summaryrefslogtreecommitdiff
path: root/epan/dissectors
diff options
context:
space:
mode:
authorGuy Harris <guy@alum.mit.edu>2011-07-19 23:02:02 +0000
committerGuy Harris <guy@alum.mit.edu>2011-07-19 23:02:02 +0000
commitc34b7964459f4b9b6af597a08505a5c7e6907e19 (patch)
treeab893f3a939c2a9a6d469f071dd1460217832ef3 /epan/dissectors
parent3991a62d31744199b7ae5ee3bac192d2f9b0b9cb (diff)
downloadwireshark-c34b7964459f4b9b6af597a08505a5c7e6907e19.tar.gz
Add a DREP_LITTLE_ENDIAN for the DCE RPC endianness bit in the data
representation. Use it rather than a raw 0x10. Add a DREP_ENC_INTEGER() macro that takes a pointer to the data representation and returns either ENC_LITTLE_ENDIAN or ENC_BIG_ENDIAN; use it for the encoding argument to proto_tree_add_item(), rather than just the AND of drep[0] and DREP_LITTLE_ENDIAN, as it's not a boolean any more, and for string values we'll be supporting character encodings as well and thus won't be able to trust that the 0x10 bit will mean "little endian". Use ENC_NA for some other encoding values, i.e. for FT_BYTES and the like. Fix a couple of places in the DCOM dissector where we were passing the byte-order bit rather than the field value to proto_tree_add_uint_format(). Clean up white space. svn path=/trunk/; revision=38128
Diffstat (limited to 'epan/dissectors')
-rw-r--r--epan/dissectors/dcerpc/drsuapi/packet-dcerpc-drsuapi-template.c2
-rw-r--r--epan/dissectors/packet-dcerpc-drsuapi.c2
-rw-r--r--epan/dissectors/packet-dcerpc-netlogon.c9
-rw-r--r--epan/dissectors/packet-dcerpc-nt.c12
-rw-r--r--epan/dissectors/packet-dcerpc-spoolss.c4
-rw-r--r--epan/dissectors/packet-dcerpc.c60
-rw-r--r--epan/dissectors/packet-dcerpc.h11
-rw-r--r--epan/dissectors/packet-dcom.c8
8 files changed, 71 insertions, 37 deletions
diff --git a/epan/dissectors/dcerpc/drsuapi/packet-dcerpc-drsuapi-template.c b/epan/dissectors/dcerpc/drsuapi/packet-dcerpc-drsuapi-template.c
index 973f24a8fe..fbc29754c5 100644
--- a/epan/dissectors/dcerpc/drsuapi/packet-dcerpc-drsuapi-template.c
+++ b/epan/dissectors/dcerpc/drsuapi/packet-dcerpc-drsuapi-template.c
@@ -80,7 +80,7 @@ ucarray_drsuapi_dissect_DsReplicaSyncRequest1Info_nc_dn(tvbuff_t *tvb, int offse
len, s);
} else {
proto_tree_add_item(tree, hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn, tvb, offset,
- len, drep[0] & 0x10);
+ len, DREP_ENC_INTEGER(drep));
}
}
diff --git a/epan/dissectors/packet-dcerpc-drsuapi.c b/epan/dissectors/packet-dcerpc-drsuapi.c
index f14c6a6703..13c0b58a08 100644
--- a/epan/dissectors/packet-dcerpc-drsuapi.c
+++ b/epan/dissectors/packet-dcerpc-drsuapi.c
@@ -583,7 +583,7 @@ ucarray_drsuapi_dissect_DsReplicaSyncRequest1Info_nc_dn(tvbuff_t *tvb, int offse
len, s);
} else {
proto_tree_add_item(tree, hf_drsuapi_DsReplicaSyncRequest1Info_nc_dn, tvb, offset,
- len, drep[0] & 0x10);
+ len, DREP_ENC_INTEGER(drep));
}
}
diff --git a/epan/dissectors/packet-dcerpc-netlogon.c b/epan/dissectors/packet-dcerpc-netlogon.c
