From 1e85fd9ed57c720fd4d6060f0540d8161e554cbe Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Fri, 31 Jan 2003 04:11:25 +0000 Subject: [PATCH] Modify dissect_nt_sid() function to return a string version of the SID. Fix all callers to use the new function form. svn path=/trunk/; revision=7054 --- packet-smb-common.h | 5 +++-- packet-smb-logon.c | 7 ++++--- packet-smb.c | 28 +++++++++++++++++++--------- 3 files changed, 26 insertions(+), 14 deletions(-) diff --git a/packet-smb-common.h b/packet-smb-common.h index 9f5d02f276..c358acdd45 100644 --- a/packet-smb-common.h +++ b/packet-smb-common.h @@ -2,7 +2,7 @@ * Routines for SMB packet dissection * Copyright 1999, Richard Sharpe * - * $Id: packet-smb-common.h,v 1.15 2002/08/28 21:00:31 jmayer Exp $ + * $Id: packet-smb-common.h,v 1.16 2003/01/31 04:11:25 tpot Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -55,7 +55,8 @@ const gchar *get_unicode_or_ascii_string(tvbuff_t *tvb, int *offsetp, int dissect_smb_64bit_time(tvbuff_t *tvb, proto_tree *tree, int offset, int hf_date); -int dissect_nt_sid(tvbuff_t *tvb, int offset, proto_tree *parent_tree, char *name); +int dissect_nt_sid(tvbuff_t *tvb, int offset, proto_tree *parent_tree, + char *name, char **sid_str); int dissect_nt_sec_desc(tvbuff_t *tvb, int offset, proto_tree *parent_tree, int len); diff --git a/packet-smb-logon.c b/packet-smb-logon.c index 767a7d591d..2811151ff8 100644 --- a/packet-smb-logon.c +++ b/packet-smb-logon.c @@ -2,7 +2,7 @@ * Routines for SMB net logon packet dissection * Copyright 2000, Jeffrey C. Foster * - * $Id: packet-smb-logon.c,v 1.28 2002/08/28 21:00:31 jmayer Exp $ + * $Id: packet-smb-logon.c,v 1.29 2003/01/31 04:11:25 tpot Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -489,7 +489,8 @@ dissect_announce_change(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, offset = ((offset + 3)/4)*4; /* Domain SID */ - offset = dissect_nt_sid(tvb, offset, tree, "Domain"); + offset = dissect_nt_sid( + tvb, offset, tree, "Domain", NULL); } /* NT version */ @@ -542,7 +543,7 @@ dissect_smb_sam_logon_req(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tre offset = ((offset + 3)/4)*4; /* Domain SID */ - offset = dissect_nt_sid(tvb, offset, tree, "Domain"); + offset = dissect_nt_sid(tvb, offset, tree, "Domain", NULL); } /* NT version */ diff --git a/packet-smb.c b/packet-smb.c index 08333c28b8..7ff698dda8 100644 --- a/packet-smb.c +++ b/packet-smb.c @@ -3,7 +3,7 @@ * Copyright 1999, Richard Sharpe * 2001 Rewrite by Ronnie Sahlberg and Guy Harris * - * $Id: packet-smb.c,v 1.303 2003/01/22 00:40:30 sahlberg Exp $ + * $Id: packet-smb.c,v 1.304 2003/01/31 04:11:25 tpot Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs @@ -7000,8 +7000,12 @@ free_g_string(void *arg) g_string_free(arg, TRUE); } +/* Dissect a NT SID. Label it with 'name' and return a string version of + the SID in the 'sid_str' parameter which must be freed by the caller. */ + int -dissect_nt_sid(tvbuff_t *tvb, int offset, proto_tree *parent_tree, char *name) +dissect_nt_sid(tvbuff_t *tvb, int offset, proto_tree *parent_tree, char *name, + char **sid_str) { proto_item *item = NULL; proto_tree *tree = NULL; @@ -7073,13 +7077,17 @@ dissect_nt_sid(tvbuff_t *tvb, int offset, proto_tree *parent_tree, char *name) proto_tree_add_text(tree, tvb, offset, 4, "RID: %u", rid); proto_item_append_text(item, ": S-1-%u-%s-%u", auth, gstr->str, rid); offset+=4; + if (sid_str) + *sid_str = g_strdup_printf( + "S-1-%u-%s-%u", auth, gstr->str, rid); } else { proto_item_append_text(item, ": S-1-%u-%s", auth, gstr->str); + if (sid_str) + *sid_str = g_strdup_printf("S-1-%u-%s", auth, gstr->str); } CLEANUP_CALL_AND_POP; - } proto_item_set_len(item, offset-old_offset); @@ -7211,7 +7219,7 @@ dissect_nt_v2_ace(tvbuff_t *tvb, int offset, proto_tree *parent_tree) offset = dissect_nt_access_mask(tvb, tree, offset); /* SID */ - offset = dissect_nt_sid(tvb, offset, tree, "ACE"); + offset = dissect_nt_sid(tvb, offset, tree, "ACE", NULL); proto_item_set_len(item, offset-old_offset); @@ -7416,14 +7424,16 @@ dissect_nt_sec_desc(tvbuff_t *tvb, int offset, proto_tree *parent_tree, int len) /*owner SID*/ if(owner_sid_offset){ if (len == -1) - offset = dissect_nt_sid(tvb, offset, tree, "Owner"); + offset = dissect_nt_sid(tvb, offset, tree, "Owner", NULL); else - dissect_nt_sid(tvb, old_offset+owner_sid_offset, tree, "Owner"); + dissect_nt_sid( + tvb, old_offset+owner_sid_offset, tree, "Owner", NULL); } /*group SID*/ if(group_sid_offset){ - dissect_nt_sid(tvb, old_offset+group_sid_offset, tree, "Group"); + dissect_nt_sid( + tvb, old_offset+group_sid_offset, tree, "Group", NULL); } /* sacl */ @@ -7483,7 +7493,7 @@ dissect_nt_user_quota(tvbuff_t *tvb, proto_tree *tree, int offset, guint16 *bcp) /* SID of the user */ old_sid_offset=offset; - offset = dissect_nt_sid(tvb, offset, tree, "Quota"); + offset = dissect_nt_sid(tvb, offset, tree, "Quota", NULL); *bcp -= (offset-old_sid_offset); if(qsize){ @@ -7554,7 +7564,7 @@ dissect_nt_trans_data_request(tvbuff_t *tvb, packet_info *pinfo, int offset, pro proto_tree_add_text(tree, tvb, offset, 4, "Length of SID: %d", tvb_get_letohl(tvb, offset)); offset +=4; - offset = dissect_nt_sid(tvb, offset, tree, "Quota"); + offset = dissect_nt_sid(tvb, offset, tree, "Quota", NULL); break; case NT_TRANS_SET_USER_QUOTA: offset = dissect_nt_user_quota(tvb, tree, offset, &bcp);