diff options
author | guy <guy@f5534014-38df-0310-8fa8-9805f1628bb7> | 2010-08-10 07:04:20 +0000 |
---|---|---|
committer | guy <guy@f5534014-38df-0310-8fa8-9805f1628bb7> | 2010-08-10 07:04:20 +0000 |
commit | e511c1af985a3dc3294631950b5190266d0b659b (patch) | |
tree | ab1286200d47eaefabc4d6f1a572c789cfd86cbb /epan | |
parent | 9e4b323ef564149e43101e1ffd4d8becd17b0a2b (diff) |
Dissect SMB_FILE_ATTRIBUTES, when used as file attributes rather than
search attributes, as a 16-bit quantity, with only the bits specified by
section 2.2.1.2.4 of [MS-CIFS]. Use dissect_file_ext_attr() in all
cases where we're dissecting SMB_EXT_FILE_ATTR, as specified by section
2.2.1.2.3 of [MS-CIFS].
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33753 f5534014-38df-0310-8fa8-9805f1628bb7
Diffstat (limited to 'epan')
-rw-r--r-- | epan/dissectors/packet-smb.c | 107 | ||||
-rw-r--r-- | epan/dissectors/packet-smb.h | 2 | ||||
-rw-r--r-- | epan/dissectors/packet-smb2.c | 18 |
3 files changed, 51 insertions, 76 deletions
diff --git a/epan/dissectors/packet-smb.c b/epan/dissectors/packet-smb.c index 65bf319e97..04d0eee57f 100644 --- a/epan/dissectors/packet-smb.c +++ b/epan/dissectors/packet-smb.c @@ -1589,75 +1589,47 @@ static const true_false_string tfs_file_attribute_encrypted = { }; /* - * In some places in the CIFS_TR_1p00.pdf, from SNIA, file attributes are - * listed as USHORT, and seem to be in packets in the wild, while in other - * places they are listed as ULONG, and also seem to be. - * - * So, I (Richard Sharpe), added a parameter to allow us to specify how many - * bytes to consume. + * Dissects an SMB_FILE_ATTRIBUTES, to use the term given to it by + * section 2.2.1.2.4 of [MS-CIFS], in cases where it's just file attributes, + * not search attributes. */ - -int -dissect_file_attributes(tvbuff_t *tvb, proto_tree *parent_tree, int offset, - int bytes) +static int +dissect_file_attributes(tvbuff_t *tvb, proto_tree *parent_tree, int offset) { guint16 mask; proto_item *item; proto_tree *tree; - if (bytes != 2 && bytes != 4) { - THROW(ReportedBoundsError); - } - - /* - * The actual bits of interest appear to only be a USHORT - */ - /* FIXME if this ever changes! */ mask = tvb_get_letohs(tvb, offset); if(parent_tree){ - item = proto_tree_add_text(parent_tree, tvb, offset, bytes, - "File Attributes: 0x%08x", mask); + item = proto_tree_add_text(parent_tree, tvb, offset, 2, + "File Attributes: 0x%04x", mask); tree = proto_item_add_subtree(item, ett_smb_file_attributes); - proto_tree_add_boolean(tree, hf_smb_file_attr_encrypted, - tvb, offset, bytes, mask); - proto_tree_add_boolean(tree, hf_smb_file_attr_not_content_indexed, - tvb, offset, bytes, mask); - proto_tree_add_boolean(tree, hf_smb_file_attr_offline, - tvb, offset, bytes, mask); - proto_tree_add_boolean(tree, hf_smb_file_attr_compressed, - tvb, offset, bytes, mask); - proto_tree_add_boolean(tree, hf_smb_file_attr_reparse, - tvb, offset, bytes, mask); - proto_tree_add_boolean(tree, hf_smb_file_attr_sparse, - tvb, offset, bytes, mask); - proto_tree_add_boolean(tree, hf_smb_file_attr_temporary, - tvb, offset, bytes, mask); - proto_tree_add_boolean(tree, hf_smb_file_attr_normal, - tvb, offset, bytes, mask); - proto_tree_add_boolean(tree, hf_smb_file_attr_device, - tvb, offset, bytes, mask); proto_tree_add_boolean(tree, hf_smb_file_attr_archive_16bit, - tvb, offset, bytes, mask); + tvb, offset, 2, mask); proto_tree_add_boolean(tree, hf_smb_file_attr_directory_16bit, - tvb, offset, bytes, mask); + tvb, offset, 