mirror of
https://github.com/rapid7/metasploit-payloads
synced 2025-03-30 22:19:17 +02:00
3b40f1abd0
This work contains a bunch of changes around command dispatching. The goals for this bit of work were to: * Provide the ability for commands to be executed on the same thread as the server rather than always creating new threads and executing them on those threads. * Have the means for _special_ commands, such as `exit` and `migrate` to shut down the server cleanly without having to rely on signalling across threads or by doing brutal thread termination via shared global handles. This should not only fix the dirty shutdown problem on Windows which leaves tasks dangling (or based on the prior attempt at fixing, crashing stuff as well), it should also help clean up the shutdown process in POSIX. These changes hit a very important part of Meterpreter and so should be reviewed with intense scrutnity. I expect this PR to garner a log of critique and most likely a number of changes before being included in the main line. The `PacketDispatcher` was modified to include a new function pointer called an `inline_handler`. This new member indicates that there's a handler which should be invoked inline. While this sits alongside the existing `handler`, they are actually mutually exclusive. If an `inline_handler` is specified then the `handler` is ignored and it is assumed that the command is intended to be handled inline. The signature of the inline handler is different to the standard handler, and this is why a new function pointer was added rather than a simple flag. Addition of this parameter meant that the basic command structure changed, and that obviously affects all of the extensions and their respective commands. This changeset therefore updates each of those command declarations so that they use the new macros that hide this detail. Other things to be mindful of: * This version of the code reads the command's `method` prior to invoking any other function, and after that the command itself is passed around to the threaded or non-threaded routes for invocation. An extra thread parameter was included as as result, and an overload for the `thread_create` function was added which supported this new parameter. This was named `thread_create3` because `thread_create_with_another_paramter` sounded a bit crap. * The migration code, which originally had a `thread_kill` and an event wait once the new meterpreter session had been created, has been modified to not do any waiting at all. Instead it finishes execution as fast as possible and returns control to the server which should respond by shutting down in a clean way. * Originally the code always attempted to call a command handler in the base command list and then, if found, would also call an "overload" in the extension commands list. From the investigation that I did, it appears that the overloaded methods did nothing in the base (they'd early out during invocation). As a result, the new way of doing things acts like a 'true' overload in that the extension commands are searched first, and if one is found this is the command that is executed. Any base commands with the same method name will not get executed. In the case where there is no extension command found, the base command list is then queried. If a command is found that command is instead invoked. * The POSIX version still compiles cleanly, but I've never been able to build a version that runs on my machines. I'm not sure if there's a trick to getting POSIX builds to run, and if there is I don't know it. Whoever scrutinises this build should make sure that the POSIX version that they build can still run and (hopefully) exit cleanly. I've added lots of documentation, but there's always room for improvement. Hopefully this will fix the `*_tcp` side of Redmine 8438. Bring on the feedback!
562 lines
18 KiB
C
562 lines
18 KiB
C
/*!
|
|
* @file base.c
|
|
* @brief Definitions that apply to almost any Meterpreter component.
|
|
*/
|
|
#include "common.h"
|
|
|
|
// Local remote request implementors
|
|
extern DWORD remote_request_core_console_write( Remote *remote, Packet *packet );
|
|
|
|
extern DWORD remote_request_core_channel_open( Remote *remote, Packet *packet );
|
|
extern DWORD remote_request_core_channel_write( Remote *remote, Packet *packet );
|
|
extern DWORD remote_request_core_channel_read( Remote *remote, Packet *packet );
|
|
extern DWORD remote_request_core_channel_close( Remote *remote, Packet *packet );
|
|
extern DWORD remote_request_core_channel_seek( Remote *remote, Packet *packet );
|
|
extern DWORD remote_request_core_channel_eof( Remote *remote, Packet *packet );
|
|
extern DWORD remote_request_core_channel_tell( Remote *remote, Packet *packet );
|
|
extern DWORD remote_request_core_channel_interact( Remote *remote, Packet *packet );
|
|
|
|
extern DWORD remote_request_core_crypto_negotiate( Remote *remote, Packet *packet );
|
|
|
|
extern BOOL remote_request_core_shutdown(Remote *remote, Packet *packe, DWORD* pResult);
|
|
|
|
extern BOOL remote_request_core_migrate( Remote *remote, Packet *packet, DWORD* pResult );
|
|
|
|
// Local remote response implementors
|
|
extern DWORD remote_response_core_console_write( Remote *remote, Packet *packet );
|
|
|
|
extern DWORD remote_response_core_channel_open( Remote *remote, Packet *packet );
|
|
extern DWORD remote_response_core_channel_close( Remote *remote, Packet *packet );
|
|
|
|
DWORD remote_request_core_console_write( Remote *remote, Packet *packet )
|
|
{
|
|
return ERROR_SUCCESS;
|
|
}
|
|
|
|
DWORD remote_response_core_console_write( Remote *remote, Packet *packet )
|
|
{
|
|
return ERROR_SUCCESS;
|
|
}
|
|
|
|
BOOL command_execute_base( Remote *remote, Packet *packet, const char* method, DWORD *result );
|
|
BOOL command_execute_extension( Remote *remote, Packet *packet, const char* method, DWORD *result );
|
|
BOOL command_is_inline( Command *command, Packet *packet );
|
|
Command* command_locate( Packet *packet );
|
|
DWORD command_validate_arguments(Command *command, Packet *packet);
|
|
DWORD THREADCALL command_process_thread( THREAD * thread );
|
|
|
|
|
|
/*!
