aboutsummaryrefslogtreecommitdiffstats
path: root/epan/dissectors/packet-dcom.c
diff options
context:
space:
mode:
Diffstat (limited to 'epan/dissectors/packet-dcom.c')
-rw-r--r--epan/dissectors/packet-dcom.c302
1 files changed, 149 insertions, 153 deletions
diff --git a/epan/dissectors/packet-dcom.c b/epan/dissectors/packet-dcom.c
index 7495f6cbd9..e4754fd0c3 100644
--- a/epan/dissectors/packet-dcom.c
+++ b/epan/dissectors/packet-dcom.c
@@ -695,7 +695,7 @@ static const value_string dcom_vt_bool_vals[] = {
/* dissect extension to DCOM "this" and "that" */
static int
dissect_dcom_extent(tvbuff_t *tvb, int offset,
- packet_info *pinfo, proto_tree *tree, guint8 *drep)
+ packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep)
{
guint32 u32ArraySize;
guint32 u32ArraySize2;
@@ -714,24 +714,24 @@ dissect_dcom_extent(tvbuff_t *tvb, int offset,
const char *uuid_name;
- offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, tree, drep, &u32Pointer);
+ offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, tree, di, drep, &u32Pointer);
if (u32Pointer == 0) {
return offset;
}
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, tree, di, drep,
hf_dcom_extent_array_count, &u32ArrayCount);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, tree, di, drep,
hf_dcom_extent_array_res, &u32ArrayRes);
- offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, tree, drep, &u32Pointer);
+ offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, tree, di, drep, &u32Pointer);
if (u32Pointer == 0) {
return offset;
}
- offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, tree, drep,
+ offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, tree, di, drep,
&u32ArraySize);
u32VariableOffset = offset + u32ArraySize*4;
@@ -742,13 +742,13 @@ dissect_dcom_extent(tvbuff_t *tvb, int offset,
sub_tree = proto_item_add_subtree(sub_item, ett_dcom_extent);
u32SubStart = offset;
- offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, drep, &u32Pointer);
+ offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, di, drep, &u32Pointer);
if(u32Pointer != 0) {
- u32VariableOffset = dissect_dcom_DWORD(tvb, u32VariableOffset, pinfo, sub_tree, drep,
+ u32VariableOffset = dissect_dcom_DWORD(tvb, u32VariableOffset, pinfo, sub_tree, di, drep,
hf_dcom_extent_size, &u32ExtentSize);
- dissect_dcom_UUID(tvb, u32VariableOffset, pinfo, NULL, drep,
+ dissect_dcom_UUID(tvb, u32VariableOffset, pinfo, NULL, di, drep,
hf_dcom_extent_id, &uuidExtend);
/* look for a registered uuid name */
@@ -764,12 +764,12 @@ dissect_dcom_extent(tvbuff_t *tvb, int offset,
uuidExtend.Data4[6], uuidExtend.Data4[7]);
u32VariableOffset += 16;
} else {
- u32VariableOffset = dissect_dcom_UUID(tvb, u32VariableOffset, pinfo, sub_tree, drep,
+ u32VariableOffset = dissect_dcom_UUID(tvb, u32VariableOffset, pinfo, sub_tree, di, drep,
hf_dcom_extent_id, &uuidExtend);
}
- u32VariableOffset = dissect_dcom_dcerpc_array_size(tvb, u32VariableOffset, pinfo, sub_tree, drep,
+ u32VariableOffset = dissect_dcom_dcerpc_array_size(tvb, u32VariableOffset, pinfo, sub_tree, di, drep,
&u32ArraySize2);
u32VariableOffset = dissect_dcom_nospec_data(tvb, u32VariableOffset, pinfo, sub_tree, drep, u32ArraySize2);
@@ -798,7 +798,7 @@ dissect_dcom_extent(tvbuff_t *tvb, int offset,
/* dissect DCOM "this" (start of every DCOM request) */
int
dissect_dcom_this(tvbuff_t *tvb, int offset,
- packet_info *pinfo, proto_tree *tree, guint8 *drep)
+ packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep)
{
guint16 u16VersionMajor;
guint16 u16VersionMinor;
@@ -809,36 +809,34 @@ dissect_dcom_this(tvbuff_t *tvb, int offset,
proto_tree *sub_tree;
guint32 u32SubStart;
proto_item *pi;
- dcerpc_info *info = (dcerpc_info *)pinfo->private_data;
-
sub_item = proto_tree_add_protocol_format(tree, proto_dcom, tvb, offset, 0,
"DCOM, ORPCThis");
sub_tree = proto_item_add_subtree(sub_item, ett_dcom_this);
- offset = dissect_dcom_COMVERSION(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_COMVERSION(tvb, offset, pinfo, sub_tree, di, drep,
&u16VersionMajor, &u16VersionMinor);
u32SubStart = offset - 4;
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_this_flags, &u32Flags);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_this_res, &u32Res);
- offset = dissect_dcom_UUID(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_UUID(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_this_cid, &uuidCausality);
