Upgrade tcpdump to tcpdump-4.99.1
Test: make
Change-Id: I052ed8f5279c806e4d2ff925f581b71db3ac03c0
diff --git a/smbutil.c b/smbutil.c
index fc9b3cc..ff32ecc 100644
--- a/smbutil.c
+++ b/smbutil.c
@@ -7,23 +7,36 @@
*/
#ifdef HAVE_CONFIG_H
-#include "config.h"
+#include <config.h>
#endif
-#include <netdissect-stdinc.h>
+#include "netdissect-stdinc.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include "netdissect-ctype.h"
+
#include "netdissect.h"
#include "extract.h"
#include "smb.h"
+static int stringlen_is_set;
static uint32_t stringlen;
extern const u_char *startbuf;
/*
+ * Reset SMB state.
+ */
+void
+smb_reset(void)
+{
+ stringlen_is_set = 0;
+ stringlen = 0;
+}
+
+/*
* interpret a 32 bit dos packed date/time to some parameters
*/
static void
@@ -69,11 +82,11 @@
* in network byte order
*/
static time_t
-make_unix_date(const u_char *date_ptr)
+make_unix_date(netdissect_options *ndo, const u_char *date_ptr)
{
uint32_t dos_date = 0;
- dos_date = EXTRACT_LE_32BITS(date_ptr);
+ dos_date = GET_LE_U_4(date_ptr);
return int_unix_date(dos_date);
}
@@ -83,11 +96,11 @@
* in halfword-swapped network byte order!
*/
static time_t
-make_unix_date2(const u_char *date_ptr)
+make_unix_date2(netdissect_options *ndo, const u_char *date_ptr)
{
uint32_t x, x2;
- x = EXTRACT_LE_32BITS(date_ptr);
+ x = GET_LE_U_4(date_ptr);
x2 = ((x & 0xFFFF) << 16) | ((x & 0xFFFF0000) >> 16);
return int_unix_date(x2);
}
@@ -97,13 +110,13 @@
* It's originally in "100ns units since jan 1st 1601"
*/
static time_t
-interpret_long_date(const u_char *p)
+interpret_long_date(netdissect_options *ndo, const u_char *p)
{
double d;
time_t ret;
/* this gives us seconds since jan 1st 1601 (approx) */
- d = (EXTRACT_LE_32BITS(p + 4) * 256.0 + p[3]) * (1.0e-7 * (1 << 24));
+ d = (GET_LE_U_4(p + 4) * 256.0 + GET_U_1(p + 3)) * (1.0e-7 * (1 << 24));
/* now adjust by 369 years to make the secs since 1970 */
d -= 369.0 * 365.25 * 24 * 60 * 60;
@@ -128,29 +141,31 @@
const u_char *in, const u_char *maxbuf, char *out)
{
int ret;
- int len;
+ u_int len;
if (in >= maxbuf)
return(-1); /* name goes past the end of the buffer */
- ND_TCHECK2(*in, 1);
- len = (*in++) / 2;
+ len = GET_U_1(in) / 2;
+ in++;
*out=0;
- if (len > 30 || len < 1)
+ if (len > 30 || len == 0)
return(0);
- while (len--) {
- ND_TCHECK2(*in, 2);
+ while (len) {
+ ND_TCHECK_2(in);
if (in + 1 >= maxbuf)
return(-1); /* name goes past the end of the buffer */
- if (in[0] < 'A' || in[0] > 'P' || in[1] < 'A' || in[1] > 'P') {
+ if (GET_U_1(in) < 'A' || GET_U_1(in) > 'P' ||
+ GET_U_1(in + 1) < 'A' || GET_U_1(in + 1) > 'P') {
*out = 0;
return(0);
}
- *out = ((in[0] - 'A') << 4) + (in[1] - 'A');
+ *out = ((GET_U_1(in) - 'A') << 4) + (GET_U_1(in + 1) - 'A');
in += 2;
out++;
+ len--;
}
*out = 0;
ret = out[-1];
@@ -166,7 +181,7 @@
*/
static const u_char *
name_ptr(netdissect_options *ndo,
