summaryrefslogtreecommitdiff
path: root/print-smb.c
Commit message (Collapse)AuthorAgeFilesLines
* SMB-over-TCP (port 445) support.guy2007-12-091-1/+41
|
* Patches from NetBSD tree.mcr2007-08-291-3/+2
|
* Fix message printed for bad andX offset to correctly describe theguy2007-07-141-2/+2
| | | | badness.
* Properly check for a bogus andX offset - it has to move forward, notguy2007-07-141-2/+2
| | | | just not move backward.
* Fix up the bounds checking for NetBIOS-over-TCP. Among other things,guy2005-05-081-29/+50
| | | | | | | this means that we don't go past the end of the captured data when dumping raw packet data and that we distinguish between "this packet was cut off by the snapshot length" and "this packet is continued in a subsequent TCP segment".
* Always check for "smb_fdata()" returning null - for example, check it onguy2005-05-051-4/+7
| | | | every iteration of a loop.
* Check the "status value is an NT status" flag and, if it is, treat theguy2004-12-301-4/+15
| | | | | | status value as such. Constify some tables.
* Add format options to save the value fetched and to later use that valueguy2004-12-291-7/+7
| | | | for counted strings, and use them where appropriate.
* Correctly dissect GetBackupList and BackupListResponse.guy2004-12-291-3/+3
|
* The transaction name doesn't seem to be in any Transaction2 requestsguy2004-12-291-3/+6
| | | | | | I've seen; get rid of it. Do, however, show the byte count.
* Correctly handle Unicode strings - skip padding to put them on a 2-byteguy2004-12-281-63/+73
| | | | | | | | boundary, and base the Unicode-vs-non-Unicode decision on the "strings are Unicode" bit in Flags2, except for those few strings that are always ASCII, rather than doing a heuristic check. Fix the padding in FindFirst2 requests.
* Correctly dissect LockingAndX requests - there's a flag bit thatguy2004-12-281-6/+43
| | | | indicates whether the offsets and lengths are 32 bit or 64 bit.
* Don't print byte data if the byte count is 0.guy2004-12-281-30/+43
| | | | | | | | | | | In "print_smb()", Don't go past the passed-in length when printing the word data. The andX command is 1 byte, not 2 bytes. Check that the andX offset is after the offset of the previous SMB information, so we don't get caught in a loop if there's a bogus andX offset.
* Fetch the byte count from the right location.guy2004-12-281-3/+3
|
* Rename "wcnt" in some routines to "wct", just as it's called inguy2004-12-281-20/+26
| | | | | | | | | | | | "print_smb()". Don't print "smb_vwv[] =" - just print the "smb_vwv[i] =" for each of the words in the word data if we're dumping it as raw data. Only print "smb_buf[] =" if we're dumping the byte data as raw data. Always print the byte count (except for Trans2, but we should probably print it there as well).
* Fetch lengths in NBT Session Service packets in big-endian byte order;guy2004-05-311-7/+7
| | | | | | don't bother specifying big-endian for one-byte fields. Show the length in all NBSS packets.
* Show the message type for NBT Session Service messages even with "-vv".guy2004-05-311-32/+74
| | | | | The first byte of an NBT Session Service message is the message type - the *second* byte is the flags.
* Do NBF commands with a table giving the name of the command, anguy2004-05-311-58/+86
| | | | | | | | | "smb_fdata()" string for non-verbose mode (all on one line), and an "smb_fdata()" string for verbose mode. Add entries for a number of additional commands. Don't look for an SMB packet except in Datagram, Broadcast Datagram, Data First/Middle, or Data Only/Last NBF packets.
* Have the configure script arrange that the Makefile define _U_guy2003-11-161-4/+4
| | | | | | | | | | appropriately, and that GNUmakefile and the MSVC++ project file define it apppriately, as we do with libpcap, rather than defining it in "interface.h". Undo the rcsid-shuffling and addition of extra #includes, as we no longer need to arrange that "interface.h" be included before using _U_ in an RCS ID or copyright.
