diff options
author | Gerald Combs <gerald@wireshark.org> | 2006-07-09 17:58:28 +0000 |
---|---|---|
committer | Gerald Combs <gerald@wireshark.org> | 2006-07-09 17:58:28 +0000 |
commit | 6dd2196da600c33b59572c1571f4f7dc3225c870 (patch) | |
tree | 6c190aa79fb75019ab6e4f754a6e58bd8fb9886a /epan/dissectors/packet-ssh.c | |
parent | eb2e0d867df65bb0ef88ad37dc4d5a1e0717d230 (diff) |
One more bug from Ilja van Sprundel. Be more paranoid about our offset during
a loop. Fix up whitespace.
svn path=/trunk/; revision=18692
Diffstat (limited to 'epan/dissectors/packet-ssh.c')
-rw-r--r-- | epan/dissectors/packet-ssh.c | 91 |
1 files changed, 46 insertions, 45 deletions
diff --git a/epan/dissectors/packet-ssh.c b/epan/dissectors/packet-ssh.c index 54107f3e21..d75d2d28b5 100644 --- a/epan/dissectors/packet-ssh.c +++ b/epan/dissectors/packet-ssh.c @@ -26,8 +26,8 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * * - * Note: support SSH v1 and v2 now. - * + * Note: support SSH v1 and v2 now. + * */ #ifdef HAVE_CONFIG_H @@ -134,7 +134,7 @@ static gint ett_ssh2= -1; static gboolean ssh_desegment = TRUE; -#define TCP_PORT_SSH 22 +#define TCP_PORT_SSH 22 static const value_string ssh2_msg_vals[] = { {SSH2_MSG_DISCONNECT, "Disconnect"}, @@ -147,7 +147,7 @@ static const value_string ssh2_msg_vals[] = { {SSH2_MSG_NEWKEYS, "New Keys"}, {SSH2_MSG_KEXDH_INIT, "Diffie-Hellman Key Exchange Init"}, {SSH2_MSG_KEXDH_REPLY, "Diffie-Hellman Key Exchange Reply"}, - {SSH2_MSG_KEX_DH_GEX_INIT, "Diffie-Hellman GEX Init"}, + {SSH2_MSG_KEX_DH_GEX_INIT, "Diffie-Hellman GEX Init"}, {SSH2_MSG_KEX_DH_GEX_REPLY, "Diffie-Hellman GEX Reply"}, {SSH2_MSG_KEX_DH_GEX_REQUEST, "Diffie-Hellman GEX Request"}, { 0, NULL } @@ -172,13 +172,13 @@ static int ssh_dissect_key_init(tvbuff_t *tvb, int offset, proto_tree *tree); static int ssh_dissect_ssh1(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *tree,int is_response, int number, gboolean *need_desegmentation); -static int ssh_dissect_ssh2(tvbuff_t *tvb, packet_info *pinfo, +static int ssh_dissect_ssh2(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *tree,int is_response, int number, gboolean *need_desegmentation ); -static int ssh_dissect_key_exchange(tvbuff_t *tvb, packet_info *pinfo, +static int ssh_dissect_key_exchange(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *tree,int is_response, int number, gboolean *need_desegmentation ); -static int ssh_dissect_protocol(tvbuff_t *tvb, packet_info *pinfo, +static int ssh_dissect_protocol(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *tree,int is_response,int *version, gboolean *need_desegmentation); static int ssh_dissect_encrypted_packet(tvbuff_t *tvb, packet_info *pinfo, @@ -231,7 +231,7 @@ dissect_ssh(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) /* * end of attaching data - */ + */ if (pinfo->destport == pinfo->match_port) { is_response=FALSE; if(!this_data) { @@ -254,7 +254,7 @@ dissect_ssh(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) ssh_tree = proto_item_add_subtree(ti, ett_ssh); } number = 0; - + version = global_data->version; if (check_col(pinfo->cinfo, COL_PROTOCOL)) { @@ -268,7 +268,7 @@ dissect_ssh(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) case SSH_VERSION_2: col_set_str(pinfo->cinfo, COL_PROTOCOL, "SSHv2"); break; - + } } @@ -277,7 +277,7 @@ dissect_ssh(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) offset,ssh_tree,is_response); return; } - + while((remain_length = tvb_reported_length_remaining(tvb,offset))> 0 ) { need_desegmentation = FALSE; last_offset = offset; @@ -291,7 +291,7 @@ dissect_ssh(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) global_data->req_counter++; } } - + number++; if(this_number == 0) { offset = ssh_dissect_protocol(tvb, pinfo, @@ -322,7 +322,7 @@ dissect_ssh(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) case SSH_VERSION_1: offset = ssh_dissect_ssh1(tvb, pinfo, - offset,ssh_tree,is_response,this_number, + offset,ssh_tree,is_response,this_number, &need_desegmentation); break; @@ -334,23 +334,24 @@ dissect_ssh(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) } } + DISSECTOR_ASSERT(offset > last_offset); if(need_desegmentation) return; } } -static int +static int ssh_dissect_ssh2(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *tree,int is_response, int this_number, gboolean *need_desegmentation) { - proto_item *ti; + proto_item *ti; proto_item *ssh2_tree=NULL; if(tree) { ti=proto_tree_add_text(tree,tvb,offset,-1,"SSH Version 2"); ssh2_tree = proto_item_add_subtree(ti ,ett_ssh2); } - + if((is_response && this_number > 3) || (!is_response && this_number>4)) { offset = ssh_dissect_encrypted_packet(tvb, pinfo, offset,ssh2_tree,is_response); @@ -362,23 +363,23 @@ ssh_dissect_ssh2(tvbuff_t *tvb, packet_info *pinfo, return offset; } -static int +static int ssh_dissect_ssh1(tvbuff_t *tvb, packet_info *pinfo, - int offset, proto_tree *tree,int is_response, + int offset, proto_tree *tree,int is_response, int number, gboolean *need_desegmentation) { guint plen, padding_length,len; guint8 msg_code; guint remain_length; - proto_item *ti; + proto_item *ti; proto_item *ssh1_tree =NULL; if(tree) { ti=proto_tree_add_text(tree,tvb,offset,-1,"SSH Version 1"); ssh1_tree = proto_item_add_subtree(ti ,ett_ssh1); } - + /* * We use "tvb_ensure_length_remaining()" to make sure there * actually *is* data remaining. @@ -408,7 +409,7 @@ ssh_dissect_ssh1(tvbuff_t *tvb, packet_info *pinfo, } if (check_col(pinfo->cinfo, COL_INFO)) { - col_add_fstr(pinfo->cinfo, COL_INFO, "%s: ", + col_add_fstr(pinfo->cinfo, COL_INFO, "%s: ", is_response?"Server":"Client"); } @@ -448,7 +449,7 @@ ssh_dissect_ssh1(tvbuff_t *tvb, packet_info *pinfo, msg_code); } if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr(pinfo->cinfo, COL_INFO, "%s", + col_append_fstr(pinfo->cinfo, COL_INFO, "%s", val_to_str(msg_code, ssh1_msg_vals, "Unknown (%u)")); } offset += 1; @@ -469,7 +470,7 @@ ssh_dissect_ssh1(tvbuff_t *tvb, packet_info *pinfo, return offset; } -static int +static int ssh_dissect_key_exchange(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *tree,int is_response,int number, gboolean *need_desegmentation) @@ -482,7 +483,7 @@ ssh_dissect_key_exchange(tvbuff_t *tvb, packet_info *pinfo, proto_item *tf; proto_item *key_ex_tree =NULL; - + /* * We use "tvb_ensure_length_remaining()" to make sure there * actually *is* data remaining. @@ -509,11 +510,11 @@ ssh_dissect_key_exchange(tvbuff_t *tvb, packet_info *pinfo, } } /* - * Need to check plen > 0x80000000 here - */ + * Need to check plen > 0x80000000 here + */ if (check_col(pinfo->cinfo, COL_INFO)) { - col_add_fstr(pinfo->cinfo, COL_INFO, "%s: ", + col_add_fstr(pinfo->cinfo, COL_INFO, "%s: ", is_response?"Server":"Client"); } @@ -549,16 +550,16 @@ ssh_dissect_key_exchange(tvbuff_t *tvb, packet_info *pinfo, offset, 1, msg_code,"Msg code: %s (%u)", val_to_str(msg_code, ssh2_msg_vals, "Unknown (%u)"), msg_code); - + } if (check_col(pinfo->cinfo, COL_INFO)) { - col_append_fstr(pinfo->cinfo, COL_INFO, "%s", + col_append_fstr(pinfo->cinfo, COL_INFO, "%s", val_to_str(msg_code, ssh2_msg_vals, "Unknown (%u)")); } offset += 1; - + /* 16 bytes cookie */ - if(number == 1) { + if(number == 1) { offset = ssh_dissect_key_init(tvb, offset,key_ex_tree); } @@ -567,7 +568,7 @@ ssh_dissect_key_exchange(tvbuff_t *tvb, packet_info *pinfo, ssh_proto_tree_add_item(key_ex_tree, hf_ssh_payload, tvb, offset, len, FALSE); } - offset +=len; + offset +=len; /* padding */ if(tree) { @@ -590,7 +591,7 @@ ssh_dissect_key_exchange(tvbuff_t *tvb, packet_info *pinfo, return offset; } -static int +static int ssh_dissect_encrypted_packet(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *tree,int is_response) { @@ -598,7 +599,7 @@ ssh_dissect_encrypted_packet(tvbuff_t *tvb, packet_info *pinfo, len = tvb_reported_length_remaining(tvb,offset); if (check_col(pinfo->cinfo, COL_INFO)) { - col_add_fstr(pinfo->cinfo, COL_INFO, "Encrypted %s packet len=%d", + col_add_fstr(pinfo->cinfo, COL_INFO, "Encrypted %s packet len=%d", is_response?"response":"request",len); } if (tree ) { @@ -608,7 +609,7 @@ ssh_dissect_encrypted_packet(tvbuff_t *tvb, packet_info *pinfo, offset+=len; return offset; } - + static int ssh_dissect_protocol(tvbuff_t *tvb, packet_info *pinfo, int offset, proto_tree *tree, int is_response, int * version, @@ -616,10 +617,10 @@ ssh_dissect_protocol(tvbuff_t *tvb, packet_info *pinfo, { guint remain_length; gint linelen, protolen; - - /* - * If the first packet do not contain the banner, - * it is dump in the middle of a flow or not a ssh at all + + /* + * If the first packet do not contain the banner, + * it is dump in the middle of a flow or not a ssh at all */ if(tvb_strncaseeql(tvb,offset,"SSH-",4) != 0 ) { offset = ssh_dissect_encrypted_packet(tvb, pinfo, @@ -636,7 +637,7 @@ ssh_dissect_protocol(tvbuff_t *tvb, packet_info *pinfo, *(version) = SSH_VERSION_1; } } - + /* * We use "tvb_ensure_length_remaining()" to make sure there * actually *is* data remaining. @@ -666,9 +667,9 @@ ssh_dissect_protocol(tvbuff_t *tvb, packet_info *pinfo, } if (check_col(pinfo->cinfo, COL_INFO)) { - col_add_fstr(pinfo->cinfo, COL_INFO, "%s Protocol: %s", - is_response?"Server":"Client", - tvb_format_text(tvb,offset,protolen)); + col_add_fstr(pinfo->cinfo, COL_INFO, "%s Protocol: %s", + is_response?"Server":"Client", + tvb_format_text(tvb,offset,protolen)); } if (tree ) { ssh_proto_tree_add_item(tree, hf_ssh_protocol, @@ -837,7 +838,7 @@ proto_register_ssh(void) { "languages_server_to_client string", "ssh.languages_server_to_client", FT_STRINGZ, BASE_NONE, NULL, 0x0, "SSH languages_server_to_client string", HFILL }}, - + { &hf_ssh_kex_algorithms_length, { "kex_algorithms length", "ssh.kex_algorithms_length", FT_UINT32, BASE_DEC, NULL, 0x0, @@ -918,6 +919,6 @@ proto_reg_handoff_ssh(void) dissector_handle_t ssh_handle; ssh_handle = create_dissector_handle(dissect_ssh, proto_ssh); - + dissector_add("tcp.port", TCP_PORT_SSH, ssh_handle); } |