aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xepan/dissectors/dcerpc/drsuapi/drsuapi.cnf4
-rw-r--r--epan/dissectors/dcerpc/drsuapi/drsuapi.idl4
-rwxr-xr-xepan/dissectors/dcerpc/drsuapi/template.c47
-rw-r--r--epan/dissectors/dcerpc/idl2eth.c140
-rw-r--r--epan/dissectors/packet-dcerpc-drsuapi.c68
5 files changed, 181 insertions, 82 deletions
diff --git a/epan/dissectors/dcerpc/drsuapi/drsuapi.cnf b/epan/dissectors/dcerpc/drsuapi/drsuapi.cnf
index 5501f40ffd..66f7243a70 100755
--- a/epan/dissectors/dcerpc/drsuapi/drsuapi.cnf
+++ b/epan/dissectors/dcerpc/drsuapi/drsuapi.cnf
@@ -3,3 +3,7 @@
#We dont know this type yet
TYPE a_string drsuapi_dissect_a_string FT_STRING BASE_NONE 0 NULL 4
#
+# this one is better/easier to just implement by hand
+NOEMIT drsuapi_dissect_DsReplicaSyncRequest1Info_nc_dn
+NOEMIT ucarray_drsuapi_dissect_DsReplicaSyncRequest1Info_nc_dn
+#
diff --git a/epan/dissectors/dcerpc/drsuapi/drsuapi.idl b/epan/dissectors/dcerpc/drsuapi/drsuapi.idl
index 074bbe26e6..01a9f710af 100644
--- a/epan/dissectors/dcerpc/drsuapi/drsuapi.idl
+++ b/epan/dissectors/dcerpc/drsuapi/drsuapi.idl
@@ -120,10 +120,10 @@ interface drsuapi
uint32 unknown1;
uint32 unknown2;
GUID guid1;
- /* this looks like a SID followed by a uint32 which is zero */
+ /* this looks like a domain SID followed by a uint32 which is zero */
uint8 byte_array[28];
uint32 str_len;
- [size_is(str_len)] uint16 nc_dn[];
+ [size_is(str_len+1)] uint16 nc_dn[];
} drsuapi_DsReplicaSyncRequest1Info;
typedef bitmap {
diff --git a/epan/dissectors/dcerpc/drsuapi/template.c b/epan/dissectors/dcerpc/drsuapi/template.c
index 5a715da15f..4465106c60 100755
--- a/epan/dissectors/dcerpc/drsuapi/template.c
+++ b/epan/dissectors/dcerpc/drsuapi/template.c
@@ -41,11 +41,54 @@
#include "packet-dcerpc-drsuapi.h"
static int proto_drsuapi = -1;
+static int hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn = -1;
ETH_HF
ETH_ETT
static int
+ucarray_drsuapi_dissect_DsReplicaSyncRequest1Info_nc_dn(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)
+{
+ header_field_info *hfinfo;
+ static guint32 len;
+ dcerpc_info *di;
+ char *s;
+ int old_offset;
+
+ di=pinfo->private_data;
+ if(di->conformant_run){
+ /*just a run to handle conformant arrays, nothing to dissect
+ but we need to remember how long this array was.
+ see packet-dcerpc.c for examples of conformant_run
+ and what it is.
