diff --git a/src/app-layer-dcerpc-common.h b/src/app-layer-dcerpc-common.h index cc077771fa..dd8bbdf745 100644 --- a/src/app-layer-dcerpc-common.h +++ b/src/app-layer-dcerpc-common.h @@ -79,29 +79,29 @@ typedef struct { #define RESERVED_40 0x40 #define RESERVED_80 0x80 -typedef struct dcerpc_hdr_ { - uint8_t rpc_vers; /* 00:01 RPC version should be 5 */ - uint8_t rpc_vers_minor; /* 01:01 minor version */ - uint8_t type; /* 02:01 packet type */ - uint8_t pfc_flags; /* 03:01 flags (see PFC_... ) */ - uint8_t packed_drep[4]; /* 04:04 NDR data representation format label */ - uint16_t frag_length; /* 08:02 total length of fragment */ - uint16_t auth_length; /* 10:02 length of auth_value */ - uint32_t call_id; /* 12:04 call identifier */ -}DCERPCHdr; +typedef struct DCERPCHdr_ { + uint8_t rpc_vers; /**< 00:01 RPC version should be 5 */ + uint8_t rpc_vers_minor; /**< 01:01 minor version */ + uint8_t type; /**< 02:01 packet type */ + uint8_t pfc_flags; /**< 03:01 flags (see PFC_... ) */ + uint8_t packed_drep[4]; /**< 04:04 NDR data representation format label */ + uint16_t frag_length; /**< 08:02 total length of fragment */ + uint16_t auth_length; /**< 10:02 length of auth_value */ + uint32_t call_id; /**< 12:04 call identifier */ +} DCERPCHdr; #define DCERPC_HDR_LEN 16 -struct uuid_entry { +typedef struct DCERPCUuidEntry_ { uint16_t ctxid; uint16_t result; uint8_t uuid[16]; uint16_t version; uint16_t versionminor; - TAILQ_ENTRY(uuid_entry) next; -}; + TAILQ_ENTRY(DCERPCUuidEntry_) next; +} DCERPCUuidEntry; -typedef struct dcerpc_bind_bind_ack_ { +typedef struct DCERPCBindBindAck_ { uint8_t numctxitems; uint8_t numctxitemsleft; uint8_t ctxbytesprocessed; @@ -109,17 +109,17 @@ typedef struct dcerpc_bind_bind_ack_ { uint8_t uuid[16]; uint16_t version; uint16_t versionminor; - struct uuid_entry *uuid_entry; - TAILQ_HEAD(, uuid_entry) uuid_list; + DCERPCUuidEntry *uuid_entry; + TAILQ_HEAD(, DCERPCUuidEntry_) uuid_list; uint16_t secondaryaddrlen; uint16_t secondaryaddrlenleft; uint16_t result; -}DCERPCBindBindAck; +} DCERPCBindBindAck; -typedef struct dcerpc_request_ { +typedef struct DCERPCRequest_ { uint16_t opnum; uint8_t *stub_data; -}DCERPCRequest; +} DCERPCRequest; typedef struct DCERPC_ { @@ -129,24 +129,28 @@ typedef struct DCERPC_ { uint16_t bytesprocessed; uint8_t pad; uint8_t padleft; -}DCERPC; +} DCERPC; -#define PFC_FIRST_FRAG 0x01/* First fragment */ -#define PFC_LAST_FRAG 0x02/* Last fragment */ -#define PFC_PENDING_CANCEL 0x04/* Cancel was pending at sender */ +/** First fragment */ +#define PFC_FIRST_FRAG 0x01 +/** Last fragment */ +#define PFC_LAST_FRAG 0x02 +/** Cancel was pending at sender */ +#define PFC_PENDING_CANCEL 0x04 #define PFC_RESERVED_1 0x08 -#define PFC_CONC_MPX 0x10/* supports concurrent multiplexing - * of a single connection. */ -#define PFC_DID_NOT_EXECUTE 0x20/* only meaningful on `fault' packet; - * if true, guaranteed