diff options
author | Gerald Combs <gerald@wireshark.org> | 2017-09-18 15:56:25 -0700 |
---|---|---|
committer | Gerald Combs <gerald@wireshark.org> | 2017-09-19 00:04:37 +0000 |
commit | 96100963afbfb4ae1f6584eb47d0e9f64eb3e432 (patch) | |
tree | 545e7498adc436e9bf573da5bc40abd0d6fbbc6d | |
parent | b365a3e19ab7449579898a8563468a0f0301320f (diff) |
TDS: Fix some URLs and add a note about our heuristic check.
Wayback-ize a couple of URLs. Note that we might be able to improve our
heuristic check by checking various string lengths. (I didn't add the
checks myself because I don't have any TDS captures with login packets.)
Change-Id: I3d67c66a292fd02035a15e1e047227f55314737a
Reviewed-on: https://code.wireshark.org/review/23612
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
-rw-r--r-- | epan/dissectors/packet-tds.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/epan/dissectors/packet-tds.c b/epan/dissectors/packet-tds.c index 3056184b70..3f752d417b 100644 --- a/epan/dissectors/packet-tds.c +++ b/epan/dissectors/packet-tds.c @@ -70,8 +70,8 @@ * http://www.freetds.org/tds.html * * Some more information can be found in - * http://www.sybase.com/content/1013412/tds34.pdf - * http://www.sybase.com/content/1040983/Sybase-tds38-102306.pdf + * https://wayback.archive.org/web/20140611233513/http://www.sybase.com/content/1013412/tds34.pdf + * https://wayback.archive.org/web/20140611233501/http://www.sybase.com/content/1040983/Sybase-tds38-102306.pdf * Microsoft's [MS-TDS] protocol specification * * This document is no longer available here: @@ -2396,6 +2396,11 @@ netlib_check_login_pkt(tvbuff_t *tvb, guint offset, packet_info *pinfo, guint8 t /* Use major version number to validate TDS 4/5 login * packet */ + /* According to http://www.freetds.org/tds.html#login there are + * a bunch of strings at the beginning of the packet. We might + * be able to improve our accuracy by seeing if host_name_length, + * user_name_length, password_length, etc are all <= 30. */ + /* Login packet is first in stream and should not be fragmented... * if it is we are screwed */ if (bytes_avail < 467) return FALSE; |