1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * BER and PER decoding library for H.323 conntrack/NAT module.
4 *
5 * Copyright (c) 2006 by Jing Min Zhao <zhaojingmin@users.sourceforge.net>
6 *
7 * See nf_conntrack_helper_h323_asn1.h for details.
8 */
9
10 #ifdef __KERNEL__
11 #include <linux/kernel.h>
12 #else
13 #include <stdio.h>
14 #endif
15 #include <linux/netfilter/nf_conntrack_h323_asn1.h>
16
17 /* Trace Flag */
18 #ifndef H323_TRACE
19 #define H323_TRACE 0
20 #endif
21
22 #if H323_TRACE
23 #define TAB_SIZE 4
24 #ifdef __KERNEL__
25 #define PRINT printk
26 #else
27 #define PRINT printf
28 #endif
29 #define FNAME(name) name,
30 #else
31 #define PRINT(fmt, args...)
32 #define FNAME(name)
33 #endif
34
35 /* ASN.1 Types */
36 #define NUL 0
37 #define BOOL 1
38 #define OID 2
39 #define INT 3
40 #define ENUM 4
41 #define BITSTR 5
42 #define NUMSTR 6
43 #define NUMDGT 6
44 #define TBCDSTR 6
45 #define OCTSTR 7
46 #define PRTSTR 7
47 #define IA5STR 7
48 #define GENSTR 7
49 #define BMPSTR 8
50 #define SEQ 9
51 #define SET 9
52 #define SEQOF 10
53 #define SETOF 10
54 #define CHOICE 11
55
56 /* Constraint Types */
57 #define FIXD 0
58 /* #define BITS 1-8 */
59 #define BYTE 9
60 #define WORD 10
61 #define CONS 11
62 #define SEMI 12
63 #define UNCO 13
64
65 /* ASN.1 Type Attributes */
66 #define SKIP 0
67 #define STOP 1
68 #define DECODE 2
69 #define EXT 4
70 #define OPEN 8
71 #define OPT 16
72
73
74 /* ASN.1 Field Structure */
75 typedef struct field_t {
76 #if H323_TRACE
77 char *name;
78 #endif
79 unsigned char type;
80 unsigned char sz;
81 unsigned char lb;
82 unsigned char ub;
83 unsigned short attr;
84 unsigned short offset;
85 const struct field_t *fields;
86 } field_t;
87
88 /* Bit Stream */
89 struct bitstr {
90 unsigned char *buf;
91 unsigned char *beg;
92 unsigned char *end;
93 unsigned char *cur;
94 unsigned int bit;
95 };
96
97 /* Tool Functions */
98 #define INC_BIT(bs) if((++(bs)->bit)>7){(bs)->cur++;(bs)->bit=0;}
99 #define INC_BITS(bs,b) if(((bs)->bit+=(b))>7){(bs)->cur+=(bs)->bit>>3;(bs)->bit&=7;}
100 #define BYTE_ALIGN(bs) if((bs)->bit){(bs)->cur++;(bs)->bit=0;}
101 static unsigned int get_len(struct bitstr *bs);
102 static unsigned int get_bit(struct bitstr *bs);
103 static unsigned int get_bits(struct bitstr *bs, unsigned int b);
104 static unsigned int get_bitmap(struct bitstr *bs, unsigned int b);
105 static unsigned int get_uint(struct bitstr *bs, int b);
106
107 /* Decoder Functions */
108 static int decode_nul(struct bitstr *bs, const struct field_t *f, char *base, int level);
109 static int decode_bool(struct bitstr *bs, const struct field_t *f, char *base, int level);
110 static int decode_oid(struct bitstr *bs, const struct field_t *f, char *base, int level);
111 static int decode_int(struct bitstr *bs, const struct field_t *f, char *base, int level);
112 static int decode_enum(struct bitstr *bs, const struct field_t *f, char *base, int level);
113 static int decode_bitstr(struct bitstr *bs, const struct field_t *f, char *base, int level);
