Merge pull request #1 from mohemiv/ndr

Optimizing NDR parser to work with large-sized RPC results

impacket/dcerpc/v5/dcomrt.py

@@ -333,7 +333,7 @@ class DUALSTRINGARRAYPACKED(NDRSTRUCT):
         ('wSecurityOffset',USHORT),
         ('aStringArray',':'),
     )
-    def getDataLen(self, data):
+    def getDataLen(self, data, offset=0):
         return self['wNumEntries']*2
 
 # 2.2.18.7 OBJREF_EXTENDED

impacket/dcerpc/v5/drsuapi.py

@@ -625,7 +625,7 @@ class DSNAME(NDRSTRUCT):
         ('NameLen',ULONG),
         ('StringName', WCHAR_ARRAY),
     )
-    def getDataLen(self, data):
+    def getDataLen(self, data, offset=0):
         return self['NameLen']
     def getData(self, soFar = 0):
         return NDRSTRUCT.getData(self, soFar)

impacket/dcerpc/v5/dtypes.py

@@ -59,8 +59,8 @@ class PCHAR(NDRPOINTER):
     )
 
 class WIDESTR(NDRUniFixedArray):
-    def getDataLen(self, data):
-        return data.find(b'\x00\x00\x00')+3
+    def getDataLen(self, data, offset=0):
+        return data.find(b'\x00\x00\x00', offset)+3-offset
 
     def __setitem__(self, key, value):
         if key == 'Data':
@@ -130,7 +130,7 @@ def __getitem__(self, key):
         else:
             return NDR.__getitem__(self,key)
 
-    def getDataLen(self, data):
+    def getDataLen(self, data, offset=0):
         return self["ActualCount"]
 
 class LPSTR(NDRPOINTER):
@@ -161,7 +161,7 @@ def dump(self, msg = None, indent = 0):
         # Here just print the data
         print(" %r" % (self['Data']), end=' ')
 
-    def getDataLen(self, data):
+    def getDataLen(self, data, offset=0):
         return self["ActualCount"]*2 
 
     def __setitem__(self, key, value):
@@ -446,7 +446,7 @@ class DWORD_ARRAY(NDRUniConformantArray):
 class RPC_SID_IDENTIFIER_AUTHORITY(NDRUniFixedArray):
     align = 1
     align64 = 1
-    def getDataLen(self, data):
+    def getDataLen(self, data, offset=0):
         return 6
 
 class RPC_SID(NDRSTRUCT):