static int
dissect_remact_remote_activation_rqst(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree, dcerpc_info *di, guint8 *drep)
{
guint32 u32ClientImpLevel;
guint32 u32Mode;
guint32 u32Interfaces;
guint32 u32Pointer;
guint32 u32ArraySize;
guint32 u32ItemIdx;
guint16 u16ProtSeqs;
e_guid_t clsid;
e_guid_t iid;
gchar szObjName[1000] = { 0 };
guint32 u32ObjNameLen = sizeof(szObjName);
offset = dissect_dcom_this(tvb, offset, pinfo, tree, di, drep);
offset = dissect_dcom_append_UUID(tvb, offset, pinfo, tree, di, drep,
hf_dcom_clsid, -1, &clsid);
offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, tree, di, drep,
&u32Pointer);
if (u32Pointer) {
offset = dissect_dcom_BSTR(tvb, offset, pinfo, tree, di, drep,
hf_remact_object_name, szObjName, u32ObjNameLen);
}
offset = dissect_dcom_PMInterfacePointer(tvb, offset, pinfo, tree, di, drep,
hf_remact_object_storage, NULL /* XXX */);
offset = dissect_dcom_DWORD(tvb, offset, pinfo, tree, di, drep,
hf_remact_client_impl_level, &u32ClientImpLevel);
offset = dissect_dcom_DWORD(tvb, offset, pinfo, tree, di, drep,
hf_remact_mode, &u32Mode);
/* Interfaces */
offset = dissect_dcom_DWORD(tvb, offset, pinfo, tree, di, drep,
hf_remact_interfaces, &u32Interfaces);
offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, tree, di, drep,
&u32Pointer);
if (u32Pointer) {
offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, tree, di, drep,
&u32ArraySize);
u32ItemIdx = 1;
while (u32Interfaces--) {
offset = dissect_dcom_append_UUID(tvb, offset, pinfo, tree, di, drep,
hf_dcom_iid, u32ItemIdx, &iid);
u32ItemIdx++;
}
}
offset = dissect_dcom_WORD(tvb, offset, pinfo, tree, di, drep,
hf_remact_requested_protseqs, &u16ProtSeqs);
offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, tree, di, drep,
&u32ArraySize);
u32ItemIdx = 1;
while (u32ArraySize--) {
offset = dissect_dcom_WORD(tvb, offset, pinfo, tree, di, drep,
hf_remact_protseqs, &u16ProtSeqs);
u32ItemIdx++;
}
return offset;
}
int
dissect_IDispatch_Invoke_resp(tvbuff_t *tvb, int offset,
packet_info *pinfo, proto_tree *tree, guint8 *drep)
{
guint32 u32Pointer;
guint32 u32Pointer2;
guint32 u32Pointer3;
guint32 u32VariableOffset;
guint32 u32ArraySize;
guint32 u32SubStart;
guint16 u16Code;
guint16 u16Reserved;
guint32 u32HelpContext;
guint32 u32Reserved;
guint32 u32DeferredFillIn;
guint32 u32ArgErr;
guint32 u32HResult;
guint32 u32SCode;
guint32 u32VarRef;
gchar szName[1000] = { 0 };
proto_item *excepinfo_item;
proto_tree *excepinfo_tree;
offset = dissect_dcom_that(tvb, offset, pinfo, tree, drep);
offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, tree, drep,
&u32Pointer);
if (u32Pointer) {
offset = dissect_dcom_VARIANT(tvb, offset, pinfo, tree, drep, hf_dispatch_varresult);
}
/* ExcepInfo */
excepinfo_item = proto_tree_add_item(tree, hf_dispatch_excepinfo, tvb, offset, 0, FALSE);
excepinfo_tree = proto_item_add_subtree (excepinfo_item, ett_dispatch_excepinfo);
u32SubStart = offset;
offset = dissect_dcom_WORD(tvb, offset, pinfo, excepinfo_tree, drep,
hf_dispatch_code, &u16Code);
offset = dissect_dcom_WORD(tvb, offset, pinfo, excepinfo_tree, drep,
hf_dispatch_reserved16, &u16Reserved);
offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, excepinfo_tree, drep,
&u32Pointer);
offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, excepinfo_tree, drep,
&u32Pointer2);
offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, excepinfo_tree, drep,
&u32Pointer3);
offset = dissect_dcom_DWORD(tvb, offset, pinfo, excepinfo_tree, drep,
hf_dispatch_help_context, &u32HelpContext);
offset = dissect_dcom_DWORD(tvb, offset, pinfo, excepinfo_tree, drep,
hf_dispatch_reserved32, &u32Reserved);
offset = dissect_dcom_DWORD(tvb, offset, pinfo, excepinfo_tree, drep,
hf_dispatch_deferred_fill_in, &u32DeferredFillIn);
offset = dissect_dcom_DWORD(tvb, offset, pinfo, excepinfo_tree, drep,
hf_dispatch_scode, &u32SCode);
if (u32Pointer) {
offset = dissect_dcom_BSTR(tvb, offset, pinfo, excepinfo_tree, drep,
hf_dispatch_source, szName, sizeof(szName));
}
if (u32Pointer2) {
offset = dissect_dcom_BSTR(tvb, offset, pinfo, excepinfo_tree, drep,
hf_dispatch_description, szName, sizeof(szName));
}
if (u32Pointer3) {
offset = dissect_dcom_BSTR(tvb, offset, pinfo, excepinfo_tree, drep,
hf_dispatch_help_file, szName, sizeof(szName));
}
proto_item_append_text(excepinfo_item, ", SCode: %s",
val_to_str(u32SCode, dcom_hresult_vals, "Unknown (0x%08x)"));
proto_item_set_len(excepinfo_item, offset - u32SubStart);
/* end of ExcepInfo */
offset = dissect_dcom_DWORD(tvb, offset, pinfo, tree, drep,
hf_dispatch_arg_err, &u32ArgErr);
/* rgVarRef: VARIANT[u32VarRef] */
offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, tree, drep,
&u32ArraySize);
u32VarRef = u32ArraySize;
u32VariableOffset = offset + u32ArraySize * 4;
while(u32ArraySize--) {
offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, tree, drep,
&u32Pointer);
if (u32Pointer) {
u32VariableOffset = dissect_dcom_VARIANT(tvb, u32VariableOffset, pinfo, tree, drep, hf_dispatch_varrefarg);
}
}
offset = u32VariableOffset;
/* HRESULT of call */
offset = dissect_dcom_HRESULT(tvb, offset, pinfo, tree, drep,
&u32HResult);
if (check_col(pinfo->cinfo, COL_INFO)) {
col_append_fstr(pinfo->cinfo, COL_INFO, " SCode=%s VarRef=%u -> %s",
val_to_str(u32SCode, dcom_hresult_vals, "Unknown (0x%08x)"),
u32VarRef,
val_to_str(u32HResult, dcom_hresult_vals, "Unknown (0x%08x)") );
}
return offset;
}