+ */
+ old_offset=offset;
+ offset=dissect_dcerpc_uint32(tvb, offset, pinfo, NULL, drep, -1, &len);
+ di->array_max_count_offset=offset-4;
+ di->conformant_run=1;
+ di->conformant_eaten=offset-old_offset;
+ return offset;
+ }
+
+ ALIGN_TO_2_BYTES;
+
+ s = tvb_fake_unicode(tvb, offset, len, TRUE);
+ if (tree && len) {
+ hfinfo = proto_registrar_get_nth(hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn);
+ if (hfinfo->type == FT_STRING) {
+ proto_tree_add_string(tree, hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn, tvb, offset,
+ len, s);
+ } else {
+ proto_tree_add_item(tree, hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn, tvb, offset,
+ len, drep[0] & 0x10);
+ }
+ }
+
+ offset+=2*len;
+ return offset;
+}
+
+static int
drsuapi_dissect_a_string(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep, int hf_index, guint32 param _U_)
{
offset=dissect_ndr_vstring(tvb, offset, pinfo, tree, drep, 1, hf_index, FALSE, NULL);
@@ -58,6 +101,10 @@ void
proto_register_drsuapi(void)
{
static hf_register_info hf[] = {
+ { &hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn,
+ { "nc_dn", "drsuapi.DsReplicaSyncRequest1Info.nc_dn", FT_STRING, BASE_DEC,
+ NULL, 0,
+ "", HFILL }},
ETH_HFARR
};
diff --git a/epan/dissectors/dcerpc/idl2eth.c b/epan/dissectors/dcerpc/idl2eth.c
index 61f853a763..64765b610c 100644
--- a/epan/dissectors/dcerpc/idl2eth.c
+++ b/epan/dissectors/dcerpc/idl2eth.c
@@ -1510,44 +1510,56 @@ void parsetypedefstruct(int pass)
sprintf(tmpstr, "%s_dissect_%s_%s", ifname, struct_name, field_name);
ptmpstr=strdup(tmpstr);
- sprintf(filter_name, "%s.%s.%s", ifname, struct_name, field_name);
- hf=register_hf_field(hf_index, field_name, filter_name, type_item->ft_type, type_item->base_type, type_item->vals, type_item->mask, "");
- FPRINTF(eth_code, "static int\n");
- FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", ptmpstr);
- FPRINTF(eth_code, "{\n");
- FPRINTF(eth_code, " guint32 param=%s;\n",find_dissector_param_value(ptmpstr));
- FPRINTF(eth_code, " offset=%s(tvb, offset, pinfo, tree, drep, %s, param);\n", type_item->dissector, hf);
- FPRINTF(eth_code, " return offset;\n");
- FPRINTF(eth_code, "}\n");
- FPRINTF(eth_code, "\n");
+ if(check_if_to_emit(tmpstr)){
+ sprintf(filter_name, "%s.%s.%s", ifname, struct_name, field_name);
+ hf=register_hf_field(hf_index, field_name, filter_name, type_item->ft_type, type_item->base_type, type_item->vals, type_item->mask, "");
+ FPRINTF(eth_code, "static int\n");
+ FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", ptmpstr);
+ FPRINTF(eth_code, "{\n");
+ FPRINTF(eth_code, " guint32 param=%s;\n",find_dissector_param_value(ptmpstr));
+ FPRINTF(eth_code, " offset=%s(tvb, offset, pinfo, tree, drep, %s, param);\n", type_item->dissector, hf);
+ FPRINTF(eth_code, " return offset;\n");
+ FPRINTF(eth_code, "}\n");
+ FPRINTF(eth_code, "\n");
+ } else {
+ FPRINTF(NULL,"NOEMIT Skipping this struct item :%s\n",tmpstr);
+ }
if(is_array_of_pointers){
pointer_type=pi->type;
pi=pi->next;
sprintf(tmpstr, "%s_%s", pointer_type, ptmpstr);
- FPRINTF(eth_code, "static int\n");
- FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", tmpstr);
- FPRINTF(eth_code, "{\n");
- FPRINTF(eth_code, " offset=dissect_ndr_pointer(tvb, offset, pinfo, tree, drep, %s, %s, \"%s\", -1);\n", ptmpstr, ptr_to_define(pointer_type), field_name);
- FPRINTF(eth_code, " return offset;\n");
- FPRINTF(eth_code, "}\n");
- FPRINTF(eth_code, "\n");
+ if(check_if_to_emit(tmpstr)){
+ FPRINTF(eth_code, "static int\n");
+ FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", tmpstr);
+ FPRINTF(eth_code, "{\n");
+ FPRINTF(eth_code, " offset=dissect_ndr_pointer(tvb, offset, pinfo, tree, drep, %s, %s, \"%s\", -1);\n", ptmpstr, ptr_to_define(pointer_type), field_name);
+ FPRINTF(eth_code, " return offset;\n");
+ FPRINTF(eth_code, "}\n");
+ FPRINTF(eth_code, "\n");
+ } else {
+ FPRINTF(NULL,"NOEMIT Skipping this struct item :%s\n",tmpstr);
+ }
ptmpstr=strdup(tmpstr);
} else if(fixed_array_size){
sprintf(tmpstr, "fixedarray_%s", ptmpstr);
- FPRINTF(eth_code, "static int\n");
- FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", tmpstr);
- FPRINTF(eth_code, "{\n");
- FPRINTF(eth_code, " int count=%d;\n",fixed_array_size);
- FPRINTF(eth_code, " while(count--){\n");
- FPRINTF(eth_code, " offset=%s(tvb, offset, pinfo, tree, drep);\n", ptmpstr);
- FPRINTF(eth_code, " }\n");
- FPRINTF(eth_code, "\n");
- FPRINTF(eth_code, " return offset;\n");
- FPRINTF(eth_code, "}\n");
- FPRINTF(eth_code, "\n");
+ if(check_if_to_emit(tmpstr)){
+ FPRINTF(eth_code, "static int\n");
+ FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", tmpstr);
+ FPRINTF(eth_code, "{\n");
+ FPRINTF(eth_code, " int count=%d;\n",fixed_array_size);
+ FPRINTF(eth_code, " while(count--){\n");
+ FPRINTF(eth_code, " offset=%s(tvb, offset, pinfo, tree, drep);\n", ptmpstr);
+ FPRINTF(eth_code, " }\n");
+ FPRINTF(eth_code, "\n");
+ FPRINTF(eth_code, " return offset;\n");
+ FPRINTF(eth_code, "}\n");
+ FPRINTF(eth_code, "\n");
+ } else {
+ FPRINTF(NULL,"NOEMIT Skipping this struct item :%s\n",tmpstr);
+ }
ptmpstr=strdup(tmpstr);
}
@@ -1558,35 +1570,47 @@ void parsetypedefstruct(int pass)
break;
case BI_SIZE_IS:
sprintf(tmpstr, "ucarray_%s", ptmpstr);
- FPRINTF(eth_code, "static int\n");
- FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", tmpstr);
- FPRINTF(eth_code, "{\n");
- FPRINTF(eth_code, " offset=dissect_ndr_ucarray(tvb, offset, pinfo, tree, drep, %s);\n", ptmpstr);
- FPRINTF(eth_code, " return offset;\n");
- FPRINTF(eth_code, "}\n");
- FPRINTF(eth_code, "\n");
+ if(check_if_to_emit(tmpstr)){
+ FPRINTF(eth_code, "static int\n");
+ FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", tmpstr);
+ FPRINTF(eth_code, "{\n");
+ FPRINTF(eth_code, " offset=dissect_ndr_ucarray(tvb, offset, pinfo, tree, drep, %s);\n", ptmpstr);
+ FPRINTF(eth_code, " return offset;\n");
+ FPRINTF(eth_code, "}\n");
+ FPRINTF(eth_code, "\n");
+ } else {
+ FPRINTF(NULL,"NOEMIT Skipping this struct item :%s\n",tmpstr);
+ }
ptmpstr=strdup(tmpstr);
break;
case BI_LENGTH_IS:
sprintf(tmpstr, "uvarray_%s", ptmpstr);
- FPRINTF(eth_code, "static int\n");
- FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", tmpstr);
- FPRINTF(eth_code, "{\n");
- FPRINTF(eth_code, " offset=dissect_ndr_uvarray(tvb, offset, pinfo, tree, drep, %s);\n", ptmpstr);
- FPRINTF(eth_code, " return offset;\n");
- FPRINTF(eth_code, "}\n");
- FPRINTF(eth_code, "\n");
+ if(check_if_to_emit(tmpstr)){
+ FPRINTF(eth_code, "static int\n");
+ FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", tmpstr);
+ FPRINTF(eth_code, "{\n");
+ FPRINTF(eth_code, " offset=dissect_ndr_uvarray(tvb, offset, pinfo, tree, drep, %s);\n", ptmpstr);
+ FPRINTF(eth_code, " return offset;\n");
+ FPRINTF(eth_code, "}\n");
+ FPRINTF(eth_code, "\n");
+ } else {
+ FPRINTF(NULL,"NOEMIT Skipping this struct item :%s\n",tmpstr);
+ }
ptmpstr=strdup(tmpstr);
break;
case BI_SIZE_IS|BI_LENGTH_IS:
sprintf(tmpstr, "ucvarray_%s", ptmpstr);
- FPRINTF(eth_code, "static int\n");
- FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", tmpstr);
- FPRINTF(eth_code, "{\n");
- FPRINTF(eth_code, " offset=dissect_ndr_ucvarray(tvb, offset, pinfo, tree, drep, %s);\n", ptmpstr);
- FPRINTF(eth_code, " return offset;\n");
- FPRINTF(eth_code, "}\n");
- FPRINTF(eth_code, "\n");
+ if(check_if_to_emit(tmpstr)){
+ FPRINTF(eth_code, "static int\n");
+ FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", tmpstr);
+ FPRINTF(eth_code, "{\n");
+ FPRINTF(eth_code, " offset=dissect_ndr_ucvarray(tvb, offset, pinfo, tree, drep, %s);\n", ptmpstr);
+ FPRINTF(eth_code, " return offset;\n");
+ FPRINTF(eth_code, "}\n");
+ FPRINTF(eth_code, "\n");
+ } else {
+ FPRINTF(NULL,"NOEMIT Skipping this struct item :%s\n",tmpstr);
+ }
ptmpstr=strdup(tmpstr);
break;
default:
@@ -1600,13 +1624,17 @@ void parsetypedefstruct(int pass)
pointer_type=pi->type;
pi=pi->next;
sprintf(tmpstr, "%s_%s", pointer_type, ptmpstr);
- FPRINTF(eth_code, "static int\n");
- FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", tmpstr);
- FPRINTF(eth_code, "{\n");
- FPRINTF(eth_code, " offset=dissect_ndr_pointer(tvb, offset, pinfo, tree, drep, %s, %s, \"%s\", -1);\n", ptmpstr, ptr_to_define(pointer_type), field_name);
- FPRINTF(eth_code, " return offset;\n");
- FPRINTF(eth_code, "}\n");
- FPRINTF(eth_code, "\n");
+ if(check_if_to_emit(tmpstr)){
+ FPRINTF(eth_code, "static int\n");
+ FPRINTF(eth_code, "%s(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)\n", tmpstr);
+ FPRINTF(eth_code, "{\n");
+ FPRINTF(eth_code, " offset=dissect_ndr_pointer(tvb, offset, pinfo, tree, drep, %s, %s, \"%s\", -1);\n", ptmpstr, ptr_to_define(pointer_type), field_name);
+ FPRINTF(eth_code, " return offset;\n");
+ FPRINTF(eth_code, "}\n");
+ FPRINTF(eth_code, "\n");
+ } else {
+ FPRINTF(NULL,"NOEMIT Skipping this struct item :%s\n",tmpstr);
+ }
ptmpstr=strdup(tmpstr);
}
diff --git a/epan/dissectors/packet-dcerpc-drsuapi.c b/epan/dissectors/packet-dcerpc-drsuapi.c
index 54a42452e0..7b47d774f8 100644
--- a/epan/dissectors/packet-dcerpc-drsuapi.c
+++ b/epan/dissectors/packet-dcerpc-drsuapi.c
@@ -41,6 +41,7 @@
#include "packet-dcerpc-drsuapi.h"
static int proto_drsuapi = -1;
+static int hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn = -1;
/* INCLUDED FILE : ETH_HF */
@@ -93,7 +94,6 @@ static int hf_drsuapi_DsReplicaSyncRequest1Info_unknown2 = -1;
static int hf_drsuapi_DsReplicaSyncRequest1Info_guid1 = -1;
static int hf_drsuapi_DsReplicaSyncRequest1Info_byte_array = -1;
static int hf_drsuapi_DsReplicaSyncRequest1Info_str_len = -1;
-static int hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn = -1;
static int hf_drsuapi_DsReplicaSyncOptions_DRSUAPI_DS_REPLICA_SYNC_ASYNCHRONOUS_OPERATION = -1;
static int hf_drsuapi_DsReplicaSyncOptions_DRSUAPI_DS_REPLICA_SYNC_WRITEABLE = -1;
static int hf_drsuapi_DsReplicaSyncOptions_DRSUAPI_DS_REPLICA_SYNC_PERIODIC = -1;
@@ -446,11 +446,47 @@ static gint ett_drsuapi_DsReplicaInfo = -1;
static int
-drsuapi_dissect_u_string(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep, int hf_index, guint32 param _U_)
+ucarray_drsuapi_dissect_DsReplicaSyncRequest1Info_nc_dn(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)
{
- offset=dissect_ndr_vstring(tvb, offset, pinfo, tree, drep, 2, hf_index, FALSE, NULL);
- return offset;
+ header_field_info *hfinfo;
+ static guint32 len;
+ dcerpc_info *di;
+ char *s;
+ int old_offset;
+
+ di=pinfo->private_data;
+ if(di->conformant_run){
+ /*just a run to handle conformant arrays, nothing to dissect
+ but we need to remember how long this array was.
