1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * BER and PER decoding library for H.323 conntrack/NAT module.
4 *
5 * Copyright (c) 2006 by Jing Min Zhao <zhaojingmin@users.sourceforge.net>
6 *
7 * See nf_conntrack_helper_h323_asn1.h for details.
8 */
9
10 #ifdef __KERNEL__
11 #include <linux/kernel.h>
12 #else
13 #include <stdio.h>
14 #endif
15 #include <linux/netfilter/nf_conntrack_h323_asn1.h>
16
17 /* Trace Flag */
18 #ifndef H323_TRACE
19 #define H323_TRACE 0
20 #endif
21
22 #if H323_TRACE
23 #define TAB_SIZE 4
24 #define IFTHEN(cond, act) if(cond){act;}
25 #ifdef __KERNEL__
26 #define PRINT printk
27 #else
28 #define PRINT printf
29 #endif
30 #define FNAME(name) name,
31 #else
32 #define IFTHEN(cond, act)
33 #define PRINT(fmt, args...)
34 #define FNAME(name)
35 #endif
36
37 /* ASN.1 Types */
38 #define NUL 0
39 #define BOOL 1
40 #define OID 2
41 #define INT 3
42 #define ENUM 4
43 #define BITSTR 5
44 #define NUMSTR 6
45 #define NUMDGT 6
46 #define TBCDSTR 6
47 #define OCTSTR 7
48 #define PRTSTR 7
49 #define IA5STR 7
50 #define GENSTR 7
51 #define BMPSTR 8
52 #define SEQ 9
53 #define SET 9
54 #define SEQOF 10
55 #define SETOF 10
56 #define CHOICE 11
57
58 /* Constraint Types */
59 #define FIXD 0
60 /* #define BITS 1-8 */
61 #define BYTE 9
62 #define WORD 10
63 #define CONS 11
64 #define SEMI 12
65 #define UNCO 13
66
67 /* ASN.1 Type Attributes */
68 #define SKIP 0
69 #define STOP 1
70 #define DECODE 2
71 #define EXT 4
72 #define OPEN 8
73 #define OPT 16
74
75
76 /* ASN.1 Field Structure */
77 typedef struct field_t {
78 #if H323_TRACE
79 char *name;
80 #endif
81 unsigned char type;
82 unsigned char sz;
83 unsigned char lb;
84 unsigned char ub;
85 unsigned short attr;
86 unsigned short offset;
87 const struct field_t *fields;
88 } field_t;
89
90 /* Bit Stream */
91 struct bitstr {
92 unsigned char *buf;
93 unsigned char *beg;
94 unsigned char *end;
95 unsigned char *cur;
96 unsigned int bit;
97 };
98
99 /* Tool Functions */
100 #define INC_BIT(bs) if((++(bs)->bit)>7){(bs)->cur++;(bs)->bit=0;}
101 #define INC_BITS(bs,b) if(((bs)->bit+=(b))>7){(bs)->cur+=(bs)->bit>>3;(bs)->bit&=7;}
102 #define BYTE_ALIGN(bs) if((bs)->bit){(bs)->cur++;(bs)->bit=0;}
103 static unsigned int get_len(struct bitstr *bs);
104 static unsigned int get_bit(struct bitstr *bs);
105 static unsigned int get_bits(struct bitstr *bs, unsigned int b);
106 static unsigned int get_bitmap(struct bitstr *bs, unsigned int b);
107 static unsigned int get_uint(struct bitstr *bs, int b);
108
109 /* Decoder Functions */
110 static int decode_nul(struct bitstr *bs, const struct field_t *f, char *base, int level);
111 static int decode_bool(struct bitstr *bs, const struct field_t *f, char *base, int level);
112 static int decode_oid(struct bitstr *bs, const struct field_t *f, char *base, int level);
113 static int decode_int(struct bitstr *bs, const struct field_t *f, char *base, int level);
114 static int decode_enum(struct bitstr *bs, const struct field_t *f, char *base, int level);
115 static int decode_bitstr(struct bitstr *bs, const struct field_t *f, char *base, int level);
116 static int decode_numstr(struct bitstr *bs, const struct field_t *f, char *base, int level);
117 static int decode_octstr(struct bitstr *bs, const struct field_t *f, char *base, int level);
118 static int decode_bmpstr(struct bitstr *bs, const struct field_t *f, char *base, int level);
119 static int decode_seq(struct bitstr *bs, const struct field_t *f, char *base, int level);
120 static int decode_seqof(struct bitstr *bs, const struct field_t *f, char *base, int level);
121 static int decode_choice(struct bitstr *bs, const struct field_t *f, char *base, int level);
122
123 /* Decoder Functions Vector */
124 typedef int (*decoder_t)(struct bitstr *, const struct field_t *, char *, int);
125 static const decoder_t Decoders[] = {
126 decode_nul,
127 decode_bool,
128 decode_oid,
129 decode_int,
130 decode_enum,
131 decode_bitstr,
132 decode_numstr,
133 decode_octstr,
134 decode_bmpstr,
135 decode_seq,
136 decode_seqof,
137 decode_choice,
138 };
139
140 /*
141 * H.323 Types
142 */
143 #include "nf_conntrack_h323_types.c"
144
145 /*
146 * Functions
147 */
148
149 /* Assume bs is aligned && v < 16384 */
get_len(struct bitstr * bs)150 static unsigned int get_len(struct bitstr *bs)
151 {
152 unsigned int v;
153
154 v = *bs->cur++;
155
156 if (v & 0x80) {
157 v &= 0x3f;
158 v <<= 8;
159 v += *bs->cur++;
160 }
161
162 return v;
163 }
164
nf_h323_error_boundary(struct bitstr * bs,size_t bytes,size_t bits)165 static int nf_h323_error_boundary(struct bitstr *bs, size_t bytes, size_t bits)
166 {
167 bits += bs->bit;
168 bytes += bits / BITS_PER_BYTE;
169 if (bits % BITS_PER_BYTE > 0)
170 bytes++;
171
172 if (bs->cur + bytes > bs->end)
173 return 1;
174
175 return 0;
176 }
177
get_bit(struct bitstr * bs)178 static unsigned int get_bit(struct bitstr *bs)
179 {
180 unsigned int b = (*bs->cur) & (0x80 >> bs->bit);
181
182 INC_BIT(bs);
183
184 return b;
185 }
186
187 /* Assume b <= 8 */
get_bits(struct bitstr * bs,unsigned int b)188 static unsigned int get_bits(struct bitstr *bs, unsigned int b)
189 {
190 unsigned int v, l;
191
192 v = (*bs->cur) & (0xffU >> bs->bit);
193 l = b + bs->bit;
194
195 if (l < 8) {
196 v >>= 8 - l;
197 bs->bit = l;
198 } else if (l == 8) {
199 bs->cur++;
200 bs->bit = 0;
201 } else { /* l > 8 */
202
203 v <<= 8;
204 v += *(++bs->cur);
205 v >>= 16 - l;
206 bs->bit = l - 8;
207 }
208
209 return v;
210 }
211
212 /* Assume b <= 32 */
get_bitmap(struct bitstr * bs,unsigned int b)213 static unsigned int get_bitmap(struct bitstr *bs, unsigned int b)
214 {
215 unsigned int v, l, shift, bytes;
216
217 if (!b)
218 return 0;
219
220 l = bs->bit + b;
221
222 if (l < 8) {
223 v = (unsigned int)(*bs->cur) << (bs->bit + 24);
224 bs->bit = l;
225 } else if (l == 8) {
226 v = (unsigned int)(*bs->cur++) << (bs->bit + 24);
227 bs->bit = 0;
228 } else {
229 for (bytes = l >> 3, shift = 24, v = 0; bytes;
230 bytes--, shift -= 8)
231 v |= (unsigned int)(*bs->cur++) << shift;
232
233 if (l < 32) {
234 v |= (unsigned int)(*bs->cur) << shift;
235 v <<= bs->bit;
236 } else if (l > 32) {
237 v <<= bs->bit;
238 v |= (*bs->cur) >> (8 - bs->bit);
239 }
240
241 bs->bit = l & 0x7;
242 }
243
244 v &= 0xffffffff << (32 - b);
