This allows wmem to be used from other libraries, namely wsutil.
It is often the case that a funtion exists in wsutil and cannot
be used with a wmem scope, requiring some code duplication or
extra memory allocations, or vice-versa, code in epan cannot be
moved to wsutil because it has a wmem dependency.
To this end wmem is moved to wsutil. Scope management remains part
of epan because those scope semantics are specific to dissection.
fcntl.h appears to be available on all of our supported platforms,
including Windows. We've also been including it without HAVE_FCNTL_H
guards in a few places (e.g. sshdump.c) without any issues for some
time.
floorl is part of C99.
Mark wsutil's includes SYSTEM PRIVATE. This exposed a lot of targets
that were indirectly picking up include paths via the wsutil target, so
add direct includes where needed. The G.722 and G.726 codecs were
implicilty including tiffio.h; find it explicitly instead.
Mark some of wsutil's libraries PRIVATE, but leave commonly-used ones
PUBLIC.
Ping #17477.
Revert change to format_size() added in
f509a83381. This commit broke formatting
with spaces and introduced some dead code.
Also replace unnecessary call to format_size_wmem() and remove
unnecessary casts (since our warning settings were fixed in the
mean time).
Functions clock_gettime() and timespec_get() cover all the platforms
we support with sub-second resolution in a a portable manner. Fallback
to using time().
Pass a struct timespec to the log writer callback for maximum
flexibility.
At least according to the Single UNIX Standard, it merely has to be big
enough to hold a value in the range [-1, 1000000], and there must be
*an* environment in which it's no *larger* than a long.
Just cast it to long, and continue to print the result of dividing it by
1000 with %03ld.
Calling GLib functions inside the log writer is not safe,
it might infinitely recurse or abort if g_date_time_* logs
warnings because we registered our log handler for GLib itself.
This includes as little as possible in the assertion header, so
that it can be included globally in every file without pulling
any unwanted definitions. In particular pulling stdlib.h is
avoided because that can have side effects if it wants to
include non-portable extensions.
It is possible to have side-effects from include glib.h too, for
example because of G_LOG_DOMAIN.
These side-effects are usually avoidable with careful ordering
of pre-processor directives but with multiple levels of indirections
it can be hard to track. Better to make it robust to these kinds
of failures in the first place.
Also integrate with our logger for a cohesive experience (but
keep it a private dependency).
Minimizing the dependencies on other wsutil and GLib functions
reduces the chance that we will have a weird recursion pattern
in wslog and makes the code easier to analyze.
This avoids having to manage two different implementations.
For example with this change GLib functions will terminate
if Wireshark's fatal log level is set to a matching level
and the --log-file option will also output messages from
GLib itself.
This changes color use to be the very similar with GLib to
maintain familiarity. The only difference is that Message
and Info use a different color than Debug.
Also use the more familiar format of <domain> <level> instead
of <level> <domain>.
Instead of receiving the program name from GLib, pass it explicitly
to ws_log_init() instead and use that to initialize the GLib program
name.
ws_log_parse_args() will now exit the program when it encounters an
argument error if exit_failure >= 0.
Currently we are not filtering the unset (NULL) domain, on
the assumption that every log call should belong to a defined
domain.
However there are still many places in the codebase where this isn't
true and the fact that the null/default domain name is omitted from
the output and never filtered is probably surprising and user-unfriendly.
Users might understandably assume the filtering is buggy.
Give an indication, such as (none)-MESSAGE, to make this more
obvious.
The --log-debug and --log-noisy now accepts a '!' to invert the
match and disable the debug (noisy respectively) log level for
the listed domains.
Note this is different from --log-domains, that option
enables/disables the entire log domain itself, regardless of log
level.
ws_log_domains.h needs to be included before wslog.h to be used
to define WS_LOG_DOMAIN. Also the definition for enum ws_log_level
needs to be exported for other APIs so move that to ws_log_domains.h
and rename the file to ws_log_defs.h to reflect the new scope.
This is intended to replace logging in dissectors that has a
debug level with #ifdef DEBUG_foo and an extra level guarded
by a #ifdef DEBUG_EXTRA_foo.
But generally it can be used as another level of granularity
for debugging output, to avoid flooding the log with too
much information with typical usage.
Rename the filter functions without the unnecessary 'str'
suffix.
