Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] invalid output in pidl generated dcercp-mapi & dercp-nspi dissec

From: Aurélien Aptel <aaptel@xxxxxxxx>
Date: Thu, 11 Feb 2016 16:26:16 +0100
Hi,

I'm in the process of syncing tools/pidl with samba (almost done, more
on this later).

Using master (0cd0844) bundled pidl, I wanted to make sure none of the
generated dissectors were edited by hand so I've run the following
(from epan/dissectors/pidl/README) to regenerate them:

    cd epan/dissectors/pidl
    for file in *.idl */*.idl; do
        echo "Generating dissector for $file"
        ../../../tools/pidl/pidl --includedir . --ws-parser -- $file;
    done
    cp packet-dcerpc*.* ..

Most generated files are almost identical (slightly altered comments and
whitespace because pidl wasn't run again) except for
packet-dcerpc-mapi.[ch] and packet-dcerpc-nsapi.[ch] who differs
greatly. These new generated files don't compile because they are
malformed. Sample output:

static int
mapi_dissect_element_SPropValue_value(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di _U_, guint8 *drep _U_, guint32 *)
{
	offset = mapi_dissect_SPropValue_CTR(tvb, offset, pinfo, tree, di, drep, hf_mapi_property_types, *);

	return offset;
}


Notice the lone * at the last param of the call.
I've tried to debug it (but I don't know much about pidl)

in tools/pidl/lib/Parse/Pidl/Wireshark/NDR.pm:446 (sub Element)

	if (defined $isoruseswitch) {
		my $type = $isoruseswitch->[0];
		my $name = $isoruseswitch->[1];

		my $switch_dt =  getType($type);
		my $switch_raw_type = SwitchType($e, $type, "uint32");
		if (not defined($switch_raw_type)) {
			die("Unknown type[$type]\n");
		}
		my $switch_type = "g${switch_raw_type}";

		$moreparam = ", $switch_type *".$name;

		if (($e->{PROPERTIES}->{switch_is} eq "") && ($switchvars{$name}) &&
			#not a "native" type
			(!($type =~ /^uint(8|16|1632|32|3264|64)/))) {
			$param = $name;
		} elsif ( $switch_dt->{DATA}->{TYPE} eq "ENUM") {
			$param = $name;
		} else {
			$param = "*".$name;
			# ^^^^^^^^^^^^^^^^^
                        # here we prefix the param
			# with a star but $name is empty
		}

Later in the same sub we call ElementLevel with $param eq "*"

		$self->ElementLevel($e,$_,$hf,$dissectorname.$add,$pn,$ifname,$param);

Finally, in the sub ElementLevel we generate the wrong call:

	} elsif	(defined($self->{conformance}->{types}->{$l->{DATA_TYPE}})) {
		$call= $self->{conformance}->{types}->{$l->{DATA_TYPE}}->{DISSECTOR_NAME};
		$self->{conformance}->{types}->{$l->{DATA_TYPE}}->{USED} = 1;
	} else {


Here $call is set to

"offset = mapi_dissect_SPropValue_CTR(tvb, offset, pinfo, tree, di, drep, @HF@, @PARAM@);"

And @PARAM@ is replaced with "*".

-- 
Aurélien Aptel / SUSE Labs Samba Team
GPG: 1839 CB5F 9F5B FB9B AA97  8C99 03C8 A49B 521B D5D3
SUSE Linux GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG
Nürnberg)

Attachment: pgpQEPVOAX3VM.pgp
Description: OpenPGP digital signature