From Ronnie Sahlberg:
fix to LookupRids to match what the IDL file says; fix to "dissect_ndr_uint64()" to specify the right length to "proto_tree_add_item()"; give the protocol tree items for array header counts and offsets the correct offsets in the packet. svn path=/trunk/; revision=4719
This commit is contained in:
Guy Harris
parent
1726d487a5
commit
04228a94a3
|
|
@ -2,7 +2,7 @@
|
|||
* Routines for SMB \\PIPE\\samr packet disassembly
|
||||
* Copyright 2001, Tim Potter <tpot@samba.org>
|
||||
*
|
||||
* $Id: packet-dcerpc-samr.c,v 1.10 2002/02/10 23:51:44 guy Exp $
|
||||
* $Id: packet-dcerpc-samr.c,v 1.11 2002/02/11 08:19:08 guy Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@ethereal.com>
|
||||
|
|
@ -1985,28 +1985,18 @@ samr_dissect_PSID_ARRAY(tvbuff_t *tvb, int offset,
|
|||
}
|
||||
|
||||
static int
|
||||
samr_dissect_pindex(tvbuff_t *tvb, int offset,
|
||||
packet_info *pinfo, proto_tree *parent_tree,
|
||||
samr_dissect_index(tvbuff_t *tvb, int offset,
|
||||
packet_info *pinfo, proto_tree *tree,
|
||||
char *drep)
|
||||
{
|
||||
proto_item *item=NULL;
|
||||
proto_tree *tree=NULL;
|
||||
int old_offset=offset;
|
||||
dcerpc_info *di;
|
||||
|
||||
di=pinfo->private_data;
|
||||
|
||||
if(parent_tree){
|
||||
item = proto_tree_add_text(parent_tree, tvb, offset, 0,
|
||||
"SID");
|
||||
tree = proto_item_add_subtree(item, ett_samr_user_dispinfo_1);
|
||||
}
|
||||
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
|
||||
di->hf_index, NULL);
|
||||
|
||||
offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
|
||||
samr_dissect_pointer_long, NDR_POINTER_UNIQUE,
|
||||
di->hf_index);
|
||||
|
||||
proto_item_set_len(item, offset-old_offset);
|
||||
return offset;
|
||||
}
|
||||
|
||||
|
|
@ -2017,7 +2007,7 @@ samr_dissect_INDEX_ARRAY_value (tvbuff_t *tvb, int offset,
|
|||
char *drep)
|
||||
{
|
||||
offset = dissect_ndr_ucarray(tvb, offset, pinfo, tree, drep,
|
||||
samr_dissect_pindex);
|
||||
samr_dissect_index);
|
||||
|
||||
return offset;
|
||||
}
|
||||
|
|
@ -2044,7 +2034,7 @@ samr_dissect_INDEX_ARRAY(tvbuff_t *tvb, int offset,
|
|||
|
||||
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
|
||||
hf_samr_count, &count);
|
||||
offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
|
||||
offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
|
||||
samr_dissect_INDEX_ARRAY_value, NDR_POINTER_UNIQUE,
|
||||
di->hf_index);
|
||||
|
||||
|
|
@ -3254,6 +3244,16 @@ samr_dissect_UNICODE_STRING_ARRAY_name(tvbuff_t *tvb, int offset,
|
|||
return offset;
|
||||
}
|
||||
|
||||
static int
|
||||
samr_dissect_UNICODE_STRING_ARRAY_names(tvbuff_t *tvb, int offset,
|
||||
packet_info *pinfo, proto_tree *tree,
|
||||
char *drep)
|
||||
{
|
||||
offset = dissect_ndr_ucarray(tvb, offset, pinfo, tree, drep,
|
||||
samr_dissect_UNICODE_STRING_ARRAY_name);
|
||||
return offset;
|
||||
}
|
||||
|
||||
static int
|
||||
samr_dissect_UNICODE_STRING_ARRAY(tvbuff_t *tvb, int offset,
|
||||
packet_info *pinfo, proto_tree *parent_tree,
|
||||
|
|
@ -3272,8 +3272,9 @@ samr_dissect_UNICODE_STRING_ARRAY(tvbuff_t *tvb, int offset,
|
|||
offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
|
||||
hf_samr_count, NULL);
|
||||
|
||||
offset = dissect_ndr_ucarray(tvb, offset, pinfo, tree, drep,
|
||||
samr_dissect_UNICODE_STRING_ARRAY_name);
|
||||
offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
|
||||
samr_dissect_UNICODE_STRING_ARRAY_names, NDR_POINTER_UNIQUE,
|
||||
-1);
|
||||
|
||||
proto_item_set_len(item, offset-old_offset);
|
||||
return offset;
|
||||
|
|
@ -3291,8 +3292,8 @@ samr_dissect_lookup_rids_reply(tvbuff_t *tvb, int offset,
|
|||
samr_dissect_UNICODE_STRING_ARRAY, NDR_POINTER_REF,
|
||||
hf_samr_rid);
|
||||
offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
|
||||
samr_dissect_MEMBER_ARRAY_types, NDR_POINTER_REF,
|
||||
-1);
|
||||
