2 files changed, 269 insertions, 0 deletions
diff --git a/epan/dissectors/pidl/iwbemservices/iwbemservices.cnf b/epan/dissectors/pidl/iwbemservices/iwbemservices.cnf
new file mode 100644
index 00000000..c35df28c
--- /dev/null
+++ b/epan/dissectors/pidl/iwbemservices/iwbemservices.cnf
@@ -0,0 +1,111 @@
+# Conformance file for iwbemservices
+
+MANUAL IWbemServices_dissect_element_GetObject_orpcthis
+MANUAL IWbemServices_dissect_element_GetObject_orpcthat_
+
+MANUAL IWbemServices_dissect_element_ExecMethod_orpcthis
+MANUAL IWbemServices_dissect_element_ExecMethod_orpcthat_
+
+MANUAL IWbemServices_dissect_element_IWbemClassObject_objects
+NOEMIT IWbemServices_dissect_element_IWbemClassObject_objects_
+NOEMIT IWbemServices_dissect_element_GetObject_strObjectPath_
+
+ETT_FIELD ett_IWbemServices_GetObject_orpcthis
+ETT_FIELD ett_IWbemServices_GetObject_orpcthat
+
+ETT_FIELD ett_IWbemServices_ExecMethod_orpcthis
+ETT_FIELD ett_IWbemServices_ExecMethod_orpcthat
+
+CODE START
+
+	#include "packet-dcom.h"
+
+static int
+IWbemServices_dissect_element_IWbemClassObject_objects_(tvbuff_t *tvb, int offset, int length, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep);
+static int
+IWbemServices_dissect_element_GetObject_strObjectPath_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep);
+
+extern void register_dcom_wmio (void);
+
+/* GetObject */
+static int
+IWbemServices_dissect_element_GetObject_orpcthis(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep)
+{
+	proto_item *sub_item;
+	proto_tree *sub_tree;
+
+	sub_item = proto_tree_add_item(tree, hf_IWbemServices_GetObject_orpcthis, tvb, offset, 0, ENC_NA);
+	sub_tree = proto_item_add_subtree(sub_item, ett_IWbemServices_GetObject_orpcthis);
+
+	return dissect_dcom_this(tvb, offset, pinfo, sub_tree, di, drep);
+}
+
+static int
+IWbemServices_dissect_element_GetObject_orpcthat_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep)
+{
+	proto_item *sub_item;
+	proto_tree *sub_tree;
+
+	register_dcom_wmio();
+
+	sub_item = proto_tree_add_item(tree, hf_IWbemServices_GetObject_orpcthat, tvb, offset, 0, ENC_NA);
+	sub_tree = proto_item_add_subtree(sub_item, ett_IWbemServices_GetObject_orpcthat);
+
+	return dissect_dcom_that(tvb, offset, pinfo, sub_tree, di, drep);
+}
+
+/* ExecMethod */
+static int
+IWbemServices_dissect_element_ExecMethod_orpcthis(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep)
+{
+	proto_item *sub_item;
+	proto_tree *sub_tree;
+
+	sub_item = proto_tree_add_item(tree, hf_IWbemServices_ExecMethod_orpcthis, tvb, offset, 0, ENC_NA);
+	sub_tree = proto_item_add_subtree(sub_item, ett_IWbemServices_ExecMethod_orpcthis);
+
+	return dissect_dcom_this(tvb, offset, pinfo, sub_tree, di, drep);
+}
+
+static int
+IWbemServices_dissect_element_ExecMethod_orpcthat_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep)
+{
+	proto_item *sub_item;
+	proto_tree *sub_tree;
+
+	register_dcom_wmio();
+
+	sub_item = proto_tree_add_item(tree, hf_IWbemServices_ExecMethod_orpcthat, tvb, offset, 0, ENC_NA);
+	sub_tree = proto_item_add_subtree(sub_item, ett_IWbemServices_ExecMethod_orpcthat);
+
+	return dissect_dcom_that(tvb, offset, pinfo, sub_tree, di, drep);
+}
+
+static int
+IWbemServices_dissect_element_IWbemClassObject_objects(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep)
+{
+	return dissect_ndr_ucarray_block(tvb, offset, pinfo, tree, di, drep, &IWbemServices_dissect_element_IWbemClassObject_objects_);
+}
+
+static int
+IWbemServices_dissect_element_IWbemClassObject_objects_(tvbuff_t *tvb, int offset, int length, packet_info *pinfo, proto_tree *tree, dcerpc_info *di, uint8_t *drep)
+{
+	dissect_dcom_OBJREF(tvb, offset, pinfo, tree, di, drep, hf_IWbemServices_IWbemClassObject_objects, NULL);
+	return offset + length;
+}
+
+static int
+IWbemServices_dissect_element_GetObject_strObjectPath_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep)
+{
+	char *data = NULL;
+
+	offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(uint16_t), hf_IWbemServices_GetObject_strObjectPath, false, &data);
+	if (data){
+		proto_item_append_text(tree, ": %s", data);
+		col_append_fstr(pinfo->cinfo, COL_INFO, " Object=%s", data);
+	}
+
+	return offset;
+}
+
+CODE END
+\ No newline at end of file
diff --git a/epan/dissectors/pidl/iwbemservices/iwbemservices.idl b/epan/dissectors/pidl/iwbemservices/iwbemservices.idl
new file mode 100644
index 00000000..c4de5c55
--- /dev/null
+++ b/epan/dissectors/pidl/iwbemservices/iwbemservices.idl
@@ -0,0 +1,158 @@
+#include "idl_types.h"
+
+/*
+  IWbemServices interface definitions
+*/
+[ uuid("9556dc99-828c-11cf-a37e-00aa003240c7"),
+  restricted,
+  pointer_default(unique)
+]
+interface IWbemServices
+{
+  typedef struct
+  {
+  } ORPCTHIS;
+
+  typedef struct
+  {
+  } ORPCTHAT;
+
+  typedef struct
+  {
+  } IWbemCallResult;
+
+  /*****************/
+  /* Function 0 */
+  [todo] WERROR iwbemservices_opnum0(
+  );
+  /*****************/
+  /* Function 1 */
+  [todo] WERROR iwbemservices_opnum1(
+  );
+  /*****************/
+  /* Function 2 */
+  [todo] WERROR iwbemservices_opnum2(
+  );
+  /*****************/
+  /* Function 3 */
+  [todo] WERROR iwbemservices_OpenNamespace(
+  );
+  /*****************/
+  /* Function 4 */
+  [todo] WERROR iwbemservices_CancelAsyncCall(
+  );
+  /*****************/
+  /* Function 5 */
+  [todo] WERROR iwbemservices_QueryObjectSink(
+  );
+
+  typedef struct
+  {
+    uint32 count;
+    [size_is(count)] uint8 objects[];
+  } IWbemClassObject;
+
+  typedef struct
+  {
+    uint32 ulCntData;
+    [size_is(count)] uint8 abData[];
+  } MInterfacePointer;
+
+  typedef struct
+  {
+    uint32 u;
+    MInterfacePointer *intPtr;
+  } IWbemContext;
+
+  /*****************/
+  /* Function 6 */
+  WERROR GetObject(
+   [in] ORPCTHIS orpcthis,
+   [in, unique, string, charset(UTF16)] uint16* strObjectPath,
+   [in] uint32 lFlags,
+   [in]  IWbemContext* pCtx,
+   [out] ORPCTHAT* orpcthat,
+   [out, in, unique] IWbemClassObject** ppObject,
+   [out, in, unique] IWbemCallResult** ppCallResult
+  );
+
+  /*****************/
+  /* Function 7 */
+  [todo] WERROR iwbemservices_opnum7(
+  );
+  /*****************/
+  /* Function 8 */
+  [todo] WERROR iwbemservices_opnum8(
+  );
+  /*****************/
+  /* Function 9 */
+  [todo] WERROR iwbemservices_opnum9(
+  );
+  /*****************/
+  /* Function 10 */
+  [todo] WERROR iwbemservices_opnum10(
+  );
+  /*****************/
+  /* Function 11 */
+  [todo] WERROR iwbemservices_opnum11(
+  );
+  /*****************/
+  /* Function 12 */
+  [todo] WERROR iwbemservices_opnum12(
+  );
+  /*****************/
+  /* Function 13 */
+  [todo] WERROR iwbemservices_opnum13(
+  );
+  /*****************/
+  /* Function 14 */
+  [todo] WERROR iwbemservices_opnum14(
+  );
+  /*****************/
+  /* Function 15 */
+  [todo] WERROR iwbemservices_opnum15(
+  );
+  /*****************/
+  /* Function 16 */
+  [todo] WERROR iwbemservices_opnum16(
+  );
+  /*****************/
+  /* Function 17 */
+  [todo] WERROR iwbemservices_opnum17(
+  );
+  /*****************/
+  /* Function 18 */
+  [todo] WERROR iwbemservices_opnum18(
+  );
+  /*****************/
+  /* Function 19 */
+  [todo] WERROR iwbemservices_opnum19(
+  );
+  /*****************/
+  /* Function 20 */
+  [todo] WERROR iwbemservices_opnum20(
+  );
+  /*****************/
+  /* Function 21 */
+  [todo] WERROR iwbemservices_opnum21(
+  );
+  /*****************/
+  /* Function 22 */
+  [todo] WERROR iwbemservices_opnum22(
+  );
+  /*****************/
+  /* Function 23 */
+  [todo] WERROR iwbemservices_opnum23(
+  );
+
+  /*****************/
+  /* Function 24 */
+  WERROR ExecMethod(
+   [in] ORPCTHIS orpcthis,
+   [in, unique, string, charset(UTF16)] uint16* strObjectPath,
+   [in, unique, string, charset(UTF16)] uint16* strMethodName,
+   [in] uint32 lFlags,
+   [out] ORPCTHAT* orpcthat
+  );
+
+};
+\ No newline at end of file