index d53ba224b3..3d5432af5e 100644
--- a/epan/dissectors/packet-dcerpc-netlogon.c
+++ b/epan/dissectors/packet-dcerpc-netlogon.c
@@ -486,12 +486,13 @@ static gint dissect_dcerpc_8bytes (tvbuff_t *tvb, gint offset, packet_info *pinf
{
guint64 data;
- data = ((drep[0] & 0x10)
+ data = ((drep[0] & DREP_LITTLE_ENDIAN)
? tvb_get_letoh64 (tvb, offset)
: tvb_get_ntoh64 (tvb, offset));
+ /* These fields are FT_BYTES, hence the byte order doesn't matter */
if (tree) {
- proto_tree_add_item(tree, hfindex, tvb, offset, 8, (drep[0] & 0x10));
+ proto_tree_add_item(tree, hfindex, tvb, offset, 8, ENC_NA);
}
if (pdata)
*pdata = data;
@@ -7662,8 +7663,8 @@ static int dissect_secchan_nl_auth_message(tvbuff_t *tvb, int offset,
hf_netlogon_secchan_nl_message_type, &messagetype);
/* Flags */
- proto_tree_add_bitmask(subtree, tvb, offset, hf_netlogon_secchan_nl_message_flags, ett_secchan_nl_auth_message_flags, flag_fields, (drep[0] & 0x10));
- messageflags = ((drep[0] & 0x10)
+ proto_tree_add_bitmask(subtree, tvb, offset, hf_netlogon_secchan_nl_message_flags, ett_secchan_nl_auth_message_flags, flag_fields, (drep[0] & DREP_LITTLE_ENDIAN));
+ messageflags = ((drep[0] & DREP_LITTLE_ENDIAN)
? tvb_get_letohl (tvb, offset)
: tvb_get_ntohl (tvb, offset));
offset += 4;
diff --git a/epan/dissectors/packet-dcerpc-nt.c b/epan/dissectors/packet-dcerpc-nt.c
index 3c967480cb..53ce6639a4 100644
--- a/epan/dissectors/packet-dcerpc-nt.c
+++ b/epan/dissectors/packet-dcerpc-nt.c
@@ -1094,7 +1094,7 @@ dissect_nt_guid_hnd(tvbuff_t *tvb, gint offset, packet_info *pinfo,
int
dissect_dcerpc_uint8s(tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
- proto_tree *tree, guint8 *drep, int hfindex,
+ proto_tree *tree, guint8 *drep _U_, int hfindex,
int length, const guint8 **pdata)
{
const guint8 *data;
@@ -1102,7 +1102,8 @@ dissect_dcerpc_uint8s(tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
data = (const guint8 *)tvb_get_ptr(tvb, offset, length);
if (tree) {
- proto_tree_add_item (tree, hfindex, tvb, offset, length, (drep[0] & 0x10));
+ /* This should be an FT_BYTES, so the byte order should not matter */
+ proto_tree_add_item (tree, hfindex, tvb, offset, length, ENC_NA);
}
if (pdata)
@@ -1135,7 +1136,12 @@ dissect_dcerpc_uint16s(tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
int length)
{
if (tree) {
- proto_tree_add_item (tree, hfindex, tvb, offset, length * 2, (drep[0] & 0x10));
+ /* These are FT_BYTES fields, so the byte order should not matter;
+ however, perhaps there should be an FT_HEXADECTETS type,
+ or something such as that, with each pair of octets
+ displayed as a single unit, in which case the byte order
+ would matter, so we'll calculate the byte order here. */
+ proto_tree_add_item (tree, hfindex, tvb, offset, length * 2, DREP_ENC_INTEGER(drep));
}
return offset + length * 2;
