]> The Tcpdump Group git mirrors - tcpdump/blobdiff - print-smb.c
projects / tcpdump / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
add boundary, infinite loop checks
[tcpdump] / print-smb.c
diff --git a/print-smb.c b/print-smb.c
index c7f5f688af9b904b8eaaf69d6e1bdc06b889dae5..73b8575fd397fb228b27c16feb851aa3fc81a20f 100644 (file)
--- a/print-smb.c
+++ b/print-smb.c
@@ -12,7 +12,7 @@
 
 #ifndef lint
 static const char rcsid[] _U_ =
-     "@(#) $Header: /tcpdump/master/tcpdump/print-smb.c,v 1.37 2004-12-28 22:29:44 guy Exp $";
+     "@(#) $Header: /tcpdump/master/tcpdump/print-smb.c,v 1.41 2004-12-30 03:36:51 guy Exp $";
 #endif
 
 #include <tcpdump-stdinc.h>
@@ -123,10 +123,10 @@ trans2_qfsinfo(const u_char *param, const u_char *data, int pcnt, int dcnt)
            fmt = "idFileSystem=[W]\nSectorUnit=[D]\nUnit=[D]\nAvail=[D]\nSectorSize=[d]\n";
            break;
        case 2:
-           fmt = "CreationTime=[T2]VolNameLength=[B]\nVolumeLabel=[s12]\n";
+           fmt = "CreationTime=[T2]VolNameLength=[lb]\nVolumeLabel=[c]\n";
            break;
        case 0x105:
-           fmt = "Capabilities=[W]\nMaxFileLen=[D]\nVolNameLen=[D]\nVolume=[S]\n";
+           fmt = "Capabilities=[W]\nMaxFileLen=[D]\nVolNameLen=[lD]\nVolume=[C]\n";
            break;
        default:
            fmt = "UnknownLevel\n";
@@ -170,8 +170,9 @@ struct smbfnsint trans2_fns[] = {
 
 
 static void
-print_trans2(const u_char *words, const u_char *dat _U_, const u_char *buf, const u_char *maxbuf)
+print_trans2(const u_char *words, const u_char *dat, const u_char *buf, const u_char *maxbuf)
 {
+    u_int bcc;
     static struct smbfnsint *fn = &trans2_fns[0];
     const u_char *data, *param;
     const u_char *w = words + 1;
@@ -209,20 +210,22 @@ print_trans2(const u_char *words, const u_char *dat _U_, const u_char *buf, cons
            return;
        } else {
            smb_fdata(words + 1,
-               "TotParam=[d]\nTotData=[d]\nMaxParam=[d]\nMaxData=[d]\nMaxSetup=[d]\nFlags=[w]\nTimeOut=[D]\nRes1=[w]\nParamCnt=[d]\nParamOff=[d]\nDataCnt=[d]\nDataOff=[d]\nSetupCnt=[d]\n",
+               "TotParam=[d]\nTotData=[d]\nMaxParam=[d]\nMaxData=[d]\nMaxSetup=[b][P1]\nFlags=[w]\nTimeOut=[D]\nRes1=[w]\nParamCnt=[d]\nParamOff=[d]\nDataCnt=[d]\nDataOff=[d]\nSetupCnt=[b][P1]\n",
                words + 1 + 14 * 2, unicodestr);
-           smb_fdata(data + 1, "TransactionName=[S]\n%", maxbuf, unicodestr);
        }
        f1 = fn->descript.req_f1;
        f2 = fn->descript.req_f2;
     } else {
        smb_fdata(words + 1,
-           "TotParam=[d]\nTotData=[d]\nRes1=[w]\nParamCnt=[d]\nParamOff=[d]\nParamDisp[d]\nDataCnt=[d]\nDataOff=[d]\nDataDisp=[d]\nSetupCnt=[d]\n",
+           "TotParam=[d]\nTotData=[d]\nRes1=[w]\nParamCnt=[d]\nParamOff=[d]\nParamDisp[d]\nDataCnt=[d]\nDataOff=[d]\nDataDisp=[d]\nSetupCnt=[b][P1]\n",
            words + 1 + 10 * 2, unicodestr);
        f1 = fn->descript.rep_f1;
        f2 = fn->descript.rep_f2;
     }
 