245
246 return v;
247 }
248
249 /*
250 * Assume bs is aligned and sizeof(unsigned int) == 4
251 */
get_uint(struct bitstr * bs,int b)252 static unsigned int get_uint(struct bitstr *bs, int b)
253 {
254 unsigned int v = 0;
255
256 switch (b) {
257 case 4:
258 v |= *bs->cur++;
259 v <<= 8;
260 fallthrough;
261 case 3:
262 v |= *bs->cur++;
263 v <<= 8;
264 fallthrough;
265 case 2:
266 v |= *bs->cur++;
267 v <<= 8;
268 fallthrough;
269 case 1:
270 v |= *bs->cur++;
271 break;
272 }
273 return v;
274 }
275
decode_nul(struct bitstr * bs,const struct field_t * f,char * base,int level)276 static int decode_nul(struct bitstr *bs, const struct field_t *f,
277 char *base, int level)
278 {
279 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
280
281 return H323_ERROR_NONE;
282 }
283
decode_bool(struct bitstr * bs,const struct field_t * f,char * base,int level)284 static int decode_bool(struct bitstr *bs, const struct field_t *f,
285 char *base, int level)
286 {
287 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
288
289 INC_BIT(bs);
290 if (nf_h323_error_boundary(bs, 0, 0))
291 return H323_ERROR_BOUND;
292 return H323_ERROR_NONE;
293 }
294
decode_oid(struct bitstr * bs,const struct field_t * f,char * base,int level)295 static int decode_oid(struct bitstr *bs, const struct field_t *f,
296 char *base, int level)
297 {
298 int len;
299
300 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
301
302 BYTE_ALIGN(bs);
303 if (nf_h323_error_boundary(bs, 1, 0))
304 return H323_ERROR_BOUND;
305
306 len = *bs->cur++;
307 bs->cur += len;
308 if (nf_h323_error_boundary(bs, 0, 0))
309 return H323_ERROR_BOUND;
310
311 return H323_ERROR_NONE;
312 }
313
decode_int(struct bitstr * bs,const struct field_t * f,char * base,int level)314 static int decode_int(struct bitstr *bs, const struct field_t *f,
315 char *base, int level)
316 {
317 unsigned int len;
318
319 PRINT("%*.s%s", level * TAB_SIZE, " ", f->name);
320
321 switch (f->sz) {
322 case BYTE: /* Range == 256 */
323 BYTE_ALIGN(bs);
324 bs->cur++;
325 break;
326 case WORD: /* 257 <= Range <= 64K */
327 BYTE_ALIGN(bs);
328 bs->cur += 2;
329 break;
330 case CONS: /* 64K < Range < 4G */
331 if (nf_h323_error_boundary(bs, 0, 2))
332 return H323_ERROR_BOUND;
333 len = get_bits(bs, 2) + 1;
334 if (nf_h323_error_boundary(bs, len, 0))
335 return H323_ERROR_BOUND;
336 BYTE_ALIGN(bs);
337 if (base && (f->attr & DECODE)) { /* timeToLive */
338 unsigned int v = get_uint(bs, len) + f->lb;
339 PRINT(" = %u", v);
340 *((unsigned int *)(base + f->offset)) = v;
341 }
342 bs->cur += len;
343 break;
344 case UNCO:
345 BYTE_ALIGN(bs);
346 if (nf_h323_error_boundary(bs, 2, 0))
347 return H323_ERROR_BOUND;
348 len = get_len(bs);
349 bs->cur += len;
350 break;
351 default: /* 2 <= Range <= 255 */
352 INC_BITS(bs, f->sz);
353 break;
354 }
355
356 PRINT("\n");
357
358 if (nf_h323_error_boundary(bs, 0, 0))
359 return H323_ERROR_BOUND;
360 return H323_ERROR_NONE;
361 }
362
decode_enum(struct bitstr * bs,const struct field_t * f,char * base,int level)363 static int decode_enum(struct bitstr *bs, const struct field_t *f,
364 char *base, int level)