114 static int decode_numstr(struct bitstr *bs, const struct field_t *f, char *base, int level);
115 static int decode_octstr(struct bitstr *bs, const struct field_t *f, char *base, int level);
116 static int decode_bmpstr(struct bitstr *bs, const struct field_t *f, char *base, int level);
117 static int decode_seq(struct bitstr *bs, const struct field_t *f, char *base, int level);
118 static int decode_seqof(struct bitstr *bs, const struct field_t *f, char *base, int level);
119 static int decode_choice(struct bitstr *bs, const struct field_t *f, char *base, int level);
120
121 /* Decoder Functions Vector */
122 typedef int (*decoder_t)(struct bitstr *, const struct field_t *, char *, int);
123 static const decoder_t Decoders[] = {
124 decode_nul,
125 decode_bool,
126 decode_oid,
127 decode_int,
128 decode_enum,
129 decode_bitstr,
130 decode_numstr,
131 decode_octstr,
132 decode_bmpstr,
133 decode_seq,
134 decode_seqof,
135 decode_choice,
136 };
137
138 /*
139 * H.323 Types
140 */
141 #include "nf_conntrack_h323_types.c"
142
143 /*
144 * Functions
145 */
146
147 /* Assume bs is aligned && v < 16384 */
get_len(struct bitstr * bs)148 static unsigned int get_len(struct bitstr *bs)
149 {
150 unsigned int v;
151
152 v = *bs->cur++;
153
154 if (v & 0x80) {
155 v &= 0x3f;
156 v <<= 8;
157 v += *bs->cur++;
158 }
159
160 return v;
161 }
162
nf_h323_error_boundary(struct bitstr * bs,size_t bytes,size_t bits)163 static int nf_h323_error_boundary(struct bitstr *bs, size_t bytes, size_t bits)
164 {
165 bits += bs->bit;
166 bytes += bits / BITS_PER_BYTE;
167 if (bits % BITS_PER_BYTE > 0)
168 bytes++;
169
170 if (bs->cur + bytes > bs->end)
171 return 1;
172
173 return 0;
174 }
175
get_bit(struct bitstr * bs)176 static unsigned int get_bit(struct bitstr *bs)
177 {
178 unsigned int b = (*bs->cur) & (0x80 >> bs->bit);
179
180 INC_BIT(bs);
181
182 return b;
183 }
184
185 /* Assume b <= 8 */
get_bits(struct bitstr * bs,unsigned int b)186 static unsigned int get_bits(struct bitstr *bs, unsigned int b)
187 {
188 unsigned int v, l;
189
190 v = (*bs->cur) & (0xffU >> bs->bit);
191 l = b + bs->bit;
192
193 if (l < 8) {
194 v >>= 8 - l;
195 bs->bit = l;
196 } else if (l == 8) {
197 bs->cur++;
198 bs->bit = 0;
199 } else { /* l > 8 */
200
201 v <<= 8;
202 v += *(++bs->cur);
203 v >>= 16 - l;
204 bs->bit = l - 8;
205 }
206
207 return v;
208 }
209
210 /* Assume b <= 32 */
get_bitmap(struct bitstr * bs,unsigned int b)211 static unsigned int get_bitmap(struct bitstr *bs, unsigned int b)
212 {
213 unsigned int v, l, shift, bytes;
214
215 if (!b)
216 return 0;
217
218 l = bs->bit + b;
219
220 if (l < 8) {
221 v = (unsigned int)(*bs->cur) << (bs->bit + 24);
222 bs->bit = l;
223 } else if (l == 8) {
224 v = (unsigned int)(*bs->cur++) << (bs->bit + 24);
225 bs->bit = 0;
226 } else {
227 for (bytes = l >> 3, shift = 24, v = 0; bytes;
228 bytes--, shift -= 8)
229 v |= (unsigned int)(*bs->cur++) << shift;
230
231 if (l < 32) {
232 v |= (unsigned int)(*bs->cur) << shift;
233 v <<= bs->bit;
234 } else if (l > 32) {
235 v <<= bs->bit;
236 v |= (*bs->cur) >> (8 - bs->bit);
237 }
238
239 bs->bit = l & 0x7;
