LXR linux/net/netfilter/nf_conntrack_h323

   1// SPDX-License-Identifier: GPL-2.0-only
   2/*
   3 * BER and PER decoding library for H.323 conntrack/NAT module.
   4 *
   5 * Copyright (c) 2006 by Jing Min Zhao <zhaojingmin@users.sourceforge.net>
   6 *
   7 * See nf_conntrack_helper_h323_asn1.h for details.
   8 */
   9
  10#ifdef __KERNEL__
  11#include <linux/kernel.h>
  12#else
  13#include <stdio.h>
  14#endif
  15#include <linux/netfilter/nf_conntrack_h323_asn1.h>
  16
  17/* Trace Flag */
  18#ifndef H323_TRACE
  19#define H323_TRACE 0
  20#endif
  21
  22#if H323_TRACE
  23#define TAB_SIZE 4
  24#define IFTHEN(cond, act) if(cond){act;}
  25#ifdef __KERNEL__
  26#define PRINT printk
  27#else
  28#define PRINT printf
  29#endif
  30#define FNAME(name) name,
  31#else
  32#define IFTHEN(cond, act)
  33#define PRINT(fmt, args...)
  34#define FNAME(name)
  35#endif
  36
  37/* ASN.1 Types */
  38#define NUL 0
  39#define BOOL 1
  40#define OID 2
  41#define INT 3
  42#define ENUM 4
  43#define BITSTR 5
  44#define NUMSTR 6
  45#define NUMDGT 6
  46#define TBCDSTR 6
  47#define OCTSTR 7
  48#define PRTSTR 7
  49#define IA5STR 7
  50#define GENSTR 7
  51#define BMPSTR 8
  52#define SEQ 9
  53#define SET 9
  54#define SEQOF 10
  55#define SETOF 10
  56#define CHOICE 11
  57
  58/* Constraint Types */
  59#define FIXD 0
  60/* #define BITS 1-8 */
  61#define BYTE 9
  62#define WORD 10
  63#define CONS 11
  64#define SEMI 12
  65#define UNCO 13
  66
  67/* ASN.1 Type Attributes */
  68#define SKIP 0
  69#define STOP 1
  70#define DECODE 2
  71#define EXT 4
  72#define OPEN 8
  73#define OPT 16
  74
  75
  76/* ASN.1 Field Structure */
  77typedef struct field_t {
  78#if H323_TRACE
  79        char *name;
  80#endif
  81        unsigned char type;
  82        unsigned char sz;
  83        unsigned char lb;
  84        unsigned char ub;
  85        unsigned short attr;
  86        unsigned short offset;
  87        const struct field_t *fields;
  88} field_t;
  89
  90/* Bit Stream */
  91struct bitstr {
  92        unsigned char *buf;
  93        unsigned char *beg;
  94        unsigned char *end;
  95        unsigned char *cur;
  96        unsigned int bit;
  97};
  98
  99/* Tool Functions */
 100#define INC_BIT(bs) if((++(bs)->bit)>7){(bs)->cur++;(bs)->bit=0;}
 101#define INC_BITS(bs,b) if(((bs)->bit+=(b))>7){(bs)->cur+=(bs)->bit>>3;(bs)->bit&=7;}
 102#define BYTE_ALIGN(bs) if((bs)->bit){(bs)->cur++;(bs)->bit=0;}
 103static unsigned int get_len(struct bitstr *bs);
 104static unsigned int get_bit(struct bitstr *bs);
 105static unsigned int get_bits(struct bitstr *bs, unsigned int b);
 106static unsigned int get_bitmap(struct bitstr *bs, unsigned int b);
 107static unsigned int get_uint(struct bitstr *bs, int b);
 108
 109/* Decoder Functions */
 110static int decode_nul(struct bitstr *bs, const struct field_t *f, char *base, int level);
 111static int decode_bool(struct bitstr *bs, const struct field_t *f, char *base, int level);
 112static int decode_oid(struct bitstr *bs, const struct field_t *f, char *base, int level);
 113static int decode_int(struct bitstr *bs, const struct field_t *f, char *base, int level);
 114static int decode_enum(struct bitstr *bs, const struct field_t *f, char *base, int level);
 115static int decode_bitstr(struct bitstr *bs, const struct field_t *f, char *base, int level);
 116static int decode_numstr(struct bitstr *bs, const struct field_t *f, char *base, int level);
 117static int decode_octstr(struct bitstr *bs, const struct field_t *f, char *base, int level);
 118static int decode_bmpstr(struct bitstr *bs, const struct field_t *f, char *base, int level);
 119static int decode_seq(struct bitstr *bs, const struct field_t *f, char *base, int level);
 120static int decode_seqof(struct bitstr *bs, const struct field_t *f, char *base, int level);
 121static int decode_choice(struct bitstr *bs, const struct field_t *f, char *base, int level);
 122
 123/* Decoder Functions Vector */
 124typedef int (*decoder_t)(struct bitstr *, const struct field_t *, char *, int);
 125static const decoder_t Decoders[] = {
 126        decode_nul,