Option --log-debug or WIRESHARK_LOG_DEBUG is a list
of domains that are set to a "debug" log level. This
takes precedence over the normal log level and domain
filter options.
Enviroment variable WIRESHARK_LOG_FATAL and command line
option --log-fatal set the fatal log level. Messages with
fatal or highr priority cause the program to abort. By
default the fatal level is "error", but it can be set to
"critical" or "warning" with this option.
Domain filter expressions starting with '!' invert the match.
Only domains that do not match become active. Note that '!'
must be the first character in the filter and applies to the
whole expression.
Add macros to round to multiples of 2, 4, 8, 16, and 32.
Use them instead of independently defined macros.
(We don't define a general "round to a power of 2" macro to avoid the
risk of somebody passing something other than a power of 2 to it.)
A domain filter can be given in the environment variable
'WS_LOG_DOMAINS' or in a command-line options "--log-domains".
The filter is specified as a comma separated case insensitive list,
for example:
./tshark --log-domains=main,capture
Domain data type switches from an enum to a string. There is no
constaint on adding new domains, neither in code or at runtime.
The string format is arbitrary, only positive matches will produce
output.
Experience has shown that:
1. The current logging methods are not very reliable or practical.
A logging bitmask makes little sense as the user-facing interface (who
would want debug but not crtical messages for example?); it's
computer-friendly and user-unfriendly. More importantly the console
log level preference is initialized too late in the startup process
to be used for the logging subsystem and that fact raises a number
of annoying and hard-to-fix usability issues.
2. Coding around G_MESSAGES_DEBUG to comply with our log level mask
and not clobber the user's settings or not create unexpected log misses
is unworkable and generally follows the principle of most surprise.
The fact that G_MESSAGES_DEBUG="all" can leak to other programs using
GLib is also annoying.
3. The non-structured GLib logging API is very opinionated and lacks
configurability beyond replacing the log handler.
4. Windows GUI has some special code to attach to a console,
but it would be nice to abstract away the rest under a single
interface.
5. Using this logger seems to be noticeably faster.
Deprecate the console log level preference and extend our API to
implement a log handler in wsutil/wslog.h to provide easy-to-use,
flexible and dependable logging during all execution phases.
Log levels have a hierarchy, from most verbose to least verbose
(debug to error). When a given level is set everything above that
is also enabled.
The log level can be set with an environment variable or a command
line option (parsed as soon as possible but still later than the
environment). The default log level is "message".
Dissector logging is not included because it is not clear what log
domain they should use. An explosion to thousands of domains is
not desirable and putting everything in a single domain is probably
too coarse and noisy. For now I think it makes sense to let them do
their own thing using g_log_default_handler() and continue using the
G_MESSAGES_DEBUG mechanism with specific domains for each individual
dissector.
In the future a mechanism may be added to selectively enable these
domains at runtime while trying to avoid the problems introduced
by G_MESSAGES_DEBUG.
Add a generic function to write content to file. Use this on write
TLS session keys from UI and tshark, and for export objects.
Remove the now unused export_object_ui.[ch].
The GLib documentation says G_STRLOC includes the function name
but that is a lie[1]. Change ws_debug() to not use G_STRLOC and receive
__FILE__, __LINE__ and G_STRFUNC separately instead.
[1]https://bugzilla.gnome.org/show_bug.cgi?id=69097
Default to taking the VLAN ID into account when reassembling only
for private IPv4 addresses as defined by RFC 1918 and for link-local
addresses. Otherwise, do not take the VLAN ID into account unless
the "Enable stricter conversation tracking heuristics" preference
is enabled. Fixes#14356.
Replace most instances of ws_debug_printf() except in
epan/dissectors and dissector plugins.
Some replacements use printf(), some use ws_debug(), and
some were removed because they were dead or judged to be
temporary.
Use a void expression instead of removing the expression
entirely. Under certain conditions, for example as the only
statement in an if() conditional, removing the assertion
will generate compiler warnings.
Currently our build generates very many warnings if
G_DISABLE_ASSERT is defined.
Add ws_assert() and ws_assert_not_reached() to incrementally
replace existing assertions and then disable them using
WS_DISABLE_ASSERT.
Assertions are disabled with CMake build type Release.
By default the build type is RelWithDebInfo so the current
behaviour of enabling assertions by default is (for now) preserved.
Add some notes to README.Developer.
