From 554a56541a426f9e6179760f47d5319fb7ce4bf9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Valverde?= Date: Wed, 16 Mar 2016 05:50:02 +0000 Subject: [PATCH 1/5] Add basic PIDL Makefile MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change-Id: I8f4c8e312df73b70f3cacd0df768375b46197ae6 Reviewed-on: https://code.wireshark.org/review/14507 Petri-Dish: João Valverde Reviewed-by: João Valverde Reviewed-by: Alexis La Goutte --- pidl/lib/Parse/Pidl/Wireshark/NDR.pm | 1 + 1 file changed, 1 insertion(+) diff --git a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm index 49b0c2c33ba..fb9c2f0ea17 100644 --- a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm +++ b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm @@ -967,6 +967,7 @@ sub ProcessImport next if($_ eq "security"); s/^\"//; s/\.idl"?$//; + s/^.*\///; $self->pidl_hdr("#include \"packet-dcerpc-$_\.h\""); } $self->pidl_hdr(""); -- 2.17.1 From 73d40ca0ca747fb186711932d0f7a6e91c13cf9e Mon Sep 17 00:00:00 2001 From: Michael Mann Date: Wed, 15 Jun 2016 15:35:51 -0400 Subject: [PATCH 2/5] DCE/RPC proto_tree_add_boolean -> proto_tree_add_bitmask_with_flags Change-Id: I8891ec90244ffd9609d8443df631a7c8e6453b7e Reviewed-on: https://code.wireshark.org/review/15942 Petri-Dish: Michael Mann Tested-by: Petri Dish Buildbot Reviewed-by: Michael Mann --- pidl/lib/Parse/Pidl/Wireshark/NDR.pm | 69 ++++++++++++++++++---------- 1 file changed, 44 insertions(+), 25 deletions(-) diff --git a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm index fb9c2f0ea17..ab735f58e7d 100644 --- a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm +++ b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm @@ -200,6 +200,8 @@ sub Bitmap($$$$) { my ($self,$e,$name,$ifname) = @_; my $dissectorname = "$ifname\_dissect\_bitmap\_".StripPrefixes($name, $self->{conformance}->{strip_prefixes}); + my $element_count = 0; + my $total_ev = 0; $self->register_ett("ett_$ifname\_$name"); @@ -210,9 +212,26 @@ sub Bitmap($$$$) $self->pidl_code("$dissectorname(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, int hf_index _U_, guint32 param _U_)"); $self->pidl_code("{"); $self->indent; - $self->pidl_code("proto_item *item = NULL;"); - $self->pidl_code("proto_tree *tree = NULL;"); - $self->pidl_code(""); + foreach (@{$e->{ELEMENTS}}) { + next unless (/([^ ]*) (.*)/); + $element_count++; + } + if ($element_count > 0) { + $self->pidl_code("proto_item *item;"); + $self->pidl_code("static const int * $ifname\_$name\_fields[] = {"); + $self->indent; + foreach (@{$e->{ELEMENTS}}) { + next unless (/([^ ]*) (.*)/); + my ($en,$ev) = ($1,$2); + my $hf_bitname = "hf_$ifname\_$name\_$1"; + + $ev =~ s/[()\s]//g; + $total_ev += hex($ev); + $self->pidl_code("&$hf_bitname,"); + } + $self->deindent; + $self->pidl_code("};"); + } $self->pidl_code("g$e->{BASE_TYPE} flags;"); if ($e->{ALIGN} > 1) { @@ -221,18 +240,23 @@ sub Bitmap($$$$) $self->pidl_code(""); - $self->pidl_code("if (parent_tree) {"); - $self->indent; - $self->pidl_code("item = proto_tree_add_item(parent_tree, hf_index, tvb, offset, $e->{ALIGN}, DREP_ENC_INTEGER(drep));"); - $self->pidl_code("tree = proto_item_add_subtree(item,ett_$ifname\_$name);"); - $self->deindent; - $self->pidl_code("}\n"); + if ($element_count > 0) { + $self->pidl_code("item = proto_tree_add_bitmask_with_flags(parent_tree, tvb, offset, hf_index,"); + $self->pidl_code("\t\t\tett_$ifname\_$name, $ifname\_$name\_fields, DREP_ENC_INTEGER(drep), BMT_NO_FALSE);"); + $self->pidl_code(""); - $self->pidl_code("offset = dissect_ndr_$e->{BASE_TYPE}(tvb, offset, pinfo, tree, di, drep, -1, &flags);"); + $self->pidl_code("offset = dissect_ndr_$e->{BASE_TYPE}(tvb, offset, pinfo, parent_tree, di, drep, -1, &flags);"); + $self->pidl_code(""); - $self->pidl_code("proto_item_append_text(item, \": \");\n"); - $self->pidl_code("if (!flags)"); - $self->pidl_code("\tproto_item_append_text(item, \"(No values set)\");\n"); + $self->pidl_code("if (!flags)"); + $self->pidl_code("\tproto_item_append_text(item, \": (No values set)\");\n"); + } else { + $self->pidl_code("proto_tree_add_item(parent_tree, hf_index, tvb, offset, $e->{ALIGN}, DREP_ENC_INTEGER(drep));"); + $self->pidl_code(""); + + $self->pidl_code("offset = dissect_ndr_$e->{BASE_TYPE}(tvb, offset, pinfo, parent_tree, di, drep, -1, &flags);"); + $self->pidl_code(""); + } foreach (@{$e->{ELEMENTS}}) { next unless (/([^ ]*) (.*)/); @@ -254,20 +278,15 @@ sub Bitmap($$$$) $self->pidl_def(" \"$en is NOT SET\","); } $self->pidl_def("};"); - - $self->pidl_code("proto_tree_add_boolean(tree, $hf_bitname, tvb, offset-$e->{ALIGN}, $e->{ALIGN}, flags);"); - $self->pidl_code("if (flags&$ev){"); - $self->pidl_code("\tproto_item_append_text(item, \"$en\");"); - $self->pidl_code("\tif (flags & (~$ev))"); - $self->pidl_code("\t\tproto_item_append_text(item, \", \");"); - $self->pidl_code("}"); - $self->pidl_code("flags&=(~$ev);"); - $self->pidl_code(""); } - $self->pidl_code("if (flags) {"); - $self->pidl_code("\tproto_item_append_text(item, \"Unknown bitmap value 0x%x\", flags);"); - $self->pidl_code("}\n"); + if ($element_count > 0) { + my $total_ev_hex = sprintf("0x%08x", $total_ev); + $self->pidl_code("if (flags & (~$total_ev_hex)) {"); + $self->pidl_code("\tflags &= (~$total_ev_hex);"); + $self->pidl_code("\tproto_item_append_text(item, \"Unknown bitmap value 0x%x\", flags);"); + $self->pidl_code("}\n"); + } $self->pidl_code("return offset;"); $self->deindent; $self->pidl_code("}\n"); -- 2.17.1 From 8b278796ab3f5d877a86054b4035b0488bc776fc Mon Sep 17 00:00:00 2001 From: Binh Trinh Date: Fri, 17 Jun 2016 21:46:11 -0400 Subject: [PATCH 3/5] DCE/RPC: fix array of pointers with NULL Change-Id: Ie89f8fd4ec744d427d41866206d5a6784c5b224f Reviewed-on: https://code.wireshark.org/review/16004 Petri-Dish: Jaap Keuter Tested-by: Petri Dish Buildbot Reviewed-by: Michael Mann --- pidl/lib/Parse/Pidl/Wireshark/NDR.pm | 1 + 1 file changed, 1 insertion(+) diff --git a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm index ab735f58e7d..9c2983fc6bf 100644 --- a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm +++ b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm @@ -229,6 +229,7 @@ sub Bitmap($$$$) $total_ev += hex($ev); $self->pidl_code("&$hf_bitname,"); } + $self->pidl_code("NULL"); $self->deindent; $self->pidl_code("};"); } -- 2.17.1 From e6a747c89980699d6fad7172f3a623dfd526aaf8 Mon Sep 17 00:00:00 2001 From: Guy Harris Date: Sun, 6 Nov 2016 11:02:51 -0800 Subject: [PATCH 4/5] Get rid of Boolean "flags" that don't have any bit set. And tweak the Pidl generator for Wireshark not to generate "flags" like that. (The generator also does field name and true/false strings' case differently, so I didn't use it to regenerate the dissectors; that needs to be looked at.) Change-Id: Ie1657a782ebdb107e58792cedd29bbaa79b17bd4 Reviewed-on: https://code.wireshark.org/review/18695 Reviewed-by: Guy Harris --- pidl/lib/Parse/Pidl/Wireshark/NDR.pm | 29 ++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm index 