2002-08-19 21:33:29 +00:00
/* packet-tds.c
* Routines for TDS NetLib dissection
* Copyright 2000 - 2002 , Brian Bruns < camber @ ais . org >
2002-09-28 16:04:03 +00:00
* Copyright 2002 , Steve Langasek < vorlon @ netexpress . net >
2002-08-19 21:33:29 +00:00
*
2006-05-21 04:49:01 +00:00
* Wireshark - Network traffic analyzer
* By Gerald Combs < gerald @ wireshark . org >
2002-08-19 21:33:29 +00:00
* Copyright 1998 Gerald Combs
*
* This program is free software ; you can redistribute it and / or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation ; either version 2
* of the License , or ( at your option ) any later version .
2002-08-28 21:04:11 +00:00
*
2002-08-19 21:33:29 +00:00
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
2002-08-28 21:04:11 +00:00
*
2002-08-19 21:33:29 +00:00
* You should have received a copy of the GNU General Public License
* along with this program ; if not , write to the Free Software
2012-06-28 23:18:38 +00:00
* Foundation , Inc . , 51 Franklin Street , Fifth Floor , Boston , MA 02110 - 1301 USA .
2002-08-19 21:33:29 +00:00
*/
/*
* The NETLIB protocol is a small blocking protocol designed to allow TDS
2002-11-23 07:29:10 +00:00
* to be placed within different transports ( TCP , DECNet , IPX / SPX ) . A
* NETLIB packet starts with an eight byte header containing :
2002-08-19 21:33:29 +00:00
*
2010-05-10 15:54:57 +00:00
* a one - byte packet type field ;
2002-11-23 07:29:10 +00:00
*
2010-05-10 15:54:57 +00:00
* a one - byte status field ;
2002-11-23 07:29:10 +00:00
*
2010-05-10 15:54:57 +00:00
* a two - byte big - endian size field giving the size of the packet ,
* including the header ;
2002-11-23 07:29:10 +00:00
*
2010-05-10 15:54:57 +00:00
* a two - byte big - endian channel number , used when multiple sessions
* are being multiplexed on a single connection ;
2002-11-26 21:45:28 +00:00
*
2010-05-10 15:54:57 +00:00
* a one - byte packet number , giving " the frame number of a multiplexed
* message , modulo 256 " ;
2002-11-26 21:45:28 +00:00
*
2010-05-10 15:54:57 +00:00
* a one - byte window , which is the number of frames to be sent
* before an acknowledgment message is received .
2002-11-23 07:29:10 +00:00
*
* followed by payload whose size is the value in the size field minus
* 8.
*
* Microsoft Network Monitor 2. x dissects the 4 byte field ( and indicates
* that the one - byte last packet indicator also contains other bits ) .
*
* The TDS protocol consists of a number of protocol data units ( PDUs ) that
* appear to be assembled from NETLIB packets , in the form of zero or more
* NETLIB packets with the last packet indicator clear and a final NETLIB
* packet with the last packet indicator set . The type of the TDS PDU is
* specified by the packet type field of the NETLIB header ( presumably that
* field has the same value for all NETLIB packets that make up a TDS PDU ) .
*
* The " server response " PDU consists of a sequence of multiple items , each
* one beginning with a one byte type field at the start of the PDU . Some
* items are fixed length , some are variable length with a two byte size
* field following the item type , and then there is TDS_ROW_TOKEN in which
* size is determined by analyzing the result set returned from the server .
* This in effect means that we are hopelessly lost if we haven ' t seen the
* result set . Also , TDS 4 / 5 is byte order negotiable , which is specified
* in the login packet . We can attempt to determine it later on , but not
* with 100 % accuracy .
2002-08-19 21:33:29 +00:00
*
* Some preliminary documentation on the packet format can be found at
* http : //www.freetds.org/tds.html
*
2002-11-26 21:45:28 +00:00
* Some more information can be found in
2011-08-04 00:04:53 +00:00
* http : //www.sybase.com/content/1013412/tds34.pdf
* http : //www.sybase.com/content/1040983/Sybase-tds38-102306.pdf
* Microsoft ' s [ MS - TDS ] protocol specification
*
* This document is no longer available here :
2002-11-26 21:45:28 +00:00
* http : //download.nai.com/products/media/sniffer/support/sdos/sybase.pdf
*
2002-08-19 21:33:29 +00:00
* Much of this code was originally developed for the FreeTDS project .
* http : //www.freetds.org
*/
/*
2006-05-21 04:49:01 +00:00
* Excerpts from Brian ' s posting to wireshark - dev :
2002-08-19 21:33:29 +00:00
*
* The TDS Protocol is actually a protocol within a protocol . On the outside
* there is netlib which is not so much a encapsulation as a blocking of the
* data , typically to 512 or 4096 bytes . Between this are the protocol data
* units for TDS . Netlib packets may be split over real packets , multiple
* netlib packets may appear in single real packets . TDS PDUs may be split
* over netlib packets ( and real packets ) and most certainly can appear
* multiple times within a netlib packet .
2002-08-28 21:04:11 +00:00
*
2002-08-19 21:33:29 +00:00
* Because of this , I abandoned my earlier attempt at making two dissectors ,
* one for netlib and one for TDS . Counterintuitively , a single dissector
* turned out to be simpler than splitting it up .
2002-08-28 21:04:11 +00:00
*
2002-08-19 21:33:29 +00:00
* Here are some of the ( hefty ) limitations of the current code
2002-08-28 21:04:11 +00:00
*
2002-08-19 21:33:29 +00:00
* . We currently do not handle netlib headers that cross packet boundaries .
* This should be an easy fix .
* . I probably could have used the packet reassembly stuff , but I started
* this at version 0.8 .20 , so c ' est la vie . It wouldn ' t have covered the
* netlib stuff anyway , so no big loss .
* . The older two layer version of the code dissected the PDU ' s , but the new
* version does not yet , it only labels the names . I need an elegant way to
* deal with dissecting data crossing ( netlib and tcp ) packet boundries . I
* think I have one , but ran out of time to do it .
* . It will only work on little endian platforms . Or rather I should say ,
* the client that was captured must be little endian . TDS 7.0 / 8.0 is
* always LE ; for TDS 4.2 / 5.0 look in the code for tvb_get_le * ( ) functions ,
* there are fields in the login packet which determine byte order .
* . result sets that span netlib packets are not working
* . TDS 7 and 4.2 result sets are not working yet
2002-08-28 21:04:11 +00:00
*
2002-08-19 21:33:29 +00:00
* All that said , the code does deal gracefully with different boudary
* conditions and what remains are the easier bits , IMHO .
2002-08-28 21:04:11 +00:00
*
2002-11-23 07:29:10 +00:00
* XXX - " real packets " means " TCP segments " , for TCP .
*
* XXX - is it * REALLY * true that you can have more than one TDS PDU ( as
* opposed to more than one server response item ) per NETLIB packet ? Or is
* all the data in a NETLIB packet put into a single TDS PDU ? If so , then
* we can reassemble NETLIB packets using the standard TCP desegmentation
2003-08-28 04:19:29 +00:00
* code , and can reassemble TDS PDUs using " fragment_add_seq_check() " ,
2002-11-23 07:29:10 +00:00
* and more cleanly separate the NETLIB and TDS dissectors ( although the
* " is this NETLIB " heuristic would have to look at TDS information past
* the NETLIB header , in order to make the heuristic strong enough not
* to get too many false positives ; note that the heuristic should reject
* any putative NETLIB packet with a length field with a value < 8 ) .
*
* That would substantially clean the dissector up , eliminating most of
* the per - packet data ( we might still need information to handle
* TDS_ROW_TOKEN ) , getting rid of the stuff to handle data split across
* TCP segment boundaries in favor of simple reassembly code , and
* fixing some otherwise nasty - looking crashing bugs .
2003-08-23 05:59:54 +00:00
*
* NOTE : we assume that all the data in a NETLIB packet * can * be put into
* a single TDS PTU , so that we have separate reassembly of NETLIB
* packets and TDS PDUs ; it seems to work , and it really did clean stuff
* up and fix crashes .
2002-08-19 21:33:29 +00:00
*/
2012-09-20 02:03:38 +00:00
# include "config.h"
2002-08-19 21:33:29 +00:00
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
# include <epan/packet.h>
2013-11-10 15:59:37 +00:00
# include <epan/exceptions.h>
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
# include <epan/conversation.h>
Move show_exception() and show_reported_bounds_error() to
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
2013-02-27 22:43:54 +00:00
# include <epan/show_exception.h>
2005-02-09 23:38:00 +00:00
# include <epan/reassemble.h>
2004-09-27 22:55:15 +00:00
# include <epan/prefs.h>
2010-11-22 18:48:54 +00:00
# include <epan/expert.h>
2002-09-28 16:04:03 +00:00
2002-11-26 21:45:28 +00:00
# define TDS_QUERY_PKT 1
# define TDS_LOGIN_PKT 2
# define TDS_RPC_PKT 3
# define TDS_RESP_PKT 4
# define TDS_RAW_PKT 5
2010-11-22 18:48:54 +00:00
# define TDS_ATTENTION_PKT 6
2002-11-26 21:45:28 +00:00
# define TDS_BULK_DATA_PKT 7
# define TDS_OPEN_CHN_PKT 8
# define TDS_CLOSE_CHN_PKT 9
# define TDS_RES_ERROR_PKT 10
# define TDS_LOG_CHN_ACK_PKT 11
# define TDS_ECHO_PKT 12
# define TDS_LOGOUT_CHN_PKT 13
2010-11-22 18:48:54 +00:00
# define TDS_TRANS_MGR_PKT 14
2010-05-10 15:54:57 +00:00
# define TDS_QUERY5_PKT 15 /* or "Normal tokenized request or response */
# define TDS_LOGIN7_PKT 16 /* or "Urgent tokenized request or response */
2010-11-22 18:48:54 +00:00
# define TDS_SSPI_PKT 17
# define TDS_PRELOGIN_PKT 18
# define TDS_INVALID_PKT 19
2002-08-19 21:33:29 +00:00
2010-11-22 18:48:54 +00:00
# define is_valid_tds_type(x) ((x) >= TDS_QUERY_PKT && (x) < TDS_INVALID_PKT)
2002-08-19 21:33:29 +00:00
/* The following constants are imported more or less directly from FreeTDS */
2006-05-07 18:39:47 +00:00
/* Updated from FreeTDS v0.63 tds.h */
/* "$Id: tds.h,v 1.192 2004/10/28 12:42:12 freddy77]" */
/* Note: [###] below means 'not defined in FreeTDS tds.h' */
# define TDS5_PARAMFMT2_TOKEN 32 /* 0x20 TDS 5.0 only */
# define TDS_LANG_TOKEN 33 /* 0x21 TDS 5.0 only */
# define TDS5_ORDERBY2_TOKEN 34 /* 0x22 TDS 5.0 only */
# define TDS5_CURDECLARE2_TOKEN 35 /* 0x23 TDS 5.0 only [###] */
# define TDS5_ROWFMT2_TOKEN 97 /* 0x61 TDS 5.0 only */
# define TDS5_MSG_TOKEN 101 /* 0x65 TDS 5.0 only [###] */
# define TDS_LOGOUT_TOKEN 113 /* 0x71 TDS 5.0 only? ct_close() */
# define TDS_RET_STAT_TOKEN 121 /* 0x79 */
# define TDS_PROCID_TOKEN 124 /* 0x7C TDS 4.2 only - TDS_PROCID */
# define TDS_CURCLOSE_TOKEN 128 /* 0x80 TDS 5.0 only */
# define TDS7_RESULT_TOKEN 129 /* 0x81 TDS 7.0 only */
# define TDS_CURFETCH_TOKEN 130 /* 0x82 TDS 5.0 only */
# define TDS_CURINFO_TOKEN 131 /* 0x83 TDS 5.0 only */
# define TDS_CUROPEN_TOKEN 132 /* 0x84 TDS 5.0 only */
# define TDS_CURDECLARE_TOKEN 134 /* 0x86 TDS 5.0 only */
# define TDS7_COMPUTE_RESULT_TOKEN 136 /* 0x88 TDS 7.0 only */
# define TDS_COL_NAME_TOKEN 160 /* 0xA0 TDS 4.2 only */
# define TDS_COL_INFO_TOKEN 161 /* 0xA1 TDS 4.2 only - TDS_COLFMT */
# define TDS5_DYNAMIC2_TOKEN 163 /* 0xA3 TDS 5.0 only */
#if 0 /* XX: Why commented out ? These are 'live' in FreeTDS tds.h */
2010-05-10 15:54:57 +00:00
# define TDS_TABNAME 164 /* 0xA4 */
# define TDS_COL_INFO 165 /* 0xA5 */
2006-05-07 18:39:47 +00:00
# endif
# define TDS_OPTIONCMD_TOKEN 166 /* 0xA6 */
# define TDS_COMPUTE_NAMES_TOKEN 167 /* 0xA7 */
# define TDS_COMPUTE_RESULT_TOKEN 168 /* 0xA8 */
# define TDS_ORDER_BY_TOKEN 169 /* 0xA9 TDS_ORDER */
# define TDS_ERR_TOKEN 170 /* 0xAA */
# define TDS_MSG_TOKEN 171 /* 0xAB */
# define TDS_PARAM_TOKEN 172 /* 0xAC RETURNVALUE? */
# define TDS_LOGIN_ACK_TOKEN 173 /* 0xAD */
# define TDS_CONTROL_TOKEN 174 /* 0xAE TDS_CONTROL */
# define TDS_KEY_TOKEN 202 /* 0xCA [###] */
# define TDS_ROW_TOKEN 209 /* 0xD1 */
# define TDS_CMP_ROW_TOKEN 211 /* 0xD3 */
# define TDS5_PARAMS_TOKEN 215 /* 0xD7 TDS 5.0 only */
# define TDS_CAP_TOKEN 226 /* 0xE2 */
# define TDS_ENV_CHG_TOKEN 227 /* 0xE3 */
# define TDS_EED_TOKEN 229 /* 0xE5 */
# define TDS_DBRPC_TOKEN 230 /* 0xE6 */
# define TDS5_DYNAMIC_TOKEN 231 /* 0xE7 TDS 5.0 only */
# define TDS5_PARAMFMT_TOKEN 236 /* 0xEC TDS 5.0 only */
# define TDS_AUTH_TOKEN 237 /* 0xED */
# define TDS_RESULT_TOKEN 238 /* 0xEE */
# define TDS_DONE_TOKEN 253 /* 0xFD TDS_DONE */
# define TDS_DONEPROC_TOKEN 254 /* 0xFE TDS_DONEPROC */
# define TDS_DONEINPROC_TOKEN 255 /* 0xFF TDS_DONEINPROC */
2002-08-19 21:33:29 +00:00
2004-11-21 22:03:33 +00:00
/* Microsoft internal stored procedure id's */
# define TDS_SP_CURSOR 1
# define TDS_SP_CURSOROPEN 2
# define TDS_SP_CURSORPREPARE 3
# define TDS_SP_CURSOREXECUTE 4
# define TDS_SP_CURSORPREPEXEC 5
# define TDS_SP_CURSORUNPREPARE 6
# define TDS_SP_CURSORFETCH 7
# define TDS_SP_CURSOROPTION 8
# define TDS_SP_CURSORCLOSE 9
# define TDS_SP_EXECUTESQL 10
# define TDS_SP_PREPARE 11
# define TDS_SP_EXECUTE 12
# define TDS_SP_PREPEXEC 13
# define TDS_SP_PREPEXECRPC 14
# define TDS_SP_UNPREPARE 15
2010-11-22 18:48:54 +00:00
# define TDS_RPC_OPT_WITH_RECOMP 0x01
# define TDS_RPC_OPT_NO_METADATA 0x02
# define TDS_RPC_OPT_REUSE_METADATA 0x04
# define TDS_RPC_PARAMETER_STATUS_BY_REF 0x01
# define TDS_RPC_PARAMETER_STATUS_DEFAULT 0x02
2004-11-21 22:03:33 +00:00
/* Sybase Data Types */
2006-01-09 17:44:02 +00:00
# define SYBCHAR 47 /* 0x2F */
# define SYBVARCHAR 39 /* 0x27 */
# define SYBINTN 38 /* 0x26 */
# define SYBINT1 48 /* 0x30 */
# define SYBINT2 52 /* 0x34 */
# define SYBINT4 56 /* 0x38 */
# define SYBINT8 127 /* 0x7F */
# define SYBFLT8 62 /* 0x3E */
# define SYBDATETIME 61 /* 0x3D */
# define SYBBIT 50 /* 0x32 */
# define SYBTEXT 35 /* 0x23 */
# define SYBNTEXT 99 /* 0x63 */
# define SYBIMAGE 34 /* 0x22 */
# define SYBMONEY4 122 /* 0x7A */
# define SYBMONEY 60 /* 0x3C */
# define SYBDATETIME4 58 /* 0x3A */
# define SYBREAL 59 /* 0x3B */
# define SYBBINARY 45 /* 0x2D */
# define SYBVOID 31 /* 0x1F */
# define SYBVARBINARY 37 /* 0x25 */
# define SYBNVARCHAR 103 /* 0x67 */
# define SYBBITN 104 /* 0x68 */
# define SYBNUMERIC 108 /* 0x6C */
# define SYBDECIMAL 106 /* 0x6A */
# define SYBFLTN 109 /* 0x6D */
# define SYBMONEYN 110 /* 0x6E */
# define SYBDATETIMN 111 /* 0x6F */
2006-05-07 18:39:47 +00:00
# define XSYBCHAR 175 /* 0xA7 */
# define XSYBVARCHAR 167 /* 0xAF */
2006-01-09 17:44:02 +00:00
# define XSYBNVARCHAR 231 /* 0xE7 */
# define XSYBNCHAR 239 /* 0xEF */
# define XSYBVARBINARY 165 /* 0xA5 */
# define XSYBBINARY 173 /* 0xAD */
# define SYBLONGBINARY 225 /* 0xE1 */
# define SYBSINT1 64 /* 0x40 */
# define SYBUINT2 65 /* 0x41 */
# define SYBUINT4 66 /* 0x42 */
# define SYBUINT8 67 /* 0x43 */
# define SYBUNIQUE 36 /* 0x24 */
# define SYBVARIANT 98 /* 0x62 */
2002-08-19 21:33:29 +00:00
2010-05-10 15:54:57 +00:00
# define is_fixed_coltype(x) (x==SYBINT1 || \
x = = SYBINT2 | | \
x = = SYBINT4 | | \
x = = SYBINT8 | | \
x = = SYBREAL | | \
x = = SYBFLT8 | | \
x = = SYBDATETIME | | \
x = = SYBDATETIME4 | | \
x = = SYBBIT | | \
x = = SYBMONEY | | \
x = = SYBMONEY4 | | \
x = = SYBUNIQUE )
2002-08-19 21:33:29 +00:00
2010-11-22 18:48:54 +00:00
/* FIXEDLENTYPE */
# define TDS_DATA_TYPE_NULL 0x1F /* Null (no data associated with this type) */
# define TDS_DATA_TYPE_INT1 0x30 /* TinyInt (1 byte data representation) */
# define TDS_DATA_TYPE_BIT 0x32 /* Bit (1 byte data representation) */
# define TDS_DATA_TYPE_INT2 0x34 /* SmallInt (2 byte data representation) */
# define TDS_DATA_TYPE_INT4 0x38 /* Int (4 byte data representation) */
# define TDS_DATA_TYPE_DATETIM4 0x3A /* SmallDateTime (4 byte data representation) */
# define TDS_DATA_TYPE_FLT4 0x3B /* Real (4 byte data representation) */
# define TDS_DATA_TYPE_MONEY 0x3C /* Money (8 byte data representation) */
# define TDS_DATA_TYPE_DATETIME 0x3D /* DateTime (8 byte data representation) */
# define TDS_DATA_TYPE_FLT8 0x3E /* Float (8 byte data representation) */
# define TDS_DATA_TYPE_MONEY4 0x7A /* SmallMoney (4 byte data representation) */
# define TDS_DATA_TYPE_INT8 0x7F /* BigInt (8 byte data representation) */
/* BYTELEN_TYPE */
# define TDS_DATA_TYPE_GUID 0x24 /* UniqueIdentifier */
# define TDS_DATA_TYPE_INTN 0x26
# define TDS_DATA_TYPE_DECIMAL 0x37 /* Decimal (legacy support) */
# define TDS_DATA_TYPE_NUMERIC 0x3F /* Numeric (legacy support) */
# define TDS_DATA_TYPE_BITN 0x68
# define TDS_DATA_TYPE_DECIMALN 0x6A /* Decimal */
# define TDS_DATA_TYPE_NUMERICN 0x6C /* Numeric */
# define TDS_DATA_TYPE_FLTN 0x6D
# define TDS_DATA_TYPE_MONEYN 0x6E
# define TDS_DATA_TYPE_DATETIMN 0x6F
# define TDS_DATA_TYPE_DATEN 0x28 /* (introduced in TDS 7.3) */
# define TDS_DATA_TYPE_TIMEN 0x29 /* (introduced in TDS 7.3) */
# define TDS_DATA_TYPE_DATETIME2N 0x2A /* (introduced in TDS 7.3) */
# define TDS_DATA_TYPE_DATETIMEOFFSETN 0x2B /* (introduced in TDS 7.3) */
# define TDS_DATA_TYPE_CHAR 0x2F /* Char (legacy support) */
# define TDS_DATA_TYPE_VARCHAR 0x27 /* VarChar (legacy support) */
# define TDS_DATA_TYPE_BINARY 0x2D /* Binary (legacy support) */
# define TDS_DATA_TYPE_VARBINARY 0x25 /* VarBinary (legacy support) */
/* USHORTLEN_TYPE */
# define TDS_DATA_TYPE_BIGVARBIN 0xA5 /* VarBinary */
# define TDS_DATA_TYPE_BIGVARCHR 0xA7 /* VarChar */
# define TDS_DATA_TYPE_BIGBINARY 0xAD /* Binary */
# define TDS_DATA_TYPE_BIGCHAR 0xAF /* Char */
# define TDS_DATA_TYPE_NVARCHAR 0xE7 /* NVarChar */
# define TDS_DATA_TYPE_NCHAR 0xEF /* NChar */
/* LONGLEN_TYPE */
# define TDS_DATA_TYPE_XML 0xF1 /* XML (introduced in TDS 7.2) */
# define TDS_DATA_TYPE_UDT 0xF0 /* CLR-UDT (introduced in TDS 7.2) */
# define TDS_DATA_TYPE_TEXT 0x23 /* Text */
# define TDS_DATA_TYPE_IMAGE 0x22 /* Image */
# define TDS_DATA_TYPE_NTEXT 0x63 /* NText */
# define TDS_DATA_TYPE_SSVARIANT 0x62 /* Sql_Variant (introduced in TDS 7.2) */
static const value_string tds_data_type_names [ ] = {
/* FIXEDLENTYPE */
{ TDS_DATA_TYPE_NULL , " NULLTYPE - Null (no data associated with this type) " } ,
{ TDS_DATA_TYPE_INT1 , " INT1TYPE - TinyInt (1 byte data representation) " } ,
{ TDS_DATA_TYPE_BIT , " BITTYPE - Bit (1 byte data representation) " } ,
{ TDS_DATA_TYPE_INT2 , " INT2TYPE - SmallInt (2 byte data representation) " } ,
{ TDS_DATA_TYPE_INT4 , " INT4TYPE - Int (4 byte data representation) " } ,
{ TDS_DATA_TYPE_DATETIM4 , " DATETIM4TYPE - SmallDateTime (4 byte data representation) " } ,
{ TDS_DATA_TYPE_FLT4 , " FLT4TYPE - Real (4 byte data representation) " } ,
{ TDS_DATA_TYPE_MONEY , " MONEYTYPE - Money (8 byte data representation) " } ,
{ TDS_DATA_TYPE_DATETIME , " DATETIMETYPE - DateTime (8 byte data representation) " } ,
{ TDS_DATA_TYPE_FLT8 , " FLT8TYPE - Float (8 byte data representation) " } ,
{ TDS_DATA_TYPE_MONEY4 , " MONEY4TYPE - SmallMoney (4 byte data representation) " } ,
{ TDS_DATA_TYPE_INT8 , " INT8TYPE - BigInt (8 byte data representation) " } ,
/* BYTELEN_TYPE */
{ TDS_DATA_TYPE_GUID , " GUIDTYPE - UniqueIdentifier " } ,
{ TDS_DATA_TYPE_INTN , " INTNTYPE " } ,
{ TDS_DATA_TYPE_DECIMAL , " DECIMALTYPE - Decimal (legacy support) " } ,
{ TDS_DATA_TYPE_NUMERIC , " NUMERICTYPE - Numeric (legacy support) " } ,
{ TDS_DATA_TYPE_BITN , " BITNTYPE " } ,
{ TDS_DATA_TYPE_DECIMALN , " DECIMALNTYPE - Decimal " } ,
{ TDS_DATA_TYPE_NUMERICN , " NUMERICNTYPE - Numeric " } ,
{ TDS_DATA_TYPE_FLTN , " FLTNTYPE " } ,
{ TDS_DATA_TYPE_MONEYN , " MONEYNTYPE " } ,
