rust/smb: convert parser to nom7 functions (SMB1)

vincentmli · Dec 13, 2021 · d67f8f9 · d67f8f9
1 parent 895a54c
commit d67f8f9
Show file tree

Hide file tree

Showing 6 changed files with 566 additions and 565 deletions.
diff --git a/rust/src/smb/dcerpc_records.rs b/rust/src/smb/dcerpc_records.rs
@@ -24,7 +24,7 @@ use nom7::multi::count;
 use nom7::number::Endianness;
 use nom7::number::streaming::{be_u16, le_u8, le_u16, le_u32, u16, u32};
 use nom7::sequence::tuple;
-use nom7::IResult;
+use nom7::{Err, IResult};
 
 #[derive(Debug,PartialEq)]
 pub struct DceRpcResponseRecord<'a> {
@@ -34,18 +34,15 @@ pub struct DceRpcResponseRecord<'a> {
 /// parse a packet type 'response' DCERPC record. Implemented
 /// as function to be able to pass the fraglen in.
 pub fn parse_dcerpc_response_record(i:&[u8], frag_len: u16 )
-    -> nom::IResult<&[u8], DceRpcResponseRecord, SmbError>
+    -> IResult<&[u8], DceRpcResponseRecord, SmbError>
 {
     if frag_len < 24 {
-        return Err(nom::Err::Error(SmbError::RecordTooSmall));
+        return Err(Err::Error(SmbError::RecordTooSmall));
     }
-    do_parse!(i,
-                take!(8)
-            >>  data:take!(frag_len - 24)
-            >> (DceRpcResponseRecord {
-                    data:data,
-               })
-    )
+    let (i, _) = take(8_usize)(i)?;
+    let (i, data) = take(frag_len - 24)(i)?;
+    let record = DceRpcResponseRecord { data };
+    Ok((i, record))
 }
 
 #[derive(Debug,PartialEq)]
@@ -57,22 +54,17 @@ pub struct DceRpcRequestRecord<'a> {
 /// parse a packet type 'request' DCERPC record. Implemented
 /// as function to be able to pass the fraglen in.
 pub fn parse_dcerpc_request_record(i:&[u8], frag_len: u16, little: bool)
-    -> nom::IResult<&[u8], DceRpcRequestRecord, SmbError>
+    -> IResult<&[u8], DceRpcRequestRecord, SmbError>
 {
-    use nom::number::Endianness;
     if frag_len < 24 {
-        return Err(nom::Err::Error(SmbError::RecordTooSmall));
+        return Err(Err::Error(SmbError::RecordTooSmall));
     }
-    do_parse!(i,
-                take!(6)
-            >>  endian: value!(if little { Endianness::Little } else { Endianness::Big })
-            >>  opnum: u16!(endian)
-            >>  data:take!(frag_len - 24)
-            >> (DceRpcRequestRecord {
-                    opnum:opnum,
-                    data:data,
-               })
-    )
+    let (i, _) = take(6_usize)(i)?;
+    let endian = if little { Endianness::Little } else { Endianness::Big };
+    let (i, opnum) = u16(endian)(i)?;
+    let (i, data) = take(frag_len - 24)(i)?;
+    let record = DceRpcRequestRecord { opnum, data };
+    Ok((i, record))
 }
 
 #[derive(Debug,PartialEq)]

diff --git a/rust/src/smb/error.rs b/rust/src/smb/error.rs
@@ -16,7 +16,7 @@
  */
 
 // Author: Pierre Chifflier <[email protected]>
-use nom::error::{ErrorKind, ParseError};
+use nom7::error::{ErrorKind, ParseError};
 
 #[derive(Debug)]
 pub enum SmbError {

diff --git a/rust/src/smb/smb.rs b/rust/src/smb/smb.rs
@@ -31,7 +31,6 @@ use std::ffi::{self, CString};
 
 use std::collections::HashMap;
 
-use nom;
 use nom7::{Err, Needed};
 
 use crate::core::*;
@@ -1649,7 +1648,7 @@ impl SMBState {
                                     }
                                 }
                             },
-                            Err(nom::Err::Incomplete(_)) => {
+                            Err(Err::Incomplete(_)) => {
                                 // not enough data to contain basic SMB hdr
                                 // TODO event: empty NBSS_MSGTYPE_SESSION_MESSAGE
                             },

diff --git a/rust/src/smb/smb1.rs b/rust/src/smb/smb1.rs
@@ -19,8 +19,6 @@
  * - check all parsers for calls on non-SUCCESS status
  */
 
-use nom;
-
 use crate::core::*;
 
 use crate::smb::smb::*;
@@ -31,6 +29,8 @@ use crate::smb::files::*;
 use crate::smb::smb1_records::*;
 use crate::smb::smb1_session::*;
 
+use nom7::Err;
+
 // https://msdn.microsoft.com/en-us/library/ee441741.aspx
 pub const SMB1_COMMAND_CREATE_DIRECTORY:        u8 = 0x00;
 pub const SMB1_COMMAND_DELETE_DIRECTORY:        u8 = 0x01;
@@ -251,13 +251,13 @@ fn smb1_request_record_one<'b>(state: &mut SMBState, r: &SmbRecord<'b>, command:
                                             true
 