- const u_char *buf, int ofs, const u_char *maxbuf)
+ const u_char *buf, u_int ofs, const u_char *maxbuf)
{
const u_char *p;
u_char c;
@@ -174,18 +189,17 @@
p = buf + ofs;
if (p >= maxbuf)
return(NULL); /* name goes past the end of the buffer */
- ND_TCHECK2(*p, 1);
- c = *p;
+ c = GET_U_1(p);
/* XXX - this should use the same code that the DNS dissector does */
if ((c & 0xC0) == 0xC0) {
uint16_t l;
- ND_TCHECK2(*p, 2);
+ ND_TCHECK_2(p);
if ((p + 1) >= maxbuf)
return(NULL); /* name goes past the end of the buffer */
- l = EXTRACT_16BITS(p) & 0x3FFF;
+ l = GET_BE_U_2(p) & 0x3FFF;
if (l == 0) {
/* We have a pointer that points to itself. */
return(NULL);
@@ -193,7 +207,7 @@
p = buf + l;
if (p >= maxbuf)
return(NULL); /* name goes past the end of the buffer */
- ND_TCHECK2(*p, 1);
+ ND_TCHECK_1(p);
}
return(p);
@@ -206,7 +220,7 @@
*/
static int
name_extract(netdissect_options *ndo,
- const u_char *buf, int ofs, const u_char *maxbuf, char *name)
+ const u_char *buf, u_int ofs, const u_char *maxbuf, char *name)
{
const u_char *p = name_ptr(ndo, buf, ofs, maxbuf);
if (p == NULL)
@@ -221,25 +235,23 @@
*/
static int
name_len(netdissect_options *ndo,
- const unsigned char *s, const unsigned char *maxbuf)
+ const u_char *s, const u_char *maxbuf)
{
- const unsigned char *s0 = s;
+ const u_char *s0 = s;
unsigned char c;
if (s >= maxbuf)
return(-1); /* name goes past the end of the buffer */
- ND_TCHECK2(*s, 1);
- c = *s;
+ c = GET_U_1(s);
if ((c & 0xC0) == 0xC0)
return(2);
- while (*s) {
+ while (GET_U_1(s)) {
if (s >= maxbuf)
return(-1); /* name goes past the end of the buffer */
- ND_TCHECK2(*s, 1);
- s += (*s) + 1;
- ND_TCHECK2(*s, 1);
+ s += GET_U_1(s) + 1;
+ ND_TCHECK_1(s);
}
- return(PTR_DIFF(s, s0) + 1);
+ return(ND_BYTES_BETWEEN(s, s0) + 1);
trunc:
return(-1); /* name goes past the end of the buffer */
@@ -247,11 +259,11 @@
static void
print_asc(netdissect_options *ndo,
- const unsigned char *buf, int len)
+ const u_char *buf, u_int len)
{
- int i;
+ u_int i;
for (i = 0; i < len; i++)
- safeputchar(ndo, buf[i]);
+ fn_print_char(ndo, GET_U_1(buf + i));
}
static const char *
@@ -272,51 +284,45 @@
}
void
-smb_print_data(netdissect_options *ndo, const unsigned char *buf, int len)
+smb_data_print(netdissect_options *ndo, const u_char *buf, u_int len)
{
- int i = 0;
+ u_int i = 0;
- if (len <= 0)
+ if (len == 0)
return;
- ND_PRINT((ndo, "[%03X] ", i));
+ ND_PRINT("[%03X] ", i);
for (i = 0; i < len; /*nothing*/) {
- ND_TCHECK(buf[i]);
- ND_PRINT((ndo, "%02X ", buf[i] & 0xff));
+ ND_PRINT("%02X ", GET_U_1(buf + i) & 0xff);
i++;
if (i%8 == 0)
- ND_PRINT((ndo, " "));
+ ND_PRINT(" ");
if (i % 16 == 0) {
- print_asc(ndo, &buf[i - 16], 8);
- ND_PRINT((ndo, " "));
- print_asc(ndo, &buf[i - 8], 8);
- ND_PRINT((ndo, "\n"));
+ print_asc(ndo, buf + i - 16, 8);
+ ND_PRINT(" ");