 127        decode_bool,
 128        decode_oid,
 129        decode_int,
 130        decode_enum,
 131        decode_bitstr,
 132        decode_numstr,
 133        decode_octstr,
 134        decode_bmpstr,
 135        decode_seq,
 136        decode_seqof,
 137        decode_choice,
 138};
 139
 140/*
 141 * H.323 Types
 142 */
 143#include "nf_conntrack_h323_types.c"
 144
 145/*
 146 * Functions
 147 */
 148
 149/* Assume bs is aligned && v < 16384 */
 150static unsigned int get_len(struct bitstr *bs)
 151{
 152        unsigned int v;
 153
 154        v = *bs->cur++;
 155
 156        if (v & 0x80) {
 157                v &= 0x3f;
 158                v <<= 8;
 159                v += *bs->cur++;
 160        }
 161
 162        return v;
 163}
 164
 165static int nf_h323_error_boundary(struct bitstr *bs, size_t bytes, size_t bits)
 166{
 167        bits += bs->bit;
 168        bytes += bits / BITS_PER_BYTE;
 169        if (bits % BITS_PER_BYTE > 0)
 170                bytes++;
 171
 172        if (bs->cur + bytes > bs->end)
 173                return 1;
 174
 175        return 0;
 176}
 177
 178static unsigned int get_bit(struct bitstr *bs)
 179{
 180        unsigned int b = (*bs->cur) & (0x80 >> bs->bit);
 181
 182        INC_BIT(bs);
 183
 184        return b;
 185}
 186
 187/* Assume b <= 8 */
 188static unsigned int get_bits(struct bitstr *bs, unsigned int b)
 189{
 190        unsigned int v, l;
 191
 192        v = (*bs->cur) & (0xffU >> bs->bit);
 193        l = b + bs->bit;
 194
 195        if (l < 8) {
 196                v >>= 8 - l;
 197                bs->bit = l;
 198        } else if (l == 8) {
 199                bs->cur++;
 200                bs->bit = 0;
 201        } else {                /* l > 8 */
 202
 203                v <<= 8;
 204                v += *(++bs->cur);
 205                v >>= 16 - l;
 206                bs->bit = l - 8;
 207        }
 208
 209        return v;
 210}
 211
 212/* Assume b <= 32 */
 213static unsigned int get_bitmap(struct bitstr *bs, unsigned int b)
 214{
 215        unsigned int v, l, shift, bytes;
 216
 217        if (!b)
 218                return 0;
 219
 220        l = bs->bit + b;
 221
 222        if (l < 8) {
 223                v = (unsigned int)(*bs->cur) << (bs->bit + 24);
 224                bs->bit = l;
 225        } else if (l == 8) {
 226                v = (unsigned int)(*bs->cur++) << (bs->bit + 24);
 227                bs->bit = 0;
 228        } else {
 229                for (bytes = l >> 3, shift = 24, v = 0; bytes;
 230                     bytes--, shift -= 8)
 231                        v |= (unsigned int)(*bs->cur++) << shift;
 232
 233                if (l < 32) {
 234                        v |= (unsigned int)(*bs->cur) << shift;
 235                        v <<= bs->bit;
 236                } else if (l > 32) {
 237                        v <<= bs->bit;
 238                        v |= (*bs->cur) >> (8 - bs->bit);
 239                }
 240
 241                bs->bit = l & 0x7;
 242        }
 243
 244        v &= 0xffffffff << (32 - b);
 245
 246        return v;
 247}
 248
 249/*
 250 * Assume bs is aligned and sizeof(unsigned int) == 4
 251 */
 252static unsigned int get_uint(struct bitstr *bs, int b)
 253{
 254        unsigned int v = 0;
 255
 256        switch (b) {
 257        case 4:
 258                v |= *bs->cur++;
 259                v <<= 8;
 260                /* fall through */
 261        case 3:
 262                v |= *bs->cur++;
 263                v <<= 8;
 264                /* fall through */
 265        case 2:
 266                v |= *bs->cur++;
 267                v <<= 8;
 268                /* fall through */
 269        case 1:
 270                v |= *bs->cur++;
 271                break;
 272        }
 273        return v;
 274}
 275
 276static int decode_nul(struct bitstr *bs, const struct field_t *f,
 277                      char *base, int level)
 278{
 279        PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
 280
 281        return H323_ERROR_NONE;
 282}
 283
 284static int decode_bool(struct bitstr *bs, const struct field_t *f,
 285                       char *base, int level)
