Add 'buffer' to the string whitelist

gpotter2 · gpotter2 · commit 2bd5265f95fd · 2025-08-20T18:28:44.000+02:00
diff --git a/midl-to-scapy/scapy_obj.py b/midl-to-scapy/scapy_obj.py
@@ -561,7 +561,10 @@ def to_string(self, context, toplevel=False, _in_array=False):
                         and (
                             self.subtype.scapy_field in IMPLICIT_STRINGS
                             or (
-                                any(x in self.name.lower() for x in ["str", "data"])
+                                any(
+                                    x in self.name.lower()
+                                    for x in ["str", "data", "buffer"]
+                                )
                                 and self.subtype.scapy_field
                                 in (IMPLICIT_STRINGS + WCHAR_TYPES)
                             )
diff --git a/scapy-rpc/msrpcs/ms_drsr.py b/scapy-rpc/msrpcs/ms_drsr.py
@@ -24,7 +24,6 @@
     NDRConfPacketListField,
     NDRConfStrLenField,
     NDRConfStrLenFieldUtf16,
-    NDRConfVarFieldListField,
     NDRConfVarStrLenField,
     NDRConfVarStrLenFieldUtf16,
     NDRConfVarStrNullField,
@@ -2162,10 +2161,9 @@ class RPC_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
diff --git a/scapy-rpc/msrpcs/ms_even.py b/scapy-rpc/msrpcs/ms_even.py
@@ -21,7 +21,8 @@
     NDRConfFieldListField,
     NDRConfPacketListField,
     NDRConfStrLenField,
-    NDRConfVarFieldListField,
+    NDRConfVarStrLenField,
+    NDRConfVarStrLenFieldUtf16,
     NDRContextHandle,
     NDRFullEmbPointerField,
     NDRFullPointerField,
@@ -41,10 +42,9 @@ class PRPC_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
diff --git a/scapy-rpc/msrpcs/ms_imsa.py b/scapy-rpc/msrpcs/ms_imsa.py
@@ -304,11 +304,8 @@ class GetDataPaths_Request(NDRPacket):
 
 class GetDataPaths_Response(NDRPacket):
     fields_desc = [
-        NDRConfFieldListField(
-            "pszBuffer",
-            [],
-            NDRShortField("", 0),
-            size_is=lambda pkt: pkt.dwMDBufferSize,
+        NDRConfStrLenFieldUtf16(
+            "pszBuffer", "", size_is=lambda pkt: pkt.dwMDBufferSize
         ),
         NDRIntField("pdwMDRequiredBufferSize", 0),
         NDRIntField("status", 0),
@@ -775,23 +772,17 @@ class GetChildPaths_Request(NDRPacket):
         NDRIntField("hMDHandle", 0),
         NDRFullPointerField(NDRConfVarStrNullFieldUtf16("pszMDPath", "")),
         NDRIntField("cchMDBufferSize", None, size_of="pszBuffer"),
-        NDRConfFieldListField(
-            "pszBuffer",
-            [],
-            NDRShortField("", 0),
-            size_is=lambda pkt: pkt.cchMDBufferSize,
+        NDRConfStrLenFieldUtf16(
+            "pszBuffer", "", size_is=lambda pkt: pkt.cchMDBufferSize
         ),
         NDRFullPointerField(NDRIntField("pcchMDRequiredBufferSize", 0)),
     ]
 
