(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-vnc.c) |
| |
| 676 | | | vnc_startup_messages(tvbuff_t *tvb, packet_info *pinfo, gint offset, |
| 677 | | | proto_tree *tree, vnc_conversation_t |
| 678 | | | *per_conversation_info) |
| 679 | | | { |
| 680 | | | guint8 num_security_types; |
| 681 | | | guint32 desktop_name_len, auth_result, text_len; |
| 682 | | | vnc_packet_t *per_packet_info; |
| 683 | | | gint num_tunnel_types; |
| 684 | | | gint num_auth_types; |
| 685 | | | |
| 686 | | | per_packet_info = p_get_proto_data(pinfo->fd, proto_vnc); |
| 687 | | | |
| 688 | | | if(!per_packet_info) { |
| 689 | | | per_packet_info = se_alloc(sizeof(vnc_packet_t)); |
| 690 | | | |
| 691 | | | per_packet_info->state = per_conversation_info->vnc_next_state; |
| 692 | | | per_packet_info->preferred_encoding = -1; |
| 693 | | | |
| 694 | | | p_add_proto_data(pinfo->fd, proto_vnc, per_packet_info); |
| 695 | | | } |
| 696 | | | |
| 697 | | | |
| 698 | | | switch(per_packet_info->state) { |
| 699 | | | |
| 700 | | | case SERVER_VERSION : |
| 701 | | | if (!vnc_is_client_or_server_version_message(tvb)) |
| 702 | | | return TRUE; |
| 703 | | | |
| 704 | | | proto_tree_add_item(tree, hf_vnc_server_proto_ver, tvb, 4, |
| 705 | | | 7, FALSE); |
| 706 | | | per_conversation_info->server_proto_ver = |
| 707 | | | g_ascii_strtod((char *)tvb_get_ephemeral_string(tvb, 4, 7), |
| 708 | | | NULL); |
| 709 | | | per_conversation_info->server_port = pinfo->srcport; |
| 710 | | | |
| 711 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 712 | | | col_add_fstr(pinfo->cinfo, COL_INFO, |
| 713 | | | "Server protocol version: %s", |
| 714 | | | tvb_format_text(tvb, 4, 7)); |
| 715 | | | |
| 716 | | | per_conversation_info->vnc_next_state = CLIENT_VERSION; |
| 717 | | | break; |
| 718 | | | |
| 719 | | | case CLIENT_VERSION : |
| 720 | | | if (!vnc_is_client_or_server_version_message(tvb)) |
| 721 | | | return TRUE; |
| 722 | | | |
| 723 | | | proto_tree_add_item(tree, hf_vnc_client_proto_ver, tvb, |
| 724 | | | 4, 7, FALSE); |
| 725 | | | per_conversation_info->client_proto_ver = |
| 726 | | | g_ascii_strtod((char *)tvb_get_ephemeral_string(tvb, 4, 7), |
| 727 | | | NULL); |
| 728 | | | |
| 729 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 730 | | | col_add_fstr(pinfo->cinfo, COL_INFO, |
| 731 | | | "Client protocol version: %s", |
| 732 | | | tvb_format_text(tvb, 4, 7)); |
| 733 | | | |
| 734 | | | per_conversation_info->vnc_next_state = SECURITY; |
| 735 | | | break; |
| 736 | | | |
| 737 | | | case SECURITY : |
| 738 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 739 | | | col_set_str(pinfo->cinfo, COL_INFO, |
| 740 | | | "Security types supported"); |
| 741 | | | |
| 742 | | | |
| 743 | | | |
| 744 | | | |
| 745 | | | |
| 746 | | | if(per_conversation_info->client_proto_ver >= 3.007) { |
| 747 | | | num_security_types = tvb_get_guint8(tvb, offset); |
| 748 | | | if (tree) { |
| 749 | | | proto_tree_add_item(tree, |
| 750 | | | hf_vnc_num_security_types, tvb, |
| 751 | | | offset, 1, FALSE); |
| 752 | | | |
| 753 | | | for(offset = 1; offset <= num_security_types; offset++){ |
| 754 | | | proto_tree_add_item(tree, |
| 755 | | | hf_vnc_security_type, tvb, |
| 756 | | | offset, 1, FALSE); |
| 757 | | | } |
| 758 | | | } |
| 759 | | | } else { |
| 760 | | | |
| 761 | | | |
| 762 | | | proto_tree_add_item(tree, |
