_val->Assign(0, new Val(element->data_type(), TYPE_COUNT));
+				type_val->Assign(0, val_mgr->GetCount(element->data_type()));
 				type_val->Assign(1, bytestring_to_val(element->pa_data_element()->pa_pw_salt()->encoding()->content()));
 				vv->Assign(vv->Size(), type_val);
 				break;
@@ -44,7 +44,7 @@ VectorVal* proc_padata(const KRB_PA_Data_Sequence* data, const BroAnalyzer bro_a
 			case PA_ENCTYPE_INFO:
 				{
 				RecordVal * type_val = new RecordVal(BifType::Record::KRB::Type_Value);
-				type_val->Assign(0, new Val(element->data_type(), TYPE_COUNT));
+				type_val->Assign(0, val_mgr->GetCount(element->data_type()));
 				type_val->Assign(1, bytestring_to_val(element->pa_data_element()->pf_enctype_info()->salt()));
 				vv->Assign(vv->Size(), type_val);
 				break;
@@ -52,7 +52,7 @@ VectorVal* proc_padata(const KRB_PA_Data_Sequence* data, const BroAnalyzer bro_a
 			case PA_ENCTYPE_INFO2:
 				{
 				RecordVal * type_val = new RecordVal(BifType::Record::KRB::Type_Value);
-				type_val->Assign(0, new Val(element->data_type(), TYPE_COUNT));
+				type_val->Assign(0, val_mgr->GetCount(element->data_type()));
 				type_val->Assign(1, bytestring_to_val(element->pa_data_element()->pf_enctype_info2()->salt()));
 				vv->Assign(vv->Size(), type_val);
 				break;
@@ -110,7 +110,7 @@ VectorVal* proc_padata(const KRB_PA_Data_Sequence* data, const BroAnalyzer bro_a
 				if ( ! is_error && element->pa_data_element()->unknown()->meta()->length() > 0 )
 					{
 					RecordVal * type_val = new RecordVal(BifType::Record::KRB::Type_Value);
-					type_val->Assign(0, new Val(element->data_type(), TYPE_COUNT));
+					type_val->Assign(0, val_mgr->GetCount(element->data_type()));
 					type_val->Assign(1, bytestring_to_val(element->pa_data_element()->unknown()->content()));
 					vv->Assign(vv->Size(), type_val);
 					}

src/analyzer/protocol/login/Login.cc

@@ -437,7 +437,7 @@ void Login_Analyzer::LoginEvent(EventHandlerPtr f, const char* line,
 
 	vl->append(BuildConnVal());
 	vl->append(username->Ref());
-	vl->append(client_name ? client_name->Ref() : new StringVal(""));
+	vl->append(client_name ? client_name->Ref() : val_mgr->GetEmptyString());
 	vl->append(password);
 	vl->append(new StringVal(line));
 
@@ -612,7 +612,7 @@ Val* Login_Analyzer::PopUserTextVal()
 	if ( s )
 		return new StringVal(new BroString(1, byte_vec(s), strlen(s)));
 	else
-		return new StringVal("");
+		return val_mgr->GetEmptyString();
 	}
 
 int Login_Analyzer::MatchesTypeahead(const char* line) const

src/analyzer/protocol/login/RSH.cc

@@ -169,9 +169,9 @@ void Rsh_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
 		{
 		if ( contents_orig->RshSaveState() == RSH_SERVER_USER_NAME )
 			// First input
-			vl->append(new Val(true, TYPE_BOOL));
+			vl->append(val_mgr->GetTrue());
 		else
-			vl->append(new Val(false, TYPE_BOOL));
+			vl->append(val_mgr->GetFalse());
 
 		ConnectionEvent(rsh_request, vl);
 		}

src/analyzer/protocol/login/functions.bif

@@ -26,14 +26,13 @@ function get_login_state%(cid: conn_id%): count
 	%{
 	Connection* c = sessions->FindConnection(cid);
 	if ( ! c )
-		return new Val(0, TYPE_BOOL);
+		return val_mgr->GetBool(0);
 
 	analyzer::Analyzer* la = c->FindAnalyzer("Login");
 	if ( ! la )
-		return new Val(0, TYPE_BOOL);
+		return val_mgr->GetBool(0);
 
-	return new Val(int(static_cast<analyzer::login::Login_Analyzer*>(la)->LoginState()),
-			TYPE_COUNT);
+	return val_mgr->GetCount(int(static_cast<analyzer::login::Login_Analyzer*>(la)->LoginState()));
 	%}
 
 ## Sets the login state of a connection with a login analyzer.
@@ -51,12 +50,12 @@ function set_login_state%(cid: conn_id, new_state: count%): bool
 	%{
 	Connection* c = sessions->FindConnection(cid);
 	if ( ! c )
-		return new Val(0, TYPE_BOOL);
+		return val_mgr->GetBool(0);
 
 	analyzer::Analyzer* la = c->FindAnalyzer("Login");
 	if ( ! la )
-		return new Val(0, TYPE_BOOL);
+		return val_mgr->GetBool(0);
 
 	static_cast<analyzer::login::Login_Analyzer*>(la)->SetLoginState(analyzer::login::login_state(new_state));
-	return new Val(1, TYPE_BOOL);
+	return val_mgr->GetBool(1);
 	%}

src/analyzer/protocol/mime/MIME.cc

@@ -1296,7 +1296,7 @@ TableVal* MIME_Message::BuildHeaderTable(MIME_HeaderList& hlist)
 
 	for ( unsigned int i = 0; i < hlist.size(); ++i )
 		{
-		Val* index = new Val(i+1, TYPE_COUNT);	// index starting from 1
+		Val* index = val_mgr->GetCount(i+1);	// index starting from 1
 
 		MIME_Header* h = hlist[i];
 		RecordVal* header_record = BuildHeaderVal(h);
@@ -1359,7 +1359,7 @@ void MIME_Mail::Done()
 
 		val_list* vl = new val_list;
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(content_hash_length, TYPE_COUNT));
+		vl->append(val_mgr->GetCount(content_hash_length));
 		vl->append(new StringVal(new BroString(1, digest, 16)));
 		analyzer->ConnectionEvent(mime_content_hash, vl);
 		}
@@ -1400,7 +1400,7 @@ void MIME_Mail::EndEntity(MIME_Entity* /* entity */)
 
 		val_list* vl = new val_list();
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(s->Len(), TYPE_COUNT));
+		vl->append(val_mgr->GetCount(s->Len()));
 		vl->append(new StringVal(s));
 
 		analyzer->ConnectionEvent(mime_entity_data, vl);
@@ -1476,7 +1476,7 @@ void MIME_Mail::SubmitData(int len, const char* buf)
 
 		val_list* vl = new val_list();
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(data_len, TYPE_COUNT));
+		vl->append(val_mgr->GetCount(data_len));
 		vl->append(new StringVal(data_len, data));
 		analyzer->ConnectionEvent(mime_segment_data, vl);
 		}
@@ -1523,7 +1523,7 @@ void MIME_Mail::SubmitAllData()
 
 		val_list* vl = new val_list();
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(s->Len(), TYPE_COUNT));
+		vl->append(val_mgr->GetCount(s->Len()));
 		vl->append(new StringVal(s));
 
 		analyzer->ConnectionEvent(mime_all_data, vl);

src/analyzer/protocol/modbus/modbus-analyzer.pac

@@ -20,7 +20,7 @@
 		for ( uint i = 0; i < quantity; i++ )
 			{
 			char currentCoil = (coils[i/8] >> (i % 8)) % 2;
-			modbus_coils->Assign(i, new Val(currentCoil, TYPE_BOOL));
+			modbus_coils->Assign(i, val_mgr->GetBool(currentCoil));
 			}
 
 		return modbus_coils;
@@ -29,10 +29,10 @@
 	RecordVal* HeaderToBro(ModbusTCP_TransportHeader *header)
 		{
 		RecordVal* modbus_header = new RecordVal(BifType::Record::ModbusHeaders);
-		modbus_header->Assign(0, new Val(header->tid(), TYPE_COUNT));
-		modbus_header->Assign(1, new Val(header->pid(), TYPE_COUNT));
-		modbus_header->Assign(2, new Val(header->uid(), TYPE_COUNT));
-		modbus_header->Assign(3, new Val(header->fc(), TYPE_COUNT));
+		modbus_header->Assign(0, val_mgr->GetCount(header->tid()));
+		modbus_header->Assign(1, val_mgr->GetCount(header->pid()));
+		modbus_header->Assign(2, val_mgr->GetCount(header->uid()));
+		modbus_header->Assign(3, val_mgr->GetCount(header->fc()));
 		return modbus_header;
 		}
 
@@ -213,7 +213,7 @@ refine flow ModbusTCP_Flow += {
 			VectorVal* t = new VectorVal(BifType::Vector::ModbusRegisters);
 			for ( unsigned int i=0; i < ${message.registers}->size(); ++i )
 				{
-				Val* r = new Val(${message.registers[i]}, TYPE_COUNT);
+				Val* r = val_mgr->GetCount(${message.registers[i]});
 				t->Assign(i, r);
 				}
 
@@ -256,7 +256,7 @@ refine flow ModbusTCP_Flow += {
 			VectorVal* t = new VectorVal(BifType::Vector::ModbusRegisters);
 			for ( unsigned int i=0; i < (${message.registers})->size(); ++i )
 				{
-				Val* r = new Val(${message.registers[i]}, TYPE_COUNT);
+				Val* r = val_mgr->GetCount(${message.registers[i]});
 				t->Assign(i, r);
 				}
 
@@ -399,7 +399,7 @@ refine flow ModbusTCP_Flow += {
 			VectorVal * t = new VectorVal(BifType::Vector::ModbusRegisters);
 			for ( unsigned int i = 0; i < (${message.registers}->size()); ++i )
 				{
-				Val* r = new Val(${message.registers[i]}, TYPE_COUNT);
+				Val* r = val_mgr->GetCount(${message.registers[i]});
 				t->Assign(i, r);
 				}
 
@@ -435,13 +435,13 @@ refine flow ModbusTCP_Flow += {
 			//VectorVal *t = create_vector_of_count();
 			//for ( unsigned int i = 0; i < (${message.references}->size()); ++i )
 			//	{
-			//	Val* r = new Val((${message.references[i].ref_type}), TYPE_COUNT);
+			//	Val* r = val_mgr->GetCount((${message.references[i].ref_type}));
 			//	t->Assign(i, r);
 			//
-			//	Val* k = new Val((${message.references[i].file_num}), TYPE_COUNT);
+			//	Val* k = val_mgr->GetCount((${message.references[i].file_num}));
 			//	t->Assign(i, k);
 			//
-			//	Val* l = new Val((${message.references[i].record_num}), TYPE_COUNT);
+			//	Val* l = val_mgr->GetCount((${message.references[i].record_num}));
 			//	t->Assign(i, l);
 			//	}
 
@@ -462,7 +462,7 @@ refine flow ModbusTCP_Flow += {
 			//for ( unsigned int i = 0; i < ${message.references}->size(); ++i )
 			//	{
 			//	//TODO: work the reference type in here somewhere
-			//	Val* r = new Val(${message.references[i].record_data}), TYPE_COUNT);
+			//	Val* r = val_mgr->GetCount(${message.references[i].record_data}));
 			//	t->Assign(i, r);
 			//	}
 
@@ -482,18 +482,18 @@ refine flow ModbusTCP_Flow += {
 			//VectorVal* t = create_vector_of_count();
 			//for ( unsigned int i = 0; i < (${message.references}->size()); ++i )
 			//	{
-			//	Val* r = new Val((${message.references[i].ref_type}), TYPE_COUNT);
+			//	Val* r = val_mgr->GetCount((${message.references[i].ref_type}));
 			//	t->Assign(i, r);
 			//
-			//	Val* k = new Val((${message.references[i].file_num}), TYPE_COUNT);
+			//	Val* k = val_mgr->GetCount((${message.references[i].file_num}));
 			//	t->Assign(i, k);
 			//
-			//	Val* n = new Val((${message.references[i].record_num}), TYPE_COUNT);
+			//	Val* n = val_mgr->GetCount((${message.references[i].record_num}));
 			//	t->Assign(i, n);
 			//
 			//	for ( unsigned int j = 0; j < (${message.references[i].register_value}->size()); ++j )
 			//		{
-			//		k = new Val((${message.references[i].register_value[j]}), TYPE_COUNT);
+			//		k = val_mgr->GetCount((${message.references[i].register_value[j]}));
 			//		t->Assign(i, k);
 			//		}
 			//	}
@@ -515,18 +515,18 @@ refine flow ModbusTCP_Flow += {
 			//VectorVal* t = create_vector_of_count();
 			//for ( unsigned int i = 0; i < (${messages.references}->size()); ++i )
 			//	{
-			//	Val* r = new Val((${message.references[i].ref_type}), TYPE_COUNT);
+			//	Val* r = val_mgr->GetCount((${message.references[i].ref_type}));
 			//	t->Assign(i, r);
 			//
-			//	Val* f = new Val((${message.references[i].file_num}), TYPE_COUNT);
+			//	Val* f = val_mgr->GetCount((${message.references[i].file_num}));
 			//	t->Assign(i, f);
 			//
-			//	Val* rn = new Val((${message.references[i].record_num}), TYPE_COUNT);
+			//	Val* rn = val_mgr->GetCount((${message.references[i].record_num}));
 			//	t->Assign(i, rn);
 			//
 			//	for ( unsigned int j = 0; j<(${message.references[i].register_value}->size()); ++j )
 			//		{
-			//		Val* k = new Val((${message.references[i].register_value[j]}), TYPE_COUNT);
+			//		Val* k = val_mgr->GetCount((${message.references[i].register_value[j]}));
 			//		t->Assign(i, k);
 			//		}
 
@@ -583,7 +583,7 @@ refine flow ModbusTCP_Flow += {
 			VectorVal* t = new VectorVal(BifType::Vector::ModbusRegisters);
 			for ( unsigned int i = 0; i < ${message.write_register_values}->size(); ++i )
 				{
-				Val* r = new Val(${message.write_register_values[i]}, TYPE_COUNT);
+				Val* r = val_mgr->GetCount(${message.write_register_values[i]});
 				t->Assign(i, r);
 				}
 
@@ -614,7 +614,7 @@ refine flow ModbusTCP_Flow += {
 			VectorVal* t = new VectorVal(BifType::Vector::ModbusRegisters);
 			for ( unsigned int i = 0; i < ${message.registers}->size(); ++i )
 				{
-				Val* r = new Val(${message.registers[i]}, TYPE_COUNT);
+				Val* r = val_mgr->GetCount(${message.registers[i]});
 				t->Assign(i, r);
 				}
 
@@ -657,7 +657,7 @@ refine flow ModbusTCP_Flow += {
 			VectorVal* t = create_vector_of_count();
 			for ( unsigned int i = 0; i < (${message.register_data})->size(); ++i )
 				{
-				Val* r = new Val(${message.register_data[i]}, TYPE_COUNT);
+				Val* r = val_mgr->GetCount(${message.register_data[i]});
 				t->Assign(i, r);
 				}
 

src/analyzer/protocol/ncp/NCP.cc

@@ -63,17 +63,16 @@ void NCP_Session::DeliverFrame(const binpac::NCP::ncp_frame* frame)
 		{
 		val_list* vl = new val_list;
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(frame->frame_type(), TYPE_COUNT));
-		vl->append(new Val(frame->body_length(), TYPE_COUNT));
+		vl->append(val_mgr->GetCount(frame->frame_type()));
+		vl->append(val_mgr->GetCount(frame->body_length()));
 
 		if ( frame->is_orig() )
-			vl->append(new Val(req_func, TYPE_COUNT));
+			vl->append(val_mgr->GetCount(req_func));
 		else
 			{
-			vl->append(new Val(req_frame_type, TYPE_COUNT));
-			vl->append(new Val(req_func, TYPE_COUNT));
-			vl->append(new Val(frame->reply()->completion_code(),
-						TYPE_COUNT));
+			vl->append(val_mgr->GetCount(req_frame_type));
+			vl->append(val_mgr->GetCount(req_func));
+			vl->append(val_mgr->GetCount(frame->reply()->completion_code()));
 			}
 
 		analyzer->ConnectionEvent(f, vl);

src/analyzer/protocol/netbios/NetbiosSSN.cc

@@ -60,9 +60,9 @@ int NetbiosSSN_Interpreter::ParseMessage(unsigned int type, unsigned int flags,
 		{
 		val_list* vl = new val_list;
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(is_query, TYPE_BOOL));
-		vl->append(new Val(type, TYPE_COUNT));
-		vl->append(new Val(len, TYPE_COUNT));
+		vl->append(val_mgr->GetBool(is_query));
+		vl->append(val_mgr->GetCount(type));
+		vl->append(val_mgr->GetCount(len));
 		analyzer->ConnectionEvent(netbios_session_message, vl);
 		}
 
