1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * BER and PER decoding library for H.323 conntrack/NAT module. 4 * 5 * Copyright (c) 2006 by Jing Min Zhao <zhaojingmin@users.sourceforge.net> 6 * 7 * See nf_conntrack_helper_h323_asn1.h for details. 8 */ 9 10 #ifdef __KERNEL__ 11 #include <linux/kernel.h> 12 #else 13 #include <stdio.h> 14 #endif 15 #include <linux/netfilter/nf_conntrack_h323_asn1.h> 16 17 /* Trace Flag */ 18 #ifndef H323_TRACE 19 #define H323_TRACE 0 20 #endif 21 22 #if H323_TRACE 23 #define TAB_SIZE 4 24 #define IFTHEN(cond, act) if(cond){act;} 25 #ifdef __KERNEL__ 26 #define PRINT printk 27 #else 28 #define PRINT printf 29 #endif 30 #define FNAME(name) name, 31 #else 32 #define IFTHEN(cond, act) 33 #define PRINT(fmt, args...) 34 #define FNAME(name) 35 #endif 36 37 /* ASN.1 Types */ 38 #define NUL 0 39 #define BOOL 1 40 #define OID 2 41 #define INT 3 42 #define ENUM 4 43 #define BITSTR 5 44 #define NUMSTR 6 45 #define NUMDGT 6 46 #define TBCDSTR 6 47 #define OCTSTR 7 48 #define PRTSTR 7 49 #define IA5STR 7 50 #define GENSTR 7 51 #define BMPSTR 8 52 #define SEQ 9 53 #define SET 9 54 #define SEQOF 10 55 #define SETOF 10 56 #define CHOICE 11 57 58 /* Constraint Types */ 59 #define FIXD 0 60 /* #define BITS 1-8 */ 61 #define BYTE 9 62 #define WORD 10 63 #define CONS 11 64 #define SEMI 12 65 #define UNCO 13 66 67 /* ASN.1 Type Attributes */ 68 #define SKIP 0 69 #define STOP 1 70 #define DECODE 2 71 #define EXT 4 72 #define OPEN 8 73 #define OPT 16 74 75 76 /* ASN.1 Field Structure */ 77 typedef struct field_t { 78 #if H323_TRACE 79 char *name; 80 #endif 81 unsigned char type; 82 unsigned char sz; 83 unsigned char lb; 84 unsigned char ub; 85 unsigned short attr; 86 unsigned short offset; 87 const struct field_t *fields; 88 } field_t; 89 90 /* Bit Stream */ 91 struct bitstr { 92 unsigned char *buf; 93 unsigned char *beg; 94 unsigned char *end; 95 unsigned char *cur; 96 unsigned int bit; 97 }; 98 99 /* Tool Functions */ 100 #define INC_BIT(bs) if((++(bs)->bit)>7){(bs)->cur++;(bs)->bit=0;} 101 #define INC_BITS(bs,b) if(((bs)->bit+=(b))>7){(bs)->cur+=(bs)->bit>>3;(bs)->bit&=7;} 102 #define BYTE_ALIGN(bs) if((bs)->bit){(bs)->cur++;(bs)->bit=0;} 103 static unsigned int get_len(struct bitstr *bs); 104 static unsigned int get_bit(struct bitstr *bs); 105 static unsigned int get_bits(struct bitstr *bs, unsigned int b); 106 static unsigned int get_bitmap(struct bitstr *bs, unsigned int b); 107 static unsigned int get_uint(struct bitstr *bs, int b); 108 109 /* Decoder Functions */ 110 static int decode_nul(struct bitstr *bs, const struct field_t *f, char *base, int level); 111 static int decode_bool(struct bitstr *bs, const struct field_t *f, char *base, int level); 112 static int decode_oid(struct bitstr *bs, const struct field_t *f, char *base, int level); 113 static int decode_int(struct bitstr *bs, const struct field_t *f, char *base, int level); 114 static int decode_enum(struct bitstr *bs, const struct field_t *f, char *base, int level); 115 static int decode_bitstr(struct bitstr *bs, const struct field_t *f, char *base, int level); 116 static int decode_numstr(struct bitstr *bs, const struct field_t *f, char *base, int level); 117 static int decode_octstr(struct bitstr *bs, const