Sync with latest SAMBA PIDL source per http://www.wireshark.org/lists/wireshark-dev/201310/msg00217.html

Didn't integrate 0010-frsrpc-Regenerate-frsrpc-due-to-changes-in-the-pidl-.patch 0016-Regenerate-the-dnserver.patch due to compilation errors on Windows. svn path=/trunk/; revision=52744
author: Michael Mann <mmann78@netscape.net> 2013-10-21 19:41:54 +0000
committer: Michael Mann <mmann78@netscape.net> 2013-10-21 19:41:54 +0000
commit: 87e55cb9e046e4d7749333c67862e5bf935ed6a1 (patch)
tree: e984e35b5eed1a6a0eaea7ea19189c1ad72c17e6 /epan/dissectors/packet-dcerpc-eventlog.c
parent: 15294a1261961d7ac2ad4316eb83b0e413effc47 (diff)
1 files changed, 30 insertions, 11 deletions
diff --git a/epan/dissectors/packet-dcerpc-eventlog.c b/epan/dissectors/packet-dcerpc-eventlog.c
index 9cd5bf40e7..5adbd00c44 100644
--- a/epan/dissectors/packet-dcerpc-eventlog.c
+++ b/epan/dissectors/packet-dcerpc-eventlog.c
@@ -12,7 +12,6 @@
 
 
 #include "config.h"
-
 #ifdef _MSC_VER
 #pragma warning(disable:4005)
 #pragma warning(disable:4013)
@@ -408,7 +407,7 @@ eventlog_dissect_element_Record_strings(tvbuff_t *tvb, int offset, packet_info *
 		int len;
 		len=eventlog_get_unicode_string_length(tvb, string_offset);
 		str=tvb_get_faked_unicode(wmem_packet_scope(), tvb, string_offset, len, TRUE);
-		proto_tree_add_string_format_value(tree, hf_eventlog_Record_string, tvb, string_offset, len*2, str, "%s", str);
+		proto_tree_add_string_format(tree, hf_eventlog_Record_string, tvb, string_offset, len*2, str, "string: %s", str);
 		string_offset+=len*2;
 	
 		num_of_strings--;
@@ -434,7 +433,7 @@ eventlog_dissect_bitmap_eventlogReadFlags(tvbuff_t *tvb _U_, int offset _U_, pac
 	ALIGN_TO_4_BYTES;
 
 	if (parent_tree) {
-		item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, 4, TRUE);
+		item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, 4, DREP_ENC_INTEGER(drep));
 		tree = proto_item_add_subtree(item,ett_eventlog_eventlogReadFlags);
 	}
 
@@ -503,7 +502,7 @@ eventlog_dissect_bitmap_eventlogEventTypes(tvbuff_t *tvb _U_, int offset _U_, pa
 	ALIGN_TO_4_BYTES;
 
 	if (parent_tree) {
-		item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, 4, TRUE);
+		item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, 4, DREP_ENC_INTEGER(drep));
 		tree = proto_item_add_subtree(item,ett_eventlog_eventlogEventTypes);
 	}
 
@@ -595,6 +594,7 @@ eventlog_dissect_struct_OpenUnknown0(tvbuff_t *tvb _U_, int offset _U_, packet_i
 {
 	proto_item *item = NULL;
 	proto_tree *tree = NULL;
+	dcerpc_info *di = (dcerpc_info *)pinfo->private_data;
 	int old_offset;
 
 	ALIGN_TO_2_BYTES;
@@ -602,7 +602,7 @@ eventlog_dissect_struct_OpenUnknown0(tvbuff_t *tvb _U_, int offset _U_, packet_i
 	old_offset = offset;
 
 	if (parent_tree) {
-		item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, TRUE);
+		item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA);
 		tree = proto_item_add_subtree(item, ett_eventlog_eventlog_OpenUnknown0);
 	}
 	
@@ -613,6 +613,11 @@ eventlog_dissect_struct_OpenUnknown0(tvbuff_t *tvb _U_, int offset _U_, packet_i
 
 	proto_item_set_len(item, offset-old_offset);
 