@@ -331,7 +331,7 @@ void NetbiosSSN_Interpreter::Event(EventHandlerPtr event, const u_char* data,
 	val_list* vl = new val_list;
 	vl->append(analyzer->BuildConnVal());
 	if ( is_orig >= 0 )
-		vl->append(new Val(is_orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(is_orig));
 	vl->append(new StringVal(new BroString(data, len, 0)));
 
 	analyzer->ConnectionEvent(event, vl);

src/analyzer/protocol/netbios/functions.bif

@@ -46,5 +46,5 @@ function decode_netbios_name_type%(name: string%): count
 	%{
 	const u_char* s = name->Bytes();
 	char return_val = ((toupper(s[30]) - 'A') << 4) + (toupper(s[31]) - 'A');
-	return new Val(return_val, TYPE_COUNT);
+	return val_mgr->GetCount(return_val);
 	%}

src/analyzer/protocol/ntlm/ntlm-analyzer.pac

@@ -16,10 +16,10 @@ refine connection NTLM_Conn += {
 	function build_version_record(val: NTLM_Version): BroVal
 		%{
 		RecordVal* result = new RecordVal(BifType::Record::NTLM::Version);
-		result->Assign(0, new Val(${val.major_version}, TYPE_COUNT));
-		result->Assign(1, new Val(${val.minor_version}, TYPE_COUNT));
-		result->Assign(2, new Val(${val.build_number},  TYPE_COUNT));
-		result->Assign(3, new Val(${val.ntlm_revision}, TYPE_COUNT));
+		result->Assign(0, val_mgr->GetCount(${val.major_version}));
+		result->Assign(1, val_mgr->GetCount(${val.minor_version}));
+		result->Assign(2, val_mgr->GetCount(${val.build_number}));
+		result->Assign(3, val_mgr->GetCount(${val.ntlm_revision}));
 
 		return result;
 		%}
@@ -47,13 +47,13 @@ refine connection NTLM_Conn += {
 					result->Assign(4, utf16_bytestring_to_utf8_val(bro_analyzer()->Conn(), ${val.pairs[i].dns_tree_name.data}));
 					break;
 				case 6:
-					result->Assign(5, new Val(${val.pairs[i].constrained_auth}, TYPE_BOOL));
+					result->Assign(5, val_mgr->GetBool(${val.pairs[i].constrained_auth}));
 					break;
 				case 7:
 					result->Assign(6, filetime2brotime(${val.pairs[i].timestamp}));
 					break;
 				case 8:
-					result->Assign(7, new Val(${val.pairs[i].single_host.machine_id}, TYPE_COUNT));
+					result->Assign(7, val_mgr->GetCount(${val.pairs[i].single_host.machine_id}));
 					break;
 				case 9:
 					result->Assign(8, utf16_bytestring_to_utf8_val(bro_analyzer()->Conn(), ${val.pairs[i].target_name.data}));
@@ -66,28 +66,28 @@ refine connection NTLM_Conn += {
 	function build_negotiate_flag_record(val: NTLM_Negotiate_Flags): BroVal
 		%{
 		RecordVal* flags = new RecordVal(BifType::Record::NTLM::NegotiateFlags);
-		flags->Assign(0, new Val(${val.negotiate_56},                        TYPE_BOOL));
-		flags->Assign(1, new Val(${val.negotiate_key_exch},                  TYPE_BOOL));
-		flags->Assign(2, new Val(${val.negotiate_128},                       TYPE_BOOL));
-		flags->Assign(3, new Val(${val.negotiate_version},                   TYPE_BOOL));
-		flags->Assign(4, new Val(${val.negotiate_target_info},               TYPE_BOOL));
-		flags->Assign(5, new Val(${val.request_non_nt_session_key},          TYPE_BOOL));
-		flags->Assign(6, new Val(${val.negotiate_identify},                  TYPE_BOOL));
-		flags->Assign(7, new Val(${val.negotiate_extended_sessionsecurity},  TYPE_BOOL));
-		flags->Assign(8, new Val(${val.target_type_server},                  TYPE_BOOL));
-		flags->Assign(9, new Val(${val.target_type_domain},                  TYPE_BOOL));
-		flags->Assign(10, new Val(${val.negotiate_always_sign},              TYPE_BOOL));
-		flags->Assign(11, new Val(${val.negotiate_oem_workstation_supplied}, TYPE_BOOL));
-		flags->Assign(12, new Val(${val.negotiate_oem_domain_supplied},      TYPE_BOOL));
-		flags->Assign(13, new Val(${val.negotiate_anonymous_connection},     TYPE_BOOL));
-		flags->Assign(14, new Val(${val.negotiate_ntlm},                     TYPE_BOOL));
-		flags->Assign(15, new Val(${val.negotiate_lm_key},                   TYPE_BOOL));
-		flags->Assign(16, new Val(${val.negotiate_datagram},                 TYPE_BOOL));
-		flags->Assign(17, new Val(${val.negotiate_seal},                     TYPE_BOOL));
-		flags->Assign(18, new Val(${val.negotiate_sign},                     TYPE_BOOL));
-		flags->Assign(19, new Val(${val.request_target},                     TYPE_BOOL));
-		flags->Assign(20, new Val(${val.negotiate_oem},                      TYPE_BOOL));
-		flags->Assign(21, new Val(${val.negotiate_unicode},                  TYPE_BOOL));
+		flags->Assign(0, val_mgr->GetBool(${val.negotiate_56}));
+		flags->Assign(1, val_mgr->GetBool(${val.negotiate_key_exch}));
+		flags->Assign(2, val_mgr->GetBool(${val.negotiate_128}));
+		flags->Assign(3, val_mgr->GetBool(${val.negotiate_version}));
+		flags->Assign(4, val_mgr->GetBool(${val.negotiate_target_info}));
+		flags->Assign(5, val_mgr->GetBool(${val.request_non_nt_session_key}));
+		flags->Assign(6, val_mgr->GetBool(${val.negotiate_identify}));
+		flags->Assign(7, val_mgr->GetBool(${val.negotiate_extended_sessionsecurity}));
+		flags->Assign(8, val_mgr->GetBool(${val.target_type_server}));
+		flags->Assign(9, val_mgr->GetBool(${val.target_type_domain}));
+		flags->Assign(10, val_mgr->GetBool(${val.negotiate_always_sign}));
+		flags->Assign(11, val_mgr->GetBool(${val.negotiate_oem_workstation_supplied}));
+		flags->Assign(12, val_mgr->GetBool(${val.negotiate_oem_domain_supplied}));
+		flags->Assign(13, val_mgr->GetBool(${val.negotiate_anonymous_connection}));
+		flags->Assign(14, val_mgr->GetBool(${val.negotiate_ntlm}));
+		flags->Assign(15, val_mgr->GetBool(${val.negotiate_lm_key}));
+		flags->Assign(16, val_mgr->GetBool(${val.negotiate_datagram}));
+		flags->Assign(17, val_mgr->GetBool(${val.negotiate_seal}));
+		flags->Assign(18, val_mgr->GetBool(${val.negotiate_sign}));
+		flags->Assign(19, val_mgr->GetBool(${val.request_target}));
+		flags->Assign(20, val_mgr->GetBool(${val.negotiate_oem}));
+		flags->Assign(21, val_mgr->GetBool(${val.negotiate_unicode}));
 
 		return flags;
 		%}

src/analyzer/protocol/ntp/NTP.cc

@@ -66,11 +66,11 @@ void NTP_Analyzer::Message(const u_char* data, int len)
 
 	unsigned int code = ntp_data->status & 0x7;
 
-	msg->Assign(0, new Val((unsigned int) (ntohl(ntp_data->refid)), TYPE_COUNT));
-	msg->Assign(1, new Val(code, TYPE_COUNT));
-	msg->Assign(2, new Val((unsigned int) ntp_data->stratum, TYPE_COUNT));
-	msg->Assign(3, new Val((unsigned int) ntp_data->ppoll, TYPE_COUNT));
-	msg->Assign(4, new Val((unsigned int) ntp_data->precision, TYPE_INT));
+	msg->Assign(0, val_mgr->GetCount((unsigned int) (ntohl(ntp_data->refid))));
+	msg->Assign(1, val_mgr->GetCount(code));
+	msg->Assign(2, val_mgr->GetCount((unsigned int) ntp_data->stratum));
+	msg->Assign(3, val_mgr->GetCount((unsigned int) ntp_data->ppoll));
+	msg->Assign(4, val_mgr->GetInt((unsigned int) ntp_data->precision));
 	msg->Assign(5, new Val(ShortFloat(ntp_data->distance), TYPE_INTERVAL));
 	msg->Assign(6, new Val(ShortFloat(ntp_data->dispersion), TYPE_INTERVAL));
 	msg->Assign(7, new Val(LongFloat(ntp_data->reftime), TYPE_TIME));

src/analyzer/protocol/pop3/POP3.cc

@@ -929,7 +929,7 @@ void POP3_Analyzer::POP3Event(EventHandlerPtr event, bool is_orig,
 	val_list* vl = new val_list;
 
 	vl->append(BuildConnVal());
-	vl->append(new Val(is_orig, TYPE_BOOL));
+	vl->append(val_mgr->GetBool(is_orig));
 	if ( arg1 )
 		vl->append(new StringVal(arg1));
 	if ( arg2 )

src/analyzer/protocol/radius/radius-analyzer.pac

@@ -8,8 +8,8 @@ refine flow RADIUS_Flow += {
 		    return false;
 
 		RecordVal* result = new RecordVal(BifType::Record::RADIUS::Message);
-		result->Assign(0, new Val(${msg.code}, TYPE_COUNT));
-		result->Assign(1, new Val(${msg.trans_id}, TYPE_COUNT));
+		result->Assign(0, val_mgr->GetCount(${msg.code}));
+		result->Assign(1, val_mgr->GetCount(${msg.trans_id}));
 		result->Assign(2, bytestring_to_val(${msg.authenticator}));
 
 		if ( ${msg.attributes}->size() )
@@ -17,7 +17,7 @@ refine flow RADIUS_Flow += {
 			TableVal* attributes = new TableVal(BifType::Table::RADIUS::Attributes);
 
 			for ( uint i = 0; i < ${msg.attributes}->size(); ++i ) {
-				Val* index = new Val(${msg.attributes[i].code}, TYPE_COUNT);
+				Val* index = val_mgr->GetCount(${msg.attributes[i].code});
 
 				// Do we already have a vector of attributes for this type?
                 Val* current = attributes->Lookup(index);

src/analyzer/protocol/rdp/rdp-analyzer.pac

@@ -61,35 +61,35 @@ refine flow RDP_Flow += {
 		if ( rdp_client_core_data )
 			{
 			RecordVal* ec_flags = new RecordVal(BifType::Record::RDP::EarlyCapabilityFlags);
-			ec_flags->Assign(0, new Val(${ccore.SUPPORT_ERRINFO_PDU}, TYPE_BOOL));
-			ec_flags->Assign(1, new Val(${ccore.WANT_32BPP_SESSION}, TYPE_BOOL));
-			ec_flags->Assign(2, new Val(${ccore.SUPPORT_STATUSINFO_PDU}, TYPE_BOOL));
-			ec_flags->Assign(3, new Val(${ccore.STRONG_ASYMMETRIC_KEYS}, TYPE_BOOL));
-			ec_flags->Assign(4, new Val(${ccore.SUPPORT_MONITOR_LAYOUT_PDU}, TYPE_BOOL));
-			ec_flags->Assign(5, new Val(${ccore.SUPPORT_NETCHAR_AUTODETECT}, TYPE_BOOL));
-			ec_flags->Assign(6, new Val(${ccore.SUPPORT_DYNVC_GFX_PROTOCOL}, TYPE_BOOL));
-			ec_flags->Assign(7, new Val(${ccore.SUPPORT_DYNAMIC_TIME_ZONE}, TYPE_BOOL));
-			ec_flags->Assign(8, new Val(${ccore.SUPPORT_HEARTBEAT_PDU}, TYPE_BOOL));
+			ec_flags->Assign(0, val_mgr->GetBool(${ccore.SUPPORT_ERRINFO_PDU}));
+			ec_flags->Assign(1, val_mgr->GetBool(${ccore.WANT_32BPP_SESSION}));
+			ec_flags->Assign(2, val_mgr->GetBool(${ccore.SUPPORT_STATUSINFO_PDU}));
+			ec_flags->Assign(3, val_mgr->GetBool(${ccore.STRONG_ASYMMETRIC_KEYS}));
+			ec_flags->Assign(4, val_mgr->GetBool(${ccore.SUPPORT_MONITOR_LAYOUT_PDU}));
+			ec_flags->Assign(5, val_mgr->GetBool(${ccore.SUPPORT_NETCHAR_AUTODETECT}));
+			ec_flags->Assign(6, val_mgr->GetBool(${ccore.SUPPORT_DYNVC_GFX_PROTOCOL}));
+			ec_flags->Assign(7, val_mgr->GetBool(${ccore.SUPPORT_DYNAMIC_TIME_ZONE}));
+			ec_flags->Assign(8, val_mgr->GetBool(${ccore.SUPPORT_HEARTBEAT_PDU}));
 
 			RecordVal* ccd = new RecordVal(BifType::Record::RDP::ClientCoreData);
-			ccd->Assign(0, new Val(${ccore.version_major}, TYPE_COUNT));
-			ccd->Assign(1, new Val(${ccore.version_minor}, TYPE_COUNT));
-			ccd->Assign(2, new Val(${ccore.desktop_width}, TYPE_COUNT));
-			ccd->Assign(3, new Val(${ccore.desktop_height}, TYPE_COUNT));
-			ccd->Assign(4, new Val(${ccore.color_depth}, TYPE_COUNT));
-			ccd->Assign(5, new Val(${ccore.sas_sequence}, TYPE_COUNT));
-			ccd->Assign(6, new Val(${ccore.keyboard_layout}, TYPE_COUNT));
-			ccd->Assign(7, new Val(${ccore.client_build}, TYPE_COUNT));
+			ccd->Assign(0, val_mgr->GetCount(${ccore.version_major}));
+			ccd->Assign(1, val_mgr->GetCount(${ccore.version_minor}));
+			ccd->Assign(2, val_mgr->GetCount(${ccore.desktop_width}));
+			ccd->Assign(3, val_mgr->GetCount(${ccore.desktop_height}));
+			ccd->Assign(4, val_mgr->GetCount(${ccore.color_depth}));
+			ccd->Assign(5, val_mgr->GetCount(${ccore.sas_sequence}));
+			ccd->Assign(6, val_mgr->GetCount(${ccore.keyboard_layout}));
+			ccd->Assign(7, val_mgr->GetCount(${ccore.client_build}));
 			ccd->Assign(8, utf16_bytestring_to_utf8_val(connection()->bro_analyzer()->Conn(), ${ccore.client_name}));
-			ccd->Assign(9, new Val(${ccore.keyboard_type}, TYPE_COUNT));
-			ccd->Assign(10, new Val(${ccore.keyboard_sub}, TYPE_COUNT));
-			ccd->Assign(11, new Val(${ccore.keyboard_function_key}, TYPE_COUNT));
+			ccd->Assign(9, val_mgr->GetCount(${ccore.keyboard_type}));
+			ccd->Assign(10, val_mgr->GetCount(${ccore.keyboard_sub}));
+			ccd->Assign(11, val_mgr->GetCount(${ccore.keyboard_function_key}));
 			ccd->Assign(12, utf16_bytestring_to_utf8_val(connection()->bro_analyzer()->Conn(), ${ccore.ime_file_name}));
-			ccd->Assign(13, new Val(${ccore.post_beta2_color_depth}, TYPE_COUNT));
-			ccd->Assign(14, new Val(${ccore.client_product_id}, TYPE_COUNT));
-			ccd->Assign(15, new Val(${ccore.serial_number}, TYPE_COUNT));
-			ccd->Assign(16, new Val(${ccore.high_color_depth}, TYPE_COUNT));
-			ccd->Assign(17, new Val(${ccore.supported_color_depths}, TYPE_COUNT));
+			ccd->Assign(13, val_mgr->GetCount(${ccore.post_beta2_color_depth}));
+			ccd->Assign(14, val_mgr->GetCount(${ccore.client_product_id}));
+			ccd->Assign(15, val_mgr->GetCount(${ccore.serial_number}));
+			ccd->Assign(16, val_mgr->GetCount(${ccore.high_color_depth}));
+			ccd->Assign(17, val_mgr->GetCount(${ccore.supported_color_depths}));
 			ccd->Assign(18, ec_flags);
 			ccd->Assign(19, utf16_bytestring_to_utf8_val(connection()->bro_analyzer()->Conn(), ${ccore.dig_product_id}));
 

src/analyzer/protocol/rpc/MOUNT.cc

@@ -138,7 +138,7 @@ int MOUNT_Interp::RPC_BuildReply(RPC_CallInfo* c, BifEnum::rpc_status rpc_status
 			// Otherwise DeliverRPC would complain about
 			// excess_RPC.
 			n = 0;
-			reply = new EnumVal(c->Proc(), BifType::Enum::MOUNT3::proc_t);
+			reply = BifType::Enum::MOUNT3::proc_t->GetVal(c->Proc());
 			event = mount_proc_not_implemented;
 			}
 		else
@@ -194,21 +194,21 @@ val_list* MOUNT_Interp::event_common_vl(RPC_CallInfo *c,
 
 	for (size_t i = 0; i < c->AuxGIDs().size(); ++i)
 		{
-		auxgids->Assign(i, new Val(c->AuxGIDs()[i], TYPE_COUNT));
+		auxgids->Assign(i, val_mgr->GetCount(c->AuxGIDs()[i]));
 		}
 