|
|
* @brief Base RPC dispatch table.
|
|
*/
|
|
Command base_commands[] =
|
|
{
|
|
// Console commands
|
|
{ "core_console_write",
|
|
{ remote_request_core_console_write, NULL, { TLV_META_TYPE_STRING }, 1 | ARGUMENT_FLAG_REPEAT },
|
|
{ remote_response_core_console_write, NULL, EMPTY_TLV },
|
|
},
|
|
|
|
// Native Channel commands
|
|
COMMAND_REQ_REP( "core_channel_open", remote_request_core_channel_open, remote_response_core_channel_open ), // this overloads the base "core_channel_open"
|
|
COMMAND_REQ( "core_channel_write", remote_request_core_channel_write ),
|
|
COMMAND_REQ_REP( "core_channel_close", remote_request_core_channel_close, remote_response_core_channel_close ),
|
|
|
|
// Buffered/Pool channel commands
|
|
COMMAND_REQ( "core_channel_read", remote_request_core_channel_read ),
|
|
// Pool channel commands
|
|
COMMAND_REQ( "core_channel_seek", remote_request_core_channel_seek ),
|
|
COMMAND_REQ( "core_channel_eof", remote_request_core_channel_eof ),
|
|
COMMAND_REQ( "core_channel_tell", remote_request_core_channel_tell ),
|
|
// Soon to be deprecated
|
|
COMMAND_REQ( "core_channel_interact", remote_request_core_channel_interact ),
|
|
// Crypto
|
|
COMMAND_REQ( "core_crypto_negotiate", remote_request_core_crypto_negotiate ),
|
|
// Migration
|
|
COMMAND_INLINE_REQ( "core_migrate", remote_request_core_migrate ),
|
|
// Shutdown
|
|
COMMAND_INLINE_REQ( "core_shutdown", remote_request_core_shutdown ),
|
|
// Terminator
|
|
COMMAND_TERMINATOR
|
|
};
|
|
|
|
/*!
|
|
* @brief Dynamically registered command extensions.
|
|
* @details A linked list of commands registered on the fly by reflectively-loaded extensions.
|
|
*/
|
|
Command *extension_commands = NULL;
|
|
|
|
/*!
|
|
* @brief Register a full list of commands with meterpreter.
|
|
* @param commands The array of commands that are to be registered for the module/extension.
|
|
*/
|
|
void command_register_all(Command commands[])
|
|
{
|
|
DWORD index;
|
|
|
|
for (index = 0; commands[index].method; index++)
|
|
command_register( &commands[index] );
|
|
}
|
|
|
|
/*!
|
|
* @brief Dynamically register a custom command handler
|
|
* @param command Pointer to the command that should be registered.
|
|
* @return `ERROR_SUCCESS` when command registers successfully, otherwise returns the error.
|
|
*/
|
|
DWORD command_register(Command *command)
|
|
{
|
|
Command *newCommand;
|
|
|
|
dprintf("Registering a new command (%s)...", command->method);
|
|
if (!(newCommand = (Command *)malloc(sizeof(Command))))
|
|
return ERROR_NOT_ENOUGH_MEMORY;
|
|
|
|
dprintf("Allocated memory...");
|
|
memcpy(newCommand, command, sizeof(Command));
|
|
|
|
dprintf("Setting new command...");
|
|
if (extension_commands)
|
|
extension_commands->prev = newCommand;
|
|
|
|
dprintf("Fixing next/prev...");
|
|
newCommand->next = extension_commands;
|
|
newCommand->prev = NULL;
|
|
extension_commands = newCommand;
|
|
|
|
dprintf("Done...");
|
|
return ERROR_SUCCESS;
|
|
}
|
|
|
|
/*!
|
|
* @brief Deregister a full list of commands from meterpreter.
|
|
* @param commands The array of commands that are to be deregistered from the module/extension.
|
|
*/
|
|
void command_deregister_all(Command commands[])
|
|
{
|
|
DWORD index;
|
|
|
|
for (index = 0; commands[index].method; index++)
|
|
command_deregister(&commands[index]);
|
|
}
|
|
|
|
/*!
|
|
* @brief Dynamically deregister a custom command handler
|
|
* @param command Pointer to the command that should be deregistered.
|
|
* @return `ERROR_SUCCESS` when command deregisters successfully, otherwise returns the error.
|
|
*/
|
|
DWORD command_deregister(Command *command)
|
|
{
|
|
Command *current, *prev;
|
|
DWORD res = ERROR_NOT_FOUND;
|
|
|
|
// Search the extension list for the command
|
|
for (current = extension_commands, prev = NULL;
|
|
current;
|
|
prev = current, current = current->next)
|
|
{
|
|
if (strcmp(command->method, current->method))
|
|
continue;
|
|
|
|
if (prev)
|
|
prev->next = current->next;
|
|
else
|
|
extension_commands = current->next;
|
|
|
|
if (current->next)
|
|
current->next->prev = prev;
|
|
|
|
// Deallocate it
|
|
free(current);
|
|
|
|
res = ERROR_SUCCESS;
|
|
|
|
break;
|
|
}
|
|
|
|
return res;
|
|
}
|
|
|
|
/*! * @brief A list of all command threads currenlty executing. */
|
|
LIST * commandThreadList = NULL;
|
|
|
|
/*!
|
|
* @brief Block untill all running command threads have finished.
|
|
*/
|
|
VOID command_join_threads( VOID )
|
|
{
|
|
while( list_count( commandThreadList ) > 0 )
|
|
{
|
|
THREAD * thread = (THREAD *)list_get( commandThreadList, 0 );
|
|
if( thread )
|
|
thread_join( thread );
|
|
}
|
|
}
|
|
|
|
#ifndef _WIN32
|
|
/*!
|
|
* @brief Reap child zombie threads on linux 2.4 (before NPTL).
|
|
* @detail Each thread appears as a process and pthread_join don't necessarily reap it
|
|
* threads are created using the clone syscall, so use special __WCLONE flag in waitpid.
|
|
*/
|
|
VOID reap_zombie_thread(void * param)
|
|
{
|
|
while(1) {
|
|
waitpid(-1, NULL, __WCLONE);
|
|
// on 2.6 kernels, don't chew 100% CPU
|
|
usleep(500000);
|
|
}
|
|
}
|
|
#endif
|
|
|
|
/*!
|
|
* @brief Process a command directly on the current thread.
|
|
* @param command Pointer to the \c Command to be executed.
|
|
* @param remote Pointer to the \c Remote endpoint for this command.
|
|
* @param packet Pointer to the \c Packet containing the command detail.
|
|
* @returns Boolean value indicating if the server should continue processing.
|
|
* @retval TRUE The server can and should continue processing.
|
|
* @retval FALSE The server should stop processing and shut down.
|
|
* @sa command_handle
|
|
* @sa command_process_thread
|
|
*/
|
|
BOOL command_process_inline( Command *command, Remote *remote, Packet *packet )
|
|
{
|
|
DWORD result;
|
|
BOOL serverContinue = TRUE;
|
|
Tlv requestIdTlv;
|
|
PCHAR requestId;
|
|
PacketTlvType packetTlvType;
|
|
|
|
dprintf( "[COMMAND] Executing command %s", command->method );
|
|
|
|
__try
|
|
{
|
|
do
|
|
{
|
|
#ifdef _WIN32
|
|
// Impersonate the thread token if needed (only on Windows)
|
|
if(remote->hServerToken != remote->hThreadToken) {
|
|
if(! ImpersonateLoggedOnUser(remote->hThreadToken)) {
|
|
dprintf( "[COMMAND] Failed to impersonate thread token (%s) (%u)", command->method, GetLastError());
|
|
}
|
|
}
|
|
#endif
|
|
|
|
// Validate the arguments, if requested. Always make sure argument
|
|
// lengths are sane.