240 }
241
242 v &= 0xffffffff << (32 - b);
243
244 return v;
245 }
246
247 /*
248 * Assume bs is aligned and sizeof(unsigned int) == 4
249 */
get_uint(struct bitstr * bs,int b)250 static unsigned int get_uint(struct bitstr *bs, int b)
251 {
252 unsigned int v = 0;
253
254 switch (b) {
255 case 4:
256 v |= *bs->cur++;
257 v <<= 8;
258 fallthrough;
259 case 3:
260 v |= *bs->cur++;
261 v <<= 8;
262 fallthrough;
263 case 2:
264 v |= *bs->cur++;
265 v <<= 8;
266 fallthrough;
267 case 1:
268 v |= *bs->cur++;
269 break;
270 }
271 return v;
272 }
273
decode_nul(struct bitstr * bs,const struct field_t * f,char * base,int level)274 static int decode_nul(struct bitstr *bs, const struct field_t *f,
275 char *base, int level)
276 {
277 PRINT("%*s%s\n", level * TAB_SIZE, " ", f->name);
278
279 return H323_ERROR_NONE;
280 }
281
decode_bool(struct bitstr * bs,const struct field_t * f,char * base,int level)282 static int decode_bool(struct bitstr *bs, const struct field_t *f,
283 char *base, int level)
284 {
285 PRINT("%*s%s\n", level * TAB_SIZE, " ", f->name);
286
287 INC_BIT(bs);
288 if (nf_h323_error_boundary(bs, 0, 0))
289 return H323_ERROR_BOUND;
290 return H323_ERROR_NONE;
291 }
292
decode_oid(struct bitstr * bs,const struct field_t * f,char * base,int level)293 static int decode_oid(struct bitstr *bs, const struct field_t *f,
294 char *base, int level)
295 {
296 int len;
297
298 PRINT("%*s%s\n", level * TAB_SIZE, " ", f->name);
299
300 BYTE_ALIGN(bs);
301 if (nf_h323_error_boundary(bs, 1, 0))
302 return H323_ERROR_BOUND;
303
304 len = *bs->cur++;
305 bs->cur += len;
306 if (nf_h323_error_boundary(bs, 0, 0))
307 return H323_ERROR_BOUND;
308
309 return H323_ERROR_NONE;
310 }
311
decode_int(struct bitstr * bs,const struct field_t * f,char * base,int level)312 static int decode_int(struct bitstr *bs, const struct field_t *f,
313 char *base, int level)
314 {
315 unsigned int len;
316
317 PRINT("%*s%s", level * TAB_SIZE, " ", f->name);
318
319 switch (f->sz) {
320 case BYTE: /* Range == 256 */
321 BYTE_ALIGN(bs);
322 bs->cur++;
323 break;
324 case WORD: /* 257 <= Range <= 64K */
325 BYTE_ALIGN(bs);
326 bs->cur += 2;
327 break;
328 case CONS: /* 64K < Range < 4G */
329 if (nf_h323_error_boundary(bs, 0, 2))
330 return H323_ERROR_BOUND;
331 len = get_bits(bs, 2) + 1;
332 if (nf_h323_error_boundary(bs, len, 0))
333 return H323_ERROR_BOUND;
334 BYTE_ALIGN(bs);
335 if (base && (f->attr & DECODE)) { /* timeToLive */
336 unsigned int v = get_uint(bs, len) + f->lb;
337 PRINT(" = %u", v);
338 *((unsigned int *)(base + f->offset)) = v;
339 }
340 bs->cur += len;
341 break;
342 case UNCO:
343 BYTE_ALIGN(bs);
344 if (nf_h323_error_boundary(bs, 2, 0))
345 return H323_ERROR_BOUND;
346 len = get_len(bs);
347 bs->cur += len;
348 break;
349 default: /* 2 <= Range <= 255 */
350 INC_BITS(bs, f->sz);
351 break;
352 }
353
354 PRINT("\n");
355
356 if (nf_h323_error_boundary(bs, 0, 0))
357 return H323_ERROR_BOUND;
358 return H323_ERROR_NONE;
359 }
360
decode_enum(struct bitstr * bs,const struct field_t * f,char * base,int level)361 static int decode_enum(struct bitstr *bs, const struct field_t *f,