struct field_t *f, char *base, int level); 118 static int decode_bmpstr(struct bitstr *bs, const struct field_t *f, char *base, int level); 119 static int decode_seq(struct bitstr *bs, const struct field_t *f, char *base, int level); 120 static int decode_seqof(struct bitstr *bs, const struct field_t *f, char *base, int level); 121 static int decode_choice(struct bitstr *bs, const struct field_t *f, char *base, int level); 122 123 /* Decoder Functions Vector */ 124 typedef int (*decoder_t)(struct bitstr *, const struct field_t *, char *, int); 125 static const decoder_t Decoders[] = { 126 decode_nul, 127 decode_bool, 128 decode_oid, 129 decode_int, 130 decode_enum, 131 decode_bitstr, 132 decode_numstr, 133 decode_octstr, 134 decode_bmpstr, 135 decode_seq, 136 decode_seqof, 137 decode_choice, 138 }; 139 140 /* 141 * H.323 Types 142 */ 143 #include "nf_conntrack_h323_types.c" 144 145 /* 146 * Functions 147 */ 148 149 /* Assume bs is aligned && v < 16384 */ 150 static unsigned int get_len(struct bitstr *bs) 151 { 152 unsigned int v; 153 154 v = *bs->cur++; 155 156 if (v & 0x80) { 157 v &= 0x3f; 158 v <<= 8; 159 v += *bs->cur++; 160 } 161 162 return v; 163 } 164 165 static int nf_h323_error_boundary(struct bitstr *bs, size_t bytes, size_t bits) 166 { 167 bits += bs->bit; 168 bytes += bits / BITS_PER_BYTE; 169 if (bits % BITS_PER_BYTE > 0) 170 bytes++; 171 172 if (bs->cur + bytes > bs->end) 173 return 1; 174 175 return 0; 176 } 177 178 static unsigned int get_bit(struct bitstr *bs) 179 { 180 unsigned int b = (*bs->cur) & (0x80 >> bs->bit); 181 182 INC_BIT(bs); 183 184 return b; 185 } 186 187 /* Assume b <= 8 */ 188 static unsigned int get_bits(struct bitstr *bs, unsigned int b) 189 { 190 unsigned int v, l; 191 192 v = (*bs->cur) & (0xffU >> bs->bit); 193 l = b + bs->bit; 194 195 if (l < 8) { 196 v >>= 8 - l; 197 bs->bit = l; 198 } else if (l == 8) { 199 bs->cur++; 200 bs->bit = 0; 201 } else { /* l > 8 */ 202 203 v <<= 8; 204 v += *(++bs->cur); 205 v >>= 16 - l; 206 bs->bit = l - 8; 207 } 208 209 return v; 210 } 211 212 /* Assume b <= 32 */ 213 static unsigned int get_bitmap(struct bitstr *bs, unsigned int b) 214 { 215 unsigned int v, l, shift, bytes; 216 217 if (!b) 218 return 0; 219 220 l = bs->bit + b; 221 222 if (l < 8) { 223 v = (unsigned int)(*bs->cur) << (bs->bit + 24); 224 bs->bit = l; 225 } else if (l == 8) { 226 v = (unsigned int)(*bs->cur++) << (bs->bit + 24); 227 bs->bit = 0; 228 } else { 229 for (bytes = l >> 3, shift = 24, v = 0; bytes; 230 bytes--, shift -= 8) 231 v |= (unsigned int)(*bs->cur++) << shift; 232 233 if (l < 32) { 234 v |= (unsigned int)(*bs->cur) << shift; 235 v <<= bs->bit; 236 } else if (l > 32) { 237 v <<= bs->bit; 238 v |= (*bs->cur) >> (8 - bs->bit); 239 } 240 241 bs->bit = l & 0x7; 242 } 243 244 v &= 0xffffffff << (32 - b); 245 246 return v; 247 } 248 249 /* 250 * Assume bs is aligned and sizeof(unsigned int) == 4 251 */ 252 static unsigned int get_uint(struct bitstr *bs, int b) 253 { 254 unsigned int v = 0; 255 256 switch (b) { 257 case 4: 258 v |= *bs->cur++; 259 v <<= 8; 260 fallthrough; 261 case 3: 262 v |= *bs->cur++; 263 v <<= 8; 264 fallthrough; 265 case 2: 266 v |= *bs->cur++; 267 v <<= 8; 268 fallthrough; 269 case 1: 270 v |= *bs->cur++; 271 break; 