365 {
366 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
367
368 if ((f->attr & EXT) && get_bit(bs)) {
369 INC_BITS(bs, 7);
370 } else {
371 INC_BITS(bs, f->sz);
372 }
373
374 if (nf_h323_error_boundary(bs, 0, 0))
375 return H323_ERROR_BOUND;
376 return H323_ERROR_NONE;
377 }
378
decode_bitstr(struct bitstr * bs,const struct field_t * f,char * base,int level)379 static int decode_bitstr(struct bitstr *bs, const struct field_t *f,
380 char *base, int level)
381 {
382 unsigned int len;
383
384 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
385
386 BYTE_ALIGN(bs);
387 switch (f->sz) {
388 case FIXD: /* fixed length > 16 */
389 len = f->lb;
390 break;
391 case WORD: /* 2-byte length */
392 if (nf_h323_error_boundary(bs, 2, 0))
393 return H323_ERROR_BOUND;
394 len = (*bs->cur++) << 8;
395 len += (*bs->cur++) + f->lb;
396 break;
397 case SEMI:
398 if (nf_h323_error_boundary(bs, 2, 0))
399 return H323_ERROR_BOUND;
400 len = get_len(bs);
401 break;
402 default:
403 len = 0;
404 break;
405 }
406
407 bs->cur += len >> 3;
408 bs->bit = len & 7;
409
410 if (nf_h323_error_boundary(bs, 0, 0))
411 return H323_ERROR_BOUND;
412 return H323_ERROR_NONE;
413 }
414
decode_numstr(struct bitstr * bs,const struct field_t * f,char * base,int level)415 static int decode_numstr(struct bitstr *bs, const struct field_t *f,
416 char *base, int level)
417 {
418 unsigned int len;
419
420 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
421
422 /* 2 <= Range <= 255 */
423 if (nf_h323_error_boundary(bs, 0, f->sz))
424 return H323_ERROR_BOUND;
425 len = get_bits(bs, f->sz) + f->lb;
426
427 BYTE_ALIGN(bs);
428 INC_BITS(bs, (len << 2));
429
430 if (nf_h323_error_boundary(bs, 0, 0))
431 return H323_ERROR_BOUND;
432 return H323_ERROR_NONE;
433 }
434
decode_octstr(struct bitstr * bs,const struct field_t * f,char * base,int level)435 static int decode_octstr(struct bitstr *bs, const struct field_t *f,
436 char *base, int level)
437 {
438 unsigned int len;
439
440 PRINT("%*.s%s", level * TAB_SIZE, " ", f->name);
441
442 switch (f->sz) {
443 case FIXD: /* Range == 1 */
444 if (f->lb > 2) {
445 BYTE_ALIGN(bs);
446 if (base && (f->attr & DECODE)) {
447 /* The IP Address */
448 IFTHEN(f->lb == 4,
449 PRINT(" = %d.%d.%d.%d:%d",
450 bs->cur[0], bs->cur[1],
451 bs->cur[2], bs->cur[3],
452 bs->cur[4] * 256 + bs->cur[5]));
453 *((unsigned int *)(base + f->offset)) =
454 bs->cur - bs->buf;
455 }
456 }
457 len = f->lb;
458 break;
459 case BYTE: /* Range == 256 */
460 BYTE_ALIGN(bs);
461 if (nf_h323_error_boundary(bs, 1, 0))
462 return H323_ERROR_BOUND;
463 len = (*bs->cur++) + f->lb;
464 break;
465 case SEMI:
466 BYTE_ALIGN(bs);
467 if (nf_h323_error_boundary(bs, 2, 0))
468 return H323_ERROR_BOUND;
469 len = get_len(bs) + f->lb;
470 break;
471 default: /* 2 <= Range <= 255 */
472 if (nf_h323_error_boundary(bs, 0, f->sz))
473 return H323_ERROR_BOUND;
474 len = get_bits(bs, f->sz) + f->lb;
475 BYTE_ALIGN(bs);
476 break;
477 }
478
479 bs->cur += len;
480
481 PRINT("\n");
482
483 if (nf_h323_error_boundary(bs, 0, 0))
484 return H323_ERROR_BOUND;
485 return H323_ERROR_NONE;
486 }
487
decode_bmpstr(struct bitstr * bs,const struct field_t * f,char * base,int level)488 static int decode_bmpstr(struct bitstr *bs, const struct field_t *f,
489 char *base, int level)
490 {
491 unsigned int len;
492
493 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
494
495 switch (f->sz) {
496 case BYTE: /* Range == 256 */
497 BYTE_ALIGN(bs);
498 if (nf_h323_error_boundary(bs, 1, 0))
499 return H323_ERROR_BOUND;
500 len = (*bs->cur++) + f->lb;
501 break;
502 default: /* 2 <= Range <= 255 */
503 if (nf_h323_error_boundary(bs, 0, f->sz))
504 return H323_ERROR_BOUND;
505 len = get_bits(bs, f->sz) + f->lb;
506 BYTE_ALIGN(bs);
507 break;
508 }
509
510 bs->cur += len << 1;
511
512 if (nf_h323_error_boundary(bs, 0, 0))
513 return H323_ERROR_BOUND;
514 return H323_ERROR_NONE;
515 }
516
decode_seq(struct bitstr * bs,const struct field_t * f,char * base,int level)517 static int decode_seq(struct bitstr *bs, const struct field_t *f,
518 char *base, int level)
519 {
520 unsigned int ext, bmp, i, opt, len = 0, bmp2, bmp2_len;
521 int err;
522 const struct field_t *son;
523 unsigned char *beg = NULL;
524
525 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
526
527 /* Decode? */
528 base = (base && (f->attr & DECODE)) ? base + f->offset : NULL;
529
530 /* Extensible? */
531 if (nf_h323_error_boundary(bs, 0, 1))
532 return H323_ERROR_BOUND;
533 ext = (f->attr & EXT) ? get_bit(bs) : 0;
534
535 /* Get fields bitmap */
536 if (nf_h323_error_boundary(bs, 0, f->sz))
537 return H323_ERROR_BOUND;
538 if (f->sz > 32)
539 return H323_ERROR_RANGE;
540 bmp = get_bitmap(bs, f->sz);
541 if (base)
542 *(unsigned int *)base = bmp;
543
544 /* Decode the root components */
545 for (i = opt = 0, son = f->fields; i < f->lb; i++, son++) {
546 if (son->attr & STOP) {
547 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ",
548 son->name);
549 return H323_ERROR_STOP;
550 }
551
552 if (son->attr & OPT) { /* Optional component */
553 if (!((0x80000000U >> (opt++)) & bmp)) /* Not exist */
554 continue;
555 }
556
557 /* Decode */
558 if (son->attr & OPEN) { /* Open field */
559 if (nf_h323_error_boundary(bs, 2, 0))
560 return H323_ERROR_BOUND;
561 len = get_len(bs);
562 if (nf_h323_error_boundary(bs, len, 0))
563 return H323_ERROR_BOUND;
564 if (!base || !(son->attr & DECODE)) {
565 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE,
566 " ", son->name);
567 bs->cur += len;
568 continue;
569 }
570 beg = bs->cur;
571
572 /* Decode */
573 if ((err = (Decoders[son->type]) (bs, son, base,
574 level + 1)) <
575 H323_ERROR_NONE)
576 return err;
577
578 bs->cur = beg + len;
579 bs->bit = 0;
580 } else if ((err = (Decoders[son->type]) (bs, son, base,
581 level + 1)) <
582 H323_ERROR_NONE)
583 return err;
584 }
585
586 /* No extension? */
587 if (!ext)
588 return H323_ERROR_NONE;
589
590 /* Get the extension bitmap */
591 if (nf_h323_error_boundary(bs, 0, 7))
592 return H323_ERROR_BOUND;
593 bmp2_len = get_bits(bs, 7) + 1;
594 if (nf_h323_error_boundary(bs, 0, bmp2_len))
595 return H323_ERROR_BOUND;
596 if (bmp2_len > 32)
597 return H323_ERROR_RANGE;
598 bmp2 = get_bitmap(bs, bmp2_len);
599 bmp |= bmp2 >> f->sz;
600 if (base)