call did not - * execute. */ -#define PFC_MAYBE 0x40/* `maybe' call semantics requested */ -#define PFC_OBJECT_UUID 0x80/* if true, a non-nil object UUID - * was specified in the handle, and - * is present in the optional object - * field. If false, the object field - * is omitted. */ +/** supports concurrent multiplexing of a single connection. */ +#define PFC_CONC_MPX 0x10 +/** only meaningful on `fault' packet; if true, guaranteed + * call did not execute. */ +#define PFC_DID_NOT_EXECUTE 0x20 +/** `maybe' call semantics requested */ +#define PFC_MAYBE 0x40 +/** if true, a non-nil object UUID was specified in the handle, and + * is present in the optional object field. If false, the object field + * is omitted. */ +#define PFC_OBJECT_UUID 0x80 + #define REASON_NOT_SPECIFIED 0 #define TEMPORARY_CONGESTION 1 #define LOCAL_LIMIT_EXCEEDED 2 @@ -155,25 +159,10 @@ typedef struct DCERPC_ { #define DEFAULT_CONTEXT_NOT_SUPPORTED 5 /* not used */ #define USER_DATA_NOT_READABLE 6 /* not used */ #define NO_PSAP_AVAILABLE 7 /* not used */ -/* - typedef uint16_t p_context_id_t; - typedef struct { - uuid_t if_uuid; - uint32_t if_version; - } p_syntax_id_t; - - typedef struct { - p_context_id_t p_cont_id; - uint8_t n_transfer_syn; // number of items - uint8_t reserved; // alignment pad, m.b.z. - p_syntax_id_t abstract_syntax; // transfer syntax list - p_syntax_id_t [size_is(n_transfer_syn)] transfer_syntaxes[]; - } p_cont_elem_t; - */ int32_t DCERPCParser(DCERPC *dcerpc, uint8_t *input, uint32_t input_len); void hexdump(const void *buf, size_t len); -void printUUID(char *type, struct uuid_entry *uuid); +void printUUID(char *type, DCERPCUuidEntry *uuid); #endif /* __APP_LAYER_DCERPC_COMMON_H__ */ diff --git a/src/app-layer-dcerpc.c b/src/app-layer-dcerpc.c index 8d79f9e1f2..c44f6308c6 100644 --- a/src/app-layer-dcerpc.c +++ b/src/app-layer-dcerpc.c @@ -103,7 +103,7 @@ void hexdump(const void *buf, size_t len) { * \brief printUUID function used to print UUID, Major and Minor Version Number * and if it was Accepted or Rejected in the BIND_ACK. */ -void printUUID(char *type, struct uuid_entry *uuid) { +void printUUID(char *type, DCERPCUuidEntry *uuid) { uint8_t i = 0; if (uuid == NULL) { return; @@ -217,8 +217,8 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t dcerpc->dcerpcbindbindack.versionminor |= *(p + 23) << 8; if (dcerpc->dcerpcbindbindack.ctxid == dcerpc->dcerpcbindbindack.numctxitems - dcerpc->dcerpcbindbindack.numctxitemsleft) { - dcerpc->dcerpcbindbindack.uuid_entry = (struct uuid_entry *) SCCalloc(1, - sizeof(struct uuid_entry)); + dcerpc->dcerpcbindbindack.uuid_entry = (DCERPCUuidEntry *) SCCalloc(1, + sizeof(DCERPCUuidEntry)); if (dcerpc->dcerpcbindbindack.uuid_entry == NULL) { SCReturnUInt(0); } else { @@ -423,8 +423,8 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t p++; --input_len; if (dcerpc->dcerpcbindbindack.ctxid == dcerpc->dcerpcbindbindack.numctxitems - dcerpc->dcerpcbindbindack.numctxitemsleft) { - dcerpc->dcerpcbindbindack.uuid_entry = (struct uuid_entry *) SCCalloc(1, - sizeof(struct uuid_entry)); + dcerpc->dcerpcbindbindack.uuid_entry = (DCERPCUuidEntry *) SCCalloc(1, + sizeof(DCERPCUuidEntry)); if (dcerpc->dcerpcbindbindack.uuid_entry == NULL) { SCReturnUInt(0); } else { @@ -466,7 +466,7 @@ static uint32_t DCERPCParseBINDCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t static uint32_t DCERPCParseBINDACKCTXItem(DCERPC *dcerpc, uint8_t *input, uint32_t input_len) { SCEnter(); uint8_t *p = input; - struct uuid_entry *uuid_entry; + DCERPCUuidEntry *uuid_entry; if (input_len) { switch (dcerpc->dcerpcbindbindack.ctxbytesprocessed) { @@ -1251,7 +1251,7 @@ static void *DCERPCStateAlloc(void) { static void DCERPCStateFree(void *s) { DCERPCState *sstate = (DCERPCState *) s; - struct uuid_entry *item; + DCERPCUuidEntry *item; while ((item = TAILQ_FIRST(&sstate->dcerpc.dcerpcbindbindack.uuid_list))) { //printUUID("Free", item); @@ -1638,7 +1638,7 @@ int DCERPCParserTest01(void) { uint32_t bindlen = sizeof(dcerpcbind); uint32_t bindacklen = sizeof(dcerpcbindack); TcpSession ssn; - struct uuid_entry *uuid_entry; + DCERPCUuidEntry *uuid_entry; memset(&f, 0, sizeof(f)); memset(&ssn, 0, sizeof(ssn)); diff --git a/src/app-layer-smb2.h b/src/app-layer-smb2.h index 0223837ec7..52dc269861 100644 --- a/src/app-layer-smb2.h +++ b/src/app-layer-smb2.h @@ -16,8 +16,8 @@ #include "flow.h" #include "stream.h" -typedef struct smb2_hdr { - uint32_t Protocol; // Contains 0xFE,'SMB' +typedef struct SMB2Hdr { + uint32_t Protocol; /**< Contains 0xFE,'SMB' */ uint16_t StructureSize; uint16_t CreditCharge; uint32_t Status; @@ -30,7 +30,7 @@ typedef struct smb2_hdr { uint32_t TreeId; uint64_t SessionId; uint8_t Signature[16]; -}SMB2Hdr; +} SMB2Hdr; #define SMB2_HDR_LEN 64 @@ -38,28 +38,28 @@ typedef struct SMB2State_ { NBSSHdr nbss; SMB2Hdr smb2; uint16_t bytesprocessed; -}SMB2State; +} SMB2State; -/* http://msdn.microsoft.com/en-us/library/cc246528(PROT.13).aspx */ -#define SMB2_NEGOTIATE 0x0000 -#define SMB2_SESSION_SETUP 0x0001 -#define SMB2_LOGOFF 0x0002 -#define SMB2_TREE_CONNECT 0x0003 -#define SMB2_TREE_DISCONNECT 0x0004 -#define SMB2_CREATE 0x0005 -#define SMB2_CLOSE 0x0006 -#define SMB2_FLUSH 0x0007 -#define SMB2_READ 0x0008 -#define SMB2_WRITE 0x0009 -#define SMB2_LOCK 0x000A -#define SMB2_IOCTL 0x000B -#define SMB2_CANCEL 0x000C -#define SMB2_ECHO 0x000D -#define SMB2_QUERY_DIRECTORY 0x000E -#define SMB2_CHANGE_NOTIFY 0x000F -#define SMB2_QUERY_INFO 0x0010 -#define SMB2_SET_INFO 0x0011 -#define SMB2_OPLOCK_BREAK 0x0012 +/** from http://msdn.microsoft.com/en-us/library/cc246528(PROT.13).aspx */ +#define SMB2_NEGOTIATE 0x0000 +#define SMB2_SESSION_SETUP 0x0001 +#define SMB2_LOGOFF 0x0002 +#define SMB2_TREE_CONNECT 0x0003 +#define SMB2_TREE_DISCONNECT 0x0004 +#define SMB2_CREATE 0x0005 +#define SMB2_CLOSE 0x0006 +#define SMB2_FLUSH 0x0007 +#define SMB2_READ 0x0008 +#define SMB2_WRITE 0x0009 +#define SMB2_LOCK 0x000A +#define SMB2_IOCTL 0x000B +#define SMB2_CANCEL 0x000C +#define SMB2_ECHO 0x000D +#define SMB2_QUERY_DIRECTORY 0x000E +#define SMB2_CHANGE_NOTIFY 0x000F +#define SMB2_QUERY_INFO 0x0010 +#define SMB2_SET_INFO 0x0011 +#define SMB2_OPLOCK_BREAK 0x0012 void RegisterSMB2Parsers(void); void SMB2ParserRegisterTests(void); diff --git a/src/decode-vlan.h b/src/decode-vlan.h index 05244acc41..1dc604308e 100644 --- a/src/decode-vlan.h +++ b/src/decode-vlan.h @@ -1,10 +1,10 @@ -/* Copyright (c) 2009 Open Information Security Foundation */ +/* Copyright (c) 2009, 2010 Open Information Security Foundation */ -/** \file +/** + * \file * \author Breno Silva */ - #ifndef __DECODE_VLAN_H__ #define __DECODE_VLAN_H__ @@ -12,16 +12,16 @@ #define ETHERNET_TYPE_VLAN 0x8100 /** Vlan macros to access Vlan priority, Vlan CFI and VID */ -#define GET_VLAN_PRIORITY(vlanh) ((ntohs((vlanh)->vlan_cfi) & 0xe000) >> 13) -#define GET_VLAN_CFI(vlanh) ((ntohs((vlanh)->vlan_cfi) & 0x0100) >> 12) -#define GET_VLAN_ID(vlanh) ((unsigned short)(ntohs((vlanh)->vlan_cfi) & 0x0FFF)) -#define GET_VLAN_PROTO(vlanh) ((ntohs((vlanh)->protocol))) +#define GET_VLAN_PRIORITY(vlanh) ((ntohs((vlanh)->vlan_cfi) & 0xe000) >> 13) +#define GET_VLAN_CFI(vlanh) ((ntohs((vlanh)->vlan_cfi) & 0x0100) >> 12) +#define GET_VLAN_ID(vlanh) ((uint16_t)(ntohs((vlanh)->vlan_cfi) & 0x0FFF)) +#define GET_VLAN_PROTO(vlanh) ((ntohs((vlanh)->protocol))) /** Vlan header struct */ -typedef struct _VLANHdr { +typedef struct VLANHdr_ { uint16_t vlan_cfi; - uint16_t protocol; /** protocol field */ -}VLANHdr; + uint16_t protocol; /**< protocol field */ +} VLANHdr; /** VLAN header length */ #define VLAN_HEADER_LEN 4 @@ -29,3 +29,4 @@ typedef struct _VLANHdr { void DecodeVLANRegisterTests(void); #endif /* __DECODE_VLAN_H__ */ + diff --git a/src/defrag.c b/src/defrag.c index 625983d0ad..273c976ce1 100644 --- a/src/defrag.c +++ b/src/defrag.c @@ -75,7 +75,7 @@ enum defrag_policies { * A context for an instance of a fragmentation re-assembler, in case * we ever need more than one. */ -typedef struct _DefragContext { +typedef struct DefragContext_ { uint64_t ip4_frags; /**< Number of IPv4 fragments seen. */ uint64_t ip6_frags; /**< Number of IPv6 fragments seen. */ @@ -96,7 +96,7 @@ typedef struct _DefragContext { /** * Storage for an individual fragment. */ -typedef struct _frag { +typedef struct Frag_ { DefragContext *dc; /**< The defragmentation context this frag was * allocated under. */ @@ -124,14 +124,14 @@ typedef struct _frag { int8_t skip; /**< Skip this fragment during re-assembly. */ - TAILQ_ENTRY(_frag) next; /**< Pointer to next fragment for tailq. */ + TAILQ_ENTRY(Frag_) next; /**< Pointer to next fragment for tailq. */ } Frag; /** * A defragmentation tracker. Used to track fragments that