|
|
if( (result = command_validate_arguments( command, packet )) != ERROR_SUCCESS )
|
|
break;
|
|
|
|
packetTlvType = packet_get_type( packet );
|
|
switch ( packetTlvType )
|
|
{
|
|
case PACKET_TLV_TYPE_REQUEST:
|
|
case PACKET_TLV_TYPE_PLAIN_REQUEST:
|
|
if (command->request.inline_handler) {
|
|
dprintf( "[DISPATCH] executing inline request handler %s", command->method );
|
|
serverContinue = command->request.inline_handler( remote, packet, &result );
|
|
} else {
|
|
dprintf( "[DISPATCH] executing request handler %s", command->method );
|
|
result = command->request.handler( remote, packet );
|
|
}
|
|
break;
|
|
case PACKET_TLV_TYPE_RESPONSE:
|
|
case PACKET_TLV_TYPE_PLAIN_RESPONSE:
|
|
if (command->response.inline_handler) {
|
|
dprintf( "[DISPATCH] executing inline response handler %s", command->method );
|
|
serverContinue = command->response.inline_handler( remote, packet, &result );
|
|
} else {
|
|
dprintf( "[DISPATCH] executing response handler %s", command->method );
|
|
result = command->response.handler( remote, packet );
|
|
}
|
|
break;
|
|
}
|
|
|
|
dprintf("[COMMAND] Calling completion handlers...");
|
|
|
|
// Get the request identifier if the packet has one.
|
|
if ( packet_get_tlv_string( packet, TLV_TYPE_REQUEST_ID, &requestIdTlv ) == ERROR_SUCCESS )
|
|
requestId = (PCHAR)requestIdTlv.buffer;
|
|
|
|
// Finally, call completion routines for the provided identifier
|
|
if( ((packetTlvType == PACKET_TLV_TYPE_RESPONSE) || (packetTlvType == PACKET_TLV_TYPE_PLAIN_RESPONSE)) && requestId)
|
|
packet_call_completion_handlers( remote, packet, requestId );
|
|
|
|
} while( 0 );
|
|
}
|
|
__except( EXCEPTION_EXECUTE_HANDLER )
|
|
{
|
|
dprintf("[COMMAND] Exception hit in command %s", command->method );
|
|
}
|
|
|
|
packet_destroy( packet );
|
|
|
|
return serverContinue;
|
|
}
|
|
|
|
/*!
|
|
* @brief Handle an incoming command.
|
|
* @param remote Pointer to the \c Remote instance associated with this command.
|
|
* @param packet Pointer to the \c Packet containing the command data.
|
|
* @retval TRUE The server can and should continue processing.
|
|
* @retval FALSE The server should stop processing and shut down.
|
|
* @remark This function was incorporate to help support two things in meterpreter:
|
|
* -# A way of allowing a command to be processed directly on the main server
|
|
* thread and not on another thread (which in some cases can cause problems).
|
|
* -# A cleaner way of shutting down the server so that container processes
|
|
* can shutdown cleanly themselves, where appropriate.
|
|
*
|
|
* This function will look at the command definition and determine if it should
|
|
* be executed inline or on a new command thread.
|
|
* @sa command_process_inline
|
|
* @sa command_process_thread
|
|
*/
|
|
BOOL command_handle( Remote *remote, Packet *packet )
|
|
{
|
|
BOOL result = TRUE;
|
|
THREAD* cpt = NULL;
|
|
Command* command = NULL;
|
|
|
|
do
|
|
{
|
|
command = command_locate( packet );
|
|
|
|
if( command == NULL ) {
|
|
// We have no matching command for this packet, so it won't get handled. We
|
|
// need to clean up here before exiting out.
|
|
packet_destroy( packet );
|
|
break;
|
|
}
|
|
|
|
if( command_is_inline( command, packet ) ) {
|
|
dprintf( "Executing inline: %s", command->method );
|
|
result = command_process_inline( command, remote, packet );
|
|
} else {
|
|
dprintf( "Executing in thread: %s", command->method );
|
|
cpt = thread_create3( command_process_thread, remote, packet, command );
|
|
if( cpt )
|
|
{
|
|
dprintf( "[DISPATCH] created command_process_thread 0x%08X, handle=0x%08X", cpt, cpt->handle );
|
|
thread_run( cpt );
|
|
}
|
|
}
|
|
} while(0);
|
|
|
|
return result;
|
|
}
|
|
|
|
/*!
