Dailydave mailing list archives
p2psvc.dll idl function definition ambiguities - any ideas?
From: Rich Smith <richard.j.smith () hp com>
Date: Thu, 10 Jan 2008 17:51:31 +0000
Hi all, I've been playing about with some MSRPC stuff in an effort to improve some fingerprinting techniques and have come up with some ambiguities in p2psvc.dll that I can't explain - so I was wondering if anyone on list might be able to :) On unmidl'ing p2psvc.dll from a base install of XP with SP2 (no patches) and one from an XP SP2 that is patched up to date shows differences in the type & function definitions of the interfaces a2d47257-12f7-4beb-8981-0ebfa935c407 (pnrpsvc) & 8174bb16-571b-4c38-8386-1102b449044a (IP2pIMSvc) but their interface version numbers haven't been changed? Specifically functions 0x05 (register) an 0x07 (resolve) for pnrpsvc have some different and extra arguments, in addition to differences in type definitions (partial idl's included at end). I thought (though I'm happy to be corrected) that the whole point of the UUID and version number was so that you always knew your were communicating with an interface that understood things were the way you understood them to be - so how can the same interface have the same UUID & version and different function definitions, surely this causes incompatibility? The question this also raises is to why the changes were made, anyone any insight? I'm currently in the process of tracking down which patch introduced the changes, so I'll update when I find out. Cheers Rich [partial idl's - {*DD*} denotes difference] <snip XP_SP2_NO_PATCH> ... ... //NDR Version = 0002 //IDL [ uuid(a2d47257-12f7-4beb-8981-0ebfa935c407), version(1.0) ] interface myinterface ... ... long Function_05( [out] [context_handle] void * element_38823, {*DD*}[in] [context_handle] void * element_38824, [in] [string] wchar_t * element_38825, [in] [unique] [string] wchar_t * element_38826, [in] TYPE_3 * element_38827, [in] [unique] TYPE_6 ** element_38841, [out] TYPE_6 * element_38843, [in] long element_38844, [in,out] [unique] long * element_38845 ); ... ... long Function_07( [out] [context_handle] void * element_38849, {*DD*}[in] [context_handle] void * element_38850, {*DD*}[in] [string] wchar_t * element_38851, [in] [string] wchar_t * element_38852, [in] long element_38853, [in] long element_38854, [in] /* enum */ unsigned short element_38855, [in] [unique] TYPE_6 ** element_38856, [in] long element_38857, [in] long element_38858, [in] long element_38859, [in,out] [unique] long * element_38860 ); ... ... </snip XP_SP2_NO_PATCH> <snip XP_SP2_UP2DATE> ... ... //NDR Version = 0002 //IDL [ uuid(a2d47257-12f7-4beb-8981-0ebfa935c407), version(1.0) ] interface myinterface ... ... long Function_05( [out] [context_handle] void * element_23239, {*DD*}[in] long element_23240, [in] [string] wchar_t * element_23241, [in] [unique] [string] wchar_t * element_23242, [in] TYPE_3 * element_23243, [in] [unique] TYPE_7 ** element_23263, [out] TYPE_7 * element_23265, [in] long element_23266, [in,out] [unique] long * element_23267 ); ... ... long Function_07( [out] [context_handle] void * element_23271, {*DD*}[in] long element_23272, {*DD*}[in] [unique] [string] wchar_t * element_23273, [in] [string] wchar_t * element_23274, [in] long element_23275, [in] long element_23276, [in] /* enum */ unsigned short element_23277, [in] [unique] TYPE_7 ** element_23278, [in] long element_23279, [in] long element_23280, [in] long element_23281, {*DD*}[in] long element_23282, {*DD*}[in] long element_23283, [in,out] [unique] long * element_23284 ); ... ... </snip XP_SP2_UP2DATE> -- Rich Smith Trusted Systems Lab Hewlett-Packard Labs -- Hewlett-Packard Limited registered Office: Cain Road, Bracknell, Berks RG12 1HN Registered No: 690597 England The contents of this message and any attachments to it are confidential and may be legally privileged. If you have received this message in error, you should delete it from your system immediately and advise the sender. To any recipient of this message within HP, unless otherwise stated you should consider this message and attachments as "HP CONFIDENTIAL". -- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- p2psvc.dll idl function definition ambiguities - any ideas? Rich Smith (Jan 14)
- Re: p2psvc.dll idl function definition ambiguities - any ideas? Nicolas RUFF (Jan 14)
- Re: p2psvc.dll idl function definition ambiguities - any ideas? Rich Smith (Jan 15)
- Re: p2psvc.dll idl function definition ambiguities - any ideas? Nicolas RUFF (Jan 14)