+ print_asc(ndo, buf + i - 8, 8);
+ ND_PRINT("\n");
if (i < len)
- ND_PRINT((ndo, "[%03X] ", i));
+ ND_PRINT("[%03X] ", i);
}
}
if (i % 16) {
int n;
n = 16 - (i % 16);
- ND_PRINT((ndo, " "));
+ ND_PRINT(" ");
if (n>8)
- ND_PRINT((ndo, " "));
+ ND_PRINT(" ");
while (n--)
- ND_PRINT((ndo, " "));
+ ND_PRINT(" ");
- n = min(8, i % 16);
- print_asc(ndo, &buf[i - (i % 16)], n);
- ND_PRINT((ndo, " "));
+ n = ND_MIN(8, i % 16);
+ print_asc(ndo, buf + i - (i % 16), n);
+ ND_PRINT(" ");
n = (i % 16) - n;
if (n > 0)
- print_asc(ndo, &buf[i - n], n);
- ND_PRINT((ndo, "\n"));
+ print_asc(ndo, buf + i - n, n);
+ ND_PRINT("\n");
}
- return;
-
-trunc:
- ND_PRINT((ndo, "\n"));
- ND_PRINT((ndo, "WARNING: Short packet. Try increasing the snap length\n"));
}
@@ -325,12 +331,12 @@
unsigned int val, const char *fmt)
{
const char *p = fmt;
- int i = 0;
+ u_int i = 0;
while ((p = strchr(fmt, '|'))) {
- size_t l = PTR_DIFF(p, fmt);
+ u_int l = ND_BYTES_BETWEEN(p, fmt);
if (l && (val & (1 << i)))
- ND_PRINT((ndo, "%.*s ", (int)l, fmt));
+ ND_PRINT("%.*s ", (int)l, fmt);
fmt = p + 1;
i++;
}
@@ -338,13 +344,13 @@
/* convert a UCS-2 string into an ASCII string */
#define MAX_UNISTR_SIZE 1000
-static const char *
-unistr(netdissect_options *ndo,
- const u_char *s, uint32_t *len, int use_unicode)
+static const u_char *
+unistr(netdissect_options *ndo, char (*buf)[MAX_UNISTR_SIZE+1],
+ const u_char *s, uint32_t strsize, int is_null_terminated,
+ int use_unicode)
{
- static char buf[MAX_UNISTR_SIZE+1];
+ u_int c;
size_t l = 0;
- uint32_t strsize;
const u_char *sp;
if (use_unicode) {
@@ -352,82 +358,108 @@
* Skip padding that puts the string on an even boundary.
*/
if (((s - startbuf) % 2) != 0) {
- ND_TCHECK(s[0]);
+ ND_TCHECK_1(s);
s++;
}
}
- if (*len == 0) {
+ if (is_null_terminated) {
/*
* Null-terminated string.
+ * Find the length, counting the terminating NUL.
*/
strsize = 0;
sp = s;
if (!use_unicode) {
for (;;) {
- ND_TCHECK(sp[0]);
- *len += 1;
- if (sp[0] == 0)
- break;
+ c = GET_U_1(sp);
sp++;
+ strsize++;
+ if (c == '\0')
+ break;
}
- strsize = *len - 1;
} else {
for (;;) {
- ND_TCHECK2(sp[0], 2);
- *len += 2;
- if (sp[0] == 0 && sp[1] == 0)
- break;
+ c = GET_LE_U_2(sp);
sp += 2;
+ strsize += 2;
+ if (c == '\0')
+ break;
}
- strsize = *len - 2;
}
- } else {
- /*
- * Counted string.
- */
- strsize = *len;
}
if (!use_unicode) {
while (strsize != 0) {
- ND_TCHECK(s[0]);
- if (l >= MAX_UNISTR_SIZE)
- break;
- if (ND_ISPRINT(s[0]))
- buf[l] = s[0];
- else {
- if (s[0] == 0)
- break;
- buf[l] = '.';
- }
- l++;
+ c = GET_U_1(s);
s++;
strsize--;
+ if (c == 0) {
+ /*
+ * Even counted strings may have embedded null
+ * terminators, so quit here, and skip past
+ * the rest of the data.
+ *
+ * Make sure, however, that the rest of the data
+ * is there, so we don't overflow the buffer when
+ * skipping past it.
+ */
+ ND_TCHECK_LEN(s, strsize);
+ s += strsize;
+ strsize = 0;
+ break;
+ }
+ if (l < MAX_UNISTR_SIZE) {
+ if (ND_ASCII_ISPRINT(c)) {
+ /* It's a printable ASCII character */
+ (*buf)[l] = (char)c;
+ } else {
+ /* It's a non-ASCII character or a non-printable ASCII character */
+ (*buf)[l] = '.';
+ }
+ l++;
+ }
}
} else {
- while (strsize != 0) {
- ND_TCHECK2(s[0], 2);
- if (l >= MAX_UNISTR_SIZE)
- break;
- if (s[1] == 0 && ND_ISPRINT(s[0])) {
- /* It's a printable ASCII character */
- buf[l] = s[0];
- } else {
- /* It's a non-ASCII character or a non-printable ASCII character */
- if (s[0] == 0 && s[1] == 0)
- break;
- buf[l] = '.';
- }
- l++;
+ while (strsize > 1) {
+ c = GET_LE_U_2(s);
s += 2;
- if (strsize == 1)
- break;
strsize -= 2;
+ if (c == 0) {
+ /*
+ * Even counted strings may have embedded null
+ * terminators, so quit here, and skip past
+ * the rest of the data.
+ *
+ * Make sure, however, that the rest of the data
+ * is there, so we don't overflow the buffer when
+ * skipping past it.
+ */
+ ND_TCHECK_LEN(s, strsize);
+ s += strsize;
+ strsize = 0;
+ break;
+ }
+ if (l < MAX_UNISTR_SIZE) {
+ if (ND_ASCII_ISPRINT(c)) {
+ /* It's a printable ASCII character */
+ (*buf)[l] = (char)c;
+ } else {
+ /* It's a non-ASCII character or a non-printable ASCII character */
+ (*buf)[l] = '.';
+ }
+ l++;
+ }
+ }
+ if (strsize == 1) {
+ /* We have half of a code point; skip past it */
+ ND_TCHECK_1(s);
+ s++;
}
}
- buf[l] = 0;
- return buf;
+ (*buf)[l] = 0;
+ return s;
trunc:
+ (*buf)[l] = 0;
return NULL;
}
@@ -438,19 +470,18 @@
{
int reverse = 0;
const char *attrib_fmt = "READONLY|HIDDEN|SYSTEM|VOLUME|DIR|ARCHIVE|";
+ char strbuf[MAX_UNISTR_SIZE+1];
while (*fmt && buf<maxbuf) {
switch (*fmt) {
case 'a':
- ND_TCHECK(buf[0]);
- write_bits(ndo, buf[0], attrib_fmt);
+ write_bits(ndo, GET_U_1(buf), attrib_fmt);
buf++;
fmt++;
break;
case 'A':
- ND_TCHECK2(buf[0], 2);
- write_bits(ndo, EXTRACT_LE_16BITS(buf), attrib_fmt);
+ write_bits(ndo, GET_LE_U_2(buf), attrib_fmt);
buf += 2;
fmt++;
break;
@@ -459,19 +490,18 @@
{
char bitfmt[128];
char *p;
- int l;
+ u_int l;
p = strchr(++fmt, '}');
- l = PTR_DIFF(p, fmt);
+ l = ND_BYTES_BETWEEN(p, fmt);
- if ((unsigned int)l > sizeof(bitfmt) - 1)
- l = sizeof(bitfmt)-1;
+ if (l > sizeof(bitfmt) - 1)
+ l = sizeof(bitfmt)-1;
strncpy(bitfmt, fmt, l);
bitfmt[l] = '\0';
fmt = p + 1;
- ND_TCHECK(buf[0]);
- write_bits(ndo, buf[0], bitfmt);
+ write_bits(ndo, GET_U_1(buf), bitfmt);
buf++;
break;
}
@@ -479,10 +509,10 @@
case 'P':
{
int l = atoi(fmt + 1);
- ND_TCHECK2(buf[0], l);
+ ND_TCHECK_LEN(buf, l);
buf += l;
fmt++;
- while (isdigit((unsigned char)*fmt))
+ while (ND_ASCII_ISDIGIT(*fmt))
fmt++;
break;
}