272 } 273 return v; 274 } 275 276 static int decode_nul(struct bitstr *bs, const struct field_t *f, 277 char *base, int level) 278 { 279 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); 280 281 return H323_ERROR_NONE; 282 } 283 284 static int decode_bool(struct bitstr *bs, const struct field_t *f, 285 char *base, int level) 286 { 287 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); 288 289 INC_BIT(bs); 290 if (nf_h323_error_boundary(bs, 0, 0)) 291 return H323_ERROR_BOUND; 292 return H323_ERROR_NONE; 293 } 294 295 static int decode_oid(struct bitstr *bs, const struct field_t *f, 296 char *base, int level) 297 { 298 int len; 299 300 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); 301 302 BYTE_ALIGN(bs); 303 if (nf_h323_error_boundary(bs, 1, 0)) 304 return H323_ERROR_BOUND; 305 306 len = *bs->cur++; 307 bs->cur += len; 308 if (nf_h323_error_boundary(bs, 0, 0)) 309 return H323_ERROR_BOUND; 310 311 return H323_ERROR_NONE; 312 } 313 314 static int decode_int(struct bitstr *bs, const struct field_t *f, 315 char *base, int level) 316 { 317 unsigned int len; 318 319 PRINT("%*.s%s", level * TAB_SIZE, " ", f->name); 320 321 switch (f->sz) { 322 case BYTE: /* Range == 256 */ 323 BYTE_ALIGN(bs); 324 bs->cur++; 325 break; 326 case WORD: /* 257 <= Range <= 64K */ 327 BYTE_ALIGN(bs); 328 bs->cur += 2; 329 break; 330 case CONS: /* 64K < Range < 4G */ 331 if (nf_h323_error_boundary(bs, 0, 2)) 332 return H323_ERROR_BOUND; 333 len = get_bits(bs, 2) + 1; 334 BYTE_ALIGN(bs); 335 if (base && (f->attr & DECODE)) { /* timeToLive */ 336 unsigned int v = get_uint(bs, len) + f->lb; 337 PRINT(" = %u", v); 338 *((unsigned int *)(base + f->offset)) = v; 339 } 340 bs->cur += len; 341 break; 342 case UNCO: 343 BYTE_ALIGN(bs); 344 if (nf_h323_error_boundary(bs, 2, 0)) 345 return H323_ERROR_BOUND; 346 len = get_len(bs); 347 bs->cur += len; 348 break; 349 default: /* 2 <= Range <= 255 */ 350 INC_BITS(bs, f->sz); 351 break; 352 } 353 354 PRINT("\n"); 355 356 if (nf_h323_error_boundary(bs, 0, 0)) 357 return H323_ERROR_BOUND; 358 return H323_ERROR_NONE; 359 } 360 361 static int decode_enum(struct bitstr *bs, const struct field_t *f, 362 char *base, int level) 363 { 364 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); 365 366 if ((f->attr & EXT) && get_bit(bs)) { 367 INC_BITS(bs, 7); 368 } else { 369 INC_BITS(bs, f->sz); 370 } 371 372 if (nf_h323_error_boundary(bs, 0, 0)) 373 return H323_ERROR_BOUND; 374 return H323_ERROR_NONE; 375 } 376 377 static int decode_bitstr(struct bitstr *bs, const struct field_t *f, 378 char *base, int level) 379 { 380 unsigned int len; 381 382 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); 383 384 BYTE_ALIGN(bs); 385 switch (f->sz) { 386 case FIXD: /* fixed length > 16 */ 387 len = f->lb; 388 break; 389 case WORD: /* 2-byte length */ 390 if (nf_h323_error_boundary(bs, 2, 0)) 391 return H323_ERROR_BOUND; 392 len = (*bs->cur++) << 8; 393 len += (*bs->cur++) + f->lb; 394 break; 395 case SEMI: 396 if (nf_h323_error_boundary(bs, 2, 0)) 397 return H323_ERROR_BOUND; 398 len = get_len(bs); 399 break; 400 default: 401 len = 0; 402 break; 403 } 404 405 bs->cur += len >> 3; 406 bs->bit = len & 7; 407 408 if (nf_h323_error_boundary(bs, 0, 0)) 409 return H323_ERROR_BOUND; 410 