362 char *base, int level)
363 {
364 PRINT("%*s%s\n", level * TAB_SIZE, " ", f->name);
365
366 if ((f->attr & EXT) && get_bit(bs)) {
367 INC_BITS(bs, 7);
368 } else {
369 INC_BITS(bs, f->sz);
370 }
371
372 if (nf_h323_error_boundary(bs, 0, 0))
373 return H323_ERROR_BOUND;
374 return H323_ERROR_NONE;
375 }
376
decode_bitstr(struct bitstr * bs,const struct field_t * f,char * base,int level)377 static int decode_bitstr(struct bitstr *bs, const struct field_t *f,
378 char *base, int level)
379 {
380 unsigned int len;
381
382 PRINT("%*s%s\n", level * TAB_SIZE, " ", f->name);
383
384 BYTE_ALIGN(bs);
385 switch (f->sz) {
386 case FIXD: /* fixed length > 16 */
387 len = f->lb;
388 break;
389 case WORD: /* 2-byte length */
390 if (nf_h323_error_boundary(bs, 2, 0))
391 return H323_ERROR_BOUND;
392 len = (*bs->cur++) << 8;
393 len += (*bs->cur++) + f->lb;
394 break;
395 case SEMI:
396 if (nf_h323_error_boundary(bs, 2, 0))
397 return H323_ERROR_BOUND;
398 len = get_len(bs);
399 break;
400 default:
401 len = 0;
402 break;
403 }
404
405 bs->cur += len >> 3;
406 bs->bit = len & 7;
407
408 if (nf_h323_error_boundary(bs, 0, 0))
409 return H323_ERROR_BOUND;
410 return H323_ERROR_NONE;
411 }
412
decode_numstr(struct bitstr * bs,const struct field_t * f,char * base,int level)413 static int decode_numstr(struct bitstr *bs, const struct field_t *f,
414 char *base, int level)
415 {
416 unsigned int len;
417
418 PRINT("%*s%s\n", level * TAB_SIZE, " ", f->name);
419
420 /* 2 <= Range <= 255 */
421 if (nf_h323_error_boundary(bs, 0, f->sz))
422 return H323_ERROR_BOUND;
423 len = get_bits(bs, f->sz) + f->lb;
424
425 BYTE_ALIGN(bs);
426 INC_BITS(bs, (len << 2));
427
428 if (nf_h323_error_boundary(bs, 0, 0))
429 return H323_ERROR_BOUND;
430 return H323_ERROR_NONE;
431 }
432
decode_octstr(struct bitstr * bs,const struct field_t * f,char * base,int level)433 static int decode_octstr(struct bitstr *bs, const struct field_t *f,
434 char *base, int level)
435 {
436 unsigned int len;
437
438 PRINT("%*s%s", level * TAB_SIZE, " ", f->name);
439
440 switch (f->sz) {
441 case FIXD: /* Range == 1 */
442 if (f->lb > 2) {
443 BYTE_ALIGN(bs);
444 if (base && (f->attr & DECODE)) {
445 /* The IP Address */
446 *((unsigned int *)(base + f->offset)) =
447 bs->cur - bs->buf;
448 }
449 }
450 len = f->lb;
451 break;
452 case BYTE: /* Range == 256 */
453 BYTE_ALIGN(bs);
454 if (nf_h323_error_boundary(bs, 1, 0))
455 return H323_ERROR_BOUND;
456 len = (*bs->cur++) + f->lb;
457 break;
458 case SEMI:
459 BYTE_ALIGN(bs);
460 if (nf_h323_error_boundary(bs, 2, 0))
461 return H323_ERROR_BOUND;
462 len = get_len(bs) + f->lb;
463 break;
464 default: /* 2 <= Range <= 255 */
465 if (nf_h323_error_boundary(bs, 0, f->sz))
466 return H323_ERROR_BOUND;
467 len = get_bits(bs, f->sz) + f->lb;
468 BYTE_ALIGN(bs);
469 break;
470 }
471
472 bs->cur += len;
473
474 PRINT("\n");
475
476 if (nf_h323_error_boundary(bs, 0, 0))
477 return H323_ERROR_BOUND;
478 return H323_ERROR_NONE;
479 }
480