+    TCHECK2(*dat, 2);
+    bcc = EXTRACT_LE_16BITS(dat);
+    printf("smb_bcc=%u\n", bcc);
     if (fn->descript.fn)
        (*fn->descript.fn)(param, data, pcnt, dcnt);
     else {
@@ -286,13 +289,13 @@ print_browse(const u_char *param, int paramlen, const u_char *data, int datalen)
 
     case 0x9:
        data = smb_fdata(data,
-           "BROWSE PACKET:\nType=[B] (GetBackupList)\nListCount?=[B]\nToken?=[B]\n",
+           "BROWSE PACKET:\nType=[B] (GetBackupList)\nListCount?=[B]\nToken=[W]\n",
            maxbuf, unicodestr);
        break;
 
     case 0xa:
        data = smb_fdata(data,
-           "BROWSE PACKET:\nType=[B] (BackupListResponse)\nServerCount?=[B]\nToken?=[B]*Name=[S]\n",
+           "BROWSE PACKET:\nType=[B] (BackupListResponse)\nServerCount?=[B]\nToken=[W]\n*Name=[S]\n",
            maxbuf, unicodestr);
        break;
 
@@ -774,8 +777,8 @@ static struct smbfns smb_fns[] = {
     { SMBnttranss, "SMBnttranss", 0, DEFDESCRIPT },
 
     { SMBntcreateX, "SMBntcreateX", FLG_CHAIN,
-       { "Com2=[w]\nOff2=[d]\nRes=[b]\nNameLen=[d]\nFlags=[W]\nRootDirectoryFid=[D]\nAccessMask=[W]\nAllocationSize=[L]\nExtFileAttributes=[W]\nShareAccess=[W]\nCreateDisposition=[W]\nCreateOptions=[W]\nImpersonationLevel=[W]\nSecurityFlags=[b]\n",
-         "Path=[S]\n",
+       { "Com2=[w]\nOff2=[d]\nRes=[b]\nNameLen=[ld]\nFlags=[W]\nRootDirectoryFid=[D]\nAccessMask=[W]\nAllocationSize=[L]\nExtFileAttributes=[W]\nShareAccess=[W]\nCreateDisposition=[W]\nCreateOptions=[W]\nImpersonationLevel=[W]\nSecurityFlags=[b]\n",
+         "Path=[C]\n",
          "Com2=[w]\nOff2=[d]\nOplockLevel=[b]\nFid=[d]\nCreateAction=[W]\nCreateTime=[T3]LastAccessTime=[T3]LastWriteTime=[T3]ChangeTime=[T3]ExtFileAttributes=[W]\nAllocationSize=[L]\nEndOfFile=[L]\nFileType=[w]\nDeviceState=[w]\nDirectory=[b]\n",
          NULL, NULL } },
 
@@ -791,7 +794,10 @@ static struct smbfns smb_fns[] = {
 static void
 print_smb(const u_char *buf, const u_char *maxbuf)
 {
+    u_int16_t flags2;
+    int nterrcodes;
     int command;
+    u_int32_t nterror;
     const u_char *words, *maxwords, *data;
     struct smbfns *fn;
     const char *fmt_smbheader =
@@ -800,7 +806,9 @@ print_smb(const u_char *buf, const u_char *maxbuf)
 
     TCHECK(buf[9]);
     request = (buf[9] & 0x80) ? 0 : 1;
-    unicodestr = EXTRACT_LE_16BITS(&buf[10]) & 0x8000;
+    flags2 = EXTRACT_LE_16BITS(&buf[10]);
+    unicodestr = flags2 & 0x8000;
+    nterrcodes = flags2 & 0x4000;
     startbuf = buf;
 
     command = buf[4];
@@ -818,8 +826,14 @@ print_smb(const u_char *buf, const u_char *maxbuf)
     /* print out the header */
     smb_fdata(buf, fmt_smbheader, buf + 33, unicodestr);
 
-    if (buf[5])
-       printf("SMBError = %s\n", smb_errstr(buf[5], EXTRACT_LE_16BITS(&buf[7])));
+    if (nterrcodes) {
+       nterror = EXTRACT_LE_32BITS(&buf[5]);
+       if (nterror)
+           printf("NTError = %s\n", nt_errstr(nterror));
+    } else {
+       if (buf[5])
+           printf("SMBError = %s\n", smb_errstr(buf[5], EXTRACT_LE_16BITS(&buf[7])));
+    }
 
     smboffset = 32;
 
[mirror] the TCPdump network dissector