 286{
 287        PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
 288
 289        INC_BIT(bs);
 290        if (nf_h323_error_boundary(bs, 0, 0))
 291                return H323_ERROR_BOUND;
 292        return H323_ERROR_NONE;
 293}
 294
 295static int decode_oid(struct bitstr *bs, const struct field_t *f,
 296                      char *base, int level)
 297{
 298        int len;
 299
 300        PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
 301
 302        BYTE_ALIGN(bs);
 303        if (nf_h323_error_boundary(bs, 1, 0))
 304                return H323_ERROR_BOUND;
 305
 306        len = *bs->cur++;
 307        bs->cur += len;
 308        if (nf_h323_error_boundary(bs, 0, 0))
 309                return H323_ERROR_BOUND;
 310
 311        return H323_ERROR_NONE;
 312}
 313
 314static int decode_int(struct bitstr *bs, const struct field_t *f,
 315                      char *base, int level)
 316{
 317        unsigned int len;
 318
 319        PRINT("%*.s%s", level * TAB_SIZE, " ", f->name);
 320
 321        switch (f->sz) {
 322        case BYTE:              /* Range == 256 */
 323                BYTE_ALIGN(bs);
 324                bs->cur++;
 325                break;
 326        case WORD:              /* 257 <= Range <= 64K */
 327                BYTE_ALIGN(bs);
 328                bs->cur += 2;
 329                break;
 330        case CONS:              /* 64K < Range < 4G */
 331                if (nf_h323_error_boundary(bs, 0, 2))
 332                        return H323_ERROR_BOUND;
 333                len = get_bits(bs, 2) + 1;
 334                BYTE_ALIGN(bs);
 335                if (base && (f->attr & DECODE)) {       /* timeToLive */
 336                        unsigned int v = get_uint(bs, len) + f->lb;
 337                        PRINT(" = %u", v);
 338                        *((unsigned int *)(base + f->offset)) = v;
 339                }
 340                bs->cur += len;
 341                break;
 342        case UNCO:
 343                BYTE_ALIGN(bs);
 344                if (nf_h323_error_boundary(bs, 2, 0))
 345                        return H323_ERROR_BOUND;
 346                len = get_len(bs);
 347                bs->cur += len;
 348                break;
 349        default:                /* 2 <= Range <= 255 */
 350                INC_BITS(bs, f->sz);
 351                break;
 352        }
 353
 354        PRINT("\n");
 355
 356        if (nf_h323_error_boundary(bs, 0, 0))
 357                return H323_ERROR_BOUND;
 358        return H323_ERROR_NONE;
 359}
 360
 361static int decode_enum(struct bitstr *bs, const struct field_t *f,
 362                       char *base, int level)
 363{
 364        PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
 365
 366        if ((f->attr & EXT) && get_bit(bs)) {
 367                INC_BITS(bs, 7);
 368        } else {
 369                INC_BITS(bs, f->sz);
 370        }
 371
 372        if (nf_h323_error_boundary(bs, 0, 0))
 373                return H323_ERROR_BOUND;
 374        return H323_ERROR_NONE;
 375}
 376
 377static int decode_bitstr(struct bitstr *bs, const struct field_t *f,
 378                         char *base, int level)
 379{
 380        unsigned int len;
 381
 382        PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
 383
 384        BYTE_ALIGN(bs);
 385        switch (f->sz) {
 386        case FIXD:              /* fixed length > 16 */
 387                len = f->lb;
 388                break;
 389        case WORD:              /* 2-byte length */
 390                if (nf_h323_error_boundary(bs, 2, 0))
 391                        return H323_ERROR_BOUND;
 392                len = (*bs->cur++) << 8;
 393                len += (*bs->cur++) + f->lb;
 394                break;
 395        case SEMI:
 396                if (nf_h323_error_boundary(bs, 2, 0))
 397                        return H323_ERROR_BOUND;
 398                len = get_len(bs);
 399                break;
 400        default:
 401                len = 0;
 402                break;
 403        }
 404
 405        bs->cur += len >> 3;
 406        bs->bit = len & 7;