decode_bmpstr(struct bitstr * bs,const struct field_t * f,char * base,int level)481 static int decode_bmpstr(struct bitstr *bs, const struct field_t *f,
482 char *base, int level)
483 {
484 unsigned int len;
485
486 PRINT("%*s%s\n", level * TAB_SIZE, " ", f->name);
487
488 switch (f->sz) {
489 case BYTE: /* Range == 256 */
490 BYTE_ALIGN(bs);
491 if (nf_h323_error_boundary(bs, 1, 0))
492 return H323_ERROR_BOUND;
493 len = (*bs->cur++) + f->lb;
494 break;
495 default: /* 2 <= Range <= 255 */
496 if (nf_h323_error_boundary(bs, 0, f->sz))
497 return H323_ERROR_BOUND;
498 len = get_bits(bs, f->sz) + f->lb;
499 BYTE_ALIGN(bs);
500 break;
501 }
502
503 bs->cur += len << 1;
504
505 if (nf_h323_error_boundary(bs, 0, 0))
506 return H323_ERROR_BOUND;
507 return H323_ERROR_NONE;
508 }
509
decode_seq(struct bitstr * bs,const struct field_t * f,char * base,int level)510 static int decode_seq(struct bitstr *bs, const struct field_t *f,
511 char *base, int level)
512 {
513 unsigned int ext, bmp, i, opt, len = 0, bmp2, bmp2_len;
514 int err;
515 const struct field_t *son;
516 unsigned char *beg = NULL;
517
518 PRINT("%*s%s\n", level * TAB_SIZE, " ", f->name);
519
520 /* Decode? */
521 base = (base && (f->attr & DECODE)) ? base + f->offset : NULL;
522
523 /* Extensible? */
524 if (nf_h323_error_boundary(bs, 0, 1))
525 return H323_ERROR_BOUND;
526 ext = (f->attr & EXT) ? get_bit(bs) : 0;
527
528 /* Get fields bitmap */
529 if (nf_h323_error_boundary(bs, 0, f->sz))
530 return H323_ERROR_BOUND;
531 if (f->sz > 32)
532 return H323_ERROR_RANGE;
533 bmp = get_bitmap(bs, f->sz);
534 if (base)
535 *(unsigned int *)base = bmp;
536
537 /* Decode the root components */
538 for (i = opt = 0, son = f->fields; i < f->lb; i++, son++) {
539 if (son->attr & STOP) {
540 PRINT("%*s%s\n", (level + 1) * TAB_SIZE, " ",
541 son->name);
542 return H323_ERROR_STOP;
543 }
544
545 if (son->attr & OPT) { /* Optional component */
546 if (!((0x80000000U >> (opt++)) & bmp)) /* Not exist */
547 continue;
548 }
549
550 /* Decode */
551 if (son->attr & OPEN) { /* Open field */
552 if (nf_h323_error_boundary(bs, 2, 0))
553 return H323_ERROR_BOUND;
554 len = get_len(bs);
555 if (nf_h323_error_boundary(bs, len, 0))
556 return H323_ERROR_BOUND;
557 if (!base || !(son->attr & DECODE)) {
558 PRINT("%*s%s\n", (level + 1) * TAB_SIZE,
559 " ", son->name);
560 bs->cur += len;
561 continue;
562 }
563 beg = bs->cur;
564
565 /* Decode */
566 if ((err = (Decoders[son->type]) (bs, son, base,
567 level + 1)) <
568 H323_ERROR_NONE)
569 return err;
570
571 bs->cur = beg + len;
572 bs->bit = 0;
573 } else if ((err = (Decoders[son->type]) (bs, son, base,
574 level + 1)) <
575 H323_ERROR_NONE)
576 return err;
577 }
578
579 /* No extension? */
580 if (!ext)
581 return H323_ERROR_NONE;
582
583 /* Get the extension bitmap */
584 if (nf_h323_error_boundary(bs, 0, 7))
585 return H323_ERROR_BOUND;
586 bmp2_len = get_bits(bs, 7) + 1;
587 if (nf_h323_error_boundary(bs, 0, bmp2_len))
588 return H323_ERROR_BOUND;
589 if (bmp2_len > 32)
590 return H323_ERROR_RANGE;
591 bmp2 = get_bitmap(bs, bmp2_len);
592 bmp |= bmp2 >> f->sz;
593 if (base)