return H323_ERROR_NONE; 411 } 412 413 static int decode_numstr(struct bitstr *bs, const struct field_t *f, 414 char *base, int level) 415 { 416 unsigned int len; 417 418 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); 419 420 /* 2 <= Range <= 255 */ 421 if (nf_h323_error_boundary(bs, 0, f->sz)) 422 return H323_ERROR_BOUND; 423 len = get_bits(bs, f->sz) + f->lb; 424 425 BYTE_ALIGN(bs); 426 INC_BITS(bs, (len << 2)); 427 428 if (nf_h323_error_boundary(bs, 0, 0)) 429 return H323_ERROR_BOUND; 430 return H323_ERROR_NONE; 431 } 432 433 static int decode_octstr(struct bitstr *bs, const struct field_t *f, 434 char *base, int level) 435 { 436 unsigned int len; 437 438 PRINT("%*.s%s", level * TAB_SIZE, " ", f->name); 439 440 switch (f->sz) { 441 case FIXD: /* Range == 1 */ 442 if (f->lb > 2) { 443 BYTE_ALIGN(bs); 444 if (base && (f->attr & DECODE)) { 445 /* The IP Address */ 446 IFTHEN(f->lb == 4, 447 PRINT(" = %d.%d.%d.%d:%d", 448 bs->cur[0], bs->cur[1], 449 bs->cur[2], bs->cur[3], 450 bs->cur[4] * 256 + bs->cur[5])); 451 *((unsigned int *)(base + f->offset)) = 452 bs->cur - bs->buf; 453 } 454 } 455 len = f->lb; 456 break; 457 case BYTE: /* Range == 256 */ 458 BYTE_ALIGN(bs); 459 if (nf_h323_error_boundary(bs, 1, 0)) 460 return H323_ERROR_BOUND; 461 len = (*bs->cur++) + f->lb; 462 break; 463 case SEMI: 464 BYTE_ALIGN(bs); 465 if (nf_h323_error_boundary(bs, 2, 0)) 466 return H323_ERROR_BOUND; 467 len = get_len(bs) + f->lb; 468 break; 469 default: /* 2 <= Range <= 255 */ 470 if (nf_h323_error_boundary(bs, 0, f->sz)) 471 return H323_ERROR_BOUND; 472 len = get_bits(bs, f->sz) + f->lb; 473 BYTE_ALIGN(bs); 474 break; 475 } 476 477 bs->cur += len; 478 479 PRINT("\n"); 480 481 if (nf_h323_error_boundary(bs, 0, 0)) 482 return H323_ERROR_BOUND; 483 return H323_ERROR_NONE; 484 } 485 486 static int decode_bmpstr(struct bitstr *bs, const struct field_t *f, 487 char *base, int level) 488 { 489 unsigned int len; 490 491 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); 492 493 switch (f->sz) { 494 case BYTE: /* Range == 256 */ 495 BYTE_ALIGN(bs); 496 if (nf_h323_error_boundary(bs, 1, 0)) 497 return H323_ERROR_BOUND; 498 len = (*bs->cur++) + f->lb; 499 break; 500 default: /* 2 <= Range <= 255 */ 501 if (nf_h323_error_boundary(bs, 0, f->sz)) 502 return H323_ERROR_BOUND; 503 len = get_bits(bs, f->sz) + f->lb; 504 BYTE_ALIGN(bs); 505 break; 506 } 507 508 bs->cur += len << 1; 509 510 if (nf_h323_error_boundary(bs, 0, 0)) 511 return H323_ERROR_BOUND; 512 return H323_ERROR_NONE; 513 } 514 515 static int decode_seq(struct bitstr *bs, const struct field_t *f, 516 char *base, int level) 517 { 518 unsigned int ext, bmp, i, opt, len = 0, bmp2, bmp2_len; 519 int err; 520 const struct field_t *son; 521 unsigned char *beg = NULL; 522 523 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); 524 525 /* Decode? */ 526 base = (base && (f->attr & DECODE)) ? base + f->offset : NULL; 527 528 /* Extensible? */ 529 if (nf_h323_error_boundary(bs, 0, 1)) 530 return H323_ERROR_BOUND; 531 ext = (f->attr & EXT) ? get_bit(bs) : 0; 532 533 /* Get fields bitmap */ 534 if (nf_h323_error_boundary(bs, 0, f->sz)) 535 return H323_ERROR_BOUND; 536 if (f->sz > 32) 537 return H323_ERROR_RANGE; 538 bmp = get_bitmap(bs, f->sz); 539 if (base) 540 *(unsigned int *)base = bmp; 541 542 /* Decode the root components */ 543 for (i = opt = 0, son = f->fields; i < f->lb; i++, son++) { 544 if (son->attr & STOP) { 545 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ", 546 son->name); 547 return H323_ERROR_STOP; 548 } 549 550 if (son->attr & OPT) { /* Optional component */ 551 if (!