 407
 408        if (nf_h323_error_boundary(bs, 0, 0))
 409                return H323_ERROR_BOUND;
 410        return H323_ERROR_NONE;
 411}
 412
 413static int decode_numstr(struct bitstr *bs, const struct field_t *f,
 414                         char *base, int level)
 415{
 416        unsigned int len;
 417
 418        PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
 419
 420        /* 2 <= Range <= 255 */
 421        if (nf_h323_error_boundary(bs, 0, f->sz))
 422                return H323_ERROR_BOUND;
 423        len = get_bits(bs, f->sz) + f->lb;
 424
 425        BYTE_ALIGN(bs);
 426        INC_BITS(bs, (len << 2));
 427
 428        if (nf_h323_error_boundary(bs, 0, 0))
 429                return H323_ERROR_BOUND;
 430        return H323_ERROR_NONE;
 431}
 432
 433static int decode_octstr(struct bitstr *bs, const struct field_t *f,
 434                         char *base, int level)
 435{
 436        unsigned int len;
 437
 438        PRINT("%*.s%s", level * TAB_SIZE, " ", f->name);
 439
 440        switch (f->sz) {
 441        case FIXD:              /* Range == 1 */
 442                if (f->lb > 2) {
 443                        BYTE_ALIGN(bs);
 444                        if (base && (f->attr & DECODE)) {
 445                                /* The IP Address */
 446                                IFTHEN(f->lb == 4,
 447                                       PRINT(" = %d.%d.%d.%d:%d",
 448                                             bs->cur[0], bs->cur[1],
 449                                             bs->cur[2], bs->cur[3],
 450                                             bs->cur[4] * 256 + bs->cur[5]));
 451                                *((unsigned int *)(base + f->offset)) =
 452                                    bs->cur - bs->buf;
 453                        }
 454                }
 455                len = f->lb;
 456                break;
 457        case BYTE:              /* Range == 256 */
 458                BYTE_ALIGN(bs);
 459                if (nf_h323_error_boundary(bs, 1, 0))
 460                        return H323_ERROR_BOUND;
 461                len = (*bs->cur++) + f->lb;
 462                break;
 463        case SEMI:
 464                BYTE_ALIGN(bs);
 465                if (nf_h323_error_boundary(bs, 2, 0))
 466                        return H323_ERROR_BOUND;
 467                len = get_len(bs) + f->lb;
 468                break;
 469        default:                /* 2 <= Range <= 255 */
 470                if (nf_h323_error_boundary(bs, 0, f->sz))
 471                        return H323_ERROR_BOUND;
 472                len = get_bits(bs, f->sz) + f->lb;
 473                BYTE_ALIGN(bs);
 474                break;
 475        }
 476
 477        bs->cur += len;
 478
 479        PRINT("\n");
 480
 481        if (nf_h323_error_boundary(bs, 0, 0))
 482                return H323_ERROR_BOUND;
 483        return H323_ERROR_NONE;
 484}
 485
 486static int decode_bmpstr(struct bitstr *bs, const struct field_t *f,
 487                         char *base, int level)
 488{
 489        unsigned int len;
 490
 491        PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
 492
 493        switch (f->sz) {
 494        case BYTE:              /* Range == 256 */
 495                BYTE_ALIGN(bs);
 496                if (nf_h323_error_boundary(bs, 1, 0))
 497                        return H323_ERROR_BOUND;
 498                len = (*bs->cur++) + f->lb;
 499                break;
 500        default:                /* 2 <= Range <= 255 */
 501                if (nf_h323_error_boundary(bs, 0, f->sz))
 502                        return H323_ERROR_BOUND;
 503                len = get_bits(bs, f->sz) + f->lb;
 504                BYTE_ALIGN(bs);
 505                break;
 506        }
 507
 508        bs->cur += len << 1;
 509
 510        if (nf_h323_error_boundary(bs, 0, 0))
 511                return H323_ERROR_BOUND;
 512        return H323_ERROR_NONE;
 513}
 514
 515static int decode_seq(struct bitstr *bs, const struct field_t *f,
 516                      char *base, int level)
 517{
 518        unsigned int ext, bmp, i, opt, len = 0, bmp2, bmp2_len;
