diff options
| author | Guy Harris <guy@alum.mit.edu> | 2014-09-13 17:10:49 -0700 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2014-09-14 00:11:21 +0000 |
| commit | 21adbaa052ee083f8ef9a971bf3954db9d777f6f (patch) | |
| tree | 82901d4d25213bd54a343e858da8ebecf8fafecb /asn1/ldap | |
| parent | 12778395d3e093ebf156f73d0c034a66ca00092a (diff) | |
Don't use the captured length, and don't fetch the version until we need it.
The captured length reflects the way the capture was done; it should not
affect actual lengths used in the dissection.
Don't fetch the version until we need it; that lets us dissect more of
the packet if the previous change caused us to throw an exception trying
to fetch the version from the correct location rather than not throwing
an exception by fetching it from an incorrect location that happens to
be within the captured data.
Change-Id: I9f63afd4ef51f46c19b3afd2a651a5bb768fecaf
Reviewed-on: https://code.wireshark.org/review/4101
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'asn1/ldap')
| -rw-r--r-- | asn1/ldap/packet-ldap-template.c | 28 |
1 files changed, 16 insertions, 12 deletions
diff --git a/asn1/ldap/packet-ldap-template.c b/asn1/ldap/packet-ldap-template.c index 41778db86b..03d806a314 100644 --- a/asn1/ldap/packet-ldap-template.c +++ b/asn1/ldap/packet-ldap-template.c @@ -610,7 +610,7 @@ dissect_ldap_AssertionValue(gboolean implicit_tag, tvbuff_t *tvb, int offset, as offset=get_ber_identifier(tvb, offset, &ber_class, &pc, &tag); offset=get_ber_length(tvb, offset, &len, &ind); } else { - len=tvb_captured_length_remaining(tvb,offset); + len=tvb_reported_length_remaining(tvb,offset); } if(len==0){ @@ -1444,16 +1444,10 @@ static void dissect_NetLogon_PDU(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tr itype = tvb_get_letohs(tvb, offset); offset += 2; - /* get the version number from the end of the buffer, as the - length is variable and the version determines what fields - need to be decoded */ - - version = tvb_get_letohl(tvb,len-8); - switch(itype){ case LOGON_SAM_LOGON_RESPONSE: - bc = tvb_captured_length_remaining(tvb, offset); + bc = tvb_reported_length_remaining(tvb, offset); /* logon server name */ fn = get_unicode_or_ascii_string(tvb,&offset,TRUE,&fn_len,FALSE,FALSE,&bc); proto_tree_add_string(tree, hf_mscldap_nb_hostname, tvb,offset, fn_len, fn); @@ -1469,6 +1463,11 @@ static void dissect_NetLogon_PDU(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tr proto_tree_add_string(tree, hf_mscldap_nb_domain, tvb,offset, fn_len, fn); offset +=fn_len; + /* get the version number from the end of the buffer, as the + length is variable and the version determines what fields + need to be decoded */ + version = tvb_get_letohl(tvb,len-8); + /* include the extra version 5 fields */ if ((version & NETLOGON_NT_VERSION_5) == NETLOGON_NT_VERSION_5){ @@ -1557,6 +1556,11 @@ static void dissect_NetLogon_PDU(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tr offset=dissect_mscldap_string(tvb, offset, str, 255, FALSE); proto_tree_add_string(tree, hf_mscldap_clientsitename, tvb, old_offset, offset-old_offset, str); + /* get the version number from the end of the buffer, as the + length is variable and the version determines what fields + need to be decoded */ + version = tvb_get_letohl(tvb,len-8); + /* include the extra fields for version 5 with IP s */ if ((version & NETLOGON_NT_VERSION_5EX_WITH_IP) == NETLOGON_NT_VERSION_5EX_WITH_IP){ /* The ip address is returned as a sockaddr_in structure @@ -1669,7 +1673,7 @@ dissect_ldap_oid(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree) * proto_tree_add_oid() instead. */ - oid=tvb_get_string_enc(wmem_packet_scope(), tvb, 0, tvb_captured_length(tvb), ENC_UTF_8|ENC_NA); + oid=tvb_get_string_enc(wmem_packet_scope(), tvb, 0, tvb_reported_length(tvb), ENC_UTF_8|ENC_NA); if(!oid){ return; } @@ -1677,7 +1681,7 @@ dissect_ldap_oid(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree) oidname=oid_resolved_from_string(oid); if(oidname){ - proto_tree_add_string_format_value(tree, hf_ldap_oid, tvb, 0, tvb_captured_length(tvb), oid, "%s (%s)",oid,oidname); + proto_tree_add_string_format_value(tree, hf_ldap_oid, tvb, 0, tvb_reported_length(tvb), oid, "%s (%s)",oid,oidname); } else { proto_tree_add_string(tree, hf_ldap_oid, tvb, 0, tvb_captured_length(tvb), oid); } @@ -1724,7 +1728,7 @@ struct access_mask_info ldap_access_mask_info = { static void dissect_ldap_nt_sec_desc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) { - dissect_nt_sec_desc(tvb, 0, pinfo, tree, NULL, TRUE, tvb_captured_length(tvb), &ldap_access_mask_info); + dissect_nt_sec_desc(tvb, 0, pinfo, tree, NULL, TRUE, tvb_reported_length(tvb), &ldap_access_mask_info); } static void @@ -1896,7 +1900,7 @@ this_was_not_normal_ldap: * It has been seen with Exchange setup to MS AD * when Exchange pretend that there is SASL but in fact data are still * in clear*/ - if ((sasl_len + 4) == (guint32)tvb_captured_length_remaining(tvb, 0)) + if ((sasl_len + 4) == (guint32)tvb_reported_length_remaining(tvb, 0)) tcp_dissect_pdus(tvb, pinfo, tree, ldap_desegment, 4, get_sasl_ldap_pdu_len, dissect_sasl_ldap_pdu, data); end: return tvb_captured_length(tvb); |