|
|
* @brief Process a single command in a seperate thread of execution.
|
|
* @param thread Pointer to the thread to execute.
|
|
* @return Result of thread execution (not the result of the command).
|
|
* @sa command_handle
|
|
* @sa command_process_thread
|
|
*/
|
|
DWORD THREADCALL command_process_thread( THREAD * thread )
|
|
{
|
|
Command * command = NULL;
|
|
Remote * remote = NULL;
|
|
Packet * packet = NULL;
|
|
|
|
if( thread == NULL )
|
|
return ERROR_INVALID_HANDLE;
|
|
|
|
remote = (Remote *)thread->parameter1;
|
|
if( remote == NULL )
|
|
return ERROR_INVALID_HANDLE;
|
|
|
|
packet = (Packet *)thread->parameter2;
|
|
if( packet == NULL )
|
|
return ERROR_INVALID_DATA;
|
|
|
|
command = (Command *)thread->parameter3;
|
|
if( command == NULL )
|
|
return ERROR_INVALID_DATA;
|
|
|
|
if( commandThreadList == NULL )
|
|
{
|
|
commandThreadList = list_create();
|
|
if( commandThreadList == NULL )
|
|
return ERROR_INVALID_HANDLE;
|
|
|
|
#ifndef _WIN32
|
|
pthread_t tid;
|
|
pthread_create(&tid, NULL, reap_zombie_thread, NULL);
|
|
dprintf("reap_zombie_thread created, thread_id : 0x%x",tid);
|
|
#endif
|
|
}
|
|
|
|
list_add( commandThreadList, thread );
|
|
|
|
command_process_inline( command, remote, packet );
|
|
|
|
if( list_remove( commandThreadList, thread ) )
|
|
thread_destroy( thread );
|
|
|
|
return ERROR_SUCCESS;
|
|
}
|
|
|
|
/*!
|
|
* @brief Determine if a given command/packet combination should be invoked inline.
|
|
* @param command Pointer to the \c Command being invoked.
|
|
* @param packet Pointer to the \c Packet being received/sent.
|
|
* @returns Boolean indication of whether the command should be executed inline.
|
|
* @retval TRUE The command should be executed inline on the current thread.
|
|
* @retval FALSE The command should be executed on a new thread.
|
|
*/
|
|
BOOL command_is_inline( Command *command, Packet *packet )
|
|
{
|
|
switch (packet_get_type( packet ))
|
|
{
|
|
case PACKET_TLV_TYPE_REQUEST:
|
|
case PACKET_TLV_TYPE_PLAIN_REQUEST:
|
|
if (command->request.inline_handler)
|
|
return TRUE;
|
|
case PACKET_TLV_TYPE_RESPONSE:
|
|
case PACKET_TLV_TYPE_PLAIN_RESPONSE:
|
|
if (command->response.inline_handler)
|
|
return TRUE;
|
|
}
|
|
|
|
return FALSE;
|
|
}
|
|
|
|
/*!
|
|
* @brief Attempt to locate a command in the base command list.
|
|
* @param method String that identifies the command.
|
|
* @returns Pointer to the command entry in the base command list.
|
|
* @retval NULL Indicates that no command was found for the given method.
|
|
* @retval NON-NULL Pointer to the command that can be executed.
|
|
*/
|
|
Command* command_locate_base( const char* method )
|
|
{
|
|
DWORD index;
|
|
|
|
dprintf( "[COMMAND EXEC] Attempting to locate base command %s", method );
|
|
for( index = 0; base_commands[index].method ; ++index )
|
|
if( strcmp( base_commands[index].method, method ) == 0 )
|
|
return &base_commands[index];
|
|
|
|
dprintf( "[COMMAND EXEC] Couldn't find base command %s", method );
|
|
return NULL;
|
|
}
|
|
|
|
/*!
|
|
* @brief Attempt to locate a command in the extensions command list.
|
|
* @param method String that identifies the command.
|
|
* @returns Pointer to the command entry in the extensions command list.
|
|
* @retval NULL Indicates that no command was found for the given method.
|
|
* @retval NON-NULL Pointer to the command that can be executed.
