smb1: use generic string parsing for trans

7 years ago · 90e2abaac4
parent 76917a8732
commit 90e2abaac4
2 changed files with 4 additions and 37 deletions
--- a/rust/src/smb/smb1.rs
+++ b/rust/src/smb/smb1.rs
@ -602,12 +602,12 @@ pub fn smb1_trans_request_record<'b>(state: &mut SMBState, r: &SmbRecord<'b>)
                        pipe.fid.to_vec());
            }

-            let (sername, is_dcerpc) = get_service_for_nameslice(&rd.txname.tx_name);
+            let (sername, is_dcerpc) = get_service_for_nameslice(&rd.txname);
            SCLogDebug!("service: {} dcerpc {}", sername, is_dcerpc);
            if is_dcerpc {
                // store tx name so the response also knows this is dcerpc
                let txn_hdr = SMBCommonHdr::from1(r, SMBHDR_TYPE_TXNAME);
-                state.ssn2vec_map.insert(txn_hdr, rd.txname.tx_name);
+                state.ssn2vec_map.insert(txn_hdr, rd.txname);

                // trans request will tell us the max size of the response
                // if there is more response data, it will first give a
--- a/rust/src/smb/smb1_records.rs
+++ b/rust/src/smb/smb1_records.rs
@ -190,7 +190,7 @@ pub fn parse_smb_connect_tree_andx_record<'a>(i: &'a[u8], r: &SmbRecord) -> IRes
 pub struct SmbRecordTransRequest<'a> {
    pub params: SmbRecordTransRequestParams,
    pub pipe: Option<SmbPipeProtocolRecord<'a>>,
-    pub txname: SmbRecordTransRequestTxname<>,
+    pub txname: Vec<u8>,
    pub data: SmbRecordTransRequestData<'a>,
 }

@ -253,34 +253,6 @@ named!(pub parse_smb_trans_request_record_params<(SmbRecordTransRequestParams, O
            pipe)))
 );

-#[derive(Debug,PartialEq)]
-pub struct SmbRecordTransRequestTxname<> {
-    pub tx_name: Vec<u8>,
-}
-
-fn parse_smb_trans_request_tx_name_ascii(i: &[u8])
-    -> IResult<&[u8], SmbRecordTransRequestTxname>
-{
-    do_parse!(i,
-            name: smb_get_ascii_string
-        >> (SmbRecordTransRequestTxname {
-                tx_name: name,
-            })
-    )
-}
-
-fn parse_smb_trans_request_tx_name_unicode(i: &[u8], offset: usize)
-    -> IResult<&[u8], SmbRecordTransRequestTxname>
-{
-    do_parse!(i,
-            cond!(offset % 2 == 1, take!(1))
-        >>  name: smb_get_unicode_string
-        >> (SmbRecordTransRequestTxname {
-                tx_name: name,
-            })
-    )
-}
-
 #[derive(Debug,PartialEq)]
 pub struct SmbRecordTransRequestData<'a> {
    pub data: &'a[u8],
@ -312,12 +284,7 @@ pub fn parse_smb_trans_request_record<'a, 'b>(i: &'a[u8], r: &SmbRecord<'b>)
    let mut offset = 32 + (i.len() - rem.len()); // init with SMB header
    SCLogDebug!("params {:?}: offset {}", params, offset);

-    let name = if r.has_unicode_support() {
-        parse_smb_trans_request_tx_name_unicode(rem, offset)
-    } else {
-        parse_smb_trans_request_tx_name_ascii(rem)
-    };
-    let (rem2, n) = match name {
+    let (rem2, n) = match smb1_get_string(rem, r, offset) {
        IResult::Done(rem, rd) => (rem, rd),
        IResult::Incomplete(ii) => { return IResult::Incomplete(ii); }
        IResult::Error(e) => { return IResult::Error(e); }