{ TDS_DATA_TYPE_DATETIMN , " DATETIMNTYPE " } ,
{ TDS_DATA_TYPE_DATEN , " DATENTYPE - (introduced in TDS 7.3) " } ,
{ TDS_DATA_TYPE_TIMEN , " TIMENTYPE - (introduced in TDS 7.3) " } ,
{ TDS_DATA_TYPE_DATETIME2N , " DATETIME2NTYPE - (introduced in TDS 7.3) " } ,
{ TDS_DATA_TYPE_DATETIMEOFFSETN , " DATETIMEOFFSETNTYPE - (introduced in TDS 7.3) " } ,
{ TDS_DATA_TYPE_CHAR , " CHARTYPE - Char (legacy support) " } ,
{ TDS_DATA_TYPE_VARCHAR , " VARCHARTYPE - VarChar (legacy support) " } ,
{ TDS_DATA_TYPE_BINARY , " BINARYTYPE - Binary (legacy support) " } ,
{ TDS_DATA_TYPE_VARBINARY , " VARBINARYTYPE - VarBinary (legacy support) " } ,
/* USHORTLEN_TYPE */
{ TDS_DATA_TYPE_BIGVARBIN , " BIGVARBINTYPE - VarBinary " } ,
{ TDS_DATA_TYPE_BIGVARCHR , " BIGVARCHRTYPE - VarChar " } ,
{ TDS_DATA_TYPE_BIGBINARY , " BIGBINARYTYPE - Binary " } ,
{ TDS_DATA_TYPE_BIGCHAR , " BIGCHARTYPE - Char " } ,
{ TDS_DATA_TYPE_NVARCHAR , " NVARCHARTYPE - NVarChar " } ,
{ TDS_DATA_TYPE_NCHAR , " NCHARTYPE - NChar " } ,
/* LONGLEN_TYPE */
{ TDS_DATA_TYPE_XML , " XMLTYPE - XML (introduced in TDS 7.2) " } ,
{ TDS_DATA_TYPE_UDT , " UDTTYPE - CLR-UDT (introduced in TDS 7.2) " } ,
{ TDS_DATA_TYPE_TEXT , " TEXTTYPE - Text " } ,
{ TDS_DATA_TYPE_IMAGE , " IMAGETYPE - Image " } ,
{ TDS_DATA_TYPE_NTEXT , " NTEXTTYPE - NText " } ,
{ TDS_DATA_TYPE_SSVARIANT , " SSVARIANTTYPE - Sql_Variant (introduced in TDS 7.2) " } ,
{ 0 , NULL }
} ;
2013-12-10 21:30:13 +00:00
void proto_reg_handoff_tds ( void ) ;
void proto_register_tds ( void ) ;
2002-08-19 21:33:29 +00:00
/* Initialize the protocol and registered fields */
static int proto_tds = - 1 ;
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
static int hf_tds_type = - 1 ;
static int hf_tds_status = - 1 ;
2010-11-22 18:48:54 +00:00
static int hf_tds_status_eom = - 1 ;
static int hf_tds_status_ignore = - 1 ;
static int hf_tds_status_event_notif = - 1 ;
static int hf_tds_status_reset_conn = - 1 ;
static int hf_tds_status_reset_conn_skip_tran = - 1 ;
static int hf_tds_length = - 1 ;
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
static int hf_tds_channel = - 1 ;
static int hf_tds_packet_number = - 1 ;
static int hf_tds_window = - 1 ;
2003-08-28 04:19:29 +00:00
static int hf_tds_reassembled_in = - 1 ;
2010-02-02 16:01:52 +00:00
static int hf_tds_reassembled_length = - 1 ;
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
static int hf_tds_fragments = - 1 ;
static int hf_tds_fragment = - 1 ;
static int hf_tds_fragment_overlap = - 1 ;
static int hf_tds_fragment_overlap_conflict = - 1 ;
static int hf_tds_fragment_multiple_tails = - 1 ;
static int hf_tds_fragment_too_long_fragment = - 1 ;
static int hf_tds_fragment_error = - 1 ;
2011-01-30 21:01:07 +00:00
static int hf_tds_fragment_count = - 1 ;
2013-05-21 12:55:55 +00:00
static int hf_tds_collate_codepage = - 1 ;
static int hf_tds_collate_flags = - 1 ;
static int hf_tds_collate_charset_id = - 1 ;
2013-12-16 22:39:41 +00:00
static int hf_tds_table_name = - 1 ;
static int hf_tds_text = - 1 ;
2002-08-19 21:33:29 +00:00
2003-08-27 23:28:37 +00:00
static int hf_tds7_login_total_size = - 1 ;
static int hf_tds7_version = - 1 ;
static int hf_tds7_packet_size = - 1 ;
static int hf_tds7_client_version = - 1 ;
static int hf_tds7_client_pid = - 1 ;
static int hf_tds7_connection_id = - 1 ;
static int hf_tds7_option_flags1 = - 1 ;
static int hf_tds7_option_flags2 = - 1 ;
static int hf_tds7_sql_type_flags = - 1 ;
static int hf_tds7_reserved_flags = - 1 ;
static int hf_tds7_time_zone = - 1 ;
static int hf_tds7_collation = - 1 ;
2012-08-27 11:47:37 +00:00
static int hf_tds7_loginack_version = - 1 ;
2010-11-22 18:48:54 +00:00
static int hf_tds_all_headers = - 1 ;
static int hf_tds_all_headers_total_length = - 1 ;
static int hf_tds_all_headers_header_length = - 1 ;
static int hf_tds_all_headers_header_type = - 1 ;
static int hf_tds_all_headers_trans_descr = - 1 ;
static int hf_tds_all_headers_request_cnt = - 1 ;
static int hf_tds_type_info = - 1 ;
static int hf_tds_type_info_type = - 1 ;
static int hf_tds_type_info_varlen = - 1 ;
static int hf_tds_type_info_precision = - 1 ;
static int hf_tds_type_info_scale = - 1 ;
static int hf_tds_type_info_collation = - 1 ;
static int hf_tds_type_info_collation_lcid = - 1 ;
static int hf_tds_type_info_collation_ign_case = - 1 ;
static int hf_tds_type_info_collation_ign_accent = - 1 ;
static int hf_tds_type_info_collation_ign_kana = - 1 ;
static int hf_tds_type_info_collation_ign_width = - 1 ;
static int hf_tds_type_info_collation_binary = - 1 ;
static int hf_tds_type_info_collation_version = - 1 ;
static int hf_tds_type_info_collation_sortid = - 1 ;
static int hf_tds_type_varbyte_length = - 1 ;
static int hf_tds_type_varbyte_data_null = - 1 ;
static int hf_tds_type_varbyte_data_boolean = - 1 ;
static int hf_tds_type_varbyte_data_int1 = - 1 ;
static int hf_tds_type_varbyte_data_int2 = - 1 ;
static int hf_tds_type_varbyte_data_int4 = - 1 ;
static int hf_tds_type_varbyte_data_int8 = - 1 ;
static int hf_tds_type_varbyte_data_float = - 1 ;
static int hf_tds_type_varbyte_data_double = - 1 ;
static int hf_tds_type_varbyte_data_bytes = - 1 ;
static int hf_tds_type_varbyte_data_guid = - 1 ;
static int hf_tds_type_varbyte_data_string = - 1 ;
static int hf_tds_type_varbyte_plp_len = - 1 ;
static int hf_tds_type_varbyte_plp_chunk_len = - 1 ;
static int hf_tds_rpc = - 1 ;
static int hf_tds_rpc_name_length8 = - 1 ;
static int hf_tds_rpc_name_length = - 1 ;
static int hf_tds_rpc_name = - 1 ;
static int hf_tds_rpc_proc_id = - 1 ;
static int hf_tds_rpc_options = - 1 ;
static int hf_tds_rpc_options_with_recomp = - 1 ;
static int hf_tds_rpc_options_no_metadata = - 1 ;
static int hf_tds_rpc_options_reuse_metadata = - 1 ;
static int hf_tds_rpc_separator = - 1 ;
static int hf_tds_rpc_parameter = - 1 ;
static int hf_tds_rpc_parameter_name_length = - 1 ;
static int hf_tds_rpc_parameter_name = - 1 ;
static int hf_tds_rpc_parameter_status = - 1 ;
static int hf_tds_rpc_parameter_status_by_ref = - 1 ;
static int hf_tds_rpc_parameter_status_default = - 1 ;
static int hf_tds_rpc_parameter_value = - 1 ;
2003-08-27 23:28:37 +00:00
2014-10-17 14:11:22 +00:00
/* Generated from convert_proto_tree_add_text.pl */
static int hf_tds_unknown_bytes_3 = - 1 ;
static int hf_tds_results_token_flags = - 1 ;
static int hf_tds_process_name = - 1 ;
static int hf_tds_columns = - 1 ;
static int hf_tds_severity_level = - 1 ;
static int hf_tds_server_name = - 1 ;
static int hf_tds_tds_packet = - 1 ;
static int hf_tds_new_value = - 1 ;
static int hf_tds_text_length = - 1 ;
static int hf_tds_done_token_status_flags = - 1 ;
static int hf_tds_large_type_size = - 1 ;
static int hf_tds_usertype32 = - 1 ;
static int hf_tds_usertype16 = - 1 ;
static int hf_tds_language_text = - 1 ;
static int hf_tds_row_count32 = - 1 ;
static int hf_tds_error_message_length = - 1 ;
static int hf_tds_error = - 1 ;
static int hf_tds_sql_error_number = - 1 ;
static int hf_tds_new_value_length = - 1 ;
static int hf_tds_old_value = - 1 ;
static int hf_tds_operation = - 1 ;
static int hf_tds_ack = - 1 ;
static int hf_tds_unknown_bytes_1 = - 1 ;
static int hf_tds_results_token_type = - 1 ;
static int hf_tds_env_chg_type = - 1 ;
static int hf_tds_lang_token_status = - 1 ;
static int hf_tds_unknown_bytes_4 = - 1 ;
static int hf_tds_old_value_length = - 1 ;
static int hf_tds_message_length = - 1 ;
static int hf_tds_server_version = - 1 ;
static int hf_tds_row_count64 = - 1 ;
static int hf_tds_line_number32 = - 1 ;
static int hf_tds_query = - 1 ;
static int hf_tds_server_name_length = - 1 ;
static int hf_tds_state = - 1 ;
static int hf_tds_line_number16 = - 1 ;
static int hf_tds_process_name_length = - 1 ;
static int hf_tds_login_offset = - 1 ;
static int hf_tds_login_length = - 1 ;
static int hf_tds_login_password = - 1 ;
static int hf_tds_token_len = - 1 ;
2002-08-19 21:33:29 +00:00
/* Initialize the subtree pointers */
static gint ett_tds = - 1 ;
2010-11-22 18:48:54 +00:00
static gint ett_tds_status = - 1 ;
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
static gint ett_tds_fragments = - 1 ;
static gint ett_tds_fragment = - 1 ;
static gint ett_tds_token = - 1 ;
2010-11-22 18:48:54 +00:00
static gint ett_tds_all_headers = - 1 ;
static gint ett_tds_all_headers_header = - 1 ;
static gint ett_tds_type_info = - 1 ;
static gint ett_tds_type_info_collation = - 1 ;
static gint ett_tds_type_varbyte = - 1 ;
static gint ett_tds_message = - 1 ;
static gint ett_tds_rpc_options = - 1 ;
static gint ett_tds_rpc_parameter = - 1 ;
static gint ett_tds_rpc_parameter_status = - 1 ;
static gint ett_tds7_query = - 1 ;
2002-09-28 16:04:03 +00:00
static gint ett_tds7_login = - 1 ;
static gint ett_tds7_hdr = - 1 ;
2014-10-17 14:11:22 +00:00
static gint ett_tds_col = - 1 ;
2002-08-19 21:33:29 +00:00
2013-08-23 03:17:34 +00:00
static expert_field ei_tds_type_info_type_undecoded = EI_INIT ;
static expert_field ei_tds_invalid_length = EI_INIT ;
static expert_field ei_tds_token_length_invalid = EI_INIT ;
static expert_field ei_tds_type_info_type = EI_INIT ;
static expert_field ei_tds_all_headers_header_type = EI_INIT ;
2014-10-17 14:11:22 +00:00
static expert_field ei_tds_token_stats = EI_INIT ;
2013-08-23 03:17:34 +00:00
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
/* Desegmentation of Netlib buffers crossing TCP segment boundaries. */
static gboolean tds_desegment = TRUE ;
static const fragment_items tds_frag_items = {
2010-05-10 15:54:57 +00:00
& ett_tds_fragment ,
& ett_tds_fragments ,
& hf_tds_fragments ,
& hf_tds_fragment ,
& hf_tds_fragment_overlap ,
& hf_tds_fragment_overlap_conflict ,
& hf_tds_fragment_multiple_tails ,
& hf_tds_fragment_too_long_fragment ,
& hf_tds_fragment_error ,
2011-01-30 21:01:07 +00:00
& hf_tds_fragment_count ,
2010-05-10 15:54:57 +00:00
& hf_tds_reassembled_in ,
& hf_tds_reassembled_length ,
2012-09-07 02:09:59 +00:00
/* Reassembled data field */
NULL ,
2010-05-10 15:54:57 +00:00
" fragments "
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
} ;
/* Tables for reassembly of fragments. */
2013-03-22 23:59:54 +00:00
static reassembly_table tds_reassembly_table ;
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
/* defragmentation of multi-buffer TDS PDUs */
static gboolean tds_defragment = TRUE ;
2002-08-19 21:33:29 +00:00
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
static dissector_handle_t tds_tcp_handle ;
2013-08-05 19:09:44 +00:00
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
static dissector_handle_t ntlmssp_handle ;
2004-11-24 04:14:56 +00:00
static dissector_handle_t gssapi_handle ;
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
static dissector_handle_t data_handle ;
2002-09-28 16:04:03 +00:00
2012-08-27 11:47:37 +00:00
typedef struct {
gint tds7_version ;
} tds_conv_info_t ;
2004-11-21 22:03:33 +00:00
/* TDS protocol type preference */
/* XXX: This preference is used as a 'hint' for cases where interpretation is ambiguous */
/* Currently the hint is global */
/* TODO: Consider storing protocol type with each conversation */
/* (when type is determined and using the preference as a default) ?? */
# define TDS_PROTOCOL_NOT_SPECIFIED 0
2010-11-22 18:48:54 +00:00
# define TDS_PROTOCOL_4 0x40
# define TDS_PROTOCOL_5 0x50
# define TDS_PROTOCOL_7_0 0x70
# define TDS_PROTOCOL_7_1 0x71
# define TDS_PROTOCOL_7_2 0x72
# define TDS_PROTOCOL_7_3 0x73
2004-11-21 22:03:33 +00:00
static gint tds_protocol_type = TDS_PROTOCOL_NOT_SPECIFIED ;
2010-10-10 20:07:06 +00:00
static const enum_val_t tds_protocol_type_options [ ] = {
2010-05-10 15:54:57 +00:00
{ " not_specified " , " Not Specified " , TDS_PROTOCOL_NOT_SPECIFIED } ,
{ " tds4 " , " TDS 4 " , TDS_PROTOCOL_4 } , /* TDS 4.2 and TDS 4.6 */
{ " tds5 " , " TDS 5 " , TDS_PROTOCOL_5 } ,
2010-11-22 18:48:54 +00:00
{ " tds70 " , " TDS 7.0 " , TDS_PROTOCOL_7_0 } ,
{ " tds71 " , " TDS 7.1 " , TDS_PROTOCOL_7_1 } ,
{ " tds72 " , " TDS 7.2 " , TDS_PROTOCOL_7_2 } ,
{ " tds73 " , " TDS 7.3 " , TDS_PROTOCOL_7_3 } ,
2010-05-10 15:54:57 +00:00
{ NULL , NULL , - 1 }
2004-11-21 22:03:33 +00:00
} ;
2012-08-27 11:47:37 +00:00
# define TDS_PROTO_PREF_NOT_SPECIFIED (tds_protocol_type == TDS_PROTOCOL_NOT_SPECIFIED)
2004-11-21 22:03:33 +00:00
# define TDS_PROTO_PREF_TDS4 (tds_protocol_type == TDS_PROTOCOL_4)
# define TDS_PROTO_PREF_TDS5 (tds_protocol_type == TDS_PROTOCOL_5)
2010-11-22 18:48:54 +00:00
# define TDS_PROTO_PREF_TDS7_0 (tds_protocol_type == TDS_PROTOCOL_7_0)
# define TDS_PROTO_PREF_TDS7_1 (tds_protocol_type == TDS_PROTOCOL_7_1)
# define TDS_PROTO_PREF_TDS7_2 (tds_protocol_type == TDS_PROTOCOL_7_2)
# define TDS_PROTO_PREF_TDS7_3 (tds_protocol_type == TDS_PROTOCOL_7_3)
# define TDS_PROTO_PREF_TDS7 (tds_protocol_type >= TDS_PROTOCOL_7_0 && tds_protocol_type <= TDS_PROTOCOL_7_3)
2004-11-21 22:03:33 +00:00
2012-08-27 11:47:37 +00:00
# define TDS_PROTO_TDS4 TDS_PROTO_PREF_TDS4
# define TDS_PROTO_TDS7 (TDS_PROTO_PREF_TDS7 || \
( TDS_PROTO_PREF_NOT_SPECIFIED & & ( tds_info - > tds7_version ! = TDS_PROTOCOL_NOT_SPECIFIED ) ) )
# define TDS_PROTO_TDS7_2_OR_GREATER ((tds_protocol_type >= TDS_PROTOCOL_7_2) || \
( TDS_PROTO_PREF_NOT_SPECIFIED & & ( tds_info - > tds7_version > = TDS_PROTOCOL_7_2 ) ) )
2004-11-21 22:03:33 +00:00
/* TDS "endian type" */
/* XXX: Assumption is that all TDS conversations being decoded in a particular capture */
/* have the same endian type */
/* TODO: consider storing endian type with each conversation */
/* (using pref as the default) */
2010-01-22 17:41:47 +00:00
static gboolean tds_little_endian = TRUE ;
2004-11-21 22:03:33 +00:00
2010-10-10 20:07:06 +00:00
static const enum_val_t tds_endian_type_options [ ] = {
2004-11-21 22:03:33 +00:00
{ " little_endian " , " Little Endian " , TRUE } ,
{ " big_endian " , " Big Endian " , FALSE } ,
{ NULL , NULL , - 1 }
} ;
/* TCP port preferences for TDS decode */
static range_t * tds_tcp_ports = NULL ;
2002-08-19 21:33:29 +00:00
/* These correspond to the netlib packet type field */
static const value_string packet_type_names [ ] = {
2010-11-22 18:48:54 +00:00
{ TDS_QUERY_PKT , " SQL batch " } ,
{ TDS_LOGIN_PKT , " Pre-TDS7 login " } ,
{ TDS_RPC_PKT , " Remote Procedure Call " } ,
{ TDS_RESP_PKT , " Response " } ,
{ TDS_RAW_PKT , " Unused " } ,
{ TDS_ATTENTION_PKT , " Attention " } ,
{ TDS_BULK_DATA_PKT , " Bulk load data " } ,
{ TDS_QUERY5_PKT , " TDS5 query " } ,
{ TDS_LOGIN7_PKT , " TDS7 login " } ,
{ TDS_SSPI_PKT , " SSPI message " } ,
{ TDS_PRELOGIN_PKT , " TDS7 pre-login message " } ,
{ 0 , NULL }
} ;
enum {
TDS_HEADER_QUERY_NOTIF = 0x0001 ,
TDS_HEADER_TRANS_DESCR = 0x0002
} ;
static const value_string header_type_names [ ] = {
{ TDS_HEADER_QUERY_NOTIF , " Query notifications " } ,
{ TDS_HEADER_TRANS_DESCR , " Transaction descriptor " } ,
{ 0 , NULL }
2002-08-19 21:33:29 +00:00
} ;
2002-11-26 21:45:28 +00:00
/* The status field */
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
2003-08-23 05:19:01 +00:00
# define is_valid_tds_status(x) ((x) <= STATUS_EVENT_NOTIFICATION)
2010-05-10 15:54:57 +00:00
# define STATUS_LAST_BUFFER 0x01
2010-11-22 18:48:54 +00:00
# define STATUS_IGNORE_EVENT 0x02
2010-05-10 15:54:57 +00:00
# define STATUS_EVENT_NOTIFICATION 0x04
2010-11-22 18:48:54 +00:00
# define STATUS_RESETCONNECTION 0x08
# define STATUS_RESETCONNECTIONSKIPTRAN 0x10
2002-11-26 21:45:28 +00:00
2002-08-19 21:33:29 +00:00
/* The one byte token at the start of each TDS PDU */
static const value_string token_names [ ] = {
2010-05-10 15:54:57 +00:00
{ TDS5_DYNAMIC_TOKEN , " TDS5 Dynamic SQL " } ,
{ TDS5_PARAMFMT_TOKEN , " TDS5 Parameter Format " } ,
{ TDS5_PARAMFMT2_TOKEN , " TDS5 Parameter2 Format " } ,
{ TDS5_PARAMS_TOKEN , " TDS5 Parameters " } ,
{ TDS_LANG_TOKEN , " Language " } ,
{ TDS_LOGOUT_TOKEN , " Logout " } ,
{ TDS_RET_STAT_TOKEN , " Return Status " } ,
{ TDS_PROCID_TOKEN , " Proc ID " } ,
{ TDS7_RESULT_TOKEN , " TDS7+ Results " } ,
{ TDS_COL_NAME_TOKEN , " Column Names " } ,
{ TDS_COL_INFO_TOKEN , " Column Info " } ,
{ TDS_COMPUTE_NAMES_TOKEN , " Compute Names " } ,
{ TDS_COMPUTE_RESULT_TOKEN , " Compute Results " } ,
{ TDS_ORDER_BY_TOKEN , " Order By " } ,
{ TDS_ERR_TOKEN , " Error Message " } ,
{ TDS_MSG_TOKEN , " Info Message " } ,
{ TDS_PARAM_TOKEN , " Parameter " } ,
{ TDS_LOGIN_ACK_TOKEN , " Login Acknowledgement " } ,
{ TDS_CONTROL_TOKEN , " TDS Control " } ,
{ TDS_KEY_TOKEN , " TDS Key " } ,
{ TDS_ROW_TOKEN , " Row " } ,
{ TDS_CMP_ROW_TOKEN , " Compute Row " } ,
{ TDS_CAP_TOKEN , " Capabilities " } ,
{ TDS_ENV_CHG_TOKEN , " Environment Change " } ,
{ TDS_EED_TOKEN , " Extended Error " } ,
{ TDS_AUTH_TOKEN , " Authentication " } ,
{ TDS_RESULT_TOKEN , " Results " } ,
{ TDS_DONE_TOKEN , " Done " } ,
{ TDS_DONEPROC_TOKEN , " Done Proc " } ,
{ TDS_DONEINPROC_TOKEN , " Done In Proc " } ,
{ TDS5_DYNAMIC2_TOKEN , " TDS5 Dynamic2 " } ,
{ TDS5_ORDERBY2_TOKEN , " TDS5 OrderBy2 " } ,
{ TDS5_CURDECLARE2_TOKEN , " TDS5 CurDeclare2 " } ,
{ TDS5_ROWFMT2_TOKEN , " TDS5 RowFmt2 " } ,
{ TDS5_MSG_TOKEN , " TDS5 Msg " } ,
2010-11-22 18:48:54 +00:00
{ 0 , NULL }
2002-08-19 21:33:29 +00:00
} ;
2010-11-22 18:48:54 +00:00
# define TDS_RPC_SEPARATOR_BATCH_FLAG 0x80
# define TDS_RPC_SEPARATOR_BATCH_FLAG_7_2 0xFF
# define TDS_RPC_SEPARATOR_NO_EXEC_FLAG 0xFE
static const value_string tds_rpc_separators [ ] = {
{ TDS_RPC_SEPARATOR_BATCH_FLAG , " Batch flag " } ,
{ TDS_RPC_SEPARATOR_BATCH_FLAG_7_2 , " Batch flag 7.2 " } ,
{ TDS_RPC_SEPARATOR_NO_EXEC_FLAG , " No exec flag " } ,
{ 0 , NULL }
} ;
2004-11-21 22:03:33 +00:00
static const value_string internal_stored_proc_id_names [ ] = {
{ TDS_SP_CURSOR , " sp_cursor " } ,
{ TDS_SP_CURSOROPEN , " sp_cursoropen " } ,
{ TDS_SP_CURSORPREPARE , " sp_cursorprepare " } ,
{ TDS_SP_CURSOREXECUTE , " sp_cursorexecute " } ,
{ TDS_SP_CURSORPREPEXEC , " sp_cursorprepexec " } ,
{ TDS_SP_CURSORUNPREPARE , " sp_cursorunprepare " } ,
{ TDS_SP_CURSORFETCH , " sp_cursorfetch " } ,
{ TDS_SP_CURSOROPTION , " sp_cursoroption " } ,
{ TDS_SP_CURSORCLOSE , " sp_cursorclose " } ,
{ TDS_SP_EXECUTESQL , " sp_executesql " } ,
{ TDS_SP_PREPARE , " sp_prepare " } ,
{ TDS_SP_EXECUTE , " sp_execute " } ,
{ TDS_SP_PREPEXEC , " sp_prepexec " } ,
{ TDS_SP_PREPEXECRPC , " sp_prepexecrpc " } ,
{ TDS_SP_UNPREPARE , " sp_unprepare " } ,
2010-05-10 15:54:57 +00:00
{ 0 , NULL } ,
2004-11-21 22:03:33 +00:00
} ;
2002-08-19 21:33:29 +00:00
static const value_string env_chg_names [ ] = {
2010-05-10 15:54:57 +00:00
{ 1 , " Database " } ,
{ 2 , " Language " } ,
{ 3 , " Sort Order " } ,
{ 4 , " Blocksize " } ,
{ 5 , " Unicode Locale ID " } ,
{ 6 , " Unicode Comparison Style " } ,
{ 7 , " Collation Info " } ,
{ 0 , NULL } ,
2002-09-28 16:04:03 +00:00
} ;
static const value_string login_field_names [ ] = {
2010-05-10 15:54:57 +00:00
{ 0 , " Client Name " } ,
{ 1 , " Username " } ,
{ 2 , " Password " } ,
{ 3 , " App Name " } ,
{ 4 , " Server Name " } ,
{ 5 , " Unknown1 " } ,
{ 6 , " Library Name " } ,
{ 7 , " Locale " } ,
{ 8 , " Database Name " } ,
{ 0 , NULL } ,
2002-08-19 21:33:29 +00:00
} ;
# define MAX_COLUMNS 256
/*
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
* This is where we store the column information to be used in decoding the
* TDS_ROW_TOKEN tokens .