601 *(unsigned int *)base = bmp;
602 BYTE_ALIGN(bs);
603
604 /* Decode the extension components */
605 for (opt = 0; opt < bmp2_len; opt++, i++, son++) {
606 /* Check Range */
607 if (i >= f->ub) { /* Newer Version? */
608 if (nf_h323_error_boundary(bs, 2, 0))
609 return H323_ERROR_BOUND;
610 len = get_len(bs);
611 if (nf_h323_error_boundary(bs, len, 0))
612 return H323_ERROR_BOUND;
613 bs->cur += len;
614 continue;
615 }
616
617 if (son->attr & STOP) {
618 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ",
619 son->name);
620 return H323_ERROR_STOP;
621 }
622
623 if (!((0x80000000 >> opt) & bmp2)) /* Not present */
624 continue;
625
626 if (nf_h323_error_boundary(bs, 2, 0))
627 return H323_ERROR_BOUND;
628 len = get_len(bs);
629 if (nf_h323_error_boundary(bs, len, 0))
630 return H323_ERROR_BOUND;
631 if (!base || !(son->attr & DECODE)) {
632 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ",
633 son->name);
634 bs->cur += len;
635 continue;
636 }
637 beg = bs->cur;
638
639 if ((err = (Decoders[son->type]) (bs, son, base,
640 level + 1)) <
641 H323_ERROR_NONE)
642 return err;
643
644 bs->cur = beg + len;
645 bs->bit = 0;
646 }
647 return H323_ERROR_NONE;
648 }
649
decode_seqof(struct bitstr * bs,const struct field_t * f,char * base,int level)650 static int decode_seqof(struct bitstr *bs, const struct field_t *f,
651 char *base, int level)
652 {
653 unsigned int count, effective_count = 0, i, len = 0;
654 int err;
655 const struct field_t *son;
656 unsigned char *beg = NULL;
657
658 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
659
660 /* Decode? */
661 base = (base && (f->attr & DECODE)) ? base + f->offset : NULL;
662
663 /* Decode item count */
664 switch (f->sz) {
665 case BYTE:
666 BYTE_ALIGN(bs);
667 if (nf_h323_error_boundary(bs, 1, 0))
668 return H323_ERROR_BOUND;
669 count = *bs->cur++;
670 break;
671 case WORD:
672 BYTE_ALIGN(bs);
673 if (nf_h323_error_boundary(bs, 2, 0))
674 return H323_ERROR_BOUND;
675 count = *bs->cur++;
676 count <<= 8;
677 count += *bs->cur++;
678 break;
679 case SEMI:
680 BYTE_ALIGN(bs);
681 if (nf_h323_error_boundary(bs, 2, 0))
682 return H323_ERROR_BOUND;
683 count = get_len(bs);
684 break;
685 default:
686 if (nf_h323_error_boundary(bs, 0, f->sz))
687 return H323_ERROR_BOUND;
688 count = get_bits(bs, f->sz);
689 break;
690 }
691 count += f->lb;
692
693 /* Write Count */
694 if (base) {
695 effective_count = count > f->ub ? f->ub : count;
696 *(unsigned int *)base = effective_count;
697 base += sizeof(unsigned int);
698 }
699
700 /* Decode nested field */
701 son = f->fields;
702 if (base)
703 base -= son->offset;
704 for (i = 0; i < count; i++) {
705 if (son->attr & OPEN) {
706 BYTE_ALIGN(bs);
707 if (nf_h323_error_boundary(bs, 2, 0))
708 return H323_ERROR_BOUND;
709 len = get_len(bs);
710 if (nf_h323_error_boundary(bs, len, 0))
711 return H323_ERROR_BOUND;
712 if (!base || !(son->attr & DECODE)) {
713 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE,
714 " ", son->name);
715 bs->cur += len;
716 continue;
717 }
718 beg = bs->cur;
719
720 if ((err = (Decoders[son->type]) (bs, son,
721 i <
722 effective_count ?
