osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

rdp: add parsing MONITOR_DEF fields [1] 

[1] https://msdn.microsoft.com/en-us/library/dd342324.aspx

Change-Id: I671ebdd5900a0cd409159388e2f72e6e5fbfd6a2
Reviewed-on: https://code.wireshark.org/review/31390
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
Mariusz Zaborski 2019-01-05 20:19:29 +01:00 committed by Anders Broman
parent 85c189fdb7
commit c608bfec74
1 changed files with 75 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
epan/dissectors/packet-rdp.c
View File

@ -49,6 +49,7 @@ static int ett_rdp_clientSecurityData = -1;
static int ett_rdp_clientNetworkData = -1;
static int ett_rdp_clientClusterData = -1;
static int ett_rdp_clientMonitorData = -1;
static int ett_rdp_clientMonitorDefData = -1;
static int ett_rdp_clientMsgChannelData = -1;
static int ett_rdp_clientMonitorExData = -1;
static int ett_rdp_clientMultiTransportData = -1;
@ -113,6 +114,7 @@ static int hf_rdp_clientSecurityData = -1;
static int hf_rdp_clientNetworkData = -1;
static int hf_rdp_clientClusterData = -1;
static int hf_rdp_clientMonitorData = -1;
static int hf_rdp_clientMonitorDefData = -1;
static int hf_rdp_clientMsgChannelData = -1;
static int hf_rdp_clientMonitorExData = -1;
static int hf_rdp_clientMultiTransportData = -1;
@ -167,6 +169,12 @@ static int hf_rdp_monitorAttributeSize = -1;
static int hf_rdp_monitorCount = -1;
static int hf_rdp_multiTransportFlags = -1;
static int hf_rdp_monitorDefLeft = -1;
static int hf_rdp_monitorDefTop = -1;
static int hf_rdp_monitorDefRight = -1;
static int hf_rdp_monitorDefBottom = -1;
static int hf_rdp_monitorDefFlags = -1;
static int hf_rdp_encryptionMethod = -1;
static int hf_rdp_encryptionLevel = -1;
@ -836,6 +844,12 @@ static const value_string rdp_capabilityType_vals[] = {
{0, NULL },
};
static const value_string rdp_monitorDefFlags_vals[] = {
{ 0, "None" },
{ 1, "Primary" },
{0, NULL },
};
static const value_string rdp_wDayOfWeek_vals[] = {
{ 0, "Sunday" },
{ 1, "Monday" },
@ -1680,6 +1694,41 @@ dissect_rdp_SendData(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void*
return tvb_captured_length(tvb);
}
static int
dissect_rdp_monitor(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree) {
guint32 monitorCount, i;
proto_item *monitorDef_item;
proto_tree *monitorDef_tree;
rdp_field_info_t monitor_fields[] = {
{&hf_rdp_headerType, 2, NULL, 0, 0, NULL },
{&hf_rdp_headerLength, 2, NULL, 0, 0, NULL },
{&hf_rdp_monitorFlags, 4, NULL, 0, 0, NULL },
{&hf_rdp_monitorCount, 4, &monitorCount, 0, 0, NULL },
FI_TERMINATOR
};
rdp_field_info_t monitorDef_fields[] = {
{&hf_rdp_monitorDefLeft, 4, NULL, 0, 0, NULL },
{&hf_rdp_monitorDefTop, 4, NULL, 0, 0, NULL },
{&hf_rdp_monitorDefRight, 4, NULL, 0, 0, NULL },
{&hf_rdp_monitorDefBottom, 4, NULL, 0, 0, NULL },
{&hf_rdp_monitorDefFlags, 4, NULL, 0, 0, NULL },
FI_TERMINATOR
};
offset = dissect_rdp_fields(tvb, offset, pinfo, tree, monitor_fields, 0);
