refactor: Changed all FieldStrFn callers to FieldUTF16LE

One fieldname change clientDir to client_dir to align with everything else

format/pyrdp/pdu/client_data.go

@@ -84,7 +84,7 @@ func ParseClientDataCore(d *decode.D, length int64) {
 	d.FieldU16("sas_sequence")
 	d.FieldU32("keyboard_layout")
 	d.FieldU32("client_build")
-	d.FieldStrFn("client_name", toTextUTF16Fn(32))
+	d.FieldUTF16LE("client_name", 32, scalar.StrActualTrim("\x00"))
 	d.FieldU32("keyboard_type")
 	d.FieldU32("keyboard_sub_type")
 	d.FieldU32("keyboard_function_key")

format/pyrdp/pdu/client_info.go

@@ -38,24 +38,24 @@ func ParseClientInfo(d *decode.D, length int64) {
 		alternate_shell_length := int(d.FieldU16("alternate_shell_length") + null_n*unicode_n)
 		working_dir_length := int(d.FieldU16("working_dir_length") + null_n*unicode_n)
 
-		d.FieldStrFn("domain", toTextUTF16Fn(domain_length))
-		d.FieldStrFn("username", toTextUTF16Fn(username_length))
-		d.FieldStrFn("password", toTextUTF16Fn(password_length))
-		d.FieldStrFn("alternate_shell", toTextUTF16Fn(alternate_shell_length))
-		d.FieldStrFn("working_dir", toTextUTF16Fn(working_dir_length))
+		d.FieldUTF16LE("domain", domain_length, scalar.StrActualTrim("\x00"))
+		d.FieldUTF16LE("username", username_length, scalar.StrActualTrim("\x00"))
+		d.FieldUTF16LE("password", password_length, scalar.StrActualTrim("\x00"))
+		d.FieldUTF16LE("alternate_shell", alternate_shell_length, scalar.StrActualTrim("\x00"))
+		d.FieldUTF16LE("working_dir", working_dir_length, scalar.StrActualTrim("\x00"))
 
 		extra_length := length - ((d.Pos() - pos) / 8)
 		if extra_length > 0 {
 			d.FieldStruct("extra_info", func(d *decode.D) {
 				d.FieldU16("address_family", scalar.UintHex)
 				address_length := int(d.FieldU16("address_length"))
-				d.FieldStrFn("address", toTextUTF16Fn(address_length))
+				d.FieldUTF16LE("address", address_length, scalar.StrActualTrim("\x00"))
 				client_dir_length := int(d.FieldU16("client_dir_length"))
-				d.FieldStrFn("clientDir", toTextUTF16Fn(client_dir_length))
+				d.FieldUTF16LE("client_dir", client_dir_length, scalar.StrActualTrim("\x00"))
 				// TS_TIME_ZONE_INFORMATION structure
 				// https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/526ed635-d7a9-4d3c-bbe1-4e3fb17585f4
 				d.FieldU32("timezone_bias")
-				d.FieldStrFn("timezone_standardname", toTextUTF16Fn(64))
+				d.FieldUTF16LE("timezone_standardname", 64, scalar.StrActualTrim("\x00"))
 			})
 
 			// XXX: there's more extra info but here's everything we need from the

format/pyrdp/testdata/test.fqtest

@@ -79,7 +79,7 @@ $ ./fq -d pyrdp dv /test.pyrdp
 0x000180|                              31 00 30 00 2e 00|          1.0...|          address: "10.0.89.70" 0x18a-0x1a0 (22)
 0x000190|30 00 2e 00 38 00 39 00 2e 00 37 00 30 00 00 00|0...8.9...7.0...|
 0x0001a0|40 00                                          |@.              |          client_dir_length: 64 0x1a0-0x1a2 (2)
-0x0001a0|      43 00 3a 00 5c 00 57 00 69 00 6e 00 64 00|  C.:.\.W.i.n.d.|          clientDir: "C:\\Windows\\system32\\mstscax.dll" 0x1a2-0x1e2 (64)
+0x0001a0|      43 00 3a 00 5c 00 57 00 69 00 6e 00 64 00|  C.:.\.W.i.n.d.|          client_dir: "C:\\Windows\\system32\\mstscax.dll" 0x1a2-0x1e2 (64)
 0x0001b0|6f 00 77 00 73 00 5c 00 73 00 79 00 73 00 74 00|o.w.s.\.s.y.s.t.|
 *       |until 0x1e1.7 (64)                             |                |
 0x0001e0|      20 fe ff ff                              |   ...          |          timezone_bias: 4294966816 0x1e2-0x1e6 (4)