2002-08-19 21:33:29 +00:00
*/
struct _tds_col {
2010-05-10 15:54:57 +00:00
gchar name [ 256 ] ;
guint16 utype ;
guint8 ctype ;
guint csize ;
2002-08-19 21:33:29 +00:00
} ;
struct _netlib_data {
2010-05-10 15:54:57 +00:00
guint num_cols ;
struct _tds_col * columns [ MAX_COLUMNS ] ;
2002-08-19 21:33:29 +00:00
} ;
2003-08-27 23:28:37 +00:00
struct tds7_login_packet_hdr {
2010-05-10 15:54:57 +00:00
guint32 total_packet_size ;
guint32 tds_version ;
guint32 packet_size ;
guint32 client_version ;
guint32 client_pid ;
guint32 connection_id ;
guint8 option_flags1 ;
guint8 option_flags2 ;
guint8 sql_type_flags ;
guint8 reserved_flags ;
guint32 time_zone ;
guint32 collation ;
2003-08-27 23:28:37 +00:00
} ;
2002-08-19 21:33:29 +00:00
/* support routines */
2004-11-21 22:03:33 +00:00
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
static void
2004-11-24 04:14:56 +00:00
dissect_tds_nt ( tvbuff_t * tvb , packet_info * pinfo , proto_tree * tree ,
2010-05-10 15:54:57 +00:00
guint offset , guint length )
2002-09-28 16:04:03 +00:00
{
2010-05-10 15:54:57 +00:00
tvbuff_t * nt_tvb ;
2002-09-28 16:04:03 +00:00
2010-05-10 15:54:57 +00:00
nt_tvb = tvb_new_subset ( tvb , offset , - 1 , length ) ;
if ( tvb_strneql ( tvb , offset , " NTLMSSP " , 7 ) = = 0 )
call_dissector ( ntlmssp_handle , nt_tvb , pinfo , tree ) ;
else
call_dissector ( gssapi_handle , nt_tvb , pinfo , tree ) ;
2002-09-28 16:04:03 +00:00
}
2004-11-21 22:03:33 +00:00
/* */
static guint16
2010-01-22 17:41:47 +00:00
tds_tvb_get_xxtohs ( tvbuff_t * tvb , gint offset , gboolean tds_little_endian_flag ) {
if ( tds_little_endian_flag )
2004-11-21 22:03:33 +00:00
return tvb_get_letohs ( tvb , offset ) ;
else
return tvb_get_ntohs ( tvb , offset ) ;
}
static guint32
2010-01-22 17:41:47 +00:00
tds_tvb_get_xxtohl ( tvbuff_t * tvb , gint offset , gboolean tds_little_endian_flag ) {
if ( tds_little_endian_flag )
2004-11-21 22:03:33 +00:00
return tvb_get_letohl ( tvb , offset ) ;
else
return tvb_get_ntohl ( tvb , offset ) ;
}
2010-10-10 20:07:06 +00:00
static int
tds_token_is_fixed_size ( guint8 token )
2004-11-21 22:03:33 +00:00
{
2010-05-10 15:54:57 +00:00
switch ( token ) {
case TDS_DONE_TOKEN :
case TDS_DONEPROC_TOKEN :
case TDS_DONEINPROC_TOKEN :
case TDS_RET_STAT_TOKEN :
case TDS7_RESULT_TOKEN :
case TDS_PROCID_TOKEN :
case TDS_LOGOUT_TOKEN :
return 1 ;
default :
return 0 ;
}
2004-11-21 22:03:33 +00:00
}
2010-10-10 20:07:06 +00:00
static int
2012-08-27 11:47:37 +00:00
tds_get_fixed_token_size ( guint8 token , tds_conv_info_t * tds_info )
2004-11-21 22:03:33 +00:00
{
2010-05-10 15:54:57 +00:00
switch ( token ) {
case TDS_DONE_TOKEN :
case TDS_DONEPROC_TOKEN :
case TDS_DONEINPROC_TOKEN :
2012-08-27 11:47:37 +00:00
if ( TDS_PROTO_TDS7_2_OR_GREATER ) {
return 12 ;
} else {
return 8 ;
}
2010-05-10 15:54:57 +00:00
case TDS_PROCID_TOKEN :
return 8 ;
case TDS_RET_STAT_TOKEN :
return 4 ;
case TDS_LOGOUT_TOKEN :
return 1 ;
case TDS7_RESULT_TOKEN :
default :
return 0 ;
}
2004-11-21 22:03:33 +00:00
}
2004-11-22 08:11:31 +00:00
static guint
tds_get_variable_token_size ( tvbuff_t * tvb , gint offset , guint8 token ,
guint * len_field_size_p , guint * len_field_val_p )
2004-11-21 22:03:33 +00:00
{
switch ( token ) {
/* some tokens have a 4 byte length field */
case TDS5_PARAMFMT2_TOKEN :
case TDS_LANG_TOKEN :
case TDS5_ORDERBY2_TOKEN :
case TDS5_CURDECLARE2_TOKEN :
case TDS5_ROWFMT2_TOKEN :
case TDS5_DYNAMIC2_TOKEN :
* len_field_size_p = 4 ;
2004-11-22 08:11:31 +00:00
* len_field_val_p = tds_tvb_get_xxtohl ( tvb , offset , tds_little_endian ) ;
break ;
2010-05-10 15:54:57 +00:00
/* some have a 1 byte length field */
2004-11-21 22:03:33 +00:00
case TDS5_MSG_TOKEN :
* len_field_size_p = 1 ;
2004-11-22 08:11:31 +00:00
* len_field_val_p = tvb_get_guint8 ( tvb , offset ) ;
break ;
2010-05-10 15:54:57 +00:00
/* and most have a 2 byte length field */
2004-11-21 22:03:33 +00:00
default :
* len_field_size_p = 2 ;
2004-11-22 08:11:31 +00:00
* len_field_val_p = tds_tvb_get_xxtohs ( tvb , offset , tds_little_endian ) ;
break ;
2004-11-21 22:03:33 +00:00
}
2004-11-22 08:11:31 +00:00
return * len_field_val_p + * len_field_size_p + 1 ;
2004-11-21 22:03:33 +00:00
}
2004-02-01 21:33:12 +00:00
static void
2010-11-22 18:48:54 +00:00
dissect_tds_all_headers ( tvbuff_t * tvb , guint * offset , packet_info * pinfo , proto_tree * tree )
{
proto_item * item = NULL , * total_length_item = NULL ;
proto_tree * sub_tree = NULL ;
guint32 total_length ;
guint final_offset ;
total_length = tvb_get_letohl ( tvb , * offset ) ;
/* Try to find out heuristically whether the ALL_HEADERS rule is actually present.
* In practice total_length is a single byte value , so if the extracted value exceeds 1 byte ,
* then the headers are most likely absent . */
if ( total_length > = 0x100 )
return ;
2011-10-04 22:44:31 +00:00
item = proto_tree_add_item ( tree , hf_tds_all_headers , tvb , * offset , total_length , ENC_NA ) ;
2010-11-22 18:48:54 +00:00
sub_tree = proto_item_add_subtree ( item , ett_tds_all_headers ) ;
2011-10-06 03:35:44 +00:00
total_length_item = proto_tree_add_item ( sub_tree , hf_tds_all_headers_total_length , tvb , * offset , 4 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
final_offset = * offset + total_length ;
* offset + = 4 ;
do {
/* dissect a stream header */
proto_tree * header_sub_tree = NULL ;
proto_item * length_item = NULL , * type_item = NULL ;
guint32 header_length ;
guint16 header_type ;
header_length = tvb_get_letohl ( tvb , * offset ) ;
2014-07-06 23:32:03 +00:00
header_sub_tree = proto_tree_add_subtree ( sub_tree , tvb , * offset , header_length , ett_tds_all_headers_header , NULL , " Header " ) ;
2011-10-06 03:35:44 +00:00
length_item = proto_tree_add_item ( header_sub_tree , hf_tds_all_headers_header_length , tvb , * offset , 4 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
if ( header_length = = 0 ) {
2013-09-09 00:44:09 +00:00
expert_add_info_format ( pinfo , length_item , & ei_tds_invalid_length , " Empty header " ) ;
2010-11-22 18:48:54 +00:00
break ;
}
header_type = tvb_get_letohs ( tvb , * offset + 4 ) ;
2011-10-06 03:35:44 +00:00
type_item = proto_tree_add_item ( header_sub_tree , hf_tds_all_headers_header_type , tvb , * offset + 4 , 2 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
switch ( header_type ) {
case TDS_HEADER_QUERY_NOTIF :
break ;
case TDS_HEADER_TRANS_DESCR :
if ( header_length ! = 18 )
2013-09-09 00:44:09 +00:00
expert_add_info_format ( pinfo , length_item , & ei_tds_invalid_length , " Length should equal 18 " ) ;
2011-10-16 23:38:49 +00:00
proto_tree_add_item ( header_sub_tree , hf_tds_all_headers_trans_descr , tvb , * offset + 6 , 8 , ENC_LITTLE_ENDIAN ) ;
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( header_sub_tree , hf_tds_all_headers_request_cnt , tvb , * offset + 14 , 4 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
break ;
default :
2013-08-23 03:17:34 +00:00
expert_add_info ( pinfo , type_item , & ei_tds_all_headers_header_type ) ;
2010-11-22 18:48:54 +00:00
}
* offset + = header_length ;
} while ( * offset < final_offset ) ;
if ( * offset ! = final_offset ) {
2013-09-09 00:44:09 +00:00
expert_add_info_format ( pinfo , total_length_item , & ei_tds_invalid_length , " Sum of headers' lengths (%d) differs from total headers length (%d) " , total_length + * offset - final_offset , total_length ) ;
2010-11-22 18:48:54 +00:00
return ;
}
}
static void
2012-08-27 11:47:37 +00:00
dissect_tds_query_packet ( tvbuff_t * tvb , packet_info * pinfo , proto_tree * tree , tds_conv_info_t * tds_info )
2004-02-01 21:33:12 +00:00
{
2010-05-10 15:54:57 +00:00
guint offset , len ;
2013-12-16 22:39:41 +00:00
guint string_encoding = ENC_UTF_16 | ENC_LITTLE_ENDIAN ;
2010-05-10 15:54:57 +00:00
proto_tree * query_tree ;
offset = 0 ;
2014-07-06 23:32:03 +00:00
query_tree = proto_tree_add_subtree ( tree , tvb , offset , - 1 , ett_tds7_query , NULL , " TDS Query Packet " ) ;
2010-11-22 18:48:54 +00:00
dissect_tds_all_headers ( tvb , & offset , pinfo , query_tree ) ;
2010-05-10 15:54:57 +00:00
len = tvb_reported_length_remaining ( tvb , offset ) ;
2012-08-27 11:47:37 +00:00
if ( TDS_PROTO_TDS4 | |
( ! TDS_PROTO_TDS7 & &
2010-05-10 15:54:57 +00:00
( ( len < 2 ) | | tvb_get_guint8 ( tvb , offset + 1 ) ! = 0 ) ) )
2013-12-16 22:39:41 +00:00
string_encoding = ENC_ASCII | ENC_NA ;
2010-05-10 15:54:57 +00:00
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( query_tree , hf_tds_query , tvb , offset , len , string_encoding ) ;
/* offset += len; */
2004-02-01 21:33:12 +00:00
}
2004-11-21 22:03:33 +00:00
2006-01-09 17:44:02 +00:00
static void
2004-11-21 22:03:33 +00:00
dissect_tds5_lang_token ( tvbuff_t * tvb , guint offset , guint len , proto_tree * tree ) {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_lang_token_status , tvb , offset , 1 , ENC_NA ) ;
2004-11-21 22:03:33 +00:00
offset + = 1 ;
len - = 1 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_language_text , tvb , offset , len , ENC_ASCII | ENC_NA ) ;
2004-11-21 22:03:33 +00:00
}
static void
2012-08-27 11:47:37 +00:00
dissect_tds_query5_packet ( tvbuff_t * tvb , packet_info * pinfo _U_ , proto_tree * tree , tds_conv_info_t * tds_info )
2004-11-21 22:03:33 +00:00
{
guint offset ;
guint pos ;
guint token_len_field_size = 2 ;
2007-09-26 07:09:51 +00:00
guint token_len_field_val = 0 ;
2004-11-21 22:03:33 +00:00
guint8 token ;
guint token_sz ;
proto_tree * query_tree ;
proto_tree * token_tree ;
2014-10-17 14:11:22 +00:00
proto_item * token_item ;
2006-01-09 17:44:02 +00:00
2004-11-21 22:03:33 +00:00
offset = 0 ;
2014-07-06 23:32:03 +00:00
query_tree = proto_tree_add_subtree ( tree , tvb , offset , - 1 , ett_tds7_query , NULL , " TDS5 Query Packet " ) ;
2004-11-21 22:03:33 +00:00
/*
* Until we reach the end of the packet , read tokens .
*/
pos = offset ;
while ( tvb_reported_length_remaining ( tvb , pos ) > 0 ) {
/* our token */
token = tvb_get_guint8 ( tvb , pos ) ;
if ( tds_token_is_fixed_size ( token ) )
2012-08-27 11:47:37 +00:00
token_sz = tds_get_fixed_token_size ( token , tds_info ) + 1 ;
2004-11-21 22:03:33 +00:00
else
2004-11-22 08:11:31 +00:00
token_sz = tds_get_variable_token_size ( tvb , pos + 1 , token , & token_len_field_size ,
& token_len_field_val ) ;
2004-11-21 22:03:33 +00:00
2014-10-17 14:11:22 +00:00
token_tree = proto_tree_add_subtree_format ( query_tree , tvb , pos , token_sz ,
ett_tds_token , & token_item , " Token 0x%02x %s " , token ,
val_to_str_const ( token , token_names , " Unknown Token Type " ) ) ;
2010-05-10 15:54:57 +00:00
if ( ( int ) token_sz < 0 ) {
2014-10-17 14:11:22 +00:00
expert_add_info_format ( pinfo , token_item , & ei_tds_token_length_invalid , " Bogus token size: %u " , token_sz ) ;
2010-05-10 15:54:57 +00:00
break ;
}
2004-12-09 16:37:46 +00:00
2004-11-21 22:03:33 +00:00
/*
* If it ' s a variable token , put the length field in here
* instead of replicating this for each token subdissector .