- offset = dissect_dcom_extent(tvb, offset, pinfo, sub_tree, drep);
+ offset = dissect_dcom_extent(tvb, offset, pinfo, sub_tree, di, drep);
/* update subtree header */
proto_item_append_text(sub_item, ", V%u.%u, Causality ID: %s",
u16VersionMajor, u16VersionMinor, guids_resolve_uuid_to_str(&uuidCausality));
proto_item_set_len(sub_item, offset - u32SubStart);
- if(memcmp(&info->call_data->object_uuid, &uuid_null, sizeof(uuid_null)) != 0) {
+ if(memcmp(&di->call_data->object_uuid, &uuid_null, sizeof(uuid_null)) != 0) {
pi = proto_tree_add_guid_format(tree, hf_dcom_ipid, tvb, offset, 0,
- (e_guid_t *) &info->call_data->object_uuid,
- "Object UUID/IPID: %s", guids_resolve_uuid_to_str(&info->call_data->object_uuid));
+ (e_guid_t *) &di->call_data->object_uuid,
+ "Object UUID/IPID: %s", guids_resolve_uuid_to_str(&di->call_data->object_uuid));
PROTO_ITEM_SET_GENERATED(pi);
}
@@ -849,32 +847,30 @@ dissect_dcom_this(tvbuff_t *tvb, int offset,
/* dissect DCOM "that" (start of every DCOM response) */
int
dissect_dcom_that(tvbuff_t *tvb, int offset,
- packet_info *pinfo, proto_tree *tree, guint8 *drep) {
+ packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep) {
guint32 u32Flags;
proto_item *sub_item;
proto_tree *sub_tree;
guint32 u32SubStart;
proto_item *pi;
- dcerpc_info *info = (dcerpc_info *)pinfo->private_data;
-
sub_item = proto_tree_add_protocol_format(tree, proto_dcom, tvb, offset, 0,
"DCOM, ORPCThat");
sub_tree = proto_item_add_subtree(sub_item, ett_dcom_that);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_that_flags, &u32Flags);
u32SubStart = offset - 4;
- offset = dissect_dcom_extent(tvb, offset, pinfo, sub_tree, drep);
+ offset = dissect_dcom_extent(tvb, offset, pinfo, sub_tree, di, drep);
/* update subtree header */
proto_item_set_len(sub_item, offset - u32SubStart);
- if(memcmp(&info->call_data->object_uuid, &uuid_null, sizeof(uuid_null)) != 0) {
+ if(memcmp(&di->call_data->object_uuid, &uuid_null, sizeof(uuid_null)) != 0) {
pi = proto_tree_add_guid_format(tree, hf_dcom_ipid, tvb, offset, 0,
- (e_guid_t *) &info->call_data->object_uuid,
- "Object UUID/IPID: %s", guids_resolve_uuid_to_str(&info->call_data->object_uuid));
+ (e_guid_t *) &di->call_data->object_uuid,
+ "Object UUID/IPID: %s", guids_resolve_uuid_to_str(&di->call_data->object_uuid));
PROTO_ITEM_SET_GENERATED(pi);
}
@@ -885,10 +881,10 @@ dissect_dcom_that(tvbuff_t *tvb, int offset,
/* dissect simple dcom request, DCOM "this" only */
int
dissect_dcom_simple_rqst(tvbuff_t *tvb, int offset,
- packet_info *pinfo, proto_tree *tree, guint8 *drep)
+ packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep)
{
- offset = dissect_dcom_this(tvb, offset, pinfo, tree, drep);
+ offset = dissect_dcom_this(tvb, offset, pinfo, tree, di, drep);
return offset;
}
@@ -897,14 +893,14 @@ dissect_dcom_simple_rqst(tvbuff_t *tvb, int offset,
/* dissect simple dcom response, DCOM "that" and returned HRESULT only */
int
dissect_dcom_simple_resp(tvbuff_t *tvb, int offset,
- packet_info *pinfo, proto_tree *tree, guint8 *drep)
+ packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep)
{
guint32 u32HResult;
- offset = dissect_dcom_that(tvb, offset, pinfo, tree, drep);
+ offset = dissect_dcom_that(tvb, offset, pinfo, tree, di, drep);
- offset = dissect_dcom_HRESULT(tvb, offset, pinfo, tree, drep,
+ offset = dissect_dcom_HRESULT(tvb, offset, pinfo, tree, di, drep,
&u32HResult);
col_append_fstr(pinfo->cinfo, COL_INFO, " -> %s",
@@ -918,7 +914,7 @@ dissect_dcom_simple_resp(tvbuff_t *tvb, int offset,
/* dissect a dcerpc array size */
int
dissect_dcom_dcerpc_array_size(tvbuff_t *tvb, gint offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep, guint32 *pu32ArraySize)
+ proto_tree *tree, dcerpc_info *di, guint8 *drep, guint32 *pu32ArraySize)
{
@@ -928,7 +924,7 @@ dissect_dcom_dcerpc_array_size(tvbuff_t *tvb, gint offset, packet_info *pinfo,
tree = NULL;
}
- offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
+ offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep,
hf_dcom_array_size, pu32ArraySize);
return offset;
@@ -938,7 +934,7 @@ dissect_dcom_dcerpc_array_size(tvbuff_t *tvb, gint offset, packet_info *pinfo,
/* dissect a dcerpc pointer value */
int
dissect_dcom_dcerpc_pointer(tvbuff_t *tvb, gint offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep, guint32 *pu32Pointer)
+ proto_tree *tree, dcerpc_info *di, guint8 *drep, guint32 *pu32Pointer)
