From: Victor Julien <victor@inliniac.net>
Date: Sat, 10 Mar 2018 11:52:56 +0000 (+0100)
Subject: smb1: use generic string parsing for trans
X-Git-Tag: suricata-4.1.0-beta1~78
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=90e2abaac4692d35acd626465782cf2b5c36e9fb;p=thirdparty%2Fsuricata.git

smb1: use generic string parsing for trans
---

diff --git a/rust/src/smb/smb1.rs b/rust/src/smb/smb1.rs
index 073b251971..389ade50c6 100644
--- a/rust/src/smb/smb1.rs
+++ b/rust/src/smb/smb1.rs
@@ -602,12 +602,12 @@ pub fn smb1_trans_request_record<'b>(state: &mut SMBState, r: &SmbRecord<'b>)
                         pipe.fid.to_vec());
             }
 
-            let (sername, is_dcerpc) = get_service_for_nameslice(&rd.txname.tx_name);
+            let (sername, is_dcerpc) = get_service_for_nameslice(&rd.txname);
             SCLogDebug!("service: {} dcerpc {}", sername, is_dcerpc);
             if is_dcerpc {
                 // store tx name so the response also knows this is dcerpc
                 let txn_hdr = SMBCommonHdr::from1(r, SMBHDR_TYPE_TXNAME);
-                state.ssn2vec_map.insert(txn_hdr, rd.txname.tx_name);
+                state.ssn2vec_map.insert(txn_hdr, rd.txname);
 
                 // trans request will tell us the max size of the response
                 // if there is more response data, it will first give a
diff --git a/rust/src/smb/smb1_records.rs b/rust/src/smb/smb1_records.rs
index 271c92e8ff..4ec138d10c 100644
--- a/rust/src/smb/smb1_records.rs
+++ b/rust/src/smb/smb1_records.rs
@@ -190,7 +190,7 @@ pub fn parse_smb_connect_tree_andx_record<'a>(i: &'a[u8], r: &SmbRecord) -> IRes
 pub struct SmbRecordTransRequest<'a> {
     pub params: SmbRecordTransRequestParams,
     pub pipe: Option<SmbPipeProtocolRecord<'a>>,
-    pub txname: SmbRecordTransRequestTxname<>,
+    pub txname: Vec<u8>,
     pub data: SmbRecordTransRequestData<'a>,
 }
 
@@ -253,34 +253,6 @@ named!(pub parse_smb_trans_request_record_params<(SmbRecordTransRequestParams, O
             pipe)))
 );
 
-#[derive(Debug,PartialEq)]
-pub struct SmbRecordTransRequestTxname<> {
-    pub tx_name: Vec<u8>,
-}
-
-fn parse_smb_trans_request_tx_name_ascii(i: &[u8])
-    -> IResult<&[u8], SmbRecordTransRequestTxname>
-{
-    do_parse!(i,
-            name: smb_get_ascii_string
-        >> (SmbRecordTransRequestTxname {
-                tx_name: name,
-            })
-    )
-}
-
-fn parse_smb_trans_request_tx_name_unicode(i: &[u8], offset: usize)
-    -> IResult<&[u8], SmbRecordTransRequestTxname>
-{
-    do_parse!(i,
-            cond!(offset % 2 == 1, take!(1))
-        >>  name: smb_get_unicode_string
-        >> (SmbRecordTransRequestTxname {
-                tx_name: name,
-            })
-    )
-}
-
 #[derive(Debug,PartialEq)]
 pub struct SmbRecordTransRequestData<'a> {
     pub data: &'a[u8],
@@ -312,12 +284,7 @@ pub fn parse_smb_trans_request_record<'a, 'b>(i: &'a[u8], r: &SmbRecord<'b>)
     let mut offset = 32 + (i.len() - rem.len()); // init with SMB header
     SCLogDebug!("params {:?}: offset {}", params, offset);
 
-    let name = if r.has_unicode_support() {
-        parse_smb_trans_request_tx_name_unicode(rem, offset)
-    } else {
-        parse_smb_trans_request_tx_name_ascii(rem)
-    };
-    let (rem2, n) = match name {
+    let (rem2, n) = match smb1_get_string(rem, r, offset) {
         IResult::Done(rem, rd) => (rem, rd),
         IResult::Incomplete(ii) => { return IResult::Incomplete(ii); }
         IResult::Error(e) => { return IResult::Error(e); }