 	RecordVal* info = new RecordVal(BifType::Record::MOUNT3::info_t);
-	info->Assign(0, new EnumVal(rpc_status, BifType::Enum::rpc_status));
-	info->Assign(1, new EnumVal(mount_status, BifType::Enum::MOUNT3::status_t));
+	info->Assign(0, BifType::Enum::rpc_status->GetVal(rpc_status));
+	info->Assign(1, BifType::Enum::MOUNT3::status_t->GetVal(mount_status));
 	info->Assign(2, new Val(c->StartTime(), TYPE_TIME));
 	info->Assign(3, new Val(c->LastTime() - c->StartTime(), TYPE_INTERVAL));
-	info->Assign(4, new Val(c->RPCLen(), TYPE_COUNT));
+	info->Assign(4, val_mgr->GetCount(c->RPCLen()));
 	info->Assign(5, new Val(rep_start_time, TYPE_TIME));
 	info->Assign(6, new Val(rep_last_time - rep_start_time, TYPE_INTERVAL));
-	info->Assign(7, new Val(reply_len, TYPE_COUNT));
-	info->Assign(8, new Val(c->Uid(), TYPE_COUNT));
-	info->Assign(9, new Val(c->Gid(), TYPE_COUNT));
-	info->Assign(10, new Val(c->Stamp(), TYPE_COUNT));
+	info->Assign(7, val_mgr->GetCount(reply_len));
+	info->Assign(8, val_mgr->GetCount(c->Uid()));
+	info->Assign(9, val_mgr->GetCount(c->Gid()));
+	info->Assign(10, val_mgr->GetCount(c->Stamp()));
 	info->Assign(11, new StringVal(c->MachineName()));
 	info->Assign(12, auxgids);
 
@@ -219,7 +219,7 @@ val_list* MOUNT_Interp::event_common_vl(RPC_CallInfo *c,
 EnumVal* MOUNT_Interp::mount3_auth_flavor(const u_char*& buf, int& n)
     {
 	BifEnum::MOUNT3::auth_flavor_t t = (BifEnum::MOUNT3::auth_flavor_t)extract_XDR_uint32(buf, n);
-	return new EnumVal(t, BifType::Enum::MOUNT3::auth_flavor_t);
+	return BifType::Enum::MOUNT3::auth_flavor_t->GetVal(t);
     }
 
 StringVal* MOUNT_Interp::mount3_fh(const u_char*& buf, int& n)

src/analyzer/protocol/rpc/NFS.cc

@@ -250,7 +250,7 @@ int NFS_Interp::RPC_BuildReply(RPC_CallInfo* c, BifEnum::rpc_status rpc_status,
 			// Otherwise DeliverRPC would complain about
 			// excess_RPC.
 			n = 0;
-			reply = new EnumVal(c->Proc(), BifType::Enum::NFS3::proc_t);
+			reply = BifType::Enum::NFS3::proc_t->GetVal(c->Proc());
 			event = nfs_proc_not_implemented;
 			}
 		else
@@ -329,20 +329,20 @@ val_list* NFS_Interp::event_common_vl(RPC_CallInfo *c, BifEnum::rpc_status rpc_s
 	VectorVal* auxgids = new VectorVal(internal_type("index_vec")->AsVectorType());
 
 	for ( size_t i = 0; i < c->AuxGIDs().size(); ++i )
-		auxgids->Assign(i, new Val(c->AuxGIDs()[i], TYPE_COUNT));
+		auxgids->Assign(i, val_mgr->GetCount(c->AuxGIDs()[i]));
 
 	RecordVal *info = new RecordVal(BifType::Record::NFS3::info_t);
-	info->Assign(0, new EnumVal(rpc_status, BifType::Enum::rpc_status));
-	info->Assign(1, new EnumVal(nfs_status, BifType::Enum::NFS3::status_t));
+	info->Assign(0, BifType::Enum::rpc_status->GetVal(rpc_status));
+	info->Assign(1, BifType::Enum::NFS3::status_t->GetVal(nfs_status));
 	info->Assign(2, new Val(c->StartTime(), TYPE_TIME));
 	info->Assign(3, new Val(c->LastTime()-c->StartTime(), TYPE_INTERVAL));
-	info->Assign(4, new Val(c->RPCLen(), TYPE_COUNT));
+	info->Assign(4, val_mgr->GetCount(c->RPCLen()));
 	info->Assign(5, new Val(rep_start_time, TYPE_TIME));
 	info->Assign(6, new Val(rep_last_time-rep_start_time, TYPE_INTERVAL));
-	info->Assign(7, new Val(reply_len, TYPE_COUNT));
-	info->Assign(8, new Val(c->Uid(), TYPE_COUNT));
-	info->Assign(9, new Val(c->Gid(), TYPE_COUNT));
-	info->Assign(10, new Val(c->Stamp(), TYPE_COUNT));
+	info->Assign(7, val_mgr->GetCount(reply_len));
+	info->Assign(8, val_mgr->GetCount(c->Uid()));
+	info->Assign(9, val_mgr->GetCount(c->Gid()));
+	info->Assign(10, val_mgr->GetCount(c->Stamp()));
 	info->Assign(11, new StringVal(c->MachineName()));
 	info->Assign(12, auxgids);
 
@@ -436,13 +436,13 @@ RecordVal* NFS_Interp::nfs3_fattr(const u_char*& buf, int& n)
 EnumVal* NFS_Interp::nfs3_time_how(const u_char*& buf, int& n)
 	{
 	BifEnum::NFS3::time_how_t t = (BifEnum::NFS3::time_how_t)extract_XDR_uint32(buf, n);
-	return new EnumVal(t, BifType::Enum::NFS3::time_how_t);
+	return BifType::Enum::NFS3::time_how_t->GetVal(t);
 	}
 
 EnumVal* NFS_Interp::nfs3_ftype(const u_char*& buf, int& n)
 	{
 	BifEnum::NFS3::file_type_t t = (BifEnum::NFS3::file_type_t)extract_XDR_uint32(buf, n);
-	return new EnumVal(t, BifType::Enum::NFS3::file_type_t);
+	return BifType::Enum::NFS3::file_type_t->GetVal(t);
 	}
 
 RecordVal* NFS_Interp::nfs3_wcc_attr(const u_char*& buf, int& n)
@@ -531,7 +531,7 @@ RecordVal* NFS_Interp::nfs3_pre_op_attr(const u_char*& buf, int& n)
 EnumVal *NFS_Interp::nfs3_stable_how(const u_char*& buf, int& n)
 	{
 	BifEnum::NFS3::stable_how_t stable = (BifEnum::NFS3::stable_how_t)extract_XDR_uint32(buf, n);
-	return new EnumVal(stable, BifType::Enum::NFS3::stable_how_t);
+	return BifType::Enum::NFS3::stable_how_t->GetVal(stable);
 	}
 
 RecordVal* NFS_Interp::nfs3_lookup_reply(const u_char*& buf, int& n, BifEnum::NFS3::status_t status)
@@ -575,7 +575,7 @@ RecordVal* NFS_Interp::nfs3_read_reply(const u_char*& buf, int& n, BifEnum::NFS3
 
 		rep->Assign(0, nfs3_post_op_attr(buf, n));
 		bytes_read = extract_XDR_uint32(buf, n);
-		rep->Assign(1, new Val(bytes_read, TYPE_COUNT));
+		rep->Assign(1, val_mgr->GetCount(bytes_read));
 		rep->Assign(2, ExtractBool(buf, n));
 		rep->Assign(3, nfs3_file_data(buf, n, offset, bytes_read));
 		}
@@ -658,9 +658,9 @@ RecordVal *NFS_Interp::nfs3_writeargs(const u_char*& buf, int& n)
 
 	writeargs->Assign(0, nfs3_fh(buf, n));
 	offset = extract_XDR_uint64(buf, n);
-	writeargs->Assign(1, new Val(offset, TYPE_COUNT));  // offset
+	writeargs->Assign(1, val_mgr->GetCount(offset));  // offset
 	bytes = extract_XDR_uint32(buf, n);
-	writeargs->Assign(2, new Val(bytes, TYPE_COUNT));   // size
+	writeargs->Assign(2, val_mgr->GetCount(bytes));   // size
 
 	writeargs->Assign(3, nfs3_stable_how(buf, n));
 	writeargs->Assign(4, nfs3_file_data(buf, n, offset, bytes));
@@ -745,7 +745,7 @@ RecordVal* NFS_Interp::nfs3_readdirargs(bool isplus, const u_char*& buf, int&n)
 	{
 	RecordVal *args = new RecordVal(BifType::Record::NFS3::readdirargs_t);
 
-	args->Assign(0, new Val(isplus, TYPE_BOOL));
+	args->Assign(0, val_mgr->GetBool(isplus));
 	args->Assign(1, nfs3_fh(buf, n));
 	args->Assign(2, ExtractUint64(buf,n));	// cookie
 	args->Assign(3, ExtractUint64(buf,n));	// cookieverf
@@ -762,7 +762,7 @@ RecordVal* NFS_Interp::nfs3_readdir_reply(bool isplus, const u_char*& buf,
 	{
 	RecordVal *rep = new RecordVal(BifType::Record::NFS3::readdir_reply_t);
 
-	rep->Assign(0, new Val(isplus, TYPE_BOOL));
+	rep->Assign(0, val_mgr->GetBool(isplus));
 
 	if ( status == BifEnum::NFS3::NFS3ERR_OK )
 		{
@@ -804,12 +804,12 @@ RecordVal* NFS_Interp::nfs3_readdir_reply(bool isplus, const u_char*& buf,
 
 Val* NFS_Interp::ExtractUint32(const u_char*& buf, int& n)
 	{
-	return new Val(extract_XDR_uint32(buf, n), TYPE_COUNT);
+	return val_mgr->GetCount(extract_XDR_uint32(buf, n));
 	}
 
 Val* NFS_Interp::ExtractUint64(const u_char*& buf, int& n)
 	{
-	return new Val(extract_XDR_uint64(buf, n), TYPE_COUNT);
+	return val_mgr->GetCount(extract_XDR_uint64(buf, n));
 	}
 
 Val* NFS_Interp::ExtractTime(const u_char*& buf, int& n)
@@ -824,7 +824,7 @@ Val* NFS_Interp::ExtractInterval(const u_char*& buf, int& n)
 
 Val* NFS_Interp::ExtractBool(const u_char*& buf, int& n)
 	{
-	return new Val(extract_XDR_uint32(buf, n), TYPE_BOOL);
+	return val_mgr->GetBool(extract_XDR_uint32(buf, n));
 	}
 
 

src/analyzer/protocol/rpc/Portmap.cc

@@ -94,7 +94,7 @@ int PortmapperInterp::RPC_BuildReply(RPC_CallInfo* c, BifEnum::rpc_status status
 			if ( ! buf )
 				return 0;
 
-			reply = new Val(status, TYPE_BOOL);
+			reply = val_mgr->GetBool(status);
 			event = pm_request_set;
 			}
 		else
@@ -109,7 +109,7 @@ int PortmapperInterp::RPC_BuildReply(RPC_CallInfo* c, BifEnum::rpc_status status
 			if ( ! buf )
 				return 0;
 
-			reply = new Val(status, TYPE_BOOL);
+			reply = val_mgr->GetBool(status);
 			event = pm_request_unset;
 			}
 		else
@@ -126,7 +126,7 @@ int PortmapperInterp::RPC_BuildReply(RPC_CallInfo* c, BifEnum::rpc_status status
 
 			RecordVal* rv = c->RequestVal()->AsRecordVal();
 			Val* is_tcp = rv->Lookup(2);
-			reply = port_mgr->Get(CheckPort(port),
+			reply = val_mgr->GetPort(CheckPort(port),
 					is_tcp->IsOne() ?
 						TRANSPORT_TCP : TRANSPORT_UDP);
 			event = pm_request_getport;
@@ -150,7 +150,7 @@ int PortmapperInterp::RPC_BuildReply(RPC_CallInfo* c, BifEnum::rpc_status status
 				if ( ! m )
 					break;
 
-				Val* index = new Val(++nmap, TYPE_COUNT);
+				Val* index = val_mgr->GetCount(++nmap);
 				mappings->Assign(index, m);
 				Unref(index);
 				}
@@ -178,7 +178,7 @@ int PortmapperInterp::RPC_BuildReply(RPC_CallInfo* c, BifEnum::rpc_status status
 			if ( ! opaque_reply )
 				return 0;
 
-			reply = port_mgr->Get(CheckPort(port), TRANSPORT_UDP);
+			reply = val_mgr->GetPort(CheckPort(port), TRANSPORT_UDP);
 			event = pm_request_callit;
 			}
 		else
@@ -197,12 +197,12 @@ Val* PortmapperInterp::ExtractMapping(const u_char*& buf, int& len)
 	{
 	RecordVal* mapping = new RecordVal(pm_mapping);
 
-	mapping->Assign(0, new Val(extract_XDR_uint32(buf, len), TYPE_COUNT));
-	mapping->Assign(1, new Val(extract_XDR_uint32(buf, len), TYPE_COUNT));
+	mapping->Assign(0, val_mgr->GetCount(extract_XDR_uint32(buf, len)));
+	mapping->Assign(1, val_mgr->GetCount(extract_XDR_uint32(buf, len)));
 
 	int is_tcp = extract_XDR_uint32(buf, len) == IPPROTO_TCP;
 	uint32 port = extract_XDR_uint32(buf, len);
-	mapping->Assign(2, port_mgr->Get(CheckPort(port),
+	mapping->Assign(2, val_mgr->GetPort(CheckPort(port),
 			is_tcp ? TRANSPORT_TCP : TRANSPORT_UDP));
 
 	if ( ! buf )
@@ -218,11 +218,11 @@ Val* PortmapperInterp::ExtractPortRequest(const u_char*& buf, int& len)
 	{
 	RecordVal* pr = new RecordVal(pm_port_request);
 
-	pr->Assign(0, new Val(extract_XDR_uint32(buf, len), TYPE_COUNT));
-	pr->Assign(1, new Val(extract_XDR_uint32(buf, len), TYPE_COUNT));
+	pr->Assign(0, val_mgr->GetCount(extract_XDR_uint32(buf, len)));
+	pr->Assign(1, val_mgr->GetCount(extract_XDR_uint32(buf, len)));
 
 	int is_tcp = extract_XDR_uint32(buf, len) == IPPROTO_TCP;
-	pr->Assign(2, new Val(is_tcp, TYPE_BOOL));
+	pr->Assign(2, val_mgr->GetBool(is_tcp));
 	(void) extract_XDR_uint32(buf, len);	// consume the bogus port
 
 	if ( ! buf )
@@ -238,13 +238,13 @@ Val* PortmapperInterp::ExtractCallItRequest(const u_char*& buf, int& len)
 	{
 	RecordVal* c = new RecordVal(pm_callit_request);
 
