1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
/* packet-smb-common.c
* Common routines for smb packet dissection
* Copyright 2000, Jeffrey C. Foster <jfoste@woodward.com>
*
* Wireshark - Network traffic analyzer
* By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
* Copied from packet-pop.c
*
* SPDX-License-Identifier: GPL-2.0-or-later
*/
#include "config.h"
#include <epan/packet.h>
#include <epan/strutil.h>
#include "packet-smb-common.h"
#include "packet-dns.h"
/*
* Share type values - used in LANMAN and in SRVSVC.
*
* XXX - should we dissect share type values, at least in SRVSVC, as
* a subtree with bitfields, as the 0x80000000 bit appears to be a
* hidden bit, with some number of bits at the bottom being the share
* type?
*
* Does LANMAN use that bit?
*/
const value_string share_type_vals[] = {
{0, "Directory tree"},
{1, "Printer queue"},
{2, "Communications device"},
{3, "IPC"},
{0x80000000, "Hidden Directory tree"},
{0x80000001, "Hidden Printer queue"},
{0x80000002, "Hidden Communications device"},
{0x80000003, "Hidden IPC"},
{0, NULL}
};
int display_ms_string(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, int hf_index, char **data)
{
char *str;
gint len;
/* display a string from the tree and return the new offset */
str = tvb_get_stringz_enc(pinfo->pool, tvb, offset, &len, ENC_ASCII);
proto_tree_add_string(tree, hf_index, tvb, offset, len, str);
/* Return a copy of the string if requested */
if (data)
*data = str;
return offset+len;
}
int display_unicode_string(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, int hf_index, char **data)
{
char *str;
int len;
/* display a unicode string from the tree and return new offset */
str = tvb_get_stringz_enc(pinfo->pool, tvb, offset, &len, ENC_UTF_16|ENC_LITTLE_ENDIAN);
proto_tree_add_string(tree, hf_index, tvb, offset, len, str);
/* Return a copy of the string if requested */
if (data)
*data = str;
return offset+len;
}
/* Max string length for displaying Unicode strings. */
#define MAX_UNICODE_STR_LEN 256
int dissect_ms_compressed_string(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, int hf_index,
const char **data)
{
int compr_len;
gint str_len;
const gchar *str = NULL;
/* The name data MUST start at offset 0 of the tvb */
compr_len = get_dns_name(tvb, offset, MAX_UNICODE_STR_LEN+3+1, 0, &str, &str_len);
proto_tree_add_string(tree, hf_index, tvb, offset, compr_len, format_text(pinfo->pool, str, str_len));
if (data)
*data = str;
return offset + compr_len;
}
/*
* Editor modelines - https://www.wireshark.org/tools/modelines.html
*
* Local variables:
* c-basic-offset: 8
* tab-width: 8
* indent-tabs-mode: t
* End:
*
* vi: set shiftwidth=8 tabstop=8 noexpandtab:
* :indentSize=8:tabSize=8:noTabs=false:
*/
|