 519        int err;
 520        const struct field_t *son;
 521        unsigned char *beg = NULL;
 522
 523        PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
 524
 525        /* Decode? */
 526        base = (base && (f->attr & DECODE)) ? base + f->offset : NULL;
 527
 528        /* Extensible? */
 529        if (nf_h323_error_boundary(bs, 0, 1))
 530                return H323_ERROR_BOUND;
 531        ext = (f->attr & EXT) ? get_bit(bs) : 0;
 532
 533        /* Get fields bitmap */
 534        if (nf_h323_error_boundary(bs, 0, f->sz))
 535                return H323_ERROR_BOUND;
 536        bmp = get_bitmap(bs, f->sz);
 537        if (base)
 538                *(unsigned int *)base = bmp;
 539
 540        /* Decode the root components */
 541        for (i = opt = 0, son = f->fields; i < f->lb; i++, son++) {
 542                if (son->attr & STOP) {
 543                        PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ",
 544                              son->name);
 545                        return H323_ERROR_STOP;
 546                }
 547
 548                if (son->attr & OPT) {  /* Optional component */
 549                        if (!((0x80000000U >> (opt++)) & bmp))  /* Not exist */
 550                                continue;
 551                }
 552
 553                /* Decode */
 554                if (son->attr & OPEN) { /* Open field */
 555                        if (nf_h323_error_boundary(bs, 2, 0))
 556                                return H323_ERROR_BOUND;
 557                        len = get_len(bs);
 558                        if (nf_h323_error_boundary(bs, len, 0))
 559                                return H323_ERROR_BOUND;
 560                        if (!base || !(son->attr & DECODE)) {
 561                                PRINT("%*.s%s\n", (level + 1) * TAB_SIZE,
 562                                      " ", son->name);
 563                                bs->cur += len;
 564                                continue;
 565                        }
 566                        beg = bs->cur;
 567
 568                        /* Decode */
 569                        if ((err = (Decoders[son->type]) (bs, son, base,
 570                                                          level + 1)) <
 571                            H323_ERROR_NONE)
 572                                return err;
 573
 574                        bs->cur = beg + len;
 575                        bs->bit = 0;
 576                } else if ((err = (Decoders[son->type]) (bs, son, base,
 577                                                         level + 1)) <
 578                           H323_ERROR_NONE)
 579                        return err;
 580        }
 581
 582        /* No extension? */
 583        if (!ext)
 584                return H323_ERROR_NONE;
 585
 586        /* Get the extension bitmap */
 587        if (nf_h323_error_boundary(bs, 0, 7))
 588                return H323_ERROR_BOUND;
 589        bmp2_len = get_bits(bs, 7) + 1;
 590        if (nf_h323_error_boundary(bs, 0, bmp2_len))
 591                return H323_ERROR_BOUND;
 592        bmp2 = get_bitmap(bs, bmp2_len);
 593        bmp |= bmp2 >> f->sz;
 594        if (base)
 595                *(unsigned int *)base = bmp;
 596        BYTE_ALIGN(bs);
 597
 598        /* Decode the extension components */
 599        for (opt = 0; opt < bmp2_len; opt++, i++, son++) {
 600                /* Check Range */
 601                if (i >= f->ub) {       /* Newer Version? */
 602                        if (nf_h323_error_boundary(bs, 2, 0))
 603                                return H323_ERROR_BOUND;
 604                        len = get_len(bs);
 605                        if (nf_h323_error_boundary(bs, len, 0))
 606                                return H323_ERROR_BOUND;
 607                        bs->cur += len;
 608                        continue;
 609                }
 610
 611                if (son->attr & STOP) {
 612                        PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ",
 613                              son->name);