for (i = 0; i < monitorCount; i++) {
monitorDef_item = proto_tree_add_item(tree, hf_rdp_clientMonitorDefData, tvb, offset, 20, ENC_NA);
monitorDef_tree = proto_item_add_subtree(monitorDef_item, ett_rdp_clientMonitorDefData);
offset = dissect_rdp_fields(tvb, offset, pinfo, monitorDef_tree, monitorDef_fields, 0);
}
return offset;
}
static int
dissect_rdp_ClientData(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) {
int offset = 0;
@ -1747,13 +1796,6 @@ dissect_rdp_ClientData(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void
{&hf_rdp_msgChannelFlags, 4, NULL, 0, 0, NULL },
FI_TERMINATOR
};
rdp_field_info_t monitor_fields[] = {
{&hf_rdp_headerType, 2, NULL, 0, 0, NULL },
{&hf_rdp_headerLength, 2, NULL, 0, 0, NULL },
{&hf_rdp_monitorFlags, 4, NULL, 0, 0, NULL },
{&hf_rdp_monitorCount, 4, NULL, 0, 0, NULL },
FI_TERMINATOR
};
rdp_field_info_t monitorex_fields[] = {
{&hf_rdp_headerType, 2, NULL, 0, 0, NULL },
{&hf_rdp_headerLength, 2, NULL, 0, 0, NULL },
@ -1821,7 +1863,7 @@ dissect_rdp_ClientData(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void
case CS_MONITOR:
pi = proto_tree_add_item(tree, hf_rdp_clientMonitorData, tvb, offset, length, ENC_NA);
next_tree = proto_item_add_subtree(pi, ett_rdp_clientMonitorData);
/*offset =*/ dissect_rdp_fields(tvb, offset, pinfo, next_tree, monitor_fields, 0);
/*offset =*/ dissect_rdp_monitor(tvb, offset, pinfo, next_tree);
break;
case CS_MONITOR_EX:
@ -2390,6 +2432,10 @@ proto_register_rdp(void) {
{ "clientMonitorData", "rdp.client.monitorData",
FT_NONE, BASE_NONE, NULL, 0,
NULL, HFILL }},
{ &hf_rdp_clientMonitorDefData,
{ "clientMonitorDefData", "rdp.client.monitorDefData",
FT_NONE, BASE_NONE, NULL, 0,
NULL, HFILL }},
{ &hf_rdp_clientMsgChannelData,
{ "clientMsgChannelData", "rdp.client.msgChannelData",
FT_NONE, BASE_NONE, NULL, 0,
@ -2586,6 +2632,26 @@ proto_register_rdp(void) {
{ "monitorCount", "rdp.monitorCount",
FT_UINT32, BASE_DEC, NULL, 0,
NULL, HFILL }},
{ &hf_rdp_monitorDefLeft,
{ "left", "rdp.monitorDef.left",
FT_INT32, BASE_DEC, NULL, 0,
NULL, HFILL }},
{ &hf_rdp_monitorDefTop,
{ "top", "rdp.monitorDef.top",
FT_INT32, BASE_DEC, NULL, 0,
NULL, HFILL }},
{ &hf_rdp_monitorDefRight,
{ "right", "rdp.monitorDef.right",
FT_INT32, BASE_DEC, NULL, 0,
NULL, HFILL }},
{ &hf_rdp_monitorDefBottom,
{ "bottom", "rdp.monitorDef.bottom",
FT_INT32, BASE_DEC, NULL, 0,
NULL, HFILL }},
{ &hf_rdp_monitorDefFlags,
{ "flags", "rdp.monitorDef.flags",
FT_UINT32, BASE_DEC, VALS(rdp_monitorDefFlags_vals), 0,
NULL, HFILL }},
{ &hf_rdp_multiTransportFlags,
{ "multiTransportFlags", "rdp.multiTransportFlags",
FT_UINT32, BASE_HEX, NULL, 0,
@ -3258,6 +3324,7 @@ proto_register_rdp(void) {
&ett_rdp_clientCoreData,
&ett_rdp_clientInfoPDU,
&ett_rdp_clientMonitorData,
&ett_rdp_clientMonitorDefData,
&ett_rdp_clientMonitorExData,
&ett_rdp_clientMsgChannelData,
&ett_rdp_clientMultiTransportData,