*/
if ( ! tds_token_is_fixed_size ( token ) )
2014-10-17 14:11:22 +00:00
{
token_item = proto_tree_add_uint ( token_tree , hf_tds_token_len , tvb , pos + 1 , 1 , token_len_field_val ) ;
proto_item_set_len ( token_item , token_len_field_size ) ;
}
2004-11-21 22:03:33 +00:00
switch ( token ) {
case TDS_LANG_TOKEN :
dissect_tds5_lang_token ( tvb , pos + 5 , token_sz - 5 , token_tree ) ;
break ;
default :
break ;
}
pos + = token_sz ;
} /* while */
}
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
static void
dissect_tds7_login ( tvbuff_t * tvb , packet_info * pinfo , proto_tree * tree )
2002-09-28 16:04:03 +00:00
{
2010-05-10 15:54:57 +00:00
guint offset , i , j , k , offset2 , len ;
char * val , * val2 ;
proto_tree * login_tree ;
proto_tree * header_tree ;
proto_tree * length_tree ;
struct tds7_login_packet_hdr td7hdr ;
gint length_remaining ;
/* create display subtree for the protocol */
offset = 0 ;
2014-07-06 23:32:03 +00:00
login_tree = proto_tree_add_subtree ( tree , tvb , offset , - 1 , ett_tds7_login , NULL , " TDS7 Login Packet " ) ;
header_tree = proto_tree_add_subtree ( login_tree , tvb , offset , 36 , ett_tds7_hdr , NULL , " Login Packet Header " ) ;
2010-05-10 15:54:57 +00:00
td7hdr . total_packet_size = tvb_get_letohl ( tvb , offset ) ;
proto_tree_add_uint ( header_tree , hf_tds7_login_total_size , tvb , offset ,
sizeof ( td7hdr . total_packet_size ) , td7hdr . total_packet_size ) ;
2012-12-26 05:57:06 +00:00
offset + = ( int ) sizeof ( td7hdr . total_packet_size ) ;
2010-05-10 15:54:57 +00:00
td7hdr . tds_version = tvb_get_ntohl ( tvb , offset ) ;
proto_tree_add_uint ( header_tree , hf_tds7_version , tvb , offset , sizeof ( td7hdr . tds_version ) , td7hdr . tds_version ) ;
2012-12-26 05:57:06 +00:00
offset + = ( int ) sizeof ( td7hdr . tds_version ) ;
2010-05-10 15:54:57 +00:00
td7hdr . packet_size = tvb_get_ntohl ( tvb , offset ) ;
proto_tree_add_uint ( header_tree , hf_tds7_packet_size , tvb , offset , sizeof ( td7hdr . packet_size ) , td7hdr . packet_size ) ;
2012-12-26 05:57:06 +00:00
offset + = ( int ) sizeof ( td7hdr . packet_size ) ;
2010-05-10 15:54:57 +00:00
td7hdr . client_version = tvb_get_ntohl ( tvb , offset ) ;
proto_tree_add_uint ( header_tree , hf_tds7_client_version , tvb , offset , sizeof ( td7hdr . client_version ) , td7hdr . client_version ) ;
2012-12-26 05:57:06 +00:00
offset + = ( int ) sizeof ( td7hdr . client_version ) ;
2010-05-10 15:54:57 +00:00
td7hdr . client_pid = tvb_get_letohl ( tvb , offset ) ;
proto_tree_add_uint ( header_tree , hf_tds7_client_pid , tvb , offset , sizeof ( td7hdr . client_pid ) , td7hdr . client_pid ) ;
2012-12-26 05:57:06 +00:00
offset + = ( int ) sizeof ( td7hdr . client_pid ) ;
2010-05-10 15:54:57 +00:00
td7hdr . connection_id = tvb_get_letohl ( tvb , offset ) ;
proto_tree_add_uint ( header_tree , hf_tds7_connection_id , tvb , offset , sizeof ( td7hdr . connection_id ) , td7hdr . connection_id ) ;
2012-12-26 05:57:06 +00:00
offset + = ( int ) sizeof ( td7hdr . connection_id ) ;
2010-05-10 15:54:57 +00:00
td7hdr . option_flags1 = tvb_get_guint8 ( tvb , offset ) ;
proto_tree_add_uint ( header_tree , hf_tds7_option_flags1 , tvb , offset , sizeof ( td7hdr . option_flags1 ) , td7hdr . option_flags1 ) ;
2012-12-26 05:57:06 +00:00
offset + = ( int ) sizeof ( td7hdr . option_flags1 ) ;
2010-05-10 15:54:57 +00:00
td7hdr . option_flags2 = tvb_get_guint8 ( tvb , offset ) ;
proto_tree_add_uint ( header_tree , hf_tds7_option_flags2 , tvb , offset , sizeof ( td7hdr . option_flags2 ) , td7hdr . option_flags2 ) ;
2012-12-26 05:57:06 +00:00
offset + = ( int ) sizeof ( td7hdr . option_flags2 ) ;
2010-05-10 15:54:57 +00:00
td7hdr . sql_type_flags = tvb_get_guint8 ( tvb , offset ) ;
proto_tree_add_uint ( header_tree , hf_tds7_sql_type_flags , tvb , offset , sizeof ( td7hdr . sql_type_flags ) , td7hdr . sql_type_flags ) ;
2012-12-26 05:57:06 +00:00
offset + = ( int ) sizeof ( td7hdr . sql_type_flags ) ;
2010-05-10 15:54:57 +00:00
td7hdr . reserved_flags = tvb_get_guint8 ( tvb , offset ) ;
proto_tree_add_uint ( header_tree , hf_tds7_reserved_flags , tvb , offset , sizeof ( td7hdr . reserved_flags ) , td7hdr . reserved_flags ) ;
2012-12-26 05:57:06 +00:00
offset + = ( int ) sizeof ( td7hdr . reserved_flags ) ;
2010-05-10 15:54:57 +00:00
td7hdr . time_zone = tvb_get_ntohl ( tvb , offset ) ;
proto_tree_add_uint ( header_tree , hf_tds7_time_zone , tvb , offset , sizeof ( td7hdr . time_zone ) , td7hdr . time_zone ) ;
2012-12-26 05:57:06 +00:00
offset + = ( int ) sizeof ( td7hdr . time_zone ) ;
2010-05-10 15:54:57 +00:00
td7hdr . collation = tvb_get_ntohl ( tvb , offset ) ;
proto_tree_add_uint ( header_tree , hf_tds7_collation , tvb , offset , sizeof ( td7hdr . collation ) , td7hdr . collation ) ;
2012-12-26 05:57:06 +00:00
offset + = ( int ) sizeof ( td7hdr . collation ) ;
2010-05-10 15:54:57 +00:00
2014-07-06 23:32:03 +00:00
length_tree = proto_tree_add_subtree ( login_tree , tvb , offset , 50 , ett_tds7_hdr , NULL , " Lengths and offsets " ) ;
2010-05-10 15:54:57 +00:00
for ( i = 0 ; i < 9 ; i + + ) {
offset2 = tvb_get_letohs ( tvb , offset + i * 4 ) ;
len = tvb_get_letohs ( tvb , offset + i * 4 + 2 ) ;
2014-10-17 14:11:22 +00:00
proto_tree_add_uint_format ( length_tree , hf_tds_login_offset , tvb , offset + i * 4 , 2 ,
offset2 , " %s offset: %u " ,
2012-08-10 22:55:02 +00:00
val_to_str_const ( i , login_field_names , " Unknown " ) ,
2010-05-10 15:54:57 +00:00
offset2 ) ;
2014-10-17 14:11:22 +00:00
proto_tree_add_uint_format ( length_tree , hf_tds_login_length , tvb , offset + i * 4 + 2 , 2 ,
len , " %s length: %u " ,
2012-08-10 22:55:02 +00:00
val_to_str_const ( i , login_field_names , " Unknown " ) ,
2010-05-10 15:54:57 +00:00
len ) ;
if ( len ! = 0 ) {
if ( i ! = 2 ) {
/* tds 7 is always unicode */
len * = 2 ;
2013-12-16 22:39:41 +00:00
val = tvb_get_string_enc ( wmem_packet_scope ( ) , tvb , offset2 , len , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2014-10-17 14:11:22 +00:00
proto_tree_add_string_format ( login_tree , hf_tds_login_password , tvb , offset2 , len , val ,
" %s: %s " , val_to_str_const ( i , login_field_names , " Unknown " ) , val ) ;
2010-05-10 15:54:57 +00:00
} else {
/* This field is the password. We retrieve it from the packet
* as a non - unicode string and then perform two operations on it
* to " decrypt " it . Finally , we create a new string that consists
* of ASCII characters instead of unicode by skipping every other
* byte in the original string .
*/
len * = 2 ;
2014-06-17 15:30:58 +00:00
val = ( gchar * ) tvb_get_string_enc ( wmem_packet_scope ( ) , tvb , offset2 , len , ENC_ASCII ) ;
2013-09-12 16:15:54 +00:00
val2 = ( char * ) wmem_alloc ( wmem_packet_scope ( ) , len / 2 + 1 ) ;
2010-05-10 15:54:57 +00:00
for ( j = 0 , k = 0 ; j < len ; j + = 2 , k + + ) {
val [ j ] ^ = 0xA5 ;
/* Swap the most and least significant bits */
val [ j ] = ( ( val [ j ] & 0x0F ) < < 4 ) | ( ( val [ j ] & 0xF0 ) > > 4 ) ;
val2 [ k ] = val [ j ] ;
}
val2 [ k ] = ' \0 ' ; /* Null terminate our new string */
2014-10-17 14:11:22 +00:00
proto_tree_add_string_format ( login_tree , hf_tds_login_password , tvb , offset2 , len , val2 ,
" %s: %s " , val_to_str_const ( i , login_field_names , " Unknown " ) , val2 ) ;
2010-05-10 15:54:57 +00:00
}
}
}
/*
* XXX - what about the client MAC address , etc . ?
*/
length_remaining = tvb_reported_length_remaining ( tvb , offset2 + len ) ;
if ( length_remaining > 0 ) {
dissect_tds_nt ( tvb , pinfo , login_tree , offset2 + len ,
length_remaining ) ;
}
2002-09-28 16:04:03 +00:00
}
2010-10-10 20:07:06 +00:00
static int
get_size_by_coltype ( int servertype )
2002-08-19 21:33:29 +00:00
{
2010-05-10 15:54:57 +00:00
switch ( servertype )
{
case SYBINT1 : return 1 ;
case SYBINT2 : return 2 ;
case SYBINT4 : return 4 ;
case SYBINT8 : return 8 ;
case SYBREAL : return 4 ;
case SYBFLT8 : return 8 ;
case SYBDATETIME : return 8 ;
case SYBDATETIME4 : return 4 ;
case SYBBIT : return 1 ;
case SYBBITN : return 1 ;
case SYBMONEY : return 8 ;
case SYBMONEY4 : return 4 ;
case SYBUNIQUE : return 16 ;
default : return - 1 ;
}
2002-08-19 21:33:29 +00:00
}
# if 0
/*
2002-08-28 21:04:11 +00:00
* data_to_string should take column data and turn it into something we can
2002-08-19 21:33:29 +00:00
* display on the tree .
*/
static char * data_to_string ( void * data , guint col_type , guint col_size )
{
2010-05-10 15:54:57 +00:00
char * result ;
guint i ;
2013-09-12 16:15:54 +00:00
result = wmem_alloc ( wmem_packet_scope ( ) , 256 ) ;
2010-05-10 15:54:57 +00:00
switch ( col_type ) {
case SYBVARCHAR :
/* strncpy(result, (char *)data, col_size); */
for ( i = 0 ; i < col_size & & i < ( 256 - 1 ) ; i + + )
2013-12-21 15:01:45 +00:00
if ( ! g_ascii_isprint ( ( ( char * ) data ) [ i ] ) ) result [ i ] = ' . ' ;
2010-05-10 15:54:57 +00:00
else result [ i ] = ( ( char * ) data ) [ i ] ;
result [ i ] = ' \0 ' ;
break ;
case SYBINT2 :
g_snprintf ( result , 256 , " %d " , * ( short * ) data ) ;
break ;
case SYBINT4 :
g_snprintf ( result , 256 , " %d " , * ( int * ) data ) ;
break ;
default :
g_snprintf ( result , 256 , " Unexpected column_type %d " , col_type ) ;
break ;
}
return result ;
2002-08-19 21:33:29 +00:00
}
# endif
/*
* Since rows are special PDUs in that they are not fixed and lack a size field ,
2002-08-28 21:04:11 +00:00
* the length must be computed using the column information seen in the result
2002-08-19 21:33:29 +00:00
* PDU . This function does just that .
*/
2009-03-22 20:55:31 +00:00
static guint
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
tds_get_row_size ( tvbuff_t * tvb , struct _netlib_data * nl_data , guint offset )
2002-08-19 21:33:29 +00:00
{
2010-05-10 15:54:57 +00:00
guint cur , i , csize ;
cur = offset ;
for ( i = 0 ; i < nl_data - > num_cols ; i + + ) {
if ( ! is_fixed_coltype ( nl_data - > columns [ i ] - > ctype ) ) {
csize = tvb_get_guint8 ( tvb , cur ) ;
cur + + ;
} else
csize = get_size_by_coltype ( nl_data - > columns [ i ] - > ctype ) ;
cur + = csize ;
}
return ( cur - offset + 1 ) ;
2002-08-19 21:33:29 +00:00
}
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
2004-11-21 22:03:33 +00:00
/*
2006-01-09 17:44:02 +00:00
* Process TDS 4 " COL_INFO " token and store relevant information in the
2004-11-21 22:03:33 +00:00
* _netlib_data structure for later use ( see tds_get_row_size )
2006-01-09 17:44:02 +00:00
*
2004-11-21 22:03:33 +00:00
* XXX Can TDS 4 be " big-endian " ? we ' ll assume yes .
*
*/
static gboolean
dissect_tds_col_info_token ( tvbuff_t * tvb , struct _netlib_data * nl_data , guint offset )
{
guint next , cur ;
guint col ;
next = offset + tds_tvb_get_xxtohs ( tvb , offset + 1 , tds_little_endian ) + 3 ;
cur = offset + 3 ;
col = 0 ;
while ( cur < next ) {
if ( col > = MAX_COLUMNS ) {
nl_data - > num_cols = 0 ;
return FALSE ;
}
2006-01-09 17:44:02 +00:00
2013-09-12 16:31:30 +00:00
nl_data - > columns [ col ] = wmem_new ( wmem_packet_scope ( ) , struct _tds_col ) ;
2004-11-21 22:03:33 +00:00
2006-01-09 17:44:02 +00:00
nl_data - > columns [ col ] - > name [ 0 ] = ' \0 ' ;
2004-11-21 22:03:33 +00:00
nl_data - > columns [ col ] - > utype = tds_tvb_get_xxtohs ( tvb , cur , tds_little_endian ) ;
cur + = 2 ;
cur + = 2 ; /* unknown */
nl_data - > columns [ col ] - > ctype = tvb_get_guint8 ( tvb , cur ) ;
cur + + ;
if ( ! is_fixed_coltype ( nl_data - > columns [ col ] - > ctype ) ) {
nl_data - > columns [ col ] - > csize = tvb_get_guint8 ( tvb , cur ) ;
cur + + ;
} else {
nl_data - > columns [ col ] - > csize =
get_size_by_coltype ( nl_data - > columns [ col ] - > ctype ) ;
}
col + = 1 ;
} /* while */
nl_data - > num_cols = col ;
return TRUE ;
}
2002-08-28 21:04:11 +00:00
/*
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
* Read the results token and store the relevant information in the
* _netlib_data structure for later use ( see tds_get_row_size ) .
2004-11-21 22:03:33 +00:00
*
* TODO : check we don ' t go past end of the token
2002-08-19 21:33:29 +00:00
*/
static gboolean
2004-12-25 13:49:30 +00:00
read_results_tds5 ( tvbuff_t * tvb , struct _netlib_data * nl_data , guint offset , guint len _U_ )
2002-08-19 21:33:29 +00:00
{
2010-05-10 15:54:57 +00:00
guint name_len ;
guint cur ;
guint i ;
cur = offset ;
/*
* This would be the logical place to check for little / big endianess
* if we didn ' t see the login packet .
* XXX : We ' ll take a hint
*/
nl_data - > num_cols = tds_tvb_get_xxtohs ( tvb , cur , tds_little_endian ) ;
if ( nl_data - > num_cols > MAX_COLUMNS ) {
nl_data - > num_cols = 0 ;
return FALSE ;
}
cur + = 2 ;
for ( i = 0 ; i < nl_data - > num_cols ; i + + ) {
2013-09-12 16:31:30 +00:00
nl_data - > columns [ i ] = wmem_new ( wmem_packet_scope ( ) , struct _tds_col ) ;
2010-05-10 15:54:57 +00:00
name_len = tvb_get_guint8 ( tvb , cur ) ;
cur + + ;
cur + = name_len ;
cur + + ; /* unknown */
nl_data - > columns [ i ] - > utype = tds_tvb_get_xxtohs ( tvb , cur , tds_little_endian ) ;
cur + = 2 ;
cur + = 2 ; /* unknown */
nl_data - > columns [ i ] - > ctype = tvb_get_guint8 ( tvb , cur ) ;
cur + + ;
if ( ! is_fixed_coltype ( nl_data - > columns [ i ] - > ctype ) ) {
nl_data - > columns [ i ] - > csize = tvb_get_guint8 ( tvb , cur ) ;
cur + + ;
} else {
nl_data - > columns [ i ] - > csize =
get_size_by_coltype ( nl_data - > columns [ i ] - > ctype ) ;
}
cur + + ; /* unknown */
}
return TRUE ;
2002-08-19 21:33:29 +00:00
}
/*
* If the packet type from the netlib header is a login packet , then dig into
* the packet to see if this is a supported TDS version and verify the otherwise
* weak heuristics of the netlib check .
*/
static gboolean
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
netlib_check_login_pkt ( tvbuff_t * tvb , guint offset , packet_info * pinfo , guint8 type )
2002-08-19 21:33:29 +00:00
{
2010-05-10 15:54:57 +00:00
guint tds_major , bytes_avail ;
2014-06-19 17:18:16 +00:00
bytes_avail = tvb_length ( tvb ) - offset ;
2010-05-10 15:54:57 +00:00
/*
* we have two login packet styles , one for TDS 4.2 and 5.0
*/
if ( type = = TDS_LOGIN_PKT ) {
/* Use major version number to validate TDS 4/5 login
* packet */
/* Login packet is first in stream and should not be fragmented...
* if it is we are screwed */
if ( bytes_avail < 467 ) return FALSE ;
tds_major = tvb_get_guint8 ( tvb , 466 ) ;
if ( tds_major ! = 4 & & tds_major ! = 5 ) {
return FALSE ;
}
/*
* and one added by Microsoft in SQL Server 7
*/
} else if ( type = = TDS_LOGIN7_PKT ) {
if ( bytes_avail < 16 ) return FALSE ;
tds_major = tvb_get_guint8 ( tvb , 15 ) ;
if ( tds_major ! = 0x70 & & tds_major ! = 0x80 ) {
return FALSE ;
}
} else if ( type = = TDS_QUERY5_PKT ) {
if ( bytes_avail < 9 ) return FALSE ;
/* if this is a TDS 5.0 query check the token */
if ( tvb_get_guint8 ( tvb , 8 ) ! = TDS_LANG_TOKEN ) {
return FALSE ;
}
}
/*
* See if either tcp . destport or tcp . srcport is specified
* in the preferences as being a TDS port .
*/
else if ( ! value_is_in_range ( tds_tcp_ports , pinfo - > srcport ) & &
! value_is_in_range ( tds_tcp_ports , pinfo - > destport ) ) {
return FALSE ;
}
return TRUE ;
2002-08-19 21:33:29 +00:00
}
2002-08-28 21:04:11 +00:00
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
static void
dissect_tds_env_chg ( tvbuff_t * tvb , guint offset , guint token_sz ,
2010-05-10 15:54:57 +00:00
proto_tree * tree )
2002-08-19 21:33:29 +00:00
{
2010-05-10 15:54:57 +00:00
guint8 env_type ;
guint old_len , new_len , old_len_offset ;
guint32 string_offset ;
gboolean is_unicode = FALSE ;
env_type = tvb_get_guint8 ( tvb , offset ) ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_env_chg_type , tvb , offset , 1 , ENC_NA ) ;
2010-05-10 15:54:57 +00:00
new_len = tvb_get_guint8 ( tvb , offset + 1 ) ;
old_len_offset = offset + new_len + 2 ;
old_len = tvb_get_guint8 ( tvb , old_len_offset ) ;
/*
* If our lengths plus the lengths of the type and the lengths
* don ' t add up to the token size , it must be UCS2 .
*/
if ( old_len + new_len + 3 ! = token_sz ) {
is_unicode = TRUE ;
old_len_offset = offset + ( new_len * 2 ) + 2 ;
old_len = tvb_get_guint8 ( tvb , old_len_offset ) ;
}
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_new_value_length , tvb , offset + 1 , 1 , ENC_NA ) ;
2010-05-10 15:54:57 +00:00
if ( new_len ) {
if ( env_type ! = 7 ) { /* if it's not 'Collation Info - which is not textual! */
string_offset = offset + 2 ;
if ( is_unicode = = TRUE ) {
2012-03-31 20:57:15 +00:00
new_len * = 2 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_new_value , tvb , string_offset , new_len , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
} else
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_new_value , tvb , string_offset , new_len , ENC_ASCII | ENC_NA ) ;
2010-05-10 15:54:57 +00:00
}
else { /* parse collation info structure. From http://www.freetds.org/tds.html#collate */
offset + = 2 ;
2013-05-21 12:55:55 +00:00
proto_tree_add_item ( tree , hf_tds_collate_codepage , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 2 ;
2013-05-21 12:55:55 +00:00
proto_tree_add_item ( tree , hf_tds_collate_flags , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 2 ;
2013-05-21 12:55:55 +00:00
proto_tree_add_item ( tree , hf_tds_collate_charset_id , tvb , offset , 1 , ENC_LITTLE_ENDIAN ) ;
2013-03-17 19:23:35 +00:00
/*offset +=1;*/
2010-05-10 15:54:57 +00:00
}
}
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_old_value_length , tvb , old_len_offset , 1 , ENC_NA ) ;
2010-05-10 15:54:57 +00:00
if ( old_len ) {
string_offset = old_len_offset + 1 ;
if ( is_unicode = = TRUE ) {
2012-03-31 20:57:15 +00:00
old_len * = 2 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_old_value , tvb , string_offset , old_len , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
} else
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_old_value , tvb , string_offset , old_len , ENC_ASCII | ENC_NA ) ;
2010-05-10 15:54:57 +00:00
}
2002-08-19 21:33:29 +00:00
}
2004-01-05 00:55:42 +00:00
static void
2012-08-27 11:47:37 +00:00
dissect_tds_err_token ( tvbuff_t * tvb , guint offset , guint token_sz _U_ , proto_tree * tree , tds_conv_info_t * tds_info )
2004-01-05 00:55:42 +00:00
{
2010-05-10 15:54:57 +00:00
guint16 msg_len ;
guint8 srvr_len , proc_len ;
2014-10-17 14:11:22 +00:00
int encoding = tds_little_endian ? ENC_LITTLE_ENDIAN : ENC_BIG_ENDIAN ;
2010-05-10 15:54:57 +00:00
gboolean is_unicode = FALSE ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_sql_error_number , tvb , offset , 4 , encoding ) ;
2010-05-10 15:54:57 +00:00
offset + = 4 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_state , tvb , offset , 1 , ENC_NA ) ;
2010-05-10 15:54:57 +00:00
offset + = 1 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_severity_level , tvb , offset , 1 , ENC_NA ) ;
2010-05-10 15:54:57 +00:00
offset + = 1 ;
msg_len = tds_tvb_get_xxtohs ( tvb , offset , tds_little_endian ) ;
2014-10-17 14:11:22 +00:00
proto_tree_add_uint_format_value ( tree , hf_tds_error_message_length , tvb , offset , 2 , msg_len , " %u characters " , msg_len ) ;
2010-05-10 15:54:57 +00:00
offset + = 2 ;
if ( tvb_get_guint8 ( tvb , offset + 1 ) = = 0 ) /* FIXME: It's probably unicode, if the 2nd byte of the message is zero. It's not a good detection method, but it works */
is_unicode = TRUE ;
if ( is_unicode ) {
msg_len * = 2 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_error , tvb , offset , msg_len , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
} else {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_error , tvb , offset , msg_len , ENC_ASCII | ENC_NA ) ; ;
2010-05-10 15:54:57 +00:00
}
offset + = msg_len ;
srvr_len = tvb_get_guint8 ( tvb , offset ) ;
2014-10-17 14:11:22 +00:00
proto_tree_add_uint_format_value ( tree , hf_tds_server_name_length , tvb , offset , 1 , srvr_len , " %u characters " , srvr_len ) ;
2010-05-10 15:54:57 +00:00
offset + = 1 ;
if ( srvr_len ) {
if ( is_unicode ) {
srvr_len * = 2 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_server_name , tvb , offset , srvr_len , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
} else {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_server_name , tvb , offset , srvr_len , ENC_ASCII | ENC_NA ) ;
2010-05-10 15:54:57 +00:00
}
offset + = srvr_len ;
}
proc_len = tvb_get_guint8 ( tvb , offset ) ;
2014-10-17 14:11:22 +00:00
proto_tree_add_uint_format_value ( tree , hf_tds_process_name_length , tvb , offset , 1 , proc_len , " %u characters " , proc_len ) ;
2010-05-10 15:54:57 +00:00
offset + = 1 ;
if ( proc_len ) {
if ( is_unicode ) {
proc_len * = 2 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_process_name , tvb , offset , proc_len , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
} else {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_process_name , tvb , offset , proc_len , ENC_ASCII | ENC_NA ) ;
2010-05-10 15:54:57 +00:00
}
offset + = proc_len ;
}
2012-08-27 11:47:37 +00:00
if ( TDS_PROTO_TDS7_2_OR_GREATER ) {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_line_number32 , tvb , offset , 4 , encoding ) ;
2012-08-27 11:47:37 +00:00
} else {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_line_number16 , tvb , offset , 2 , encoding ) ;
2012-08-27 11:47:37 +00:00
}
2004-01-05 00:55:42 +00:00
}
2013-03-17 19:23:35 +00:00
static int
2014-10-17 14:11:22 +00:00
dissect_tds_login_ack_token ( tvbuff_t * tvb , packet_info * pinfo , guint offset , guint token_sz , proto_tree * tree , tds_conv_info_t * tds_info )
2004-02-01 21:33:12 +00:00
{
2010-05-10 15:54:57 +00:00
guint8 msg_len ;
2012-08-27 11:47:37 +00:00
guint32 tds_version ;
2010-05-10 15:54:57 +00:00
gboolean is_unicode = FALSE ;
2014-10-17 14:11:22 +00:00
proto_item * ti ;
2010-05-10 15:54:57 +00:00
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_ack , tvb , offset , 1 , ENC_NA ) ;
2010-05-10 15:54:57 +00:00
offset + = 1 ;
2012-08-27 11:47:37 +00:00
tds_version = tvb_get_ntohl ( tvb , offset ) ;
switch ( tds_version ) {
case 0x07000000 :
tds_info - > tds7_version = TDS_PROTOCOL_7_0 ;
break ;
case 0x07010000 :
case 0x71000001 :
tds_info - > tds7_version = TDS_PROTOCOL_7_1 ;
break ;
case 0x72090002 :
tds_info - > tds7_version = TDS_PROTOCOL_7_2 ;
break ;
case 0x730A0003 :
case 0x730B0003 :
default :
tds_info - > tds7_version = TDS_PROTOCOL_7_3 ;
break ;
}
proto_tree_add_uint ( tree , hf_tds7_loginack_version , tvb , offset , 4 , tds_version ) ;
offset + = 4 ;
2010-05-10 15:54:57 +00:00
msg_len = tvb_get_guint8 ( tvb , offset ) ;
2014-10-17 14:11:22 +00:00
ti = proto_tree_add_uint_format_value ( tree , hf_tds_text_length , tvb , offset , 1 , msg_len , " %u characters " , msg_len ) ;
2010-05-10 15:54:57 +00:00
offset + = 1 ;
if ( msg_len + 6U + 3U ! = token_sz - 1 ) /* 6 is the length of ack(1), version (4), text length (1) fields */
is_unicode = TRUE ;
2014-10-17 14:11:22 +00:00
expert_add_info_format ( pinfo , ti , & ei_tds_token_stats , " msg_len: %d, token_sz: %d, total: %d " , msg_len , token_sz , msg_len + 6U + 3U ) ;
2010-05-10 15:54:57 +00:00
if ( is_unicode ) {
msg_len * = 2 ;
2013-12-16 22:39:41 +00:00
proto_tree_add_item ( tree , hf_tds_text , tvb , offset , msg_len , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
} else {
2013-12-16 22:39:41 +00:00
proto_tree_add_item ( tree , hf_tds_text , tvb , offset , msg_len , ENC_ASCII | ENC_NA ) ;
2010-05-10 15:54:57 +00:00
}
offset + = msg_len ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_server_version , tvb , offset , 4 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 4 ;
2013-03-17 19:23:35 +00:00
return offset ;
2004-02-01 21:33:12 +00:00
}
2006-01-09 17:44:02 +00:00
static int
2012-08-27 11:47:37 +00:00
dissect_tds7_results_token ( tvbuff_t * tvb , guint offset , proto_tree * tree , tds_conv_info_t * tds_info )
2004-02-01 21:33:12 +00:00
{
2010-05-10 15:54:57 +00:00
guint16 num_columns , table_len ;
guint8 type , msg_len ;
int i ;
2014-10-17 14:11:22 +00:00
proto_tree * col_tree ;
2010-05-10 15:54:57 +00:00
num_columns = tvb_get_letohs ( tvb , offset ) ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_columns , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 2 ;
for ( i = 0 ; i ! = num_columns ; i + + ) {
2014-10-17 14:11:22 +00:00
col_tree = proto_tree_add_subtree_format ( tree , tvb , offset , 0 , ett_tds_col , NULL , " Column %d " , i + 1 ) ;
2012-08-27 11:47:37 +00:00
if ( TDS_PROTO_TDS7_2_OR_GREATER ) {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_usertype32 , tvb , offset , 4 , ENC_LITTLE_ENDIAN ) ;
2012-08-27 11:47:37 +00:00
offset + = 4 ;
} else {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_usertype16 , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2012-08-27 11:47:37 +00:00
offset + = 2 ;
}
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_results_token_flags , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 2 ;
type = tvb_get_guint8 ( tvb , offset ) ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_results_token_type , tvb , offset , 1 , ENC_NA ) ;
2010-05-10 15:54:57 +00:00
offset + = 1 ;
if ( type = = 38 | | type = = 104 | | type = = 109 | | type = = 111 ) { /* ugly, ugly hack. Wish I knew what it really means!*/
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_unknown_bytes_1 , tvb , offset , 1 , ENC_NA ) ;
2010-05-10 15:54:57 +00:00
offset + = 1 ;
}
else if ( type = = 35 ) {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_unknown_bytes_4 , tvb , offset , 4 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 4 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_collate_codepage , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 2 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_collate_flags , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 2 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_collate_charset_id , tvb , offset , 1 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 1 ;
table_len = tvb_get_letohs ( tvb , offset ) ;
offset + = 2 ;
if ( table_len ! = 0 ) {
2012-03-31 20:57:15 +00:00
table_len * = 2 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_table_name , tvb , offset , table_len , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2012-03-31 20:57:15 +00:00
offset + = table_len ;
2010-05-10 15:54:57 +00:00
}
}
else if ( type = = 106 | | type = = 108 ) {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_unknown_bytes_3 , tvb , offset , 3 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 3 ;
}
else if ( type > 128 ) {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_large_type_size , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 2 ;
if ( type ! = 165 ) {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_collate_codepage , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 2 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_collate_flags , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 2 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_collate_charset_id , tvb , offset , 1 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 1 ;
}
}
msg_len = tvb_get_guint8 ( tvb , offset ) ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_message_length , tvb , offset , 1 , ENC_NA ) ;
2010-05-10 15:54:57 +00:00
offset + = 1 ;
if ( msg_len ! = 0 ) {
2012-03-31 20:57:15 +00:00
msg_len * = 2 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( col_tree , hf_tds_text , tvb , offset , msg_len , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2012-03-31 20:57:15 +00:00
offset + = msg_len ;
2010-05-10 15:54:57 +00:00
}
}
return offset ;
2004-02-01 21:33:12 +00:00
}
2004-01-05 00:55:42 +00:00
static void
2012-08-27 11:47:37 +00:00
dissect_tds_done_token ( tvbuff_t * tvb , guint offset , proto_tree * tree , tds_conv_info_t * tds_info )
2004-01-05 00:55:42 +00:00
{
2014-10-17 14:11:22 +00:00
int encoding = tds_little_endian ? ENC_LITTLE_ENDIAN : ENC_BIG_ENDIAN ;
proto_tree_add_item ( tree , hf_tds_done_token_status_flags , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 2 ;
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_operation , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 2 ;
2012-09-07 02:09:59 +00:00
if ( TDS_PROTO_TDS7_2_OR_GREATER ) {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_row_count64 , tvb , offset , 8 , encoding ) ;
2012-08-27 11:47:37 +00:00
} else {
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tree , hf_tds_row_count32 , tvb , offset , 4 , encoding ) ;
2012-08-27 11:47:37 +00:00
}
2004-01-05 00:55:42 +00:00
}
2010-11-22 18:48:54 +00:00
static guint8
dissect_tds_type_info ( tvbuff_t * tvb , guint * offset , packet_info * pinfo , proto_tree * tree , gboolean * plp )
{
proto_item * item = NULL , * item1 = NULL , * data_type_item = NULL ;
proto_tree * sub_tree = NULL , * collation_tree ;
guint32 varlen , varlen_len = 0 ;
guint8 data_type ;
* plp = FALSE ; /* most types are not Partially Length-Prefixed */
2011-10-04 22:44:31 +00:00
item = proto_tree_add_item ( tree , hf_tds_type_info , tvb , * offset , 0 , ENC_NA ) ;
2010-11-22 18:48:54 +00:00
data_type = tvb_get_guint8 ( tvb , * offset ) ;
proto_item_append_text ( item , " (%s) " , val_to_str ( data_type , tds_data_type_names , " Invalid data type: %02X " ) ) ;
sub_tree = proto_item_add_subtree ( item , ett_tds_type_info ) ;
2011-10-06 03:35:44 +00:00
data_type_item = proto_tree_add_item ( sub_tree , hf_tds_type_info_type , tvb , * offset , 1 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
* offset + = 1 ;
/* optional TYPE_VARLEN for variable length types */
switch ( data_type ) {
/* FIXEDLENTYPE */
case TDS_DATA_TYPE_NULL : /* Null (no data associated with this type) */
case TDS_DATA_TYPE_INT1 : /* TinyInt (1 byte data representation) */
case TDS_DATA_TYPE_BIT : /* Bit (1 byte data representation) */
case TDS_DATA_TYPE_INT2 : /* SmallInt (2 byte data representation) */
case TDS_DATA_TYPE_INT4 : /* Int (4 byte data representation) */
case TDS_DATA_TYPE_FLT4 : /* Real (4 byte data representation) */
case TDS_DATA_TYPE_DATETIM4 : /* SmallDateTime (4 byte data representation) */
case TDS_DATA_TYPE_MONEY4 : /* SmallMoney (4 byte data representation) */
case TDS_DATA_TYPE_INT8 : /* BigInt (8 byte data representation) */
case TDS_DATA_TYPE_FLT8 : /* Float (8 byte data representation) */
case TDS_DATA_TYPE_MONEY : /* Money (8 byte data representation) */
case TDS_DATA_TYPE_DATETIME : /* DateTime (8 byte data representation) */
/* BYTELEN_TYPE with length determined by SCALE */
case TDS_DATA_TYPE_TIMEN : /* (introduced in TDS 7.3) */
case TDS_DATA_TYPE_DATETIME2N : /* (introduced in TDS 7.3) */
case TDS_DATA_TYPE_DATETIMEOFFSETN : /* (introduced in TDS 7.3) */
varlen_len = 0 ;
break ;
/* BYTELEN_TYPE */
case TDS_DATA_TYPE_GUID : /* UniqueIdentifier */
case TDS_DATA_TYPE_INTN :
case TDS_DATA_TYPE_DECIMAL : /* Decimal (legacy support) */
case TDS_DATA_TYPE_NUMERIC : /* Numeric (legacy support) */
case TDS_DATA_TYPE_BITN :
case TDS_DATA_TYPE_DECIMALN : /* Decimal */
case TDS_DATA_TYPE_NUMERICN : /* Numeric */
case TDS_DATA_TYPE_FLTN :
case TDS_DATA_TYPE_MONEYN :
case TDS_DATA_TYPE_DATETIMN :
case TDS_DATA_TYPE_DATEN : /* (introduced in TDS 7.3) */
case TDS_DATA_TYPE_CHAR : /* Char (legacy support) */
case TDS_DATA_TYPE_VARCHAR : /* VarChar (legacy support) */
case TDS_DATA_TYPE_BINARY : /* Binary (legacy support) */
case TDS_DATA_TYPE_VARBINARY : /* VarBinary (legacy support) */
varlen_len = 1 ;
varlen = tvb_get_guint8 ( tvb , * offset ) ;
break ;
/* USHORTLEN_TYPE */
case TDS_DATA_TYPE_BIGVARCHR : /* VarChar */
case TDS_DATA_TYPE_BIGVARBIN : /* VarBinary */
case TDS_DATA_TYPE_NVARCHAR : /* NVarChar */
varlen_len = 2 ;
varlen = tvb_get_letohs ( tvb , * offset ) ;
/* A type with unlimited max size, known as varchar(max), varbinary(max) and nvarchar(max),
which has a max size of 0xFFFF , defined by PARTLENTYPE . This class of types was introduced in TDS 7.2 . */
if ( varlen = = 0xFFFF )
* plp = TRUE ;
break ;
case TDS_DATA_TYPE_BIGBINARY : /* Binary */
case TDS_DATA_TYPE_BIGCHAR : /* Char */
case TDS_DATA_TYPE_NCHAR : /* NChar */
varlen_len = 2 ;
varlen = tvb_get_letohs ( tvb , * offset ) ;
break ;
/* LONGLEN_TYPE */
case TDS_DATA_TYPE_XML : /* XML (introduced in TDS 7.2) */
case TDS_DATA_TYPE_UDT : /* CLR-UDT (introduced in TDS 7.2) */
* plp = TRUE ;
2014-12-22 19:17:46 +00:00
/* Fall through */
2010-11-22 18:48:54 +00:00
case TDS_DATA_TYPE_TEXT : /* Text */
case TDS_DATA_TYPE_IMAGE : /* Image */
case TDS_DATA_TYPE_NTEXT : /* NText */
case TDS_DATA_TYPE_SSVARIANT : /* Sql_Variant (introduced in TDS 7.2) */
varlen_len = 4 ;
varlen = tvb_get_letohl ( tvb , * offset ) ;
break ;
default :
2013-08-23 03:17:34 +00:00
expert_add_info ( pinfo , data_type_item , & ei_tds_type_info_type ) ;
2010-11-23 15:27:18 +00:00
THROW ( ReportedBoundsError ) ; /* No point in continuing */
2010-11-22 18:48:54 +00:00
}
2010-11-23 15:27:18 +00:00
2010-11-22 18:48:54 +00:00
if ( varlen_len )
item1 = proto_tree_add_uint ( sub_tree , hf_tds_type_info_varlen , tvb , * offset , varlen_len , varlen ) ;
if ( * plp )
proto_item_append_text ( item1 , " (PLP - Partially Length-Prefixed data type) " ) ;
* offset + = varlen_len ;
/* Optional data dependent on type */
switch ( data_type ) {
/* PRECISION and SCALE */
case TDS_DATA_TYPE_DECIMAL : /* Decimal (legacy support) */
case TDS_DATA_TYPE_NUMERIC : /* Numeric (legacy support) */
case TDS_DATA_TYPE_DECIMALN : /* Decimal */
case TDS_DATA_TYPE_NUMERICN : /* Numeric */
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_info_precision , tvb , * offset , 1 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
* offset + = 1 ;
/* SCALE */
case TDS_DATA_TYPE_TIMEN : /* (introduced in TDS 7.3) */
case TDS_DATA_TYPE_DATETIME2N : /* (introduced in TDS 7.3) */
case TDS_DATA_TYPE_DATETIMEOFFSETN : /* (introduced in TDS 7.3) */
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_info_scale , tvb , * offset , 1 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
* offset + = 1 ;
break ;
/* COLLATION */
case TDS_DATA_TYPE_BIGCHAR : /* Char */
case TDS_DATA_TYPE_BIGVARCHR : /* VarChar */
case TDS_DATA_TYPE_TEXT : /* Text */
case TDS_DATA_TYPE_NTEXT : /* NText */
case TDS_DATA_TYPE_NCHAR : /* NChar */
case TDS_DATA_TYPE_NVARCHAR : /* NVarChar */
2011-10-04 22:44:31 +00:00
item1 = proto_tree_add_item ( sub_tree , hf_tds_type_info_collation , tvb , * offset , 5 , ENC_NA ) ;
2010-11-22 18:48:54 +00:00
collation_tree = proto_item_add_subtree ( item1 , ett_tds_type_info_collation ) ;
2011-10-16 23:38:49 +00:00
proto_tree_add_item ( collation_tree , hf_tds_type_info_collation_lcid , tvb , * offset , 4 , ENC_LITTLE_ENDIAN ) ;
2011-10-10 00:39:31 +00:00
proto_tree_add_item ( collation_tree , hf_tds_type_info_collation_ign_case , tvb , * offset , 4 , ENC_LITTLE_ENDIAN ) ;
proto_tree_add_item ( collation_tree , hf_tds_type_info_collation_ign_accent , tvb , * offset , 4 , ENC_LITTLE_ENDIAN ) ;
proto_tree_add_item ( collation_tree , hf_tds_type_info_collation_ign_kana , tvb , * offset , 4 , ENC_LITTLE_ENDIAN ) ;
proto_tree_add_item ( collation_tree , hf_tds_type_info_collation_ign_width , tvb , * offset , 4 , ENC_LITTLE_ENDIAN ) ;
proto_tree_add_item ( collation_tree , hf_tds_type_info_collation_binary , tvb , * offset , 4 , ENC_LITTLE_ENDIAN ) ;
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( collation_tree , hf_tds_type_info_collation_version , tvb , * offset , 4 , ENC_LITTLE_ENDIAN ) ;
proto_tree_add_item ( collation_tree , hf_tds_type_info_collation_sortid , tvb , * offset + 4 , 1 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
* offset + = 5 ;
break ;
}
proto_item_set_end ( item , tvb , * offset ) ;
return data_type ;
}
static void
dissect_tds_type_varbyte ( tvbuff_t * tvb , guint * offset , packet_info * pinfo , proto_tree * tree , int hf , guint8 data_type , gboolean plp )
{
2013-07-16 01:14:40 +00:00
# define GEN_NULL 0x00U
# define CHARBIN_NULL 0xFFFFU
# define CHARBIN_NULL32 0xFFFFFFFFU
2010-11-22 18:48:54 +00:00
guint32 length ;
proto_tree * sub_tree = NULL ;
proto_item * item = NULL , * length_item = NULL ;
2011-10-23 18:48:50 +00:00
item = proto_tree_add_item ( tree , hf , tvb , * offset , 0 , ENC_NA ) ;
2010-11-22 18:48:54 +00:00
sub_tree = proto_item_add_subtree ( item , ett_tds_type_varbyte ) ;
if ( plp ) {
2013-12-20 22:39:32 +00:00
# define PLP_TERMINATOR G_GUINT64_CONSTANT(0x0000000000000000)
# define UNKNOWN_PLP_LEN G_GUINT64_CONSTANT(0xFFFFFFFFFFFFFFFE)
# define PLP_NULL G_GUINT64_CONSTANT(0xFFFFFFFFFFFFFFFF)
2010-11-22 18:48:54 +00:00
guint64 plp_length = tvb_get_letoh64 ( tvb , * offset ) ;
2011-10-06 03:35:44 +00:00
length_item = proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_plp_len , tvb , * offset , 8 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
* offset + = 8 ;
if ( plp_length = = PLP_NULL )
proto_item_append_text ( length_item , " (PLP_NULL) " ) ;
else {
if ( plp_length = = UNKNOWN_PLP_LEN )
proto_item_append_text ( length_item , " (UNKNOWN_PLP_LEN) " ) ;
while ( TRUE ) {
length = tvb_get_letohl ( tvb , * offset ) ;
2011-10-06 03:35:44 +00:00
length_item = proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_plp_chunk_len , tvb , * offset , 4 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
* offset + = 4 ;
if ( length = = PLP_TERMINATOR ) {
proto_item_append_text ( length_item , " (PLP_TERMINATOR) " ) ;
break ;
}
switch ( data_type ) {
case TDS_DATA_TYPE_BIGVARBIN : /* VarBinary */
2011-10-04 22:44:31 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_bytes , tvb , * offset , length , ENC_NA ) ;
2010-11-22 18:48:54 +00:00
break ;
case TDS_DATA_TYPE_BIGVARCHR : /* VarChar */
2011-10-15 18:46:26 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_string , tvb , * offset , length , ENC_ASCII | ENC_NA ) ;
2010-11-22 18:48:54 +00:00
break ;
case TDS_DATA_TYPE_NVARCHAR : /* NVarChar */
2013-12-16 22:39:41 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_string , tvb , * offset , length , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
break ;
case TDS_DATA_TYPE_XML : /* XML (introduced in TDS 7.2) */
case TDS_DATA_TYPE_UDT : /* CLR-UDT (introduced in TDS 7.2) */
2013-08-23 03:17:34 +00:00
proto_tree_add_expert_format ( sub_tree , pinfo , & ei_tds_type_info_type_undecoded , tvb , * offset , length , " Data type %d not supported yet " , data_type ) ;
2010-11-23 15:27:18 +00:00
/* No point in continuing: we need to parse the full data_type to know where it ends */
THROW ( ReportedBoundsError ) ;
2014-12-22 19:17:46 +00:00
break ;
2010-11-22 18:48:54 +00:00
default :
/* no other data type sets plp = TRUE */
2010-11-23 15:27:18 +00:00
DISSECTOR_ASSERT_NOT_REACHED ( ) ;
2010-11-22 18:48:54 +00:00
}
* offset + = length ;
}
}
}
else switch ( data_type ) {
/* FIXEDLENTYPE */
case TDS_DATA_TYPE_NULL : /* Null (no data associated with this type) */
break ;
case TDS_DATA_TYPE_BIT : /* Bit (1 byte data representation) */
2011-10-10 00:39:31 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_boolean , tvb , * offset , 1 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
* offset + = 1 ;
break ;
case TDS_DATA_TYPE_INT1 : /* TinyInt (1 byte data representation) */
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_int1 , tvb , * offset , 1 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
* offset + = 1 ;
break ;
case TDS_DATA_TYPE_INT2 : /* SmallInt (2 byte data representation) */
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_int2 , tvb , * offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
* offset + = 2 ;
break ;
case TDS_DATA_TYPE_INT4 : /* Int (4 byte data representation) */
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_int4 , tvb , * offset , 4 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
* offset + = 4 ;
break ;
case TDS_DATA_TYPE_INT8 : /* BigInt (8 byte data representation) */
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_int8 , tvb , * offset , 8 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
* offset + = 8 ;
break ;
case TDS_DATA_TYPE_FLT4 : /* Real (4 byte data representation) */
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_float , tvb , * offset , 4 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
* offset + = 4 ;
break ;
case TDS_DATA_TYPE_FLT8 : /* Float (8 byte data representation) */
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_double , tvb , * offset , 8 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
* offset + = 8 ;
break ;
case TDS_DATA_TYPE_MONEY4 : /* SmallMoney (4 byte data representation) */
case TDS_DATA_TYPE_DATETIM4 : /* SmallDateTime (4 byte data representation) */
/*TODO*/
* offset + = 4 ;
break ;
case TDS_DATA_TYPE_MONEY : /* Money (8 byte data representation) */
case TDS_DATA_TYPE_DATETIME : /* DateTime (8 byte data representation) */
/*TODO*/
* offset + = 8 ;
break ;
/* BYTELEN_TYPE - types prefixed with 1-byte length */
case TDS_DATA_TYPE_GUID : /* UniqueIdentifier */
length = tvb_get_guint8 ( tvb , * offset ) ;
length_item = proto_tree_add_uint ( sub_tree , hf_tds_type_varbyte_length , tvb , * offset , 1 , length ) ;
switch ( length ) {
2011-10-04 22:44:31 +00:00
case GEN_NULL : proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_null , tvb , * offset , 0 , ENC_NA ) ; break ;
2011-10-10 00:39:31 +00:00
case 16 : proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_guid , tvb , * offset + 1 , length , ENC_LITTLE_ENDIAN ) ; break ;
2013-08-23 03:17:34 +00:00
default : expert_add_info ( pinfo , length_item , & ei_tds_invalid_length ) ;
2010-11-22 18:48:54 +00:00
}
* offset + = 1 + length ;
break ;
case TDS_DATA_TYPE_BITN :
length = tvb_get_guint8 ( tvb , * offset ) ;
length_item = proto_tree_add_uint ( sub_tree , hf_tds_type_varbyte_length , tvb , * offset , 1 , length ) ;
switch ( length ) {
2011-10-04 22:44:31 +00:00
case GEN_NULL : proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_null , tvb , * offset , 0 , ENC_NA ) ; break ;
2011-10-10 00:39:31 +00:00
case 1 : proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_boolean , tvb , * offset + 1 , 1 , ENC_LITTLE_ENDIAN ) ; break ;
2013-08-23 03:17:34 +00:00
default : expert_add_info ( pinfo , length_item , & ei_tds_invalid_length ) ;
2010-11-22 18:48:54 +00:00
}
* offset + = 1 + length ;
break ;
case TDS_DATA_TYPE_INTN :
length = tvb_get_guint8 ( tvb , * offset ) ;
length_item = proto_tree_add_uint ( sub_tree , hf_tds_type_varbyte_length , tvb , * offset , 1 , length ) ;
switch ( length ) {
2011-10-04 22:44:31 +00:00
case GEN_NULL : proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_null , tvb , * offset , 0 , ENC_NA ) ; break ;
2011-10-06 03:35:44 +00:00
case 1 : proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_int1 , tvb , * offset + 1 , 1 , ENC_LITTLE_ENDIAN ) ; break ;
case 2 : proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_int2 , tvb , * offset + 1 , 2 , ENC_LITTLE_ENDIAN ) ; break ;
case 4 : proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_int4 , tvb , * offset + 1 , 4 , ENC_LITTLE_ENDIAN ) ; break ;
case 8 : proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_int8 , tvb , * offset + 1 , 8 , ENC_LITTLE_ENDIAN ) ; break ;
2013-08-23 03:17:34 +00:00
default : expert_add_info ( pinfo , length_item , & ei_tds_invalid_length ) ;
2010-11-22 18:48:54 +00:00
}
* offset + = 1 + length ;
break ;
case TDS_DATA_TYPE_FLTN :
length = tvb_get_guint8 ( tvb , * offset ) ;
length_item = proto_tree_add_uint ( sub_tree , hf_tds_type_varbyte_length , tvb , * offset , 1 , length ) ;
switch ( length ) {
2011-10-04 22:44:31 +00:00
case GEN_NULL : proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_null , tvb , * offset , 0 , ENC_NA ) ; break ;
2011-10-06 03:35:44 +00:00
case 4 : proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_float , tvb , * offset + 1 , 4 , ENC_LITTLE_ENDIAN ) ; break ;
case 8 : proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_double , tvb , * offset + 1 , 8 , ENC_LITTLE_ENDIAN ) ; break ;
2013-08-23 03:17:34 +00:00
default : expert_add_info ( pinfo , length_item , & ei_tds_invalid_length ) ;
2010-11-22 18:48:54 +00:00
}
* offset + = 1 + length ;
break ;
case TDS_DATA_TYPE_DECIMAL : /* Decimal (legacy support) */
case TDS_DATA_TYPE_NUMERIC : /* Numeric (legacy support) */
case TDS_DATA_TYPE_DECIMALN : /* Decimal */
case TDS_DATA_TYPE_NUMERICN : /* Numeric */
case TDS_DATA_TYPE_MONEYN :
case TDS_DATA_TYPE_DATETIMN :
case TDS_DATA_TYPE_DATEN : /* (introduced in TDS 7.3) */
case TDS_DATA_TYPE_TIMEN : /* (introduced in TDS 7.3) */
case TDS_DATA_TYPE_DATETIME2N : /* (introduced in TDS 7.3) */
case TDS_DATA_TYPE_DATETIMEOFFSETN : /* (introduced in TDS 7.3) */
case TDS_DATA_TYPE_CHAR : /* Char (legacy support) */
case TDS_DATA_TYPE_VARCHAR : /* VarChar (legacy support) */
case TDS_DATA_TYPE_BINARY : /* Binary (legacy support) */
case TDS_DATA_TYPE_VARBINARY : /* VarBinary (legacy support) */
length = tvb_get_guint8 ( tvb , * offset ) ;
proto_tree_add_uint ( sub_tree , hf_tds_type_varbyte_length , tvb , * offset , 1 , length ) ;
* offset + = 1 ;
if ( length > 0 ) {
2011-10-04 22:44:31 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_bytes , tvb , * offset , length , ENC_NA ) ;
2010-11-22 18:48:54 +00:00
* offset + = length ;
}
break ;
/* USHORTLEN_TYPE - types prefixed with 2-byte length */
case TDS_DATA_TYPE_BIGVARBIN : /* VarBinary */
case TDS_DATA_TYPE_BIGBINARY : /* Binary */
case TDS_DATA_TYPE_BIGVARCHR : /* VarChar */
case TDS_DATA_TYPE_BIGCHAR : /* Char */
case TDS_DATA_TYPE_NVARCHAR : /* NVarChar */
case TDS_DATA_TYPE_NCHAR : /* NChar */
length = tvb_get_letohs ( tvb , * offset ) ;
length_item = proto_tree_add_uint ( sub_tree , hf_tds_type_varbyte_length , tvb , * offset , 2 , length ) ;
* offset + = 2 ;
if ( length = = CHARBIN_NULL ) {
proto_item_append_text ( length_item , " (CHARBIN_NULL) " ) ;
2011-10-04 22:44:31 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_null , tvb , * offset , 0 , ENC_NA ) ;
2010-11-22 18:48:54 +00:00
}
else {
switch ( data_type ) {
case TDS_DATA_TYPE_BIGVARBIN : /* VarBinary */
case TDS_DATA_TYPE_BIGBINARY : /* Binary */
2011-10-04 22:44:31 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_bytes , tvb , * offset , length , ENC_NA ) ;
2010-11-22 18:48:54 +00:00
break ;
case TDS_DATA_TYPE_BIGVARCHR : /* VarChar */
case TDS_DATA_TYPE_BIGCHAR : /* Char */
2011-10-15 18:46:26 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_string , tvb , * offset , length , ENC_ASCII | ENC_NA ) ;
2010-11-22 18:48:54 +00:00
break ;
case TDS_DATA_TYPE_NVARCHAR : /* NVarChar */
case TDS_DATA_TYPE_NCHAR : /* NChar */
2013-12-16 22:39:41 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_string , tvb , * offset , length , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
break ;
default :
2010-11-23 15:27:18 +00:00
DISSECTOR_ASSERT_NOT_REACHED ( ) ;
2010-11-22 18:48:54 +00:00
}
* offset + = length ;
}
break ;
/* LONGLEN_TYPE - types prefixed with 2-byte length */
case TDS_DATA_TYPE_NTEXT : /* NText */
case TDS_DATA_TYPE_XML : /* XML (introduced in TDS 7.2) */
case TDS_DATA_TYPE_UDT : /* CLR-UDT (introduced in TDS 7.2) */
case TDS_DATA_TYPE_TEXT : /* Text */
case TDS_DATA_TYPE_IMAGE : /* Image */
case TDS_DATA_TYPE_SSVARIANT : /* Sql_Variant (introduced in TDS 7.2) */
length = tvb_get_letohl ( tvb , * offset ) ;
length_item = proto_tree_add_uint ( sub_tree , hf_tds_type_varbyte_length , tvb , * offset , 4 , length ) ;
* offset + = 4 ;
if ( length = = CHARBIN_NULL32 ) {
proto_item_append_text ( length_item , " (CHARBIN_NULL) " ) ;
2011-10-04 22:44:31 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_null , tvb , * offset , 0 , ENC_NA ) ;
2010-11-22 18:48:54 +00:00
}
else {
switch ( data_type ) {
case TDS_DATA_TYPE_NTEXT : /* NText */
2013-12-16 22:39:41 +00:00
proto_tree_add_item ( sub_tree , hf_tds_type_varbyte_data_string , tvb , * offset , length , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
break ;
default : /*TODO*/
2013-08-23 03:17:34 +00:00
proto_tree_add_expert_format ( sub_tree , pinfo , & ei_tds_type_info_type_undecoded , tvb , * offset , length , " Data type %d not supported yet " , data_type ) ;
2010-11-23 15:27:18 +00:00
/* No point in continuing: we need to parse the full data_type to know where it ends */
THROW ( ReportedBoundsError ) ;
2010-11-22 18:48:54 +00:00
}
* offset + = length ;
}
break ;
}
proto_item_set_end ( item , tvb , * offset ) ;
}
2003-08-23 02:34:09 +00:00
static void
2010-11-22 18:48:54 +00:00
dissect_tds_rpc ( tvbuff_t * tvb , packet_info * pinfo , proto_tree * tree )
2003-08-23 02:34:09 +00:00
{
2010-11-22 18:48:54 +00:00
proto_item * item = NULL , * param_item = NULL ;
proto_tree * sub_tree = NULL , * status_sub_tree = NULL ;
2010-05-10 15:54:57 +00:00
int offset = 0 ;
guint len ;
2010-11-22 18:48:54 +00:00
guint8 data_type ;
2010-05-10 15:54:57 +00:00
2011-10-04 22:44:31 +00:00
item = proto_tree_add_item ( tree , hf_tds_rpc , tvb , 0 , - 1 , ENC_NA ) ;
2010-11-22 18:48:54 +00:00
tree = proto_item_add_subtree ( item , ett_tds_message ) ;
2010-05-10 15:54:57 +00:00
2010-11-22 18:48:54 +00:00
dissect_tds_all_headers ( tvb , & offset , pinfo , tree ) ;
2014-06-19 17:18:16 +00:00
while ( tvb_length_remaining ( tvb , offset ) > 0 ) {
2010-11-22 18:48:54 +00:00
/*
* RPC name .
*/
switch ( tds_protocol_type ) {
case TDS_PROTOCOL_4 :
len = tvb_get_guint8 ( tvb , offset ) ;
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( tree , hf_tds_rpc_name_length8 , tvb , offset , 1 , ENC_LITTLE_ENDIAN ) ;
2011-10-15 18:46:26 +00:00
proto_tree_add_item ( tree , hf_tds_rpc_name , tvb , offset + 1 , len , ENC_ASCII | ENC_NA ) ;
2010-11-22 18:48:54 +00:00
offset + = 1 + len ;
break ;
case TDS_PROTOCOL_7_0 :
case TDS_PROTOCOL_7_1 :
case TDS_PROTOCOL_7_2 :
case TDS_PROTOCOL_7_3 :
default : /* unspecified: try as if TDS7 */
len = tvb_get_letohs ( tvb , offset ) ;
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( tree , hf_tds_rpc_name_length , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 2 ;
2010-11-22 18:48:54 +00:00
if ( len = = 0xFFFF ) {
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( tree , hf_tds_rpc_proc_id , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
offset + = 2 ;
}
else if ( len ! = 0 ) {
2012-03-31 20:57:15 +00:00
len * = 2 ;
2013-12-16 22:39:41 +00:00
proto_tree_add_item ( tree , hf_tds_rpc_name , tvb , offset , len , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2012-03-31 20:57:15 +00:00
offset + = len ;
2010-11-22 18:48:54 +00:00
}
break ;
}
2011-10-06 03:35:44 +00:00
item = proto_tree_add_item ( tree , hf_tds_rpc_options , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
sub_tree = proto_item_add_subtree ( item , ett_tds_rpc_options ) ;
2011-10-10 00:39:31 +00:00
proto_tree_add_item ( sub_tree , hf_tds_rpc_options_with_recomp , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
proto_tree_add_item ( sub_tree , hf_tds_rpc_options_no_metadata , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
proto_tree_add_item ( sub_tree , hf_tds_rpc_options_reuse_metadata , tvb , offset , 2 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
offset + = 2 ;
/* dissect parameters */
2014-06-19 17:18:16 +00:00
while ( tvb_length_remaining ( tvb , offset ) > 0 ) {
2010-11-22 18:48:54 +00:00
gboolean plp ;
len = tvb_get_guint8 ( tvb , offset ) ;
/* check for BatchFlag or NoExecFlag */
if ( ( gint8 ) len < 0 ) {
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( tree , hf_tds_rpc_separator , tvb , offset , 1 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
+ + offset ;
break ;
2010-05-10 15:54:57 +00:00
}
2011-10-04 22:44:31 +00:00
param_item = proto_tree_add_item ( tree , hf_tds_rpc_parameter , tvb , offset , 0 , ENC_NA ) ;
2010-11-22 18:48:54 +00:00
sub_tree = proto_item_add_subtree ( param_item , ett_tds_rpc_parameter ) ;
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( sub_tree , hf_tds_rpc_parameter_name_length , tvb , offset , 1 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
+ + offset ;
if ( len ) {
2012-03-31 20:57:15 +00:00
len * = 2 ;
2013-12-16 22:39:41 +00:00
proto_tree_add_item ( sub_tree , hf_tds_rpc_parameter_name , tvb , offset , len , ENC_UTF_16 | ENC_LITTLE_ENDIAN ) ;
2012-03-31 20:57:15 +00:00
offset + = len ;
2010-05-10 15:54:57 +00:00
}
2011-10-06 03:35:44 +00:00
item = proto_tree_add_item ( sub_tree , hf_tds_rpc_parameter_status , tvb , offset , 1 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
status_sub_tree = proto_item_add_subtree ( item , ett_tds_rpc_parameter_status ) ;
2011-10-10 00:39:31 +00:00
proto_tree_add_item ( status_sub_tree , hf_tds_rpc_parameter_status_by_ref , tvb , offset , 1 , ENC_LITTLE_ENDIAN ) ;
proto_tree_add_item ( status_sub_tree , hf_tds_rpc_parameter_status_default , tvb , offset , 1 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
+ + offset ;
data_type = dissect_tds_type_info ( tvb , & offset , pinfo , sub_tree , & plp ) ;
dissect_tds_type_varbyte ( tvb , & offset , pinfo , sub_tree , hf_tds_rpc_parameter_value , data_type , plp ) ;
proto_item_set_end ( param_item , tvb , offset ) ;
}
2010-05-10 15:54:57 +00:00
}
2003-08-23 02:34:09 +00:00
}
2002-08-19 21:33:29 +00:00
static void
2012-08-27 11:47:37 +00:00
dissect_tds_resp ( tvbuff_t * tvb , packet_info * pinfo , proto_tree * tree , tds_conv_info_t * tds_info )
2002-08-19 21:33:29 +00:00
{
2010-05-10 15:54:57 +00:00
int offset = 0 ;
proto_item * token_item ;
proto_tree * token_tree ;
guint pos , token_sz = 0 ;
guint token_len_field_size = 2 ;
guint token_len_field_val = 0 ;
guint8 token ;
struct _netlib_data nl_data ;
gint length_remaining ;
memset ( & nl_data , ' \0 ' , sizeof nl_data ) ;
/*
* Until we reach the end of the packet , read tokens .
*/
pos = offset ;
while ( tvb_reported_length_remaining ( tvb , pos ) > 0 ) {
/* our token */
token = tvb_get_guint8 ( tvb , pos ) ;
/* TODO Handle TDS_PARAMFMT, TDS_PARAMS [similar to TDS_RESULTS, TDS_ROW] */
if ( tds_token_is_fixed_size ( token ) ) {
2012-08-27 11:47:37 +00:00
token_sz = tds_get_fixed_token_size ( token , tds_info ) + 1 ;
2010-05-10 15:54:57 +00:00
} else if ( token = = TDS_ROW_TOKEN ) {
/*
* Rows are special ; they have no size field and
* aren ' t fixed length .
*/
token_sz = tds_get_row_size ( tvb , & nl_data , pos + 1 ) ;
} else
token_sz = tds_get_variable_token_size ( tvb , pos + 1 ,
token , & token_len_field_size , & token_len_field_val ) ;
2014-10-17 14:11:22 +00:00
length_remaining = tvb_reported_length_remaining ( tvb , pos ) ;
2010-05-10 15:54:57 +00:00
2014-10-17 14:11:22 +00:00
token_tree = proto_tree_add_subtree_format ( tree , tvb , pos , token_sz ,
ett_tds_token , & token_item , " Token 0x%02x %s " , token ,
val_to_str_const ( token , token_names , " Unknown Token Type " ) ) ;
2010-05-10 15:54:57 +00:00
if ( ( int ) token_sz < 0 ) {
2013-09-09 00:44:09 +00:00
expert_add_info_format ( pinfo , token_item , & ei_tds_token_length_invalid , " Bogus token size: %u " , token_sz ) ;
2010-05-10 15:54:57 +00:00
break ;
}
2013-05-21 12:55:55 +00:00
if ( ( int ) token_len_field_size < 0 ) {
2013-09-09 00:44:09 +00:00
expert_add_info_format ( pinfo , token_item , & ei_tds_token_length_invalid , " Bogus token length field size: %u " , token_len_field_size ) ;
2013-05-21 12:55:55 +00:00
break ;
}
2010-05-10 15:54:57 +00:00
/*
* If it ' s a variable token , put the length field in here
* instead of replicating this for each token subdissector .
*/
if ( ! tds_token_is_fixed_size ( token ) & & token ! = TDS_ROW_TOKEN ) {
2014-10-17 14:11:22 +00:00
token_item = proto_tree_add_uint ( token_tree , hf_tds_token_len , tvb , pos + 1 , 1 , token_len_field_val ) ;
proto_item_set_len ( token_item , token_len_field_size ) ;
2010-05-10 15:54:57 +00:00
}
if ( token_sz > ( guint ) length_remaining )
token_sz = ( guint ) length_remaining ;
switch ( token ) {
case TDS_COL_NAME_TOKEN :
/*
* TDS 4.2
* TODO dissect token to get " column names " to fill in _netlib_data
*/
break ;
case TDS_COL_INFO_TOKEN :
/*
* TDS 4.2 : get the column info
*/
dissect_tds_col_info_token ( tvb , & nl_data , pos ) ;
break ;
case TDS_RESULT_TOKEN :
/*
* If it ' s a result token , we need to stash the
* column info .
*/
read_results_tds5 ( tvb , & nl_data , pos + 3 , token_sz - 3 ) ;
break ;
case TDS_ENV_CHG_TOKEN :
dissect_tds_env_chg ( tvb , pos + 3 , token_sz - 3 , token_tree ) ;
break ;
case TDS_AUTH_TOKEN :
dissect_tds_nt ( tvb , pinfo , token_tree , pos + 3 , token_sz - 3 ) ;
break ;
case TDS_ERR_TOKEN :
case TDS_MSG_TOKEN :
2012-08-27 11:47:37 +00:00
dissect_tds_err_token ( tvb , pos + 3 , token_sz - 3 , token_tree , tds_info ) ;
2010-05-10 15:54:57 +00:00
break ;
case TDS_DONE_TOKEN :
case TDS_DONEPROC_TOKEN :
case TDS_DONEINPROC_TOKEN :
2012-08-27 11:47:37 +00:00
dissect_tds_done_token ( tvb , pos + 1 , token_tree , tds_info ) ;
2010-05-10 15:54:57 +00:00
break ;
case TDS_LOGIN_ACK_TOKEN :
2014-10-17 14:11:22 +00:00
dissect_tds_login_ack_token ( tvb , pinfo , pos + 3 , token_sz - 3 , token_tree , tds_info ) ;
2010-05-10 15:54:57 +00:00
break ;
case TDS7_RESULT_TOKEN :
2012-08-27 11:47:37 +00:00
pos = ( dissect_tds7_results_token ( tvb , pos + 1 , token_tree , tds_info ) - 1 ) ;
2010-05-10 15:54:57 +00:00
break ;
}
/* and step to the end of the token, rinse, lather, repeat */
pos + = token_sz ;
}
2002-08-19 21:33:29 +00:00
}
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
2002-08-19 21:33:29 +00:00
static void
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
dissect_netlib_buffer ( tvbuff_t * tvb , packet_info * pinfo , proto_tree * tree )
2002-08-19 21:33:29 +00:00
{
2010-05-10 15:54:57 +00:00
int offset = 0 ;
proto_item * tds_item = NULL ;
proto_tree * tds_tree = NULL ;
2010-11-22 18:48:54 +00:00
proto_tree * tds_status_tree = NULL ;
2010-05-10 15:54:57 +00:00
guint8 type ;
guint8 status ;
guint16 channel ;
guint8 packet_number ;
gboolean save_fragmented ;
int len ;
2013-07-17 21:12:24 +00:00
fragment_head * fd_head ;
2010-05-10 15:54:57 +00:00
tvbuff_t * next_tvb ;
2012-08-27 11:47:37 +00:00
conversation_t * conv ;
tds_conv_info_t * tds_info ;
conv = find_or_create_conversation ( pinfo ) ;
tds_info = ( tds_conv_info_t * ) conversation_get_proto_data ( conv , proto_tds ) ;
if ( ! tds_info ) {
2013-09-12 16:15:54 +00:00
tds_info = wmem_new ( wmem_file_scope ( ) , tds_conv_info_t ) ;
2012-08-27 11:47:37 +00:00
tds_info - > tds7_version = TDS_PROTOCOL_NOT_SPECIFIED ;
conversation_add_proto_data ( conv , proto_tds , tds_info ) ;
}
2010-05-10 15:54:57 +00:00
type = tvb_get_guint8 ( tvb , offset ) ;
status = tvb_get_guint8 ( tvb , offset + 1 ) ;
channel = tvb_get_ntohs ( tvb , offset + 4 ) ;
packet_number = tvb_get_guint8 ( tvb , offset + 6 ) ;
2010-11-22 18:48:54 +00:00
/* create display subtree for the protocol */
2011-10-21 02:10:19 +00:00
tds_item = proto_tree_add_item ( tree , proto_tds , tvb , offset , - 1 , ENC_NA ) ;
2010-11-22 18:48:54 +00:00
tds_tree = proto_item_add_subtree ( tds_item , ett_tds ) ;
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( tds_tree , hf_tds_type , tvb , offset , 1 , ENC_LITTLE_ENDIAN ) ;
tds_item = proto_tree_add_item ( tds_tree , hf_tds_status , tvb , offset + 1 , 1 , ENC_LITTLE_ENDIAN ) ;
2010-11-22 18:48:54 +00:00
tds_status_tree = proto_item_add_subtree ( tds_item , ett_tds_status ) ;
2011-10-10 00:39:31 +00:00
proto_tree_add_item ( tds_status_tree , hf_tds_status_eom , tvb , offset + 1 , 1 , ENC_BIG_ENDIAN ) ;
proto_tree_add_item ( tds_status_tree , hf_tds_status_ignore , tvb , offset + 1 , 1 , ENC_BIG_ENDIAN ) ;
proto_tree_add_item ( tds_status_tree , hf_tds_status_event_notif , tvb , offset + 1 , 1 , ENC_BIG_ENDIAN ) ;
proto_tree_add_item ( tds_status_tree , hf_tds_status_reset_conn , tvb , offset + 1 , 1 , ENC_BIG_ENDIAN ) ;
proto_tree_add_item ( tds_status_tree , hf_tds_status_reset_conn_skip_tran , tvb , offset + 1 , 1 , ENC_BIG_ENDIAN ) ;
2011-10-06 03:35:44 +00:00
proto_tree_add_item ( tds_tree , hf_tds_length , tvb , offset + 2 , 2 , ENC_BIG_ENDIAN ) ;
proto_tree_add_item ( tds_tree , hf_tds_channel , tvb , offset + 4 , 2 , ENC_BIG_ENDIAN ) ;
proto_tree_add_item ( tds_tree , hf_tds_packet_number , tvb , offset + 6 , 1 , ENC_LITTLE_ENDIAN ) ;
proto_tree_add_item ( tds_tree , hf_tds_window , tvb , offset + 7 , 1 , ENC_LITTLE_ENDIAN ) ;
2010-05-10 15:54:57 +00:00
offset + = 8 ; /* skip Netlib header */
/*
* Deal with fragmentation .