((0x80000000U >> (opt++)) & bmp)) /* Not exist */ 552 continue; 553 } 554 555 /* Decode */ 556 if (son->attr & OPEN) { /* Open field */ 557 if (nf_h323_error_boundary(bs, 2, 0)) 558 return H323_ERROR_BOUND; 559 len = get_len(bs); 560 if (nf_h323_error_boundary(bs, len, 0)) 561 return H323_ERROR_BOUND; 562 if (!base || !(son->attr & DECODE)) { 563 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, 564 " ", son->name); 565 bs->cur += len; 566 continue; 567 } 568 beg = bs->cur; 569 570 /* Decode */ 571 if ((err = (Decoders[son->type]) (bs, son, base, 572 level + 1)) < 573 H323_ERROR_NONE) 574 return err; 575 576 bs->cur = beg + len; 577 bs->bit = 0; 578 } else if ((err = (Decoders[son->type]) (bs, son, base, 579 level + 1)) < 580 H323_ERROR_NONE) 581 return err; 582 } 583 584 /* No extension? */ 585 if (!ext) 586 return H323_ERROR_NONE; 587 588 /* Get the extension bitmap */ 589 if (nf_h323_error_boundary(bs, 0, 7)) 590 return H323_ERROR_BOUND; 591 bmp2_len = get_bits(bs, 7) + 1; 592 if (nf_h323_error_boundary(bs, 0, bmp2_len)) 593 return H323_ERROR_BOUND; 594 if (bmp2_len > 32) 595 return H323_ERROR_RANGE; 596 bmp2 = get_bitmap(bs, bmp2_len); 597 bmp |= bmp2 >> f->sz; 598 if (base) 599 *(unsigned int *)base = bmp; 600 BYTE_ALIGN(bs); 601 602 /* Decode the extension components */ 603 for (opt = 0; opt < bmp2_len; opt++, i++, son++) { 604 /* Check Range */ 605 if (i >= f->ub) { /* Newer Version? */ 606 if (nf_h323_error_boundary(bs, 2, 0)) 607 return H323_ERROR_BOUND; 608 len = get_len(bs); 609 if (nf_h323_error_boundary(bs, len, 0)) 610 return H323_ERROR_BOUND; 611 bs->cur += len; 612 continue; 613 } 614 615 if (son->attr & STOP) { 616 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ", 617 son->name); 618 return H323_ERROR_STOP; 619 } 620 621 if (!((0x80000000 >> opt) & bmp2)) /* Not present */ 622 continue; 623 624 if (nf_h323_error_boundary(bs, 2, 0)) 625 return H323_ERROR_BOUND; 626 len = get_len(bs); 627 if (nf_h323_error_boundary(bs, len, 0)) 628 return H323_ERROR_BOUND; 629 if (!base || !(son->attr & DECODE)) { 630 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ", 631 son->name); 632 bs->cur += len; 633 continue; 634 } 635 beg = bs->cur; 636 637 if ((err = (Decoders[son->type]) (bs, son, base, 638 level + 1)) < 639 H323_ERROR_NONE) 640 return err; 641 642 bs->cur = beg + len; 643 bs->bit = 0; 644 } 645 return H323_ERROR_NONE; 646 } 647 648 static int decode_seqof(struct bitstr *bs, const struct field_t *f, 649 char *base, int level) 650 { 651 unsigned int count, effective_count = 0, i, len = 0; 652 int err; 653 const struct field_t *son; 654 unsigned char *beg = NULL; 655 656 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); 657 658 /* Decode? */ 659 base = (base && (f->attr & DECODE)) ? base + f->offset : NULL; 660 661 /* Decode item count */ 662 switch (f->sz) { 663 case BYTE: 664 BYTE_ALIGN(bs); 665 if (nf_h323_error_boundary(bs, 