coder
/
SMBLibrary-Fork


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
							/* Copyright (C) 2014 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
 * 
 * You can redistribute this program and/or modify it under the terms of
 * the GNU Lesser Public License as published by the Free Software Foundation,
 * either version 3 of the License, or (at your option) any later version.
 */
using System;
using System.Collections.Generic;
using System.IO;
using System.Runtime.InteropServices;
using System.Text;
using Utilities;

namespace SMBLibrary.RPC
{
    /// <summary>
    /// NDR - Native Data Representation
    /// See DCE 1.1: Remote Procedure Call, Chapter 14 - Transfer Syntax NDR
    /// </summary>
    public class NDRParser
    {
        private byte[] m_buffer;
        private int m_offset;
        private int m_depth;
        private List<INDRStructure> m_deferredStructures = new List<INDRStructure>();
        private Dictionary<uint, INDRStructure> m_referentToInstance = new Dictionary<uint, INDRStructure>();

        public NDRParser(byte[] buffer)
        {
            m_buffer = buffer;
            m_offset = 0;
            m_depth = 0;
        }

        public void BeginStructure()
        {
            m_depth++;
        }

        /// <summary>
        /// Add embedded pointer deferred structure (referent) parser
        /// </summary>
        private void AddDeferredStructure(INDRStructure structure)
        {
            m_deferredStructures.Add(structure);
        }

        public void EndStructure()
        {
            m_depth--;
            // 14.3.12.3 - Algorithm for Deferral of Referents
            // Representations of (embedded) pointer referents are ordered according to a left-to-right, depth-first traversal of the embedding construction.
            // referent representations for the embedded construction are further deferred to a position in the octet stream that
            // follows the representation of the embedding construction. The set of referent representations for the embedded construction
            // is inserted among the referent representations for any pointers in the embedding construction, according to the order of elements or
            // members in the embedding construction
            if (m_depth == 0)
            {
                // Make a copy of all the deferred structures, additional deferred structures will be inserted to m_deferredStructures
                // as we process the existing list
                List<INDRStructure> deferredStructures = new List<INDRStructure>(m_deferredStructures);
                m_deferredStructures.Clear();
                // Read all deferred types:
                foreach (INDRStructure deferredStructure in deferredStructures)
                {
                    deferredStructure.Read(this);
                }
            }
        }

        public string ReadUnicodeString()
        {
            NDRUnicodeString unicodeString = new NDRUnicodeString(this);
            return unicodeString.Value;
        }

        public void ReadStructure(INDRStructure structure)
        {
            structure.Read(this);
        }

        // 14.3.11.1 - Top-level Full Pointers
        public string ReadTopLevelUnicodeStringPointer()
        {
            uint referentID = ReadUInt32();
            if (referentID == 0)
            {
                return null;
            }

            if (m_referentToInstance.ContainsKey(referentID))
            {
                NDRUnicodeString unicodeString = (NDRUnicodeString)m_referentToInstance[referentID];
                return unicodeString.Value;
            }
            else
            {
                NDRUnicodeString unicodeString = new NDRUnicodeString(this);
                m_referentToInstance.Add(referentID, unicodeString);
                return unicodeString.Value;
            }
        }

        public void ReadEmbeddedStructureFullPointer(ref NDRUnicodeString structure)
        {
            ReadEmbeddedStructureFullPointer<NDRUnicodeString>(ref structure);
        }

        public void ReadEmbeddedStructureFullPointer<T>(ref T structure) where T : INDRStructure, new ()
        {
            uint referentID = ReadUInt32();
            if (referentID != 0) // not null
            {
                if (structure == null)
                {
                    structure = new T();
                }
                AddDeferredStructure(structure);
            }
            else
            {
                structure = default(T);
            }
        }

        // 14.2.2 - Alignment of Primitive Types
        public uint ReadUInt16()
        {
            m_offset += (2 - (m_offset % 2)) % 2;
            return LittleEndianReader.ReadUInt16(m_buffer, ref m_offset);
        }

        // 14.2.2 - Alignment of Primitive Types
        public uint ReadUInt32()
        {
            m_offset += (4 - (m_offset % 4)) % 4;
            return LittleEndianReader.ReadUInt32(m_buffer, ref m_offset);
        }
    }
}