1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
|
/* Glue code for sticking code generated by pidl to ethereal. */
#ifndef _eparser_h
#define _eparser_h
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <epan/dissectors/packet-dcerpc.h>
#include <epan/dissectors/packet-dcerpc-nt.h>
#define NDR_SCALARS 1
#define NDR_BUFFERS 2
#define LIBNDR_FLAG_BIGENDIAN (1<<0)
#define LIBNDR_FLAG_NOALIGN (1<<1)
#define LIBNDR_FLAG_STR_ASCII (1<<2)
#define LIBNDR_FLAG_STR_LEN4 (1<<3)
#define LIBNDR_FLAG_STR_SIZE4 (1<<4)
#define LIBNDR_FLAG_STR_NOTERM (1<<5)
#define LIBNDR_FLAG_STR_NULLTERM (1<<6)
#define LIBNDR_FLAG_STR_SIZE2 (1<<7)
#define LIBNDR_STRING_FLAGS (0xFC)
#define LIBNDR_FLAG_REF_ALLOC (1<<10)
#define LIBNDR_FLAG_REMAINING (1<<11)
#define LIBNDR_FLAG_ALIGN2 (1<<12)
#define LIBNDR_FLAG_ALIGN4 (1<<13)
#define LIBNDR_FLAG_ALIGN8 (1<<14)
#define LIBNDR_ALIGN_FLAGS (LIBNDR_FLAG_ALIGN2|LIBNDR_FLAG_ALIGN4|LIBNDR_FLAG_ALIGN8)
#define LIBNDR_PRINT_ARRAY_HEX (1<<15)
#define LIBNDR_PRINT_SET_VALUES (1<<16)
/* used to force a section of IDL to be little-endian */
#define LIBNDR_FLAG_LITTLE_ENDIAN (1<<17)
#define NDR_ALLOC_SIZE(ndr, s, size) do { \
(s) = g_malloc(size); \
} while (0);
#define NDR_ALLOC_N_SIZE(ndr, s, n, elsize) do { \
if ((n) == 0) { \
(s) = NULL; \
} else { \
(s) = g_malloc((n) * elsize); \
} \
} while (0)
#define NDR_ALLOC_N(ndr, s, n) NDR_ALLOC_N_SIZE(ndr, s, n, sizeof(*(s)))
#define NDR_ALLOC(ndr, s) NDR_ALLOC_SIZE(ndr, s, sizeof(*(s)))
/* zero a structure */
#define ZERO_STRUCT(x) memset((char *)&(x), 0, sizeof(x))
/* zero a structure given a pointer to the structure */
#define ZERO_STRUCTP(x) do { if ((x) != NULL) memset((char *)(x), 0, sizeof(*(x))); } while(0)
struct ndr_ofs_list {
guint32 offset;
struct ndr_ofs_list *next;
};
struct ndr_pull {
tvbuff_t *tvb;
int offset;
packet_info *pinfo;
guint8 *drep;
struct ndr_ofs_list *ofs_list;
int flags;
};
typedef int NTSTATUS;
typedef guint64 uint64;
typedef guint32 uint32;
typedef guint16 uint16;
typedef guint8 uint8;
typedef gint64 int64;
typedef gint32 int32;
typedef gint16 int16;
typedef gint8 int8;
typedef guint64 NTTIME;
typedef guint64 HYPER_T;
#define dom_sid2 dom_sid
typedef void (*ndr_pull_flags_fn_t)(struct ndr_pull *, int ndr_flags, void *);
#include "packet-dcerpc-proto.h"
#include "glib.h"
struct ndr_pull *ndr_pull_init(tvbuff_t *tvb, int offset, packet_info *pinfo, guint8 *drep);
void ndr_pull_struct_start(struct ndr_pull *ndr);
void ndr_pull_struct_end(struct ndr_pull *ndr);
void ndr_pull_align(struct ndr_pull *ndr, int size);
void ndr_pull_uint8(struct ndr_pull *ndr, proto_tree *tree, int hf, uint8 *data);
void ndr_pull_uint16(struct ndr_pull *ndr, proto_tree *tree, int hf, uint16 *data);
void ndr_pull_uint32(struct ndr_pull *ndr, proto_tree *tree, int hf, uint32 *data);
void ndr_pull_uint64(struct ndr_pull *ndr, proto_tree *tree, int hf, uint64 *data);
void ndr_pull_int8(struct ndr_pull *ndr, proto_tree *tree, int hf, int8 *data);
void ndr_pull_int16(struct ndr_pull *ndr, proto_tree *tree, int hf, int16 *data);
void ndr_pull_int32(struct ndr_pull *ndr, proto_tree *tree, int hf, int32 *data);
void ndr_pull_int64(struct ndr_pull *ndr, proto_tree *tree, int hf, int64 *data);
void ndr_pull_array_uint8(struct ndr_pull *ndr, int ndr_flags, proto_tree *tree, char *name, int hf, void *data, int count);
void ndr_pull_array_uint16(struct ndr_pull *ndr, int ndr_flags, proto_tree *tree, char *name, int hf, void *data, int count);
void ndr_pull_array_uint32(struct ndr_pull *ndr, int ndr_flags, proto_tree *tree, char *name, int hf, void *data, int count);
void ndr_pull_array(struct ndr_pull *ndr, int ndr_flags, proto_tree *tree,
char *name, void *data, int size, int count,
void (*pull_fn)(struct ndr_pull *, int ndr_flags,
proto_tree *tree, void *data));
void ndr_pull_relative(struct ndr_pull *ndr, void *data, int size,
void (*fn)(struct ndr_pull *, int ndr_flags,
char *name));
void ndr_pull_ptr(struct ndr_pull *ndr, proto_tree *tree, int hf, guint32 *ptr);
void ndr_pull_string(struct ndr_pull *ndr, int ndr_flags, proto_tree *tree, char **data);
void ndr_pull_NTTIME(struct ndr_pull *ndr, proto_tree *tree, int hf, NTTIME *data);
void ndr_pull_NTSTATUS(struct ndr_pull *ndr, proto_tree *tree, int hf, NTSTATUS *data);
void ndr_pull_HYPER_T(struct ndr_pull *ndr, proto_tree *tree, int hf, HYPER_T *data);
void ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, proto_tree *tree, struct dom_sid2 *data);
void ndr_pull_subcontext_flags_fn(struct ndr_pull *ndr, proto_tree *tree, size_t sub_size, void *data, void (*fn)(struct ndr_pull *, int ndr_flags, proto_tree *tree, void *data));
void ndr_pull_subcontext_header(struct ndr_pull *ndr, proto_tree *tree, size_t sub_size, struct ndr_pull *ndr2);
void ndr_pull_advance(struct ndr_pull *ndr, int offset);
proto_tree *get_subtree(proto_tree *tree, char *name, struct ndr_pull *ndr, gint ett);
void ndr_pull_subcontext(struct ndr_pull *ndr, struct ndr_pull *ndr2, guint32 size);
#endif /* _eparser_h */
|