Ethereal-dev: Re: [Ethereal-dev] DCERPC Data Representation field
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Todd Sabin <tas@xxxxxxxxxxx>
Date: 05 Oct 2001 16:03:31 -0400
Pasi Eronen <pasi.eronen@xxxxxxxx> writes:
> Hi,
>
> The following patch adds decoding of the "data representation"
> field found in connection-oriented DCERPC packets.
>
> Could someone take a look at it and commit it?
>
Thanks,
The patch below does a couple things: Fixes a typo in the offset used
for the floating point byte (offset should be offset+1), changes
cn_drep* to just drep* (since it's the same for connection oriented
and connectionless packets), and adds the corresponding code to the
connectionless side of things.
Todd
===================================================================
RCS file: /cvsroot/ethereal/packet-dcerpc.c,v
retrieving revision 1.11
diff -u -r1.11 packet-dcerpc.c
--- packet-dcerpc.c 2001/09/30 21:56:24 1.11
+++ packet-dcerpc.c 2001/10/05 19:54:40
@@ -99,10 +99,10 @@
static int hf_dcerpc_cn_flags_dne = -1;
static int hf_dcerpc_cn_flags_maybe = -1;
static int hf_dcerpc_cn_flags_object = -1;
-static int hf_dcerpc_cn_drep = -1;
-static int hf_dcerpc_cn_drep_byteorder = -1;
-static int hf_dcerpc_cn_drep_character = -1;
-static int hf_dcerpc_cn_drep_fp = -1;
+static int hf_dcerpc_drep = -1;
+static int hf_dcerpc_drep_byteorder = -1;
+static int hf_dcerpc_drep_character = -1;
+static int hf_dcerpc_drep_fp = -1;
static int hf_dcerpc_cn_frag_len = -1;
static int hf_dcerpc_cn_auth_len = -1;
static int hf_dcerpc_cn_call_id = -1;
@@ -165,7 +165,7 @@
static gint ett_dcerpc = -1;
static gint ett_dcerpc_cn_flags = -1;
-static gint ett_dcerpc_cn_drep = -1;
+static gint ett_dcerpc_drep = -1;
static gint ett_dcerpc_dg_flags1 = -1;
static gint ett_dcerpc_dg_flags2 = -1;
@@ -879,7 +879,7 @@
proto_item *tf = NULL;
proto_tree *dcerpc_tree = NULL;
proto_tree *cn_flags_tree = NULL;
- proto_tree *cn_drep_tree = NULL;
+ proto_tree *drep_tree = NULL;
e_dce_cn_common_hdr_t hdr;
int offset = 0;
@@ -945,12 +945,12 @@
}
offset++;
- tf = proto_tree_add_bytes (dcerpc_tree, hf_dcerpc_cn_drep, tvb, offset, 4, hdr.drep);
- cn_drep_tree = proto_item_add_subtree(tf, ett_dcerpc_cn_drep);
- if (cn_drep_tree) {
- proto_tree_add_uint(cn_drep_tree, hf_dcerpc_cn_drep_byteorder, tvb, offset, 1, hdr.drep[0] >> 4);
- proto_tree_add_uint(cn_drep_tree, hf_dcerpc_cn_drep_character, tvb, offset, 1, hdr.drep[0] & 0x0f);
- proto_tree_add_uint(cn_drep_tree, hf_dcerpc_cn_drep_fp, tvb, offset, 1, hdr.drep[1]);
+ tf = proto_tree_add_bytes (dcerpc_tree, hf_dcerpc_drep, tvb, offset, 4, hdr.drep);
+ drep_tree = proto_item_add_subtree (tf, ett_dcerpc_drep);
+ if (drep_tree) {
+ proto_tree_add_uint(drep_tree, hf_dcerpc_drep_byteorder, tvb, offset, 1, hdr.drep[0] >> 4);
+ proto_tree_add_uint(drep_tree, hf_dcerpc_drep_character, tvb, offset, 1, hdr.drep[0] & 0x0f);
+ proto_tree_add_uint(drep_tree, hf_dcerpc_drep_fp, tvb, offset+1, 1, hdr.drep[1]);
}