1, 0)) 666 return H323_ERROR_BOUND; 667 count = *bs->cur++; 668 break; 669 case WORD: 670 BYTE_ALIGN(bs); 671 if (nf_h323_error_boundary(bs, 2, 0)) 672 return H323_ERROR_BOUND; 673 count = *bs->cur++; 674 count <<= 8; 675 count += *bs->cur++; 676 break; 677 case SEMI: 678 BYTE_ALIGN(bs); 679 if (nf_h323_error_boundary(bs, 2, 0)) 680 return H323_ERROR_BOUND; 681 count = get_len(bs); 682 break; 683 default: 684 if (nf_h323_error_boundary(bs, 0, f->sz)) 685 return H323_ERROR_BOUND; 686 count = get_bits(bs, f->sz); 687 break; 688 } 689 count += f->lb; 690 691 /* Write Count */ 692 if (base) { 693 effective_count = count > f->ub ? f->ub : count; 694 *(unsigned int *)base = effective_count; 695 base += sizeof(unsigned int); 696 } 697 698 /* Decode nested field */ 699 son = f->fields; 700 if (base) 701 base -= son->offset; 702 for (i = 0; i < count; i++) { 703 if (son->attr & OPEN) { 704 BYTE_ALIGN(bs); 705 if (nf_h323_error_boundary(bs, 2, 0)) 706 return H323_ERROR_BOUND; 707 len = get_len(bs); 708 if (nf_h323_error_boundary(bs, len, 0)) 709 return H323_ERROR_BOUND; 710 if (!base || !(son->attr & DECODE)) { 711 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, 712 " ", son->name); 713 bs->cur += len; 714 continue; 715 } 716 beg = bs->cur; 717 718 if ((err = (Decoders[son->type]) (bs, son, 719 i < 720 effective_count ? 721 base : NULL, 722 level + 1)) < 723 H323_ERROR_NONE) 724 return err; 725 726 bs->cur = beg + len; 727 bs->bit = 0; 728 } else 729 if ((err = (Decoders[son->type]) (bs, son, 730 i < 731 effective_count ? 732 base : NULL, 733 level + 1)) < 734 H323_ERROR_NONE) 735 return err; 736 737 if (base) 738 base += son->offset; 739 } 740 741 return H323_ERROR_NONE; 742 } 743 744 static int decode_choice(struct bitstr *bs, const struct field_t *f, 745 char *base, int level) 746 { 747 unsigned int type, ext, len = 0; 748 int err; 749 const struct field_t *son; 750 unsigned char *beg = NULL; 751 752 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name); 753 754 /* Decode? */ 755 base = (base && (f->attr & DECODE)) ? base + f->offset : NULL; 756 757 /* Decode the choice index number */ 758 if (nf_h323_error_boundary(bs, 0, 1)) 759 return H323_ERROR_BOUND; 760 if ((f->attr & EXT) && get_bit(bs)) { 761 ext = 1; 762 if (nf_h323_error_boundary(bs, 0, 7)) 763 return H323_ERROR_BOUND; 764 type = get_bits(bs, 7) + f->lb; 765 } else { 766 ext = 0; 767 if (nf_h323_error_boundary(bs, 0, f->sz)) 768 return H323_ERROR_BOUND; 769 type = get_bits(bs, f->sz); 770 if (type >= f->lb) 771 return H323_ERROR_RANGE; 772 } 773 774 /* Write Type */ 775 if (base) 776 *(unsigned int *)base = type; 777 778 /* Check Range */ 779 if (type >= f->ub) { /* Newer version? */ 780 BYTE_ALIGN(bs); 781 if (nf_h323_error_boundary(bs, 2, 0)) 782 return H323_ERROR_BOUND; 783 len = get_len(bs); 784 if (nf_h323_error_boundary(bs, len, 0)) 785 return H323_ERROR_BOUND; 786 bs->cur += len; 787 return H323_ERROR_NONE; 788 } 789 790 /* Transfer to son level */ 791 son = &f->fields[type]; 792 if (son->attr & STOP) { 793 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ", son->name); 794 return H323_ERROR_STOP; 795 } 796 797 if (ext || (son->attr & OPEN)) { 798 BYTE_ALIGN(bs); 799 if (nf_h323_error_boundary(bs, len, 0)) 800 return H323_ERROR_BOUND; 801 len = get_len(bs); 802 if (nf_h323_error_boundary(bs, len, 0)) 803 return H323_ERROR_BOUND; 804 if (!base || !