594 *(unsigned int *)base = bmp;
595 BYTE_ALIGN(bs);
596
597 /* Decode the extension components */
598 for (opt = 0; opt < bmp2_len; opt++, i++, son++) {
599 /* Check Range */
600 if (i >= f->ub) { /* Newer Version? */
601 if (nf_h323_error_boundary(bs, 2, 0))
602 return H323_ERROR_BOUND;
603 len = get_len(bs);
604 if (nf_h323_error_boundary(bs, len, 0))
605 return H323_ERROR_BOUND;
606 bs->cur += len;
607 continue;
608 }
609
610 if (son->attr & STOP) {
611 PRINT("%*s%s\n", (level + 1) * TAB_SIZE, " ",
612 son->name);
613 return H323_ERROR_STOP;
614 }
615
616 if (!((0x80000000 >> opt) & bmp2)) /* Not present */
617 continue;
618
619 if (nf_h323_error_boundary(bs, 2, 0))
620 return H323_ERROR_BOUND;
621 len = get_len(bs);
622 if (nf_h323_error_boundary(bs, len, 0))
623 return H323_ERROR_BOUND;
624 if (!base || !(son->attr & DECODE)) {
625 PRINT("%*s%s\n", (level + 1) * TAB_SIZE, " ",
626 son->name);
627 bs->cur += len;
628 continue;
629 }
630 beg = bs->cur;
631
632 if ((err = (Decoders[son->type]) (bs, son, base,
633 level + 1)) <
634 H323_ERROR_NONE)
635 return err;
636
637 bs->cur = beg + len;
638 bs->bit = 0;
639 }
640 return H323_ERROR_NONE;
641 }
642
decode_seqof(struct bitstr * bs,const struct field_t * f,char * base,int level)643 static int decode_seqof(struct bitstr *bs, const struct field_t *f,
644 char *base, int level)
645 {
646 unsigned int count, effective_count = 0, i, len = 0;
647 int err;
648 const struct field_t *son;
649 unsigned char *beg = NULL;
650
651 PRINT("%*s%s\n", level * TAB_SIZE, " ", f->name);
652
653 /* Decode? */
654 base = (base && (f->attr & DECODE)) ? base + f->offset : NULL;
655
656 /* Decode item count */
657 switch (f->sz) {
658 case BYTE:
659 BYTE_ALIGN(bs);
660 if (nf_h323_error_boundary(bs, 1, 0))
661 return H323_ERROR_BOUND;
662 count = *bs->cur++;
663 break;
664 case WORD:
665 BYTE_ALIGN(bs);
666 if (nf_h323_error_boundary(bs, 2, 0))
667 return H323_ERROR_BOUND;
668 count = *bs->cur++;
669 count <<= 8;
670 count += *bs->cur++;
671 break;
672 case SEMI:
673 BYTE_ALIGN(bs);
674 if (nf_h323_error_boundary(bs, 2, 0))
675 return H323_ERROR_BOUND;
676 count = get_len(bs);
677 break;
678 default:
679 if (nf_h323_error_boundary(bs, 0, f->sz))
680 return H323_ERROR_BOUND;
681 count = get_bits(bs, f->sz);
682 break;
683 }
684 count += f->lb;
685
686 /* Write Count */
687 if (base) {
688 effective_count = count > f->ub ? f->ub : count;
689 *(unsigned int *)base = effective_count;
690 base += sizeof(unsigned int);
691 }
692
693 /* Decode nested field */
694 son = f->fields;
695 if (base)
696 base -= son->offset;
697 for (i = 0; i < count; i++) {
698 if (son->attr & OPEN) {
699 BYTE_ALIGN(bs);
700 if (nf_h323_error_boundary(bs, 2, 0))
701 return H323_ERROR_BOUND;
702 len = get_len(bs);
703 if (nf_h323_error_boundary(bs, len, 0))
704 return H323_ERROR_BOUND;
705 if (!base || !(son->attr & DECODE)) {
706 PRINT("%*s%s\n", (level + 1) * TAB_SIZE,
707 " ", son->name);
708 bs->cur += len;
709 continue;
710 }
711 beg = bs->cur;
712
713 if ((err = (Decoders[son->type]) (bs, son,
714 i <
715 effective_count ?