samr_dissect_INDEX_ARRAY, NDR_POINTER_REF,
|
||||
hf_samr_type);
|
||||
offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
|
||||
hf_samr_rc, NULL);
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
* Routines for DCERPC packet disassembly
|
||||
* Copyright 2001, Todd Sabin <tas@webspan.net>
|
||||
*
|
||||
* $Id: packet-dcerpc.c,v 1.31 2002/02/10 23:51:44 guy Exp $
|
||||
* $Id: packet-dcerpc.c,v 1.32 2002/02/11 08:19:08 guy Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@ethereal.com>
|
||||
|
|
@ -407,7 +407,7 @@ dissect_dcerpc_uint64 (tvbuff_t *tvb, gint offset, packet_info *pinfo,
|
|||
}
|
||||
|
||||
if (tree) {
|
||||
proto_tree_add_item (tree, hfindex, tvb, offset, 4, (drep[0] & 0x10));
|
||||
proto_tree_add_item(tree, hfindex, tvb, offset, 8, (drep[0] & 0x10));
|
||||
}
|
||||
|
||||
return offset+8;
|
||||
|
|
@ -467,10 +467,11 @@ dissect_ndr_ucarray(tvbuff_t *tvb, gint offset, packet_info *pinfo,
|
|||
di->conformant_run=0;
|
||||
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
|
||||
hf_dcerpc_array_max_count, &di->array_max_count);
|
||||
di->array_max_count_offset=offset-4;
|
||||
di->conformant_run=1;
|
||||
} else {
|
||||
/* we dont dont remember where in the bytestream this fields was */
|
||||
proto_tree_add_uint(tree, hf_dcerpc_array_max_count, tvb, 0, 0, di->array_max_count);
|
||||
proto_tree_add_uint(tree, hf_dcerpc_array_max_count, tvb, di->array_max_count_offset, 4, di->array_max_count);
|
||||
|
||||
/* real run, dissect the elements */
|
||||
for(i=0;i<di->array_max_count;i++){
|
||||
|
|
@ -495,16 +496,19 @@ dissect_ndr_ucvarray(tvbuff_t *tvb, gint offset, packet_info *pinfo,
|
|||
di->conformant_run=0;
|
||||
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
|
||||
hf_dcerpc_array_max_count, &di->array_max_count);
|
||||
di->array_max_count_offset=offset-4;
|
||||
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
|
||||
hf_dcerpc_array_offset, &di->array_offset);
|
||||
di->array_offset_offset=offset-4;
|
||||
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
|
||||
hf_dcerpc_array_actual_count, &di->array_actual_count);
|
||||
di->array_actual_count_offset=offset-4;
|
||||
di->conformant_run=1;
|
||||
} else {
|
||||
/* we dont dont remember where in the bytestream these fields were */
|
||||
proto_tree_add_uint(tree, hf_dcerpc_array_max_count, tvb, 0, 0, di->array_max_count);
|
||||
proto_tree_add_uint(tree, hf_dcerpc_array_offset, tvb, 0, 0, di->array_offset);
|
||||
proto_tree_add_uint(tree, hf_dcerpc_array_actual_count, tvb, 0, 0, di->array_actual_count);
|
||||
proto_tree_add_uint(tree, hf_dcerpc_array_max_count, tvb, di->array_max_count_offset, 4, di->array_max_count);
|
||||
proto_tree_add_uint(tree, hf_dcerpc_array_offset, tvb, di->array_offset_offset, 4, di->array_offset);
|
||||
proto_tree_add_uint(tree, hf_dcerpc_array_actual_count, tvb, di->array_actual_count_offset, 4, di->array_actual_count);
|
||||
|
||||
/* real run, dissect the elements */
|
||||
for(i=0;i<di->array_actual_count;i++){
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
/* packet-dcerpc.h
|
||||
* Copyright 2001, Todd Sabin <tas@webspan.net>
|
||||
*
|
||||
* $Id: packet-dcerpc.h,v 1.10 2002/01/29 09:13:28 guy Exp $
|
||||
* $Id: packet-dcerpc.h,v 1.11 2002/02/11 08:19:09 guy Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@ethereal.com>
|
||||
|
|
@ -200,8 +200,11 @@ typedef struct _dcerpc_info {
|
|||
gboolean request;
|
||||
gboolean conformant_run;
|
||||
guint32 array_max_count; /* max_count for conformant arrays */
|
||||
guint32 array_max_count_offset;
|
||||
guint32 array_offset;
|
||||
guint32 array_offset_offset;
|
||||
guint32 array_actual_count;
|
||||
guint32 array_actual_count_offset;
|
||||
int hf_index;
|
||||
dcerpc_call_value *call_data;
|
||||
} dcerpc_info;
|
||||
|
|
|
|||
Loading…
Reference in New Issue