+ see packet-dcerpc.c for examples of conformant_run
+ and what it is.
+ */
+ old_offset=offset;
+ offset=dissect_dcerpc_uint32(tvb, offset, pinfo, NULL, drep, -1, &len);
+ di->array_max_count_offset=offset-4;
+ di->conformant_run=1;
+ di->conformant_eaten=offset-old_offset;
+ return offset;
+ }
+
+ ALIGN_TO_2_BYTES;
+
+ s = tvb_fake_unicode(tvb, offset, len, TRUE);
+ if (tree && len) {
+ hfinfo = proto_registrar_get_nth(hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn);
+ if (hfinfo->type == FT_STRING) {
+ proto_tree_add_string(tree, hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn, tvb, offset,
+ len, s);
+ } else {
+ proto_tree_add_item(tree, hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn, tvb, offset,
+ len, drep[0] & 0x10);
+ }
+ }
+
+ offset+=2*len;
+ return offset;
}
+
static int
drsuapi_dissect_a_string(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep, int hf_index, guint32 param _U_)
{
@@ -1123,21 +1159,6 @@ drsuapi_dissect_uint16(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree
return offset;
}
-static int
-drsuapi_dissect_DsReplicaSyncRequest1Info_nc_dn(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)
-{
- guint32 param=0;
- offset=drsuapi_dissect_uint16(tvb, offset, pinfo, tree, drep, hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn, param);
- return offset;
-}
-
-static int
-ucarray_drsuapi_dissect_DsReplicaSyncRequest1Info_nc_dn(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, guint8 *drep)
-{
- offset=dissect_ndr_ucarray(tvb, offset, pinfo, tree, drep, drsuapi_dissect_DsReplicaSyncRequest1Info_nc_dn);
- return offset;
-}
-
int
drsuapi_dissect_DsReplicaSyncRequest1Info(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree, guint8 *drep, int hf_index, guint32 param _U_)
@@ -6491,6 +6512,10 @@ void
proto_register_drsuapi(void)
{
static hf_register_info hf[] = {
+ { &hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn,
+ { "nc_dn", "drsuapi.DsReplicaSyncRequest1Info.nc_dn", FT_STRING, BASE_DEC,
+ NULL, 0,
+ "", HFILL }},
@@ -6740,11 +6765,6 @@ proto_register_drsuapi(void)
NULL, 0,
"", HFILL }},
- { &hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn,
- { "nc_dn", "drsuapi.DsReplicaSyncRequest1Info.nc_dn", FT_UINT16, BASE_DEC,
- NULL, 0,
- "", HFILL }},
-
{ &hf_drsuapi_DsReplicaSyncOptions_DRSUAPI_DS_REPLICA_SYNC_ASYNCHRONOUS_OPERATION,
{ "DRSUAPI_DS_REPLICA_SYNC_ASYNCHRONOUS_OPERATION", "drsuapi.DsReplicaSyncOptions.DRSUAPI_DS_REPLICA_SYNC_ASYNCHRONOUS_OPERATION", FT_BOOLEAN, 32,
TFS(&DRSUAPI_DS_REPLICA_SYNC_ASYNCHRONOUS_OPERATION_tfs), 0x00000001,
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-22 05:15:22 +0000