I stumbled accross this patch in our ethereal package which still applies to
0.10.0a. The author of the patch (Luis Claudio <lclaudio@xxxxxxxxxxxxxxxx>) is
not available at the moment, so I'm sending this to you for now along with his
comments. I hope it's useful.
His comments:
Added a patch to fix handling of offset and length for large file locking in
smb packets. The patch touches the file packet-smb.c, function
dissect_locking_andX_request().
Patch is attached.
--- ethereal-0.9.16/packet-smb.c 2003-10-26 00:10:50.000000000 -0200
+++ ethereal-0.9.16/packet-smb-new.c 2003-11-07 09:52:03.000000000 -0200
@@ -4756,12 +4756,12 @@
/* offset */
CHECK_BYTE_COUNT(8);
- val=tvb_get_letohl(tvb, offset);
+ val=tvb_get_letohl(tvb, offset+4);
buf[3]=(val>>24)&0xff;
buf[2]=(val>>16)&0xff;
buf[1]=(val>> 8)&0xff;
buf[0]=(val )&0xff;
- val=tvb_get_letohl(tvb, offset+4);
+ val=tvb_get_letohl(tvb, offset);
buf[7]=(val>>24)&0xff;
buf[6]=(val>>16)&0xff;
buf[5]=(val>> 8)&0xff;
@@ -4771,12 +4771,12 @@
/* length */
CHECK_BYTE_COUNT(8);
- val=tvb_get_letohl(tvb, offset);
+ val=tvb_get_letohl(tvb, offset+4);
buf[3]=(val>>24)&0xff;
buf[2]=(val>>16)&0xff;
buf[1]=(val>> 8)&0xff;
buf[0]=(val )&0xff;
- val=tvb_get_letohl(tvb, offset+4);
+ val=tvb_get_letohl(tvb, offset);
buf[7]=(val>>24)&0xff;
buf[6]=(val>>16)&0xff;
buf[5]=(val>> 8)&0xff;
Attachment:
pgpjcppuVlCPM.pgp
Description: PGP signature