716 base : NULL,
717 level + 1)) <
718 H323_ERROR_NONE)
719 return err;
720
721 bs->cur = beg + len;
722 bs->bit = 0;
723 } else
724 if ((err = (Decoders[son->type]) (bs, son,
725 i <
726 effective_count ?
727 base : NULL,
728 level + 1)) <
729 H323_ERROR_NONE)
730 return err;
731
732 if (base)
733 base += son->offset;
734 }
735
736 return H323_ERROR_NONE;
737 }
738
decode_choice(struct bitstr * bs,const struct field_t * f,char * base,int level)739 static int decode_choice(struct bitstr *bs, const struct field_t *f,
740 char *base, int level)
741 {
742 unsigned int type, ext, len = 0;
743 int err;
744 const struct field_t *son;
745 unsigned char *beg = NULL;
746
747 PRINT("%*s%s\n", level * TAB_SIZE, " ", f->name);
748
749 /* Decode? */
750 base = (base && (f->attr & DECODE)) ? base + f->offset : NULL;
751
752 /* Decode the choice index number */
753 if (nf_h323_error_boundary(bs, 0, 1))
754 return H323_ERROR_BOUND;
755 if ((f->attr & EXT) && get_bit(bs)) {
756 ext = 1;
757 if (nf_h323_error_boundary(bs, 0, 7))
758 return H323_ERROR_BOUND;
759 type = get_bits(bs, 7) + f->lb;
760 } else {
761 ext = 0;
762 if (nf_h323_error_boundary(bs, 0, f->sz))
763 return H323_ERROR_BOUND;
764 type = get_bits(bs, f->sz);
765 if (type >= f->lb)
766 return H323_ERROR_RANGE;
767 }
768
769 /* Write Type */
770 if (base)
771 *(unsigned int *)base = type;
772
773 /* Check Range */
774 if (type >= f->ub) { /* Newer version? */
775 BYTE_ALIGN(bs);
776 if (nf_h323_error_boundary(bs, 2, 0))
777 return H323_ERROR_BOUND;
778 len = get_len(bs);
779 if (nf_h323_error_boundary(bs, len, 0))
780 return H323_ERROR_BOUND;
781 bs->cur += len;
782 return H323_ERROR_NONE;
783 }
784
785 /* Transfer to son level */
786 son = &f->fields[type];
787 if (son->attr & STOP) {
788 PRINT("%*s%s\n", (level + 1) * TAB_SIZE, " ", son->name);
789 return H323_ERROR_STOP;
790 }
791
792 if (ext || (son->attr & OPEN)) {
793 BYTE_ALIGN(bs);
794 if (nf_h323_error_boundary(bs, 2, 0))
795 return H323_ERROR_BOUND;
796 len = get_len(bs);
797 if (nf_h323_error_boundary(bs, len, 0))
798 return H323_ERROR_BOUND;
799 if (!base || !(son->attr & DECODE)) {
800 PRINT("%*s%s\n", (level + 1) * TAB_SIZE, " ",
801 son->name);
802 bs->cur += len;
803 return H323_ERROR_NONE;
804 }
805 beg = bs->cur;
806
807 if ((err = (Decoders[son->type]) (bs, son, base, level + 1)) <
808 H323_ERROR_NONE)
809 return err;
810
811 bs->cur = beg + len;
812 bs->bit = 0;
813 } else if ((err = (Decoders[son->type]) (bs, son, base, level + 1)) <
814 H323_ERROR_NONE)
815 return err;
816
817 return H323_ERROR_NONE;
818 }
819
DecodeRasMessage(unsigned char * buf,size_t sz,RasMessage * ras)820 int DecodeRasMessage(unsigned char *buf, size_t sz, RasMessage *ras)
821 {
822 static const struct field_t ras_message = {
