From: guy Date: Tue, 28 Dec 2004 20:38:27 +0000 (+0000) Subject: Correctly dissect LockingAndX requests - there's a flag bit that X-Git-Tag: tcpdump-3.9.1~226 X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/922c8688c12fa46fe7d7061f3be813efa25d9d17 Correctly dissect LockingAndX requests - there's a flag bit that indicates whether the offsets and lengths are 32 bit or 64 bit. --- diff --git a/print-smb.c b/print-smb.c index cabe0a2b..95bd8d3b 100644 --- a/print-smb.c +++ b/print-smb.c @@ -12,7 +12,7 @@ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/tcpdump/print-smb.c,v 1.35 2004-12-28 11:18:29 guy Exp $"; + "@(#) $Header: /tcpdump/master/tcpdump/print-smb.c,v 1.36 2004-12-28 20:38:27 guy Exp $"; #endif #include @@ -469,6 +469,45 @@ trunc: return; } +static void +print_lockingandx(const u_char *words, const u_char *data, const u_char *buf _U_, const u_char *maxbuf) +{ + u_int wct, bcc; + const u_char *maxwords; + const char *f1 = NULL, *f2 = NULL; + + TCHECK(words[0]); + wct = words[0]; + if (request) { + f1 = "Com2=[w]\nOff2=[d]\nHandle=[d]\nLockType=[w]\nTimeOut=[D]\nUnlockCount=[d]\nLockCount=[d]\n"; + TCHECK(words[7]); + if (words[7] & 0x10) + f2 = "*Process=[d]\n[P2]Offset=[M]\nLength=[M]\n"; + else + f2 = "*Process=[d]\nOffset=[D]\nLength=[D]\n"; + } else { + f1 = "Com2=[w]\nOff2=[d]\n"; + } + + maxwords = SMBMIN(words + 1 + wct * 2, maxbuf); + if (wct) + smb_fdata(words + 1, f1, maxwords); + + TCHECK2(*data, 2); + bcc = EXTRACT_LE_16BITS(data); + printf("smb_bcc=%u\n", bcc); + if (bcc > 0) { + if (f2) + smb_fdata(data + 2, f2, SMBMIN(data + 2 + EXTRACT_LE_16BITS(data), maxbuf)); + else + print_data(data + 2, SMBMIN(EXTRACT_LE_16BITS(data), PTR_DIFF(maxbuf, data + 2))); + } + return; +trunc: + printf("[|SMB]"); + return; +} + static struct smbfns smb_fns[] = { { -1, "SMBunknown", 0, DEFDESCRIPT }, @@ -657,11 +696,6 @@ static struct smbfns smb_fns[] = { "Com2=[w]\nOff2=[d]\nCount=[d]\nRemaining=[d]\nRes=[W]\n", NULL, NULL } }, - { SMBlockingX, "SMBlockingX", FLG_CHAIN, - { "Com2=[w]\nOff2=[d]\nHandle=[d]\nLockType=[w]\nTimeOut=[D]\nUnlockCount=[d]\nLockCount=[d]\n", - "*Process=[d]\nOffset=[D]\nLength=[D]\n", - "Com2=[w]\nOff2=[d]\n", NULL, NULL } }, - { SMBffirst, "SMBffirst", 0, { "Count=[d]\nAttrib=[A]\n", "Path=[Z]\nBlkType=[B]\nBlkLen=[d]\n|Res1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\n", @@ -718,6 +752,9 @@ static struct smbfns smb_fns[] = { { "Com2=[w]\nOff2=[d]\nFlags=[w]\nPassLen=[d]\nPasswd&Path&Device=\n", NULL, "Com2=[w]\nOff2=[d]\n", "ServiceType=[S]\n", NULL } }, + { SMBlockingX, "SMBlockingX", FLG_CHAIN, + { NULL, NULL, NULL, NULL, print_lockingandx } }, + { SMBtrans2, "SMBtrans2", 0, { NULL, NULL, NULL, NULL, print_trans2 } }, { SMBtranss2, "SMBtranss2", 0, DEFDESCRIPT }, diff --git a/smbutil.c b/smbutil.c index 80b7208a..cb4c8b53 100644 --- a/smbutil.c +++ b/smbutil.c @@ -12,7 +12,7 @@ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/tcpdump/smbutil.c,v 1.30 2004-12-28 03:34:08 guy Exp $"; + "@(#) $Header: /tcpdump/master/tcpdump/smbutil.c,v 1.31 2004-12-28 20:38:27 guy Exp $"; #endif #include @@ -464,6 +464,22 @@ smb_fdata1(const u_char *buf, const char *fmt, const u_char *maxbuf) fmt++; break; } + case 'M': + { + /* Weird mixed-endian length values in 64-bit locks */ + u_int32_t x1, x2; + u_int64_t x; + TCHECK2(buf[0], 8); + x1 = reverse ? EXTRACT_32BITS(buf) : + EXTRACT_LE_32BITS(buf); + x2 = reverse ? EXTRACT_32BITS(buf + 4) : + EXTRACT_LE_32BITS(buf + 4); + x = (((u_int64_t)x1) << 32) | x2; + printf("%" PRIu64 " (0x%" PRIx64 ")", x, x); + buf += 8; + fmt++; + break; + } case 'B': { unsigned int x;