From c334293099a8a19f4ff89071ac209211961a6e17 Mon Sep 17 00:00:00 2001
From: Aurelien Aptel <aaptel@suse.com>
Date: Tue, 25 Feb 2020 16:38:29 +0100
Subject: [PATCH] smb2: move file related metadata into session object

Move the files hashtables from the conversation to the session object
so that it can be shared across TCP connections.

In a multichannel capture, this lets file opened on one channel be
accessible in another channel.

Change-Id: Ic8909b590e7f6614d8d92422c0c1641d521240e3
Reviewed-on: https://code.wireshark.org/review/36184
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
---
 epan/dissectors/packet-smb2.c | 26 +++++++++++++-------------
 epan/dissectors/packet-smb2.h |  8 +++++---
 2 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/epan/dissectors/packet-smb2.c b/epan/dissectors/packet-smb2.c
index 97967fe487..85b3ebad1a 100644
--- a/epan/dissectors/packet-smb2.c
+++ b/epan/dissectors/packet-smb2.c
@@ -1007,6 +1007,8 @@ static const value_string smb2_dialect_vals[] = {
 
 static int dissect_windows_sockaddr_storage(tvbuff_t *, packet_info *, proto_tree *, int, int);
 static void dissect_smb2_error_data(tvbuff_t *, packet_info *, proto_tree *, int, int, smb2_info_t *);
+static guint smb2_eo_files_hash(gconstpointer k);
+static gint smb2_eo_files_equal(gconstpointer k1, gconstpointer k2);
 
 static void update_preauth_hash(void *buf, tvbuff_t *tvb)
 {
@@ -1363,8 +1365,6 @@ smb2_conv_destroy(wmem_allocator_t *allocator _U_, wmem_cb_event_t event _U_,
 
 	g_hash_table_destroy(conv->matched);
 	g_hash_table_destroy(conv->unmatched);
-	g_hash_table_destroy(conv->fids);
-	g_hash_table_destroy(conv->files);
 
 	/* This conversation is gone, return FALSE to indicate we don't
 	 * want to be called again for this conversation. */
@@ -1382,6 +1382,9 @@ smb2_get_session(smb2_conv_info_t *conv _U_, guint64 id, packet_info *pinfo, smb
 		ses->sesid = id;
 		ses->auth_frame = (guint32)-1;
 		ses->tids = wmem_map_new(wmem_file_scope(), smb2_tid_info_hash, smb2_tid_info_equal);
+		ses->fids = g_hash_table_new(smb2_fid_info_hash, smb2_fid_info_equal);
+		ses->files = g_hash_table_new(smb2_eo_files_hash, smb2_eo_files_equal);
+
 		seskey_find_sid_key(id, ses->session_key, ses->client_decryption_key, ses->server_decryption_key);
 		if (pinfo && si) {
 			if (si->flags & SMB2_FLAGS_RESPONSE) {
@@ -2289,7 +2292,7 @@ dissect_smb2_fid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset
 			dcerpc_store_polhnd_name(&policy_hnd, pinfo,
 						  fid_name);
 
-			g_hash_table_insert(si->conv->fids, sfi, sfi);
+			g_hash_table_insert(si->session->fids, sfi, sfi);
 			si->file = sfi;
 
 			/* If needed, create the file entry and save the policy hnd */
@@ -2299,13 +2302,13 @@ dissect_smb2_fid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset
 			}
 
 			if (si->conv) {
-				eo_file_info = (smb2_eo_file_info_t *)g_hash_table_lookup(si->conv->files,&policy_hnd);
+				eo_file_info = (smb2_eo_file_info_t *)g_hash_table_lookup(si->session->files,&policy_hnd);
 				if (!eo_file_info) {
 					eo_file_info = wmem_new(wmem_file_scope(), smb2_eo_file_info_t);
 					policy_hnd_hashtablekey = wmem_new(wmem_file_scope(), e_ctx_hnd);
 					memcpy(policy_hnd_hashtablekey, &policy_hnd, sizeof(e_ctx_hnd));
 					eo_file_info->end_of_file=0;
-					g_hash_table_insert(si->conv->files,policy_hnd_hashtablekey,eo_file_info);
+					g_hash_table_insert(si->session->files,policy_hnd_hashtablekey,eo_file_info);
 				}
 				si->eo_file_info=eo_file_info;
 			}
@@ -2321,7 +2324,7 @@ dissect_smb2_fid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset
 		break;
 	}
 
