Age | Commit message (Collapse) | Author | Files | Lines |
|
svn path=/trunk/; revision=17179
|
|
open by file id
and
backup intent
svn path=/trunk/; revision=16869
|
|
svn path=/trunk/; revision=16755
|
|
bytes in smb for objectid)
svn path=/trunk/; revision=16682
|
|
svn path=/trunk/; revision=16607
|
|
svn path=/trunk/; revision=16606
|
|
svn path=/trunk/; revision=16596
|
|
svn path=/trunk/; revision=16589
|
|
svn path=/trunk/; revision=16585
|
|
svn path=/trunk/; revision=16581
|
|
svn path=/trunk/; revision=16580
|
|
svn path=/trunk/; revision=16579
|
|
even for wc==4
svn path=/trunk/; revision=16550
|
|
svn path=/trunk/; revision=16543
|
|
svn path=/trunk/; revision=16539
|
|
svn path=/trunk/; revision=16538
|
|
svn path=/trunk/; revision=16537
|
|
svn path=/trunk/; revision=16536
|
|
svn path=/trunk/; revision=16535
|
|
updates to smb
A patch for packet-smb.c is attached:
- it improves timeout decoding
- it defines common NT transaction IOCTL functions
- it corrects decoding of resume key in search queries
- it defines a new function dissect_4_2_16_8_unsure() to replace
dissect_4_2_16_8(). I'm unsure if it is correct. As said in
comments, it works for me, but I find strange that nobody noticed
dissect_4_2_16_8() was wrong. So, it is between "#if 0".
Someone else should confirm dissect_4_2_16_8_unsure() works
before activating it.
svn path=/trunk/; revision=16494
|
|
svn path=/trunk/; revision=16490
|
|
svn path=/trunk/; revision=16487
|
|
"dissect_nt_sec_desc()". Add a Boolean argument to
"dissect_nt_sec_desc()" to indicate whether a length was passed to it
(so we don't treat -1 as a special value; we want to stop treating -1 as
a special length value, and, in fact, want to stop treating *any*
negative length values specially, so that we don't have to worry about
passing arbitrary 32-bit values from packets as lengths), and have
"dissect_nt_sec_desc()" initially create the protocol tree item for the
security descriptor with a length of "go to the end of the tvbuff", and
set the length once we're done dissecting it - and, if the length was
specified, check at *that* point, *after* we've dissected the security
descriptor, whether we have the entire security descriptor in the
tvbuff.
That means that we don't have to worry about overflows after
"dissect_nt_sec_desc()" returns - if the length was so large that we
would have gotten an overflow, we'd have thrown an exception in the
"tvb_ensure_bytes_exist()" call at the end of "dissect_nt_sec_desc()".
Do sanity checks on offsets within the security descriptor, so we know
the item referred to by the offset is after the fixed-length portion of
the descriptor.
svn path=/trunk/; revision=16113
|
|
static, they collide with one another in builds on at least some
platforms.
svn path=/trunk/; revision=16049
|
|
I've changed all settings I could find to TRUE. It might be reasonable to change some protocol settings back to FALSE, if reassembling fails very often.
svn path=/trunk/; revision=16048
|
|
- and rename smb.h to packet-smb.h, as it's packet-smb.c's header file.
svn path=/trunk/; revision=15845
|
|
directory to the epan directory. Some of them should perhaps ultimately
be moved to epan/dissectors, if they pertain only to stuff exported by a
particular dissector.
Fix Gerald's e-mail address in files we're moving.
svn path=/trunk/; revision=15844
|
|
fragment size. The limit is conservatively set at 65536 bytes. It may
have to be increased. Fixes bug 421.
Add an entry to the release notes.
svn path=/trunk/; revision=15789
|
|
I've done more than a day to change the timestamp resolution from microseconds to nanoseconds. As I really don't want to loose those changes, I'm going to check in the changes I've done so far. Hopefully someone else will give me a helping hand with the things left ...
