/src/wireshark/epan/dissectors/packet-dcom-provideclassinfo.c
Line | Count | Source |
1 | | /* packet-dcom-provideclassinfo.c |
2 | | * Routines for DCOM IProvideClassInfo |
3 | | * |
4 | | * Copyright 2019, Alex Sirr <alexsirruw@gmail.com> |
5 | | * |
6 | | * Wireshark - Network traffic analyzer |
7 | | * By Gerald Combs <gerald@wireshark.org> |
8 | | * Copyright 1998 Gerald Combs |
9 | | * |
10 | | * SPDX-License-Identifier: GPL-2.0-or-later |
11 | | */ |
12 | | |
13 | | /* see packet-dcom.c for details about DCOM */ |
14 | | |
15 | | #include "config.h" |
16 | | |
17 | | #include <epan/packet.h> |
18 | | #include "packet-dcerpc.h" |
19 | | #include "packet-dcom.h" |
20 | | |
21 | | void proto_register_dcom_provideclassinfo(void); |
22 | | void proto_reg_handoff_dcom_provideclassinfo(void); |
23 | | |
24 | | static int hf_provideclassinfo_opnum; |
25 | | static int hf_typeinfo; |
26 | | |
27 | | static e_guid_t uuid_provideclassinfo = { 0xb196b283, 0xbab4, 0x101a, { 0xB6, 0x9C, 0x00, 0xAA, 0x00, 0x34, 0x1D, 0x07} }; |
28 | | static uint16_t ver_provideclassinfo; |
29 | | static int ett_provideclassinfo; |
30 | | static int proto_provideclassinfo; |
31 | | |
32 | | static unsigned dissect_IProvideClassInfo_GetClassInfo_rqst(tvbuff_t *tvb, unsigned offset, |
33 | | packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep) |
34 | 0 | { |
35 | 0 | offset = dissect_dcom_this(tvb, offset, pinfo, tree, di, drep); |
36 | |
|
37 | 0 | return offset; |
38 | 0 | } |
39 | | |
40 | | static unsigned dissect_IProvideClassInfo_GetClassInfo_resp(tvbuff_t *tvb, unsigned offset, |
41 | | packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep) |
42 | 0 | { |
43 | 0 | uint32_t u32HResult; |
44 | |
|
45 | 0 | offset = dissect_dcom_that(tvb, offset, pinfo, tree, di, drep); |
46 | |
|
47 | 0 | offset = dissect_dcom_PMInterfacePointer(tvb, offset, pinfo, tree, di, drep, |
48 | 0 | hf_typeinfo, NULL); |
49 | |
|
50 | 0 | offset = dissect_dcom_HRESULT(tvb, offset, pinfo, tree, di, drep, |
51 | 0 | &u32HResult); |
52 | |
|
53 | 0 | return offset; |
54 | 0 | } |
55 | | |
56 | | /* sub dissector table of IProvideClassInfo interface */ |
57 | | static const dcerpc_sub_dissector provideclassinfo_dissectors[] = { |
58 | | {3, "GetClassInfo", dissect_IProvideClassInfo_GetClassInfo_rqst, dissect_IProvideClassInfo_GetClassInfo_resp}, |
59 | | {0, NULL, NULL, NULL}, |
60 | | }; |
61 | | |
62 | | void proto_register_dcom_provideclassinfo(void) |
63 | 14 | { |
64 | 14 | static hf_register_info hf_provideclassinfo_array[] = { |
65 | 14 | {&hf_provideclassinfo_opnum, |
66 | 14 | {"Operation", "provideclassinfo.opnum", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL}}, |
67 | 14 | { &hf_typeinfo, |
68 | 14 | { "ITypeInfo", "provideclassinfo.itypeinfo", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL }} |
69 | 14 | }; |
70 | | |
71 | 14 | static int *ett[] = { |
72 | 14 | &ett_provideclassinfo, |
73 | 14 | }; |
74 | | |
75 | 14 | proto_provideclassinfo = proto_register_protocol("DCOM IProvideClassInfo", "IProvideClassInfo", "provideclassinfo"); |
76 | 14 | proto_register_field_array(proto_provideclassinfo, hf_provideclassinfo_array, array_length(hf_provideclassinfo_array)); |
77 | 14 | proto_register_subtree_array(ett, array_length(ett)); |
78 | 14 | } |
79 | | |
80 | | void proto_reg_handoff_dcom_provideclassinfo(void) |
81 | 14 | { |
82 | 14 | dcerpc_init_uuid(proto_provideclassinfo, ett_provideclassinfo, |
83 | 14 | &uuid_provideclassinfo, ver_provideclassinfo, |
84 | 14 | provideclassinfo_dissectors, hf_provideclassinfo_opnum); |
85 | 14 | } |
86 | | |
87 | | /* |
88 | | * Editor modelines - https://www.wireshark.org/tools/modelines.html |
89 | | * |
90 | | * Local variables: |
91 | | * c-basic-offset: 4 |
92 | | * tab-width: 8 |
93 | | * indent-tabs-mode: nil |
94 | | * End: |
95 | | * |
96 | | * vi: set shiftwidth=4 tabstop=8 expandtab: |
97 | | * :indentSize=4:tabSize=8:noTabs=true: |
98 | | */ |