                                         },
-                                        Err(nom::Err::Incomplete(_n)) => {
+                                        Err(Err::Incomplete(_n)) => {
                                             SCLogDebug!("TRANS2 SET_FILE_INFO DATA DISPOSITION INCOMPLETE {:?}", _n);
                                             events.push(SMBEvent::MalformedData);
                                             false
                                         },
-                                        Err(nom::Err::Error(_e)) |
-                                        Err(nom::Err::Failure(_e)) => {
+                                        Err(Err::Error(_e)) |
+                                        Err(Err::Failure(_e)) => {
                                             SCLogDebug!("TRANS2 SET_FILE_INFO DATA DISPOSITION ERROR {:?}", _e);
                                             events.push(SMBEvent::MalformedData);
                                             false
@@ -279,13 +279,13 @@ fn smb1_request_record_one<'b>(state: &mut SMBState, r: &SmbRecord<'b>, command:
                                             tx.vercmd.set_smb1_cmd(SMB1_COMMAND_TRANS2);
                                             true
                                         },
-                                        Err(nom::Err::Incomplete(_n)) => {
+                                        Err(Err::Incomplete(_n)) => {
                                             SCLogDebug!("TRANS2 SET_PATH_INFO DATA RENAME INCOMPLETE {:?}", _n);
                                             events.push(SMBEvent::MalformedData);
                                             false
                                         },
-                                        Err(nom::Err::Error(_e)) |
-                                        Err(nom::Err::Failure(_e)) => {
+                                        Err(Err::Error(_e)) |
+                                        Err(Err::Failure(_e)) => {
                                             SCLogDebug!("TRANS2 SET_PATH_INFO DATA RENAME ERROR {:?}", _e);
                                             events.push(SMBEvent::MalformedData);
                                             false
@@ -295,13 +295,13 @@ fn smb1_request_record_one<'b>(state: &mut SMBState, r: &SmbRecord<'b>, command:
                                     false
                                 }
                             },
-                            Err(nom::Err::Incomplete(_n)) => {
+                            Err(Err::Incomplete(_n)) => {
                                 SCLogDebug!("TRANS2 SET_PATH_INFO PARAMS INCOMPLETE {:?}", _n);
                                 events.push(SMBEvent::MalformedData);
                                 false
                             },
-                            Err(nom::Err::Error(_e)) |
-                            Err(nom::Err::Failure(_e)) => {
+                            Err(Err::Error(_e)) |
+                            Err(Err::Failure(_e)) => {
                                 SCLogDebug!("TRANS2 SET_PATH_INFO PARAMS ERROR {:?}", _e);
                                 events.push(SMBEvent::MalformedData);
                                 false
@@ -334,13 +334,13 @@ fn smb1_request_record_one<'b>(state: &mut SMBState, r: &SmbRecord<'b>, command:
                                             true
 
                                         },
-                                        Err(nom::Err::Incomplete(_n)) => {
+                                        Err(Err::Incomplete(_n)) => {
                                             SCLogDebug!("TRANS2 SET_FILE_INFO DATA DISPOSITION INCOMPLETE {:?}", _n);
                                             events.push(SMBEvent::MalformedData);
                                             false
                                         },
-                                        Err(nom::Err::Error(_e)) |
-                                        Err(nom::Err::Failure(_e)) => {
+                                        Err(Err::Error(_e)) |
+                                        Err(Err::Failure(_e)) => {
                                             SCLogDebug!("TRANS2 SET_FILE_INFO DATA DISPOSITION ERROR {:?}", _e);
                                             events.push(SMBEvent::MalformedData);
                                             false
@@ -367,13 +367,13 @@ fn smb1_request_record_one<'b>(state: &mut SMBState, r: &SmbRecord<'b>, command:
                                             tx.vercmd.set_smb1_cmd(SMB1_COMMAND_TRANS2);
                                             true
                                         },
-                                        Err(nom::Err::Incomplete(_n)) => {
+                                        Err(Err::Incomplete(_n)) => {
                                             SCLogDebug!("TRANS2 SET_FILE_INFO DATA RENAME INCOMPLETE {:?}", _n);
                                             events.push(SMBEvent::MalformedData);
                                             false
                                         },
-                                        Err(nom::Err::Error(_e)) |
-                                        Err(nom::Err::Failure(_e)) => {
+                                        Err(Err::Error(_e)) |
+                                        Err(Err::Failure(_e)) => {
                                             SCLogDebug!("TRANS2 SET_FILE_INFO DATA RENAME ERROR {:?}", _e);
                                             events.push(SMBEvent::MalformedData);
                                             false
@@ -383,13 +383,13 @@ fn smb1_request_record_one<'b>(state: &mut SMBState, r: &SmbRecord<'b>, command:
                                     false
                                 }
                             },
-                            Err(nom::Err::Incomplete(_n)) => {
+                            Err(Err::Incomplete(_n)) => {
                                 SCLogDebug!("TRANS2 SET_FILE_INFO PARAMS INCOMPLETE {:?}", _n);
                                 events.push(SMBEvent::MalformedData);
                                 false
                             },
-                            Err(nom::Err::Error(_e)) |
-                            Err(nom::Err::Failure(_e)) => {
+                            Err(Err::Error(_e)) |
+                            Err(Err::Failure(_e)) => {
                                 SCLogDebug!("TRANS2 SET_FILE_INFO PARAMS ERROR {:?}", _e);
                                 events.push(SMBEvent::MalformedData);
                                 false
@@ -399,13 +399,13 @@ fn smb1_request_record_one<'b>(state: &mut SMBState, r: &SmbRecord<'b>, command:
                         false
                     }
                 },
-                Err(nom::Err::Incomplete(_n)) => {
+                Err(Err::Incomplete(_n)) => {
                     SCLogDebug!("TRANS2 INCOMPLETE {:?}", _n);
                     events.push(SMBEvent::MalformedData);
                     false
                 },
-                Err(nom::Err::Error(_e)) |
-                Err(nom::Err::Failure(_e)) => {
+                Err(Err::Error(_e)) |
+                Err(Err::Failure(_e)) => {
                     SCLogDebug!("TRANS2 ERROR {:?}", _e);
                     events.push(SMBEvent::MalformedData);
                     false