 614                        return H323_ERROR_STOP;
 615                }
 616
 617                if (!((0x80000000 >> opt) & bmp2))      /* Not present */
 618                        continue;
 619
 620                if (nf_h323_error_boundary(bs, 2, 0))
 621                        return H323_ERROR_BOUND;
 622                len = get_len(bs);
 623                if (nf_h323_error_boundary(bs, len, 0))
 624                        return H323_ERROR_BOUND;
 625                if (!base || !(son->attr & DECODE)) {
 626                        PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ",
 627                              son->name);
 628                        bs->cur += len;
 629                        continue;
 630                }
 631                beg = bs->cur;
 632
 633                if ((err = (Decoders[son->type]) (bs, son, base,
 634                                                  level + 1)) <
 635                    H323_ERROR_NONE)
 636                        return err;
 637
 638                bs->cur = beg + len;
 639                bs->bit = 0;
 640        }
 641        return H323_ERROR_NONE;
 642}
 643
 644static int decode_seqof(struct bitstr *bs, const struct field_t *f,
 645                        char *base, int level)
 646{
 647        unsigned int count, effective_count = 0, i, len = 0;
 648        int err;
 649        const struct field_t *son;
 650        unsigned char *beg = NULL;
 651
 652        PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
 653
 654        /* Decode? */
 655        base = (base && (f->attr & DECODE)) ? base + f->offset : NULL;
 656
 657        /* Decode item count */
 658        switch (f->sz) {
 659        case BYTE:
 660                BYTE_ALIGN(bs);
 661                if (nf_h323_error_boundary(bs, 1, 0))
 662                        return H323_ERROR_BOUND;
 663                count = *bs->cur++;
 664                break;
 665        case WORD:
 666                BYTE_ALIGN(bs);
 667                if (nf_h323_error_boundary(bs, 2, 0))
 668                        return H323_ERROR_BOUND;
 669                count = *bs->cur++;
 670                count <<= 8;
 671                count += *bs->cur++;
 672                break;
 673        case SEMI:
 674                BYTE_ALIGN(bs);
 675                if (nf_h323_error_boundary(bs, 2, 0))
 676                        return H323_ERROR_BOUND;
 677                count = get_len(bs);
 678                break;
 679        default:
 680                if (nf_h323_error_boundary(bs, 0, f->sz))
 681                        return H323_ERROR_BOUND;
 682                count = get_bits(bs, f->sz);
 683                break;
 684        }
 685        count += f->lb;
 686
 687        /* Write Count */
 688        if (base) {
 689                effective_count = count > f->ub ? f->ub : count;
 690                *(unsigned int *)base = effective_count;
 691                base += sizeof(unsigned int);
 692        }
 693
 694        /* Decode nested field */
 695        son = f->fields;
 696        if (base)
 697                base -= son->offset;
 698        for (i = 0; i < count; i++) {
 699                if (son->attr & OPEN) {
 700                        BYTE_ALIGN(bs);
 701                        if (nf_h323_error_boundary(bs, 2, 0))
 702                                return H323_ERROR_BOUND;
 703                        len = get_len(bs);
 704                        if (nf_h323_error_boundary(bs, len, 0))
 705                                return H323_ERROR_BOUND;
 706                        if (!base || !(son->attr & DECODE)) {
 707                                PRINT("%*.s%s\n", (level + 1) * TAB_SIZE,
 708                                      " ", son->name);
 709                                bs->cur += len;
 710                                continue;
 711                        }
 712                        beg = bs->cur;
 713
 714                        if ((err = (Decoders[son->type]) (bs, son,
 715                                                          i <
 716                                                          effective_count ?
 717                                                          base : NULL,
 718                                                          level + 1)) <
 719                            H323_ERROR_NONE)
 720                                return err;
 721
 722                        bs->cur = beg + len;
 723                        bs->bit = 0;
 724                } else
 725                        if ((err = (Decoders[son->type]) (bs, son,
 726                                                          i <
 727                                                          effective_count ?
 728                                                          base : NULL,
 729                                                          level + 1)) <
 730                            H323_ERROR_NONE)
 731                                return err;
 732
 733                if (base)
 734                        base += son->offset;
 735        }
 736
 737        return H323_ERROR_NONE;
 738}
 739
 740static int decode_choice(struct bitstr *bs, const struct field_t *f,
 741                         char *base, int level)
 742{
 743        unsigned int type, ext, len = 0;
 744        int err;
 745        const struct field_t *son;
 746        unsigned char *beg = NULL;
 747
 748        PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
 749
 750        /* Decode? */
 751        base = (base && (f->attr & DECODE)) ? base + f->offset : NULL;
 752
 753        /* Decode the choice index number */
 754        if (nf_h323_error_boundary(bs, 0, 1))
 755                return H323_ERROR_BOUND;
 756        if ((f->attr & EXT) && get_bit(bs)) {
 757                ext = 1;
 758                if (nf_h323_error_boundary(bs, 0, 7))
 759                        return H323_ERROR_BOUND;
 760                type = get_bits(bs, 7) + f->lb;
 761        } else {
 762                ext = 0;
 763                if (nf_h323_error_boundary(bs, 0, f->sz))
 764                        return H323_ERROR_BOUND;
 765                type = get_bits(bs, f->sz);
 766                if (type >= f->lb)
 767                        return H323_ERROR_RANGE;
 768        }
 769
 770        /* Write Type */
 771        if (base)
 772                *(unsigned int *)base = type;
 773
 774        /* Check Range */
 775        if (type >= f->ub) {    /* Newer version? */
 776                BYTE_ALIGN(bs);
 777                if (nf_h323_error_boundary(bs, 2, 0))
 778                        return H323_ERROR_BOUND;
 779                len = get_len(bs);
 780                if (nf_h323_error_boundary(bs, len, 0))
 781                        return H323_ERROR_BOUND;
 782                bs->cur += len;
 783                return H323_ERROR_NONE;
 784        }
 785
 786        /* Transfer to son level */
 787        son = &f->fields[type];
 788        if (son->attr & STOP) {
 789                PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ", son->name);
 790                return H323_ERROR_STOP;
 791        }
 792
 793        if (ext || (son->attr & OPEN)) {
 794                BYTE_ALIGN(bs);
 795                if (nf_h323_error_boundary(bs, len, 0))
 796                        return H323_ERROR_BOUND;
 797                len = get_len(bs);
 798                if (nf_h323_error_boundary(bs, len, 0))
 799                        return H323_ERROR_BOUND;
 800                if (!base || !(son->attr & DECODE)) {
 801                        PRINT("%*.s%s\n", (level + 1) * TAB_SIZE, " ",
 802                              son->name);
 803                        bs->cur += len;
 804                        return H323_ERROR_NONE;
 805                }
 806                beg = bs->cur;
 807
 808                if ((err = (Decoders[son->type]) (bs, son, base, level + 1)) <
 809                    H323_ERROR_NONE)
 810                        return err;
 811
 812                bs->cur = beg + len;
 813                bs->bit = 0;
 814        } else if ((err = (Decoders[son->type]) (bs, son, base, level + 1)) <
 815                   H323_ERROR_NONE)