@@ -493,31 +523,28 @@
case 'b':
{
unsigned int x;
- ND_TCHECK(buf[0]);
- x = buf[0];
- ND_PRINT((ndo, "%u (0x%x)", x, x));
+ x = GET_U_1(buf);
+ ND_PRINT("%u (0x%x)", x, x);
buf += 1;
fmt++;
break;
}
case 'd':
{
- unsigned int x;
- ND_TCHECK2(buf[0], 2);
- x = reverse ? EXTRACT_16BITS(buf) :
- EXTRACT_LE_16BITS(buf);
- ND_PRINT((ndo, "%d (0x%x)", x, x));
+ int x;
+ x = reverse ? GET_BE_S_2(buf) :
+ GET_LE_S_2(buf);
+ ND_PRINT("%d (0x%x)", x, x);
buf += 2;
fmt++;
break;
}
case 'D':
{
- unsigned int x;
- ND_TCHECK2(buf[0], 4);
- x = reverse ? EXTRACT_32BITS(buf) :
- EXTRACT_LE_32BITS(buf);
- ND_PRINT((ndo, "%d (0x%x)", x, x));
+ int x;
+ x = reverse ? GET_BE_S_4(buf) :
+ GET_LE_S_4(buf);
+ ND_PRINT("%d (0x%x)", x, x);
buf += 4;
fmt++;
break;
@@ -525,26 +552,45 @@
case 'L':
{
uint64_t x;
- ND_TCHECK2(buf[0], 8);
- x = reverse ? EXTRACT_64BITS(buf) :
- EXTRACT_LE_64BITS(buf);
- ND_PRINT((ndo, "%" PRIu64 " (0x%" PRIx64 ")", x, x));
+ x = reverse ? GET_BE_U_8(buf) :
+ GET_LE_U_8(buf);
+ ND_PRINT("%" PRIu64 " (0x%" PRIx64 ")", x, x);
buf += 8;
fmt++;
break;
}
+ case 'u':
+ {
+ unsigned int x;
+ x = reverse ? GET_BE_U_2(buf) :
+ GET_LE_U_2(buf);
+ ND_PRINT("%u (0x%x)", x, x);
+ buf += 2;
+ fmt++;
+ break;
+ }
+ case 'U':
+ {
+ unsigned int x;
+ x = reverse ? GET_BE_U_4(buf) :
+ GET_LE_U_4(buf);
+ ND_PRINT("%u (0x%x)", x, x);
+ buf += 4;
+ fmt++;
+ break;
+ }
case 'M':
{
/* Weird mixed-endian length values in 64-bit locks */
uint32_t x1, x2;
uint64_t x;
- ND_TCHECK2(buf[0], 8);
- x1 = reverse ? EXTRACT_32BITS(buf) :
- EXTRACT_LE_32BITS(buf);
- x2 = reverse ? EXTRACT_32BITS(buf + 4) :
- EXTRACT_LE_32BITS(buf + 4);
+ ND_TCHECK_8(buf);
+ x1 = reverse ? GET_BE_U_4(buf) :
+ GET_LE_U_4(buf);
+ x2 = reverse ? GET_BE_U_4(buf + 4) :
+ GET_LE_U_4(buf + 4);
x = (((uint64_t)x1) << 32) | x2;
- ND_PRINT((ndo, "%" PRIu64 " (0x%" PRIx64 ")", x, x));
+ ND_PRINT("%" PRIu64 " (0x%" PRIx64 ")", x, x);
buf += 8;
fmt++;
break;
@@ -552,9 +598,8 @@
case 'B':
{
unsigned int x;
- ND_TCHECK(buf[0]);
- x = buf[0];
- ND_PRINT((ndo, "0x%X", x));
+ x = GET_U_1(buf);
+ ND_PRINT("0x%X", x);
buf += 1;
fmt++;
break;
@@ -562,10 +607,9 @@
case 'w':
{
unsigned int x;
- ND_TCHECK2(buf[0], 2);
- x = reverse ? EXTRACT_16BITS(buf) :
- EXTRACT_LE_16BITS(buf);
- ND_PRINT((ndo, "0x%X", x));
+ x = reverse ? GET_BE_U_2(buf) :
+ GET_LE_U_2(buf);
+ ND_PRINT("0x%X", x);
buf += 2;
fmt++;
break;
@@ -573,10 +617,9 @@
case 'W':
{
unsigned int x;
- ND_TCHECK2(buf[0], 4);
- x = reverse ? EXTRACT_32BITS(buf) :
- EXTRACT_LE_32BITS(buf);
- ND_PRINT((ndo, "0x%X", x));
+ x = reverse ? GET_BE_U_4(buf) :
+ GET_LE_U_4(buf);
+ ND_PRINT("0x%X", x);
buf += 4;
fmt++;
break;
@@ -587,25 +630,27 @@
switch (*fmt) {
case 'b':