* From Neil Spring:guy2003-11-151-4/+4
| | | | | | | | | | | use "_U_" in the definitions of "rcsid[]", to eliminate complaints about those variables being unused; move the definitions after the include of "interface.h", or add an include of "interface.h", so that "_U_" is defined. Include "config.h" before including "tcpdump-stdinc.h" in "missing/datalinks.c".
* Get rid of the "-Wno-unused" flag, and fix up most of theguy2002-09-051-4/+4
| | | | | | | | | | | | | | | unused-parameter problems reported by GCC. Add an _U_ tag to label parameters as unused if the function is called through a pointer (so that you can't change its signature by removing parameters) or if there are unused parameters only because the function isn't complete. Add some additional bounds checks the necessity for which was revealed while cleaning up unused-parameter problems. Make some routines static. "lcp_print()", defined in "print-lcp.c", isn't called anywhere - "print-ppp.c" has the code to dissect LCP. Get rid of "print-lcp.c".
* Add a few more GCC warnings on GCC >= 2 for ".devel" builds.guy2002-09-051-20/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From Neil T. Spring: fixes for many of those warnings: addrtoname.c, configure.in: Linux needs netinet/ether.h for ether_ntohost print-*.c: change char *foo = "bar" to const char *foo = "bar" to appease -Wwrite-strings; should affect no run-time behavior. print-*.c: make some variables unsigned. print-bgp.c: plen ('prefix len') is unsigned, no reason to validate by comparing to zero. print-cnfp.c, print-rx.c: use intoa, provided by addrtoname, instead of inet_ntoa. print-domain.c: unsigned int l; (l=foo()) < 0 is guaranteed to be false, so check for (u_int)-1, which represents failure, explicitly. print-isakmp.c: complete initialization of attrmap objects. print-lwres.c: "if(x); print foo;" seemed much more likely to be intended to be "if(x) { print foo; }". print-smb.c: complete initialization of some structures. In addition, add some fixes for the signed vs. unsigned comparison warnings: extract.h: cast the result of the byte-extraction-and-combining, as, at least for the 16-bit version, C's integral promotions will turn "u_int16_t" into "int" if there are other "int"s nearby. print-*.c: make some more variables unsigned, or add casts to an unsigned type of signed values known not to be negative, or add casts to "int" of unsigned values known to fit in an "int", and make other changes needed to handle the aforementioned variables now being unsigned. print-isakmp.c: clean up the handling of error/status indicators in notify messages. print-ppp.c: get rid of a check that an unsigned quantity is >= 0. print-radius.c: clean up some of the bounds checking. print-smb.c: extract the word count into a "u_int" to avoid the aforementioned problems with C's integral promotions. print-snmp.c: change a check that an unsigned variable is >= 0 to a check that it's != 0. Also, fix some formats to use "%u" rather than "%d" for unsigned quantities.
* Added support for Win32, based on WinPcap.risso2002-08-011-4/+3
|
* Put in some casts to squelch compiler warnings.guy2002-07-111-3/+3
|
* From Sami Farin <safari@iki.fi>: put in a missing blank before "NBTguy2002-04-301-3/+3
| | | | Packet".
* Convert some format pointers to "char *" from "u_char *", and some dataguy2002-04-251-11/+11
| | | | | | | | pointers from "char *" to "u_char *", to eliminate signed vs. unsigned complaints from some compilers. Don't use "++"s in initialization, to avoid warnings from the Sun C compiler.
* Include <netinet/in.h> to declare "ntohs()" (which may be used byguy2002-02-061-1/+3
| | | | "EXTRACT_16BITS()").
* Bill Fenner's changes to clean up the SMB dissection somewhat and to addguy2002-01-171-172/+243
| | | | a lot of boundary checking.
* disable smb printing until we have boundary checks in *smb*.c (there's almostitojun2001-10-041-3/+3
| | | | no boundary check).
