search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
sq epan/dissectors/pidl/rcg/rcg.cnf
[wireshark-sm.git] / epan / tvbuff_lznt1.c
blob3d007215178f615ba0519625adb4fbe0e1f2c19e
1 /*
2 * Decompression code for LZNT1. This encoding is used by
3 * Microsoft in various file formats and protocols including SMB3.
4 *
5 * See MS-XCA.
6 *
7 * Copyright (C) 2019 Aurélien Aptel
8 *
9 * Wireshark - Network traffic analyzer
10 * By Gerald Combs <gerald@wireshark.org>
11 * Copyright 1998 Gerald Combs
12 *
13 * SPDX-License-Identifier: GPL-2.0-or-later
14 */
15
16 #include <glib.h>
17 #include <epan/exceptions.h>
18 #include <epan/tvbuff.h>
19 #include <epan/wmem_scopes.h>
20
21 #define MAX_INPUT_SIZE (16*1024*1024) /* 16MB */
22
23 static bool
24 uncompress_chunk(tvbuff_t *tvb, int offset, int in_size, wmem_array_t *obuf)
25 {
26 int in_off = 0, out_off = 0, out_start = 0;
27 uint8_t flags;
28 unsigned i, j, val, pos;
29
30 out_start = wmem_array_get_count(obuf);
31
32 while (in_off < in_size) {
33 flags = tvb_get_uint8(tvb, offset+in_off);
34 in_off++;
35 for (i = 0; i < 8; i++) {
36 if (0 == ((flags>>i)&1)) {
37 val = tvb_get_uint8(tvb, offset+in_off);
38 in_off++;
39 wmem_array_append_one(obuf, val);
40 out_off++;
41 } else {
42 unsigned f, l_mask = 0x0FFF, o_shift = 12;
43 unsigned match_len, match_off;
44
45 f = tvb_get_letohs(tvb, offset+in_off);
46 in_off += 2;
47 pos = out_off-1;
48 while (pos >= 0x10) {
49 l_mask >>= 1;
50 o_shift -= 1;
51 pos >>= 1;
52 }
53
54 match_len = (f & l_mask) + 3;
55 match_off = (f >> o_shift) + 1;
56 for (j = 0; j < match_len; j++) {
57 uint8_t byte;
58 if (match_off > (unsigned)out_off)
59 return false;
60 if (wmem_array_try_index(obuf, out_start+out_off-match_off, &byte))
61 return false;
62 wmem_array_append_one(obuf, byte);
63 out_off++;
64 }
65 }
66 if (in_off == in_size) {
67 goto out;
68 }
69 }
70 }
71 out:
72 return true;
73 }
74
75 static bool
76 do_uncompress(tvbuff_t *tvb, int offset, int in_size, wmem_array_t *obuf)
77 {
78 int in_off = 0;
79 uint32_t header, length, i;
80 bool ok;
81
82 if (!tvb)
83 return false;
84
85 if (!in_size || in_size > MAX_INPUT_SIZE)
86 return false;
87
88 while (in_off < in_size) {
89 header = tvb_get_letohs(tvb, offset+in_off);
90 in_off += 2;
91 length = (header & 0x0FFF) + 1;
92 if (!(header & 0x8000)) {
93 for (i = 0; i < length; i++) {
94 uint8_t v = tvb_get_uint8(tvb, offset+in_off);
95 wmem_array_append_one(obuf, v);
96 in_off++;
97 }
98 } else {
99 ok = uncompress_chunk(tvb, offset + in_off, length, obuf);
100 if (!ok)
101 return false;
102 in_off += length;
103 }
104 }
105 return true;
106 }
107
108 tvbuff_t *
109 tvb_uncompress_lznt1(tvbuff_t *tvb, const int offset, int in_size)
110 {
111 volatile bool ok = false;
112 wmem_allocator_t *pool;
113 wmem_array_t *obuf;
114 tvbuff_t *out;
115
116 pool = wmem_allocator_new(WMEM_ALLOCATOR_SIMPLE);
117 obuf = wmem_array_sized_new(pool, 1, in_size*2);
118
119 TRY {
120 ok = do_uncompress(tvb, offset, in_size, obuf);
121 } CATCH_ALL {
122 ok = false;
123 }
124 ENDTRY;
125
126 if (ok) {
127 /*
128 * Cannot pass a tvb free callback that frees the wmem
129 * pool, so we make an extra copy that uses bare
130 * pointers. This could be optimized if tvb API had a
131 * free pool callback of some sort.
132 */
133 unsigned size = wmem_array_get_count(obuf);
134 uint8_t *p = (uint8_t *)g_malloc(size);
135 memcpy(p, wmem_array_get_raw(obuf), size);
136 out = tvb_new_real_data(p, size, size);
137 tvb_set_free_cb(out, g_free);
138 } else {
139 out = NULL;
140 }
141
142 wmem_destroy_allocator(pool);
143
144 return out;
145 }
146
147 tvbuff_t *
148 tvb_child_uncompress_lznt1(tvbuff_t *parent, tvbuff_t *tvb, const int offset, int in_size)
149 {
150 tvbuff_t *new_tvb = tvb_uncompress_lznt1(tvb, offset, in_size);
151 if (new_tvb)
152 tvb_set_child_real_data_tvbuff(parent, new_tvb);
153 return new_tvb;
154 }
155
156 /*
157 * Editor modelines - https://www.wireshark.org/tools/modelines.html
158 *
159 * Local variables:
160 * c-basic-offset: 8
161 * tab-width: 8
162 * indent-tabs-mode: t
163 * End:
164 *
165 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
166 * :indentSize=8:tabSize=8:noTabs=false:
167 */
Metzes wireshark repo