-	si->file = (smb2_fid_info_t *)g_hash_table_lookup(si->conv->fids, &sfi_key);
+	si->file = (smb2_fid_info_t *)g_hash_table_lookup(si->session->fids, &sfi_key);
 	if (si->file) {
 		if (si->saved) {
 			si->saved->file = si->file;
@@ -2339,7 +2342,7 @@ dissect_smb2_fid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset
 		if (!si->eo_file_info) {
 			if (si->saved) { si->saved->policy_hnd = policy_hnd; }
 			if (si->conv) {
-				eo_file_info = (smb2_eo_file_info_t *)g_hash_table_lookup(si->conv->files,&policy_hnd);
+				eo_file_info = (smb2_eo_file_info_t *)g_hash_table_lookup(si->session->files,&policy_hnd);
 				if (eo_file_info) {
 					si->eo_file_info=eo_file_info;
 				} else { /* XXX This should never happen */
@@ -2347,7 +2350,7 @@ dissect_smb2_fid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset
 					policy_hnd_hashtablekey = wmem_new(wmem_file_scope(), e_ctx_hnd);
 					memcpy(policy_hnd_hashtablekey, &policy_hnd, sizeof(e_ctx_hnd));
 					eo_file_info->end_of_file=0;
-					g_hash_table_insert(si->conv->files,policy_hnd_hashtablekey,eo_file_info);
+					g_hash_table_insert(si->session->files,policy_hnd_hashtablekey,eo_file_info);
 				}
 			}
 
@@ -10168,9 +10171,6 @@ dissect_smb2(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, gboolea
 			smb2_saved_info_equal_matched);
 		si->conv->unmatched = g_hash_table_new(smb2_saved_info_hash_unmatched,
 			smb2_saved_info_equal_unmatched);
-		si->conv->fids = g_hash_table_new(smb2_fid_info_hash,
-			smb2_fid_info_equal);
-		si->conv->files = g_hash_table_new(smb2_eo_files_hash,smb2_eo_files_equal);
 		si->conv->preauth_hash_current = si->conv->preauth_hash_con;
 
 		/* Bit of a hack to avoid leaking the hash tables - register a
@@ -10352,14 +10352,14 @@ dissect_smb2(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, gboolea
 				/* If needed, create the file entry and save the policy hnd */
 				if (!si->eo_file_info) {
 					if (si->conv) {
-						eo_file_info = (smb2_eo_file_info_t *)g_hash_table_lookup(si->conv->files,&ssi->policy_hnd);
+						eo_file_info = (smb2_eo_file_info_t *)g_hash_table_lookup(si->session->files,&ssi->policy_hnd);
 						if (!eo_file_info) { /* XXX This should never happen */
 							/* assert(1==0); */
 							eo_file_info = wmem_new(wmem_file_scope(), smb2_eo_file_info_t);
 							policy_hnd_hashtablekey = wmem_new(wmem_file_scope(), e_ctx_hnd);
 							memcpy(policy_hnd_hashtablekey, &ssi->policy_hnd, sizeof(e_ctx_hnd));
 							eo_file_info->end_of_file=0;
-							g_hash_table_insert(si->conv->files,policy_hnd_hashtablekey,eo_file_info);
+							g_hash_table_insert(si->session->files,policy_hnd_hashtablekey,eo_file_info);
 						}
 						si->eo_file_info=eo_file_info;
 					}
diff --git a/epan/dissectors/packet-smb2.h b/epan/dissectors/packet-smb2.h
index bbfa2d1164..60e794f403 100644
--- a/epan/dissectors/packet-smb2.h
+++ b/epan/dissectors/packet-smb2.h
@@ -88,7 +88,12 @@ typedef struct _smb2_sesid_info_t {
 	guint8 session_key[NTLMSSP_KEY_LEN];
 	guint8 client_decryption_key[AES_KEY_SIZE];
 	guint8 server_decryption_key[AES_KEY_SIZE];
+
 	wmem_map_t *tids;
+	GHashTable *fids;
+	/* table to store some infos for smb export object */
+	GHashTable *files;
+
 	guint8 preauth_hash[SMB2_PREAUTH_HASH_SIZE];
 } smb2_sesid_info_t;
 
@@ -99,9 +104,6 @@ typedef struct _smb2_conv_info_t {
 	/* these two tables are used to match requests with responses */
 	GHashTable *unmatched;
 	GHashTable *matched;
-	GHashTable *fids;
-	/* table to store some infos for smb export object */
-	GHashTable *files;
 	guint16 dialect;
 	guint16 enc_alg;