| 763 | | | hf_vnc_server_security_type, tvb, |
| 764 | | | offset, 4, FALSE); |
| 765 | | | } |
| 766 | | | |
| 767 | | | per_conversation_info->vnc_next_state = SECURITY_TYPES; |
| 768 | | | break; |
| 769 | | | |
| 770 | | | case SECURITY_TYPES : |
| 771 | | | if (check_col(pinfo->cinfo, COL_INFO)) { |
| 772 | | | col_set_str(pinfo->cinfo, COL_INFO, |
| 773 | | | "Authentication type selected by client"); |
| 774 | | | } |
| 775 | | | proto_tree_add_item(tree, hf_vnc_client_security_type, tvb, |
| 776 | | | offset, 1, FALSE); |
| 777 | | | per_conversation_info->security_type_selected = |
| 778 | | | tvb_get_guint8(tvb, offset); |
| 779 | | | |
| 780 | | | switch(per_conversation_info->security_type_selected) { |
| 781 | | | |
| 782 | | | case 1 : |
| 783 | | | if(per_conversation_info->client_proto_ver >= 3.008) |
| 784 | | | per_conversation_info->vnc_next_state = |
| 785 | | | SECURITY_RESULT; |
| 786 | | | else |
| 787 | | | per_conversation_info->vnc_next_state = |
| 788 | | | CLIENT_INIT; |
| 789 | | | |
| 790 | | | break; |
| 791 | | | |
| 792 | | | case 2 : |
| 793 | | | per_conversation_info->vnc_next_state = |
| 794 | | | VNC_AUTHENTICATION_CHALLENGE; |
| 795 | | | break; |
| 796 | | | |
| 797 | | | case 16 : |
| 798 | | | per_conversation_info->vnc_next_state = |
| 799 | | | TIGHT_TUNNELING_CAPABILITIES; |
| 800 | | | |
| 801 | | | default : |
| 802 | | | |
| 803 | | | break; |
| 804 | | | } |
| 805 | | | |
| 806 | | | break; |
| 807 | | | |
| 808 | | | case TIGHT_TUNNELING_CAPABILITIES : |
| 809 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 810 | | | col_set_str(pinfo->cinfo, COL_INFO, |
| 811 | | | "TightVNC tunneling capabilities supported"); |
| 812 | | | |
| 813 | | | proto_tree_add_item(tree, hf_vnc_tight_num_tunnel_types, tvb, offset, 4, FALSE); |
| 814 | | | num_tunnel_types = tvb_get_ntohl(tvb, offset); |
| 815 | | | offset += 4; |
| 816 | | | |
| 817 | | | { |
| 818 | | | gint i; |
| 819 | | | |
| 820 | | | for(i = 0; i < num_tunnel_types; i++) { |
| 821 | | | |
| 822 | | | |
| 823 | | | |
| 824 | | | |
| 825 | | | proto_tree_add_item(tree, hf_vnc_tight_tunnel_type, tvb, offset, 16, FALSE); |
| 826 | | | offset += 16; |
| 827 | | | } |
| 828 | | | } |
| 829 | | | |
| 830 | | | if (num_tunnel_types == 0) |
| 831 | | | per_conversation_info->vnc_next_state = TIGHT_AUTH_CAPABILITIES; |
| 832 | | | else |
| 833 | | | per_conversation_info->vnc_next_state = TIGHT_TUNNEL_TYPE_REPLY; |
| 834 | | | break; |
| 835 | | | |
| 836 | | | case TIGHT_TUNNEL_TYPE_REPLY: |
| 837 | | | |
| 838 | | | |
| 839 | | | |
| 840 | | | |
| 841 | | | break; |
| 842 | | | |
| 843 | | | case TIGHT_AUTH_CAPABILITIES: |
| 844 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 845 | | | col_set_str(pinfo->cinfo, COL_INFO, |
| 846 | | | "TightVNC authentication capabilities supported"); |
| 847 | | | |
| 848 | | | proto_tree_add_item(tree, hf_vnc_tight_num_auth_types, tvb, offset, 4, FALSE); |
| 849 | | | num_auth_types = tvb_get_ntohl(tvb, offset); |
| 850 | | | offset += 4; |
| 851 | | | |
| 852 | | | { |
| 853 | | | int i; |
| 854 | | | |
| 855 | | | for (i = 0; i < num_auth_types; i++) { |
| 856 | | | |
| 857 | | | |
| 858 | | | |
| 859 | | | proto_tree_add_item(tree, hf_vnc_tight_auth_type, tvb, offset, 16, FALSE); |
| 860 | | | offset += 16; |
| 861 | | | } |
| 862 | | | } |
| 863 | | | |
| 864 | | | if (num_auth_types == 0) |
| 865 | | | per_conversation_info->vnc_next_state = CLIENT_INIT; |
| 866 | | | else |
| 867 | | | per_conversation_info->vnc_next_state = TIGHT_AUTH_TYPE_REPLY; |
| 868 | | | break; |
| 869 | | | |
| 870 | | | case TIGHT_AUTH_TYPE_REPLY: |
| 871 | | | REPORT_DISSECTOR_BUG("Unimplemented case: TightVNC authentication reply");
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
106 | #define REPORT_DISSECTOR_BUG(message) \ |
107 | ((getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL) ? \ |
108 | abort() : \ |
109 | THROW_MESSAGE(DissectorError, message)) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/exceptions.h |
| |
226 | #define THROW_MESSAGE(x, y) \ |
227 | except_throw(XCEPT_GROUP_WIRESHARK, (x), (y)) |
| |
|
| 872 | | | |
| 873 | | | break; |
| 874 | | | |
| 875 | | | case TIGHT_AUTH_TYPE_AND_VENDOR_CODE : |
| 876 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 877 | | | col_set_str(pinfo->cinfo, COL_INFO, |
| 878 | | | "Authentication type / vendor code"); |
| 879 | | | |
| 880 | | | proto_tree_add_item(tree, hf_vnc_server_security_type, tvb, |
| 881 | | | offset, 4, FALSE); |
| 882 | | | |
| 883 | | | offset += 4; |
| 884 | | | |
| 885 | | | offset = process_vendor(tree, hf_vnc_vendor_code, tvb, offset); |
| 886 | | | |
| 887 | | | |
| 888 | | | proto_tree_add_item(tree, hf_vnc_security_type_string, tvb, |
| 889 | | | offset, 8, FALSE); |
| 890 | | | |
| 891 | | | per_conversation_info->vnc_next_state = |
| 892 | | | TIGHT_UNKNOWN_PACKET3; |
| 893 | | | |
| 894 | | | break; |
| 895 | | | |
| 896 | | | case TIGHT_UNKNOWN_PACKET3 : |
| 897 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 898 | | | col_set_str(pinfo->cinfo, COL_INFO, |
| 899 | | | "Unknown packet (TightVNC)"); |
| 900 | | | |
| 901 | | | proto_tree_add_text(tree, tvb, offset, -1, |
| 902 | | | "Unknown packet (TightVNC)"); |
| 903 | | | |
| 904 | | | per_conversation_info->vnc_next_state = |
| 905 | | | VNC_AUTHENTICATION_CHALLENGE; |
| 906 | | | |
| 907 | | | break; |
| 908 | | | |
| 909 | | | case VNC_AUTHENTICATION_CHALLENGE : |
| 910 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 911 | | | col_set_str(pinfo->cinfo, COL_INFO, |
| 912 | | | "Authentication challenge from server"); |
| 913 | | | |
| 914 | | | proto_tree_add_item(tree, hf_vnc_auth_challenge, tvb, |
| 915 | | | offset, 16, FALSE); |
| 916 | | | |
| 917 | | | per_conversation_info->vnc_next_state = |
| 918 | | | VNC_AUTHENTICATION_RESPONSE; |
| 919 | | | break; |
| 920 | | | |
| 921 | | | case VNC_AUTHENTICATION_RESPONSE : |
| 922 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 923 | | | col_set_str(pinfo->cinfo, COL_INFO, |
| 924 | | | "Authentication response from client"); |
| 925 | | | |
| 926 | | | proto_tree_add_item(tree, hf_vnc_auth_response, tvb, |
| 927 | | | offset, 16, FALSE); |
| 928 | | | |
| 929 | | | per_conversation_info->vnc_next_state = SECURITY_RESULT; |
| 930 | | | break; |
| 931 | | | |
| 932 | | | case SECURITY_RESULT : |
| 933 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 934 | | | col_set_str(pinfo->cinfo, COL_INFO, |
| 935 | | | "Authentication result"); |
| 936 | | | |
| 937 | | | proto_tree_add_item(tree, hf_vnc_auth_result, tvb, offset, |
| 938 | | | 4, FALSE); |
| 939 | | | auth_result = tvb_get_ntohl(tvb, offset); |
| 940 | | | offset += 4; |
| 941 | | | |
| 942 | | | switch(auth_result) { |
| 943 | | | |
| 944 | | | case 0 : |
| 945 | | | per_conversation_info->vnc_next_state = CLIENT_INIT; |
| 946 | | | break; |
| 947 | | | |
| 948 | | | case 1 : |
| 949 | | | if(per_conversation_info->client_proto_ver >= 3.008) { |
| 950 | | | text_len = tvb_get_ntohl(tvb, offset); |
| 951 | | | proto_tree_add_text(tree, tvb, offset, 4, "Length of authentication error: %d", text_len); |
| 952 | | | offset += 4; |
| 953 | | | |
| 954 | | | proto_tree_add_item(tree, hf_vnc_auth_error, tvb, |
| 955 | | | offset, text_len, FALSE); |
| 956 | | | offset += text_len; |
| 957 | | | } |
| 958 | | | |
| 959 | | | return TRUE; |
| 960 | | | |
| 961 | | | |
| 962 | | | |
| 963 | | | break; |
Unreachable Control Flow
The highlighted code will not execute under any circumstances. This may be because of: |
|
| 964 | | | } |
| 965 | | | |
| 966 | | | break; |
| 967 | | | |
| 968 | | | case CLIENT_INIT : |
| 969 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 970 | | | col_set_str(pinfo->cinfo, COL_INFO, |
| 971 | | | "Share desktop flag"); |
| 972 | | | |
| 973 | | | proto_tree_add_item(tree, hf_vnc_share_desktop_flag, tvb, |
| 974 | | | offset, 1, FALSE); |
| 975 | | | |
| 976 | | | per_conversation_info->vnc_next_state = SERVER_INIT; |
| 977 | | | |
| 978 | | | break; |
| 979 | | | |
| 980 | | | case SERVER_INIT : |
| 981 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 982 | | | col_set_str(pinfo->cinfo, COL_INFO, |
| 983 | | | "Server framebuffer parameters"); |
| 984 | | | |
| 985 | | | proto_tree_add_item(tree, hf_vnc_width, tvb, offset, 2, |
| 986 | | | FALSE); |
| 987 | | | offset += 2; |
| 988 | | | |
| 989 | | | proto_tree_add_item(tree, hf_vnc_height, tvb, offset, 2, |
| 990 | | | FALSE); |
| 991 | | | offset += 2; |
| 992 | | | |
| 993 | | | proto_tree_add_item(tree, hf_vnc_server_bits_per_pixel, |
| 994 | | | tvb, offset, 1, FALSE); |
| 995 | | | vnc_bytes_per_pixel = tvb_get_guint8(tvb, offset)/8; |
| 996 | | | vnc_set_bytes_per_pixel(pinfo, vnc_bytes_per_pixel); |
| 997 | | | offset += 1; |
| 998 | | | |
| 999 | | | proto_tree_add_item(tree, hf_vnc_server_depth, tvb, offset, |
| 1000 | | | 1, FALSE); |
| 1001 | | | offset += 1; |
| 1002 | | | |
| 1003 | | | proto_tree_add_item(tree, hf_vnc_server_big_endian_flag, |
| 1004 | | | tvb, offset, 1, FALSE); |
| 1005 | | | offset += 1; |
| 1006 | | | |
| 1007 | | | proto_tree_add_item(tree, hf_vnc_server_true_color_flag, |
| 1008 | | | tvb, offset, 1, FALSE); |
| 1009 | | | offset += 1; |
| 1010 | | | |
| 1011 | | | proto_tree_add_item(tree, hf_vnc_server_red_max, |
| 1012 | | | tvb, offset, 2, FALSE); |
| 1013 | | | offset += 2; |
| 1014 | | | |
| 1015 | | | proto_tree_add_item(tree, hf_vnc_server_green_max, |
| 1016 | | | tvb, offset, 2, FALSE); |
| 1017 | | | offset += 2; |
| 1018 | | | |
| 1019 | | | proto_tree_add_item(tree, hf_vnc_server_blue_max, |
| 1020 | | | tvb, offset, 2, FALSE); |
| 1021 | | | offset += 2; |
| 1022 | | | |
| 1023 | | | proto_tree_add_item(tree, hf_vnc_server_red_shift, |
| 1024 | | | tvb, offset, 1, FALSE); |
| 1025 | | | offset += 1; |
| 1026 | | | |
| 1027 | | | proto_tree_add_item(tree, hf_vnc_server_green_shift, |
| 1028 | | | tvb, offset, 1, FALSE); |
| 1029 | | | offset += 1; |
| 1030 | | | |
| 1031 | | | proto_tree_add_item(tree, hf_vnc_server_blue_shift, |
| 1032 | | | tvb, offset, 1, FALSE); |
| 1033 | | | offset += 1; |
| 1034 | | | |