(son->attr & DECODE)) { 805 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ", 806 son->name); 807 bs->cur += len; 808 return H323_ERROR_NONE; 809 } 810 beg = bs->cur; 811 812 if ((err = (Decoders[son->type]) (bs, son, base, level + 1)) < 813 H323_ERROR_NONE) 814 return err; 815 816 bs->cur = beg + len; 817 bs->bit = 0; 818 } else if ((err = (Decoders[son->type]) (bs, son, base, level + 1)) < 819 H323_ERROR_NONE) 820 return err; 821 822 return H323_ERROR_NONE; 823 } 824 825 int DecodeRasMessage(unsigned char *buf, size_t sz, RasMessage *ras) 826 { 827 static const struct field_t ras_message = { 828 FNAME("RasMessage") CHOICE, 5, 24, 32, DECODE | EXT, 829 0, _RasMessage 830 }; 831 struct bitstr bs; 832 833 bs.buf = bs.beg = bs.cur = buf; 834 bs.end = buf + sz; 835 bs.bit = 0; 836 837 return decode_choice(&bs, &ras_message, (char *) ras, 0); 838 } 839 840 static int DecodeH323_UserInformation(unsigned char *buf, unsigned char *beg, 841 size_t sz, H323_UserInformation *uuie) 842 { 843 static const struct field_t h323_userinformation = { 844 FNAME("H323-UserInformation") SEQ, 1, 2, 2, DECODE | EXT, 845 0, _H323_UserInformation 846 }; 847 struct bitstr bs; 848 849 bs.buf = buf; 850 bs.beg = bs.cur = beg; 851 bs.end = beg + sz; 852 bs.bit = 0; 853 854 return decode_seq(&bs, &h323_userinformation, (char *) uuie, 0); 855 } 856 857 int DecodeMultimediaSystemControlMessage(unsigned char *buf, size_t sz, 858 MultimediaSystemControlMessage * 859 mscm) 860 { 861 static const struct field_t multimediasystemcontrolmessage = { 862 FNAME("MultimediaSystemControlMessage") CHOICE, 2, 4, 4, 863 DECODE | EXT, 0, _MultimediaSystemControlMessage 864 }; 865 struct bitstr bs; 866 867 bs.buf = bs.beg = bs.cur = buf; 868 bs.end = buf + sz; 869 bs.bit = 0; 870 871 return decode_choice(&bs, &multimediasystemcontrolmessage, 872 (char *) mscm, 0); 873 } 874 875 int DecodeQ931(unsigned char *buf, size_t sz, Q931 *q931) 876 { 877 unsigned char *p = buf; 878 int len; 879 880 if (!p || sz < 1) 881 return H323_ERROR_BOUND; 882 883 /* Protocol Discriminator */ 884 if (*p != 0x08) { 885 PRINT("Unknown Protocol Discriminator\n"); 886 return H323_ERROR_RANGE; 887 } 888 p++; 889 sz--; 890 891 /* CallReferenceValue */ 892 if (sz < 1) 893 return H323_ERROR_BOUND; 894 len = *p++; 895 sz--; 896 if (sz < len) 897 return H323_ERROR_BOUND; 898 p += len; 899 sz -= len; 900 901 /* Message Type */ 902 if (sz < 2) 903 return H323_ERROR_BOUND; 904 q931->MessageType = *p++; 905 sz--; 906 PRINT("MessageType = %02X\n", q931->MessageType); 907 if (*p & 0x80) { 908 p++; 909 sz--; 910 } 911 912 /* Decode Information Elements */ 913 while (sz > 0) { 914 if (*p == 0x7e) { /* UserUserIE */ 915 if (sz < 3) 916 break; 917 p++; 918 len = *p++ << 8; 919 len |= *p++; 920 sz -= 3; 921 if (sz < len) 922 break; 923 p++; 924 len--; 925 return DecodeH323_UserInformation(buf, p, len, 926 &q931->UUIE); 927 } 928 p++; 929 sz--; 930 if (sz < 1) 931 break; 932 len = *p++; 933 sz--; 934 if (sz < len) 935 break; 936 p += len; 937 sz -= len; 938 } 939 940 PRINT("Q.931 UUIE not found\n"); 941 942 return H323_ERROR_BOUND; 943 } 944