{
/* en-/disable this by preference setting */
@@ -947,7 +943,7 @@ dissect_dcom_dcerpc_pointer(tvbuff_t *tvb, gint offset, packet_info *pinfo,
tree = NULL;
}
- offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
+ offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep,
hf_dcom_pointer_val, pu32Pointer);
return offset;
@@ -995,14 +991,14 @@ dissect_dcom_nospec_data(tvbuff_t *tvb, int offset,
/* dissect an indexed WORD, something like: "FieldName[1]: 0x1234" */
int
dissect_dcom_indexed_WORD(tvbuff_t *tvb, int offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep,
+ proto_tree *tree, dcerpc_info *di, guint8 *drep,
int hfindex, guint16 * pu16WORD, int field_index)
{
guint16 u16WORD;
/* dissect the WORD, but don't add to tree */
- dissect_dcom_WORD(tvb, offset, pinfo, NULL /*tree*/, drep,
+ dissect_dcom_WORD(tvb, offset, pinfo, NULL /*tree*/, di, drep,
hfindex, &u16WORD);
if (tree) {
@@ -1025,14 +1021,14 @@ dissect_dcom_indexed_WORD(tvbuff_t *tvb, int offset, packet_info *pinfo,
/* dissect an indexed DWORD, something like: "FieldName[1]: 0x12345678" */
int
dissect_dcom_indexed_DWORD(tvbuff_t *tvb, int offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep,
+ proto_tree *tree, dcerpc_info *di, guint8 *drep,
int hfindex, guint32 * pu32DWORD, int field_index)
{
guint32 u32DWORD;
/* dissect the DWORD, but don't add to tree */
- dissect_dcom_DWORD(tvb, offset, pinfo, NULL /*tree*/, drep,
+ dissect_dcom_DWORD(tvb, offset, pinfo, NULL /*tree*/, di, drep,
hfindex, &u32DWORD);
if (tree) {
@@ -1055,13 +1051,13 @@ dissect_dcom_indexed_DWORD(tvbuff_t *tvb, int offset, packet_info *pinfo,
/* dissect hresult field of a usual DCOM call (create "raw" item) */
int
dissect_dcom_HRESULT_item(tvbuff_t *tvb, int offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep,
+ proto_tree *tree, dcerpc_info *di, guint8 *drep,
guint32 * pu32HResult, int field_index, proto_item **item)
{
guint32 u32HResult;
/* dissect the DWORD, but don't add to tree */
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, NULL /*tree*/, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, NULL /*tree*/, di, drep,
field_index, &u32HResult);
if (tree) {
@@ -1079,14 +1075,14 @@ dissect_dcom_HRESULT_item(tvbuff_t *tvb, int offset, packet_info *pinfo,
/* dissect hresult field of a usual DCOM call (separate method, because often used) */
int
dissect_dcom_HRESULT(tvbuff_t *tvb, int offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep,
+ proto_tree *tree, dcerpc_info *di, guint8 *drep,
guint32 * pu32HResult)
{
guint32 u32HResult;
proto_item *item = NULL;
/* dissect the DWORD, but don't add to tree */
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, NULL /*tree*/, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, NULL /*tree*/, di, drep,
hf_dcom_hresult, &u32HResult);
if (tree) {
@@ -1110,7 +1106,7 @@ dissect_dcom_HRESULT(tvbuff_t *tvb, int offset, packet_info *pinfo,
/* partial results of indexed DCOM subcalls (e.g.: from a kind of array) */
int
dissect_dcom_indexed_HRESULT(tvbuff_t *tvb, int offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep,
+ proto_tree *tree, dcerpc_info *di, guint8 *drep,
guint32 * pu32HResult, int field_index)
{
guint32 u32HResult;
@@ -1118,7 +1114,7 @@ dissect_dcom_indexed_HRESULT(tvbuff_t *tvb, int offset, packet_info *pinfo,
/* dissect the DWORD, but don't add to tree */
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, NULL /*tree*/, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, NULL /*tree*/, di, drep,
hf_dcom_hresult, &u32HResult);
if (tree) {
@@ -1144,13 +1140,13 @@ dissect_dcom_indexed_HRESULT(tvbuff_t *tvb, int offset, packet_info *pinfo,
int
dissect_dcom_COMVERSION(tvbuff_t *tvb, int offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep,
+ proto_tree *tree, dcerpc_info *di, guint8 *drep,
guint16 * pu16VersionMajor, guint16 * pu16VersionMinor)
{
- offset = dissect_dcom_WORD(tvb, offset, pinfo, tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, tree, di, drep,
hf_dcom_version_major, pu16VersionMajor);
- offset = dissect_dcom_WORD(tvb, offset, pinfo, tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, tree, di, drep,
hf_dcom_version_minor, pu16VersionMinor);
return offset;
@@ -1159,7 +1155,7 @@ dissect_dcom_COMVERSION(tvbuff_t *tvb, int offset, packet_info *pinfo,
int
dissect_dcom_SAFEARRAY(tvbuff_t *tvb, int offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep, int hfindex _U_, sa_callback_t sacb)
+ proto_tree *tree, dcerpc_info *di, guint8 *drep, int hfindex _U_, sa_callback_t sacb)
{
guint32 u32Dims;
guint16 u16Dims;
@@ -1193,16 +1189,16 @@ dissect_dcom_SAFEARRAY(tvbuff_t *tvb, int offset, packet_info *pinfo,
sub_tree = proto_item_add_subtree(sub_item, ett_dcom_safearray);
u32SubStart = offset;
- offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, drep, &u32Pointer);
- offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, drep, &u32Pointer);
+ offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, di, drep, &u32Pointer);
+ offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, di, drep, &u32Pointer);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_sa_dims32, &u32Dims);
- offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_sa_dims16, &u16Dims);
/* feature flags */
- u32TmpOffset = dissect_dcom_WORD(tvb, offset, pinfo, NULL, drep,
+ u32TmpOffset = dissect_dcom_WORD(tvb, offset, pinfo, NULL, di, drep,
hf_dcom_sa_features, &u16Features);
feature_item = proto_tree_add_uint (sub_tree, hf_dcom_sa_features, tvb, offset, 2, u16Features);
feature_tree = proto_item_add_subtree (feature_item, ett_dcom_sa_features);
@@ -1221,63 +1217,63 @@ dissect_dcom_SAFEARRAY(tvbuff_t *tvb, int offset, packet_info *pinfo,
}
offset = u32TmpOffset;
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_sa_element_size, &u32ElementSize);
- offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_sa_locks, &u16Locks);
- offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_sa_vartype16, &u16VarType);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_sa_vartype32, &u32VarType);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_sa_elements, &u32Elements);
- offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, drep, &u32Pointer);
+ offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, di, drep, &u32Pointer);
u32BoundElements = 0;
while(u32Dims--) {
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_sa_bound_elements, &u32BoundElements);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_sa_low_bound, &u32LowBound);
}
- offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, sub_tree, drep, &u32ArraySize);
+ offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, sub_tree, di, drep, &u32ArraySize);
tvb_ensure_bytes_exist(tvb, offset, u32ArraySize * u32ElementSize);
u32VariableOffset = offset + u32ArraySize * u32ElementSize;
if(sacb) {
- sacb(tvb, offset, pinfo, tree, drep, u32VarType, u32ArraySize);
+ sacb(tvb, offset, pinfo, tree, di, drep, u32VarType, u32ArraySize);
}
while(u32ArraySize--) {
switch(u32VarType) {
case(WIRESHARK_VT_ERROR):
- offset = dissect_dcom_HRESULT(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_HRESULT(tvb, offset, pinfo, sub_tree, di, drep,
&u32Data);
break;
case(WIRESHARK_VT_I1):
- offset = dissect_dcom_BYTE(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_BYTE(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_i1, &u8Data);
break;
case(WIRESHARK_VT_I2):
- offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_i2, &u16Data);
break;
case(WIRESHARK_VT_I4):
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_i4, &u32Data);
break;
case(WIRESHARK_VT_I8):
- offset = dissect_dcom_I8(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_I8(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_i8, NULL);
/* take care of the 8 byte alignment */
u32VariableOffset = offset;
break;
case(WIRESHARK_VT_BSTR):
- offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, drep, &u32Pointer);
+ offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, di, drep, &u32Pointer);
if (u32Pointer) {
- u32VariableOffset = dissect_dcom_BSTR(tvb, u32VariableOffset, pinfo, sub_tree, drep,
+ u32VariableOffset = dissect_dcom_BSTR(tvb, u32VariableOffset, pinfo, sub_tree, di, drep,
hf_dcom_vt_bstr, cData, sizeof(cData) );
}
break;
@@ -1308,11 +1304,11 @@ dissect_dcom_SAFEARRAY(tvbuff_t *tvb, int offset, packet_info *pinfo,
int
dissect_dcom_VARTYPE(tvbuff_t *tvb, int offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep,
+ proto_tree *tree, dcerpc_info *di, guint8 *drep,
guint16 *pu16VarType)
{
- offset = dissect_dcom_WORD(tvb, offset, pinfo, tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, tree, di, drep,
hf_dcom_variant_type, pu16VarType);
return offset;