diff --git a/epan/dissectors/packet-dcerpc-spoolss.c b/epan/dissectors/packet-dcerpc-spoolss.c
index fed38809be..8511e0be0e 100644
--- a/epan/dissectors/packet-dcerpc-spoolss.c
+++ b/epan/dissectors/packet-dcerpc-spoolss.c
@@ -440,7 +440,7 @@ dissect_spoolss_buffer_data(tvbuff_t *tvb, int offset, packet_info *pinfo,
item = proto_tree_add_item(
tree, hf_buffer_data, tvb, offset - size,
- size, drep[0] & 0x10);
+ size, ENC_NA);
/* Return buffer info */
@@ -1562,7 +1562,7 @@ dissect_DEVMODE(tvbuff_t *tvb, int offset, packet_info *pinfo,
if (print_quality < 0)
proto_tree_add_item(
subtree, hf_devmode_print_quality, tvb,
- offset - 2, 2, drep[0] & 0x10);
+ offset - 2, 2, DREP_ENC_INTEGER(drep));
else
proto_tree_add_text(
subtree, tvb, offset - 4, 4,
diff --git a/epan/dissectors/packet-dcerpc.c b/epan/dissectors/packet-dcerpc.c
index 3791007e2d..f1ded072d3 100644
--- a/epan/dissectors/packet-dcerpc.c
+++ b/epan/dissectors/packet-dcerpc.c
@@ -1053,7 +1053,7 @@ dissect_dcerpc_uint8 (tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
data = tvb_get_guint8 (tvb, offset);
if (tree) {
- proto_tree_add_item (tree, hfindex, tvb, offset, 1, (drep[0] & 0x10));
+ proto_tree_add_item (tree, hfindex, tvb, offset, 1, DREP_ENC_INTEGER(drep));
}
if (pdata)
*pdata = data;
@@ -1067,12 +1067,12 @@ dissect_dcerpc_uint16 (tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
{
guint16 data;
- data = ((drep[0] & 0x10)
+ data = ((drep[0] & DREP_LITTLE_ENDIAN)
? tvb_get_letohs (tvb, offset)
: tvb_get_ntohs (tvb, offset));
if (tree) {
- proto_tree_add_item (tree, hfindex, tvb, offset, 2, (drep[0] & 0x10));
+ proto_tree_add_item (tree, hfindex, tvb, offset, 2, DREP_ENC_INTEGER(drep));
}
if (pdata)
*pdata = data;
@@ -1086,12 +1086,12 @@ dissect_dcerpc_uint32 (tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
{
guint32 data;
- data = ((drep[0] & 0x10)
+ data = ((drep[0] & DREP_LITTLE_ENDIAN)
? tvb_get_letohl (tvb, offset)
: tvb_get_ntohl (tvb, offset));
if (tree) {
- proto_tree_add_item (tree, hfindex, tvb, offset, 4, (drep[0] & 0x10));
+ proto_tree_add_item (tree, hfindex, tvb, offset, 4, DREP_ENC_INTEGER(drep));
}
if (pdata)
*pdata = data;
@@ -1107,7 +1107,7 @@ dissect_dcerpc_time_t (tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
guint32 data;
nstime_t tv;
- data = ((drep[0] & 0x10)
+ data = ((drep[0] & DREP_LITTLE_ENDIAN)
? tvb_get_letohl (tvb, offset)
: tvb_get_ntohl (tvb, offset));
@@ -1134,7 +1134,7 @@ dissect_dcerpc_uint64 (tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
{
guint64 data;
- data = ((drep[0] & 0x10)
+ data = ((drep[0] & DREP_LITTLE_ENDIAN)
? tvb_get_letoh64 (tvb, offset)
: tvb_get_ntoh64 (tvb, offset));
@@ -1175,7 +1175,7 @@ dissect_dcerpc_float(tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
switch(drep[1]) {
case(DCE_RPC_DREP_FP_IEEE):
- data = ((drep[0] & 0x10)
+ data = ((drep[0] & DREP_LITTLE_ENDIAN)
? tvb_get_letohieee_float(tvb, offset)
: tvb_get_ntohieee_float(tvb, offset));
