Wireshark mailing list archives

Re: [PATCH] LIBNDR_FLAG_NOALIGN support in wireshark and PIDL


From: ronnie sahlberg <ronniesahlberg () gmail com>
Date: Wed, 20 Jan 2010 08:50:45 +1100

Can you send me your new di->no_align patch and Ill check it in right now.

I started applying it yesterday but modified it (to ensure we always
initialize di->no_align in get_next_di(), but will reverse these local
changes
so they wont collide with your patch.)


This patch can be applied right now, in anticipation of adding the pidl
patches later.






On Wed, Jan 20, 2010 at 1:58 AM, Julien Kerihuel
<j.kerihuel () openchange org>wrote:

 On Tue, 2010-01-19 at 13:44 +1300, Jelmer Vernooij wrote:

On Tue, 2010-01-19 at 11:13 +1100, ronnie sahlberg wrote:
The wireshark patch for this is fine.

I can apply these two patches to wireshark if you want me to.

Is the pidl patch ok with the upstream pidl maintainer (jelmer?) ?
It's mostly ok, but it should be looking at the alignment information in
the level table rather than looking at IDL properties directly.

 Looks OK for me, I'll rework the patch to fetch information there rather
than within properties directly. It may however require some time (few
days). I'm currently trying to implement other things within wireshark/pidl
for string support.

FYI, similarly to the nstring/astring patch, I have added a wireshark/pidl
implementation for ascstr3 [size(16bit)][string] based on the same logic -
in this case we look whether we have .*LIBNDR_FLAG_STR_SIZE2.* flag or not
associated to the IDL element - type being obviously string.

Finally I have found a couple more functions where I forgot to propagate
the di->no_align fix in packet-dcerpc.c (including the dissect_nastring
one).

It tends to be a little difficult to maintain all the patches properly and
I'm not very good at svn diff and diff editing ... Anyway will do the
necessary changes and come with an updated version here.

Cheers,
Julien.


 > On Tue, Jan 19, 2010 at 1:25 AM, Julien Kerihuel
<j.kerihuel () openchange org> wrote:
Hi Lists,

Prior submitting the wireshark's part of this patch onto the wireshark
bugzilla, I thought it might be worthwhile to have feedback from
developers first.

MAPI content is non-NDR compatible. It can be dissected using the
existing NDR layer functions in epan/dissectors/packet-dcerpc-ndr.c but
it requires offsets to be left intact prior effective dissection, which
means there shouldn't be any offset adjustment when LIBNDR_FLAG_NOALIGN
flag is used in PIDL.

The following patches implement such behavior:
1. It adds a no_align gboolean variable to dcerpc_info structure
(default set to FALSE)
2. when pidl generates the code and LIBNDR_FLAG_NOALIGN flag is used, it
sets the no_align gboolean to TRUE which turns offste adjustment off in
wireshark.

I couldn't come up with a nicer solution so far, but these tiny patches
truly improves the overall development effort for the MAPI dissector. It
basically prevents from writing hand-written code for most of the MAPI
calls. This also means this may help keeping the conformance files - in
particular request.cnf.c and response.cnf.c - readable and prevent them
from exponentially growing up.

Another advantage is that it becomes conceivable to generate code for
structures or others some non-dceprc dissectors using pidl. You would
only have to describe the structures, specify LIBNDR_FLAG_NOALIGN flag
and you would have automatic dissection code generated which you can
refer to (or cut and paste).

Cheers,
Julien.

---

Julien Kerihuel
j.kerihuel () openchange org
OpenChange Project Manager

GPG Fingerprint: 0B55 783D A781 6329 108A  B609 7EF6 FE11 A35F 1F79







Julien Kerihuel
j.kerihuel () openchange org
OpenChange Project Manager

GPG Fingerprint: 0B55 783D A781 6329 108A  B609 7EF6 FE11 A35F 1F79



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread: