Wireshark-dev: Re: [Wireshark-dev] Extracting a GUID as a string from a TVB, SMB2 Extra Create
From: Pascal Quantin <pascal.quantin@xxxxxxxxx>
Date: Sat, 4 Oct 2014 23:23:46 +0200
2014-10-04 23:17 GMT+02:00 Richard Sharpe <realrichardsharpe@xxxxxxxxx>:
Hi folks,

I have come across a case where an Extra Create Parameter's TAG for a
CREATE request is a GUID. This is like things like DH2C (Durable
Handles V2) but it is for SHVXD, the crazy VHD over SMB2 stuff.

The tag is a GUID.

In dissect_smb2_olb_string, or something like it, I want to extract
the GUID as a string, eg "9ECFCB9C-04C1-980E-..." and use that to look
up the dissection routines ... [1]

How do I extract such as a string?

[1] Curiously there seems to be an example of such already in the form
of APP_INSTANCE stuff, but it seems like the tag is encoded in that
case in the string form of a GUID. In the SHVX case, it is a binary
GUID. Sigh.

Hi Richard,

presumably you want to fetch the GUID from the TVB thanks to the tvb_get_ntohguid() / tvb_get_letohguid() / tvb_get_guid() routines and then convert it to a string thanks to guid_to_ep_str() function.

Regards,
Pascal.