+
+	if (di->call_data->flags & DCERPC_IS_NDR64) {
+		ALIGN_TO_2_BYTES;
+	}
+
 	return offset;
 }
 
@@ -739,6 +744,7 @@ eventlog_dissect_element_Record_data_offset(tvbuff_t *tvb _U_, int offset _U_, p
 static int
 eventlog_dissect_element_Record_strings_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
 {
+	offset = dissect_null_term_wstring(tvb, offset, pinfo, tree, drep, hf_eventlog_eventlog_Record_strings , 0);
 
 	return offset;
 }
@@ -746,6 +752,7 @@ eventlog_dissect_element_Record_strings_(tvbuff_t *tvb _U_, int offset _U_, pack
 static int
 eventlog_dissect_element_Record_raw_data(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, guint8 *drep _U_)
 {
+	offset = dissect_null_term_string(tvb, offset, pinfo, tree, drep, hf_eventlog_eventlog_Record_raw_data , 0);
 
 	return offset;
 }
@@ -755,6 +762,7 @@ eventlog_dissect_struct_Record(tvbuff_t *tvb _U_, int offset _U_, packet_info *p
 {
 	proto_item *item = NULL;
 	proto_tree *tree = NULL;
+	dcerpc_info *di = (dcerpc_info *)pinfo->private_data;
 	int old_offset;
 
 	ALIGN_TO_4_BYTES;
@@ -762,7 +770,7 @@ eventlog_dissect_struct_Record(tvbuff_t *tvb _U_, int offset _U_, packet_info *p
 	old_offset = offset;
 
 	if (parent_tree) {
-		item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, TRUE);
+		item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA);
 		tree = proto_item_add_subtree(item, ett_eventlog_eventlog_Record);
 	}
 	
@@ -809,6 +817,11 @@ eventlog_dissect_struct_Record(tvbuff_t *tvb _U_, int offset _U_, packet_info *p
 
 	proto_item_set_len(item, offset-old_offset);
 
+
+	if (di->call_data->flags & DCERPC_IS_NDR64) {
+		ALIGN_TO_4_BYTES;
+	}
+
 	return offset;
 }
 
@@ -839,6 +852,7 @@ eventlog_dissect_struct_ChangeUnknown0(tvbuff_t *tvb _U_, int offset _U_, packet
 {
 	proto_item *item = NULL;
 	proto_tree *tree = NULL;
+	dcerpc_info *di = (dcerpc_info *)pinfo->private_data;
 	int old_offset;
 
 	ALIGN_TO_4_BYTES;
@@ -846,7 +860,7 @@ eventlog_dissect_struct_ChangeUnknown0(tvbuff_t *tvb _U_, int offset _U_, packet
 	old_offset = offset;
 
 	if (parent_tree) {
-		item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, TRUE);
+		item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, -1, ENC_NA);
 		tree = proto_item_add_subtree(item, ett_eventlog_eventlog_ChangeUnknown0);
 	}
 	
@@ -857,6 +871,11 @@ eventlog_dissect_struct_ChangeUnknown0(tvbuff_t *tvb _U_, int offset _U_, packet
 
 	proto_item_set_len(item, offset-old_offset);
 
+
+	if (di->call_data->flags & DCERPC_IS_NDR64) {
+		ALIGN_TO_4_BYTES;
+	}
+
 	return offset;
 }
 