if (tree) {
@@ -1209,7 +1209,7 @@ dissect_dcerpc_double(tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
switch(drep[1]) {
case(DCE_RPC_DREP_FP_IEEE):
- data = ((drep[0] & 0x10)
+ data = ((drep[0] & DREP_LITTLE_ENDIAN)
? tvb_get_letohieee_double(tvb, offset)
: tvb_get_ntohieee_double(tvb, offset));
if (tree) {
@@ -1241,7 +1241,7 @@ dissect_dcerpc_uuid_t (tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
e_uuid_t uuid;
- if (drep[0] & 0x10) {
+ if (drep[0] & DREP_LITTLE_ENDIAN) {
tvb_get_letohguid (tvb, offset, (e_guid_t *) &uuid);
} else {
tvb_get_ntohguid (tvb, offset, (e_guid_t *) &uuid);
@@ -1262,7 +1262,7 @@ dissect_dcerpc_uuid_t (tvbuff_t *tvb, gint offset, packet_info *pinfo _U_,
guint16
dcerpc_tvb_get_ntohs (tvbuff_t *tvb, gint offset, guint8 *drep)
{
- if (drep[0] & 0x10) {
+ if (drep[0] & DREP_LITTLE_ENDIAN) {
return tvb_get_letohs (tvb, offset);
} else {
return tvb_get_ntohs (tvb, offset);
@@ -1272,7 +1272,7 @@ dcerpc_tvb_get_ntohs (tvbuff_t *tvb, gint offset, guint8 *drep)
guint32
dcerpc_tvb_get_ntohl (tvbuff_t *tvb, gint offset, guint8 *drep)
{
- if (drep[0] & 0x10) {
+ if (drep[0] & DREP_LITTLE_ENDIAN) {
return tvb_get_letohl (tvb, offset);
} else {
return tvb_get_ntohl (tvb, offset);
@@ -1282,7 +1282,7 @@ dcerpc_tvb_get_ntohl (tvbuff_t *tvb, gint offset, guint8 *drep)
void
dcerpc_tvb_get_uuid (tvbuff_t *tvb, gint offset, guint8 *drep, e_uuid_t *uuid)
{
- if (drep[0] & 0x10) {
+ if (drep[0] & DREP_LITTLE_ENDIAN) {
tvb_get_letohguid (tvb, offset, (e_guid_t *) uuid);
} else {
tvb_get_ntohguid (tvb, offset, (e_guid_t *) uuid);
@@ -1481,7 +1481,7 @@ dissect_ndr_byte_array(tvbuff_t *tvb, int offset, packet_info *pinfo,
if (tree && len) {
tvb_ensure_bytes_exist(tvb, offset, (guint32)len);
proto_tree_add_item(tree, hf_dcerpc_array_buffer,
- tvb, offset, (guint32)len, drep[0] & 0x10);
+ tvb, offset, (guint32)len, ENC_NA);
}
offset += (guint32)len;
@@ -1545,6 +1545,10 @@ dissect_ndr_cvstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
if (size_is == sizeof(guint16)) {
/* XXX - use drep to determine the byte order? */
+ /* XXX - once we have an ENC_ value for UTF-16, just use
+ proto_tree_add_item() with the appropriate ENC_ value? */
+ /* XXX - should this ever be used with something that's *not*
+ an FT_STRING? */
s = tvb_get_unicode_string(tvb, offset, buffer_len, ENC_LITTLE_ENDIAN);
if (tree && buffer_len) {
@@ -1555,7 +1559,7 @@ dissect_ndr_cvstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
buffer_len, s);
} else {
proto_tree_add_item(string_tree, hfindex, tvb, offset,
- buffer_len, drep[0] & 0x10);
+ buffer_len, DREP_ENC_INTEGER(drep));
}
}
} else {
@@ -1566,12 +1570,16 @@ dissect_ndr_cvstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
* (It won't help if the length is *valid* but immensely large,
* but that's another matter; in any case, that would happen only
* if we had an immensely large tvbuff....)