Most of the time, the return value tells us nothing useful, as we've
already decided that we're perfectly willing to live with string
truncation. Hopefully this keeps Coverity from whining that those
routines could return an error code (NARRATOR: They don't) and thus that
we're ignoring the possibility of failure (as indicated, we've already
decided that we can live with string truncation, so truncation is *NOT*
a failure).
Calling cmake with -DENABLE_VLD=ON when building with Visual Studio,
results in debug configuration being linked to Visual Leak Detector.
By default, Visual Leak Detector outputs the leak summary to Visual
Studio debug window. When ENABLE_VLD is active, VLD is linked to all
wireshark libraries and executables.
If a header declares a function, or anything else requiring the extern
"C" decoration, have it wrap the declaration itself; don't rely on the
header itself being included inside extern "C".
Have routines to report capture-file errors, using libwireshark error
codes and strings, that call through a pointer, so they can pop up
dialogs in GUI apps, print a message to the standard error on
command-line apps, and possibly do something different on server
programs.
Have init_report_message() take a pointer to structure containing those
function pointers, rather than the function pointers themselves, as
arguments.
Make other API changes to make that work.
FOr 11b and 11g, also set the metadata to provide the "short preamble"
indication.
Add some macros to wsutil/802_11-utils.h to help there, as I threatened
to do in the previous commit. :-)
I believe this was the original intention, to use these API restricitons
with dissectors only (not that I necessarily agree with that policy either),
and through copy-paste and lack of clear guidelines it spread to other
parts of the build.
Rename the checkAPI groups to make it very clear that this is dissector-only.
This doesn't mean, of course, that good programming practices shouldn't be
followed everywhere. In particular assertions need to be used properly.
Don't use them to catch runtime errors or validate input data.
This commit will be followed by another removing the various ugly hacks
people have been using to get around the checkAPI hammer.
Since fe94133f0d ws_snprintf()
and ws_vsnprintf() don't actually do anything anymore.
The return value of ws_[v]snprintf was discarded before,
now it too conforms to C99.
Instead *_register_plugin() is turned into a noop (with a warning).
The test suit is failing with ENABLE_PLUGINS=Off (it was already failing
before and this patch didn't affect that).
Closes#17202.
This adds a function to parse a string date-time in ISO 8601 format into
a `nstime_t` structure. It's based on code from epan/tvbuff.c and
wiretap/nettrace_3gpp_32_423.c and meant to eventually replace both.
(Currently only replaces the latter.)
Since most of Wireshark expects ISO 8601 date-times to fit a fairly
strict pattern, iso8601_to_nstime() currently rejects date-times without
separators between the components, even though ISO 8601 actually permits
this. This could be revisited later.
Also uses iso8601_to_nstime in editcap to parse the -A/-B options,
thus allowing the user to specify a time zone if desired. (See #17110)
Adds a pre-commit hook for detecting and replacing
occurrences of `g_malloc()` and `wmem_alloc()` with
`g_new()` and `wmem_new()`, to improve the
readability of Wireshark's code, and
occurrences of
`g_malloc(sizeof(struct myobj) * foo)`
with
`g_new(struct myobj, foo)`
to prevent integer overflows
Also fixes all existing occurrences across
the codebase.
Replace bugs.wireshark.org links with their equivalent
gitlab.com/wireshark/wireshark/issues links in the AsciiDoctor buglink
macro and the please_report_bug function. Update the bug URLs in
comments in the tools and test directories.
Remove the --check-addtext and --build flags. They were used for
checkAddTextCalls, which was removed in e2735ecfdd.
Add the sources in ui/qt except for qcustomplot.{cpp,h}. Fix issues in
main.cpp, rtp_audio_stream.cpp, and wireshark_zip_helper.cpp.
Rename "index"es in packet-usb-hid.c.
It's used in a number of source files; don't force each of them to test
GCRYPT_VERSION_NUMBER independently.
Make sure every file that uses HAVE_LIBGCRYPT_AEAD includes
wsutil/wsgcrypt.h.
Also do some other definitions that are based on the libgcrypt version
there as well.
This requires that the Qt UI code be given the include directory for
libgcrypt, as the follow stream code includes
epan/dissectors/packet-quic.h, which includes wsutil/wsgcrypt.h to get
HAVE_LIBGCRYPT_AEAD defined, and wsutil/wsgcrypt.h includes <gcrypt.h>.