offset += sizeof (hdr.drep);
@@ -1004,6 +1004,7 @@
proto_tree *dcerpc_tree = NULL;
proto_tree *dg_flags1_tree = NULL;
proto_tree *dg_flags2_tree = NULL;
+ proto_tree *drep_tree = NULL;
e_dce_dg_common_hdr_t hdr;
int offset = 0;
conversation_t *conv;
@@ -1096,7 +1097,13 @@
}
offset++;
- proto_tree_add_text (dcerpc_tree, tvb, offset, sizeof (hdr.drep), "Data Rep");
+ tf = proto_tree_add_bytes (dcerpc_tree, hf_dcerpc_drep, tvb, offset, sizeof (hdr.drep), hdr.drep);
+ drep_tree = proto_item_add_subtree (tf, ett_dcerpc_drep);
+ if (drep_tree) {
+ proto_tree_add_uint(drep_tree, hf_dcerpc_drep_byteorder, tvb, offset, 1, hdr.drep[0] >> 4);
+ proto_tree_add_uint(drep_tree, hf_dcerpc_drep_character, tvb, offset, 1, hdr.drep[0] & 0x0f);
+ proto_tree_add_uint(drep_tree, hf_dcerpc_drep_fp, tvb, offset+1, 1, hdr.drep[1]);
+ }
offset += sizeof (hdr.drep);
proto_tree_add_uint (dcerpc_tree, hf_dcerpc_dg_serial_hi, tvb, offset++, 1, hdr.serial_hi);
@@ -1282,14 +1289,14 @@
{ "Maybe", "dcerpc.cn_flags.maybe", FT_BOOLEAN, 8, TFS (&flags_set_truth), 0x40, "", HFILL }},
{ &hf_dcerpc_cn_flags_object,
{ "Object", "dcerpc.cn_flags.object", FT_BOOLEAN, 8, TFS (&flags_set_truth), 0x80, "", HFILL }},
- { &hf_dcerpc_cn_drep,
- { "Data Representation", "dcerpc.cn_drep", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
- { &hf_dcerpc_cn_drep_byteorder,
- { "Byte order", "dcerpc.cn_drep.byteorder", FT_UINT8, BASE_DEC, VALS (drep_byteorder_vals), 0x0, "", HFILL }},
- { &hf_dcerpc_cn_drep_character,
- { "Character", "dcerpc.cn_drep.character", FT_UINT8, BASE_DEC, VALS (drep_character_vals), 0x0, "", HFILL }},
- { &hf_dcerpc_cn_drep_fp,
- { "Floating-point", "dcerpc.cn_drep.fp", FT_UINT8, BASE_DEC, VALS (drep_fp_vals), 0x0, "", HFILL }},
+ { &hf_dcerpc_drep,
+ { "Data Representation", "dcerpc.drep", FT_BYTES, BASE_HEX, NULL, 0x0, "", HFILL }},
+ { &hf_dcerpc_drep_byteorder,
+ { "Byte order", "dcerpc.drep.byteorder", FT_UINT8, BASE_DEC, VALS (drep_byteorder_vals), 0x0, "", HFILL }},
+ { &hf_dcerpc_drep_character,
+ { "Character", "dcerpc.drep.character", FT_UINT8, BASE_DEC, VALS (drep_character_vals), 0x0, "", HFILL }},
+ { &hf_dcerpc_drep_fp,
+ { "Floating-point", "dcerpc.drep.fp", FT_UINT8, BASE_DEC, VALS (drep_fp_vals), 0x0, "", HFILL }},
{ &hf_dcerpc_cn_frag_len,
{ "Frag Length", "dcerpc.cn_frag_len", FT_UINT16, BASE_DEC, NULL, 0x0, "", HFILL }},
{ &hf_dcerpc_cn_auth_len,
@@ -1414,7 +1421,7 @@
static gint *ett[] = {
&ett_dcerpc,
&ett_dcerpc_cn_flags,
- &ett_dcerpc_cn_drep,
+ &ett_dcerpc_drep,
&ett_dcerpc_dg_flags1,
&ett_dcerpc_dg_flags2,
};
- Follow-Ups:
- Re: [Ethereal-dev] DCERPC Data Representation field
- From: Guy Harris
- Re: [Ethereal-dev] DCERPC Data Representation field
- Prev by Date: RE: [Ethereal-dev] Question about next release
- Next by Date: Re: [Ethereal-dev] DCERPC Data Representation field
- Previous by thread: RE: [Ethereal-dev] Question about next release
- Next by thread: Re: [Ethereal-dev] DCERPC Data Representation field
- Index(es):