@@ -1321,7 +1317,7 @@ dissect_dcom_VARTYPE(tvbuff_t *tvb, int offset, packet_info *pinfo,
int
dissect_dcom_VARIANT(tvbuff_t *tvb, int offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep, int hfindex)
+ proto_tree *tree, dcerpc_info *di, guint8 *drep, int hfindex)
{
guint32 u32Size;
guint32 u32RPCRes;
@@ -1356,102 +1352,102 @@ dissect_dcom_VARIANT(tvbuff_t *tvb, int offset, packet_info *pinfo,
* BUT: The following data does not start AFTER this padding,
* it starts just after the variant-data (without padding)!!! */
/* Conclusion: the size given here can be LONGER than the actual size */
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_variant_size, &u32Size);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_variant_rpc_res, &u32RPCRes);
- offset = dissect_dcom_VARTYPE(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_VARTYPE(tvb, offset, pinfo, sub_tree, di, drep,
&u16VarType);
- offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_variant_wres, &u16Res);
- offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_variant_wres, &u16Res);
- offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_variant_wres, &u16Res);
/* 32 bit VarType (slightly different to the 16 bit one) */
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_variant_type32, &u32VarType);
if (u32VarType & WIRESHARK_VT_BYREF) {
u32VarType &=~WIRESHARK_VT_BYREF;
- offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, drep, &u32Pointer);
+ offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, di, drep, &u32Pointer);
}
switch (u32VarType) {
case(WIRESHARK_VT_EMPTY):
break;
case(WIRESHARK_VT_BOOL):
- offset = dissect_dcom_VARIANT_BOOL(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_VARIANT_BOOL(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_bool, &u16Data);
break;
case(WIRESHARK_VT_I1):
- offset = dissect_dcom_BYTE(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_BYTE(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_i1, &u8Data);
break;
case(WIRESHARK_VT_UI1):
- offset = dissect_dcom_BYTE(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_BYTE(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_ui1, &u8Data);
break;
case(WIRESHARK_VT_I2):
- offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_i2, &u16Data);
break;
case(WIRESHARK_VT_UI2):
- offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_ui2, &u16Data);
break;
case(WIRESHARK_VT_I4):
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_i4, &u32Data);
break;
case(WIRESHARK_VT_UI4):
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_ui4, &u32Data);
break;
case(WIRESHARK_VT_R4):
- offset = dissect_dcom_FLOAT(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_FLOAT(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_r4, &f32Data);
break;
case(WIRESHARK_VT_R8):
- offset = dissect_dcom_DOUBLE(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DOUBLE(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_r8, &f64Data);
break;
case(WIRESHARK_VT_DATE):
- offset = dissect_dcom_DATE(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DATE(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_date, &f64Data);
break;
case(WIRESHARK_VT_BSTR):
- offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, drep, &u32Pointer);
+ offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, di, drep, &u32Pointer);
if (u32Pointer) {
- offset = dissect_dcom_BSTR(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_BSTR(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_bstr, cData, sizeof(cData) );
}
break;
case(WIRESHARK_VT_DISPATCH):
- offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, drep, &u32Pointer);
+ offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, di, drep, &u32Pointer);
if (u32Pointer) {
- offset = dissect_dcom_MInterfacePointer(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_MInterfacePointer(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_dispatch, NULL); /* XXX - how to handle this? */
}
break;
case(WIRESHARK_VT_ARRAY):
- offset = dissect_dcom_SAFEARRAY(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_SAFEARRAY(tvb, offset, pinfo, sub_tree, di, drep,
0, NULL);
break;
case(WIRESHARK_VT_ERROR):
- offset = dissect_dcom_HRESULT(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_HRESULT(tvb, offset, pinfo, sub_tree, di, drep,
0);
break;
case(WIRESHARK_VT_VARIANT):
- offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, drep, &u32Pointer);
+ offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, di, drep, &u32Pointer);
if (u32Pointer) {
- offset = dissect_dcom_VARIANT(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_VARIANT(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_vt_byref /* must be BYREF */);
}
break;
case(WIRESHARK_VT_UNKNOWN):
- offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, drep, &u32Pointer);
+ offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, di, drep, &u32Pointer);
break;
default:
/* XXX: add more types here! */
@@ -1471,7 +1467,7 @@ dissect_dcom_VARIANT(tvbuff_t *tvb, int offset, packet_info *pinfo,
int
dissect_dcom_UUID(tvbuff_t *tvb, int offset,
- packet_info *pinfo, proto_tree *tree, guint8 *drep,
+ packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep,
int hfindex, e_uuid_t *pdata)
{
const gchar *uuid_name;
@@ -1480,7 +1476,7 @@ dissect_dcom_UUID(tvbuff_t *tvb, int offset,
/* get the UUID, but don't put it into the tree */
- offset = dissect_ndr_uuid_t(tvb, offset, pinfo, NULL, drep,
+ offset = dissect_ndr_uuid_t(tvb, offset, pinfo, NULL, di, drep,
hfindex, &uuid);
/* add to the tree */
@@ -1516,7 +1512,7 @@ dissect_dcom_UUID(tvbuff_t *tvb, int offset,
int
dissect_dcom_append_UUID(tvbuff_t *tvb, int offset,
- packet_info *pinfo, proto_tree *tree, guint8 *drep,
+ packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep,
int hfindex, int field_index, e_uuid_t *uuid)
{
const gchar *uuid_name;
@@ -1527,7 +1523,7 @@ dissect_dcom_append_UUID(tvbuff_t *tvb, int offset,
/* XXX - this is far from being performance optimized! */
/* get the UUID, but don't put it into the tree */
- offset = dissect_ndr_uuid_t(tvb, offset, pinfo, NULL, drep,
+ offset = dissect_ndr_uuid_t(tvb, offset, pinfo, NULL, di, drep,
hfindex, uuid);
/* look for a registered uuid name */
@@ -1643,7 +1639,7 @@ dcom_tvb_get_nwstringz0(tvbuff_t *tvb, gint offset, guint32 inLength, gchar *psz
/* u32MaxStr is maximum length of string (including trailing zero) */
int
dissect_dcom_indexed_LPWSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep, int hfindex,
+ proto_tree *tree, dcerpc_info *di, guint8 *drep, int hfindex,
gchar *pszStr, guint32 u32MaxStr, int field_index)
{
guint32 u32MaxCount;
@@ -1666,11 +1662,11 @@ dissect_dcom_indexed_LPWSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
sub_tree = proto_item_add_subtree(sub_item, ett_dcom_lpwstr);
u32SubStart = offset;
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_max_count, &u32MaxCount);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_offset, &u32Offset);
- offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, sub_tree, di, drep,
&u32ArraySize);
u32StrStart = offset;
@@ -1696,12 +1692,12 @@ dissect_dcom_indexed_LPWSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
int
dissect_dcom_LPWSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep, int hfindex,
+ proto_tree *tree, dcerpc_info *di, guint8 *drep, int hfindex,
gchar *pszStr, guint32 u32MaxStr)
{
- return dissect_dcom_indexed_LPWSTR(tvb, offset, pinfo, tree, drep,
+ return dissect_dcom_indexed_LPWSTR(tvb, offset, pinfo, tree, di, drep,
hfindex, pszStr, u32MaxStr, -1);
}
@@ -1711,7 +1707,7 @@ dissect_dcom_LPWSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
/* (Hint: the BSTR space is always as long as the maximum size) */
int
dissect_dcom_BSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep, int hfindex,
+ proto_tree *tree, dcerpc_info *di, guint8 *drep, int hfindex,
gchar *pszStr, guint32 u32MaxStr)
{
guint32 u32MaxCount;
@@ -1734,11 +1730,11 @@ dissect_dcom_BSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
sub_tree = proto_item_add_subtree(sub_item, ett_dcom_lpwstr);
u32SubStart = offset;
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_max_count, &u32MaxCount);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_byte_length, &u32ByteLength);
- offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, sub_tree, di, drep,
&u32ArraySize);
u32RealOffset = offset + u32ArraySize*2;
@@ -1762,7 +1758,7 @@ dissect_dcom_BSTR(tvbuff_t *tvb, gint offset, packet_info *pinfo,
/* dissect an DUALSTRINGARRAY */
int
dissect_dcom_DUALSTRINGARRAY(tvbuff_t *tvb, gint offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep, int hfindex, gchar *ip)
+ proto_tree *tree, dcerpc_info *di, guint8 *drep, int hfindex, gchar *ip)