@@ -2302,7 +2321,7 @@ void proto_register_dcerpc_eventlog(void)
 	{ &hf_eventlog_eventlog_OpenEventLogW_unknown0, 
 	  { "Unknown0", "eventlog.eventlog_OpenEventLogW.unknown0", FT_NONE, BASE_NONE, NULL, 0, NULL, HFILL }},
 	{ &hf_eventlog_eventlog_Record_computer_name, 
-	  { "Computer Name", "eventlog.eventlog_Record.computer_name", FT_NONE, BASE_NONE, NULL, 0, NULL, HFILL }},
+	  { "Computer Name", "eventlog.eventlog_Record.computer_name", FT_STRING, BASE_NONE, NULL, 0, NULL, HFILL }},
 	{ &hf_eventlog_eventlog_RegisterEventSourceW_handle, 
 	  { "Handle", "eventlog.eventlog_RegisterEventSourceW.handle", FT_BYTES, BASE_NONE, NULL, 0, NULL, HFILL }},
 	{ &hf_eventlog_eventlog_GetNumRecords_handle, 
@@ -2348,7 +2367,7 @@ void proto_register_dcerpc_eventlog(void)
 	{ &hf_eventlog_eventlog_BackupEventLogW_handle, 
 	  { "Handle", "eventlog.eventlog_BackupEventLogW.handle", FT_BYTES, BASE_NONE, NULL, 0, NULL, HFILL }},
 	{ &hf_eventlog_eventlog_Record_raw_data, 
-	  { "Raw Data", "eventlog.eventlog_Record.raw_data", FT_NONE, BASE_NONE, NULL, 0, NULL, HFILL }},
+	  { "Raw Data", "eventlog.eventlog_Record.raw_data", FT_STRING, BASE_NONE, NULL, 0, NULL, HFILL }},
 	{ &hf_eventlog_eventlog_RegisterEventSourceW_unknown0, 
 	  { "Unknown0", "eventlog.eventlog_RegisterEventSourceW.unknown0", FT_NONE, BASE_NONE, NULL, 0, NULL, HFILL }},
 	{ &hf_eventlog_eventlog_CloseEventLog_handle, 
@@ -2366,7 +2385,7 @@ void proto_register_dcerpc_eventlog(void)
 	{ &hf_eventlog_eventlog_OpenEventLogW_MinorVersion, 
 	  { "Minorversion", "eventlog.eventlog_OpenEventLogW.MinorVersion", FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }},
 	{ &hf_eventlog_eventlog_Record_source_name, 
-	  { "Source Name", "eventlog.eventlog_Record.source_name", FT_NONE, BASE_NONE, NULL, 0, NULL, HFILL }},
+	  { "Source Name", "eventlog.eventlog_Record.source_name", FT_STRING, BASE_NONE, NULL, 0, NULL, HFILL }},
 	{ &hf_eventlog_eventlog_GetLogIntormation_handle, 
 	  { "Handle", "eventlog.eventlog_GetLogIntormation.handle", FT_BYTES, BASE_NONE, NULL, 0, NULL, HFILL }},
 	{ &hf_eventlog_Record_length, 
@@ -2376,7 +2395,7 @@ void proto_register_dcerpc_eventlog(void)
 	{ &hf_eventlog_eventlog_GetOldestRecord_oldest, 
 	  { "Oldest", "eventlog.eventlog_GetOldestRecord.oldest", FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }},
 	{ &hf_eventlog_eventlog_Record_strings, 
-	  { "Strings", "eventlog.eventlog_Record.strings", FT_NONE, BASE_NONE, NULL, 0, NULL, HFILL }},
+	  { "Strings", "eventlog.eventlog_Record.strings", FT_STRING, BASE_NONE, NULL, 0, NULL, HFILL }},
 	{ &hf_eventlog_eventlog_Record_record_number, 
 	  { "Record Number", "eventlog.eventlog_Record.record_number", FT_UINT32, BASE_DEC, NULL, 0, NULL, HFILL }},
 	{ &hf_eventlog_eventlog_OpenEventLogW_handle,
author	Michael Mann <mmann78@netscape.net>	2013-10-21 19:41:54 +0000
committer	Michael Mann <mmann78@netscape.net>	2013-10-21 19:41:54 +0000
commit	87e55cb9e046e4d7749333c67862e5bf935ed6a1 (patch)
tree	e984e35b5eed1a6a0eaea7ea19189c1ad72c17e6 /epan/dissectors/packet-dcerpc-eventlog.c
parent	15294a1261961d7ac2ad4316eb83b0e413effc47 (diff)