*
* TODO : handle case where netlib headers ' packet - number ' . is always 0
* use fragment_add_seq_next in this case ?
*
*/
save_fragmented = pinfo - > fragmented ;
if ( tds_defragment & &
2010-11-22 18:48:54 +00:00
( packet_number > 1 | | ( status & STATUS_LAST_BUFFER ) = = 0 ) ) {
if ( ( status & STATUS_LAST_BUFFER ) = = 0 ) {
2010-05-10 15:54:57 +00:00
col_append_str ( pinfo - > cinfo , COL_INFO ,
" (Not last buffer) " ) ;
}
len = tvb_reported_length_remaining ( tvb , offset ) ;
/*
* XXX - I ' ve seen captures that start with a login
* packet with a sequence number of 2.
*/
2013-03-22 23:59:54 +00:00
fd_head = fragment_add_seq_check ( & tds_reassembly_table , tvb , offset ,
pinfo , channel , NULL ,
2010-11-22 18:48:54 +00:00
packet_number - 1 , len , ( status & STATUS_LAST_BUFFER ) = = 0 ) ;
2010-05-10 15:54:57 +00:00
next_tvb = process_reassembled_data ( tvb , offset , pinfo ,
" Reassembled TDS " , fd_head , & tds_frag_items , NULL ,
tds_tree ) ;
} else {
/*
* If this isn ' t the last buffer , just show it as a fragment .
* ( XXX - it ' d be nice to dissect it if it ' s the first
* buffer , but we ' d need to do reassembly in order to
* discover that . )
*
* If this is the last buffer , dissect it .
* ( XXX - it ' d be nice to show it as a fragment if it ' s part
* of a fragmented message , but we ' d need to do reassembly
* in order to discover that . )
*/
2010-11-22 18:48:54 +00:00
if ( ( status & STATUS_LAST_BUFFER ) = = 0 )
2010-05-10 15:54:57 +00:00
next_tvb = NULL ;
else {
next_tvb = tvb_new_subset_remaining ( tvb , offset ) ;
}
}
if ( next_tvb ! = NULL ) {
switch ( type ) {
case TDS_RPC_PKT :
dissect_tds_rpc ( next_tvb , pinfo , tds_tree ) ;
break ;
case TDS_RESP_PKT :
2012-08-27 11:47:37 +00:00
dissect_tds_resp ( next_tvb , pinfo , tds_tree , tds_info ) ;
2010-05-10 15:54:57 +00:00
break ;
case TDS_LOGIN7_PKT :
dissect_tds7_login ( next_tvb , pinfo , tds_tree ) ;
break ;
case TDS_QUERY_PKT :
2012-08-27 11:47:37 +00:00
dissect_tds_query_packet ( next_tvb , pinfo , tds_tree , tds_info ) ;
2010-05-10 15:54:57 +00:00
break ;
case TDS_QUERY5_PKT :
2012-08-27 11:47:37 +00:00
dissect_tds_query5_packet ( next_tvb , pinfo , tds_tree , tds_info ) ;
2010-05-10 15:54:57 +00:00
break ;
2010-11-22 18:48:54 +00:00
case TDS_SSPI_PKT :
2010-05-10 15:54:57 +00:00
dissect_tds_nt ( next_tvb , pinfo , tds_tree , offset - 8 , - 1 ) ;
break ;
default :
2014-10-17 14:11:22 +00:00
proto_tree_add_item ( tds_tree , hf_tds_tds_packet , next_tvb , 0 , - 1 , ENC_NA ) ;
2010-05-10 15:54:57 +00:00
break ;
}
} else {
next_tvb = tvb_new_subset_remaining ( tvb , offset ) ;
call_dissector ( data_handle , next_tvb , pinfo , tds_tree ) ;
}
2011-07-31 23:41:20 +00:00
pinfo - > fragmented = save_fragmented ;
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
}
2002-08-19 21:33:29 +00:00
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
static void
dissect_tds_tcp ( tvbuff_t * tvb , packet_info * pinfo , proto_tree * tree )
{
2010-05-10 15:54:57 +00:00
volatile gboolean first_time = TRUE ;
volatile int offset = 0 ;
guint length_remaining ;
guint8 type ;
guint16 plen ;
guint length ;
tvbuff_t * volatile next_tvb ;
proto_item * tds_item = NULL ;
proto_tree * tds_tree = NULL ;
while ( tvb_reported_length_remaining ( tvb , offset ) ! = 0 ) {
2014-06-19 17:17:16 +00:00
length_remaining = tvb_ensure_length_remaining ( tvb , offset ) ;
2010-05-10 15:54:57 +00:00
/*
* Can we do reassembly ?
*/
if ( tds_desegment & & pinfo - > can_desegment ) {
/*
* Yes - is the fixed - length part of the PDU
* split across segment boundaries ?
*/
if ( length_remaining < 8 ) {
2012-08-27 11:47:37 +00:00
/*
* Yes . Tell the TCP dissector where the data for this message
* starts in the data it handed us and that we need " some more
* data . " Don't tell it exactly how many bytes we need because
* if / when we ask for even more ( after the header ) that will
* break reassembly .
*/
2010-05-10 15:54:57 +00:00
pinfo - > desegment_offset = offset ;
2011-03-25 19:02:18 +00:00
pinfo - > desegment_len = DESEGMENT_ONE_MORE_SEGMENT ;
2010-05-10 15:54:57 +00:00
return ;
}
}
type = tvb_get_guint8 ( tvb , offset ) ;
/*
* Get the length of the PDU .
*/
plen = tvb_get_ntohs ( tvb , offset + 2 ) ;
if ( plen < 8 ) {
/*
* The length is less than the header length .
* Put in the type , status , and length , and
* report the length as bogus .
*/
if ( tree ) {
/* create display subtree for the protocol */
tds_item = proto_tree_add_item ( tree , proto_tds ,
2011-10-21 02:10:19 +00:00
tvb , offset , - 1 , ENC_NA ) ;
2010-05-10 15:54:57 +00:00
tds_tree = proto_item_add_subtree ( tds_item ,
ett_tds ) ;
proto_tree_add_uint ( tds_tree , hf_tds_type , tvb ,
offset , 1 , type ) ;
proto_tree_add_item ( tds_tree , hf_tds_status ,
2011-10-06 03:35:44 +00:00
tvb , offset + 1 , 1 , ENC_BIG_ENDIAN ) ;
2013-05-21 12:55:55 +00:00
tds_item = proto_tree_add_uint ( tds_tree , hf_tds_length , tvb , offset + 2 , 2 , plen ) ;
2013-09-09 00:44:09 +00:00
expert_add_info_format ( pinfo , tds_item , & ei_tds_invalid_length , " bogus, should be >= 8 " ) ;
2010-05-10 15:54:57 +00:00
}
/*
* Give up - we can ' t dissect any more of this
* data .
*/
break ;
}
/*
* Can we do reassembly ?
*/
if ( tds_desegment & & pinfo - > can_desegment ) {
/*
* Yes - is the PDU split across segment boundaries ?
*/
if ( length_remaining < plen ) {
/*
* Yes . Tell the TCP dissector where the
* data for this message starts in the data
* it handed us , and how many more bytes we
* need , and return .
*/
pinfo - > desegment_offset = offset ;
pinfo - > desegment_len = plen - length_remaining ;
return ;
}
}
if ( first_time ) {
col_set_str ( pinfo - > cinfo , COL_PROTOCOL , " TDS " ) ;
/*
* Set the packet description based on its TDS packet
* type .
*/
2010-11-23 15:27:18 +00:00
col_add_str ( pinfo - > cinfo , COL_INFO ,
val_to_str ( type , packet_type_names ,
" Unknown Packet Type: %u " ) ) ;
2010-05-10 15:54:57 +00:00
first_time = FALSE ;
}
/*
* Construct a tvbuff containing the amount of the payload
* we have available . Make its reported length the amount
* of data in the PDU .
*
* XXX - if reassembly isn ' t enabled . the subdissector will
* throw a BoundsError exception , rather than a
* ReportedBoundsError exception . We really want a tvbuff
* where the length is " length " , the reported length is
* " plen " , and the " if the snapshot length were infinite "
* length is the minimum of the reported length of the tvbuff
* handed to us and " plen " , with a new type of exception
* thrown if the offset is within the reported length but
* beyond that third length , with that exception getting the
* " Unreassembled Packet " error .
*/
length = length_remaining ;
if ( length > plen )
length = plen ;
next_tvb = tvb_new_subset ( tvb , offset , length , plen ) ;
/*
* Dissect the Netlib buffer .
*
Move show_exception() and show_reported_bounds_error() to
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
2013-02-27 22:43:54 +00:00
* If it gets an error that means there ' s no point in
* dissecting any more Netlib buffers , rethrow the
* exception in question .
2010-05-10 15:54:57 +00:00
*
Move show_exception() and show_reported_bounds_error() to
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
2013-02-27 22:43:54 +00:00
* If it gets any other error , report it and continue , as that
* means that Netlib buffer got an error , but that doesn ' t mean
* we should stop dissecting Netlib buffers within this frame
* or chunk of reassembled data .
2010-05-10 15:54:57 +00:00
*/
TRY {
dissect_netlib_buffer ( next_tvb , pinfo , tree ) ;
}
Move show_exception() and show_reported_bounds_error() to
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
2013-02-27 22:43:54 +00:00
CATCH_NONFATAL_ERRORS {
2010-10-08 17:48:22 +00:00
Move show_exception() and show_reported_bounds_error() to
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
2013-02-27 22:43:54 +00:00
show_exception ( tvb , pinfo , tree , EXCEPT_CODE , GET_MESSAGE ) ;
2010-05-10 15:54:57 +00:00
}
ENDTRY ;
/*
* Step to the next Netlib buffer .
*/
offset + = plen ;
}
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
}
static gboolean
2012-09-10 21:40:21 +00:00
dissect_tds_tcp_heur ( tvbuff_t * tvb , packet_info * pinfo , proto_tree * tree , void * data _U_ )
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
{
2010-05-10 15:54:57 +00:00
int offset = 0 ;
guint8 type ;
guint8 status ;
guint16 plen ;
conversation_t * conv ;
/*
* If we don ' t have even enough data for a Netlib header ,
* just say it ' s not TDS .
*/
2014-06-19 17:18:16 +00:00
if ( tvb_length ( tvb ) < 8 )
2010-05-10 15:54:57 +00:00
return FALSE ;
/*
* Quickly scan all the data we have in order to see if
* everything in it looks like Netlib traffic .
*/
while ( tvb_bytes_exist ( tvb , offset , 1 ) ) {
/*
* Check the type field .
*/
type = tvb_get_guint8 ( tvb , offset ) ;
if ( ! is_valid_tds_type ( type ) )
return FALSE ;
/*
* Check the status field , if it ' s present .
*/
if ( ! tvb_bytes_exist ( tvb , offset + 1 , 1 ) )
break ;
status = tvb_get_guint8 ( tvb , offset + 1 ) ;
if ( ! is_valid_tds_status ( status ) )
return FALSE ;
/*
* Get the length of the PDU .
*/
if ( ! tvb_bytes_exist ( tvb , offset + 2 , 2 ) )
break ;
plen = tvb_get_ntohs ( tvb , offset + 2 ) ;
if ( plen < 8 ) {
/*
* The length is less than the header length .
* That ' s bogus .
*/
return FALSE ;
}
/*
* If we ' re at the beginning of the segment , check the
* payload if it ' s a login packet .
*/
if ( offset = = 0 ) {
if ( ! netlib_check_login_pkt ( tvb , offset , pinfo , type ) )
return FALSE ;
}
/*
* Step to the next Netlib buffer .
*/
offset + = plen ;
}
/*
* OK , it passes the test ; assume the rest of this conversation
* is TDS .
*/
2010-05-13 18:28:34 +00:00
conv = find_or_create_conversation ( pinfo ) ;
2010-05-10 15:54:57 +00:00
conversation_set_dissector ( conv , tds_tcp_handle ) ;
/*
* Now dissect it as TDS .
*/
dissect_tds_tcp ( tvb , pinfo , tree ) ;
return TRUE ;
2002-08-19 21:33:29 +00:00
}
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
static void
tds_init ( void )
{
2010-05-10 15:54:57 +00:00
/*
2013-03-22 23:59:54 +00:00
* Initialize the reassembly table .
*
* XXX - should fragments be reassembled across multiple TCP
* connections ?
2010-05-10 15:54:57 +00:00
*/
2013-03-22 23:59:54 +00:00
reassembly_table_init ( & tds_reassembly_table ,
& addresses_ports_reassembly_table_functions ) ;
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
}
2002-08-19 21:33:29 +00:00
2006-05-21 04:49:01 +00:00
/* Register the protocol with Wireshark */
2002-08-19 21:33:29 +00:00
/* this format is required because a script is used to build the C function
that calls all the protocol registration .
*/
void
2008-10-16 07:20:02 +00:00
proto_register_tds ( void )
2002-08-28 21:04:11 +00:00
{
2010-05-10 15:54:57 +00:00
static hf_register_info hf [ ] = {
{ & hf_tds_type ,
{ " Type " , " tds.type " ,
2010-11-22 18:48:54 +00:00
FT_UINT8 , BASE_DEC , VALS ( packet_type_names ) , 0x0 ,
" Packet type " , HFILL }
2010-05-10 15:54:57 +00:00
} ,
{ & hf_tds_status ,
{ " Status " , " tds.status " ,
2010-11-22 18:48:54 +00:00
FT_UINT8 , BASE_HEX , NULL , 0x0 ,
" Packet status " , HFILL }
} ,
{ & hf_tds_status_eom ,
{ " End of message " , " tds.status.eom " ,
FT_BOOLEAN , 8 , NULL , STATUS_LAST_BUFFER ,
" The packet is the last packet in the whole request " , HFILL }
} ,
{ & hf_tds_status_ignore ,
{ " Ignore this event " , " tds.status.ignore " ,
FT_BOOLEAN , 8 , NULL , STATUS_IGNORE_EVENT ,
" (From client to server) Ignore this event (EOM MUST also be set) " , HFILL }
} ,
{ & hf_tds_status_event_notif ,
{ " Event notification " , " tds.status.event_notif " ,
FT_BOOLEAN , 8 , NULL , STATUS_EVENT_NOTIFICATION ,
NULL , HFILL }
} ,
{ & hf_tds_status_reset_conn ,
{ " Reset connection " , " tds.status.reset_conn " ,
FT_BOOLEAN , 8 , NULL , STATUS_RESETCONNECTION ,
" (From client to server) Reset this connection before processing event " , HFILL }
2010-05-10 15:54:57 +00:00
} ,
2010-11-22 18:48:54 +00:00
{ & hf_tds_status_reset_conn_skip_tran ,
{ " Reset connection keeping transaction state " , " tds.status.reset_conn_skip_tran " ,
FT_BOOLEAN , 8 , NULL , STATUS_RESETCONNECTIONSKIPTRAN ,
" (From client to server) Reset the connection before processing event but do not modify the transaction state " , HFILL }
} ,
{ & hf_tds_length ,
{ " Length " , " tds.length " ,
2010-05-10 15:54:57 +00:00
FT_UINT16 , BASE_DEC , NULL , 0x0 ,
2010-11-22 18:48:54 +00:00
" Packet length " , HFILL }
2010-05-10 15:54:57 +00:00
} ,
{ & hf_tds_channel ,
{ " Channel " , " tds.channel " ,
FT_UINT16 , BASE_DEC , NULL , 0x0 ,
" Channel Number " , HFILL }
} ,
{ & hf_tds_packet_number ,
{ " Packet Number " , " tds.packet_number " ,
FT_UINT8 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_window ,
{ " Window " , " tds.window " ,
FT_UINT8 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
2013-05-21 12:55:55 +00:00
{ & hf_tds_collate_codepage ,
{ " Codepage " , " tds.collate_codepage " ,
FT_UINT16 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_collate_flags ,
{ " Flags " , " tds.collate_flags " ,
FT_UINT16 , BASE_HEX , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_collate_charset_id ,
{ " Charset ID " , " tds.collate_charset_id " ,
FT_UINT8 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
2013-12-16 22:39:41 +00:00
{ & hf_tds_table_name ,
{ " Table name " , " tds.table_name " ,
FT_STRING , STR_UNICODE , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_text ,
{ " Text " , " tds.text " ,
FT_STRING , STR_UNICODE , NULL , 0x0 ,
NULL , HFILL }
} ,
2010-05-10 15:54:57 +00:00
{ & hf_tds_fragment_overlap ,
{ " Segment overlap " , " tds.fragment.overlap " ,
FT_BOOLEAN , BASE_NONE , NULL , 0x0 ,
" Fragment overlaps with other fragments " , HFILL }
} ,
{ & hf_tds_fragment_overlap_conflict ,
{ " Conflicting data in fragment overlap " , " tds.fragment.overlap.conflict " ,
FT_BOOLEAN , BASE_NONE , NULL , 0x0 ,
" Overlapping fragments contained conflicting data " , HFILL }
} ,
{ & hf_tds_fragment_multiple_tails ,
{ " Multiple tail fragments found " , " tds.fragment.multipletails " ,
FT_BOOLEAN , BASE_NONE , NULL , 0x0 ,
" Several tails were found when defragmenting the packet " , HFILL }
} ,
{ & hf_tds_fragment_too_long_fragment ,
{ " Segment too long " , " tds.fragment.toolongfragment " ,
FT_BOOLEAN , BASE_NONE , NULL , 0x0 ,
" Segment contained data past end of packet " , HFILL }
} ,
{ & hf_tds_fragment_error ,
{ " Defragmentation error " , " tds.fragment.error " ,
FT_FRAMENUM , BASE_NONE , NULL , 0x0 ,
" Defragmentation error due to illegal fragments " , HFILL }
} ,
2011-01-30 21:01:07 +00:00
{ & hf_tds_fragment_count ,
{ " Segment count " , " tds.fragment.count " ,
FT_UINT32 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
2010-05-10 15:54:57 +00:00
{ & hf_tds_fragment ,
{ " TDS Fragment " , " tds.fragment " ,
FT_FRAMENUM , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_fragments ,
{ " TDS Fragments " , " tds.fragments " ,
FT_NONE , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_reassembled_in ,
{ " Reassembled TDS in frame " , " tds.reassembled_in " ,
FT_FRAMENUM , BASE_NONE , NULL , 0x0 ,
" This TDS packet is reassembled in this frame " , HFILL }
} ,
{ & hf_tds_reassembled_length ,
{ " Reassembled TDS length " , " tds.reassembled.length " ,
FT_UINT32 , BASE_DEC , NULL , 0x0 ,
" The total length of the reassembled payload " , HFILL }
} ,
{ & hf_tds7_login_total_size ,
2012-07-22 03:06:37 +00:00
{ " Total Packet Length " , " tds.7login.total_len " ,
2010-05-10 15:54:57 +00:00
FT_UINT32 , BASE_DEC , NULL , 0x0 ,
" TDS7 Login Packet total packet length " , HFILL }
} ,
{ & hf_tds7_version ,
2012-07-22 03:06:37 +00:00
{ " TDS version " , " tds.7login.version " ,
2010-05-10 15:54:57 +00:00
FT_UINT32 , BASE_HEX , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds7_packet_size ,
2012-07-22 03:06:37 +00:00
{ " Packet Size " , " tds.7login.packet_size " ,
2010-05-10 15:54:57 +00:00
FT_UINT32 , BASE_DEC , NULL , 0x0 ,
2010-09-23 21:46:31 +00:00
NULL , HFILL }
2010-05-10 15:54:57 +00:00
} ,
{ & hf_tds7_client_version ,
2012-07-22 03:06:37 +00:00
{ " Client version " , " tds.7login.client_version " ,
2010-05-10 15:54:57 +00:00
FT_UINT32 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds7_client_pid ,
2012-07-22 03:06:37 +00:00
{ " Client PID " , " tds.7login.client_pid " ,
2010-05-10 15:54:57 +00:00
FT_UINT32 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds7_connection_id ,
2012-07-22 03:06:37 +00:00
{ " Connection ID " , " tds.7login.connection_id " ,
2010-05-10 15:54:57 +00:00
FT_UINT32 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds7_option_flags1 ,
2012-07-22 03:06:37 +00:00
{ " Option Flags 1 " , " tds.7login.option_flags1 " ,
2010-05-10 15:54:57 +00:00
FT_UINT8 , BASE_HEX , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds7_option_flags2 ,
2012-07-22 03:06:37 +00:00
{ " Option Flags 2 " , " tds.7login.option_flags2 " ,
2010-05-10 15:54:57 +00:00
FT_UINT8 , BASE_HEX , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds7_sql_type_flags ,
2012-07-22 03:06:37 +00:00
{ " SQL Type Flags " , " tds.7login.sql_type_flags " ,
2010-05-10 15:54:57 +00:00
FT_UINT8 , BASE_HEX , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds7_reserved_flags ,
2012-07-22 03:06:37 +00:00
{ " Reserved Flags " , " tds.7login.reserved_flags " ,
2010-05-10 15:54:57 +00:00
FT_UINT8 , BASE_HEX , NULL , 0x0 ,
2010-09-23 21:46:31 +00:00
NULL , HFILL }
2010-05-10 15:54:57 +00:00
} ,
{ & hf_tds7_time_zone ,
2012-07-22 03:06:37 +00:00
{ " Time Zone " , " tds.7login.time_zone " ,
2010-05-10 15:54:57 +00:00
FT_UINT32 , BASE_HEX , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds7_collation ,
2012-07-22 03:06:37 +00:00
{ " Collation " , " tds.7login.collation " ,
2010-05-10 15:54:57 +00:00
FT_UINT32 , BASE_HEX , NULL , 0x0 ,
NULL , HFILL }
} ,
2012-08-27 11:47:37 +00:00
{ & hf_tds7_loginack_version ,
{ " TDS version " , " tds.7loginack.version " ,
FT_UINT32 , BASE_HEX , NULL , 0x0 ,
NULL , HFILL }
} ,
2010-11-22 18:48:54 +00:00
{ & hf_tds_all_headers ,
{ " Packet data stream headers " , " tds.all_headers " ,
FT_NONE , BASE_NONE , NULL , 0x0 ,
" The ALL_HEADERS rule " , HFILL }
} ,
{ & hf_tds_all_headers_total_length ,
{ " Total length " , " tds.all_headers.total_length " ,
FT_UINT32 , BASE_DEC , NULL , 0x0 ,
" Total length of ALL_HEADERS stream " , HFILL }
} ,
{ & hf_tds_all_headers_header_length ,
{ " Length " , " tds.all_headers.header.length " ,
FT_UINT32 , BASE_DEC , NULL , 0x0 ,
" Total length of an individual header " , HFILL }
} ,
{ & hf_tds_all_headers_header_type ,
{ " Type " , " tds.all_headers.header.type " ,
FT_UINT16 , BASE_HEX , VALS ( header_type_names ) , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_all_headers_trans_descr ,
{ " Transaction descriptor " , " tds.all_headers.header.trans_descr " ,
FT_UINT64 , BASE_DEC , NULL , 0x0 ,
" For each connection, a number that uniquely identifies the transaction the request is associated with. Initially generated by the server when a new transaction is created and returned to the client as part of the ENVCHANGE token stream. " , HFILL }
} ,
{ & hf_tds_all_headers_request_cnt ,
{ " Outstanding request count " , " tds.all_headers.header.request_cnt " ,
FT_UINT32 , BASE_DEC , NULL , 0x0 ,
" Number of requests currently active on the connection " , HFILL }
} ,
{ & hf_tds_type_info ,
{ " Type info " , " tds.type_info " ,
FT_NONE , BASE_NONE , NULL , 0x0 ,