{
guint16 u16NumEntries;
guint16 u16SecurityOffset;
@@ -1791,11 +1787,11 @@ dissect_dcom_DUALSTRINGARRAY(tvbuff_t *tvb, gint offset, packet_info *pinfo,
sub_item = proto_tree_add_item(tree, hfindex, tvb, offset, 0, ENC_BIG_ENDIAN);
sub_tree = proto_item_add_subtree(sub_item, ett_dcom_dualstringarray);
- offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_dualstringarray_num_entries, &u16NumEntries);
/* from here, alignment is ok */
u32SubStart = offset - 2;
- offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_dualstringarray_security_offset, &u16SecurityOffset);
/* STRINGBINDINGs until first wchar zero */
@@ -1806,7 +1802,7 @@ dissect_dcom_DUALSTRINGARRAY(tvbuff_t *tvb, gint offset, packet_info *pinfo,
subsub_tree = proto_item_add_subtree(subsub_item, ett_dcom_dualstringarray_binding);
u32SubSubStart = offset;
- offset = dissect_dcom_WORD(tvb, offset, pinfo, subsub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, subsub_tree, di, drep,
hf_dcom_dualstringarray_string_tower_id, &u16TowerId);
u32Start = offset;
/* we don't know the (zero terminated) input length, use the buffer length instead */
@@ -1853,10 +1849,10 @@ dissect_dcom_DUALSTRINGARRAY(tvbuff_t *tvb, gint offset, packet_info *pinfo,
subsub_tree = proto_item_add_subtree(subsub_item, ett_dcom_dualstringarray_binding);
u32SubSubStart = offset;
- offset = dissect_dcom_WORD(tvb, offset, pinfo, subsub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, subsub_tree, di, drep,
hf_dcom_dualstringarray_security_authn_svc,
&u16SecurityAuthnSvc);
- offset = dissect_dcom_WORD(tvb, offset, pinfo, subsub_tree, drep,
+ offset = dissect_dcom_WORD(tvb, offset, pinfo, subsub_tree, di, drep,
hf_dcom_dualstringarray_security_authz_svc,
&u16SecurityAuthzSvc);
@@ -1884,7 +1880,7 @@ dissect_dcom_DUALSTRINGARRAY(tvbuff_t *tvb, gint offset, packet_info *pinfo,
/* dissect an STDOBJREF */
int
dissect_dcom_STDOBJREF(tvbuff_t *tvb, gint offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep, int hfindex _U_,
+ proto_tree *tree, dcerpc_info *di, guint8 *drep, int hfindex _U_,
guint64 *oxid, guint64 *oid, e_uuid_t *ipid)
{
guint32 u32Flags;
@@ -1898,17 +1894,17 @@ dissect_dcom_STDOBJREF(tvbuff_t *tvb, gint offset, packet_info *pinfo,
sub_item = proto_tree_add_item(tree, hf_dcom_stdobjref, tvb, offset, 0, ENC_NA);
sub_tree = proto_item_add_subtree(sub_item, ett_dcom_stdobjref);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_stdobjref_flags, &u32Flags);
/* from here, alignment is ok */
u32SubStart = offset - 4;
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_stdobjref_public_refs, &u32PublicRefs);
- offset = dissect_dcom_ID(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_ID(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_oxid, oxid);
- offset = dissect_dcom_ID(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_ID(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_oid, oid);
- offset = dissect_dcom_UUID(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_UUID(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_ipid, ipid);
/* append info to subtree header */
@@ -1991,7 +1987,7 @@ dcom_get_rountine_by_uuid(const e_uuid_t* uuid)
/* dissect an CUSTOM */
int
dissect_dcom_CUSTOBJREF(tvbuff_t *tvb, gint offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep, int hfindex,
+ proto_tree *tree, dcerpc_info *di, guint8 *drep, int hfindex,
e_uuid_t *clsid, e_uuid_t *iid)
{
guint32 u32CBExtension;
@@ -2008,17 +2004,17 @@ dissect_dcom_CUSTOBJREF(tvbuff_t *tvb, gint offset, packet_info *pinfo,
sub_tree = proto_item_add_subtree(sub_item, ett_dcom_custobjref);
u32SubStart = offset;
- offset = dissect_dcom_UUID(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_UUID(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_clsid, clsid);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_objref_cbextension, &u32CBExtension);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_objref_size, &u32Size);
/* the following data depends on the iid, get the routine by iid */
routine = dcom_get_rountine_by_uuid(iid);
if (routine){
- offset = routine(tvb, offset, pinfo, sub_tree, drep, 0);
+ offset = routine(tvb, offset, pinfo, sub_tree, di, drep, 0);
}
/* append info to subtree header */
@@ -2031,7 +2027,7 @@ dissect_dcom_CUSTOBJREF(tvbuff_t *tvb, gint offset, packet_info *pinfo,
/* dissect an OBJREF */
int