| 1035 | | | proto_tree_add_item(tree, hf_vnc_padding, |
| 1036 | | | tvb, offset, 3, FALSE); |
| 1037 | | | offset += 3; |
| 1038 | | | |
| 1039 | | | if(tvb_length_remaining(tvb, offset) > 0) { |
| 1040 | | | |
| 1041 | | | proto_tree_add_item(tree, hf_vnc_desktop_name_len, |
| 1042 | | | tvb, offset, 4, FALSE); |
| 1043 | | | desktop_name_len = tvb_get_ntohl(tvb, offset); |
| 1044 | | | offset += 4; |
| 1045 | | | |
| 1046 | | | proto_tree_add_item(tree, hf_vnc_desktop_name, |
| 1047 | | | tvb, offset, desktop_name_len, |
| 1048 | | | FALSE); |
| 1049 | | | } |
| 1050 | | | |
| 1051 | | | if(per_conversation_info->security_type_selected == TIGHT) |
| 1052 | | | per_conversation_info->vnc_next_state = |
| 1053 | | | TIGHT_INTERACTION_CAPS; |
| 1054 | | | else |
| 1055 | | | per_conversation_info->vnc_next_state = NORMAL_TRAFFIC; |
| 1056 | | | break; |
| 1057 | | | |
| 1058 | | | case TIGHT_INTERACTION_CAPS : |
| 1059 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 1060 | | | col_set_str(pinfo->cinfo, COL_INFO, |
| 1061 | | | "TightVNC Interaction Capabilities"); |
| 1062 | | | |
| 1063 | | | proto_tree_add_item(tree, hf_vnc_num_server_message_types, |
| 1064 | | | tvb, offset, 2, FALSE); |
| 1065 | | | per_conversation_info->num_server_message_types = tvb_get_ntohs(tvb, offset); |
| 1066 | | | offset += 2; |
| 1067 | | | |
| 1068 | | | proto_tree_add_item(tree, hf_vnc_num_client_message_types, |
| 1069 | | | tvb, offset, 2, FALSE); |
| 1070 | | | per_conversation_info->num_client_message_types = tvb_get_ntohs(tvb, offset); |
| 1071 | | | offset += 2; |
| 1072 | | | |
| 1073 | | | proto_tree_add_item(tree, hf_vnc_num_encoding_types, |
| 1074 | | | tvb, offset, 2, FALSE); |
| 1075 | | | per_conversation_info->num_encoding_types = tvb_get_ntohs(tvb, offset); |
| 1076 | | | offset += 2; |
| 1077 | | | |
| 1078 | | | proto_tree_add_item(tree, hf_vnc_padding, tvb, offset, 2, |
| 1079 | | | FALSE); |
| 1080 | | | offset += 2; |
| 1081 | | | |
| 1082 | | | per_conversation_info->vnc_next_state = TIGHT_INTERACTION_CAPS_LIST; |
| 1083 | | | break; |
| 1084 | | | |
| 1085 | | | case TIGHT_INTERACTION_CAPS_LIST: |
| 1086 | | | if (check_col(pinfo->cinfo, COL_INFO)) |
| 1087 | | | col_set_str(pinfo->cinfo, COL_INFO, |
| 1088 | | | "TightVNC Interaction Capabilities list"); |
| 1089 | | | |
| 1090 | | | offset = process_tight_capabilities(tree, |
| 1091 | | | hf_vnc_tight_server_message_type, |
| 1092 | | | hf_vnc_tight_server_vendor, |
| 1093 | | | hf_vnc_tight_server_name, |
| 1094 | | | tvb, offset, per_conversation_info->num_server_message_types); |
| 1095 | | | offset = process_tight_capabilities(tree, |
| 1096 | | | hf_vnc_tight_client_message_type, |
| 1097 | | | hf_vnc_tight_client_vendor, |
| 1098 | | | hf_vnc_tight_client_name, |
| 1099 | | | tvb, offset, per_conversation_info->num_client_message_types); |
| 1100 | | | offset = process_tight_capabilities(tree, |
| 1101 | | | hf_vnc_tight_encoding_type, |
| 1102 | | | hf_vnc_tight_encoding_vendor, |
| 1103 | | | hf_vnc_tight_encoding_name, |
| 1104 | | | tvb, offset, per_conversation_info->num_encoding_types); |
| 1105 | | | |
| 1106 | | | per_conversation_info->vnc_next_state = NORMAL_TRAFFIC; |
| 1107 | | | break; |
| 1108 | | | |
| 1109 | | | case NORMAL_TRAFFIC : |
| 1110 | | | return FALSE; |
| 1111 | | | } |
| 1112 | | | |
| 1113 | | | return TRUE; |
| 1114 | | | } |
| |