make up a * single packet. */ -typedef struct _DefragTracker { +typedef struct DefragTracker_ { DefragContext *dc; /**< The defragmentation context this tracker * was allocated under. */ @@ -153,7 +153,7 @@ typedef struct _DefragTracker { SCMutex lock; /**< Mutex for locking list operations on * this tracker. */ - TAILQ_HEAD(frag_tailq, _frag) frags; /**< Head of list of fragments. */ + TAILQ_HEAD(frag_tailq, Frag_) frags; /**< Head of list of fragments. */ } DefragTracker; /** A random value used for hash key generation. */ diff --git a/src/detect-dce-iface.c b/src/detect-dce-iface.c index ba43b267e3..acc6d51097 100644 --- a/src/detect-dce-iface.c +++ b/src/detect-dce-iface.c @@ -253,7 +253,7 @@ int DetectDceIfaceMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow *f, uint8_t flags, void *state, Signature *s, SigMatch *m) { int ret = 1; - struct uuid_entry *item = NULL; + DCERPCUuidEntry *item = NULL; int i = 0; DetectDceIfaceData *dce_data = (DetectDceIfaceData *)m->ctx; DCERPCState *dcerpc_state = (DCERPCState *)state; diff --git a/src/detect-rpc.c b/src/detect-rpc.c index ad26e65e7e..17f8b7e108 100644 --- a/src/detect-rpc.c +++ b/src/detect-rpc.c @@ -111,7 +111,7 @@ int DetectRpcMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Packet *p, Si } /* Point through the rpc msg structure. Use ntohl() to compare values */ - struct rpc_msg *msg = (struct rpc_msg *)rpcmsg; + RpcMsg *msg = (RpcMsg *)rpcmsg; /* If its not a call, no match */ if (ntohl(msg->type) != 0) { diff --git a/src/detect-rpc.h b/src/detect-rpc.h index bedac97dbc..67dfa5725a 100644 --- a/src/detect-rpc.h +++ b/src/detect-rpc.h @@ -8,15 +8,15 @@ #define DETECT_RPC_CHECK_VERSION 0x02 #define DETECT_RPC_CHECK_PROCEDURE 0x04 -/* Simple struct for a rpc msg call */ -struct rpc_msg { - unsigned int xid; - unsigned int type; /*< CALL = 0 (We only search for CALLS */ - unsigned int rpcvers; /*< must be equal to two (2) */ - unsigned int prog; - unsigned int vers; - unsigned int proc; -}*msg; +/** Simple struct for a rpc msg call */ +typedef struct RpcMsg_ { + uint32_t xid; + uint32_t type; /**< CALL = 0 (We only search for CALLS */ + uint32_t rpcvers; /**< must be equal to two (2) */ + uint32_t prog; + uint32_t vers; + uint32_t proc; +} RpcMsg; /* Extract uint32_t */ #define EXT_GET_UINT32T(buf) ((long)ntohl((long)*(buf)++)) diff --git a/src/util-enum.h b/src/util-enum.h index 6dec4a57f6..a8bea2ec73 100644 --- a/src/util-enum.h +++ b/src/util-enum.h @@ -2,10 +2,10 @@ * \author Anoop Saldanha */ -#ifndef __ENUM_H__ -#define __ENUM_H__ +#ifndef __UTIL_ENUM_H__ +#define __UTIL_ENUM_H__ -typedef struct _SCEnumCharMap { +typedef struct SCEnumCharMap_ { char *enum_name; int enum_value; } SCEnumCharMap; @@ -14,4 +14,4 @@ int SCMapEnumNameToValue(const char *, SCEnumCharMap *); const char * SCMapEnumValueToName(int, SCEnumCharMap *); -#endif /* __ENUM_H__ */ +#endif /* __UTIL_ENUM_H__ */