Change-Id: I9cb50f411f5b2b6b9e28a38bfd901f4a66d9cc8f
Reviewed-on: https://code.wireshark.org/review/38116
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
/opt/SourceCode/wireshark/epan/dissectors/packet-osc.c 367 err V562 It's odd to compare 0 or 1 with a value of 0.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 960 note V576 Incorrect format. Consider checking the eighth actual argument of the 'proto_tree_add_subtree_format' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 980 note V576 Incorrect format. Consider checking the third actual argument of the 'proto_item_append_text' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 2473 note V576 Incorrect format. Consider checking the fourth actual argument of the 'col_prepend_fstr' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 2482 note V576 Incorrect format. Consider checking the fourth actual argument of the 'col_append_fstr' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 2633 note V576 Incorrect format. Consider checking the fourth actual argument of the 'col_append_fstr' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 2650 note V576 Incorrect format. Consider checking the fourth actual argument of the 'col_prepend_fstr' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-stun.c 565 warn V1051 Consider checking for misprints. It's possible that the 'reported_length' should be checked here.
/opt/SourceCode/wireshark/epan/dissectors/packet-umts_fp.c 4126 warn V1051 Consider checking for misprints. It's possible that the 'reported_length' should be checked here.
/opt/SourceCode/wireshark/epan/dissectors/packet-umts_fp.c 4942 warn V1051 Consider checking for misprints. It's possible that the 'reported_length' should be checked here.
/opt/SourceCode/wireshark/ui/voip_calls.c 1444 err V773 The 'comment' pointer was assigned values twice without releasing the memory. A memory leak is possible.
/opt/SourceCode/wireshark/wsutil/filesystem.c 1531 err V773 The function was exited without releasing the 'files' pointer. A memory leak is possible.
/opt/SourceCode/wireshark/wsutil/filesystem.c 1717 err V773 The function was exited without releasing the 'files' pointer. A memory leak is possible.
Bug: 16335
Change-Id: I8df3ba6d070823dcb43c4152d9156358f701e8dc
Reviewed-on: https://code.wireshark.org/review/37069
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
wsutil/nstime.c:116: warning: Function 'nstime_sum' argument order different: declaration 'sum, b, a' definition 'sum, a, b'
Most likely copy/paste error from nstime_delta() above where that order makes sense.
Change-Id: Icea52b21781ebc09b2b80acdb34d61a28eb1e498
Reviewed-on: https://code.wireshark.org/review/36562
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Those fetch gint and guint values, respectively, rather than values with
specified sizes in bits.
This should squelch Coverity CID 1457357.
Change-Id: Ia8f100bd3fe90c266e24a4346f80b2667c653b93
Reviewed-on: https://code.wireshark.org/review/36177
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The processor brand string returned by CPUID is left-padded in some
cases. For example, adding
g_warning("==>%s<==\n", CPUBrandString);
to get_cpu_info() on a test machine here returns
** (tshark.exe:3808): WARNING **: ==> Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz<==
Make sure it's stripped before we add it to our version information.
Change-Id: Idf9f9574477043a5e7fe4ff1ecb7890d6da90e0a
Reviewed-on: https://code.wireshark.org/review/36108
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There are some deltas between the UN*X epoch and other epochs that are
used in a number of places; put them into a header.
Change-Id: Ia2d9d69b9d91352d730d97d9e4897518635b4861
Reviewed-on: https://code.wireshark.org/review/35895
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Revert the removal of replacing disallowed filename characters in
create_tempfile() to allow this characters in extcap interface names.
This is a regression from g2925fb08.
Change-Id: I833d1d19080c9c688dcaf076a840f55ef31e457d
Reviewed-on: https://code.wireshark.org/review/35669
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It doesn't contain the text "please do not report it", so nobody will
think it's a warning not to report the problem, it just says "don't call
it a crash".
Change-Id: I9ce71e6a1cc37446a08e44da64c8411166844f75
Reviewed-on: https://code.wireshark.org/review/35649
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Say "as a bug" upfront, and clarify that "please do not report it as
such" doesn't mean "please do not report this at all" (even though we
say "please report this" earlier), it means "please do not report this
as being a crash".
Change-Id: I2656c4c13e90fcf41d00a4b6ab3c2f2998f55fd6
Reviewed-on: https://code.wireshark.org/review/35647
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Added API description clarifies when bytes/samples are used. New variable names
proposed and all existing codecs are adapted to it. Change is just renaming...
