smb: small cleanups, fixes and optimizations

7 years ago · be615c9fbc
parent dab055d8c8
commit be615c9fbc
4 changed files with 11 additions and 21 deletions
--- a/rust/src/smb/smb.rs
+++ b/rust/src/smb/smb.rs
@ -497,8 +497,7 @@ impl SMBCommonHdr {
            _ => r.tree_id,
        };
        let msg_id = match rec_type {
-            SMBHDR_TYPE_TRANS_FRAG => { 0 },
-            SMBHDR_TYPE_SHARE => { 0 },
+            SMBHDR_TYPE_TRANS_FRAG | SMBHDR_TYPE_SHARE => { 0 },
            _ => { r.message_id as u64 },
        };

@ -516,8 +515,7 @@ impl SMBCommonHdr {
            _ => r.tree_id as u32,
        };
        let msg_id = match rec_type {
-            SMBHDR_TYPE_TRANS_FRAG => { 0 },
-            SMBHDR_TYPE_SHARE => { 0 },
+            SMBHDR_TYPE_TRANS_FRAG | SMBHDR_TYPE_SHARE => { 0 },
            _ => { r.multiplex_id as u64 },
        };

--- a/rust/src/smb/smb1.rs
+++ b/rust/src/smb/smb1.rs
@ -170,7 +170,7 @@ fn smb1_close_file(state: &mut SMBState, fid: &Vec<u8>)
 }

 pub fn smb1_request_record<'b>(state: &mut SMBState, r: &SmbRecord<'b>) -> u32 {
-    SCLogDebug!("record: {:?} command {}", r.greeter, r.command);
+    SCLogDebug!("record: command {}: record {:?}", r.command, r);

    let mut events : Vec<SMBEvent> = Vec::new();
    let mut no_response_expected = false;
--- a/rust/src/smb/smb1_records.rs
+++ b/rust/src/smb/smb1_records.rs
@ -146,7 +146,6 @@ named!(pub parse_smb_connect_tree_andx_response_record<Smb1ResponseRecordTreeCon

 #[derive(Debug,PartialEq)]
 pub struct SmbRecordTreeConnectAndX<'a> {
-    pub len: usize,
    pub share: &'a[u8],
 }

@ -156,11 +155,10 @@ named!(pub parse_smb_connect_tree_andx_record<SmbRecordTreeConnectAndX>,
       >> pwlen: le_u16
       >> bcc: le_u16
       >> pw: take!(pwlen)
-       >> share: take!(bcc - (6 + pwlen))
+       >> share: cond!(bcc >= (6 + pwlen), take!(bcc - (6 + pwlen)))
       >> service: take!(6)
       >> (SmbRecordTreeConnectAndX {
-                len:bcc as usize - (6 + pwlen as usize) as usize,
-                share:share,
+                share: share.unwrap_or(&[]),
           }))
 );

@ -404,7 +402,6 @@ named!(pub parse_smb_setup_andx_record<SmbRecordSetupAndX>,
       >> skip2: take!(8)
       >> bcc: le_u16
       >> sec_blob: take!(sec_blob_len)
-       //>> skip3: rest
       >> (SmbRecordSetupAndX {
                sec_blob:sec_blob,
           }))
@ -460,7 +457,7 @@ pub struct SmbRequestReadAndXRecord<'a> {

 named!(pub parse_smb_read_andx_request_record<SmbRequestReadAndXRecord>,
    do_parse!(
-            wtc: le_u8
+            wct: le_u8
        >>  andx_command: le_u8
        >>  take!(1)    // reserved
        >>  andx_offset: le_u16
@ -470,8 +467,7 @@ named!(pub parse_smb_read_andx_request_record<SmbRequestReadAndXRecord>,
        >>  take!(2)
        >>  max_count_high: le_u32
        >>  take!(2)
-        >>  high_offset: cond!(wtc==12,le_u32) // only from wtc ==12?
-
+        >>  high_offset: cond!(wct==12,le_u32) // only from wct ==12?
        >> (SmbRequestReadAndXRecord {
                fid:fid,
                size: (((max_count_high as u64) << 16)|max_count_low as u64),
@ -487,7 +483,7 @@ pub struct SmbResponseReadAndXRecord<'a> {

 named!(pub parse_smb_read_andx_response_record<SmbResponseReadAndXRecord>,
    do_parse!(
-            wtc: le_u8
+            wct: le_u8
        >>  andx_command: le_u8
        >>  take!(1)    // reserved
        >>  andx_offset: le_u16
@ -587,9 +583,6 @@ named!(pub parse_smb_version<SmbVersion>,

 #[derive(Debug,PartialEq)]
 pub struct SmbRecord<'a> {
-    //pub nbss_hdr: NbssRecord<'a>,
-    pub greeter: &'a[u8],
-
    pub command: u8,
    pub is_dos_error: bool,
    pub nt_status: u32,
@ -614,7 +607,7 @@ impl<'a> SmbRecord<'a> {

 named!(pub parse_smb_record<SmbRecord>,
    do_parse!(
-            server_component: tag!(b"\xffSMB")
+            tag!(b"\xffSMB")
        >>  command:le_u8
        >>  nt_status:le_u32
        >>  flags:le_u8
@ -629,7 +622,6 @@ named!(pub parse_smb_record<SmbRecord>,
        >>  data: rest

        >>  (SmbRecord {
-                greeter:server_component,
                command:command,
                nt_status:nt_status,
                flags:flags,
--- a/rust/src/smb/smb2_records.rs
+++ b/rust/src/smb/smb2_records.rs
@ -368,7 +368,7 @@ named!(pub parse_smb2_response_write<Smb2WriteResponseRecord>,

 named!(pub parse_smb2_response_record<Smb2Record>,
    do_parse!(
-            server_component: tag!(b"\xfeSMB")
+            tag!(b"\xfeSMB")
        >>  hlen: le_u16
        >>  credit_charge: le_u16
        >>  nt_status: le_u32
@ -400,7 +400,7 @@ named!(pub parse_smb2_response_record<Smb2Record>,
                tree_id: tree_id,
                session_id: session_id,
                command:command,
-                data: if data_c != None { data_c.unwrap() } else { data_r.unwrap() }
+                data: data_c.or(data_r).unwrap()
           })
 ));