---
epan/dissectors/packet-ntlmssp.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/epan/dissectors/packet-ntlmssp.c b/epan/dissectors/packet-ntlmssp.c
index 2d8c8637d519..28ad98b3e387 100644
--- a/epan/dissectors/packet-ntlmssp.c
+++ b/epan/dissectors/packet-ntlmssp.c
@@ -1627,6 +1627,7 @@ dissect_ntlmv2_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int
static int
dissect_ntlmssp_negotiate (tvbuff_t *tvb, int offset, proto_tree *ntlmssp_tree, ntlmssp_header_t *ntlmssph _U_)
{
+ bool unicode_strings = false;
uint32_t negotiate_flags;
int data_start;
int data_end;
@@ -1638,16 +1639,19 @@ dissect_ntlmssp_negotiate (tvbuff_t *tvb, int offset, proto_tree *ntlmssp_tree,
proto_tree_add_bitmask(ntlmssp_tree, tvb, offset, hf_ntlmssp_negotiate_flags, ett_ntlmssp_negotiate_flags, ntlmssp_negotiate_flags, ENC_LITTLE_ENDIAN);
offset += 4;
+ if (negotiate_flags & NTLMSSP_NEGOTIATE_UNICODE)
+ unicode_strings = true;
+
/*
* XXX - the davenport document says that these might not be
* sent at all, presumably meaning the length of the message
* isn't enough to contain them.
*/
- offset = dissect_ntlmssp_string(tvb, offset, ntlmssp_tree, false,
+ offset = dissect_ntlmssp_string(tvb, offset, ntlmssp_tree, unicode_strings,
hf_ntlmssp_negotiate_domain,
&data_start, &data_end, NULL);
- offset = dissect_ntlmssp_string(tvb, offset, ntlmssp_tree, false,
+ offset = dissect_ntlmssp_string(tvb, offset, ntlmssp_tree, unicode_strings,
hf_ntlmssp_negotiate_workstation,
&item_start, &item_end, NULL);
data_start = MIN(data_start, item_start);
--
2.20.1