- ND_TCHECK(buf[0]);
- stringlen = buf[0];
- ND_PRINT((ndo, "%u", stringlen));
+ stringlen = GET_U_1(buf);
+ stringlen_is_set = 1;
+ ND_PRINT("%u", stringlen);
buf += 1;
break;
case 'd':
- ND_TCHECK2(buf[0], 2);
- stringlen = reverse ? EXTRACT_16BITS(buf) :
- EXTRACT_LE_16BITS(buf);
- ND_PRINT((ndo, "%u", stringlen));
+ case 'u':
+ stringlen = reverse ? GET_BE_U_2(buf) :
+ GET_LE_U_2(buf);
+ stringlen_is_set = 1;
+ ND_PRINT("%u", stringlen);
buf += 2;
break;
case 'D':
- ND_TCHECK2(buf[0], 4);
- stringlen = reverse ? EXTRACT_32BITS(buf) :
- EXTRACT_LE_32BITS(buf);
- ND_PRINT((ndo, "%u", stringlen));
+ case 'U':
+ stringlen = reverse ? GET_BE_U_4(buf) :
+ GET_LE_U_4(buf);
+ stringlen_is_set = 1;
+ ND_PRINT("%u", stringlen);
buf += 4;
break;
}
@@ -616,78 +661,75 @@
case 'R': /* like 'S', but always ASCII */
{
/*XXX unistr() */
- const char *s;
- uint32_t len;
-
- len = 0;
- s = unistr(ndo, buf, &len, (*fmt == 'R') ? 0 : unicodestr);
- if (s == NULL)
+ buf = unistr(ndo, &strbuf, buf, 0, 1, (*fmt == 'R') ? 0 : unicodestr);
+ ND_PRINT("%s", strbuf);
+ if (buf == NULL)
goto trunc;
- ND_PRINT((ndo, "%s", s));
- buf += len;
fmt++;
break;
}
case 'Z':
case 'Y': /* like 'Z', but always ASCII */
{
- const char *s;
- uint32_t len;
-
- ND_TCHECK(*buf);
- if (*buf != 4 && *buf != 2) {
- ND_PRINT((ndo, "Error! ASCIIZ buffer of type %u", *buf));
+ if (GET_U_1(buf) != 4 && GET_U_1(buf) != 2) {
+ ND_PRINT("Error! ASCIIZ buffer of type %u", GET_U_1(buf));
return maxbuf; /* give up */
}
- len = 0;
- s = unistr(ndo, buf + 1, &len, (*fmt == 'Y') ? 0 : unicodestr);
- if (s == NULL)
+ buf = unistr(ndo, &strbuf, buf + 1, 0, 1, (*fmt == 'Y') ? 0 : unicodestr);
+ ND_PRINT("%s", strbuf);
+ if (buf == NULL)
goto trunc;
- ND_PRINT((ndo, "%s", s));
- buf += len + 1;
fmt++;
break;
}
case 's':
{
int l = atoi(fmt + 1);
- ND_TCHECK2(*buf, l);
- ND_PRINT((ndo, "%-*.*s", l, l, buf));
+ ND_TCHECK_LEN(buf, l);
+ ND_PRINT("%-*.*s", l, l, buf);
buf += l;
fmt++;
- while (isdigit((unsigned char)*fmt))
+ while (ND_ASCII_ISDIGIT(*fmt))
fmt++;
break;
}
case 'c':
{
- ND_TCHECK2(*buf, stringlen);
- ND_PRINT((ndo, "%-*.*s", (int)stringlen, (int)stringlen, buf));
+ if (!stringlen_is_set) {
+ ND_PRINT("{stringlen not set}");
+ goto trunc;
+ }
+ ND_TCHECK_LEN(buf, stringlen);
+ ND_PRINT("%-*.*s", (int)stringlen, (int)stringlen, buf);
buf += stringlen;
fmt++;
- while (isdigit((unsigned char)*fmt))
+ while (ND_ASCII_ISDIGIT(*fmt))
fmt++;
break;
}
case 'C':
{
- const char *s;
- s = unistr(ndo, buf, &stringlen, unicodestr);
- if (s == NULL)
+ if (!stringlen_is_set) {
+ ND_PRINT("{stringlen not set}");
+ goto trunc;
+ }
+ buf = unistr(ndo, &strbuf, buf, stringlen, 0, unicodestr);
+ ND_PRINT("%s", strbuf);
