diff --git a/src/app-layer-smb.c b/src/app-layer-smb.c index 903da21417..2fc6a932b7 100644 --- a/src/app-layer-smb.c +++ b/src/app-layer-smb.c @@ -954,7 +954,7 @@ static int SMBParse(Flow *f, void *smb_state, AppLayerParserState *pstate, parsed += retval; input_len -= retval; SCLogDebug( - "[1] NBSS Header (%u/%u) Type 0x%02x Length 0x%04x parsed %"PRIu64" input_len %u\n", + "[1] NBSS Header (%u/%u) Type 0x%02x Length 0x%04x parsed %"PRIu64" input_len %u", sstate->bytesprocessed, NBSS_HDR_LEN, sstate->nbss.type, sstate->nbss.length, parsed, input_len); } else if (input_len) { @@ -978,7 +978,7 @@ static int SMBParse(Flow *f, void *smb_state, AppLayerParserState *pstate, parsed += hdrretval; input_len -= hdrretval; SCLogDebug( - "[2] SMB Header (%u/%u) Command 0x%02x parsed %"PRIu64" input_len %u\n", + "[2] SMB Header (%u/%u) Command 0x%02x parsed %"PRIu64" input_len %u", sstate->bytesprocessed, NBSS_HDR_LEN + SMB_HDR_LEN, sstate->smb.command, parsed, input_len); } @@ -997,7 +997,7 @@ static int SMBParse(Flow *f, void *smb_state, AppLayerParserState *pstate, sstate->bytesprocessed = 0; SCReturnInt(-1); } - SCLogDebug("[3] WordCount (%u/%u) WordCount %u parsed %"PRIu64" input_len %u\n", + SCLogDebug("[3] WordCount (%u/%u) WordCount %u parsed %"PRIu64" input_len %u", sstate->bytesprocessed, NBSS_HDR_LEN + SMB_HDR_LEN + 1, sstate->wordcount.wordcount, parsed, input_len); @@ -1016,7 +1016,7 @@ static int SMBParse(Flow *f, void *smb_state, AppLayerParserState *pstate, sstate->bytesprocessed = 0; SCReturnInt(-1); } - SCLogDebug("[4] Parsing WordCount (%u/%u) WordCount %u parsed %"PRIu64" input_len %u\n", + SCLogDebug("[4] Parsing WordCount (%u/%u) WordCount %u parsed %"PRIu64" input_len %u", sstate->bytesprocessed, NBSS_HDR_LEN + SMB_HDR_LEN + 1 + sstate->wordcount.wordcount, sstate->wordcount.wordcount, parsed, input_len); @@ -1036,7 +1036,7 @@ static int SMBParse(Flow *f, void *smb_state, AppLayerParserState *pstate, sstate->bytesprocessed = 0; SCReturnInt(-1); } - SCLogDebug("[5] ByteCount (%u/%u) ByteCount %u parsed %"PRIu64" input_len %u\n", + SCLogDebug("[5] ByteCount (%u/%u) ByteCount %u parsed %"PRIu64" input_len %u", sstate->bytesprocessed, NBSS_HDR_LEN + SMB_HDR_LEN + 3, sstate->bytecount.bytecount, parsed, input_len); @@ -1057,7 +1057,7 @@ static int SMBParse(Flow *f, void *smb_state, AppLayerParserState *pstate, sstate->bytesprocessed = 0; SCReturnInt(-1); } - SCLogDebug("[6] Parsing ByteCount (%u/%u) ByteCount %u parsed %"PRIu64" input_len %u\n", + SCLogDebug("[6] Parsing ByteCount (%u/%u) ByteCount %u parsed %"PRIu64" input_len %u", sstate->bytesprocessed, NBSS_HDR_LEN + SMB_HDR_LEN + 1 + sstate->wordcount.wordcount + 2 + sstate->bytecount.bytecount, sstate->bytecount.bytecount, parsed, input_len); } @@ -1066,12 +1066,12 @@ static int SMBParse(Flow *f, void *smb_state, AppLayerParserState *pstate, && input_len && sstate->andx.maxchainedandx--); if (sstate->bytesprocessed >= sstate->nbss.length + NBSS_HDR_LEN || - sstate->andx.maxchainedandx == 0) { - sstate->bytesprocessed = 0; + sstate->andx.maxchainedandx == 0) { + sstate->bytesprocessed = 0; } break; default: - sstate->bytesprocessed = 0; + sstate->bytesprocessed = 0; break; } pstate->parse_field = 0; @@ -1103,20 +1103,35 @@ int isAndX(SMBState *smb_state) { } } +/** \internal + * \brief Allocate a SMBState + * \retval s State, or NULL in case of error + */ static void *SMBStateAlloc(void) { + SCEnter(); + void *s = SCMalloc(sizeof(SMBState)); - if (s == NULL) - return NULL; + if (s == NULL) { + SCReturnPtr(NULL, "void"); + } memset(s, 0, sizeof(SMBState)); - return s; + + SCReturnPtr(s, "void"); } +/** \internal + * \brief Free a SMBState + */ static void SMBStateFree(void *s) { + SCEnter(); + if (s) { SCFree(s); s = NULL; } + + SCReturn; } void RegisterSMBParsers(void) { diff --git a/src/app-layer-smb.h b/src/app-layer-smb.h index 9c7f5f258c..02a1623047 100644 --- a/src/app-layer-smb.h +++ b/src/app-layer-smb.h @@ -17,7 +17,7 @@ #include "app-layer-nbss.h" #include "app-layer-dcerpc-common.h" -typedef struct smb_hdr_ { +typedef struct SMBHdr_ { uint8_t protocol[4]; uint8_t command; uint32_t status; @@ -30,26 +30,26 @@ typedef struct smb_hdr_ { uint16_t pid; uint16_t uid; uint16_t mid; -}SMBHdr; +} SMBHdr; #define SMB_HDR_LEN 32 #define MINIMUM_SMB_LEN 35 #define NBSS_SMB_HDRS_LEN 36 -typedef struct wordcount_ { +typedef struct SMBWordCount_ { uint8_t wordcount; uint8_t wordcountleft; uint8_t *words; -}SMBWordCount; +} SMBWordCount; -typedef struct bytecount_ { +typedef struct SMBByteCount_ { uint8_t bytecountbytes; uint16_t bytecount; uint16_t bytecountleft; uint8_t *bytes; -}SMBByteCount; +} SMBByteCount; -typedef struct andxcount_ { +typedef struct SMBAndX_ { uint8_t isandx; uint8_t paddingparsed; uint8_t andxcommand; @@ -59,9 +59,10 @@ typedef struct andxcount_ { uint16_t datalength; uint16_t datalengthhigh; uint64_t dataoffset; -}SMBAndX; +} SMBAndX; typedef struct SMBState_ { + uint32_t head; NBSSHdr nbss; SMBHdr smb; SMBWordCount wordcount; @@ -69,7 +70,8 @@ typedef struct SMBState_ { SMBAndX andx; uint16_t bytesprocessed; DCERPC dcerpc; -}SMBState; + uint32_t tail; +} SMBState; #define SMB_FLAGS_SERVER_TO_REDIR 0x80 #define SMB_NO_SECONDARY_ANDX_COMMAND 0xff