summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
1e73a0f)
(We call it "nwlink-dgm" for now; Ethereal calls it a NWLink SMB
datagram.)
Don't throw every LLC frame with unknown SAPs at the NetBIOS-over-IPX
dissector; just throw the frames for IPX sockets 0x455 and 0x553 at it,
as those appear to be the sockets used (if there are any others, please
add them to the IPX dissector - putting it back in the LLC dissector
won't help, as all IPX frames, including LLC frames, should now be
handed to the IPX dissector).
Do better bounds checking in "ipx_netbios_print()" and
"netbeui_print()", i.e. don't go past the end of the captured data in
the packet when looking for the 0xFF S M B signature.
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
- * @(#) $Header: /tcpdump/master/tcpdump/interface.h,v 1.149 2001-01-02 22:47:06 guy Exp $ (LBL)
+ * @(#) $Header: /tcpdump/master/tcpdump/interface.h,v 1.150 2001-01-15 03:23:58 guy Exp $ (LBL)
*/
#ifndef tcpdump_interface_h
*/
#ifndef tcpdump_interface_h
extern int ipcomp_print(register const u_char *, register const u_char *, int *);
extern void rx_print(register const u_char *, int, int, int, u_char *);
extern void netbeui_print(u_short, const u_char *, const u_char *);
extern int ipcomp_print(register const u_char *, register const u_char *, int *);
extern void rx_print(register const u_char *, int, int, int, u_char *);
extern void netbeui_print(u_short, const u_char *, const u_char *);
-extern void ipx_netbios_print(const u_char *, const u_char *);
+extern void ipx_netbios_print(const u_char *, u_int);
extern void nbt_tcp_print(const u_char *, int);
extern void nbt_udp137_print(const u_char *data, int);
extern void nbt_udp138_print(const u_char *data, int);
extern void nbt_tcp_print(const u_char *, int);
extern void nbt_udp137_print(const u_char *data, int);
extern void nbt_udp138_print(const u_char *data, int);
/*
* IPX protocol formats
*
/*
* IPX protocol formats
*
- * @(#) $Header: /tcpdump/master/tcpdump/ipx.h,v 1.3 2001-01-15 00:43:59 guy Exp $
+ * @(#) $Header: /tcpdump/master/tcpdump/ipx.h,v 1.4 2001-01-15 03:23:59 guy Exp $
*/
/* well-known sockets */
*/
/* well-known sockets */
#define IPX_SKT_RIP 0x0453
#define IPX_SKT_NETBIOS 0x0455
#define IPX_SKT_DIAGNOSTICS 0x0456
#define IPX_SKT_RIP 0x0453
#define IPX_SKT_NETBIOS 0x0455
#define IPX_SKT_DIAGNOSTICS 0x0456
-#define IPX_SKT_EIGRP 0x85be /* Cisco EIGRP over IPX */
+#define IPX_SKT_NWLINK_DGM 0x0553 /* NWLink datagram, may contain SMB */
+#define IPX_SKT_EIGRP 0x85be /* Cisco EIGRP over IPX */
/* IPX transport header */
struct ipxHdr {
/* IPX transport header */
struct ipxHdr {
#ifndef lint
static const char rcsid[] =
#ifndef lint
static const char rcsid[] =
- "@(#) $Header: /tcpdump/master/tcpdump/print-ipx.c,v 1.29 2001-01-15 02:23:25 guy Exp $";
+ "@(#) $Header: /tcpdump/master/tcpdump/print-ipx.c,v 1.30 2001-01-15 03:23:59 guy Exp $";
