From 78270ebe9e85ffd08f5ff0feb7b6ee281e365448 Mon Sep 17 00:00:00 2001 From: Kirby Kuehl Date: Thu, 11 Feb 2010 16:15:47 -0600 Subject: [PATCH 3/3] fix bug88 --- src/app-layer-dcerpc.c | 5 +++-- src/app-layer-smb.c | 33 ++++++++++++++++++++++----------- 2 files changed, 25 insertions(+), 13 deletions(-) diff --git a/src/app-layer-dcerpc.c b/src/app-layer-dcerpc.c index ccc38f7..4a4ac2a 100644 --- a/src/app-layer-dcerpc.c +++ b/src/app-layer-dcerpc.c @@ -996,7 +996,7 @@ int32_t DCERPCParser(DCERPC *dcerpc, uint8_t *input, uint32_t input_len) { hdrretval = DCERPCParseHeader(dcerpc, input, input_len); if (hdrretval == -1) { dcerpc->bytesprocessed = 0; - SCReturnInt(-1); + SCReturnInt(hdrretval); } else { parsed += hdrretval; input_len -= hdrretval; @@ -1185,12 +1185,13 @@ int32_t DCERPCParser(DCERPC *dcerpc, uint8_t *input, uint32_t input_len) { } else if (input_len) { SCLogDebug("Error parsing DCERPC Request"); parsed -= input_len; + dcerpc->padleft = 0; input_len = 0; } } while (dcerpc->bytesprocessed >= DCERPC_HDR_LEN + 8 && dcerpc->bytesprocessed < dcerpc->dcerpchdr.frag_length - && input_len) { + && input_len && dcerpc->padleft) { retval = StubDataParser(dcerpc, input + parsed, input_len); if (retval) { parsed += retval; diff --git a/src/app-layer-smb.c b/src/app-layer-smb.c index c666a04..ca3e4d5 100644 --- a/src/app-layer-smb.c +++ b/src/app-layer-smb.c @@ -936,10 +936,13 @@ static int SMBParse(Flow *f, void *smb_state, AppLayerParserState *pstate, SCEnter(); SMBState *sstate = (SMBState *) smb_state; - long int retval = 0; - long int parsed = 0; - if (pstate == NULL) + uint64_t retval = 0; + uint64_t parsed = 0; + int hdrretval = 0; + + if (pstate == NULL) { SCReturnInt(-1); + } while (input_len && sstate->bytesprocessed < NBSS_HDR_LEN) { retval = NBSSParseHeader(f, smb_state, pstate, input, input_len, @@ -948,7 +951,7 @@ static int SMBParse(Flow *f, void *smb_state, AppLayerParserState *pstate, parsed += retval; input_len -= retval; SCLogDebug( - "NBSS Header (%u/%u) Type 0x%02x Length 0x%04x parsed %ld input_len %u", + "[1] NBSS Header (%u/%u) Type 0x%02x Length 0x%04x parsed %"PRIu64" input_len %u\n", sstate->bytesprocessed, NBSS_HDR_LEN, sstate->nbss.type, sstate->nbss.length, parsed, input_len); } else if (input_len) { @@ -962,17 +965,17 @@ static int SMBParse(Flow *f, void *smb_state, AppLayerParserState *pstate, case NBSS_SESSION_MESSAGE: while (input_len && (sstate->bytesprocessed >= NBSS_HDR_LEN && sstate->bytesprocessed < NBSS_HDR_LEN + SMB_HDR_LEN)) { - retval = SMBParseHeader(f, smb_state, pstate, input + parsed, + hdrretval = SMBParseHeader(f, smb_state, pstate, input + parsed, input_len, output); - if (retval == -1) { + if (hdrretval == -1) { SCLogDebug("Error parsing SMB Header\n"); sstate->bytesprocessed = 0; - SCReturnInt(-1); + SCReturnInt(hdrretval); } else { - parsed += retval; - input_len -= retval; + parsed += hdrretval; + input_len -= hdrretval; SCLogDebug( - "SMB Header (%u/%u) Command 0x%02x parsed %ld input_len %u", + "[2] SMB Header (%u/%u) Command 0x%02x parsed %"PRIu64" input_len %u\n", sstate->bytesprocessed, NBSS_HDR_LEN + SMB_HDR_LEN, sstate->smb.command, parsed, input_len); } @@ -992,7 +995,7 @@ static int SMBParse(Flow *f, void *smb_state, AppLayerParserState *pstate, SCReturnInt(-1); } } - SCLogDebug("SMB Header (%u/%u) Command 0x%02x WordCount %u parsed %ld input_len %u\n", + SCLogDebug("[3] WordCount SMB Header (%u/%u) Command 0x%02x WordCount %u parsed %"PRIu64" input_len %u\n", sstate->bytesprocessed, NBSS_HDR_LEN + SMB_HDR_LEN + 1, sstate->smb.command, sstate->wordcount.wordcount, parsed, input_len); @@ -1011,6 +1014,10 @@ static int SMBParse(Flow *f, void *smb_state, AppLayerParserState *pstate, SCReturnInt(-1); } } + SCLogDebug("[4] Parsing WordCount SMB Header (%u/%u) Command 0x%02x WordCount %u parsed %"PRIu64" input_len %u\n", + sstate->bytesprocessed, NBSS_HDR_LEN + SMB_HDR_LEN + 1 + sstate->wordcount.wordcount, + sstate->smb.command, sstate->wordcount.wordcount, + parsed, input_len); while (input_len && (sstate->bytesprocessed >= NBSS_HDR_LEN + SMB_HDR_LEN + 1 + sstate->wordcount.wordcount @@ -1044,6 +1051,10 @@ static int SMBParse(Flow *f, void *smb_state, AppLayerParserState *pstate, SCReturnInt(-1); } } + SCLogDebug("[6] ByteCount SMB Header (%u/%u) Command 0x%02x WordCount %u ByteCount %u parsed %"PRIu64" input_len %u\n", + sstate->bytesprocessed, NBSS_HDR_LEN + SMB_HDR_LEN + 1 + sstate->wordcount.wordcount + 2 + sstate->bytecount.bytecount, + sstate->smb.command, sstate->wordcount.wordcount, + sstate->bytecount.bytecount, parsed, input_len); } while (sstate->andx.andxcommand != SMB_NO_SECONDARY_ANDX_COMMAND && input_len); -- 1.6.6