723 base : NULL,
724 level + 1)) <
725 H323_ERROR_NONE)
726 return err;
727
728 bs->cur = beg + len;
729 bs->bit = 0;
730 } else
731 if ((err = (Decoders[son->type]) (bs, son,
732 i <
733 effective_count ?
734 base : NULL,
735 level + 1)) <
736 H323_ERROR_NONE)
737 return err;
738
739 if (base)
740 base += son->offset;
741 }
742
743 return H323_ERROR_NONE;
744 }
745
decode_choice(struct bitstr * bs,const struct field_t * f,char * base,int level)746 static int decode_choice(struct bitstr *bs, const struct field_t *f,
747 char *base, int level)
748 {
749 unsigned int type, ext, len = 0;
750 int err;
751 const struct field_t *son;
752 unsigned char *beg = NULL;
753
754 PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
755
756 /* Decode? */
757 base = (base && (f->attr & DECODE)) ? base + f->offset : NULL;
758
759 /* Decode the choice index number */
760 if (nf_h323_error_boundary(bs, 0, 1))
761 return H323_ERROR_BOUND;
762 if ((f->attr & EXT) && get_bit(bs)) {
763 ext = 1;
764 if (nf_h323_error_boundary(bs, 0, 7))
765 return H323_ERROR_BOUND;
766 type = get_bits(bs, 7) + f->lb;
767 } else {
768 ext = 0;
769 if (nf_h323_error_boundary(bs, 0, f->sz))
770 return H323_ERROR_BOUND;
771 type = get_bits(bs, f->sz);
772 if (type >= f->lb)
773 return H323_ERROR_RANGE;
774 }
775
776 /* Write Type */
777 if (base)
778 *(unsigned int *)base = type;
779
780 /* Check Range */
781 if (type >= f->ub) { /* Newer version? */
782 BYTE_ALIGN(bs);
783 if (nf_h323_error_boundary(bs, 2, 0))
784 return H323_ERROR_BOUND;
785 len = get_len(bs);
786 if (nf_h323_error_boundary(bs, len, 0))
787 return H323_ERROR_BOUND;
788 bs->cur += len;
789 return H323_ERROR_NONE;
790 }
791
792 /* Transfer to son level */
793 son = &f->fields[type];
794 if (son->attr & STOP) {
795 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ", son->name);
796 return H323_ERROR_STOP;
797 }
798
799 if (ext || (son->attr & OPEN)) {
800 BYTE_ALIGN(bs);
801 if (nf_h323_error_boundary(bs, 2, 0))
802 return H323_ERROR_BOUND;
803 len = get_len(bs);
804 if (nf_h323_error_boundary(bs, len, 0))
805 return H323_ERROR_BOUND;
806 if (!base || !(son->attr & DECODE)) {
807 PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ",
808 son->name);
809 bs->cur += len;
810 return H323_ERROR_NONE;
811 }
812 beg = bs->cur;
813
814 if ((err = (Decoders[son->type]) (bs, son, base, level + 1)) <
815 H323_ERROR_NONE)
816 return err;
817
818 bs->cur = beg + len;
819 bs->bit = 0;
820 } else if ((err = (Decoders[son->type]) (bs, son, base, level + 1)) <
821 H323_ERROR_NONE)
822 return err;
823
824 return H323_ERROR_NONE;
825 }
826
DecodeRasMessage(unsigned char * buf,size_t sz,RasMessage * ras)827 int DecodeRasMessage(unsigned char *buf, size_t sz, RasMessage *ras)
828 {
829 static const struct field_t ras_message = {