9c2983fc6bf..2b2683f2fab 100644 --- a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm +++ b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm @@ -226,8 +226,10 @@ sub Bitmap($$$$) my $hf_bitname = "hf_$ifname\_$name\_$1"; $ev =~ s/[()\s]//g; - $total_ev += hex($ev); - $self->pidl_code("&$hf_bitname,"); + if (hex($ev) != 0) { + $total_ev += hex($ev); + $self->pidl_code("&$hf_bitname,"); + } } $self->pidl_code("NULL"); $self->deindent; @@ -267,18 +269,21 @@ sub Bitmap($$$$) $self->{hf_used}->{$hf_bitname} = 1; - $self->register_hf_field($hf_bitname, field2name($en), $filtername, "FT_BOOLEAN", $e->{ALIGN} * 8, "TFS(&$name\_$en\_tfs)", $ev, ""); + $ev =~ s/[()\s]//g; + if (hex($ev) != 0) { + $self->register_hf_field($hf_bitname, field2name($en), $filtername, "FT_BOOLEAN", $e->{ALIGN} * 8, "TFS(&$name\_$en\_tfs)", "( $ev )", ""); - $self->pidl_def("static const true_false_string $name\_$en\_tfs = {"); - if (defined($self->{conformance}->{tfs}->{$hf_bitname})) { - $self->pidl_def(" $self->{conformance}->{tfs}->{$hf_bitname}->{TRUE_STRING},"); - $self->pidl_def(" $self->{conformance}->{tfs}->{$hf_bitname}->{FALSE_STRING},"); - $self->{conformance}->{tfs}->{$hf_bitname}->{USED} = 1; - } else { - $self->pidl_def(" \"$en is SET\","); - $self->pidl_def(" \"$en is NOT SET\","); + $self->pidl_def("static const true_false_string $name\_$en\_tfs = {"); + if (defined($self->{conformance}->{tfs}->{$hf_bitname})) { + $self->pidl_def(" $self->{conformance}->{tfs}->{$hf_bitname}->{TRUE_STRING},"); + $self->pidl_def(" $self->{conformance}->{tfs}->{$hf_bitname}->{FALSE_STRING},"); + $self->{conformance}->{tfs}->{$hf_bitname}->{USED} = 1; + } else { + $self->pidl_def(" \"$en is SET\","); + $self->pidl_def(" \"$en is NOT SET\","); + } + $self->pidl_def("};"); } - $self->pidl_def("};"); } if ($element_count > 0) { -- 2.17.1 From b6061619a293e84f2a7579e86ae8c8a9334bb221 Mon Sep 17 00:00:00 2001 From: Guy Harris Date: Mon, 9 Jan 2017 22:18:49 -0800 Subject: [PATCH 5/5] Rename tvb_new_subset() to tvb_new_subset_length_caplen(). This emphasizes that there is no such thing as *the* routine to construct a subset tvbuff; you need to choose one of tvb_new_subset_remaining() (if you want a new tvbuff that contains everything past a certain point in an existing tvbuff), tvb_new_subset_length() (if you want a subset that contains everything past a certain point, for some number of bytes, in an existing tvbuff), and tvb_new_subset_length_caplen() (for all other cases). Many of the calls to tvb_new_subset_length_caplen() should really be calling one of the other routines; that's the next step. (This also makes it easier to find the calls that need fixing.) Change-Id: Ieb3d676d8cda535451c119487d7cd3b559221f2b Reviewed-on: https://code.wireshark.org/review/19597 Reviewed-by: Guy Harris --- pidl/lib/Parse/Pidl/Wireshark/NDR.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm index 2b2683f2fab..41d788ffcef 100644 --- a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm +++ b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm @@ -420,7 +420,7 @@ sub ElementLevel($$$$$$$$) # continue to dissect handmarshalled stuff with pidl $self->pidl_code("di->call_data->flags &= ~DCERPC_IS_NDR64;"); - $self->pidl_code("subtvb = tvb_new_subset(tvb, offset, (const gint)size, -1);"); + $self->pidl_code("subtvb = tvb_new_subset_length_caplen(tvb, offset, (const gint)size, -1);"); if ($param ne 0) { $self->pidl_code("$myname\_(subtvb, 0, pinfo, tree, di, drep, $param);"); } else { -- 2.17.1