diff options
| author | Guy Harris <guy@alum.mit.edu> | 2003-02-20 07:55:00 +0000 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2003-02-20 07:55:00 +0000 |
| commit | dd22e794c3bc6964cdf70cce6b38756826a09d13 (patch) | |
| tree | fd1d24714aa3b43500cfc9cccddcf85de20190c6 | |
| parent | 03533b258b64e683e6a3ff13ce4d83ce6574dfef (diff) | |
At least in regular SMB Browse and RAP messages, the server type mask is
not guaranteed to be aligned on a 4-byte boundary, so, if we're not
dissecting a DCE RPC request or reply, don't use "dissect_ndr_uint32()"
to extract the access mask.
svn path=/trunk/; revision=7175
| -rw-r--r-- | packet-smb-browse.c | 33 | ||||
| -rw-r--r-- | packet-smb-pipe.c | 8 |
2 files changed, 28 insertions, 13 deletions
diff --git a/packet-smb-browse.c b/packet-smb-browse.c index 409c629e56..56f7e54865 100644 --- a/packet-smb-browse.c +++ b/packet-smb-browse.c @@ -2,7 +2,7 @@ * Routines for SMB Browser packet dissection * Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com> * - * $Id: packet-smb-browse.c,v 1.26 2003/02/17 01:59:39 tpot Exp $ + * $Id: packet-smb-browse.c,v 1.27 2003/02/20 07:55:00 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@ethereal.com> @@ -432,6 +432,9 @@ dissect_election_criterion(tvbuff_t *tvb, proto_tree *parent_tree, int offset) } +/* + * XXX - this causes non-browser packets to have browser fields. + */ int dissect_smb_server_type_flags(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, char *drep, @@ -442,8 +445,25 @@ dissect_smb_server_type_flags(tvbuff_t *tvb, int offset, packet_info *pinfo, guint32 flags; int i; - offset = dissect_ndr_uint32( - tvb, offset, pinfo, tree, drep, hf_server_type, &flags); + if (drep != NULL) { + /* + * Called from a DCE RPC protocol dissector, for a + * protocol where a 32-bit NDR integer contains + * an server type mask; extract the server type mask + * with an NDR call. + */ + offset = dissect_ndr_uint32( + tvb, offset, pinfo, tree, drep, hf_server_type, &flags); + } else { + /* + * Called from SMB browser or RAS, where the server type + * mask is just a 4-byte little-endian quantity with no + * special NDR alignment requirement; extract it with + * "tvb_get_letohl()". + */ + flags = tvb_get_letohl(tvb, offset); + offset += 4; + } if (parent_tree) { item = proto_tree_add_uint(parent_tree, hf_server_type, tvb, offset, 4, flags); @@ -565,8 +585,6 @@ dissect_mailslot_browse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tr case BROWSE_DOMAIN_ANNOUNCEMENT: case BROWSE_LOCAL_MASTER_ANNOUNCEMENT: case BROWSE_HOST_ANNOUNCE: { - char drep = 0x10; /* Assume little endian */ - /* update count */ proto_tree_add_item(tree, hf_update_count, tvb, offset, 1, TRUE); offset += 1; @@ -603,7 +621,7 @@ dissect_mailslot_browse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tr /* server type flags */ offset = dissect_smb_server_type_flags( - tvb, offset, pinfo, tree, &drep, TRUE); + tvb, offset, pinfo, tree, NULL, TRUE); if (cmd == BROWSE_DOMAIN_ANNOUNCEMENT) { /* @@ -771,7 +789,6 @@ dissect_mailslot_lanman(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tr guint32 periodicity; const char *host_name; guint namelen; - char drep = 0x10; /* Assume little-endian */ if (!proto_is_protocol_enabled(proto_smb_browse)) { return FALSE; @@ -815,7 +832,7 @@ dissect_mailslot_lanman(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tr /* server type flags */ offset = dissect_smb_server_type_flags( - tvb, offset, pinfo, tree, &drep, TRUE); + tvb, offset, pinfo, tree, NULL, TRUE); /* OS major version */ proto_tree_add_item(tree, hf_os_major, tvb, offset, 1, TRUE); diff --git a/packet-smb-pipe.c b/packet-smb-pipe.c index d9c4f0a2ac..be9e6c3bdf 100644 --- a/packet-smb-pipe.c +++ b/packet-smb-pipe.c @@ -8,7 +8,7 @@ XXX Fixme : shouldnt show [malformed frame] for long packets * significant rewrite to tvbuffify the dissector, Ronnie Sahlberg and * Guy Harris 2001 * - * $Id: packet-smb-pipe.c,v 1.86 2003/02/17 01:59:39 tpot Exp $ + * $Id: packet-smb-pipe.c,v 1.87 2003/02/20 07:55:00 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@ethereal.com> @@ -470,9 +470,8 @@ static int add_server_type(tvbuff_t *tvb, int offset, int count _U_, packet_info *pinfo, proto_tree *tree, int convert _U_, int hf_index _U_) { - char drep = 0x10; /* Assume little-endian */ offset = dissect_smb_server_type_flags( - tvb, offset, pinfo, tree, &drep, FALSE); + tvb, offset, pinfo, tree, NULL, FALSE); return offset; } @@ -480,9 +479,8 @@ static int add_server_type_info(tvbuff_t *tvb, int offset, int count _U_, packet_info *pinfo, proto_tree *tree, int convert _U_, int hf_index _U_) { - char drep = 0x10; /* Assume little-endian */ offset = dissect_smb_server_type_flags( - tvb, offset, pinfo, tree, &drep, TRUE); + tvb, offset, pinfo, tree, NULL, TRUE); return offset; } |