2, mask); proto_tree_add_boolean(tree, hf_smb_file_attr_volume_16bit, - tvb, offset, bytes, mask); + tvb, offset, 2, mask); proto_tree_add_boolean(tree, hf_smb_file_attr_system_16bit, - tvb, offset, bytes, mask); + tvb, offset, 2, mask); proto_tree_add_boolean(tree, hf_smb_file_attr_hidden_16bit, - tvb, offset, bytes, mask); + tvb, offset, 2, mask); proto_tree_add_boolean(tree, hf_smb_file_attr_read_only_16bit, - tvb, offset, bytes, mask); + tvb, offset, 2, mask); } - offset += bytes; + offset += 2; return offset; } -/* 3.11 */ +/* + * 3.11 in the SNIA CIFS spec + * SMB_EXT_FILE_ATTR, section 2.2.1.2.3 in the [MS-CIFS] spec + */ static int dissect_file_ext_attr_bits(tvbuff_t *tvb, proto_tree *parent_tree, int offset, int len, guint32 mask) @@ -1717,7 +1689,7 @@ dissect_file_ext_attr_bits(tvbuff_t *tvb, proto_tree *parent_tree, int offset, } /* 3.11 */ -static int +int dissect_file_ext_attr(tvbuff_t *tvb, proto_tree *parent_tree, int offset) { guint32 mask; @@ -1787,6 +1759,10 @@ static const true_false_string tfs_search_attribute_archive = { "Do NOT include archive files in search results" }; +/* + * Dissects an SMB_FILE_ATTRIBUTES, to use the term given to it by + * section 2.2.1.2.4 of [MS-CIFS], in cases where it's search attributes. + */ static int dissect_search_attributes(tvbuff_t *tvb, proto_tree *parent_tree, int offset) { @@ -3574,7 +3550,7 @@ dissect_open_file_response(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tr offset += 2; /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 2); + offset = dissect_file_attributes(tvb, tree, offset); /* last write time */ offset = dissect_smb_UTIME(tvb, tree, offset, hf_smb_last_write_time); @@ -3733,7 +3709,7 @@ dissect_create_file_request(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, WORD_COUNT; /* file attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 2); + offset = dissect_file_attributes(tvb, tree, offset); /* creation time */ offset = dissect_smb_UTIME(tvb, tree, offset, hf_smb_create_time); @@ -4025,7 +4001,7 @@ dissect_query_information_response(tvbuff_t *tvb, packet_info *pinfo _U_, proto_ WORD_COUNT; /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 2); + offset = dissect_file_attributes(tvb, tree, offset); /* Last Write Time */ offset = dissect_smb_UTIME(tvb, tree, offset, hf_smb_last_write_time); @@ -4059,7 +4035,7 @@ dissect_set_information_request(tvbuff_t *tvb, packet_info *pinfo, proto_tree *t WORD_COUNT; /* file attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 2); + offset = dissect_file_attributes(tvb, tree, offset); /* last write time */ offset = dissect_smb_UTIME(tvb, tree, offset, hf_smb_last_write_time); @@ -4655,7 +4631,7 @@ dissect_query_information2_response(tvbuff_t *tvb, packet_info *pinfo _U_, proto offset += 4; /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 2); + offset = dissect_file_attributes(tvb, tree, offset); BYTE_COUNT; @@ -6020,7 +5996,7 @@ dissect_open_andx_request(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, i offset = dissect_search_attributes(tvb, tree, offset); /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 2); + offset = dissect_file_attributes(tvb, tree, offset); /* creation time */ offset = dissect_smb_UTIME(tvb, tree, offset, hf_smb_create_time); @@ -6176,8 +6152,8 @@ dissect_open_andx_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, /* File Attributes */ fattr = tvb_get_letohs(tvb, offset); - isdir = fattr & 0x10; - offset = dissect_file_attributes(tvb, tree, offset, 2); + isdir = fattr & SMB_FILE_ATTRIBUTE_DIRECTORY; + offset = dissect_file_attributes(tvb, tree, offset); /* last write time */ offset = dissect_smb_UTIME(tvb, tree, offset, hf_smb_last_write_time); @@ -8591,7 +8567,7 @@ dissect_nt_trans_param_request(tvbuff_t *tvb, packet_info *pinfo, int offset, pr proto_item *item = NULL; proto_tree *tree = NULL; smb_info_t *si; - guint32 fn_len, create_flags, access_mask, file_attributes, share_access, create_options, create_disposition; + guint32 fn_len, create_flags, access_mask, share_access, create_options, create_disposition; const char *fn; si = (smb_info_t *)pinfo->private_data; @@ -8626,8 +8602,7 @@ dissect_nt_trans_param_request(tvbuff_t *tvb, packet_info *pinfo, int offset, pr COUNT_BYTES(8); /* Extended File Attributes */ - file_attributes=tvb_get_letohl(tvb, offset); - offset = dissect_file_ext_attr_bits(tvb, tree, offset, 4, file_attributes); + offset = dissect_file_ext_attr(tvb, tree, offset); bc -= 4; /* share access */ @@ -10755,7 +10730,7 @@ dissect_transaction2_request_parameters(tvbuff_t *tvb, packet_info *pinfo, /* File Attributes */ CHECK_BYTE_COUNT_TRANS(2); - offset = dissect_file_attributes(tvb, tree, offset, 2); + offset = dissect_file_attributes(tvb, tree, offset); bc -= 2; /* create time */ @@ -11730,7 +11705,7 @@ dissect_4_2_16_1(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, /* File Attributes */ CHECK_BYTE_COUNT_SUBR(2); - offset = dissect_file_attributes(tvb, tree, offset, 2); + offset = dissect_file_attributes(tvb, tree, offset); *bcp -= 2; /* ea length */ @@ -11856,7 +11831,7 @@ dissect_4_2_16_4(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, /* File Attributes */ CHECK_BYTE_COUNT_SUBR(4); - offset = dissect_file_attributes(tvb, tree, offset, 4); + offset = dissect_file_ext_attr(tvb, tree, offset); *bcp -= 4; *trunc = FALSE; @@ -12058,7 +12033,7 @@ dissect_qfi_SMB_FILE_ALL_INFO(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tre /* File Attributes */ CHECK_BYTE_COUNT_SUBR(4); - offset = dissect_file_attributes(tvb, tree, offset, 4); + offset = dissect_file_ext_attr(tvb, tree, offset); *bcp -= 4; /* 4 pad bytes */ @@ -12549,7 +12524,7 @@ dissect_qfi_SMB_FILE_NETWORK_OPEN_INFO(tvbuff_t *tvb, /* File Attributes */ CHECK_BYTE_COUNT_SUBR(4); - offset = dissect_file_attributes(tvb, tree, offset, 4); + offset = dissect_file_ext_attr(tvb, tree, offset); *bcp -= 4; /* Unknown, possibly count of network accessors ... */ @@ -13732,7 +13707,7 @@ dissect_4_3_4_1(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, /* File Attributes */ CHECK_BYTE_COUNT_SUBR(2); - offset = dissect_file_attributes(tvb, tree, offset, 2); + offset = dissect_file_attributes(tvb, tree, offset); *bcp -= 2; /* file name len */ @@ -13833,7 +13808,7 @@ dissect_4_3_4_2(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, /* File Attributes */ CHECK_BYTE_COUNT_SUBR(2); - offset = dissect_file_attributes(tvb, tree, offset, 2); + offset = dissect_file_attributes(tvb, tree, offset); *bcp -= 2; /* ea length */ @@ -15468,7 +15443,7 @@ dissect_transaction2_response_parameters(tvbuff_t *tvb, packet_info *pinfo, prot */ /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 2); + offset = dissect_file_attributes(tvb, tree, offset); /* create time */ offset = dissect_smb_datetime(tvb, tree, offset, diff --git a/epan/dissectors/packet-smb.h b/epan/dissectors/packet-smb.h index dea3c0cb67..8386e1a037 