X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/c44d8840e1699dfaa63a74a19b1ace0f544802e4..10bdeb0c44eb4a997645ebdc15376fb36f9d3ae2:/print-smb.c

diff --git a/print-smb.c b/print-smb.c
index b0940dfe..68c73659 100644
--- a/print-smb.c
+++ b/print-smb.c
@@ -12,7 +12,7 @@
 
 #ifndef lint
 static const char rcsid[] _U_ =
-     "@(#) $Header: /tcpdump/master/tcpdump/print-smb.c,v 1.43 2005-05-08 19:59:57 guy Exp $";
+     "@(#) $Header: /tcpdump/master/tcpdump/print-smb.c,v 1.47 2007-12-09 00:30:47 guy Exp $";
 #endif
 
 #include <tcpdump-stdinc.h>
@@ -904,8 +904,8 @@ print_smb(const u_char *buf, const u_char *maxbuf)
 
 	printf("\nSMB PACKET: %s (%s) (CHAINED)\n",
 	    fn->name, request ? "REQUEST" : "REPLY");
-	if (newsmboffset < smboffset) {
-	    printf("Bad andX offset: %u < %u\n", newsmboffset, smboffset);
+	if (newsmboffset <= smboffset) {
+	    printf("Bad andX offset: %u <= %u\n", newsmboffset, smboffset);
 	    break;
 	}
 	smboffset = newsmboffset;
@@ -1244,7 +1244,47 @@ trunc:
     return;
 }
 
+/*
+ * Print an SMB-over-TCP packet received across tcp on port 445
+ */
+void
+smb_tcp_print (const u_char * data, int length)
+{
+    int caplen;
+    u_int smb_len;
+    const u_char *maxbuf;
+
+    if (length < 4)
+	goto trunc;
+    if (snapend < data)
+	goto trunc;
+    caplen = snapend - data;
+    if (caplen < 4)
+	goto trunc;
+    maxbuf = data + caplen;
+    smb_len = EXTRACT_24BITS(data + 1);
+    length -= 4;
+    caplen -= 4;
 
+    startbuf = data;
+    data += 4;
+
+    if (smb_len >= 4 && caplen >= 4 && memcmp(data,"\377SMB",4) == 0) {
+	if ((int)smb_len > caplen) {
+	    if ((int)smb_len > length)
+		printf("WARNING: Packet is continued in later TCP segments\n");
+	    else
+		printf("WARNING: Short packet. Try increasing the snap length by %d\n",
+		    smb_len - caplen);
+	}
+	print_smb(data, maxbuf > data + smb_len ? data + smb_len : maxbuf);
+    } else
+	printf("SMB-over-TCP packet:(raw data or continuation?)\n");
+    return;
+trunc:
+    printf("[|SMB]");
+    return;
+}
 
 /*
  * print a NBT packet received across udp on port 138
@@ -1459,8 +1499,7 @@ ipx_netbios_print(const u_char *data, u_int length)
 	    break;
 	if (memcmp(&data[i], "\377SMB", 4) == 0) {
 	    smb_fdata(data, "\n>>> IPX transport ", &data[i], 0);
-	    if (data != NULL)
-		print_smb(&data[i], maxbuf);
+	    print_smb(&data[i], maxbuf);
 	    printf("\n");
 	    fflush(stdout);
 	    break;