823 FNAME("RasMessage") CHOICE, 5, 24, 32, DECODE | EXT,
824 0, _RasMessage
825 };
826 struct bitstr bs;
827
828 bs.buf = bs.beg = bs.cur = buf;
829 bs.end = buf + sz;
830 bs.bit = 0;
831
832 return decode_choice(&bs, &ras_message, (char *) ras, 0);
833 }
834
DecodeH323_UserInformation(unsigned char * buf,unsigned char * beg,size_t sz,H323_UserInformation * uuie)835 static int DecodeH323_UserInformation(unsigned char *buf, unsigned char *beg,
836 size_t sz, H323_UserInformation *uuie)
837 {
838 static const struct field_t h323_userinformation = {
839 FNAME("H323-UserInformation") SEQ, 1, 2, 2, DECODE | EXT,
840 0, _H323_UserInformation
841 };
842 struct bitstr bs;
843
844 bs.buf = buf;
845 bs.beg = bs.cur = beg;
846 bs.end = beg + sz;
847 bs.bit = 0;
848
849 return decode_seq(&bs, &h323_userinformation, (char *) uuie, 0);
850 }
851
DecodeMultimediaSystemControlMessage(unsigned char * buf,size_t sz,MultimediaSystemControlMessage * mscm)852 int DecodeMultimediaSystemControlMessage(unsigned char *buf, size_t sz,
853 MultimediaSystemControlMessage *
854 mscm)
855 {
856 static const struct field_t multimediasystemcontrolmessage = {
857 FNAME("MultimediaSystemControlMessage") CHOICE, 2, 4, 4,
858 DECODE | EXT, 0, _MultimediaSystemControlMessage
859 };
860 struct bitstr bs;
861
862 bs.buf = bs.beg = bs.cur = buf;
863 bs.end = buf + sz;
864 bs.bit = 0;
865
866 return decode_choice(&bs, &multimediasystemcontrolmessage,
867 (char *) mscm, 0);
868 }
869
DecodeQ931(unsigned char * buf,size_t sz,Q931 * q931)870 int DecodeQ931(unsigned char *buf, size_t sz, Q931 *q931)
871 {
872 unsigned char *p = buf;
873 int len;
874
875 if (!p || sz < 1)
876 return H323_ERROR_BOUND;
877
878 /* Protocol Discriminator */
879 if (*p != 0x08) {
880 PRINT("Unknown Protocol Discriminator\n");
881 return H323_ERROR_RANGE;
882 }
883 p++;
884 sz--;
885
886 /* CallReferenceValue */
887 if (sz < 1)
888 return H323_ERROR_BOUND;
889 len = *p++;
890 sz--;
891 if (sz < len)
892 return H323_ERROR_BOUND;
893 p += len;
894 sz -= len;
895
896 /* Message Type */
897 if (sz < 2)
898 return H323_ERROR_BOUND;
899 q931->MessageType = *p++;
900 sz--;
901 PRINT("MessageType = %02X\n", q931->MessageType);
902 if (*p & 0x80) {
903 p++;
904 sz--;
905 }
906
907 /* Decode Information Elements */
908 while (sz > 0) {
909 if (*p == 0x7e) { /* UserUserIE */
910 if (sz < 3)
911 break;
912 p++;
913 len = *p++ << 8;
914 len |= *p++;
915 sz -= 3;
916 if (sz < len)
917 break;
918 p++;
919 len--;
920 if (len <= 0)
921 break;
922 return DecodeH323_UserInformation(buf, p, len,
923 &q931->UUIE);
924 }
925 p++;
926 sz--;
927 if (sz < 1)
928 break;
929 len = *p++;
930 sz--;
931 if (sz < len)
932 break;
933 p += len;
934 sz -= len;
935 }
936
937 PRINT("Q.931 UUIE not found\n");
938
939 return H323_ERROR_BOUND;
940 }
941