From: Victor Julien <victor@inliniac.net>
Date: Sun, 11 Jun 2017 09:27:31 +0000 (+0200)
Subject: nfs3: parse mkdir and rmdir request records
X-Git-Tag: suricata-4.0.0-rc1~56
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a116c160194274fe604f504f6ba31d14d2e816e1;p=thirdparty%2Fsuricata.git

nfs3: parse mkdir and rmdir request records
---

diff --git a/rust/src/nfs/nfs3.rs b/rust/src/nfs/nfs3.rs
index 228faa9024..9b3a52db93 100644
--- a/rust/src/nfs/nfs3.rs
+++ b/rust/src/nfs/nfs3.rs
@@ -499,7 +499,24 @@ impl NFS3State {
                 IResult::Incomplete(_) => { panic!("WEIRD"); },
                 IResult::Error(e) => { panic!("Parsing failed: {:?}",e);  },
             };
-
+        } else if r.procedure == NFSPROC3_MKDIR {
+            match parse_nfs3_request_mkdir(r.prog_data) {
+                IResult::Done(_, mr) => {
+                    xidmap.file_handle = mr.handle.value.to_vec();
+                    xidmap.file_name = mr.name_vec;
+                },
+                IResult::Incomplete(_) => { panic!("WEIRD"); },
+                IResult::Error(e) => { panic!("Parsing failed: {:?}",e);  },
+            };
+        } else if r.procedure == NFSPROC3_RMDIR {
+            match parse_nfs3_request_rmdir(r.prog_data) {
+                IResult::Done(_, rr) => {
+                    xidmap.file_handle = rr.handle.value.to_vec();
+                    xidmap.file_name = rr.name_vec;
+                },
+                IResult::Incomplete(_) => { panic!("WEIRD"); },
+                IResult::Error(e) => { panic!("Parsing failed: {:?}",e);  },
+            };
         } else if r.procedure == NFSPROC3_COMMIT {
             SCLogDebug!("COMMIT, closing shop");
 
diff --git a/rust/src/nfs/parser.rs b/rust/src/nfs/parser.rs
index 3e886a8145..9eb91685f6 100644
--- a/rust/src/nfs/parser.rs
+++ b/rust/src/nfs/parser.rs
@@ -159,6 +159,47 @@ named!(pub parse_nfs3_request_remove<Nfs3RequestRemove>,
         ))
 );
 
+#[derive(Debug,PartialEq)]
+pub struct Nfs3RequestRmdir<'a> {
+    pub handle: Nfs3Handle<'a>,
+    pub name_vec: Vec<u8>,
+}
+
+named!(pub parse_nfs3_request_rmdir<Nfs3RequestRmdir>,
+    do_parse!(
+            dir_handle: parse_nfs3_handle
+        >>  name_len: be_u32
+        >>  name: take!(name_len)
+        >>  fill_bytes: cond!(name_len % 4 != 0, take!(4 - name_len % 4))
+        >> (
+            Nfs3RequestRmdir {
+                handle:dir_handle,
+                name_vec:name.to_vec(),
+            }
+        ))
+);
+
+#[derive(Debug,PartialEq)]
+pub struct Nfs3RequestMkdir<'a> {
+    pub handle: Nfs3Handle<'a>,
+    pub name_vec: Vec<u8>,
+}
+
+named!(pub parse_nfs3_request_mkdir<Nfs3RequestMkdir>,
+    do_parse!(
+            dir_handle: parse_nfs3_handle
+        >>  name_len: be_u32
+        >>  name: take!(name_len)
+        >>  fill_bytes: cond!(name_len % 4 != 0, take!(4 - name_len % 4))
+        >>  attributes: rest
+        >> (
+            Nfs3RequestMkdir {
+                handle:dir_handle,
+                name_vec:name.to_vec(),
+            }
+        ))
+);
+
 #[derive(Debug,PartialEq)]
 pub struct Nfs3RequestRename<'a> {
     pub from_handle: Nfs3Handle<'a>,