* Eliminate some unused parameters.fenner2001-09-171-105/+105
| | | | | | | | | | | Use const more. Use EXTRACT_* macros more. Use TCHECK* more. Use tok2str() to replace some home-grown workalikes. smb: - Get rid of private types, use tcpdump-defined types - Rename fdata and fdata1 to smb_fdata and smb_fdata1 to avoid conflict with IRIX library function.
* Handle NBNS multihomed registration messages (they're not in RFC 1001 orguy2001-07-281-1/+2
| | | | 1002 - Microsoft added them).
* indent (sorry, i left them behinditojun2001-06-281-33/+49
|
* more indentation fix. now i've gone through all *smb*. now let usitojun2001-06-261-227/+237
| | | | go through buffer length issues....
* more indent clarification for auditsitojun2001-06-261-325/+341
|
* more audit/style. fix a couple of signed/unsigned mixup,itojun2001-06-251-3/+3
| | | | printf type mismatch, as well as buffer overrun possibilities
* strinct prototype. now we are -Wstrict-prototype clean.itojun2001-06-251-362/+449
| | | | | couple of indent fixes (ts=8 sw=4) so that we can do a buffer overrun audit effectively.
* Fix bug where tcpdump shows data beyond the end of certain NBT packets.fenner2001-04-031-2/+2
| | | | Not-really-submitted by: archie@freebsd.org
* Patches from Pekka Savola <pekkas@netcore.fi> to quiet down SMB a little.fenner2001-02-201-6/+32
| | | | | I changed his patches to actually use -vv. Obviously tcpdump actually needs more-targeted -v flags (like "-v smb").
* Do some additional bounds checking when dissecting SMB packets.guy2001-01-151-11/+20
|
* Handle IPX socket 0x553, which is some kind of NetBIOS-over-IPX socket.guy2001-01-151-5/+20
| | | | | | | | | | | | | | | | (We call it "nwlink-dgm" for now; Ethereal calls it a NWLink SMB datagram.) Don't throw every LLC frame with unknown SAPs at the NetBIOS-over-IPX dissector; just throw the frames for IPX sockets 0x455 and 0x553 at it, as those appear to be the sockets used (if there are any others, please add them to the IPX dissector - putting it back in the LLC dissector won't help, as all IPX frames, including LLC frames, should now be handed to the IPX dissector). Do better bounds checking in "ipx_netbios_print()" and "netbeui_print()", i.e. don't go past the end of the captured data in the packet when looking for the 0xFF S M B signature.
* The control field of an LLC frame is 1 byte for a U frame and 2 bytesguy2000-12-051-6/+24
| | | | | | | | | | | | for an S or I frame; have the LLC dissector pass the control field value as an argument to the NetBEUI dissector, rather than having the NetBEUI dissector extract the control field value itself, and have it pass a pointer to the beginning of the LLC *payload* rather than to the control field. Keep the NetBEUI dissector from running past the end of the buffer. Add support for the NetBEUI SESSION ALIVE frame.
* Add a bunch of checks to make sure we don't go past the end of theguy2000-12-041-3/+23
| | | | packet.
* no need to use strcat at allitojun2000-01-191-24/+23
|
* Unify rcsid[]'s.fenner2000-01-091-0/+5
|
* * print-rt6.c: make IPv6 routing header printing work with new 2292bisitojun1999-12-221-17/+18
| | | | | | | | | | | API. * print-bgp.c: improve options printing. ugly code exists for unaligned option parsing (need some fix). * const poisoning in SMB decoder. * make dump format back to original. someone may want to add an option to do ascii printing, but keep the default behavior as is for scripts used in many places. * -Wall -Werror clean checks.
* include string.h for prototypesfenner1999-12-151-10/+10
| | | | | | | remove unused variables make a few functions static fix very confused code with & vs. == precedence errors as well as a failure to shift the field value
* add config.hassar1999-11-211-0/+1002
View Lorry Controller Status