 816                return err;
 817
 818        return H323_ERROR_NONE;
 819}
 820
 821int DecodeRasMessage(unsigned char *buf, size_t sz, RasMessage *ras)
 822{
 823        static const struct field_t ras_message = {
 824                FNAME("RasMessage") CHOICE, 5, 24, 32, DECODE | EXT,
 825                0, _RasMessage
 826        };
 827        struct bitstr bs;
 828
 829        bs.buf = bs.beg = bs.cur = buf;
 830        bs.end = buf + sz;
 831        bs.bit = 0;
 832
 833        return decode_choice(&bs, &ras_message, (char *) ras, 0);
 834}
 835
 836static int DecodeH323_UserInformation(unsigned char *buf, unsigned char *beg,
 837                                      size_t sz, H323_UserInformation *uuie)
 838{
 839        static const struct field_t h323_userinformation = {
 840                FNAME("H323-UserInformation") SEQ, 1, 2, 2, DECODE | EXT,
 841                0, _H323_UserInformation
 842        };
 843        struct bitstr bs;
 844
 845        bs.buf = buf;
 846        bs.beg = bs.cur = beg;
 847        bs.end = beg + sz;
 848        bs.bit = 0;
 849
 850        return decode_seq(&bs, &h323_userinformation, (char *) uuie, 0);
 851}
 852
 853int DecodeMultimediaSystemControlMessage(unsigned char *buf, size_t sz,
 854                                         MultimediaSystemControlMessage *
 855                                         mscm)
 856{
 857        static const struct field_t multimediasystemcontrolmessage = {
 858                FNAME("MultimediaSystemControlMessage") CHOICE, 2, 4, 4,
 859                DECODE | EXT, 0, _MultimediaSystemControlMessage
 860        };
 861        struct bitstr bs;
 862
 863        bs.buf = bs.beg = bs.cur = buf;
 864        bs.end = buf + sz;
 865        bs.bit = 0;
 866
 867        return decode_choice(&bs, &multimediasystemcontrolmessage,
 868                             (char *) mscm, 0);
 869}
 870
 871int DecodeQ931(unsigned char *buf, size_t sz, Q931 *q931)
 872{
 873        unsigned char *p = buf;
 874        int len;
 875
 876        if (!p || sz < 1)
 877                return H323_ERROR_BOUND;
 878
 879        /* Protocol Discriminator */
 880        if (*p != 0x08) {
 881                PRINT("Unknown Protocol Discriminator\n");
 882                return H323_ERROR_RANGE;
 883        }
 884        p++;
 885        sz--;
 886
 887        /* CallReferenceValue */
 888        if (sz < 1)
 889                return H323_ERROR_BOUND;
 890        len = *p++;
 891        sz--;
 892        if (sz < len)
 893                return H323_ERROR_BOUND;
 894        p += len;
 895        sz -= len;
 896
 897        /* Message Type */
 898        if (sz < 2)
 899                return H323_ERROR_BOUND;
 900        q931->MessageType = *p++;
 901        sz--;
 902        PRINT("MessageType = %02X\n", q931->MessageType);
 903        if (*p & 0x80) {
 904                p++;
 905                sz--;
 906        }
 907
 908        /* Decode Information Elements */
 909        while (sz > 0) {
 910                if (*p == 0x7e) {       /* UserUserIE */
 911                        if (sz < 3)
 912                                break;
 913                        p++;
 914                        len = *p++ << 8;
 915                        len |= *p++;
 916                        sz -= 3;
 917                        if (sz < len)
 918                                break;
 919                        p++;
 920                        len--;
 921                        return DecodeH323_UserInformation(buf, p, len,
 922                                                          &q931->UUIE);
 923                }
 924                p++;
 925                sz--;
 926                if (sz < 1)
 927                        break;
 928                len = *p++;
 929                sz--;
 930                if (sz < len)
 931                        break;
 932                p += len;
 933                sz -= len;
 934        }
 935
 936        PRINT("Q.931 UUIE not found\n");
 937
 938        return H323_ERROR_BOUND;
 939}
 940