-	c->Assign(0, new Val(extract_XDR_uint32(buf, len), TYPE_COUNT));
-	c->Assign(1, new Val(extract_XDR_uint32(buf, len), TYPE_COUNT));
-	c->Assign(2, new Val(extract_XDR_uint32(buf, len), TYPE_COUNT));
+	c->Assign(0, val_mgr->GetCount(extract_XDR_uint32(buf, len)));
+	c->Assign(1, val_mgr->GetCount(extract_XDR_uint32(buf, len)));
+	c->Assign(2, val_mgr->GetCount(extract_XDR_uint32(buf, len)));
 
 	int arg_n;
 	(void) extract_XDR_opaque(buf, len, arg_n);
-	c->Assign(3, new Val(arg_n, TYPE_COUNT));
+	c->Assign(3, val_mgr->GetCount(arg_n));
 
 	if ( ! buf )
 		{
@@ -263,7 +263,7 @@ uint32 PortmapperInterp::CheckPort(uint32 port)
 			{
 			val_list* vl = new val_list;
 			vl->append(analyzer->BuildConnVal());
-			vl->append(new Val(port, TYPE_COUNT));
+			vl->append(val_mgr->GetCount(port));
 			analyzer->ConnectionEvent(pm_bad_port, vl);
 			}
 
@@ -295,7 +295,7 @@ void PortmapperInterp::Event(EventHandlerPtr f, Val* request, BifEnum::rpc_statu
 		}
 	else
 		{
-		vl->append(new EnumVal(status, BifType::Enum::rpc_status));
+		vl->append(BifType::Enum::rpc_status->GetVal(status));
 		if ( request )
 			vl->append(request);
 		}

src/analyzer/protocol/rpc/RPC.cc

@@ -332,13 +332,13 @@ void RPC_Interpreter::Event_RPC_Dialogue(RPC_CallInfo* c, BifEnum::rpc_status st
 		{
 		val_list* vl = new val_list;
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(c->Program(), TYPE_COUNT));
-		vl->append(new Val(c->Version(), TYPE_COUNT));
-		vl->append(new Val(c->Proc(), TYPE_COUNT));
-		vl->append(new EnumVal(status, BifType::Enum::rpc_status));
+		vl->append(val_mgr->GetCount(c->Program()));
+		vl->append(val_mgr->GetCount(c->Version()));
+		vl->append(val_mgr->GetCount(c->Proc()));
+		vl->append(BifType::Enum::rpc_status->GetVal(status));
 		vl->append(new Val(c->StartTime(), TYPE_TIME));
-		vl->append(new Val(c->CallLen(), TYPE_COUNT));
-		vl->append(new Val(reply_len, TYPE_COUNT));
+		vl->append(val_mgr->GetCount(c->CallLen()));
+		vl->append(val_mgr->GetCount(reply_len));
 		analyzer->ConnectionEvent(rpc_dialogue, vl);
 		}
 	}
@@ -349,11 +349,11 @@ void RPC_Interpreter::Event_RPC_Call(RPC_CallInfo* c)
 		{
 		val_list* vl = new val_list;
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(c->XID(), TYPE_COUNT));
-		vl->append(new Val(c->Program(), TYPE_COUNT));
-		vl->append(new Val(c->Version(), TYPE_COUNT));
-		vl->append(new Val(c->Proc(), TYPE_COUNT));
-		vl->append(new Val(c->CallLen(), TYPE_COUNT));
+		vl->append(val_mgr->GetCount(c->XID()));
+		vl->append(val_mgr->GetCount(c->Program()));
+		vl->append(val_mgr->GetCount(c->Version()));
+		vl->append(val_mgr->GetCount(c->Proc()));
+		vl->append(val_mgr->GetCount(c->CallLen()));
 		analyzer->ConnectionEvent(rpc_call, vl);
 		}
 	}
@@ -364,9 +364,9 @@ void RPC_Interpreter::Event_RPC_Reply(uint32_t xid, BifEnum::rpc_status status,
 		{
 		val_list* vl = new val_list;
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(xid, TYPE_COUNT));
-		vl->append(new EnumVal(status, BifType::Enum::rpc_status));
-		vl->append(new Val(reply_len, TYPE_COUNT));
+		vl->append(val_mgr->GetCount(xid));
+		vl->append(BifType::Enum::rpc_status->GetVal(status));
+		vl->append(val_mgr->GetCount(reply_len));
 		analyzer->ConnectionEvent(rpc_reply, vl);
 		}
 	}

src/analyzer/protocol/sip/sip-analyzer.pac

@@ -69,7 +69,7 @@ refine flow SIP_Flow += {
 
 		for ( unsigned int i = 0; i < headers.size(); ++i )
 			{ // index starting from 1
-			Val* index = new Val(i + 1, TYPE_COUNT);
+			Val* index = val_mgr->GetCount(i + 1);
 			t->Assign(index, headers[i]);
 			Unref(index);
 			}
@@ -111,7 +111,7 @@ refine flow SIP_Flow += {
 			}
 		else
 			{
-			name_val = new StringVal("");
+			name_val = val_mgr->GetEmptyString();
 			}
 
 		header_record->Assign(0, name_val);

src/analyzer/protocol/smb/smb1-com-negotiate.pac

@@ -46,30 +46,30 @@ refine connection SMB_Conn += {
 				{
 				case 0x01:
 					core = new RecordVal(BifType::Record::SMB1::NegotiateResponseCore);
-					core->Assign(0, new Val(${val.dialect_index}, TYPE_COUNT));
+					core->Assign(0, val_mgr->GetCount(${val.dialect_index}));
 
 					response->Assign(0, core);
 					break;
 
 				case 0x0d:
 					security = new RecordVal(BifType::Record::SMB1::NegotiateResponseSecurity);
-					security->Assign(0, new Val(${val.lanman.security_user_level}, TYPE_BOOL));
-					security->Assign(1, new Val(${val.lanman.security_challenge_response}, TYPE_BOOL));
+					security->Assign(0, val_mgr->GetBool(${val.lanman.security_user_level}));
+					security->Assign(1, val_mgr->GetBool(${val.lanman.security_challenge_response}));
 
 					raw = new RecordVal(BifType::Record::SMB1::NegotiateRawMode);
-					raw->Assign(0, new Val(${val.lanman.raw_read_supported}, TYPE_BOOL));
-					raw->Assign(1, new Val(${val.lanman.raw_write_supported}, TYPE_BOOL));
+					raw->Assign(0, val_mgr->GetBool(${val.lanman.raw_read_supported}));
+					raw->Assign(1, val_mgr->GetBool(${val.lanman.raw_write_supported}));
 
 					lanman = new RecordVal(BifType::Record::SMB1::NegotiateResponseLANMAN);
-					lanman->Assign(0, new Val(${val.word_count}, TYPE_COUNT));
-					lanman->Assign(1, new Val(${val.dialect_index}, TYPE_COUNT));
+					lanman->Assign(0, val_mgr->GetCount(${val.word_count}));
+					lanman->Assign(1, val_mgr->GetCount(${val.dialect_index}));
 					lanman->Assign(2, security);
-					lanman->Assign(3, new Val(${val.lanman.max_buffer_size}, TYPE_COUNT));
-					lanman->Assign(4, new Val(${val.lanman.max_mpx_count}, TYPE_COUNT));
+					lanman->Assign(3, val_mgr->GetCount(${val.lanman.max_buffer_size}));
+					lanman->Assign(4, val_mgr->GetCount(${val.lanman.max_mpx_count}));
 
-					lanman->Assign(5, new Val(${val.lanman.max_number_vcs}, TYPE_COUNT));
+					lanman->Assign(5, val_mgr->GetCount(${val.lanman.max_number_vcs}));
 					lanman->Assign(6, raw);
-					lanman->Assign(7, new Val(${val.lanman.session_key}, TYPE_COUNT));
+					lanman->Assign(7, val_mgr->GetCount(${val.lanman.session_key}));
 					lanman->Assign(8, time_from_lanman(${val.lanman.server_time}, ${val.lanman.server_date}, ${val.lanman.server_tz}));
 					lanman->Assign(9, bytestring_to_val(${val.lanman.encryption_key}));
 
@@ -80,44 +80,44 @@ refine connection SMB_Conn += {
 
 				case 0x11:
 					security = new RecordVal(BifType::Record::SMB1::NegotiateResponseSecurity);
-					security->Assign(0, new Val(${val.ntlm.security_user_level}, TYPE_BOOL));
-					security->Assign(1, new Val(${val.ntlm.security_challenge_response}, TYPE_BOOL));
-					security->Assign(2, new Val(${val.ntlm.security_signatures_enabled}, TYPE_BOOL));
-					security->Assign(3, new Val(${val.ntlm.security_signatures_required}, TYPE_BOOL));
+					security->Assign(0, val_mgr->GetBool(${val.ntlm.security_user_level}));
+					security->Assign(1, val_mgr->GetBool(${val.ntlm.security_challenge_response}));
+					security->Assign(2, val_mgr->GetBool(${val.ntlm.security_signatures_enabled}));
+					security->Assign(3, val_mgr->GetBool(${val.ntlm.security_signatures_required}));
 
 					capabilities = new RecordVal(BifType::Record::SMB1::NegotiateCapabilities);
-					capabilities->Assign(0, new Val(${val.ntlm.capabilities_raw_mode}, TYPE_BOOL));
-					capabilities->Assign(1, new Val(${val.ntlm.capabilities_mpx_mode}, TYPE_BOOL));
-					capabilities->Assign(2, new Val(${val.ntlm.capabilities_unicode}, TYPE_BOOL));
-					capabilities->Assign(3, new Val(${val.ntlm.capabilities_large_files}, TYPE_BOOL));
-					capabilities->Assign(4, new Val(${val.ntlm.capabilities_nt_smbs}, TYPE_BOOL));
+					capabilities->Assign(0, val_mgr->GetBool(${val.ntlm.capabilities_raw_mode}));
+					capabilities->Assign(1, val_mgr->GetBool(${val.ntlm.capabilities_mpx_mode}));
+					capabilities->Assign(2, val_mgr->GetBool(${val.ntlm.capabilities_unicode}));
+					capabilities->Assign(3, val_mgr->GetBool(${val.ntlm.capabilities_large_files}));
+					capabilities->Assign(4, val_mgr->GetBool(${val.ntlm.capabilities_nt_smbs}));
 
-					capabilities->Assign(5, new Val(${val.ntlm.capabilities_rpc_remote_apis}, TYPE_BOOL));
-					capabilities->Assign(6, new Val(${val.ntlm.capabilities_status32}, TYPE_BOOL));
-					capabilities->Assign(7, new Val(${val.ntlm.capabilities_level_2_oplocks}, TYPE_BOOL));
-					capabilities->Assign(8, new Val(${val.ntlm.capabilities_lock_and_read}, TYPE_BOOL));
-					capabilities->Assign(9, new Val(${val.ntlm.capabilities_nt_find}, TYPE_BOOL));
+					capabilities->Assign(5, val_mgr->GetBool(${val.ntlm.capabilities_rpc_remote_apis}));
+					capabilities->Assign(6, val_mgr->GetBool(${val.ntlm.capabilities_status32}));
+					capabilities->Assign(7, val_mgr->GetBool(${val.ntlm.capabilities_level_2_oplocks}));
+					capabilities->Assign(8, val_mgr->GetBool(${val.ntlm.capabilities_lock_and_read}));
+					capabilities->Assign(9, val_mgr->GetBool(${val.ntlm.capabilities_nt_find}));
 
-					capabilities->Assign(10, new Val(${val.ntlm.capabilities_dfs}, TYPE_BOOL));
-					capabilities->Assign(11, new Val(${val.ntlm.capabilities_infolevel_passthru}, TYPE_BOOL));
-					capabilities->Assign(12, new Val(${val.ntlm.capabilities_large_readx}, TYPE_BOOL));
-					capabilities->Assign(13, new Val(${val.ntlm.capabilities_large_writex}, TYPE_BOOL));
-					capabilities->Assign(14, new Val(${val.ntlm.capabilities_unix}, TYPE_BOOL));
+					capabilities->Assign(10, val_mgr->GetBool(${val.ntlm.capabilities_dfs}));
+					capabilities->Assign(11, val_mgr->GetBool(${val.ntlm.capabilities_infolevel_passthru}));
+					capabilities->Assign(12, val_mgr->GetBool(${val.ntlm.capabilities_large_readx}));
+					capabilities->Assign(13, val_mgr->GetBool(${val.ntlm.capabilities_large_writex}));
+					capabilities->Assign(14, val_mgr->GetBool(${val.ntlm.capabilities_unix}));
 
-					capabilities->Assign(15, new Val(${val.ntlm.capabilities_bulk_transfer}, TYPE_BOOL));
-					capabilities->Assign(16, new Val(${val.ntlm.capabilities_compressed_data}, TYPE_BOOL));
-					capabilities->Assign(17, new Val(${val.ntlm.capabilities_extended_security}, TYPE_BOOL));
+					capabilities->Assign(15, val_mgr->GetBool(${val.ntlm.capabilities_bulk_transfer}));
+					capabilities->Assign(16, val_mgr->GetBool(${val.ntlm.capabilities_compressed_data}));
+					capabilities->Assign(17, val_mgr->GetBool(${val.ntlm.capabilities_extended_security}));
 
 					ntlm = new RecordVal(BifType::Record::SMB1::NegotiateResponseNTLM);
-					ntlm->Assign(0, new Val(${val.word_count}, TYPE_COUNT));
-					ntlm->Assign(1, new Val(${val.dialect_index}, TYPE_COUNT));
+					ntlm->Assign(0, val_mgr->GetCount(${val.word_count}));
+					ntlm->Assign(1, val_mgr->GetCount(${val.dialect_index}));
 					ntlm->Assign(2, security);
-					ntlm->Assign(3, new Val(${val.ntlm.max_buffer_size}, TYPE_COUNT));
-					ntlm->Assign(4, new Val(${val.ntlm.max_mpx_count}, TYPE_COUNT));
+					ntlm->Assign(3, val_mgr->GetCount(${val.ntlm.max_buffer_size}));
+					ntlm->Assign(4, val_mgr->GetCount(${val.ntlm.max_mpx_count}));
 
-					ntlm->Assign(5, new Val(${val.ntlm.max_number_vcs}, TYPE_COUNT));
-					ntlm->Assign(6, new Val(${val.ntlm.max_raw_size}, TYPE_COUNT));
-					ntlm->Assign(7, new Val(${val.ntlm.session_key}, TYPE_COUNT));
+					ntlm->Assign(5, val_mgr->GetCount(${val.ntlm.max_number_vcs}));
+					ntlm->Assign(6, val_mgr->GetCount(${val.ntlm.max_raw_size}));
+					ntlm->Assign(7, val_mgr->GetCount(${val.ntlm.session_key}));
 					ntlm->Assign(8, capabilities);
 					ntlm->Assign(9, filetime2brotime(${val.ntlm.server_time}));
 

src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac

@@ -15,13 +15,13 @@ refine connection SMB_Conn += {
 			RecordVal* request = new RecordVal(BifType::Record::SMB1::SessionSetupAndXRequest);
 			RecordVal* capabilities;
 
-			request->Assign(0, new Val(${val.word_count}, TYPE_COUNT));
+			request->Assign(0, val_mgr->GetCount(${val.word_count}));
 			switch ( ${val.word_count} ) {
 				case 10:	// pre NT LM 0.12
-					request->Assign(1, new Val(${val.lanman.max_buffer_size}, TYPE_COUNT));
-					request->Assign(2, new Val(${val.lanman.max_mpx_count}, TYPE_COUNT));
-					request->Assign(3, new Val(${val.lanman.vc_number}, TYPE_COUNT));
-					request->Assign(4, new Val(${val.lanman.session_key}, TYPE_COUNT));
+					request->Assign(1, val_mgr->GetCount(${val.lanman.max_buffer_size}));
+					request->Assign(2, val_mgr->GetCount(${val.lanman.max_mpx_count}));
+					request->Assign(3, val_mgr->GetCount(${val.lanman.vc_number}));
+					request->Assign(4, val_mgr->GetCount(${val.lanman.session_key}));
 
 					request->Assign(5, smb_string2stringval(${val.lanman.native_os}));
 					request->Assign(6, smb_string2stringval(${val.lanman.native_lanman}));
@@ -32,17 +32,17 @@ refine connection SMB_Conn += {
 					break;
 				case 12:	// NT LM 0.12 with extended security
 					capabilities = new RecordVal(BifType::Record::SMB1::SessionSetupAndXCapabilities);
-				 	capabilities->Assign(0, new Val(${val.ntlm_extended_security.capabilities.unicode}, TYPE_BOOL));
-				 	capabilities->Assign(1, new Val(${val.ntlm_extended_security.capabilities.large_files}, TYPE_BOOL));
-				 	capabilities->Assign(2, new Val(${val.ntlm_extended_security.capabilities.nt_smbs}, TYPE_BOOL));
-				 	capabilities->Assign(3, new Val(${val.ntlm_extended_security.capabilities.status32}, TYPE_BOOL));
-				 	capabilities->Assign(4, new Val(${val.ntlm_extended_security.capabilities.level_2_oplocks}, TYPE_BOOL));
-				 	capabilities->Assign(5, new Val(${val.ntlm_extended_security.capabilities.nt_find}, TYPE_BOOL));
+				 	capabilities->Assign(0, val_mgr->GetBool(${val.ntlm_extended_security.capabilities.unicode}));
+				 	capabilities->Assign(1, val_mgr->GetBool(${val.ntlm_extended_security.capabilities.large_files}));
+				 	capabilities->Assign(2, val_mgr->GetBool(${val.ntlm_extended_security.capabilities.nt_smbs}));
+				 	capabilities->Assign(3, val_mgr->GetBool(${val.ntlm_extended_security.capabilities.status32}));
+				 	capabilities->Assign(4, val_mgr->GetBool(${val.ntlm_extended_security.capabilities.level_2_oplocks}));
+				 	capabilities->Assign(5, val_mgr->GetBool(${val.ntlm_extended_security.capabilities.nt_find}));
 
