* or later
*/
-#define NETDISSECT_REWORKED
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
-#include <tcpdump-stdinc.h>
+#include <netdissect-stdinc.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include "interface.h"
+#include "netdissect.h"
#include "extract.h"
#include "smb.h"
-static u_int32_t stringlen;
+static uint32_t stringlen;
extern const u_char *startbuf;
/*
* interpret a 32 bit dos packed date/time to some parameters
*/
static void
-interpret_dos_date(u_int32_t date, struct tm *tp)
+interpret_dos_date(uint32_t date, struct tm *tp)
{
- u_int32_t p0, p1, p2, p3;
+ uint32_t p0, p1, p2, p3;
p0 = date & 0xFF;
p1 = ((date & 0xFF00) >> 8) & 0xFF;
* create a unix date from a dos date
*/
static time_t
-int_unix_date(u_int32_t dos_date)
+int_unix_date(uint32_t dos_date)
{
struct tm t;
static time_t
make_unix_date(const u_char *date_ptr)
{
- u_int32_t dos_date = 0;
+ uint32_t dos_date = 0;
dos_date = EXTRACT_LE_32BITS(date_ptr);
static time_t
make_unix_date2(const u_char *date_ptr)
{
- u_int32_t x, x2;
+ uint32_t x, x2;
x = EXTRACT_LE_32BITS(date_ptr);
x2 = ((x & 0xFFFF) << 16) | ((x & 0xFFFF0000) >> 16);
/* XXX - this should use the same code that the DNS dissector does */
if ((c & 0xC0) == 0xC0) {
- u_int16_t l;
+ uint16_t l;
ND_TCHECK2(*p, 2);
if ((p + 1) >= maxbuf)
return(-1); /* name goes past the end of the buffer */
ND_TCHECK2(*s, 1);
s += (*s) + 1;
+ ND_TCHECK2(*s, 1);
}
return(PTR_DIFF(s, s0) + 1);
}
void
-print_data(netdissect_options *ndo,
- const unsigned char *buf, int len)
+smb_print_data(netdissect_options *ndo, const unsigned char *buf, int len)
{
int i = 0;
#define MAX_UNISTR_SIZE 1000
static const char *
unistr(netdissect_options *ndo,
- const u_char *s, u_int32_t *len, int use_unicode)
+ const u_char *s, uint32_t *len, int use_unicode)
{
static char buf[MAX_UNISTR_SIZE+1];
size_t l = 0;
- u_int32_t strsize;
+ uint32_t strsize;
const u_char *sp;
if (use_unicode) {
case 'P':
{
- int l = atoi(fmt + 1);
+ int l = atoi(fmt + 1);
+ if(l <= 0) goto trunc; /* actually error in fmt string */
ND_TCHECK2(buf[0], l);
buf += l;
fmt++;
while (isdigit((unsigned char)*fmt))
- fmt++;
+ fmt++;
break;
}
case 'r':
}
case 'L':
{
- u_int64_t x;
+ uint64_t x;
ND_TCHECK2(buf[0], 8);
x = reverse ? EXTRACT_64BITS(buf) :
EXTRACT_LE_64BITS(buf);
case 'M':
{
/* Weird mixed-endian length values in 64-bit locks */
- u_int32_t x1, x2;
- u_int64_t x;
+ uint32_t x1, x2;
+ uint64_t x;
ND_TCHECK2(buf[0], 8);
x1 = reverse ? EXTRACT_32BITS(buf) :
EXTRACT_LE_32BITS(buf);
x2 = reverse ? EXTRACT_32BITS(buf + 4) :
EXTRACT_LE_32BITS(buf + 4);
- x = (((u_int64_t)x1) << 32) | x2;
+ x = (((uint64_t)x1) << 32) | x2;
ND_PRINT((ndo, "%" PRIu64 " (0x%" PRIx64 ")", x, x));
buf += 8;
fmt++;
{
/*XXX unistr() */
const char *s;
- u_int32_t len;
+ uint32_t len;
len = 0;
s = unistr(ndo, buf, &len, (*fmt == 'R') ? 0 : unicodestr);
case 'Y': /* like 'Z', but always ASCII */
{
const char *s;
- u_int32_t len;
+ uint32_t len;
ND_TCHECK(*buf);
if (*buf != 4 && *buf != 2) {
time_t t;
struct tm *lt;
const char *tstring;
- u_int32_t x;
+ uint32_t x;
switch (atoi(fmt + 1)) {
case 1:
int unicodestr)
{
static int depth = 0;
+ const u_char *buf_start = buf;
char s[128];
char *p;
while (*fmt) {
switch (*fmt) {
case '*':
+ /*
+ * List of multiple instances of something described by the
+ * remainder of the string (which may itself include a list
+ * of multiple instances of something, so we recurse).
+ */
fmt++;
while (buf < maxbuf) {
const u_char *buf2;
depth++;
- buf2 = smb_fdata(ndo, buf, fmt, maxbuf, unicodestr);
+ /*
+ * In order to avoid stack exhaustion recurse at most 10
+ * levels; that "should not happen", as no SMB structure
+ * should be nested *that* deeply, and we thus shouldn't
+ * have format strings with that level of nesting.
+ */
+ if (depth == 10) {
+ ND_PRINT((ndo, "(too many nested levels, not recursing)"));
+ buf2 = buf;
+ } else
+ buf2 = smb_fdata(ndo, buf, fmt, maxbuf, unicodestr);
depth--;
if (buf2 == NULL)
return(NULL);
return(buf);
case '|':
+ /*
+ * Just do a bounds check.
+ */
fmt++;
if (buf >= maxbuf)
return(buf);
break;
case '%':
+ /*
+ * XXX - unused?
+ */
fmt++;
buf = maxbuf;
break;
case '#':
+ /*
+ * Done?
+ */
fmt++;
return(buf);
break;
case '[':
+ /*
+ * Format of an item, enclosed in square brackets; dissect
+ * the item with smb_fdata1().
+ */
fmt++;
if (buf >= maxbuf)
return(buf);
s[p - fmt] = '\0';
fmt = p + 1;
buf = smb_fdata1(ndo, buf, s, maxbuf, unicodestr);
- if (buf == NULL)
+ if(buf < buf_start || buf == NULL) {
return(NULL);
+ }
break;
default:
+ /*
+ * Not a formatting character, so just print it.
+ */
ND_PRINT((ndo, "%c", *fmt));
fmt++;
break;
if (!depth && buf < maxbuf) {
size_t len = PTR_DIFF(maxbuf, buf);
ND_PRINT((ndo, "Data: (%lu bytes)\n", (unsigned long)len));
- print_data(ndo, buf, len);
+ smb_print_data(ndo, buf, len);
return(buf + len);
}
return(buf);
}
typedef struct {
- u_int32_t code;
+ uint32_t code;
const char *name;
} nt_err_code_struct;
* return an NT error string from a SMB buffer
*/
const char *
-nt_errstr(u_int32_t err)
+nt_errstr(uint32_t err)
{
static char ret[128];
int i;
projects / tcpdump / blobdiff