Change-Id: I75dba64a49eb3f4369ec7160cb793dda4b44c810
Reviewed-on: https://code.wireshark.org/review/35576
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Much better to use a known library than create it ourselves.
Also remove get_tempfile_path as it's not used.
Bug: 15992
Change-Id: I17b9bd879e8bdb540f79db83c6c138f8ee724764
Reviewed-on: https://code.wireshark.org/review/34420
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
It's a "wmem version" of format_size (from wsutil/str_util.h).
Also improved the flexibility in formatting of format_size() to handle future
needs of format_size_wmem
Ping-Bug: 15360
Change-Id: Id9977bbd7ec29375bbac955f685d46e75b0cef2c
Reviewed-on: https://code.wireshark.org/review/31233
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
strchr() is declared in <string.h>, and we now use strchr(), so we must
include <string.h>.
Change-Id: Ie80763c10c4ad1ef85d4a83d8eacc3ea236bea56
Reviewed-on: https://code.wireshark.org/review/35052
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The buffer needs to be big enough to include the trailing '\0', so we
need to compare the buffer's length against strlen(name) + 1, not
against strlen(name).
Bug: 15751
Change-Id: I75ae65f8c818284834d761d9dd911d029cfca3b1
Reviewed-on: https://code.wireshark.org/review/34892
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit f1285fcf06.
NSIS package is broken with this commit.
Change-Id: Ief22a308edad188fa2d5fab79355f19493359fa6
Reviewed-on: https://code.wireshark.org/review/34758
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
HTML docs are installed to both $docdir and $pkgdatadir. Fix that
to install to $docdir only.
Change-Id: I115158585b6df9170d9a01249adbc8548df91f14
Reviewed-on: https://code.wireshark.org/review/34640
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
There's no extra benefit in having FILE pointer (over file descriptor)
passed to file_needs_reopen().
Change-Id: Id49eb2f02b776c2f1ccd9d67fedd7eac38432f52
Reviewed-on: https://code.wireshark.org/review/34600
Reviewed-by: Craig Jackson <cejackson51@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
On Windows, fstat() and stat() sets st_dev to different value depending
on whether it was called with file handle or file path. If file handle
was used, the st_dev is simply the file handle casted to unsigned.
If file path was used, then st_dev corresponds to drive letter
(A=0, B=1, C=2, ...).
Compare the files using the file index information retrieved by
GetFileInformationByHandle(). When compiled in configuration that
supports FILE_ID_INFO, the code first tries to obtain 128-bit FILE_ID_INFO
and if that fails, fallback to GetFileInformationByHandle().
Bug: 16059
Change-Id: I5f8d8d8127337891ef9907c291e550b1d17aabbb
Reviewed-on: https://code.wireshark.org/review/34573
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Provide _U_ macro definition for Visual Studio.
Change the way _U_ macro is ifdefed for some targets to allow Visual
Studio to recognize it.
Ping-Bug: 15832
Change-Id: Ic7ce145cbe9e8aa751d64c9c09ce8ba6c1bbbd30
Reviewed-on: https://code.wireshark.org/review/34530
Tested-by: Petri Dish Buildbot
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Pass working directory parameter to win32_create_process() in
ws_pipe_spawn_sync().
Change-Id: I0abbc4fbf733138b20c2a34845b147530417c91e
Reviewed-on: https://code.wireshark.org/review/34533
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
That also keeps us from looking at the non-existent first octet of an
empty buffer.
Bug: 16031
Change-Id: I3fcf4201d21dc44ccd8815cb0637c1eae4995560
Reviewed-on: https://code.wireshark.org/review/34439
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
jsmn_parse() is handed a buffer and a count of octets in the buffer; it
treats either running out of octets, as specified by the count, *OR*
seeing a NUL as meaning "end of JSON string".
That means that a buffer, of arbitrary size, the first octet of which is
zero is a null string and considered valid JSON.
That is clearly bogus; it messes up both tests for JSON files *and*,
potentially, heuristic checks for JSON in packet payloads.
Bug: 16031
Change-Id: I5ee78b613df3358f19787f2ce28ddc883368f03d
Reviewed-on: https://code.wireshark.org/review/34438
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Using g_hash_table_insert() in cases where the key is contained within
value is error prone. Use g_hash_table_replace() to eliminate the risk
of ending up with incoherent hash table state.
