smb2/read: Parse only 1 byte for data_offset, ignore reserved1

A user provided a SMB2 pcap with the reserved1 field of a ReadResponse
set to 1 instead of 0. This confused the padding computation due to
including this byte into the offset. Properly split data_offset and
reserved1 into individual byte fields.

Closes #4730

src/analyzer/protocol/smb/smb2-com-read.pac

@@ -93,10 +93,11 @@ type SMB2_read_request(header: SMB2_Header) = record {
 
 type SMB2_read_response(header: SMB2_Header) = record {
 	structure_size    : uint16;
-	data_offset       : uint16;
+	data_offset       : uint8;
+	reserved1         : uint8;
 	data_len          : uint32;
 	data_remaining    : uint32;
-	reserved          : uint32;
+	reserved2         : uint32;
 	pad               : padding to data_offset - header.head_length;
 	data              : bytestring &length=data_len;
 } &let {