+ *
+ * XXX - if this is an octet string, does the byte order
+ * matter? Will this ever be anything *other* than an
+ * octet string? What if size_is is neither 1 nor 2?
*/
tvb_ensure_bytes_exist(tvb, offset, buffer_len);
s = tvb_get_ephemeral_string(tvb, offset, buffer_len);
if (tree && buffer_len)
proto_tree_add_item(string_tree, hfindex, tvb, offset,
- buffer_len, drep[0] & 0x10);
+ buffer_len, DREP_ENC_INTEGER(drep));
}
if (string_item != NULL)
@@ -1727,6 +1735,10 @@ dissect_ndr_vstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
if (size_is == sizeof(guint16)) {
/* XXX - use drep to determine the byte order? */
+ /* XXX - once we have an ENC_ value for UTF-16, just use
+ proto_tree_add_item() with the appropriate ENC_ value? */
+ /* XXX - should this ever be used with something that's *not*
+ an FT_STRING? */
s = tvb_get_unicode_string(tvb, offset, buffer_len, ENC_LITTLE_ENDIAN);
if (tree && buffer_len) {
@@ -1737,7 +1749,7 @@ dissect_ndr_vstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
buffer_len, s);
} else {
proto_tree_add_item(string_tree, hfindex, tvb, offset,
- buffer_len, drep[0] & 0x10);
+ buffer_len, DREP_ENC_INTEGER(drep));
}
}
} else {
@@ -1748,12 +1760,16 @@ dissect_ndr_vstring(tvbuff_t *tvb, int offset, packet_info *pinfo,
* (It won't help if the length is *valid* but immensely large,
* but that's another matter; in any case, that would happen only
* if we had an immensely large tvbuff....)
+ *
+ * XXX - if this is an octet string, does the byte order
+ * matter? Will this ever be anything *other* than an
+ * octet string? What if size_is is neither 1 nor 2?
*/
tvb_ensure_bytes_exist(tvb, offset, buffer_len);
s = tvb_get_ephemeral_string(tvb, offset, buffer_len);
if (tree && buffer_len)
proto_tree_add_item(string_tree, hfindex, tvb, offset,
- buffer_len, drep[0] & 0x10);
+ buffer_len, DREP_ENC_INTEGER(drep));
}
if (string_item != NULL)
@@ -2809,7 +2825,7 @@ dissect_dcerpc_cn_bind (tvbuff_t *tvb, gint offset, packet_info *pinfo,
if (dcerpc_tree) {
ctx_item = proto_tree_add_item(dcerpc_tree, hf_dcerpc_cn_ctx_item,
tvb, offset, 0,
- hdr->drep[0] & 0x10);
+ ENC_NA);
ctx_tree = proto_item_add_subtree(ctx_item, ett_dcerpc_cn_ctx);
}
@@ -2845,7 +2861,7 @@ dissect_dcerpc_cn_bind (tvbuff_t *tvb, gint offset, packet_info *pinfo,
}
offset += 16;
- if (hdr->drep[0] & 0x10) {
+ if (hdr->drep[0] & DREP_LITTLE_ENDIAN) {
offset = dissect_dcerpc_uint16 (tvb, offset, pinfo, iface_tree, hdr->drep,
hf_dcerpc_cn_bind_if_ver, &if_ver);
offset = dissect_dcerpc_uint16 (tvb, offset, pinfo, iface_tree, hdr->drep,
@@ -3744,12 +3760,12 @@ dissect_dcerpc_cn_fault (tvbuff_t *tvb, gint offset, packet_info *pinfo,
/*offset = dissect_dcerpc_uint32 (tvb, offset, pinfo, dcerpc_tree, hdr->drep,
hf_dcerpc_cn_status, &status);*/
- status = ((hdr->drep[0] & 0x10)
+ status = ((hdr->drep[0] & DREP_LITTLE_ENDIAN)
? tvb_get_letohl (tvb, offset)
: tvb_get_ntohl (tvb, offset));
if (dcerpc_tree) {
- pi = proto_tree_add_item (dcerpc_tree, hf_dcerpc_cn_status, tvb, offset, 4, (hdr->drep[0] & 0x10));
+ pi = proto_tree_add_item (dcerpc_tree, hf_dcerpc_cn_status, tvb, offset, 4, DREP_ENC_INTEGER(hdr->drep));
}
offset+=4;
diff --git a/epan/dissectors/packet-dcerpc.h b/epan/dissectors/packet-dcerpc.h
index 1498629c45..8edcd23e0d 100644
--- a/epan/dissectors/packet-dcerpc.h
+++ b/epan/dissectors/packet-dcerpc.h
@@ -28,6 +28,17 @@
#include <epan/conversation.h>
+/*
+ * Data representation.