|
|
*/
|
|
Command* command_locate_extension( const char* method )
|
|
{
|
|
Command* command;
|
|
|
|
dprintf( "[COMMAND EXEC] Attempting to locate extension command %s", method );
|
|
for( command = extension_commands; command; command = command->next )
|
|
if( strcmp( command->method, method ) == 0 )
|
|
return command;
|
|
|
|
dprintf( "[COMMAND EXEC] Couldn't find extension command %s", method );
|
|
return NULL;
|
|
}
|
|
|
|
/*!
|
|
* @brief Attempt to locate a command to execute based on the method.
|
|
* @param method String that identifies the command.
|
|
* @returns Pointer to the command entry to execute.
|
|
* @retval NULL Indicates that no command was found for the given method.
|
|
* @retval NON-NULL Pointer to the command that can be executed.
|
|
* @remark This function tries to find an extension command first. If
|
|
* found it will be returned. If not, the base command list is
|
|
* queried. This supports the notion of extensions overloading
|
|
* the base commands.
|
|
* @sa command_locate_extension
|
|
* @sa command_locate_base
|
|
*/
|
|
Command* command_locate( Packet *packet )
|
|
{
|
|
Command* command = NULL;
|
|
DWORD dwResult;
|
|
Tlv methodTlv;
|
|
|
|
do
|
|
{
|
|
dwResult = packet_get_tlv_string( packet, TLV_TYPE_METHOD, &methodTlv );
|
|
|
|
if( dwResult != ERROR_SUCCESS )
|
|
BREAK_ON_ERROR( "[COMMAND] Unable to extract method from packet." );
|
|
|
|
// check for an overload first.
|
|
command = command_locate_extension( (PCHAR)methodTlv.buffer );
|
|
|
|
// if no overload, then fallback on base.
|
|
if( command == NULL )
|
|
command = command_locate_base( (PCHAR)methodTlv.buffer );
|
|
} while(0);
|
|
|
|
return command;
|
|
}
|
|
|
|
/*!
|
|
* @brief Validate command arguments
|
|
* @return Indication of whether the commands are valid or not.
|
|
* @retval ERROR_SUCCESS All arguments are valid.
|
|
* @retval ERROR_INVALID_PARAMETER An invalid parameter exists.
|
|
*/
|
|
DWORD command_validate_arguments(Command *command, Packet *packet)
|
|
{
|
|
PacketDispatcher *dispatcher = NULL;
|
|
PacketTlvType type = packet_get_type(packet);
|
|
DWORD res = ERROR_SUCCESS,
|
|
packetIndex, commandIndex;
|
|
Tlv current;
|
|
|
|
// Select the dispatcher table
|
|
if ((type == PACKET_TLV_TYPE_RESPONSE) ||
|
|
(type == PACKET_TLV_TYPE_PLAIN_RESPONSE))
|
|
dispatcher = &command->response;
|
|
else
|
|
dispatcher = &command->request;
|
|
|
|
// Enumerate the arguments, validating the meta types of each
|
|
for (commandIndex = 0, packetIndex = 0;
|
|
((packet_enum_tlv(packet, packetIndex, TLV_TYPE_ANY, ¤t) == ERROR_SUCCESS)
|
|
&& (res == ERROR_SUCCESS));
|
|
commandIndex++, packetIndex++)
|
|
{
|
|
TlvMetaType tlvMetaType;
|
|
|
|
// Check to see if we've reached the end of the command arguments
|
|
if ((dispatcher->numArgumentTypes) &&
|
|
(commandIndex == (dispatcher->numArgumentTypes & ARGUMENT_FLAG_MASK)))
|
|
{
|
|
// If the repeat flag is set, reset the index
|
|
if (commandIndex & ARGUMENT_FLAG_REPEAT)
|
|
commandIndex = 0;
|
|
else
|
|
break;
|
|
}
|
|
|
|
// Make sure the argument is at least one of the meta types
|
|
tlvMetaType = packet_get_tlv_meta(packet, ¤t);
|
|
|
|
// Validate argument meta types
|
|
switch (tlvMetaType)
|
|
{
|
|
case TLV_META_TYPE_STRING:
|
|
if (packet_is_tlv_null_terminated(¤t) != ERROR_SUCCESS)
|
|
res = ERROR_INVALID_PARAMETER;
|
|
break;
|
|
default:
|
|
break;
|
|
}
|
|
|
|
if ((res != ERROR_SUCCESS) &&
|
|
(commandIndex < dispatcher->numArgumentTypes))
|
|
break;
|
|
}
|
|
|
|
return res;
|
|
}
|