diff options
author | Pascal Quantin <pascal.quantin@gmail.com> | 2014-04-25 15:23:13 +0200 |
---|---|---|
committer | Evan Huus <eapache@gmail.com> | 2014-04-25 14:23:37 +0000 |
commit | 7acaf8552b88bb02b9d553a3151fc5e6f2414f45 (patch) | |
tree | 885ab0d41d54ec0a94eb18fdb98bf81edcf31085 /asn1 | |
parent | 1c024bc29a70459fcfced84e4b6bbd2c5c33ec15 (diff) |
Kerberos: ensure that private data elements are stored in separate variables
Bug: 10028
Change-Id: I599cd5475d19b64c0d5b9d31d7054a3befc84af2
Reviewed-on: https://code.wireshark.org/review/1348
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
Diffstat (limited to 'asn1')
-rw-r--r-- | asn1/kerberos/kerberos.cnf | 138 | ||||
-rw-r--r-- | asn1/kerberos/packet-kerberos-template.c | 81 |
2 files changed, 89 insertions, 130 deletions
diff --git a/asn1/kerberos/kerberos.cnf b/asn1/kerberos/kerberos.cnf index b39da9756a..dea3eb561f 100644 --- a/asn1/kerberos/kerberos.cnf +++ b/asn1/kerberos/kerberos.cnf @@ -115,35 +115,25 @@ guint32 msgtype; } -#.FN_BODY Int32 VAL_PTR = (guint32*)actx->value_ptr +#.FN_BODY PADATA-TYPE VAL_PTR=&(private_data->padata_type) + kerberos_private_data_t* private_data = kerberos_get_private_data(actx); %(DEFAULT_BODY)s - -#.FN_BODY PADATA-TYPE - - actx->value_ptr = wmem_alloc(wmem_packet_scope(), sizeof(guint32)); - - offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index, - (guint32*)actx->value_ptr); - +#.FN_FTR PADATA-TYPE if(tree){ proto_item_append_text(tree, " %s", - val_to_str(*((guint32*)actx->value_ptr), krb5_preauthentication_types, + val_to_str(private_data->padata_type, krb5_preauthentication_types, "Unknown:%d")); } #.FN_BODY PA-DATA/padata-value proto_tree *sub_tree=tree; - guint32 PA_DATA_type = 0; - - if (actx->value_ptr) { - PA_DATA_type = *((guint32*)actx->value_ptr); - } + kerberos_private_data_t* private_data = kerberos_get_private_data(actx); if(actx->created_item){ sub_tree=proto_item_add_subtree(actx->created_item, ett_kerberos_PA_DATA); } - switch(PA_DATA_type){ + switch(private_data->padata_type){ case KRB5_PA_TGS_REQ: offset=dissect_ber_octet_string_wcb(FALSE, actx, sub_tree, tvb, offset,hf_index, dissect_kerberos_Applications); break; @@ -185,19 +175,15 @@ guint32 msgtype; guint32 len; char *address_str; proto_item *it=NULL; - guint32 addr_type = 0; + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); /* read header and len for the octet string */ offset=dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &appclass, &pc, &tag); offset=dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, NULL); - if (actx->value_ptr) { - addr_type = *((guint32*)actx->value_ptr); - } - address_str=(char*)wmem_alloc(wmem_packet_scope(), ADDRESS_STR_BUFSIZ); address_str[0]=0; - switch(addr_type){ + switch(private_data->addr_type){ case KERBEROS_ADDR_TYPE_IPV4: it=proto_tree_add_item(tree, hf_krb_address_ip, tvb, offset, 4, ENC_BIG_ENDIAN); g_snprintf(address_str,ADDRESS_STR_BUFSIZ,"%d.%d.%d.%d",tvb_get_guint8(tvb, offset),tvb_get_guint8(tvb, offset+1),tvb_get_guint8(tvb, offset+2),tvb_get_guint8(tvb, offset+3)); @@ -235,84 +221,76 @@ guint32 msgtype; #.TYPE_ATTR #xxx TYPE = FT_UINT16 DISPLAY = BASE_DEC STRINGS = VALS(xx_vals) -#.FN_BODY ENCTYPE - actx->value_ptr = wmem_alloc(wmem_packet_scope(), sizeof(guint32)); - - offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index, - (guint32*)actx->value_ptr); +#.FN_BODY ENCTYPE VAL_PTR=&(private_data->etype) + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); +%(DEFAULT_BODY)s #.FN_BODY EncryptedTicketData/cipher -/**/#ifdef HAVE_KERBEROS +##ifdef HAVE_KERBEROS offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_ticket_data); -/**/#else +##else %(DEFAULT_BODY)s -/**/#endif +##endif return offset; #.FN_BODY EncryptedAuthorizationData/cipher -/**/#ifdef HAVE_KERBEROS +##ifdef HAVE_KERBEROS offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_authenticator_data); -/**/#else +##else %(DEFAULT_BODY)s -/**/#endif +##endif return offset; #.FN_BODY EncryptedKDCREPData/cipher -/**/#ifdef HAVE_KERBEROS +##ifdef HAVE_KERBEROS offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_KDC_REP_data); -/**/#else +##else %(DEFAULT_BODY)s -/**/#endif +##endif return offset; #.FN_BODY PA-ENC-TIMESTAMP/cipher -/**/#ifdef HAVE_KERBEROS +##ifdef HAVE_KERBEROS offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_PA_ENC_TIMESTAMP); -/**/#else +##else %(DEFAULT_BODY)s -/**/#endif +##endif return offset; #.FN_BODY EncryptedAPREPData/cipher -/**/#ifdef HAVE_KERBEROS +##ifdef HAVE_KERBEROS offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_AP_REP_data); -/**/#else +##else %(DEFAULT_BODY)s -/**/#endif +##endif return offset; #.FN_BODY EncryptedKrbPrivData/cipher -/**/#ifdef HAVE_KERBEROS +##ifdef HAVE_KERBEROS offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_PRIV_data); -/**/#else +##else %(DEFAULT_BODY)s -/**/#endif +##endif return offset; #.FN_BODY EncryptedKrbCredData/cipher -/**/#ifdef HAVE_KERBEROS +##ifdef HAVE_KERBEROS offset=dissect_ber_octet_string_wcb(FALSE, actx, tree, tvb, offset, hf_index, dissect_krb5_decrypt_CRED_data); -/**/#else +##else %(DEFAULT_BODY)s -/**/#endif +##endif return offset; -#.FN_BODY CKSUMTYPE - actx->value_ptr = wmem_alloc(wmem_packet_scope(), sizeof(guint32)); - - offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index, - (guint32*)actx->value_ptr); +#.FN_BODY CKSUMTYPE VAL_PTR=&(private_data->checksum_type) + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); +%(DEFAULT_BODY)s #.FN_BODY Checksum/checksum tvbuff_t *next_tvb; - guint32 checksum_type = 0; + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); - if (actx->value_ptr) { - checksum_type = *((guint32*)actx->value_ptr); - } - - switch(checksum_type){ + switch(private_data->checksum_type){ case KRB5_CHKSUM_GSSAPI: offset=dissect_ber_octet_string(FALSE, actx, tree, tvb, offset, hf_index, &next_tvb); dissect_krb5_rfc1964_checksum(actx, tree, next_tvb); @@ -322,49 +300,41 @@ guint32 msgtype; } return offset; -#.FN_BODY EncryptionKey/keytype - kerberos_key_t* key = (kerberos_key_t*)wmem_alloc(wmem_packet_scope(), sizeof(kerberos_key_t)); - actx->value_ptr = key; +#.FN_BODY EncryptionKey/keytype VAL_PTR=&gbl_keytype + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index, &gbl_keytype); - key->keytype = gbl_keytype; + private_data->key.keytype = gbl_keytype; #.FN_BODY EncryptionKey/keyvalue - kerberos_key_t* key = (kerberos_key_t*)actx->value_ptr; + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); - if (key != NULL) { - key->keylength = tvb_length_remaining(tvb, offset); - key->keyvalue = tvb_get_ptr(tvb, offset, key->keylength); - } + private_data->key.keylength = tvb_length_remaining(tvb, offset); + private_data->key.keyvalue = tvb_get_ptr(tvb, offset, private_data->key.keylength); %(DEFAULT_BODY)s #.FN_BODY EncryptionKey - kerberos_key_t* key = (kerberos_key_t*)actx->value_ptr; + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); %(DEFAULT_BODY)s - if (key != NULL) { -/**/#ifdef HAVE_KERBEROS - add_encryption_key(actx->pinfo, key->keytype, key->keylength, key->keyvalue, "key"); -/**/#endif + if (private_data->key.keytype != 0) { +##ifdef HAVE_KERBEROS + add_encryption_key(actx->pinfo, private_data->key.keytype, private_data->key.keylength, private_data->key.keyvalue, "key"); +##endif } #.FN_BODY AuthorizationData/_item/ad-type - actx->value_ptr = wmem_alloc(wmem_packet_scope(), sizeof(guint32)); - + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index, - (guint32*)actx->value_ptr); + &(private_data->ad_type)); #.FN_BODY AuthorizationData/_item/ad-data - guint32 adtype = 0; - - if (actx->value_ptr) { - adtype = *((guint32*)actx->value_ptr); - } + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); - switch(adtype){ + switch(private_data->ad_type){ case KRB5_AD_IF_RELEVANT: offset=dissect_ber_octet_string_wcb(implicit_tag, actx, tree, tvb, offset, hf_index, dissect_kerberos_AD_IF_RELEVANT); break; @@ -372,8 +342,8 @@ guint32 msgtype; offset=dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, NULL); } -#.FN_BODY ADDR-TYPE VAL_PTR=(guint32*)actx->value_ptr - actx->value_ptr = wmem_alloc(wmem_packet_scope(), sizeof(guint32)); +#.FN_BODY ADDR-TYPE VAL_PTR=&(private_data->addr_type) + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); %(DEFAULT_BODY)s #.FN_BODY KDC-REQ-BODY diff --git a/asn1/kerberos/packet-kerberos-template.c b/asn1/kerberos/packet-kerberos-template.c index bf2e35469e..4a9d537c65 100644 --- a/asn1/kerberos/packet-kerberos-template.c +++ b/asn1/kerberos/packet-kerberos-template.c @@ -105,6 +105,16 @@ typedef struct kerberos_key { const guint8 *keyvalue; } kerberos_key_t; +typedef struct { + guint32 etype; + guint32 padata_type; + guint32 enctype; + kerberos_key_t key; + guint32 ad_type; + guint32 addr_type; + guint32 checksum_type; +} kerberos_private_data_t; + static dissector_handle_t kerberos_handle_udp; /* Forward declarations */ @@ -179,7 +189,14 @@ call_kerberos_callbacks(packet_info *pinfo, proto_tree *tree, tvbuff_t *tvb, int return; } - +static kerberos_private_data_t* +kerberos_get_private_data(asn1_ctx_t *actx) +{ + if (!actx->private_data) { + actx->private_data = wmem_new0(wmem_packet_scope(), kerberos_private_data_t); + } + return (kerberos_private_data_t *)(actx->private_data); +} #ifdef HAVE_KERBEROS @@ -1312,21 +1329,17 @@ dissect_krb5_decrypt_ticket_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offse { guint8 *plaintext; int length; - guint32 etype = 0; + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); length=tvb_length_remaining(tvb, offset); - if (actx->value_ptr) { - etype = *((guint32*)actx->value_ptr); - } - /* draft-ietf-krb-wg-kerberos-clarifications-05.txt : * 7.5.1 * All Ticket encrypted parts use usage == 2 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 2, next_tvb, etype, NULL); + plaintext=decrypt_krb5_data(tree, actx->pinfo, 2, next_tvb, private_data->etype, NULL); if(plaintext){ tvbuff_t *child_tvb; @@ -1347,26 +1360,22 @@ dissect_krb5_decrypt_authenticator_data (gboolean imp_tag _U_, tvbuff_t *tvb, in { guint8 *plaintext; int length; - guint32 etype = 0; + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); length=tvb_length_remaining(tvb, offset); - if (actx->value_ptr) { - etype = *((guint32*)actx->value_ptr); - } - /* draft-ietf-krb-wg-kerberos-clarifications-05.txt : * 7.5.1 * Authenticators are encrypted with usage * == 7 or * == 11 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 7, next_tvb, etype, NULL); + plaintext=decrypt_krb5_data(tree, actx->pinfo, 7, next_tvb, private_data->etype, NULL); if(!plaintext){ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 11, next_tvb, etype, NULL); + plaintext=decrypt_krb5_data(tree, actx->pinfo, 11, next_tvb, private_data->etype, NULL); } if(plaintext){ @@ -1388,16 +1397,12 @@ dissect_krb5_decrypt_KDC_REP_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offs { guint8 *plaintext; int length; - guint32 etype = 0; + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); length=tvb_length_remaining(tvb, offset); - if (actx->value_ptr) { - etype = *((guint32*)actx->value_ptr); - } - /* draft-ietf-krb-wg-kerberos-clarifications-05.txt : * 7.5.1 * ASREP/TGSREP encryptedparts are encrypted with usage @@ -1405,14 +1410,14 @@ dissect_krb5_decrypt_KDC_REP_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offs * == 8 or * == 9 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 3, next_tvb, etype, NULL); + plaintext=decrypt_krb5_data(tree, actx->pinfo, 3, next_tvb, private_data->etype, NULL); if(!plaintext){ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 8, next_tvb, etype, NULL); + plaintext=decrypt_krb5_data(tree, actx->pinfo, 8, next_tvb, private_data->etype, NULL); } if(!plaintext){ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 9, next_tvb, etype, NULL); + plaintext=decrypt_krb5_data(tree, actx->pinfo, 9, next_tvb, private_data->etype, NULL); } if(plaintext){ @@ -1434,22 +1439,18 @@ dissect_krb5_decrypt_PA_ENC_TIMESTAMP (gboolean imp_tag _U_, tvbuff_t *tvb, int { guint8 *plaintext; int length; - guint32 etype = 0; + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); length=tvb_length_remaining(tvb, offset); - if (actx->value_ptr) { - etype = *((guint32*)actx->value_ptr); - } - /* draft-ietf-krb-wg-kerberos-clarifications-05.txt : * 7.5.1 * AS-REQ PA_ENC_TIMESTAMP are encrypted with usage * == 1 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 1, next_tvb, etype, NULL); + plaintext=decrypt_krb5_data(tree, actx->pinfo, 1, next_tvb, private_data->etype, NULL); if(plaintext){ tvbuff_t *child_tvb; @@ -1470,21 +1471,17 @@ dissect_krb5_decrypt_AP_REP_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offse { guint8 *plaintext; int length; - guint32 etype = 0; + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); length=tvb_length_remaining(tvb, offset); - if (actx->value_ptr) { - etype = *((guint32*)actx->value_ptr); - } - /* draft-ietf-krb-wg-kerberos-clarifications-05.txt : * 7.5.1 * AP-REP are encrypted with usage == 12 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 12, next_tvb, etype, NULL); + plaintext=decrypt_krb5_data(tree, actx->pinfo, 12, next_tvb, private_data->etype, NULL); if(plaintext){ tvbuff_t *child_tvb; @@ -1505,21 +1502,17 @@ dissect_krb5_decrypt_PRIV_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, { guint8 *plaintext; int length; - guint32 etype = 0; + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); length=tvb_length_remaining(tvb, offset); - if (actx->value_ptr) { - etype = *((guint32*)actx->value_ptr); - } - /* RFC4120 : * EncKrbPrivPart encrypted with usage * == 13 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 13, next_tvb, etype, NULL); + plaintext=decrypt_krb5_data(tree, actx->pinfo, 13, next_tvb, private_data->etype, NULL); if(plaintext){ tvbuff_t *child_tvb; @@ -1540,21 +1533,17 @@ dissect_krb5_decrypt_CRED_data (gboolean imp_tag _U_, tvbuff_t *tvb, int offset, { guint8 *plaintext; int length; - guint32 etype = 0; + kerberos_private_data_t *private_data = kerberos_get_private_data(actx); tvbuff_t *next_tvb; next_tvb=tvb_new_subset_remaining(tvb, offset); length=tvb_length_remaining(tvb, offset); - if (actx->value_ptr) { - etype = *((guint32*)actx->value_ptr); - } - /* RFC4120 : * EncKrbCredPart encrypted with usage * == 14 */ - plaintext=decrypt_krb5_data(tree, actx->pinfo, 14, next_tvb, etype, NULL); + plaintext=decrypt_krb5_data(tree, actx->pinfo, 14, next_tvb, private_data->etype, NULL); if(plaintext){ tvbuff_t *child_tvb; |