+ if (buf == NULL)
goto trunc;
- ND_PRINT((ndo, "%s", s));
- buf += stringlen;
fmt++;
break;
}
case 'h':
{
int l = atoi(fmt + 1);
- ND_TCHECK2(*buf, l);
- while (l--)
- ND_PRINT((ndo, "%02x", *buf++));
+ ND_TCHECK_LEN(buf, l);
+ while (l--) {
+ ND_PRINT("%02x", GET_U_1(buf));
+ buf++;
+ }
fmt++;
- while (isdigit((unsigned char)*fmt))
+ while (ND_ASCII_ISDIGIT(*fmt))
fmt++;
break;
}
@@ -700,7 +742,7 @@
switch (t) {
case 1:
- name_type = name_extract(ndo, startbuf, PTR_DIFF(buf, startbuf),
+ name_type = name_extract(ndo, startbuf, ND_BYTES_BETWEEN(buf, startbuf),
maxbuf, nbuf);
if (name_type < 0)
goto trunc;
@@ -708,19 +750,18 @@
if (len < 0)
goto trunc;
buf += len;
- ND_PRINT((ndo, "%-15.15s NameType=0x%02X (%s)", nbuf, name_type,
- name_type_str(name_type)));
+ ND_PRINT("%-15.15s NameType=0x%02X (%s)", nbuf, name_type,
+ name_type_str(name_type));
break;
case 2:
- ND_TCHECK(buf[15]);
- name_type = buf[15];
- ND_PRINT((ndo, "%-15.15s NameType=0x%02X (%s)", buf, name_type,
- name_type_str(name_type)));
+ name_type = GET_U_1(buf + 15);
+ ND_PRINT("%-15.15s NameType=0x%02X (%s)", buf, name_type,
+ name_type_str(name_type));
buf += 16;
break;
}
fmt++;
- while (isdigit((unsigned char)*fmt))
+ while (ND_ASCII_ISDIGIT(*fmt))
fmt++;
break;
}
@@ -733,26 +774,24 @@
switch (atoi(fmt + 1)) {
case 1:
- ND_TCHECK2(buf[0], 4);
- x = EXTRACT_LE_32BITS(buf);
+ x = GET_LE_U_4(buf);
if (x == 0 || x == 0xFFFFFFFF)
t = 0;
else
- t = make_unix_date(buf);
+ t = make_unix_date(ndo, buf);
buf += 4;
break;
case 2:
- ND_TCHECK2(buf[0], 4);
- x = EXTRACT_LE_32BITS(buf);
+ x = GET_LE_U_4(buf);
if (x == 0 || x == 0xFFFFFFFF)
t = 0;
else
- t = make_unix_date2(buf);
+ t = make_unix_date2(ndo, buf);
buf += 4;
break;
case 3:
- ND_TCHECK2(buf[0], 8);
- t = interpret_long_date(buf);
+ ND_TCHECK_8(buf);
+ t = interpret_long_date(ndo, buf);
buf += 8;
break;
default:
@@ -767,27 +806,26 @@
tstring = "(Can't convert time)\n";
} else
tstring = "NULL\n";
- ND_PRINT((ndo, "%s", tstring));
+ ND_PRINT("%s", tstring);
fmt++;
- while (isdigit((unsigned char)*fmt))
+ while (ND_ASCII_ISDIGIT(*fmt))
fmt++;
break;
}
default:
- ND_PRINT((ndo, "%c", *fmt));
+ ND_PRINT("%c", *fmt);
fmt++;
break;
}
}
if (buf >= maxbuf && *fmt)
- ND_PRINT((ndo, "END OF BUFFER\n"));
+ ND_PRINT("END OF BUFFER\n");
return(buf);
trunc:
- ND_PRINT((ndo, "\n"));
- ND_PRINT((ndo, "WARNING: Short packet. Try increasing the snap length\n"));
+ nd_print_trunc(ndo);
return(NULL);
}
@@ -803,11 +841,26 @@
while (*fmt) {
switch (*fmt) {
case '*':
+ /*
+ * List of multiple instances of something described by the
+ * remainder of the string (which may itself include a list
+ * of multiple instances of something, so we recurse).