830 FNAME("RasMessage") CHOICE, 5, 24, 32, DECODE | EXT,
831 0, _RasMessage
832 };
833 struct bitstr bs;
834
835 bs.buf = bs.beg = bs.cur = buf;
836 bs.end = buf + sz;
837 bs.bit = 0;
838
839 return decode_choice(&bs, &ras_message, (char *) ras, 0);
840 }
841
DecodeH323_UserInformation(unsigned char * buf,unsigned char * beg,size_t sz,H323_UserInformation * uuie)842 static int DecodeH323_UserInformation(unsigned char *buf, unsigned char *beg,
843 size_t sz, H323_UserInformation *uuie)
844 {
845 static const struct field_t h323_userinformation = {
846 FNAME("H323-UserInformation") SEQ, 1, 2, 2, DECODE | EXT,
847 0, _H323_UserInformation
848 };
849 struct bitstr bs;
850
851 bs.buf = buf;
852 bs.beg = bs.cur = beg;
853 bs.end = beg + sz;
854 bs.bit = 0;
855
856 return decode_seq(&bs, &h323_userinformation, (char *) uuie, 0);
857 }
858
DecodeMultimediaSystemControlMessage(unsigned char * buf,size_t sz,MultimediaSystemControlMessage * mscm)859 int DecodeMultimediaSystemControlMessage(unsigned char *buf, size_t sz,
860 MultimediaSystemControlMessage *
861 mscm)
862 {
863 static const struct field_t multimediasystemcontrolmessage = {
864 FNAME("MultimediaSystemControlMessage") CHOICE, 2, 4, 4,
865 DECODE | EXT, 0, _MultimediaSystemControlMessage
866 };
867 struct bitstr bs;
868
869 bs.buf = bs.beg = bs.cur = buf;
870 bs.end = buf + sz;
871 bs.bit = 0;
872
873 return decode_choice(&bs, &multimediasystemcontrolmessage,
874 (char *) mscm, 0);
875 }
876
DecodeQ931(unsigned char * buf,size_t sz,Q931 * q931)877 int DecodeQ931(unsigned char *buf, size_t sz, Q931 *q931)
878 {
879 unsigned char *p = buf;
880 int len;
881
882 if (!p || sz < 1)
883 return H323_ERROR_BOUND;
884
885 /* Protocol Discriminator */
886 if (*p != 0x08) {
887 PRINT("Unknown Protocol Discriminator\n");
888 return H323_ERROR_RANGE;
889 }
890 p++;
891 sz--;
892
893 /* CallReferenceValue */
894 if (sz < 1)
895 return H323_ERROR_BOUND;
896 len = *p++;
897 sz--;
898 if (sz < len)
899 return H323_ERROR_BOUND;
900 p += len;
901 sz -= len;
902
903 /* Message Type */
904 if (sz < 2)
905 return H323_ERROR_BOUND;
906 q931->MessageType = *p++;
907 sz--;
908 PRINT("MessageType = %02X\n", q931->MessageType);
909 if (*p & 0x80) {
910 p++;
911 sz--;
912 }
913
914 /* Decode Information Elements */
915 while (sz > 0) {
916 if (*p == 0x7e) { /* UserUserIE */
917 if (sz < 3)
918 break;
919 p++;
920 len = *p++ << 8;
921 len |= *p++;
922 sz -= 3;
923 if (sz < len)
924 break;
925 p++;
926 len--;
927 if (len <= 0)
928 break;
929 return DecodeH323_UserInformation(buf, p, len,
930 &q931->UUIE);
931 }
932 p++;
933 sz--;
934 if (sz < 1)
935 break;
936 len = *p++;
937 sz--;
938 if (sz < len)
939 break;
940 p += len;
941 sz -= len;
942 }
943
944 PRINT("Q.931 UUIE not found\n");
945
946 return H323_ERROR_BOUND;
947 }
948