What's done: I've changed the timestamp resolution from usec to nsec in almost any place in the sources. I've changed parts of the implementation in nstime.s/.h and a lot of places elsewhere.
As I don't understand the editcap source (well, I'm maybe just too tired right now), hopefully someone else might be able to fix this soon.
Doing all those changes, we get native nanosecond timestamp resolution in Ethereal. After fixing all the remaining issues, I'll take a look how to display this in a convenient way...
As I've also changed the wiretap timestamp resolution from usec to nsec we might want to change the wiretap version number...
svn path=/trunk/; revision=15520
|
|
packet-camel.c(6829) : warning C4101: 'version_str' : unreferenced local variable
packet-quakeworld.c(172) : warning C4090: 'return' : different 'const' qualifiers
packet-smb.c(10859) : warning C4101: 'target_name_len' : unreferenced local variable
packet-smb.c(10860) : warning C4101: 'fn_len' : unreferenced local variable
packet-smb.c(10858) : warning C4101: 'fn' : unreferenced local variable
svn path=/trunk/; revision=15474
|
|
svn path=/trunk/; revision=15455
|
|
overwritten. Fixes bug 367.
svn path=/trunk/; revision=15435
|
|
svn path=/trunk/; revision=15398
|
|
svn path=/trunk/; revision=15374
|
|
there are only 5 gmemchunks left but they have different litetime for their allocations than the 100+ ones that have been removed.
The remaining 5 should be converted some other way.
svn path=/trunk/; revision=15328
|
|
documentation in README.developer
svn path=/trunk/; revision=15270
|
|
various DISSECTOR_ macros, so the error message includes an indication
of the problem, and the file and line number.
svn path=/trunk/; revision=15237
|
|
DissectorError. In packet-kerberos.c, restore pinfo->private_data if
we throw an exception, which keeps the SMB dissector from throwing
a DissectorError. Initialize variables in other places to squelch
valgrind warnings.
svn path=/trunk/; revision=15235
|
|
svn path=/trunk/; revision=15218
|
|
time :-(
svn path=/trunk/; revision=15131
|
|
it decodes "better" but might still be broken since none of the packets I have match any of the "standards"
svn path=/trunk/; revision=14952
|
|
add a "match_strval_idx()" routine that does the same thing, and have
"match_strval()" call it.
Make those routines, and "val_to_str()", return a "const" pointer.
Update dissectors as necessary to squelch compiler warnings produced by
that.
Use "val_to_str()" rather than using "match_strval()" and then, if the
result is null, substituting a specific string. Clean up some other
"match_strval()"/"val_to_str()" usages.
Add a null pointer check in the NDPS dissector's "attribute_value()"
routine, as it's not clear that "global_attribute_name" won't be null at
that point.
Make some global variables in the AFS4INT dissector local.
Make some routines not used outside the module they're in static.
Make some tables "static const".
Clean up white space.
Fix Gerald's address in some files.
svn path=/trunk/; revision=14786
|
|
svn path=/trunk/; revision=14780
|
|
content, to better understand what's going on while desegmenting.
We'll have to add similar mechanisms for other protocols as well...
svn path=/trunk/; revision=14527
|
|
svn path=/trunk/; revision=14526
|
|
the default value. Seems to be a general bug worth to thought about, but I don't know the SMB internals and this bugfix should work anyway.
Found this by a privately fuzzed capture file (sorry, can't give it away)
svn path=/trunk/; revision=14501
|
|
FT_STRINGZ to add a string
svn path=/trunk/; revision=14482
|
|
163. I'm not sure if this fix is entirely correct, but it doesn't appear to
have affected any SMB captures here adversely.
svn path=/trunk/; revision=14365
|
|
Shouldn't the number of fuzz bugs decrease asymptotically at some
point?
svn path=/trunk/; revision=14306
|
|
can't fetch it. Fix a few more null pointer dereferences. Fixes bug 79.
svn path=/trunk/; revision=14149
|