dissect_dcom_OBJREF(tvbuff_t *tvb, gint offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep, int hfindex, dcom_interface_t **interf)
+ proto_tree *tree, dcerpc_info *di, guint8 *drep, int hfindex, dcom_interface_t **interf)
{
guint32 u32Signature;
guint32 u32Flags;
@@ -2052,32 +2048,32 @@ dissect_dcom_OBJREF(tvbuff_t *tvb, gint offset, packet_info *pinfo,
sub_item = proto_tree_add_item(tree, hf_dcom_objref, tvb, offset, 0, ENC_NA);
sub_tree = proto_item_add_subtree(sub_item, ett_dcom_objref);
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_objref_signature, &u32Signature);
/* from here, alignment is ok */
u32SubStart = offset - 4;
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_objref_flags, &u32Flags);
- offset = dissect_dcom_UUID(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_UUID(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_iid, &iid);
switch(u32Flags) {
case(0x1): /* standard */
- offset = dissect_dcom_STDOBJREF(tvb, offset, pinfo, sub_tree, drep, hfindex,
+ offset = dissect_dcom_STDOBJREF(tvb, offset, pinfo, sub_tree, di, drep, hfindex,
&oxid, &oid, &ipid);
- offset = dissect_dcom_DUALSTRINGARRAY(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DUALSTRINGARRAY(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_objref_resolver_address, ip);
break;
case(0x2): /* handler (untested) */
- offset = dissect_dcom_STDOBJREF(tvb, offset, pinfo, sub_tree, drep, hfindex,
+ offset = dissect_dcom_STDOBJREF(tvb, offset, pinfo, sub_tree, di, drep, hfindex,
&oxid, &oid, &iid);
- offset = dissect_dcom_UUID(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_UUID(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_clsid, &clsid);
- offset = dissect_dcom_DUALSTRINGARRAY(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DUALSTRINGARRAY(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_objref_resolver_address, ip);
break;
case(0x4): /* custom */
- offset = dissect_dcom_CUSTOBJREF(tvb, offset, pinfo, sub_tree, drep, hfindex,
+ offset = dissect_dcom_CUSTOBJREF(tvb, offset, pinfo, sub_tree, di, drep, hfindex,
&clsid, &iid);
break;
}
@@ -2104,7 +2100,7 @@ dissect_dcom_OBJREF(tvbuff_t *tvb, gint offset, packet_info *pinfo,
/* dissect an MInterfacePointer */
int
dissect_dcom_MInterfacePointer(tvbuff_t *tvb, gint offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep, int hfindex, dcom_interface_t **interf)
+ proto_tree *tree, dcerpc_info *di, guint8 *drep, int hfindex, dcom_interface_t **interf)
{
guint32 u32CntData;
guint32 u32ArraySize;
@@ -2121,13 +2117,13 @@ dissect_dcom_MInterfacePointer(tvbuff_t *tvb, gint offset, packet_info *pinfo,
sub_item = proto_tree_add_item(tree, hfindex, tvb, offset, 0, ENC_BIG_ENDIAN);
sub_tree = proto_item_add_subtree(sub_item, ett_dcom_interface_pointer);
- offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, sub_tree, drep, &u32ArraySize);
+ offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, sub_tree, di, drep, &u32ArraySize);
u32SubStart = offset - 4; /* should use this trick to deal with align pad if any */
- offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, drep,
+ offset = dissect_dcom_DWORD(tvb, offset, pinfo, sub_tree, di, drep,
hf_dcom_ip_cnt_data, &u32CntData);
- offset = dissect_dcom_OBJREF(tvb, offset, pinfo, sub_tree, drep, hfindex, interf);
+ offset = dissect_dcom_OBJREF(tvb, offset, pinfo, sub_tree, di, drep, hfindex, interf);
/* append info to subtree header */
proto_item_set_len(sub_item, offset - u32SubStart);
@@ -2138,15 +2134,15 @@ dissect_dcom_MInterfacePointer(tvbuff_t *tvb, gint offset, packet_info *pinfo,
/* dissect a pointer to a MInterfacePointer */
int
dissect_dcom_PMInterfacePointer(tvbuff_t *tvb, gint offset, packet_info *pinfo,
- proto_tree *tree, guint8 *drep, int hfindex, dcom_interface_t **interf)
+ proto_tree *tree, dcerpc_info *di, guint8 *drep, int hfindex, dcom_interface_t **interf)
{
guint32 u32Pointer;
- offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, tree, drep, &u32Pointer);
+ offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, tree, di, drep, &u32Pointer);
if (u32Pointer) {
- offset = dissect_dcom_MInterfacePointer(tvb, offset, pinfo, tree, drep, hfindex, interf);
+ offset = dissect_dcom_MInterfacePointer(tvb, offset, pinfo, tree, di, drep, hfindex, interf);
} else {
if(interf != NULL) {
*interf = NULL;
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-24 13:11:48 +0000