Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] [PATCH] LIBNDR_FLAG_NOALIGN support in wireshark and PIDL

From: ronnie sahlberg <ronniesahlberg@xxxxxxxxx>
Date: Wed, 20 Jan 2010 08:50:45 +1100
Can you send me your new di->no_align patch and Ill check it in right now.

I started applying it yesterday but modified it (to ensure we always initialize di->no_align in get_next_di(), but will reverse these local changes
so they wont collide with your patch.)


This patch can be applied right now, in anticipation of adding the pidl patches later.






On Wed, Jan 20, 2010 at 1:58 AM, Julien Kerihuel <j.kerihuel@xxxxxxxxxxxxxx> wrote:
On Tue, 2010-01-19 at 13:44 +1300, Jelmer Vernooij wrote:
On Tue, 2010-01-19 at 11:13 +1100, ronnie sahlberg wrote:
> The wireshark patch for this is fine.
> 
> I can apply these two patches to wireshark if you want me to.

> Is the pidl patch ok with the upstream pidl maintainer (jelmer?) ?
It's mostly ok, but it should be looking at the alignment information in
the level table rather than looking at IDL properties directly. 
Looks OK for me, I'll rework the patch to fetch information there rather than within properties directly. It may however require some time (few days). I'm currently trying to implement other things within wireshark/pidl for string support.

FYI, similarly to the nstring/astring patch, I have added a wireshark/pidl implementation for ascstr3 [size(16bit)][string] based on the same logic - in this case we look whether we have .*LIBNDR_FLAG_STR_SIZE2.* flag or not associated to the IDL element - type being obviously string.

Finally I have found a couple more functions where I forgot to propagate the di->no_align fix in packet-dcerpc.c (including the dissect_nastring one).

It tends to be a little difficult to maintain all the patches properly and I'm not very good at svn diff and diff editing ... Anyway will do the necessary changes and come with an updated version here.

Cheers,
Julien.


> On Tue, Jan 19, 2010 at 1:25 AM, Julien Kerihuel
> <j.kerihuel@xxxxxxxxxxxxxx> wrote:
> > Hi Lists,
> >
> > Prior submitting the wireshark's part of this patch onto the wireshark
> > bugzilla, I thought it might be worthwhile to have feedback from
> > developers first.
> >
> > MAPI content is non-NDR compatible. It can be dissected using the
> > existing NDR layer functions in epan/dissectors/packet-dcerpc-ndr.c but
> > it requires offsets to be left intact prior effective dissection, which
> > means there shouldn't be any offset adjustment when LIBNDR_FLAG_NOALIGN
> > flag is used in PIDL.
> >
> > The following patches implement such behavior:
> > 1. It adds a no_align gboolean variable to dcerpc_info structure
> > (default set to FALSE)
> > 2. when pidl generates the code and LIBNDR_FLAG_NOALIGN flag is used, it
> > sets the no_align gboolean to TRUE which turns offste adjustment off in
> > wireshark.
> >
> > I couldn't come up with a nicer solution so far, but these tiny patches
> > truly improves the overall development effort for the MAPI dissector. It
> > basically prevents from writing hand-written code for most of the MAPI
> > calls. This also means this may help keeping the conformance files - in
> > particular request.cnf.c and response.cnf.c - readable and prevent them
> > from exponentially growing up.
> >
> > Another advantage is that it becomes conceivable to generate code for
> > structures or others some non-dceprc dissectors using pidl. You would
> > only have to describe the structures, specify LIBNDR_FLAG_NOALIGN flag
> > and you would have automatic dissection code generated which you can
> > refer to (or cut and paste).
> >
> > Cheers,
> > Julien.
> >
> > ---
> >
> > Julien Kerihuel
> > j.kerihuel@xxxxxxxxxxxxxx
> > OpenChange Project Manager
> >
> > GPG Fingerprint: 0B55 783D A781 6329 108A  B609 7EF6 FE11 A35F 1F79
> >
> >
> >



Julien Kerihuel
j.kerihuel@xxxxxxxxxxxxxx
OpenChange Project Manager

GPG Fingerprint: 0B55 783D A781 6329 108A  B609 7EF6 FE11 A35F 1F79