-					request->Assign(1, new Val(${val.ntlm_extended_security.max_buffer_size}, TYPE_COUNT));
-					request->Assign(2, new Val(${val.ntlm_extended_security.max_mpx_count}, TYPE_COUNT));
-					request->Assign(3, new Val(${val.ntlm_extended_security.vc_number}, TYPE_COUNT));
-					request->Assign(4, new Val(${val.ntlm_extended_security.session_key}, TYPE_COUNT));
+					request->Assign(1, val_mgr->GetCount(${val.ntlm_extended_security.max_buffer_size}));
+					request->Assign(2, val_mgr->GetCount(${val.ntlm_extended_security.max_mpx_count}));
+					request->Assign(3, val_mgr->GetCount(${val.ntlm_extended_security.vc_number}));
+					request->Assign(4, val_mgr->GetCount(${val.ntlm_extended_security.session_key}));
 
 					request->Assign(5, smb_string2stringval(${val.ntlm_extended_security.native_os}));
 					request->Assign(6, smb_string2stringval(${val.ntlm_extended_security.native_lanman}));
@@ -52,17 +52,17 @@ refine connection SMB_Conn += {
 
 				case 13: // NT LM 0.12 without extended security
 					capabilities = new RecordVal(BifType::Record::SMB1::SessionSetupAndXCapabilities);
-				 	capabilities->Assign(0, new Val(${val.ntlm_nonextended_security.capabilities.unicode}, TYPE_BOOL));
-				 	capabilities->Assign(1, new Val(${val.ntlm_nonextended_security.capabilities.large_files}, TYPE_BOOL));
-				 	capabilities->Assign(2, new Val(${val.ntlm_nonextended_security.capabilities.nt_smbs}, TYPE_BOOL));
-				 	capabilities->Assign(3, new Val(${val.ntlm_nonextended_security.capabilities.status32}, TYPE_BOOL));
-				 	capabilities->Assign(4, new Val(${val.ntlm_nonextended_security.capabilities.level_2_oplocks}, TYPE_BOOL));
-				 	capabilities->Assign(5, new Val(${val.ntlm_nonextended_security.capabilities.nt_find}, TYPE_BOOL));
+				 	capabilities->Assign(0, val_mgr->GetBool(${val.ntlm_nonextended_security.capabilities.unicode}));
+				 	capabilities->Assign(1, val_mgr->GetBool(${val.ntlm_nonextended_security.capabilities.large_files}));
+				 	capabilities->Assign(2, val_mgr->GetBool(${val.ntlm_nonextended_security.capabilities.nt_smbs}));
+				 	capabilities->Assign(3, val_mgr->GetBool(${val.ntlm_nonextended_security.capabilities.status32}));
+				 	capabilities->Assign(4, val_mgr->GetBool(${val.ntlm_nonextended_security.capabilities.level_2_oplocks}));
+				 	capabilities->Assign(5, val_mgr->GetBool(${val.ntlm_nonextended_security.capabilities.nt_find}));
 
-					request->Assign(1, new Val(${val.ntlm_nonextended_security.max_buffer_size}, TYPE_COUNT));
-					request->Assign(2, new Val(${val.ntlm_nonextended_security.max_mpx_count}, TYPE_COUNT));
-					request->Assign(3, new Val(${val.ntlm_nonextended_security.vc_number}, TYPE_COUNT));
-					request->Assign(4, new Val(${val.ntlm_nonextended_security.session_key}, TYPE_COUNT));
+					request->Assign(1, val_mgr->GetCount(${val.ntlm_nonextended_security.max_buffer_size}));
+					request->Assign(2, val_mgr->GetCount(${val.ntlm_nonextended_security.max_mpx_count}));
+					request->Assign(3, val_mgr->GetCount(${val.ntlm_nonextended_security.vc_number}));
+					request->Assign(4, val_mgr->GetCount(${val.ntlm_nonextended_security.session_key}));
 
 					request->Assign(5, smb_string2stringval(${val.ntlm_nonextended_security.native_os}));
 					request->Assign(6, smb_string2stringval(${val.ntlm_nonextended_security.native_lanman}));
@@ -86,17 +86,17 @@ refine connection SMB_Conn += {
 			{
 			RecordVal* response = new RecordVal(BifType::Record::SMB1::SessionSetupAndXResponse);
 
-			response->Assign(0, new Val(${val.word_count}, TYPE_COUNT));
+			response->Assign(0, val_mgr->GetCount(${val.word_count}));
 			switch ( ${val.word_count} )
 				{
 				case 3: // pre NT LM 0.12
-					response->Assign(1, new Val(${val.lanman.is_guest}, TYPE_BOOL));
-					response->Assign(2, ${val.lanman.byte_count} == 0 ? new StringVal("") : smb_string2stringval(${val.lanman.native_os[0]}));
-					response->Assign(3, ${val.lanman.byte_count} == 0 ? new StringVal("") : smb_string2stringval(${val.lanman.native_lanman[0]}));
-					response->Assign(4, ${val.lanman.byte_count} == 0 ? new StringVal("") : smb_string2stringval(${val.lanman.primary_domain[0]}));
+					response->Assign(1, val_mgr->GetBool(${val.lanman.is_guest}));
+					response->Assign(2, ${val.lanman.byte_count} == 0 ? val_mgr->GetEmptyString() : smb_string2stringval(${val.lanman.native_os[0]}));
+					response->Assign(3, ${val.lanman.byte_count} == 0 ? val_mgr->GetEmptyString() : smb_string2stringval(${val.lanman.native_lanman[0]}));
+					response->Assign(4, ${val.lanman.byte_count} == 0 ? val_mgr->GetEmptyString() : smb_string2stringval(${val.lanman.primary_domain[0]}));
 					break;
 				case 4: // NT LM 0.12
-					response->Assign(1, new Val(${val.ntlm.is_guest}, TYPE_BOOL));
+					response->Assign(1, val_mgr->GetBool(${val.ntlm.is_guest}));
 					response->Assign(2, smb_string2stringval(${val.ntlm.native_os}));
 					response->Assign(3, smb_string2stringval(${val.ntlm.native_lanman}));
 					//response->Assign(4, smb_string2stringval(${val.ntlm.primary_domain}));

src/analyzer/protocol/smb/smb1-com-transaction-secondary.pac

@@ -6,14 +6,14 @@ refine connection SMB_Conn += {
 		return false;
 
 	RecordVal* args = new RecordVal(BifType::Record::SMB1::Trans_Sec_Args);
-	args->Assign(0, new Val(${val.total_param_count}, TYPE_COUNT));
-	args->Assign(1, new Val(${val.total_data_count}, TYPE_COUNT));
-	args->Assign(2, new Val(${val.param_count}, TYPE_COUNT));
-	args->Assign(3, new Val(${val.param_offset}, TYPE_COUNT));
-	args->Assign(4, new Val(${val.param_displacement}, TYPE_COUNT));
-	args->Assign(5, new Val(${val.data_count}, TYPE_COUNT));
-	args->Assign(6, new Val(${val.data_offset}, TYPE_COUNT));
-	args->Assign(7, new Val(${val.data_displacement}, TYPE_COUNT));
+	args->Assign(0, val_mgr->GetCount(${val.total_param_count}));
+	args->Assign(1, val_mgr->GetCount(${val.total_data_count}));
+	args->Assign(2, val_mgr->GetCount(${val.param_count}));
+	args->Assign(3, val_mgr->GetCount(${val.param_offset}));
+	args->Assign(4, val_mgr->GetCount(${val.param_displacement}));
+	args->Assign(5, val_mgr->GetCount(${val.data_count}));
+	args->Assign(6, val_mgr->GetCount(${val.data_offset}));
+	args->Assign(7, val_mgr->GetCount(${val.data_displacement}));
 
 	StringVal* parameters = new StringVal(${val.parameters}.length(),
 	                                      (const char*)${val.parameters}.data());
@@ -42,7 +42,7 @@ refine connection SMB_Conn += {
 
 	if ( ! payload_str )
 		{
-		payload_str = new StringVal("");
+		payload_str = val_mgr->GetEmptyString();
 		}
 
 	BifEvent::generate_smb1_transaction_secondary_request(bro_analyzer(),

src/analyzer/protocol/smb/smb1-com-transaction.pac

@@ -61,7 +61,7 @@ refine connection SMB_Conn += {
 
 		if ( ! payload_str )
 			{
-			payload_str = new StringVal("");
+			payload_str = val_mgr->GetEmptyString();
 			}
 
 		BifEvent::generate_smb1_transaction_request(bro_analyzer(),
@@ -107,7 +107,7 @@ refine connection SMB_Conn += {
 
 		if ( ! payload_str )
 			{
-			payload_str = new StringVal("");
+			payload_str = val_mgr->GetEmptyString();
 			}
 
 		BifEvent::generate_smb1_transaction_response(bro_analyzer(),

src/analyzer/protocol/smb/smb1-com-transaction2-secondary.pac

@@ -6,15 +6,15 @@ refine connection SMB_Conn += {
 		return false;
 
 	RecordVal* args = new RecordVal(BifType::Record::SMB1::Trans2_Sec_Args);
-	args->Assign(0, new Val(${val.total_param_count}, TYPE_COUNT));
-	args->Assign(1, new Val(${val.total_data_count}, TYPE_COUNT));
-	args->Assign(2, new Val(${val.param_count}, TYPE_COUNT));
-	args->Assign(3, new Val(${val.param_offset}, TYPE_COUNT));
-	args->Assign(4, new Val(${val.param_displacement}, TYPE_COUNT));
-	args->Assign(5, new Val(${val.data_count}, TYPE_COUNT));
-	args->Assign(6, new Val(${val.data_offset}, TYPE_COUNT));
-	args->Assign(7, new Val(${val.data_displacement}, TYPE_COUNT));
-	args->Assign(8, new Val(${val.FID}, TYPE_COUNT));
+	args->Assign(0, val_mgr->GetCount(${val.total_param_count}));
+	args->Assign(1, val_mgr->GetCount(${val.total_data_count}));
+	args->Assign(2, val_mgr->GetCount(${val.param_count}));
+	args->Assign(3, val_mgr->GetCount(${val.param_offset}));
+	args->Assign(4, val_mgr->GetCount(${val.param_displacement}));
+	args->Assign(5, val_mgr->GetCount(${val.data_count}));
+	args->Assign(6, val_mgr->GetCount(${val.data_offset}));
+	args->Assign(7, val_mgr->GetCount(${val.data_displacement}));
+	args->Assign(8, val_mgr->GetCount(${val.FID}));
 
 	StringVal* parameters = new StringVal(${val.parameters}.length(), (const char*)${val.parameters}.data());
 	StringVal* payload = new StringVal(${val.data}.length(), (const char*)${val.data}.data());

src/analyzer/protocol/smb/smb1-com-transaction2.pac

@@ -25,18 +25,18 @@ refine connection SMB_Conn += {
 		if ( smb1_transaction2_request )
 			{
 			RecordVal* args = new RecordVal(BifType::Record::SMB1::Trans2_Args);
-			args->Assign(0, new Val(${val.total_param_count}, TYPE_COUNT));
-			args->Assign(1, new Val(${val.total_data_count}, TYPE_COUNT));
-			args->Assign(2, new Val(${val.max_param_count}, TYPE_COUNT));
-			args->Assign(3, new Val(${val.max_data_count}, TYPE_COUNT));
-			args->Assign(4, new Val(${val.max_setup_count}, TYPE_COUNT));
-			args->Assign(5, new Val(${val.flags}, TYPE_COUNT));
-			args->Assign(6, new Val(${val.timeout}, TYPE_COUNT));
-			args->Assign(7, new Val(${val.param_count}, TYPE_COUNT));
-			args->Assign(8, new Val(${val.param_offset}, TYPE_COUNT));
-			args->Assign(9, new Val(${val.data_count}, TYPE_COUNT));
-			args->Assign(10, new Val(${val.data_offset}, TYPE_COUNT));
-			args->Assign(11, new Val(${val.setup_count}, TYPE_COUNT));
+			args->Assign(0, val_mgr->GetCount(${val.total_param_count}));
+			args->Assign(1, val_mgr->GetCount(${val.total_data_count}));
+			args->Assign(2, val_mgr->GetCount(${val.max_param_count}));
+			args->Assign(3, val_mgr->GetCount(${val.max_data_count}));
+			args->Assign(4, val_mgr->GetCount(${val.max_setup_count}));
+			args->Assign(5, val_mgr->GetCount(${val.flags}));
+			args->Assign(6, val_mgr->GetCount(${val.timeout}));
+			args->Assign(7, val_mgr->GetCount(${val.param_count}));
+			args->Assign(8, val_mgr->GetCount(${val.param_offset}));
+			args->Assign(9, val_mgr->GetCount(${val.data_count}));
+			args->Assign(10, val_mgr->GetCount(${val.data_offset}));
+			args->Assign(11, val_mgr->GetCount(${val.setup_count}));
 
 			BifEvent::generate_smb1_transaction2_request(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), args, ${val.sub_cmd});
 			}
@@ -128,11 +128,11 @@ refine connection SMB_Conn += {
 		if ( smb1_trans2_find_first2_request )
 			{
 			RecordVal* result = new RecordVal(BifType::Record::SMB1::Find_First2_Request_Args);
-			result->Assign(0, new Val(${val.search_attrs}, TYPE_COUNT));
-			result->Assign(1, new Val(${val.search_count}, TYPE_COUNT));
-			result->Assign(2, new Val(${val.flags}, TYPE_COUNT));
-			result->Assign(3, new Val(${val.info_level}, TYPE_COUNT));
-			result->Assign(4, new Val(${val.search_storage_type}, TYPE_COUNT));
+			result->Assign(0, val_mgr->GetCount(${val.search_attrs}));
+			result->Assign(1, val_mgr->GetCount(${val.search_count}));
+			result->Assign(2, val_mgr->GetCount(${val.flags}));
+			result->Assign(3, val_mgr->GetCount(${val.info_level}));
+			result->Assign(4, val_mgr->GetCount(${val.search_storage_type}));
 			result->Assign(5, smb_string2stringval(${val.file_name}));
 			BifEvent::generate_smb1_trans2_find_first2_request(bro_analyzer(), bro_analyzer()->Conn(), \
 															   BuildHeaderVal(header), result);

src/analyzer/protocol/smb/smb1-com-tree-connect-andx.pac

@@ -23,7 +23,7 @@ refine connection SMB_Conn += {
 			                                                   bro_analyzer()->Conn(),
 			                                                   BuildHeaderVal(header),
 			                                                   service_string,
-			                                                   ${val.byte_count} > ${val.service.a}->size() ? smb_string2stringval(${val.native_file_system[0]}) : new StringVal(""));
+			                                                   ${val.byte_count} > ${val.service.a}->size() ? smb_string2stringval(${val.native_file_system[0]}) : val_mgr->GetEmptyString());
 		else
 			Unref(service_string);
 

src/analyzer/protocol/smb/smb1-protocol.pac

@@ -21,14 +21,14 @@ refine connection SMB_Conn += {
 		//	{ // do nothing
 		//	}
 
-		r->Assign(0, new Val(${hdr.command}, TYPE_COUNT));
-		r->Assign(1, new Val(${hdr.status}, TYPE_COUNT));
-		r->Assign(2, new Val(${hdr.flags}, TYPE_COUNT));
-		r->Assign(3, new Val(${hdr.flags2}, TYPE_COUNT));
-		r->Assign(4, new Val(${hdr.tid}, TYPE_COUNT));
-		r->Assign(5, new Val(${hdr.pid}, TYPE_COUNT));
-		r->Assign(6, new Val(${hdr.uid}, TYPE_COUNT));
-		r->Assign(7, new Val(${hdr.mid}, TYPE_COUNT));
+		r->Assign(0, val_mgr->GetCount(${hdr.command}));
+		r->Assign(1, val_mgr->GetCount(${hdr.status}));
+		r->Assign(2, val_mgr->GetCount(${hdr.flags}));
+		r->Assign(3, val_mgr->GetCount(${hdr.flags2}));
+		r->Assign(4, val_mgr->GetCount(${hdr.tid}));
+		r->Assign(5, val_mgr->GetCount(${hdr.pid}));
+		r->Assign(6, val_mgr->GetCount(${hdr.uid}));
+		r->Assign(7, val_mgr->GetCount(${hdr.mid}));
 
 		return r;
 		%}

src/analyzer/protocol/smb/smb2-com-close.pac

@@ -22,8 +22,8 @@ refine connection SMB_Conn += {
 			{
 			RecordVal* resp = new RecordVal(BifType::Record::SMB2::CloseResponse);
 
-			resp->Assign(0, new Val(${val.alloc_size}, TYPE_COUNT));
-			resp->Assign(1, new Val(${val.eof}, TYPE_COUNT));
+			resp->Assign(0, val_mgr->GetCount(${val.alloc_size}));
+			resp->Assign(1, val_mgr->GetCount(${val.eof}));
 			resp->Assign(2, SMB_BuildMACTimes(${val.last_write_time},
 			                                  ${val.last_access_time},
 			                                  ${val.creation_time},

src/analyzer/protocol/smb/smb2-com-create.pac

@@ -15,8 +15,8 @@ refine connection SMB_Conn += {
 			{
 			RecordVal* requestinfo = new RecordVal(BifType::Record::SMB2::CreateRequest);
 			requestinfo->Assign(0, filename);
-			requestinfo->Assign(1, new Val(${val.disposition}, TYPE_COUNT));
-			requestinfo->Assign(2, new Val(${val.create_options}, TYPE_COUNT));
+			requestinfo->Assign(1, val_mgr->GetCount(${val.disposition}));
+			requestinfo->Assign(2, val_mgr->GetCount(${val.create_options}));
 			BifEvent::generate_smb2_create_request(bro_analyzer(),
 			                                       bro_analyzer()->Conn(),
 			                                       BuildSMB2HeaderVal(h),
@@ -36,13 +36,13 @@ refine connection SMB_Conn += {
 			{
 			RecordVal* responseinfo = new RecordVal(BifType::Record::SMB2::CreateResponse);
 			responseinfo->Assign(0, BuildSMB2GUID(${val.file_id}));
-			responseinfo->Assign(1, new Val(${val.eof}, TYPE_COUNT));
+			responseinfo->Assign(1, val_mgr->GetCount(${val.eof}));
 			responseinfo->Assign(2, SMB_BuildMACTimes(${val.last_write_time},
 			                                          ${val.last_access_time},
 			                                          ${val.creation_time},
 			                                          ${val.change_time}));
 			responseinfo->Assign(3, smb2_file_attrs_to_bro(${val.file_attrs}));
-			responseinfo->Assign(4, new Val(${val.create_action}, TYPE_COUNT));
+			responseinfo->Assign(4, val_mgr->GetCount(${val.create_action}));
 			BifEvent::generate_smb2_create_response(bro_analyzer(),
 			                                        bro_analyzer()->Conn(),
 			                                        BuildSMB2HeaderVal(h),

src/analyzer/protocol/smb/smb2-com-negotiate.pac

@@ -7,7 +7,7 @@ refine connection SMB_Conn += {
 			VectorVal* dialects = new VectorVal(index_vec);
 			for ( unsigned int i = 0; i < ${val.dialects}->size(); ++i )
 				{
-				dialects->Assign(i, new Val((*${val.dialects})[i], TYPE_COUNT));
+				dialects->Assign(i, val_mgr->GetCount((*${val.dialects})[i]));
 				}
 			BifEvent::generate_smb2_negotiate_request(bro_analyzer(), bro_analyzer()->Conn(),
 			                                          BuildSMB2HeaderVal(h),
@@ -23,8 +23,8 @@ refine connection SMB_Conn += {
 			{
 			RecordVal* nr = new RecordVal(BifType::Record::SMB2::NegotiateResponse);
 
-			nr->Assign(0, new Val(${val.dialect_revision}, TYPE_COUNT));
-			nr->Assign(1, new Val(${val.security_mode}, TYPE_COUNT));
+			nr->Assign(0, val_mgr->GetCount(${val.dialect_revision}));
+			nr->Assign(1, val_mgr->GetCount(${val.security_mode}));
 			nr->Assign(2, BuildSMB2GUID(${val.server_guid})),
 			nr->Assign(3, filetime2brotime(${val.system_time}));
 			nr->Assign(4, filetime2brotime(${val.server_start_time}));

src/analyzer/protocol/smb/smb2-com-session-setup.pac

@@ -5,7 +5,7 @@ refine connection SMB_Conn += {
 		if ( smb2_session_setup_request )
 			{
 			RecordVal* req = new RecordVal(BifType::Record::SMB2::SessionSetupRequest);
-			req->Assign(0, new Val(${val.security_mode}, TYPE_COUNT));
+			req->Assign(0, val_mgr->GetCount(${val.security_mode}));
 
 			BifEvent::generate_smb2_session_setup_request(bro_analyzer(),
 			                                              bro_analyzer()->Conn(),
@@ -21,9 +21,9 @@ refine connection SMB_Conn += {
 		if ( smb2_session_setup_response )
 			{
 			RecordVal* flags = new RecordVal(BifType::Record::SMB2::SessionSetupFlags);
-			flags->Assign(0, new Val(${val.flag_guest}, TYPE_BOOL));
-			flags->Assign(1, new Val(${val.flag_anonymous}, TYPE_BOOL));
-			flags->Assign(2, new Val(${val.flag_encrypt}, TYPE_BOOL));
+			flags->Assign(0, val_mgr->GetBool(${val.flag_guest}));
+			flags->Assign(1, val_mgr->GetBool(${val.flag_anonymous}));
+			flags->Assign(2, val_mgr->GetBool(${val.flag_encrypt}));
 
 			RecordVal* resp = new RecordVal(BifType::Record::SMB2::SessionSetupResponse);
 			resp->Assign(0, flags);

src/analyzer/protocol/smb/smb2-com-tree-connect.pac

@@ -19,7 +19,7 @@ refine connection SMB_Conn += {
 		if ( smb2_tree_connect_response )
 			{
 			RecordVal* resp = new RecordVal(BifType::Record::SMB2::TreeConnectResponse);
-			resp->Assign(0, new Val(${val.share_type}, TYPE_COUNT));
+			resp->Assign(0, val_mgr->GetCount(${val.share_type}));
 
 			BifEvent::generate_smb2_tree_connect_response(bro_analyzer(),
 			                                              bro_analyzer()->Conn(),

src/analyzer/protocol/smb/smb2-protocol.pac

@@ -104,15 +104,15 @@ refine connection SMB_Conn += {
 		%{
 		RecordVal* r = new RecordVal(BifType::Record::SMB2::Header);
 
-		r->Assign(0, new Val(${hdr.credit_charge}, TYPE_COUNT));
-		r->Assign(1, new Val(${hdr.status}, TYPE_COUNT));
-		r->Assign(2, new Val(${hdr.command}, TYPE_COUNT));
-		r->Assign(3, new Val(${hdr.credits}, TYPE_COUNT));
-		r->Assign(4, new Val(${hdr.flags}, TYPE_COUNT));
-		r->Assign(5, new Val(${hdr.message_id}, TYPE_COUNT));
-		r->Assign(6, new Val(${hdr.process_id}, TYPE_COUNT));
-		r->Assign(7, new Val(${hdr.tree_id}, TYPE_COUNT));
-		r->Assign(8, new Val(${hdr.session_id}, TYPE_COUNT));
+		r->Assign(0, val_mgr->GetCount(${hdr.credit_charge}));
+		r->Assign(1, val_mgr->GetCount(${hdr.status}));
+		r->Assign(2, val_mgr->GetCount(${hdr.command}));
+		r->Assign(3, val_mgr->GetCount(${hdr.credits}));
+		r->Assign(4, val_mgr->GetCount(${hdr.flags}));
+		r->Assign(5, val_mgr->GetCount(${hdr.message_id}));
+		r->Assign(6, val_mgr->GetCount(${hdr.process_id}));
+		r->Assign(7, val_mgr->GetCount(${hdr.tree_id}));
+		r->Assign(8, val_mgr->GetCount(${hdr.session_id}));
 		r->Assign(9, bytestring_to_val(${hdr.signature}));
 
 		return r;
@@ -122,8 +122,8 @@ refine connection SMB_Conn += {
 		%{
 		RecordVal* r = new RecordVal(BifType::Record::SMB2::GUID);
 
-		r->Assign(0, new Val(${file_id.persistent}, TYPE_COUNT));
-		r->Assign(1, new Val(${file_id._volatile}, TYPE_COUNT));
+		r->Assign(0, val_mgr->GetCount(${file_id.persistent}));
+		r->Assign(1, val_mgr->GetCount(${file_id._volatile}));
 
 		return r;
 		%}
@@ -170,21 +170,21 @@ function smb2_file_attrs_to_bro(val: SMB2_file_attributes): BroVal
 	%{
 	RecordVal* r = new RecordVal(BifType::Record::SMB2::FileAttrs);
 
-	r->Assign(0, new Val(${val.read_only}, TYPE_BOOL));
-	r->Assign(1, new Val(${val.hidden}, TYPE_BOOL));
-	r->Assign(2, new Val(${val.system}, TYPE_BOOL));
-	r->Assign(3, new Val(${val.directory}, TYPE_BOOL));
-	r->Assign(4, new Val(${val.archive}, TYPE_BOOL));
-	r->Assign(5, new Val(${val.normal}, TYPE_BOOL));
-	r->Assign(6, new Val(${val.temporary}, TYPE_BOOL));
-	r->Assign(7, new Val(${val.sparse_file}, TYPE_BOOL));
-	r->Assign(8, new Val(${val.reparse_point}, TYPE_BOOL));
-	r->Assign(9, new Val(${val.compressed}, TYPE_BOOL));
-	r->Assign(10, new Val(${val.offline}, TYPE_BOOL));
-	r->Assign(11, new Val(${val.not_content_indexed}, TYPE_BOOL));
-	r->Assign(12, new Val(${val.encrypted}, TYPE_BOOL));
-	r->Assign(13, new Val(${val.integrity_stream}, TYPE_BOOL));
-	r->Assign(14, new Val(${val.no_scrub_data}, TYPE_BOOL));
+	r->Assign(0, val_mgr->GetBool(${val.read_only}));
+	r->Assign(1, val_mgr->GetBool(${val.hidden}));
+	r->Assign(2, val_mgr->GetBool(${val.system}));
+	r->Assign(3, val_mgr->GetBool(${val.directory}));
+	r->Assign(4, val_mgr->GetBool(${val.archive}));
+	r->Assign(5, val_mgr->GetBool(${val.normal}));
+	r->Assign(6, val_mgr->GetBool(${val.temporary}));
+	r->Assign(7, val_mgr->GetBool(${val.sparse_file}));
+	r->Assign(8, val_mgr->GetBool(${val.reparse_point}));
+	r->Assign(9, val_mgr->GetBool(${val.compressed}));
+	r->Assign(10, val_mgr->GetBool(${val.offline}));
+	r->Assign(11, val_mgr->GetBool(${val.not_content_indexed}));
+	r->Assign(12, val_mgr->GetBool(${val.encrypted}));
+	r->Assign(13, val_mgr->GetBool(${val.integrity_stream}));
+	r->Assign(14, val_mgr->GetBool(${val.no_scrub_data}));
 
 	return r;
 	%}

src/analyzer/protocol/smtp/SMTP.cc

@@ -222,7 +222,7 @@ void SMTP_Analyzer::ProcessLine(int length, const char* line, bool orig)
 				{
 				val_list* vl = new val_list;
 				vl->append(BuildConnVal());
-				vl->append(new Val(orig, TYPE_BOOL));
+				vl->append(val_mgr->GetBool(orig));
 				vl->append(new StringVal(data_len, line));
 				ConnectionEvent(smtp_data, vl);
 				}
@@ -352,11 +352,11 @@ void SMTP_Analyzer::ProcessLine(int length, const char* line, bool orig)
 
 				val_list* vl = new val_list;
 				vl->append(BuildConnVal());
-				vl->append(new Val(orig, TYPE_BOOL));
-				vl->append(new Val(reply_code, TYPE_COUNT));
+				vl->append(val_mgr->GetBool(orig));
+				vl->append(val_mgr->GetCount(reply_code));
 				vl->append(new StringVal(cmd));
 				vl->append(new StringVal(end_of_line - line, line));
-				vl->append(new Val((pending_reply > 0), TYPE_BOOL));
+				vl->append(val_mgr->GetBool((pending_reply > 0)));
 
 				ConnectionEvent(smtp_reply, vl);
 				}
@@ -859,7 +859,7 @@ void SMTP_Analyzer::RequestEvent(int cmd_len, const char* cmd,
 	val_list* vl = new val_list;
 
 	vl->append(BuildConnVal());
-	vl->append(new Val(orig_is_sender, TYPE_BOOL));
+	vl->append(val_mgr->GetBool(orig_is_sender));
 	vl->append((new StringVal(cmd_len, cmd))->ToUpper());
 	vl->append(new StringVal(arg_len, arg));
 
@@ -880,7 +880,7 @@ void SMTP_Analyzer::Unexpected(const int is_sender, const char* msg,
 			is_orig = ! is_orig;
 
 		vl->append(BuildConnVal());
-		vl->append(new Val(is_orig, TYPE_BOOL));
+		vl->append(val_mgr->GetBool(is_orig));
 		vl->append(new StringVal(msg));
 		vl->append(new StringVal(detail_len, detail));
 

src/analyzer/protocol/snmp/snmp-analyzer.pac

@@ -47,7 +47,7 @@ Val* asn1_obj_to_val(const ASN1Encoding* obj)
 	RecordVal* rval = new RecordVal(BifType::Record::SNMP::ObjectValue);
 	uint8 tag = obj->meta()->tag();
 
-	rval->Assign(0, new Val(tag, TYPE_COUNT));
+	rval->Assign(0, val_mgr->GetCount(tag));
 
 	switch ( tag ) {
 	case VARBIND_UNSPECIFIED_TAG:
@@ -93,7 +93,7 @@ Val* time_ticks_to_val(const TimeTicks* tt)
 RecordVal* build_hdr(const Header* header)
 	{
 	RecordVal* rv = new RecordVal(BifType::Record::SNMP::Header);
-	rv->Assign(0, new Val(header->version(), TYPE_COUNT));
+	rv->Assign(0, val_mgr->GetCount(header->version()));
 
 	switch ( header->version() ) {
 	case SNMPV1_TAG:
@@ -133,10 +133,10 @@ RecordVal* build_hdrV3(const Header* header)
 	v3->Assign(0, asn1_integer_to_val(global_data->id(), TYPE_COUNT));
 	v3->Assign(1, asn1_integer_to_val(global_data->max_size(),
 	                                        TYPE_COUNT));
-	v3->Assign(2, new Val(flags_byte, TYPE_COUNT));
-	v3->Assign(3, new Val(flags_byte & 0x01, TYPE_BOOL));
-	v3->Assign(4, new Val(flags_byte & 0x02, TYPE_BOOL));
-	v3->Assign(5, new Val(flags_byte & 0x04, TYPE_BOOL));
+	v3->Assign(2, val_mgr->GetCount(flags_byte));
+	v3->Assign(3, val_mgr->GetBool(flags_byte & 0x01));
+	v3->Assign(4, val_mgr->GetBool(flags_byte & 0x02));
+	v3->Assign(5, val_mgr->GetBool(flags_byte & 0x04));
 	v3->Assign(6, asn1_integer_to_val(global_data->security_model(),
 	                                        TYPE_COUNT));
 	v3->Assign(7, asn1_octet_string_to_val(v3hdr->security_parameters()));

src/analyzer/protocol/socks/socks-analyzer.pac

@@ -32,7 +32,7 @@ refine connection SOCKS_Conn += {
 		                                 4,
 		                                 ${request.command},
 		                                 sa,
-		                                 port_mgr->Get(${request.port} | TCP_PORT_MASK),
+		                                 val_mgr->GetPort(${request.port}, TRANSPORT_TCP),
 		                                 array_to_string(${request.user}));
 
 		static_cast<analyzer::socks::SOCKS_Analyzer*>(bro_analyzer())->EndpointDone(true);
@@ -50,7 +50,7 @@ refine connection SOCKS_Conn += {
 		                               4,
 		                               ${reply.status},
 		                               sa,
-		                               port_mgr->Get(${reply.port} | TCP_PORT_MASK));
+		                               val_mgr->GetPort(${reply.port}, TRANSPORT_TCP));
 
 		bro_analyzer()->ProtocolConfirmation();
 		static_cast<analyzer::socks::SOCKS_Analyzer*>(bro_analyzer())->EndpointDone(false);
@@ -102,8 +102,8 @@ refine connection SOCKS_Conn += {
 		                                 5,
 		                                 ${request.command},
 		                                 sa,
-		                                 port_mgr->Get(${request.port} | TCP_PORT_MASK),
-		                                 new StringVal(""));
+		                                 val_mgr->GetPort(${request.port}, TRANSPORT_TCP),
+		                                 val_mgr->GetEmptyString());
 
 		static_cast<analyzer::socks::SOCKS_Analyzer*>(bro_analyzer())->EndpointDone(true);
 