+ */
+#define DREP_LITTLE_ENDIAN 0x10
+
+/*
+ * Data representation to integer byte order.
+ */
+#define DREP_ENC_INTEGER(drep) \
+ (((drep)[0] & DREP_LITTLE_ENDIAN) ? ENC_LITTLE_ENDIAN : ENC_BIG_ENDIAN)
+
#ifdef PT_R4
/* now glib always includes signal.h and on linux PPC
* signal.h defines PT_R4
diff --git a/epan/dissectors/packet-dcom.c b/epan/dissectors/packet-dcom.c
index c652aef482..76b59d84e7 100644
--- a/epan/dissectors/packet-dcom.c
+++ b/epan/dissectors/packet-dcom.c
@@ -987,7 +987,7 @@ dissect_dcom_indexed_WORD(tvbuff_t *tvb, int offset, packet_info *pinfo,
if (tree) {
/* special formatted output of indexed value */
- proto_tree_add_uint_format(tree, hfindex, tvb, offset, 2, (drep[0] & 0x10),
+ proto_tree_add_uint_format(tree, hfindex, tvb, offset, 2, u16WORD,
"%s[%u]: 0x%04x",
proto_registrar_get_name(hfindex),
field_index, u16WORD);
@@ -1017,7 +1017,7 @@ dissect_dcom_indexed_DWORD(tvbuff_t *tvb, int offset, packet_info *pinfo,
if (tree) {
/* special formatted output of indexed value */
- proto_tree_add_uint_format(tree, hfindex, tvb, offset, 4, (drep[0] & 0x10),
+ proto_tree_add_uint_format(tree, hfindex, tvb, offset, 4, u32DWORD,
"%s[%u]: 0x%08x",
proto_registrar_get_name(hfindex),
field_index, u32DWORD);
@@ -1046,7 +1046,7 @@ dissect_dcom_HRESULT_item(tvbuff_t *tvb, int offset, packet_info *pinfo,
if (tree) {
/* special formatted output of indexed value */
- *item = proto_tree_add_item (tree, field_index, tvb, offset-4, 4, (drep[0] & 0x10));
+ *item = proto_tree_add_item (tree, field_index, tvb, offset-4, 4, DREP_ENC_INTEGER(drep));
}
if (pu32HResult)
@@ -1071,7 +1071,7 @@ dissect_dcom_HRESULT(tvbuff_t *tvb, int offset, packet_info *pinfo,
if (tree) {
/* special formatted output of indexed value */
- item = proto_tree_add_item (tree, hf_dcom_hresult, tvb, offset-4, 4, (drep[0] & 0x10));
+ item = proto_tree_add_item (tree, hf_dcom_hresult, tvb, offset-4, 4, DREP_ENC_INTEGER(drep));
}
/* expert info only if severity is set */
generated by cgit v1.2.1 (git 2.18.0) at 2024-06-24 11:39:47 +0000