" The TYPE_INFO rule applies to several messages used to describe column information " , HFILL }
} ,
{ & hf_tds_type_info_type ,
{ " Type " , " tds.type_info.type " ,
FT_UINT8 , BASE_HEX , VALS ( tds_data_type_names ) , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_info_varlen ,
{ " Maximal length " , " tds.type_info.varlen " ,
FT_UINT32 , BASE_DEC , NULL , 0x0 ,
" Defines the length of the data contained within the column " , HFILL }
} ,
{ & hf_tds_type_info_precision ,
{ " Precision " , " tds.type_info.precision " ,
FT_UINT8 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_info_scale ,
{ " Scale " , " tds.type_info.scale " ,
FT_UINT8 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_info_collation ,
{ " Collation " , " tds.type_info.collation " ,
FT_NONE , BASE_NONE , NULL , 0x0 ,
" Specifies collation information for character data or metadata describing character data " , HFILL }
} ,
{ & hf_tds_type_info_collation_lcid ,
{ " LCID " , " tds.type_info.collation.lcid " ,
FT_UINT32 , BASE_HEX , NULL , 0x000FFFFF ,
" For a SortId==0 collation, the LCID bits correspond to a LocaleId as defined by the National Language Support (NLS) functions " , HFILL }
} ,
{ & hf_tds_type_info_collation_ign_case ,
{ " Ignore case " , " tds.type_info.collation.ignore_case " ,
FT_BOOLEAN , 32 , NULL , 0x00100000 ,
NULL , HFILL }
} ,
{ & hf_tds_type_info_collation_ign_accent ,
{ " Ignore accent " , " tds.type_info.collation.ignore_accent " ,
FT_BOOLEAN , 32 , NULL , 0x00200000 ,
NULL , HFILL }
} ,
{ & hf_tds_type_info_collation_ign_kana ,
{ " Ignore kana " , " tds.type_info.collation.ignore_kana " ,
FT_BOOLEAN , 32 , NULL , 0x00400000 ,
NULL , HFILL }
} ,
{ & hf_tds_type_info_collation_ign_width ,
{ " Ignore width " , " tds.type_info.collation.ignore_width " ,
FT_BOOLEAN , 32 , NULL , 0x00800000 ,
NULL , HFILL }
} ,
{ & hf_tds_type_info_collation_binary ,
{ " Binary " , " tds.type_info.collation.binary " ,
FT_BOOLEAN , 32 , NULL , 0x01000000 ,
NULL , HFILL }
} ,
{ & hf_tds_type_info_collation_version ,
{ " Version " , " tds.type_info.collation.version " ,
FT_UINT32 , BASE_DEC , NULL , 0xF0000000 ,
NULL , HFILL }
} ,
{ & hf_tds_type_info_collation_sortid ,
{ " SortId " , " tds.type_info.collation.sortid " ,
FT_UINT8 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_length ,
{ " Length " , " tds.type_varbyte.length " ,
FT_UINT32 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_data_null ,
2012-06-23 15:27:51 +00:00
{ " Data: NULL " , " tds.type_varbyte.data.null " ,
2010-11-22 18:48:54 +00:00
FT_NONE , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_data_boolean ,
2012-06-23 15:27:51 +00:00
{ " Data " , " tds.type_varbyte.data.bool " ,
2010-11-22 18:48:54 +00:00
FT_BOOLEAN , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_data_int1 ,
2012-06-23 15:27:51 +00:00
{ " Data " , " tds.type_varbyte.data.int " ,
2010-11-22 18:48:54 +00:00
FT_INT8 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_data_int2 ,
2012-06-23 15:27:51 +00:00
{ " Data " , " tds.type_varbyte.data.int " ,
2010-11-22 18:48:54 +00:00
FT_INT16 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_data_int4 ,
2012-06-23 15:27:51 +00:00
{ " Data " , " tds.type_varbyte.data.int " ,
2010-11-22 18:48:54 +00:00
FT_INT32 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_data_int8 ,
2012-06-23 15:27:51 +00:00
{ " Data " , " tds.type_varbyte.data.int64 " ,
2010-11-22 18:48:54 +00:00
FT_INT64 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_data_float ,
2012-06-23 15:27:51 +00:00
{ " Data " , " tds.type_varbyte.data.float " ,
2010-11-22 18:48:54 +00:00
FT_FLOAT , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_data_double ,
2012-06-24 17:41:18 +00:00
{ " Data " , " tds.type_varbyte.data.float " ,
2010-11-22 18:48:54 +00:00
FT_DOUBLE , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_data_bytes ,
2012-06-23 15:27:51 +00:00
{ " Data " , " tds.type_varbyte.data.bytes " ,
2010-11-22 18:48:54 +00:00
FT_BYTES , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_data_guid ,
2012-06-23 15:27:51 +00:00
{ " Data " , " tds.type_varbyte.data.guid " ,
2010-11-22 18:48:54 +00:00
FT_GUID , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_data_string ,
2012-06-23 15:27:51 +00:00
{ " Data " , " tds.type_varbyte.data.string " ,
2010-11-22 18:48:54 +00:00
FT_STRING , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_plp_len ,
{ " PLP length " , " tds.type_varbyte.plp_len " ,
FT_INT64 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_type_varbyte_plp_chunk_len ,
{ " PLP chunk length " , " tds.type_varbyte.plp_chunk_len " ,
FT_INT32 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_rpc ,
{ " Remote Procedure Call " , " tds.rpc " ,
FT_NONE , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_rpc_name_length8 ,
{ " Procedure name length " , " tds.rpc.name_length " ,
FT_UINT8 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_rpc_name_length ,
{ " Procedure name length " , " tds.rpc.name_length " ,
FT_UINT16 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_rpc_name ,
{ " Procedure name " , " tds.rpc.name " ,
2010-05-10 15:54:57 +00:00
FT_STRING , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
2010-11-22 18:48:54 +00:00
{ & hf_tds_rpc_proc_id ,
{ " Stored procedure ID " , " tds.rpc.proc_id " ,
FT_UINT16 , BASE_DEC , VALS ( internal_stored_proc_id_names ) , 0x0 ,
" The number identifying the special stored procedure to be executed " , HFILL }
} ,
{ & hf_tds_rpc_options ,
{ " Option flags " , " tds.rpc.options " ,
FT_UINT16 , BASE_HEX , NULL , 0x0 ,
" The number identifying the special stored procedure to be executed " , HFILL }
} ,
{ & hf_tds_rpc_options_with_recomp ,
{ " With recompile " , " tds.rpc.options.with_recomp " ,
FT_BOOLEAN , 16 , NULL , TDS_RPC_OPT_WITH_RECOMP ,
" The number identifying the special stored procedure to be executed " , HFILL }
} ,
{ & hf_tds_rpc_options_no_metadata ,
{ " No metadata " , " tds.rpc.options.no_metadata " ,
FT_BOOLEAN , 16 , NULL , TDS_RPC_OPT_NO_METADATA ,
" The number identifying the special stored procedure to be executed " , HFILL }
} ,
{ & hf_tds_rpc_options_reuse_metadata ,
{ " Reuse metadata " , " tds.rpc.options.reuse_metadata " ,
FT_BOOLEAN , 16 , NULL , TDS_RPC_OPT_REUSE_METADATA ,
" The number identifying the special stored procedure to be executed " , HFILL }
} ,
{ & hf_tds_rpc_separator ,
{ " RPC batch separator " , " tds.rpc.separator " ,
FT_UINT8 , BASE_DEC , VALS ( tds_rpc_separators ) , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_rpc_parameter ,
{ " Parameter " , " tds.rpc.parameter " ,
FT_NONE , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_rpc_parameter_name_length ,
{ " Name length " , " tds.rpc.parameter.name_length " ,
FT_UINT8 , BASE_DEC , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_rpc_parameter_name ,
{ " Name " , " tds.rpc.parameter.name " ,
FT_STRING , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
{ & hf_tds_rpc_parameter_status ,
{ " Status flags " , " tds.rpc.parameter.status " ,
FT_UINT8 , BASE_HEX , NULL , 0x0 ,
" Information on how the parameter is passed " , HFILL }
} ,
{ & hf_tds_rpc_parameter_status_by_ref ,
{ " By reference " , " tds.rpc.parameter.status.by_ref " ,
FT_BOOLEAN , 16 , NULL , TDS_RPC_PARAMETER_STATUS_BY_REF ,
NULL , HFILL }
} ,
{ & hf_tds_rpc_parameter_status_default ,
{ " Default value " , " tds.rpc.parameter.status.default " ,
FT_BOOLEAN , 16 , NULL , TDS_RPC_PARAMETER_STATUS_DEFAULT ,
NULL , HFILL }
} ,
{ & hf_tds_rpc_parameter_value ,
{ " Value " , " tds.rpc.parameter.value " ,
FT_NONE , BASE_NONE , NULL , 0x0 ,
NULL , HFILL }
} ,
2014-10-17 14:11:22 +00:00
/* Generated from convert_proto_tree_add_text.pl */
{ & hf_tds_query , { " Query " , " tds.query " , FT_STRING , BASE_NONE , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_lang_token_status , { " Status " , " tds.lang_token_status " , FT_UINT8 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_language_text , { " Language text " , " tds.language_text " , FT_STRING , BASE_NONE , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_env_chg_type , { " Type " , " tds.env_chg_type " , FT_UINT8 , BASE_DEC , VALS ( env_chg_names ) , 0x0 , NULL , HFILL } } ,
{ & hf_tds_new_value_length , { " New Value Length " , " tds.new_value_length " , FT_UINT8 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_new_value , { " New Value " , " tds.new_value " , FT_STRING , BASE_NONE , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_old_value_length , { " Old Value Length " , " tds.old_value_length " , FT_UINT8 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_old_value , { " Old Value " , " tds.old_value " , FT_STRING , BASE_NONE , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_sql_error_number , { " SQL Error Number " , " tds.sql_error_number " , FT_UINT32 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_state , { " State " , " tds.state " , FT_UINT8 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_severity_level , { " Severity Level " , " tds.severity_level " , FT_UINT8 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_error_message_length , { " Error message length " , " tds.error_message_length " , FT_UINT16 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_error , { " Error " , " tds.error " , FT_STRING , BASE_NONE , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_server_name_length , { " Server name length " , " tds.server_name_length " , FT_UINT8 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_server_name , { " Server name " , " tds.server_name " , FT_STRING , BASE_NONE , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_process_name_length , { " Process name length " , " tds.process_name_length " , FT_UINT8 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_process_name , { " Process name " , " tds.process_name " , FT_STRING , BASE_NONE , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_line_number16 , { " line number " , " tds.line_number " , FT_UINT16 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_line_number32 , { " line number " , " tds.line_number " , FT_UINT32 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_ack , { " Ack " , " tds.ack " , FT_UINT8 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_text_length , { " Text length " , " tds.text_length " , FT_UINT8 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
2014-10-19 14:18:29 +00:00
{ & hf_tds_server_version , { " Server Version " , " tds.server_version " , FT_UINT32 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
2014-10-17 14:11:22 +00:00
{ & hf_tds_columns , { " Columns " , " tds.columns " , FT_UINT16 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_usertype32 , { " usertype " , " tds.usertype " , FT_UINT32 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_usertype16 , { " usertype " , " tds.usertype " , FT_UINT16 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_results_token_flags , { " flags " , " tds.results_token_flags " , FT_UINT16 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_results_token_type , { " Type " , " tds.results_token_type " , FT_UINT8 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_unknown_bytes_1 , { " Unknown byte " , " tds.unknown_bytes " , FT_UINT8 , BASE_HEX , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_unknown_bytes_4 , { " Unknown bytes " , " tds.unknown_bytes " , FT_UINT32 , BASE_HEX , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_unknown_bytes_3 , { " Unknown bytes " , " tds.unknown_bytes " , FT_UINT24 , BASE_HEX , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_large_type_size , { " Large type size " , " tds.large_type_size " , FT_UINT16 , BASE_HEX , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_message_length , { " message length " , " tds.message_length " , FT_UINT8 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_done_token_status_flags , { " Status flags " , " tds.done_token.status_flags " , FT_UINT16 , BASE_HEX , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_operation , { " Operation " , " tds.operation " , FT_UINT16 , BASE_HEX , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_row_count64 , { " row count " , " tds.row_count " , FT_UINT64 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_row_count32 , { " row count " , " tds.row_count " , FT_UINT32 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_tds_packet , { " TDS Packet " , " tds.tds_packet " , FT_BYTES , BASE_NONE , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_login_offset , { " Offset " , " tds.login_offset " , FT_UINT16 , BASE_HEX , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_login_length , { " Length " , " tds.login_length " , FT_UINT16 , BASE_HEX , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_login_password , { " Password " , " tds.login_password " , FT_STRING , BASE_NONE , NULL , 0x0 , NULL , HFILL } } ,
{ & hf_tds_token_len , { " Length " , " tds.token_len " , FT_UINT32 , BASE_DEC , NULL , 0x0 , NULL , HFILL } } ,
2010-05-10 15:54:57 +00:00
} ;
static gint * ett [ ] = {
& ett_tds ,
2010-11-22 18:48:54 +00:00
& ett_tds_status ,
2010-05-10 15:54:57 +00:00
& ett_tds_fragments ,
& ett_tds_fragment ,
2010-11-22 18:48:54 +00:00
& ett_tds_all_headers ,
& ett_tds_all_headers_header ,
& ett_tds_type_info ,
& ett_tds_type_info_collation ,
& ett_tds_type_varbyte ,
& ett_tds_message ,
& ett_tds_rpc_options ,
& ett_tds_rpc_parameter ,
& ett_tds_rpc_parameter_status ,
2010-05-10 15:54:57 +00:00
& ett_tds_token ,
2010-11-22 18:48:54 +00:00
& ett_tds7_query ,
2010-05-10 15:54:57 +00:00
& ett_tds7_login ,
& ett_tds7_hdr ,
2014-10-17 14:11:22 +00:00
& ett_tds_col ,
2010-05-10 15:54:57 +00:00
} ;
2013-08-23 03:17:34 +00:00
static ei_register_info ei [ ] = {
{ & ei_tds_all_headers_header_type , { " tds.all_headers.header.type.invalid " , PI_PROTOCOL , PI_WARN , " Invalid header type " , EXPFILL } } ,
{ & ei_tds_type_info_type , { " tds.type_info.type.invalid " , PI_PROTOCOL , PI_WARN , " Invalid data type " , EXPFILL } } ,
{ & ei_tds_type_info_type_undecoded , { " tds.type_info.type.undecoded " , PI_UNDECODED , PI_ERROR , " Data type not supported yet " , EXPFILL } } ,
{ & ei_tds_invalid_length , { " tds.invalid_length " , PI_MALFORMED , PI_ERROR , " Invalid length " , EXPFILL } } ,
{ & ei_tds_token_length_invalid , { " tds.token.length.invalid " , PI_PROTOCOL , PI_WARN , " Bogus token size " , EXPFILL } } ,
2014-10-17 14:11:22 +00:00
{ & ei_tds_token_stats , { " tds.token.stats " , PI_PROTOCOL , PI_NOTE , " Token stats " , EXPFILL } } ,
2013-08-23 03:17:34 +00:00
} ;
2010-05-10 15:54:57 +00:00
module_t * tds_module ;
2013-08-23 03:17:34 +00:00
expert_module_t * expert_tds ;
2002-08-19 21:33:29 +00:00
/* Register the protocol name and description */
2013-08-23 03:17:34 +00:00
proto_tds = proto_register_protocol ( " Tabular Data Stream " , " TDS " , " tds " ) ;
2002-08-19 21:33:29 +00:00
/* Required function calls to register the header fields and subtrees used */
2010-05-10 15:54:57 +00:00
proto_register_field_array ( proto_tds , hf , array_length ( hf ) ) ;
proto_register_subtree_array ( ett , array_length ( ett ) ) ;
2013-08-23 03:17:34 +00:00
expert_tds = expert_register_protocol ( proto_tds ) ;
expert_register_field_array ( expert_tds , ei , array_length ( ei ) ) ;
2002-08-19 21:33:29 +00:00
2008-10-16 07:20:02 +00:00
/* Allow dissector to be found by name. */
2013-08-05 19:09:44 +00:00
tds_tcp_handle = register_dissector ( " tds " , dissect_tds_tcp , proto_tds ) ;
2010-05-10 15:54:57 +00:00
tds_module = prefs_register_protocol ( proto_tds , NULL ) ;
prefs_register_bool_preference ( tds_module , " desegment_buffers " ,
" Reassemble TDS buffers spanning multiple TCP segments " ,
" Whether the TDS dissector should reassemble TDS buffers spanning multiple TCP segments. "
" To use this option, you must also enable \" Allow subdissectors to reassemble TCP streams \" in the TCP protocol settings. " ,
& tds_desegment ) ;
prefs_register_bool_preference ( tds_module , " defragment " ,
" Reassemble fragmented TDS messages with multiple buffers " ,
" Whether the TDS dissector should defragment messages spanning multiple Netlib buffers " ,
& tds_defragment ) ;
prefs_register_enum_preference ( tds_module , " protocol_type " ,
" TDS Protocol Type " ,
" Hint as to version of TDS protocol being decoded " ,
& tds_protocol_type , tds_protocol_type_options , FALSE ) ;
prefs_register_enum_preference ( tds_module , " endian_type " ,
" TDS decode as " ,
" Hint as to whether to decode TDS protocol as little-endian or big-endian. (TDS7/8 always decoded as little-endian) " ,
& tds_little_endian , tds_endian_type_options , FALSE ) ;
prefs_register_range_preference ( tds_module , " tcp_ports " ,
" TDS TCP ports " ,
" Additional TCP ports to decode as TDS " ,
& tds_tcp_ports , 0xFFFF ) ;
register_init_routine ( tds_init ) ;
2002-08-19 21:33:29 +00:00
}
/* If this dissector uses sub-dissector registration add a registration routine.
This format is required because a script is used to find these routines and
create the code that calls these routines .
*/
void
I've seen a capture with a TDS packet type of 18 at the beginning of the
session; treat all packet type values >= 1 and <= 18 as valid packet
types.
Do standard TCP desegmentation of Netlib buffers, and do reassembly of
TDS messages fragmented over multiple Netlib buffers, rather than doing
the "remember what was in the last TCP segment" stuff; I've seen nothing
to indicate that a TDS message would continue past the last byte of a
"last buffer in request or response" Netlib buffer, and the "remember
what was in the last TCP segment" stuff was complicated and buggy,
perhaps irreparably so ("buggy" as in "crashes").
Make the top-level protocol item for a TDS message be an item for
"proto_tds", and put both the Netlib header and TDS stuff under that
item - that's what Microsoft Network Monitor does.
Get rid of the unused Netlib heuristic subdissector list.
Don't make a new data source for NTLMSSP data in a TDS message - the
data is just a slice of the message, it's not transformed from ASCII hex
to binary, or reassembled, or anything such as that.
Tokens are tokens, not PDUs.
Make the heuristics a bit stronger, to reject packets that are clearly
not TDS packets. Once the heuristics match, make a non-heuristic
dissector the dissector for the conversation.
Quit dissecting the TCP segment (or reassembled data) if we have a
Netlib buffer with a length < 8, as it's not large enough to even have a
Netlib header.
svn path=/trunk/; revision=6737
2002-12-03 08:36:48 +00:00
proto_reg_handoff_tds ( void )
2002-08-19 21:33:29 +00:00
{
2010-05-10 15:54:57 +00:00
/* Initial TDS ports: MS SQL default ports */
2010-12-20 05:35:29 +00:00
dissector_add_uint ( " tcp.port " , 1433 , tds_tcp_handle ) ;
dissector_add_uint ( " tcp.port " , 2433 , tds_tcp_handle ) ;
2004-11-21 22:03:33 +00:00
2010-05-10 15:54:57 +00:00
heur_dissector_add ( " tcp " , dissect_tds_tcp_heur , proto_tds ) ;
2002-08-19 21:33:29 +00:00
2010-05-10 15:54:57 +00:00
ntlmssp_handle = find_dissector ( " ntlmssp " ) ;
gssapi_handle = find_dissector ( " gssapi " ) ;
data_handle = find_dissector ( " data " ) ;
2002-09-28 16:04:03 +00:00
}
2013-03-17 19:22:36 +00:00
/*
* Editor modelines
*
* Local Variables :
* c - basic - offset : 4
* tab - width : 8
* indent - tabs - mode : nil
* End :
*
* ex : set shiftwidth = 4 tabstop = 8 expandtab :
* : indentSize = 4 : tabSize = 8 : noTabs = true :
*/