@@ -141,7 +141,7 @@ refine connection SOCKS_Conn += {
 		                               5,
 		                               ${reply.reply},
 		                               sa,
-		                               port_mgr->Get(${reply.port} | TCP_PORT_MASK));
+		                               val_mgr->GetPort(${reply.port}, TRANSPORT_TCP));
 
 		bro_analyzer()->ProtocolConfirmation();
 		static_cast<analyzer::socks::SOCKS_Analyzer*>(bro_analyzer())->EndpointDone(false);

src/analyzer/protocol/ssh/ssh-analyzer.pac

@@ -101,7 +101,7 @@ refine flow SSH_Flow += {
 			}
 
 
-		result->Assign(6, new Val(!${msg.is_orig}, TYPE_BOOL));
+		result->Assign(6, val_mgr->GetBool(!${msg.is_orig}));
 
 		BifEvent::generate_ssh_capabilities(connection()->bro_analyzer(),
 			connection()->bro_analyzer()->Conn(), bytestring_to_val(${msg.cookie}),

src/analyzer/protocol/ssl/proc-client-hello.pac

@@ -25,7 +25,7 @@
 			VectorVal* cipher_vec = new VectorVal(internal_type("index_vec")->AsVectorType());
 			for ( unsigned int i = 0; i < cipher_suites->size(); ++i )
 				{
-				Val* ciph = new Val((*cipher_suites)[i], TYPE_COUNT);
+				Val* ciph = val_mgr->GetCount((*cipher_suites)[i]);
 				cipher_vec->Assign(i, ciph);
 				}
 
@@ -34,7 +34,7 @@
 				{
 				for ( unsigned int i = 0; i < compression_methods->size(); ++i )
 					{
-					Val* comp = new Val((*compression_methods)[i], TYPE_COUNT);
+					Val* comp = val_mgr->GetCount((*compression_methods)[i]);
 					comp_vec->Assign(i, comp);
 					}
 				}

src/analyzer/protocol/ssl/tls-handshake-analyzer.pac

@@ -77,7 +77,7 @@ refine connection Handshake_Conn += {
 		if ( point_format_list )
 			{
 			for ( unsigned int i = 0; i < point_format_list->size(); ++i )
-				points->Assign(i, new Val((*point_format_list)[i], TYPE_COUNT));
+				points->Assign(i, val_mgr->GetCount((*point_format_list)[i]));
 			}
 
 		BifEvent::generate_ssl_extension_ec_point_formats(bro_analyzer(), bro_analyzer()->Conn(),
@@ -93,7 +93,7 @@ refine connection Handshake_Conn += {
 		if ( list )
 			{
 			for ( unsigned int i = 0; i < list->size(); ++i )
-				curves->Assign(i, new Val((*list)[i], TYPE_COUNT));
+				curves->Assign(i, val_mgr->GetCount((*list)[i]));
 			}
 
 		BifEvent::generate_ssl_extension_elliptic_curves(bro_analyzer(), bro_analyzer()->Conn(),
@@ -109,7 +109,7 @@ refine connection Handshake_Conn += {
 		if ( keyshare )
 			{
 			for ( unsigned int i = 0; i < keyshare->size(); ++i )
-				nglist->Assign(i, new Val((*keyshare)[i]->namedgroup(), TYPE_COUNT));
+				nglist->Assign(i, val_mgr->GetCount((*keyshare)[i]->namedgroup()));
 			}
 
 		BifEvent::generate_ssl_extension_key_share(bro_analyzer(), bro_analyzer()->Conn(), ${rec.is_orig}, nglist);
@@ -120,7 +120,7 @@ refine connection Handshake_Conn += {
 		%{
 		VectorVal* nglist = new VectorVal(internal_type("index_vec")->AsVectorType());
 
-		nglist->Assign(0u, new Val(keyshare->namedgroup(), TYPE_COUNT));
+		nglist->Assign(0u, val_mgr->GetCount(keyshare->namedgroup()));
 		BifEvent::generate_ssl_extension_key_share(bro_analyzer(), bro_analyzer()->Conn(), ${rec.is_orig}, nglist);
 		return true;
 		%}
@@ -134,8 +134,8 @@ refine connection Handshake_Conn += {
 			for ( unsigned int i = 0; i < supported_signature_algorithms->size(); ++i )
 				{
 				RecordVal* el = new RecordVal(BifType::Record::SSL::SignatureAndHashAlgorithm);
-				el->Assign(0, new Val((*supported_signature_algorithms)[i]->HashAlgorithm(), TYPE_COUNT));
-				el->Assign(1, new Val((*supported_signature_algorithms)[i]->SignatureAlgorithm(), TYPE_COUNT));
+				el->Assign(0, val_mgr->GetCount((*supported_signature_algorithms)[i]->HashAlgorithm()));
+				el->Assign(1, val_mgr->GetCount((*supported_signature_algorithms)[i]->SignatureAlgorithm()));
 				slist->Assign(i, el);
 				}
 			}
@@ -196,7 +196,7 @@ refine connection Handshake_Conn += {
 		if ( versions_list )
 			{
 			for ( unsigned int i = 0; i < versions_list->size(); ++i )
-				versions->Assign(i, new Val((*versions_list)[i], TYPE_COUNT));
+				versions->Assign(i, val_mgr->GetCount((*versions_list)[i]));
 			}
 
 		BifEvent::generate_ssl_extension_supported_versions(bro_analyzer(), bro_analyzer()->Conn(),
@@ -208,7 +208,7 @@ refine connection Handshake_Conn += {
 	function proc_one_supported_version(rec: HandshakeRecord, version: uint16) : bool
 		%{
 		VectorVal* versions = new VectorVal(internal_type("index_vec")->AsVectorType());
-		versions->Assign(0u, new Val(version, TYPE_COUNT));
+		versions->Assign(0u, val_mgr->GetCount(version));
 
 		BifEvent::generate_ssl_extension_supported_versions(bro_analyzer(), bro_analyzer()->Conn(),
 			${rec.is_orig}, versions);
@@ -223,7 +223,7 @@ refine connection Handshake_Conn += {
 		if ( mode_list )
 			{
 			for ( unsigned int i = 0; i < mode_list->size(); ++i )
-				modes->Assign(i, new Val((*mode_list)[i], TYPE_COUNT));
+				modes->Assign(i, val_mgr->GetCount((*mode_list)[i]));
 			}
 
 		BifEvent::generate_ssl_extension_psk_key_exchange_modes(bro_analyzer(), bro_analyzer()->Conn(),
@@ -296,14 +296,14 @@ refine connection Handshake_Conn += {
 		RecordVal* ha = new RecordVal(BifType::Record::SSL::SignatureAndHashAlgorithm);
 		if ( ${kex.signed_params.uses_signature_and_hashalgorithm} )
 			{
-			ha->Assign(0, new Val(${kex.signed_params.algorithm.HashAlgorithm}, TYPE_COUNT));
-			ha->Assign(1, new Val(${kex.signed_params.algorithm.SignatureAlgorithm}, TYPE_COUNT));
+			ha->Assign(0, val_mgr->GetCount(${kex.signed_params.algorithm.HashAlgorithm}));
+			ha->Assign(1, val_mgr->GetCount(${kex.signed_params.algorithm.SignatureAlgorithm}));
 			}
 			else
 			{
 			// set to impossible value
-			ha->Assign(0, new Val(256, TYPE_COUNT));
-			ha->Assign(1, new Val(256, TYPE_COUNT));
+			ha->Assign(0, val_mgr->GetCount(256));
+			ha->Assign(1, val_mgr->GetCount(256));
 			}
 
 		BifEvent::generate_ssl_server_signature(bro_analyzer(),
@@ -346,8 +346,8 @@ refine connection Handshake_Conn += {
 	function proc_signedcertificatetimestamp(rec: HandshakeRecord, version: uint8, logid: const_bytestring, timestamp: uint64, digitally_signed_algorithms: SignatureAndHashAlgorithm, digitally_signed_signature: const_bytestring) : bool
 		%{
 		RecordVal* ha = new RecordVal(BifType::Record::SSL::SignatureAndHashAlgorithm);
-		ha->Assign(0, new Val(digitally_signed_algorithms->HashAlgorithm(), TYPE_COUNT));
-		ha->Assign(1, new Val(digitally_signed_algorithms->SignatureAlgorithm(), TYPE_COUNT));
+		ha->Assign(0, val_mgr->GetCount(digitally_signed_algorithms->HashAlgorithm()));
+		ha->Assign(1, val_mgr->GetCount(digitally_signed_algorithms->SignatureAlgorithm()));
 
 		BifEvent::generate_ssl_extension_signed_certificate_timestamp(bro_analyzer(),
 			bro_analyzer()->Conn(), ${rec.is_orig},
@@ -373,14 +373,14 @@ refine connection Handshake_Conn += {
 		RecordVal* ha = new RecordVal(BifType::Record::SSL::SignatureAndHashAlgorithm);
 		if ( ${signed_params.uses_signature_and_hashalgorithm} )
 			{
-			ha->Assign(0, new Val(${signed_params.algorithm.HashAlgorithm}, TYPE_COUNT));
-			ha->Assign(1, new Val(${signed_params.algorithm.SignatureAlgorithm}, TYPE_COUNT));
+			ha->Assign(0, val_mgr->GetCount(${signed_params.algorithm.HashAlgorithm}));
+			ha->Assign(1, val_mgr->GetCount(${signed_params.algorithm.SignatureAlgorithm}));
 			}
 			else
 			{
 			// set to impossible value
-			ha->Assign(0, new Val(256, TYPE_COUNT));
-			ha->Assign(1, new Val(256, TYPE_COUNT));
+			ha->Assign(0, val_mgr->GetCount(256));
+			ha->Assign(1, val_mgr->GetCount(256));
 			}
 
 		BifEvent::generate_ssl_server_signature(bro_analyzer(),

src/analyzer/protocol/stepping-stone/SteppingStone.cc

@@ -141,10 +141,10 @@ void SteppingStoneEndpoint::Event(EventHandlerPtr f, int id1, int id2)
 
 	val_list* vl = new val_list;
 
-	vl->append(new Val(id1, TYPE_INT));
+	vl->append(val_mgr->GetInt(id1));
 
 	if ( id2 >= 0 )
-		vl->append(new Val(id2, TYPE_INT));
+		vl->append(val_mgr->GetInt(id2));
 
 	endp->TCP()->ConnectionEvent(f, vl);
 	}
@@ -154,8 +154,8 @@ void SteppingStoneEndpoint::CreateEndpEvent(int is_orig)
 	val_list* vl = new val_list;
 
 	vl->append(endp->TCP()->BuildConnVal());
-	vl->append(new Val(stp_id, TYPE_INT));
-	vl->append(new Val(is_orig, TYPE_BOOL));
+	vl->append(val_mgr->GetInt(stp_id));
+	vl->append(val_mgr->GetBool(is_orig));
 
 	endp->TCP()->ConnectionEvent(stp_create_endp, vl);
 	}

src/analyzer/protocol/tcp/TCP.cc

@@ -103,14 +103,14 @@ static RecordVal* build_syn_packet_val(int is_orig, const IP_Hdr* ip,
 
 	RecordVal* v = new RecordVal(SYN_packet);
 
-	v->Assign(0, new Val(is_orig, TYPE_BOOL));
-	v->Assign(1, new Val(int(ip->DF()), TYPE_BOOL));
-	v->Assign(2, new Val((ip->TTL()), TYPE_COUNT));
-	v->Assign(3, new Val((ip->TotalLen()), TYPE_COUNT));
-	v->Assign(4, new Val(ntohs(tcp->th_win), TYPE_COUNT));
-	v->Assign(5, new Val(winscale, TYPE_INT));
-	v->Assign(6, new Val(MSS, TYPE_COUNT));
-	v->Assign(7, new Val(SACK, TYPE_BOOL));
+	v->Assign(0, val_mgr->GetBool(is_orig));
+	v->Assign(1, val_mgr->GetBool(int(ip->DF())));
+	v->Assign(2, val_mgr->GetCount((ip->TTL())));
+	v->Assign(3, val_mgr->GetCount((ip->TotalLen())));
+	v->Assign(4, val_mgr->GetCount(ntohs(tcp->th_win)));
+	v->Assign(5, val_mgr->GetInt(winscale));
+	v->Assign(6, val_mgr->GetCount(MSS));
+	v->Assign(7, val_mgr->GetBool(SACK));
 
 	return v;
 	}
@@ -270,10 +270,10 @@ static RecordVal* build_os_val(int is_orig, const IP_Hdr* ip,
 		if ( os_from_print.desc )
 			os->Assign(1, new StringVal(os_from_print.desc));
 		else
-			os->Assign(1, new StringVal(""));
+			os->Assign(1, val_mgr->GetEmptyString());
 
-		os->Assign(2, new Val(os_from_print.dist, TYPE_COUNT));
-		os->Assign(3, new EnumVal(os_from_print.match, OS_version_inference));
+		os->Assign(2, val_mgr->GetCount(os_from_print.dist));
+		os->Assign(3, OS_version_inference->GetVal(os_from_print.match));
 
 		return os;
 		}
@@ -968,11 +968,11 @@ void TCP_Analyzer::GeneratePacketEvent(
 	val_list* vl = new val_list();
 
 	vl->append(BuildConnVal());
-	vl->append(new Val(is_orig, TYPE_BOOL));
+	vl->append(val_mgr->GetBool(is_orig));
 	vl->append(new StringVal(flags.AsString()));
-	vl->append(new Val(rel_seq, TYPE_COUNT));
-	vl->append(new Val(flags.ACK() ? rel_ack : 0, TYPE_COUNT));
-	vl->append(new Val(len, TYPE_COUNT));
+	vl->append(val_mgr->GetCount(rel_seq));
+	vl->append(val_mgr->GetCount(flags.ACK() ? rel_ack : 0));
+	vl->append(val_mgr->GetCount(len));
 
 	// We need the min() here because Ethernet padding can lead to
 	// caplen > len.
@@ -1437,10 +1437,10 @@ void TCP_Analyzer::UpdateConnVal(RecordVal *conn_val)
 	RecordVal *orig_endp_val = conn_val->Lookup("orig")->AsRecordVal();
 	RecordVal *resp_endp_val = conn_val->Lookup("resp")->AsRecordVal();
 
-	orig_endp_val->Assign(0, new Val(orig->Size(), TYPE_COUNT));
-	orig_endp_val->Assign(1, new Val(int(orig->state), TYPE_COUNT));
-	resp_endp_val->Assign(0, new Val(resp->Size(), TYPE_COUNT));
-	resp_endp_val->Assign(1, new Val(int(resp->state), TYPE_COUNT));
+	orig_endp_val->Assign(0, val_mgr->GetCount(orig->Size()));
+	orig_endp_val->Assign(1, val_mgr->GetCount(int(orig->state)));
+	resp_endp_val->Assign(0, val_mgr->GetCount(resp->Size()));
+	resp_endp_val->Assign(1, val_mgr->GetCount(int(resp->state)));
 
