diff options
author | Guy Harris <guy@alum.mit.edu> | 2018-04-19 20:18:10 -0700 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 2018-04-20 03:18:47 +0000 |
commit | 0a130c5756eda79cbb55f1d38824fbaf9d1abc68 (patch) | |
tree | fb3188f1965219c227e82fb5fcb7cc5307a5e1fc /epan/dissectors/packet-windows-common.c | |
parent | 9011a25afc598bfb5d46be92b2ef112cd1b17594 (diff) |
Handle subset tvbuffs where the length goes past the end of the parent.
Add a "contained length" to tvbuffs. For non-subset tvbuffs, that's the
same as the reported length. For a subset tvbuff, that's the amount of
the reported data that was actually present in the "contained data" of
the parent tvbuff.
This is unaffected by the *captured* length of any tvbuff; that differs
from the contained length only if the capture was cut short by a
snapshot length.
If a reference is within the reported data, but not within the contained
data, a ContainedBoundsError exception is thrown. This exception
represents a protocol error, rather than a reference past the captured
data in the packet; we treat it as such.
Change-Id: Ide87f81238eaeb89b3093f54a87bf7f715485af5
Reviewed-on: https://code.wireshark.org/review/27039
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'epan/dissectors/packet-windows-common.c')
-rw-r--r-- | epan/dissectors/packet-windows-common.c | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/epan/dissectors/packet-windows-common.c b/epan/dissectors/packet-windows-common.c index 9eeb6b9364..dee5ce9309 100644 --- a/epan/dissectors/packet-windows-common.c +++ b/epan/dissectors/packet-windows-common.c @@ -86,12 +86,12 @@ static gint ett_nt_ace_object = -1; static gint ett_nt_ace_object_flags = -1; static gint ett_nt_security_information = -1; +static expert_field ei_nt_owner_sid_beyond_data = EI_INIT; static expert_field ei_nt_owner_sid_beyond_reassembled_data = EI_INIT; +static expert_field ei_nt_ace_extends_beyond_data = EI_INIT; static expert_field ei_nt_ace_extends_beyond_reassembled_data = EI_INIT; -static expert_field ei_nt_ace_extends_beyond_capture = EI_INIT; +static expert_field ei_nt_group_sid_beyond_data = EI_INIT; static expert_field ei_nt_group_sid_beyond_reassembled_data = EI_INIT; -static expert_field ei_nt_group_sid_beyond_captured_data = EI_INIT; -static expert_field ei_nt_owner_sid_beyond_captured_data = EI_INIT; static expert_field ei_nt_item_offs_out_of_range = EI_INIT; @@ -2189,8 +2189,8 @@ dissect_nt_acl(tvbuff_t *tvb, int offset_a, packet_info *pinfo, } } - CATCH(BoundsError) { - proto_tree_add_expert(tree, pinfo, &ei_nt_ace_extends_beyond_capture, tvb, offset_v, 0); + CATCH(ContainedBoundsError) { + proto_tree_add_expert(tree, pinfo, &ei_nt_ace_extends_beyond_data, tvb, offset_v, 0); missing_data = TRUE; } @@ -2430,8 +2430,8 @@ dissect_nt_sec_desc(tvbuff_t *tvb, int offset_a, packet_info *pinfo, end_offset = offset_v; } - CATCH(BoundsError) { - proto_tree_add_expert(tree, pinfo, &ei_nt_owner_sid_beyond_captured_data, tvb, item_offset, 0); + CATCH(ContainedBoundsError) { + proto_tree_add_expert(tree, pinfo, &ei_nt_owner_sid_beyond_data, tvb, item_offset, 0); } CATCH(ReportedBoundsError) { @@ -2455,8 +2455,8 @@ dissect_nt_sec_desc(tvbuff_t *tvb, int offset_a, packet_info *pinfo, end_offset = offset_v; } - CATCH(BoundsError) { - proto_tree_add_expert(tree, pinfo, &ei_nt_group_sid_beyond_captured_data, tvb, item_offset, 0); + CATCH(ContainedBoundsError) { + proto_tree_add_expert(tree, pinfo, &ei_nt_group_sid_beyond_data, tvb, item_offset, 0); } CATCH(ReportedBoundsError) { @@ -2888,11 +2888,11 @@ proto_do_register_windows_common(int proto_smb) }; static ei_register_info ei[] = { - { &ei_nt_ace_extends_beyond_capture, { "nt.ace_extends_beyond_capture", PI_MALFORMED, PI_ERROR, "ACE Extends beyond end of captured data", EXPFILL }}, + { &ei_nt_ace_extends_beyond_data, { "nt.ace_extends_beyond_data", PI_MALFORMED, PI_ERROR, "ACE Extends beyond end of data", EXPFILL }}, { &ei_nt_ace_extends_beyond_reassembled_data, { "nt.ace_extends_beyond_reassembled_data", PI_MALFORMED, PI_ERROR, "ACE Extends beyond end of reassembled data", EXPFILL }}, - { &ei_nt_owner_sid_beyond_captured_data, { "nt.owner_sid.beyond_captured_data", PI_MALFORMED, PI_ERROR, "Owner SID beyond end of captured data", EXPFILL }}, + { &ei_nt_owner_sid_beyond_data, { "nt.owner_sid.beyond_data", PI_MALFORMED, PI_ERROR, "Owner SID beyond end of data", EXPFILL }}, { &ei_nt_owner_sid_beyond_reassembled_data, { "nt.owner_sid.beyond_reassembled_data", PI_MALFORMED, PI_ERROR, "Owner SID beyond end of reassembled data", EXPFILL }}, - { &ei_nt_group_sid_beyond_captured_data, { "nt.group_sid.beyond_captured_data", PI_MALFORMED, PI_ERROR, "Group SID beyond end of captured data", EXPFILL }}, + { &ei_nt_group_sid_beyond_data, { "nt.group_sid.beyond_data", PI_MALFORMED, PI_ERROR, "Group SID beyond end of data", EXPFILL }}, { &ei_nt_group_sid_beyond_reassembled_data, { "nt.group_sid.beyond_reassembled_data", PI_MALFORMED, PI_ERROR, "Group SID beyond end of reassembled data", EXPFILL }}, { &ei_nt_item_offs_out_of_range, { "nt.item_offset.out_of_range", PI_MALFORMED, PI_ERROR, "Item offset is out of range", EXPFILL }}, }; |