#endif
#ifdef HAVE_CONFIG_H
#endif
#ifdef HAVE_CONFIG_H
break;
case IPX_SKT_NETBIOS:
(void)printf(" ipx-netbios %d", length);
break;
case IPX_SKT_NETBIOS:
(void)printf(" ipx-netbios %d", length);
+ ipx_netbios_print(datap, length);
break;
case IPX_SKT_DIAGNOSTICS:
(void)printf(" ipx-diags %d", length);
break;
break;
case IPX_SKT_DIAGNOSTICS:
(void)printf(" ipx-diags %d", length);
break;
+ case IPX_SKT_NWLINK_DGM:
+ (void)printf(" ipx-nwlink-dgm %d", length);
+ ipx_netbios_print(datap, length);
+ break;
case IPX_SKT_EIGRP:
(void)printf(" ipx-eigrp %d", length);
break;
case IPX_SKT_EIGRP:
(void)printf(" ipx-eigrp %d", length);
break;
#ifndef lint
static const char rcsid[] =
#ifndef lint
static const char rcsid[] =
- "@(#) $Header: /tcpdump/master/tcpdump/print-llc.c,v 1.33 2001-01-15 00:33:59 guy Exp $";
+ "@(#) $Header: /tcpdump/master/tcpdump/print-llc.c,v 1.34 2001-01-15 03:24:00 guy Exp $";
#endif
#ifdef HAVE_CONFIG_H
#endif
#ifdef HAVE_CONFIG_H
-
- if (cmd == LLC_UI && f == 'C') {
- /*
- * we don't have a proper ipx decoder yet, but there
- * is a partial one in the smb code
- */
- ipx_netbios_print(p,p+min(caplen,length));
- }
#ifndef lint
static const char rcsid[] =
#ifndef lint
static const char rcsid[] =
- "@(#) $Header: /tcpdump/master/tcpdump/print-smb.c,v 1.7 2000-12-05 06:42:47 guy Exp $";
+ "@(#) $Header: /tcpdump/master/tcpdump/print-smb.c,v 1.8 2001-01-15 03:24:00 guy Exp $";
#endif
#include <stdio.h>
#endif
#include <stdio.h>
+ /* If there isn't enough data for "\377SMB", don't look for it. */
+ if (!TTEST2(data2[3], 4))
+ goto out;
+
if (memcmp(data2,"\377SMB",4)==0) {
print_smb(data2,maxbuf);
} else {
int i;
for (i=0;i<128;i++) {
if (memcmp(data2,"\377SMB",4)==0) {
print_smb(data2,maxbuf);
} else {
int i;
for (i=0;i<128;i++) {
- if (&data2[i] >= maxbuf)
+ if (!TTEST2(data2[i], 4))
+ break;
+ if (&data2[i+3] >= maxbuf)
break;
if (memcmp(&data2[i],"\377SMB",4)==0) {
printf("found SMB packet at %d\n", i);
break;
if (memcmp(&data2[i],"\377SMB",4)==0) {
printf("found SMB packet at %d\n", i);
/*
print IPX-Netbios frames
*/
/*
print IPX-Netbios frames
*/
-void ipx_netbios_print(const uchar *data, const uchar *maxbuf)
+void ipx_netbios_print(const uchar *data, u_int length)
- /* this is a hack till I work out how to parse the rest of the IPX stuff */
+ /* this is a hack till I work out how to parse the rest of the
+ NetBIOS-over-IPX stuff */
+ const uchar *maxbuf;
+
+ maxbuf = data + length;
+ for (i=0;i<128;i++) {
+ if (!TTEST2(data[i], 4))
+ break;
+ if (&data[i+3] >= maxbuf)
+ break;
if (memcmp(&data[i],"\377SMB",4)==0) {
fdata(data,"\n>>> IPX transport ",&data[i]);
if (data != NULL)
if (memcmp(&data[i],"\377SMB",4)==0) {
fdata(data,"\n>>> IPX transport ",&data[i]);
if (data != NULL)
if (i==128)
fdata(data,"\n>>> Unknown IPX ",maxbuf);
}
if (i==128)
fdata(data,"\n>>> Unknown IPX ",maxbuf);
}
projects / tcpdump / commitdiff
