Add support for dissecting FIND responses of FileIdFullDirectoryInfo type.
Simply had to copy an existing one and remove unneeded field etc. Fix bug 13795. Attached a capture showing the problem to the bug report. Change-Id: I93d5cdac3f336cbe0bd93db76a84bf97cbfa00ac Reviewed-on: https://code.wireshark.org/review/22106 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
parent
d8f2bc776a
commit
42a27355ee
|
@ -4017,6 +4017,102 @@ static void dissect_smb2_id_both_directory_info(tvbuff_t *tvb, packet_info *pinf
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static void dissect_smb2_id_full_directory_info(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *parent_tree, smb2_info_t *si _U_)
|
||||||
|
{
|
||||||
|
int offset = 0;
|
||||||
|
proto_item *item = NULL;
|
||||||
|
proto_tree *tree = NULL;
|
||||||
|
const char *name = NULL;
|
||||||
|
guint16 bc;
|
||||||
|
|
||||||
|
while (tvb_reported_length_remaining(tvb, offset) > 4) {
|
||||||
|
int old_offset = offset;
|
||||||
|
int next_offset;
|
||||||
|
int file_name_len;
|
||||||
|
|
||||||
|
if (parent_tree) {
|
||||||
|
item = proto_tree_add_item(parent_tree, hf_smb2_id_both_directory_info, tvb, offset, -1, ENC_NA);
|
||||||
|
tree = proto_item_add_subtree(item, ett_smb2_id_both_directory_info);
|
||||||
|
}
|
||||||
|
|
||||||
|
/* next offset */
|
||||||
|
next_offset = tvb_get_letohl(tvb, offset);
|
||||||
|
proto_tree_add_item(tree, hf_smb2_next_offset, tvb, offset, 4, ENC_LITTLE_ENDIAN);
|
||||||
|
offset += 4;
|
||||||
|
|
||||||
|
/* file index */
|
||||||
|
proto_tree_add_item(tree, hf_smb2_file_index, tvb, offset, 4, ENC_LITTLE_ENDIAN);
|
||||||
|
offset += 4;
|
||||||
|
|
||||||
|
/* create time */
|
||||||
|
offset = dissect_nt_64bit_time(tvb, tree, offset, hf_smb2_create_timestamp);
|
||||||
|
|
||||||
|
/* last access */
|
||||||
|
offset = dissect_nt_64bit_time(tvb, tree, offset, hf_smb2_last_access_timestamp);
|
||||||
|
|
||||||
|
/* last write */
|
||||||
|
offset = dissect_nt_64bit_time(tvb, tree, offset, hf_smb2_last_write_timestamp);
|
||||||
|
|
||||||
|
/* last change */
|
||||||
|
offset = dissect_nt_64bit_time(tvb, tree, offset, hf_smb2_last_change_timestamp);
|
||||||
|
|
||||||
|
/* end of file */
|
||||||
|
proto_tree_add_item(tree, hf_smb2_end_of_file, tvb, offset, 8, ENC_LITTLE_ENDIAN);
|
||||||
|
offset += 8;
|
||||||
|
|
||||||
|
/* allocation size */
|
||||||
|
proto_tree_add_item(tree, hf_smb2_allocation_size, tvb, offset, 8, ENC_LITTLE_ENDIAN);
|
||||||
|
offset += 8;
|
||||||
|
|
||||||
|
/* File Attributes */
|
||||||
|
offset = dissect_file_ext_attr(tvb, tree, offset);
|
||||||
|
|
||||||
|
/* file name length */
|
||||||
|
file_name_len = tvb_get_letohl(tvb, offset);
|
||||||
|
proto_tree_add_item(tree, hf_smb2_filename_len, tvb, offset, 4, ENC_LITTLE_ENDIAN);
|
||||||
|
offset += 4;
|
||||||
|
|
||||||
|
/* ea size */
|
||||||
|
proto_tree_add_item(tree, hf_smb2_ea_size, tvb, offset, 4, ENC_LITTLE_ENDIAN);
|
||||||
|
offset += 4;
|
||||||
|
|
||||||
|
/* reserved */
|
||||||
|
proto_tree_add_item(tree, hf_smb2_reserved, tvb, offset, 4, ENC_NA);
|
||||||
|
offset += 4;
|
||||||
|
|
||||||
|
/* file id */
|
||||||
|
proto_tree_add_item(tree, hf_smb2_file_id, tvb, offset, 8, ENC_LITTLE_ENDIAN);
|
||||||
|
offset += 8;
|
||||||
|
|
||||||
|
/* file name */
|
||||||
|
if (file_name_len) {
|
||||||
|
bc = file_name_len;
|
||||||
|
name = get_unicode_or_ascii_string(tvb, &offset,
|
||||||
|
TRUE, &file_name_len, TRUE, TRUE, &bc);
|
||||||
|
if (name) {
|
||||||
|
proto_tree_add_string(tree, hf_smb2_filename, tvb,
|
||||||
|
offset, file_name_len, name);
|
||||||
|
proto_item_append_text(item, ": %s", name);
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
proto_item_set_len(item, offset-old_offset);
|
||||||
|
|
||||||
|
if (next_offset == 0) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
offset = old_offset+next_offset;
|
||||||
|
if (offset < old_offset) {
|
||||||
|
proto_tree_add_expert_format(tree, pinfo, &ei_smb2_invalid_length, tvb, offset, -1,
|
||||||
|
"Invalid offset/length. Malformed packet");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
typedef struct _smb2_find_dissector_t {
|
typedef struct _smb2_find_dissector_t {
|
||||||
guint32 level;
|
guint32 level;
|
||||||
void (*dissector)(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, smb2_info_t *si);
|
void (*dissector)(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, smb2_info_t *si);
|
||||||
|
@ -4028,6 +4124,7 @@ smb2_find_dissector_t smb2_find_dissectors[] = {
|
||||||
{SMB2_FIND_BOTH_DIRECTORY_INFO, dissect_smb2_both_directory_info},
|
{SMB2_FIND_BOTH_DIRECTORY_INFO, dissect_smb2_both_directory_info},
|
||||||
{SMB2_FIND_NAME_INFO, dissect_smb2_file_name_info},
|
{SMB2_FIND_NAME_INFO, dissect_smb2_file_name_info},
|
||||||
{SMB2_FIND_ID_BOTH_DIRECTORY_INFO,dissect_smb2_id_both_directory_info},
|
{SMB2_FIND_ID_BOTH_DIRECTORY_INFO,dissect_smb2_id_both_directory_info},
|
||||||
|
{SMB2_FIND_ID_FULL_DIRECTORY_INFO,dissect_smb2_id_full_directory_info},
|
||||||
{0, NULL}
|
{0, NULL}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue