Ethereal-dev: Re: [Ethereal-dev] [PATCH] packet-dcerpc.c: clamp to tvb length and display mult

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Charles Levert <chuck@xxxxxxxxxxxxxxxx>
Date: Sun, 28 Nov 2004 04:54:19 -0500
* On Saturday 2004-11-27 at 16:17:58 -0800, Guy Harris wrote:
> Exceptions are *supposed* to be provoked by invalid packets.

Ok.  I have removed the extra length check from my patch.  I have
added a dissection line to account for padding octets, if any (they
were just skipped without explanation, previously).  The main change
of the patch remains breaking the message down into separate lines for
improved readability.



[ Generated with ude,
    the unified-format diff-output ("unidiff") editor,
    version 0.1 of 2004-11-03.  ]
--- epan/dissectors/packet-dcerpc.c.svn-12128	2004-10-30 00:37:33 -0400
+++ epan/dissectors/packet-dcerpc.c	2004-11-28 04:17:08 -0500
@@ -6 +6 @@
  * $Id: packet-dcerpc.c 12128 2004-09-29 00:06:36Z guy $
@@ -33,6 +33,7 @@
 
 #include <glib.h>
 #include <epan/packet.h>
+#include <epan/strutil.h>
 #include <epan/dissectors/packet-dcerpc.h>
 #include <epan/conversation.h>
 #include <epan/prefs.h>
@@ -413,6 +414,7 @@
 static gint ett_dcerpc_dg_flags2 = -1;
 static gint ett_dcerpc_pointer_data = -1;
 static gint ett_dcerpc_string = -1;
+static gint ett_dcerpc_line = -1;
 static gint ett_dcerpc_fragments = -1;
 static gint ett_dcerpc_fragment = -1;
 static gint ett_dcerpc_krb5_auth_verf = -1;
@@ -1242,7 +1244,7 @@ dissect_ndr_cvstring(tvbuff_t *tvb, int 
     proto_item *string_item;
     proto_tree *string_tree;
     guint32 len, buffer_len;
-    char *s;
+    char *s, *s1;
     header_field_info *hfinfo;
 
     di=pinfo->private_data;
@@ -1251,7 +1253,7 @@ dissect_ndr_cvstring(tvbuff_t *tvb, int 
       return offset;
     }
 
-    if (add_subtree) {
+    if (tree && add_subtree) {
         string_item = proto_tree_add_text(tree, tvb, offset, -1, "%s",
                                           proto_registrar_get_name(hfindex));
         string_tree = proto_item_add_subtree(string_item, ett_dcerpc_string);
@@ -1274,12 +1276,21 @@ dissect_ndr_cvstring(tvbuff_t *tvb, int 
     buffer_len = size_is * len;
 
     /* Adjust offset */
-    if (offset % size_is)
-        offset += size_is - (offset % size_is);
+    if (offset % size_is) {
+	int pad = size_is - (offset % size_is);
+
+	if (tree)
+	    proto_tree_add_text(string_tree, tvb, offset, pad,
+				"Padding to %d-bit alignment: %d octet%s",
+				size_is*8, pad, (pad > 1) ? "s" : "");
+        offset += pad;
+    }
+
+    s1 = NULL;
 
     if (size_is == sizeof(guint16)) {
         /* XXX - use drep to determine the byte order? */
-        s = tvb_fake_unicode(tvb, offset, buffer_len / 2, TRUE);
+        s = tvb_fake_unicode(tvb, offset, buffer_len / 2, drep[0] & 0x10);
         /*
          * XXX - we don't support a string type with Unicode
          * characters, so if this is a string item, we make
@@ -1291,8 +1302,7 @@ dissect_ndr_cvstring(tvbuff_t *tvb, int 
                 proto_tree_add_string(string_tree, hfindex, tvb, offset,
                                       buffer_len, s);
             } else {
-                proto_tree_add_item(string_tree, hfindex, tvb, offset,
-                                    buffer_len, drep[0] & 0x10);
+                s1 = s;
             }
         }
     } else {
@@ -1306,10 +1316,48 @@ dissect_ndr_cvstring(tvbuff_t *tvb, int 
          */
         s = tvb_get_string(tvb, offset, buffer_len);
         if (tree && buffer_len)
-            proto_tree_add_item(string_tree, hfindex, tvb, offset,
-                                buffer_len, drep[0] & 0x10);
+            s1 = s;
     }
 
+    if (s1) {
+	proto_item *line_item;
+	char *s2;
+	char *end = s + buffer_len / size_is;
+
+	line_item = proto_tree_add_item(string_tree, hfindex, tvb, offset,
+					buffer_len, drep[0] & 0x10);
+	s2 = strchr(s1, '\n');
+	if (s2)
+	    s2++;
+	else
+	    s2 = s1 + strlen(s1);
+	if (s2 < end) {
+	    proto_tree *line_tree;
+
+	    line_tree = proto_item_add_subtree(line_item, ett_dcerpc_line);
+	    for (;;) {
+		len = s2 - s1;
+		if (!len) {
+			while (s2 < end && !*s2)
+				s2++;
+			len = s2 - s1;
+		}
+		proto_tree_add_text(line_tree, tvb,
+				    offset + (s1 - s) * size_is,
+				    len * size_is,
+				    "%s", format_text(s1, len));
+		if (s2 >= end)
+		    break;
+		s1 = s2;
+		s2 = strchr(s1, '\n');
+		if (s2)
+		    s2++;
+		else
+		    s2 = s1 + strlen(s1);
+	    }
+	}
+    }
+
     if (string_item != NULL)
         proto_item_append_text(string_item, ": %s", s);
 
@@ -4835,6 +4883,7 @@ proto_register_dcerpc (void)
         &ett_dcerpc_dg_flags2,
         &ett_dcerpc_pointer_data,
         &ett_dcerpc_string,
+        &ett_dcerpc_line,
         &ett_dcerpc_fragments,
         &ett_dcerpc_fragment,
         &ett_dcerpc_krb5_auth_verf,