100644 --- a/epan/dissectors/packet-smb.h +++ b/epan/dissectors/packet-smb.h @@ -390,7 +390,7 @@ extern int dissect_ipc_state(tvbuff_t *tvb, proto_tree *parent_tree, extern gboolean smb_dcerpc_reassembly; -extern int dissect_file_attributes(tvbuff_t *tvb, proto_tree *parent_tree, int offset, int bytes); +extern int dissect_file_ext_attr(tvbuff_t *tvb, proto_tree *parent_tree, int offset); extern const value_string create_disposition_vals[]; diff --git a/epan/dissectors/packet-smb2.c b/epan/dissectors/packet-smb2.c index 35dbcd01da..8520c23176 100644 --- a/epan/dissectors/packet-smb2.c +++ b/epan/dissectors/packet-smb2.c @@ -1084,7 +1084,7 @@ dissect_smb2_file_all_info(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *pa offset = dissect_nt_64bit_time(tvb, tree, offset, hf_smb2_last_change_timestamp); /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 4); + offset = dissect_file_ext_attr(tvb, tree, offset); /* some unknown bytes */ proto_tree_add_item(tree, hf_smb2_unknown, tvb, offset, 4, FALSE); @@ -1237,7 +1237,7 @@ dissect_smb2_file_basic_info(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree * offset = dissect_nt_64bit_time(tvb, tree, offset, hf_smb2_last_change_timestamp); /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 4); + offset = dissect_file_ext_attr(tvb, tree, offset); /* some unknown bytes */ proto_tree_add_item(tree, hf_smb2_unknown, tvb, offset, 4, FALSE); @@ -2458,7 +2458,7 @@ static void dissect_smb2_file_directory_info(tvbuff_t *tvb, packet_info *pinfo _ offset += 8; /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 4); + offset = dissect_file_ext_attr(tvb, tree, offset); /* file name length */ file_name_len=tvb_get_letohl(tvb, offset); @@ -2542,7 +2542,7 @@ static void dissect_smb2_full_directory_info(tvbuff_t *tvb, packet_info *pinfo _ offset += 8; /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 4); + offset = dissect_file_ext_attr(tvb, tree, offset); /* file name length */ file_name_len=tvb_get_letohl(tvb, offset); @@ -2632,7 +2632,7 @@ static void dissect_smb2_both_directory_info(tvbuff_t *tvb, packet_info *pinfo _ offset += 8; /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 4); + offset = dissect_file_ext_attr(tvb, tree, offset); /* file name length */ file_name_len=tvb_get_letohl(tvb, offset); @@ -2804,7 +2804,7 @@ static void dissect_smb2_id_both_directory_info(tvbuff_t *tvb, packet_info *pinf offset += 8; /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 4); + offset = dissect_file_ext_attr(tvb, tree, offset); /* file name length */ file_name_len=tvb_get_letohl(tvb, offset); @@ -3443,7 +3443,7 @@ dissect_smb2_close_response(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *t offset += 8; /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 4); + offset = dissect_file_ext_attr(tvb, tree, offset); return offset; } @@ -4286,7 +4286,7 @@ dissect_smb2_create_request(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, offset = dissect_smb_access_mask(tvb, tree, offset); /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 4); + offset = dissect_file_ext_attr(tvb, tree, offset); /* share access */ offset = dissect_nt_share_access(tvb, tree, offset); @@ -4379,7 +4379,7 @@ dissect_smb2_create_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree offset += 8; /* File Attributes */ - offset = dissect_file_attributes(tvb, tree, offset, 4); + offset = dissect_file_ext_attr(tvb, tree, offset); /* reserved */ offset += 4; |