X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/99c91c3aec40b691641374f58e798bd8d6b657bd..e01c9bf76740802025c9328901b55ee4a0c49ed6:/print-smb.c?ds=sidebyside diff --git a/print-smb.c b/print-smb.c index 7330d6b5..944b8d28 100644 --- a/print-smb.c +++ b/print-smb.c @@ -6,6 +6,8 @@ * or later */ +/* \summary: SMB/CIFS printer */ + #ifdef HAVE_CONFIG_H #include "config.h" #endif @@ -99,7 +101,7 @@ trans2_findfirst(netdissect_options *ndo, smb_fdata(ndo, param, fmt, param + pcnt, unicodestr); if (dcnt) { ND_PRINT((ndo, "data:\n")); - print_data(ndo, data, dcnt); + smb_print_data(ndo, data, dcnt); } } @@ -134,7 +136,7 @@ trans2_qfsinfo(netdissect_options *ndo, } if (dcnt) { ND_PRINT((ndo, "data:\n")); - print_data(ndo, data, dcnt); + smb_print_data(ndo, data, dcnt); } return; trunc: @@ -369,16 +371,21 @@ print_trans(netdissect_options *ndo, ND_PRINT((ndo, "smb_bcc=%u\n", bcc)); if (bcc > 0) { smb_fdata(ndo, data1 + 2, f2, maxbuf - (paramlen + datalen), unicodestr); - - if (strcmp((const char *)(data1 + 2), "\\MAILSLOT\\BROWSE") == 0) { +#define MAILSLOT_BROWSE_STR "\\MAILSLOT\\BROWSE" + ND_TCHECK2(*(data1 + 2), strlen(MAILSLOT_BROWSE_STR) + 1); + if (strcmp((const char *)(data1 + 2), MAILSLOT_BROWSE_STR) == 0) { print_browse(ndo, param, paramlen, data, datalen); return; } +#undef MAILSLOT_BROWSE_STR - if (strcmp((const char *)(data1 + 2), "\\PIPE\\LANMAN") == 0) { +#define PIPE_LANMAN_STR "\\PIPE\\LANMAN" + ND_TCHECK2(*(data1 + 2), strlen(PIPE_LANMAN_STR) + 1); + if (strcmp((const char *)(data1 + 2), PIPE_LANMAN_STR) == 0) { print_ipc(ndo, param, paramlen, data, datalen); return; } +#undef PIPE_LANMAN_STR if (paramlen) smb_fdata(ndo, param, f3, min(param + paramlen, maxbuf), unicodestr); @@ -415,7 +422,7 @@ print_negprot(netdissect_options *ndo, smb_fdata(ndo, words + 1, f1, min(words + 1 + wct * 2, maxbuf), unicodestr); else - print_data(ndo, words + 1, min(wct * 2, PTR_DIFF(maxbuf, words + 1))); + smb_print_data(ndo, words + 1, min(wct * 2, PTR_DIFF(maxbuf, words + 1))); ND_TCHECK2(*data, 2); bcc = EXTRACT_LE_16BITS(data); @@ -425,7 +432,7 @@ print_negprot(netdissect_options *ndo, smb_fdata(ndo, data + 2, f2, min(data + 2 + EXTRACT_LE_16BITS(data), maxbuf), unicodestr); else - print_data(ndo, data + 2, min(EXTRACT_LE_16BITS(data), PTR_DIFF(maxbuf, data + 2))); + smb_print_data(ndo, data + 2, min(EXTRACT_LE_16BITS(data), PTR_DIFF(maxbuf, data + 2))); } return; trunc: @@ -459,7 +466,7 @@ print_sesssetup(netdissect_options *ndo, smb_fdata(ndo, words + 1, f1, min(words + 1 + wct * 2, maxbuf), unicodestr); else - print_data(ndo, words + 1, min(wct * 2, PTR_DIFF(maxbuf, words + 1))); + smb_print_data(ndo, words + 1, min(wct * 2, PTR_DIFF(maxbuf, words + 1))); ND_TCHECK2(*data, 2); bcc = EXTRACT_LE_16BITS(data); @@ -469,7 +476,7 @@ print_sesssetup(netdissect_options *ndo, smb_fdata(ndo, data + 2, f2, min(data + 2 + EXTRACT_LE_16BITS(data), maxbuf), unicodestr); else - print_data(ndo, data + 2, min(EXTRACT_LE_16BITS(data), PTR_DIFF(maxbuf, data + 2))); + smb_print_data(ndo, data + 2, min(EXTRACT_LE_16BITS(data), PTR_DIFF(maxbuf, data + 2))); } return; trunc: @@ -509,7 +516,7 @@ print_lockingandx(netdissect_options *ndo, smb_fdata(ndo, data + 2, f2, min(data + 2 + EXTRACT_LE_16BITS(data), maxbuf), unicodestr); else - print_data(ndo, data + 2, min(EXTRACT_LE_16BITS(data), PTR_DIFF(maxbuf, data + 2))); + smb_print_data(ndo, data + 2, min(EXTRACT_LE_16BITS(data), PTR_DIFF(maxbuf, data + 2))); } return; trunc: @@ -804,9 +811,6 @@ print_smb(netdissect_options *ndo, ND_TCHECK(buf[9]); request = (buf[9] & 0x80) ? 0 : 1; - flags2 = EXTRACT_LE_16BITS(&buf[10]); - unicodestr = flags2 & 0x8000; - nterrcodes = flags2 & 0x4000; startbuf = buf; command = buf[4]; @@ -821,6 +825,11 @@ print_smb(netdissect_options *ndo, if (ndo->ndo_vflag < 2) return; + ND_TCHECK_16BITS(&buf[10]); + flags2 = EXTRACT_LE_16BITS(&buf[10]); + unicodestr = flags2 & 0x8000; + nterrcodes = flags2 & 0x4000; + /* print out the header */ smb_fdata(ndo, buf, fmt_smbheader, buf + 33, unicodestr); @@ -882,7 +891,7 @@ print_smb(netdissect_options *ndo, } else { if (bcc > 0) { ND_PRINT((ndo, "smb_buf[]=\n")); - print_data(ndo, data + 2, min(bcc, PTR_DIFF(maxbuf, data + 2))); + smb_print_data(ndo, data + 2, min(bcc, PTR_DIFF(maxbuf, data + 2))); } } } @@ -936,7 +945,9 @@ nbt_tcp_print(netdissect_options *ndo, if (caplen < 4) goto trunc; maxbuf = data + caplen; + ND_TCHECK_8BITS(data); type = data[0]; + ND_TCHECK_16BITS(data + 2); nbt_len = EXTRACT_16BITS(data + 2); length -= 4; caplen -= 4; @@ -1163,10 +1174,12 @@ nbt_udp137_print(netdissect_options *ndo, p = smb_fdata(ndo, p, "Name=[n1]\n#", maxbuf, 0); if (p == NULL) goto out; + ND_TCHECK_16BITS(p); restype = EXTRACT_16BITS(p); p = smb_fdata(ndo, p, "ResType=[rw]\nResClass=[rw]\nTTL=[rD]\n", p + 8, 0); if (p == NULL) goto out; + ND_TCHECK_16BITS(p); rdlen = EXTRACT_16BITS(p); ND_PRINT((ndo, "ResourceLength=%d\nResourceData=\n", rdlen)); p += 2; @@ -1208,7 +1221,7 @@ nbt_udp137_print(netdissect_options *ndo, p += 2; } } else { - print_data(ndo, p, min(rdlen, length - (p - data))); + smb_print_data(ndo, p, min(rdlen, length - (p - data))); p += rdlen; } } @@ -1308,7 +1321,7 @@ out: /* print netbeui frames */ -struct nbf_strings { +static struct nbf_strings { const char *name; const char *nonverbose; const char *verbose;