Coverage Report

Created: 2026-05-14 06:28

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/wireshark/epan/dissectors/packet-dcerpc-mgmt.c
Line
Count
Source
1
/* packet-dcerpc-mgmt.c
2
 * Routines for dcerpc mgmt dissection
3
 * Copyright 2001, Todd Sabin <tas@webspan.net>
4
 * Copyright 2011, Matthieu Patou <mat@matws.net>
5
 *
6
 * Wireshark - Network traffic analyzer
7
 * By Gerald Combs <gerald@wireshark.org>
8
 * Copyright 1998 Gerald Combs
9
 *
10
 * SPDX-License-Identifier: GPL-2.0-or-later
11
 */
12
13
#include "config.h"
14
#include <epan/packet.h>
15
#include "packet-dcerpc.h"
16
#include "packet-dcerpc-nt.h"
17
18
void proto_register_mgmt (void);
19
void proto_reg_handoff_mgmt (void);
20
21
static int proto_mgmt;
22
static int hf_mgmt_opnum;
23
static int hf_mgmt_proto;
24
static int hf_mgmt_rc;
25
static int hf_mgmt_princ_size;
26
static int hf_mgmt_princ_name;
27
static int ett_mgmt;
28
29
30
static e_guid_t uuid_mgmt = { 0xafa8bd80, 0x7d8a, 0x11c9, { 0xbe, 0xf4, 0x08, 0x00, 0x2b, 0x10, 0x29, 0x89 } };
31
static uint16_t ver_mgmt = 1;
32
33
static unsigned
34
mgmtrpc_dissect_inq_princ_name_response(tvbuff_t *tvb, unsigned offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep)
35
0
{
36
37
0
  offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep,
38
0
          sizeof(uint8_t), hf_mgmt_princ_name, true, NULL);
39
40
0
  offset = dissect_ntstatus(tvb, offset, pinfo, tree, di, drep, hf_mgmt_rc, NULL);
41
42
43
0
  return offset;
44
0
}
45
static unsigned
46
mgmtrpc_dissect_inq_princ_name_request(tvbuff_t *tvb, unsigned offset, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep)
47
0
{
48
0
  offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep, hf_mgmt_proto, NULL);
49
0
  offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep, hf_mgmt_princ_size, NULL);
50
0
  return offset;
51
0
}
52
53
54
55
static const dcerpc_sub_dissector mgmt_dissectors[] = {
56
  { 0, "rpc__mgmt_inq_if_ids", NULL, NULL },
57
  { 1, "rpc__mgmt_inq_stats", NULL, NULL },
58
  { 2, "rpc__mgmt_is_server_listening", NULL, NULL },
59
  { 3, "rpc__mgmt_stop_server_listening", NULL, NULL },
60
  { 4, "rpc__mgmt_inq_princ_name", mgmtrpc_dissect_inq_princ_name_request, mgmtrpc_dissect_inq_princ_name_response},
61
  { 0, NULL, NULL, NULL }
62
};
63
64
void
65
proto_register_mgmt (void)
66
15
{
67
15
  static hf_register_info hf[] = {
68
15
    { &hf_mgmt_opnum,
69
15
      { "Operation", "mgmt.opnum", FT_UINT16, BASE_DEC,
70
15
        NULL, 0x0, NULL, HFILL }},
71
15
    { &hf_mgmt_proto,
72
15
      {"Authn Proto", "mgmt.proto", FT_UINT32, BASE_HEX,
73
15
        NULL, 0x0, NULL, HFILL }},
74
15
    { &hf_mgmt_princ_name,
75
15
      {"Principal name", "mgmt.princ_name", FT_STRING, BASE_NONE,
76
15
        NULL, 0, NULL, HFILL }},
77
15
    { &hf_mgmt_princ_size,
78
15
      {"Principal size", "mgmt.princ_size", FT_UINT32, BASE_DEC,
79
15
        NULL, 0x0, "Size of principal", HFILL }},
80
15
    { &hf_mgmt_rc,
81
15
      {"Status", "mgmt.rc", FT_UINT32, BASE_HEX,
82
15
        NULL, 0x0, NULL, HFILL }},
83
15
  };
84
85
15
  static int *ett[] = {
86
15
    &ett_mgmt
87
15
  };
88
15
  proto_mgmt = proto_register_protocol ("DCE/RPC Remote Management", "MGMT", "mgmt");
89
15
  proto_register_field_array (proto_mgmt, hf, array_length (hf));
90
15
  proto_register_subtree_array (ett, array_length (ett));
91
15
}
92
93
void
94
proto_reg_handoff_mgmt (void)
95
15
{
96
  /* Register the protocol as dcerpc */
97
15
  dcerpc_init_uuid (proto_mgmt, ett_mgmt, &uuid_mgmt, ver_mgmt, mgmt_dissectors, hf_mgmt_opnum);
98
15
}
99
100
/*
101
 * Editor modelines  -  https://www.wireshark.org/tools/modelines.html
102
 *
103
 * Local variables:
104
 * c-basic-offset: 8
105
 * tab-width: 8
106
 * indent-tabs-mode: t
107
 * End:
108
 *
109
 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
110
 * :indentSize=8:tabSize=8:noTabs=false:
111
 */