 	// Call children's UpdateConnVal
 	Analyzer::UpdateConnVal(conn_val);
@@ -1506,9 +1506,9 @@ int TCP_Analyzer::TCPOptionEvent(unsigned int opt,
 		val_list* vl = new val_list();
 
 		vl->append(analyzer->BuildConnVal());
-		vl->append(new Val(is_orig, TYPE_BOOL));
-		vl->append(new Val(opt, TYPE_COUNT));
-		vl->append(new Val(optlen, TYPE_COUNT));
+		vl->append(val_mgr->GetBool(is_orig));
+		vl->append(val_mgr->GetCount(opt));
+		vl->append(val_mgr->GetCount(optlen));
 
 		analyzer->ConnectionEvent(tcp_option, vl);
 		}
@@ -1828,7 +1828,7 @@ void TCP_Analyzer::EndpointEOF(TCP_Reassembler* endp)
 		{
 		val_list* vl = new val_list();
 		vl->append(BuildConnVal());
-		vl->append(new Val(endp->IsOrig(), TYPE_BOOL));
+		vl->append(val_mgr->GetBool(endp->IsOrig()));
 		ConnectionEvent(connection_EOF, vl);
 		}
 
@@ -2110,11 +2110,11 @@ int TCPStats_Endpoint::DataSent(double /* t */, uint64 seq, int len, int caplen,
 			{
 			val_list* vl = new val_list();
 			vl->append(endp->TCP()->BuildConnVal());
-			vl->append(new Val(endp->IsOrig(), TYPE_BOOL));
-			vl->append(new Val(seq, TYPE_COUNT));
-			vl->append(new Val(len, TYPE_COUNT));
-			vl->append(new Val(data_in_flight, TYPE_COUNT));
-			vl->append(new Val(endp->peer->window, TYPE_COUNT));
+			vl->append(val_mgr->GetBool(endp->IsOrig()));
+			vl->append(val_mgr->GetCount(seq));
+			vl->append(val_mgr->GetCount(len));
+			vl->append(val_mgr->GetCount(data_in_flight));
+			vl->append(val_mgr->GetCount(endp->peer->window));
 
 			endp->TCP()->ConnectionEvent(tcp_rexmit, vl);
 			}
@@ -2129,13 +2129,13 @@ RecordVal* TCPStats_Endpoint::BuildStats()
 	{
 	RecordVal* stats = new RecordVal(endpoint_stats);
 
-	stats->Assign(0, new Val(num_pkts,TYPE_COUNT));
-	stats->Assign(1, new Val(num_rxmit,TYPE_COUNT));
-	stats->Assign(2, new Val(num_rxmit_bytes,TYPE_COUNT));
-	stats->Assign(3, new Val(num_in_order,TYPE_COUNT));
-	stats->Assign(4, new Val(num_OO,TYPE_COUNT));
-	stats->Assign(5, new Val(num_repl,TYPE_COUNT));
-	stats->Assign(6, new Val(endian_type,TYPE_COUNT));
+	stats->Assign(0, val_mgr->GetCount(num_pkts));
+	stats->Assign(1, val_mgr->GetCount(num_rxmit));
+	stats->Assign(2, val_mgr->GetCount(num_rxmit_bytes));
+	stats->Assign(3, val_mgr->GetCount(num_in_order));
+	stats->Assign(4, val_mgr->GetCount(num_OO));
+	stats->Assign(5, val_mgr->GetCount(num_repl));
+	stats->Assign(6, val_mgr->GetCount(endian_type));
 
 	return stats;
 	}

src/analyzer/protocol/tcp/TCP_Endpoint.cc

@@ -239,7 +239,7 @@ int TCP_Endpoint::DataSent(double t, uint64 seq, int len, int caplen,
 				{
 				val_list* vl = new val_list();
 				vl->append(Conn()->BuildConnVal());
-				vl->append(new Val(IsOrig(), TYPE_BOOL));
+				vl->append(val_mgr->GetBool(IsOrig()));
 				vl->append(new StringVal(buf));
 				tcp_analyzer->ConnectionEvent(contents_file_write_failure, vl);
 				}

src/analyzer/protocol/tcp/TCP_Reassembler.cc

@@ -38,7 +38,7 @@ TCP_Reassembler::TCP_Reassembler(analyzer::Analyzer* arg_dst_analyzer,
 
 	if ( ::tcp_contents )
 		{
-		auto dst_port_val = port_mgr->Get(ntohs(tcp_analyzer->Conn()->RespPort()),
+		auto dst_port_val = val_mgr->GetPort(ntohs(tcp_analyzer->Conn()->RespPort()),
 					TRANSPORT_TCP);
 		TableVal* ports = IsOrig() ?
 			tcp_content_delivery_ports_orig :
@@ -138,9 +138,9 @@ void TCP_Reassembler::Gap(uint64 seq, uint64 len)
 		{
 		val_list* vl = new val_list;
 		vl->append(dst_analyzer->BuildConnVal());
-		vl->append(new Val(IsOrig(), TYPE_BOOL));
-		vl->append(new Val(seq, TYPE_COUNT));
-		vl->append(new Val(len, TYPE_COUNT));
+		vl->append(val_mgr->GetBool(IsOrig()));
+		vl->append(val_mgr->GetCount(seq));
+		vl->append(val_mgr->GetCount(len));
 		dst_analyzer->ConnectionEvent(content_gap, vl);
 		}
 
@@ -337,7 +337,7 @@ void TCP_Reassembler::RecordBlock(DataBlock* b, BroFile* f)
 		{
 		val_list* vl = new val_list();
 		vl->append(Endpoint()->Conn()->BuildConnVal());
-		vl->append(new Val(IsOrig(), TYPE_BOOL));
+		vl->append(val_mgr->GetBool(IsOrig()));
 		vl->append(new StringVal("TCP reassembler content write failure"));
 		tcp_analyzer->ConnectionEvent(contents_file_write_failure, vl);
 		}
@@ -354,7 +354,7 @@ void TCP_Reassembler::RecordGap(uint64 start_seq, uint64 upper_seq, BroFile* f)
 		{
 		val_list* vl = new val_list();
 		vl->append(Endpoint()->Conn()->BuildConnVal());
-		vl->append(new Val(IsOrig(), TYPE_BOOL));
+		vl->append(val_mgr->GetBool(IsOrig()));
 		vl->append(new StringVal("TCP reassembler gap write failure"));
 		tcp_analyzer->ConnectionEvent(contents_file_write_failure, vl);
 		}
@@ -598,8 +598,8 @@ void TCP_Reassembler::DeliverBlock(uint64 seq, int len, const u_char* data)
 		{
 		val_list* vl = new val_list();
 		vl->append(tcp_analyzer->BuildConnVal());
-		vl->append(new Val(IsOrig(), TYPE_BOOL));
-		vl->append(new Val(seq, TYPE_COUNT));
+		vl->append(val_mgr->GetBool(IsOrig()));
+		vl->append(val_mgr->GetCount(seq));
 		vl->append(new StringVal(len, (const char*) data));
 
 		tcp_analyzer->ConnectionEvent(tcp_contents, vl);

src/analyzer/protocol/tcp/functions.bif

@@ -17,19 +17,18 @@ function get_orig_seq%(cid: conn_id%): count
 	%{
 	Connection* c = sessions->FindConnection(cid);
 	if ( ! c )
-		return new Val(0, TYPE_COUNT);
+		return val_mgr->GetCount(0);
 
 	if ( c->ConnTransport() != TRANSPORT_TCP )
-		return new Val(0, TYPE_COUNT);
+		return val_mgr->GetCount(0);
 
 	analyzer::Analyzer* tc = c->FindAnalyzer("TCP");
 	if ( tc )
-		return new Val(static_cast<analyzer::tcp::TCP_Analyzer*>(tc)->OrigSeq(),
-				TYPE_COUNT);
+		return val_mgr->GetCount(static_cast<analyzer::tcp::TCP_Analyzer*>(tc)->OrigSeq());
 	else
 		{
 		reporter->Error("connection does not have TCP analyzer");
-		return new Val(0, TYPE_COUNT);
+		return val_mgr->GetCount(0);
 		}
 	%}
 
@@ -47,19 +46,18 @@ function get_resp_seq%(cid: conn_id%): count
 	%{
 	Connection* c = sessions->FindConnection(cid);
 	if ( ! c )
-		return new Val(0, TYPE_COUNT);
+		return val_mgr->GetCount(0);
 
 	if ( c->ConnTransport() != TRANSPORT_TCP )
-		return new Val(0, TYPE_COUNT);
+		return val_mgr->GetCount(0);
 
 	analyzer::Analyzer* tc = c->FindAnalyzer("TCP");
 	if ( tc )
-		return new Val(static_cast<analyzer::tcp::TCP_Analyzer*>(tc)->RespSeq(),
-				TYPE_COUNT);
+		return val_mgr->GetCount(static_cast<analyzer::tcp::TCP_Analyzer*>(tc)->RespSeq());
 	else
 		{
 		reporter->Error("connection does not have TCP analyzer");
-		return new Val(0, TYPE_COUNT);
+		return val_mgr->GetCount(0);
 		}
 	%}
 
@@ -98,10 +96,10 @@ function set_contents_file%(cid: conn_id, direction: count, f: file%): bool
 	%{
 	Connection* c = sessions->FindConnection(cid);
 	if ( ! c )
-		return new Val(0, TYPE_BOOL);
+		return val_mgr->GetBool(0);
 
 	c->GetRootAnalyzer()->SetContentsFile(direction, f);
-	return new Val(1, TYPE_BOOL);
+	return val_mgr->GetBool(1);
 	%}
 
 ## Returns the file handle of the contents file of a connection.

src/analyzer/protocol/teredo/Teredo.cc

@@ -120,8 +120,8 @@ RecordVal* TeredoEncapsulation::BuildVal(const IP_Hdr* inner) const
 		    new BroString(auth + 4, id_len, 1)));
 		teredo_auth->Assign(1, new StringVal(
 		    new BroString(auth + 4 + id_len, au_len, 1)));
-		teredo_auth->Assign(2, new Val(nonce, TYPE_COUNT));
-		teredo_auth->Assign(3, new Val(conf, TYPE_COUNT));
+		teredo_auth->Assign(2, val_mgr->GetCount(nonce));
+		teredo_auth->Assign(3, val_mgr->GetCount(conf));
 		teredo_hdr->Assign(0, teredo_auth);
 		}
 
@@ -130,7 +130,7 @@ RecordVal* TeredoEncapsulation::BuildVal(const IP_Hdr* inner) const
 		RecordVal* teredo_origin = new RecordVal(teredo_origin_type);
 		uint16 port = ntohs(*((uint16*)(origin_indication + 2))) ^ 0xFFFF;
 		uint32 addr = ntohl(*((uint32*)(origin_indication + 4))) ^ 0xFFFFFFFF;
-		teredo_origin->Assign(0, port_mgr->Get(port, TRANSPORT_UDP));
+		teredo_origin->Assign(0, val_mgr->GetPort(port, TRANSPORT_UDP));
 		teredo_origin->Assign(1, new AddrVal(htonl(addr)));
 		teredo_hdr->Assign(1, teredo_origin);
 		}

src/analyzer/protocol/udp/UDP.cc

@@ -110,7 +110,7 @@ void UDP_Analyzer::DeliverPacket(int len, const u_char* data, bool is_orig,
 
 	if ( udp_contents )
 		{
-		auto port_val = port_mgr->Get(ntohs(up->uh_dport), TRANSPORT_UDP);
+		auto port_val = val_mgr->GetPort(ntohs(up->uh_dport), TRANSPORT_UDP);
 		Val* result = 0;
 		bool do_udp_contents = false;
 
@@ -135,7 +135,7 @@ void UDP_Analyzer::DeliverPacket(int len, const u_char* data, bool is_orig,
 			{
 			val_list* vl = new val_list;
 			vl->append(BuildConnVal());
-			vl->append(new Val(is_orig, TYPE_BOOL));
+			vl->append(val_mgr->GetBool(is_orig));
 			vl->append(new StringVal(len, (const char*) data));
 			ConnectionEvent(udp_contents, vl);
 			}
@@ -200,14 +200,14 @@ void UDP_Analyzer::UpdateEndpointVal(RecordVal* endp, int is_orig)
 	bro_int_t size = is_orig ? request_len : reply_len;
 	if ( size < 0 )
 		{
-		endp->Assign(0, new Val(0, TYPE_COUNT));
-		endp->Assign(1, new Val(int(UDP_INACTIVE), TYPE_COUNT));
+		endp->Assign(0, val_mgr->GetCount(0));
+		endp->Assign(1, val_mgr->GetCount(int(UDP_INACTIVE)));
 		}
 
 	else
 		{
-		endp->Assign(0, new Val(size, TYPE_COUNT));
-		endp->Assign(1, new Val(int(UDP_ACTIVE), TYPE_COUNT));
+		endp->Assign(0, val_mgr->GetCount(size));
+		endp->Assign(1, val_mgr->GetCount(int(UDP_ACTIVE)));
 		}
 	}
 

src/broker/Data.cc

@@ -59,23 +59,23 @@ struct val_converter {
 	result_type operator()(bool a)
 		{
 		if ( type->Tag() == TYPE_BOOL )
-			return new Val(a, TYPE_BOOL);
+			return val_mgr->GetBool(a);
 		return nullptr;
 		}
 
 	result_type operator()(uint64_t a)
 		{
 		if ( type->Tag() == TYPE_COUNT )
-			return new Val(a, TYPE_COUNT);
+			return val_mgr->GetCount(a);
 		if ( type->Tag() == TYPE_COUNTER )
-			return new Val(a, TYPE_COUNTER);
+			return val_mgr->GetCount(a);
 		return nullptr;
 		}
 
 	result_type operator()(int64_t a)
 		{
 		if ( type->Tag() == TYPE_INT )
-			return new Val(a, TYPE_INT);
+			return val_mgr->GetInt(a);
 		return nullptr;
 		}
 
@@ -164,7 +164,7 @@ struct val_converter {
 	result_type operator()(broker::port& a)
 		{
 		if ( type->Tag() == TYPE_PORT )
-			return port_mgr->Get(a.number(), bro_broker::to_bro_port_proto(a.type()));
+			return val_mgr->GetPort(a.number(), bro_broker::to_bro_port_proto(a.type()));
 
 		return nullptr;
 		}
@@ -199,7 +199,7 @@ struct val_converter {
 			if ( i == -1 )
 				return nullptr;
 
-			return new EnumVal(i, etype);
+			return etype->GetVal(i);
 			}
 
 		return nullptr;
@@ -1027,86 +1027,72 @@ struct data_type_getter {
 
 	result_type operator()(broker::none)
 		{
-		return new EnumVal(BifEnum::Broker::NONE,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::NONE);
 		}
 
 	result_type operator()(bool)
 		{
-		return new EnumVal(BifEnum::Broker::BOOL,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::BOOL);
 		}
 
 	result_type operator()(uint64_t)
 		{
-		return new EnumVal(BifEnum::Broker::COUNT,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::COUNT);
 		}
 
 	result_type operator()(int64_t)
 		{
-		return new EnumVal(BifEnum::Broker::INT,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::INT);
 		}
 
 	result_type operator()(double)
 		{
-		return new EnumVal(BifEnum::Broker::DOUBLE,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::DOUBLE);
 		}
 
 	result_type operator()(const std::string&)
 		{
-		return new EnumVal(BifEnum::Broker::STRING,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::STRING);
 		}
 
 	result_type operator()(const broker::address&)
 		{
-		return new EnumVal(BifEnum::Broker::ADDR,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::ADDR);
 		}
 
 	result_type operator()(const broker::subnet&)
 		{
-		return new EnumVal(BifEnum::Broker::SUBNET,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::SUBNET);
 		}
 
 	result_type operator()(const broker::port&)
 		{
-		return new EnumVal(BifEnum::Broker::PORT,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::PORT);
 		}
 
 	result_type operator()(const broker::timestamp&)
 		{
-		return new EnumVal(BifEnum::Broker::TIME,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::TIME);
 		}
 
 	result_type operator()(const broker::timespan&)
 		{
-		return new EnumVal(BifEnum::Broker::INTERVAL,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::INTERVAL);
 		}
 
 	result_type operator()(const broker::enum_value&)
 		{
-		return new EnumVal(BifEnum::Broker::ENUM,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::ENUM);
 		}
 
 	result_type operator()(const broker::set&)
 		{
-		return new EnumVal(BifEnum::Broker::SET,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::SET);
 		}
 
 	result_type operator()(const broker::table&)
 		{
-		return new EnumVal(BifEnum::Broker::TABLE,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::TABLE);
 		}
 
 	result_type operator()(const broker::vector&)
@@ -1114,8 +1100,7 @@ struct data_type_getter {
 		// Note that Broker uses vectors to store record data, so there's
 		// no actual way to tell if this data was originally associated
 		// with a Bro record.
-		return new EnumVal(BifEnum::Broker::VECTOR,
-		                   BifType::Enum::Broker::DataType);
+		return BifType::Enum::Broker::DataType->GetVal(BifEnum::Broker::VECTOR);
 		}
 };