+ */
fmt++;
while (buf < maxbuf) {
const u_char *buf2;
depth++;
- buf2 = smb_fdata(ndo, buf, fmt, maxbuf, unicodestr);
+ /*
+ * In order to avoid stack exhaustion recurse at most 10
+ * levels; that "should not happen", as no SMB structure
+ * should be nested *that* deeply, and we thus shouldn't
+ * have format strings with that level of nesting.
+ */
+ if (depth == 10) {
+ ND_PRINT("(too many nested levels, not recursing)");
+ buf2 = buf;
+ } else
+ buf2 = smb_fdata(ndo, buf, fmt, maxbuf, unicodestr);
depth--;
if (buf2 == NULL)
return(NULL);
@@ -818,22 +871,35 @@
return(buf);
case '|':
+ /*
+ * Just do a bounds check.
+ */
fmt++;
if (buf >= maxbuf)
return(buf);
break;
case '%':
+ /*
+ * XXX - unused?
+ */
fmt++;
buf = maxbuf;
break;
case '#':
+ /*
+ * Done?
+ */
fmt++;
return(buf);
break;
case '[':
+ /*
+ * Format of an item, enclosed in square brackets; dissect
+ * the item with smb_fdata1().
+ */
fmt++;
if (buf >= maxbuf)
return(buf);
@@ -847,20 +913,32 @@
s[p - fmt] = '\0';
fmt = p + 1;
buf = smb_fdata1(ndo, buf, s, maxbuf, unicodestr);
- if (buf == NULL)
+ if (buf == NULL) {
+ /*
+ * Truncated.
+ * Is the next character a newline?
+ * If so, print it before quitting, so we don't
+ * get stuff in the middle of the line.
+ */
+ if (*fmt == '\n')
+ ND_PRINT("\n");
return(NULL);
+ }
break;
default:
- ND_PRINT((ndo, "%c", *fmt));
+ /*
+ * Not a formatting character, so just print it.
+ */
+ ND_PRINT("%c", *fmt);
fmt++;
break;
}
}
if (!depth && buf < maxbuf) {
- size_t len = PTR_DIFF(maxbuf, buf);
- ND_PRINT((ndo, "Data: (%lu bytes)\n", (unsigned long)len));
- smb_print_data(ndo, buf, len);
+ u_int len = ND_BYTES_BETWEEN(maxbuf, buf);
+ ND_PRINT("Data: (%u bytes)\n", len);
+ smb_data_print(ndo, buf, len);
return(buf + len);
}
return(buf);
@@ -983,7 +1061,7 @@
/*
* return a SMB error string from a SMB buffer
*/
-char *
+const char *
smb_errstr(int class, int num)
{
static char ret[128];
@@ -1832,7 +1910,7 @@
{ 0xC002100A, "RPC_P_SEND_FAILED" },
{ 0xC002100B, "RPC_P_TIMEOUT" },
{ 0xC002100C, "RPC_P_SERVER_TRANSPORT_ERROR" },
- { 0xC002100E, "RPC_P_EXCEPTION_OCCURED" },
+ { 0xC002100E, "RPC_P_EXCEPTION_OCCURRED" },
{ 0xC0021012, "RPC_P_CONNECTION_SHUTDOWN" },
{ 0xC0021015, "RPC_P_THREAD_LISTENING" },
{ 0xC0030001, "RPC_NT_NO_MORE_ENTRIES" },