 
 class GetChildPaths_Response(NDRPacket):
     fields_desc = [
-        NDRConfFieldListField(
-            "pszBuffer",
-            [],
-            NDRShortField("", 0),
-            size_is=lambda pkt: pkt.cchMDBufferSize,
+        NDRConfStrLenFieldUtf16(
+            "pszBuffer", "", size_is=lambda pkt: pkt.cchMDBufferSize
         ),
         NDRFullPointerField(NDRIntField("pcchMDRequiredBufferSize", 0)),
         NDRIntField("status", 0),
diff --git a/scapy-rpc/msrpcs/ms_lsad.py b/scapy-rpc/msrpcs/ms_lsad.py
@@ -22,8 +22,8 @@
     NDRConfFieldListField,
     NDRConfPacketListField,
     NDRConfStrLenField,
-    NDRConfVarFieldListField,
     NDRConfVarStrLenField,
+    NDRConfVarStrLenFieldUtf16,
     NDRConfVarStrNullField,
     NDRConfVarStrNullFieldUtf16,
     NDRContextHandle,
@@ -60,10 +60,9 @@ class RPC_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
@@ -1070,10 +1069,9 @@ class PRPC_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
diff --git a/scapy-rpc/msrpcs/ms_lsat.py b/scapy-rpc/msrpcs/ms_lsat.py
@@ -22,8 +22,8 @@
     NDRConfFieldListField,
     NDRConfPacketListField,
     NDRConfStrLenField,
-    NDRConfVarFieldListField,
     NDRConfVarStrLenField,
+    NDRConfVarStrLenFieldUtf16,
     NDRConfVarStrNullField,
     NDRConfVarStrNullFieldUtf16,
     NDRContextHandle,
@@ -185,10 +185,9 @@ class PRPC_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
@@ -248,10 +247,9 @@ class RPC_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
diff --git a/scapy-rpc/msrpcs/ms_pac.py b/scapy-rpc/msrpcs/ms_pac.py
@@ -21,7 +21,8 @@
     NDRConfFieldListField,
     NDRConfPacketListField,
     NDRConfStrLenField,
-    NDRConfVarFieldListField,
+    NDRConfVarStrLenField,
+    NDRConfVarStrLenFieldUtf16,
     NDRFieldListField,
     NDRFullEmbPointerField,
     NDRInt3264EnumField,
@@ -182,10 +183,9 @@ class RPC_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
@@ -443,10 +443,9 @@ class PRPC_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
diff --git a/scapy-rpc/msrpcs/ms_rrp.py b/scapy-rpc/msrpcs/ms_rrp.py
@@ -19,9 +19,9 @@
     DceRpcOp,
     NDRByteField,
     NDRConfStrLenField,
-    NDRConfVarFieldListField,
     NDRConfVarPacketListField,
     NDRConfVarStrLenField,
+    NDRConfVarStrLenFieldUtf16,
     NDRContextHandle,
     NDRFullEmbPointerField,
     NDRFullPointerField,
@@ -121,10 +121,9 @@ class RPC_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
@@ -220,10 +219,9 @@ class PRPC_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
diff --git a/scapy-rpc/msrpcs/ms_rsp_initshutdown.py b/scapy-rpc/msrpcs/ms_rsp_initshutdown.py
@@ -18,7 +18,8 @@
     NDRPacket,
     DceRpcOp,
     NDRByteField,
-    NDRConfVarFieldListField,
+    NDRConfVarStrLenField,
+    NDRConfVarStrLenFieldUtf16,
     NDRFullEmbPointerField,
     NDRFullPointerField,
     NDRIntField,
@@ -36,10 +37,9 @@ class PREG_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
diff --git a/scapy-rpc/msrpcs/ms_rsp_windowsshutdown.py b/scapy-rpc/msrpcs/ms_rsp_windowsshutdown.py
@@ -17,7 +17,8 @@
 from scapy.layers.dcerpc import (
     NDRPacket,
     DceRpcOp,
-    NDRConfVarFieldListField,
+    NDRConfVarStrLenField,
+    NDRConfVarStrLenFieldUtf16,
     NDRFullEmbPointerField,
     NDRFullPointerField,
     NDRIntField,
@@ -35,10 +36,9 @@ class PREG_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
diff --git a/scapy-rpc/msrpcs/ms_rsp_winreg.py b/scapy-rpc/msrpcs/ms_rsp_winreg.py
@@ -18,7 +18,8 @@
     NDRPacket,
     DceRpcOp,
     NDRByteField,
-    NDRConfVarFieldListField,
+    NDRConfVarStrLenField,
+    NDRConfVarStrLenFieldUtf16,
     NDRFullEmbPointerField,
     NDRFullPointerField,
     NDRIntField,
@@ -36,10 +37,9 @@ class PREG_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
diff --git a/scapy-rpc/msrpcs/ms_samr.py b/scapy-rpc/msrpcs/ms_samr.py
@@ -25,6 +25,7 @@
     NDRConfVarFieldListField,
     NDRConfVarPacketListField,
     NDRConfVarStrLenField,
+    NDRConfVarStrLenFieldUtf16,
     NDRConfVarStrNullField,
     NDRConfVarStrNullFieldUtf16,
     NDRContextHandle,
@@ -121,10 +122,9 @@ class PRPC_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
@@ -179,10 +179,9 @@ class RPC_UNICODE_STRING(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
@@ -1900,10 +1899,9 @@ class RPC_SHORT_BLOB(NDRPacket):
             "MaximumLength", None, size_of="Buffer", adjust=lambda _, x: (x * 2)
         ),
         NDRFullEmbPointerField(
-            NDRConfVarFieldListField(
+            NDRConfVarStrLenFieldUtf16(
                 "Buffer",
-                [],
-                NDRShortField("", 0),
+                "",
                 size_is=lambda pkt: (pkt.MaximumLength // 2),
                 length_is=lambda pkt: (pkt.Length // 2),
             )
diff --git a/scapy-rpc/msrpcs/ms_tsch_SaSecRpc.py b/scapy-rpc/msrpcs/ms_tsch_SaSecRpc.py
diff --git a/scapy-rpc/msrpcs/ms_tsgu.py b/scapy-rpc/msrpcs/ms_tsgu.py
diff --git a/scapy-rpc/msrpcs/ms_tsts_legacy.py b/scapy-rpc/msrpcs/ms_tsts_legacy.py
diff --git a/scapy-rpc/msrpcs/ms_wkst.py b/scapy-rpc/msrpcs/ms_wkst.py