Change-Id: I595457476a2682e927d2c56b2692404aef4dc43a
Reviewed-on: https://code.wireshark.org/review/34385
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Before the unzipped files are being copied from the temp directory,
they are checked against the stored list of profile names, to ensure,
that only allowed files are being imported.
Also ensures, that no empty directory exists for the skipped one
Bug: 15969
Change-Id: I6ae8c9fb5f63d089d42fc0ef18dbe84baec515a2
Reviewed-on: https://code.wireshark.org/review/34184
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Change the Profile types from User/System to Personal/Global in UI
to match the terminology used in About Wireshark -> Folders.
This reverts commit 40af4aa93e.
This reverts commit f0cde7ca34.
This reverts commit c37cabe900.
Change-Id: I9012db6385707754e26a2dadb57f6003f8112f9b
Reviewed-on: https://code.wireshark.org/review/34134
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
get_profile_dir() already calls the corresponding variable is_system;
use that in profile_exists() as well.
Change-Id: Icce42b2074d64c46598cc7561b3c5468da8ede90
Reviewed-on: https://code.wireshark.org/review/34131
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's called system profiles in UI so update function names and
variables to use the same name. This will increase code readability.
Change-Id: I048e9ea85bd6ebab4a2c3ed1c685487ac8f7e40e
Reviewed-on: https://code.wireshark.org/review/34116
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Fall back on the Wayback Machine for some links.
Change-Id: I6a44a2caaeb4fa521c2f08196e7c36069e3bb842
Reviewed-on: https://code.wireshark.org/review/34103
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Microsoft reshuffled their documentation - almost all of it moved from
msdn.microsoft.com to docs.microsoft.com. Some blogs moved to
devblogs.microsoft.com; the comments *didn't* move, so in one case we go
to the Wayback Machine - the link isn't dead, but it formats horribly,
at least on my browser, but the archived version formats OK.
Use the Wayback Machine for some URLs, and update others.
Update the sections for MS-ADTS.
Point to the HTML versions of some RFCs and I-Ds.
Change-Id: I344b20f880de63f1ae2a4e3f9ff98af78a7fe139
Reviewed-on: https://code.wireshark.org/review/34101
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's broken, unmaintained, poorly implemented and obsoleted by saner
debug-info methods.
Note: To do the compliance check properly would require much more
extensive work to clearly define public and private interfaces (without
manual bookeeping of files or symbols either, of course, because who
would want that...).
Change-Id: Ib801f3c152ca2369f95ca1f4af4d37cd8cc7c47a
Reviewed-on: https://code.wireshark.org/review/33928
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
Use a shorter URL and use HTTPS.
Change-Id: I9cfcd52775c95457e81694272dbe795d4eae4e58
Reviewed-on: https://code.wireshark.org/review/34026
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The libwsutil symbols file contains two public symbols which depend on
Libgcrypt 1.7.0. As the version included with Ubuntu 16.04 is too old,
building a Debian package fails due to missing two curve25519 symbols.
Add stub implementations as workaround.
Change-Id: Ie39e784e9e631750b5269d038772496565b2dce8
Reviewed-on: https://code.wireshark.org/review/33780
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use realpath() to resolve our program file directory on macOS. This lets
us create symlinks to the program files in our application bundle
without affecting our plugin and other paths.
Change-Id: If77cbd7da56e01f2cd602334d361c8aa52afeae0
Reviewed-on: https://code.wireshark.org/review/33151
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: Ic5a3653cb8bcc33e0be108c8b201567e7090f9f5
Reviewed-on: https://code.wireshark.org/review/33043
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: I5326b87784817fb353329e2d686fe0515c32f6cb
Reviewed-on: https://code.wireshark.org/review/33038
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
Those routines exist on both Windows and UN*X, but they don't do
anything on UN*X (they could if it were ever necessary).
That eliminates some #ifdefs, and also means that the gory details of
initializing Winsock, including the Winsock version being requested,
are buried in one routine.
The initialization routine returns NULL on success and a pointer to a
g_malloc()ated error message on failure; report the error to the user,
along with a "report this to the Wireshark developers" suggestion.
That means including wsutil/socket.h, which obviates the need to include
some headers for socket APIs, as it includes them for you.
Change-Id: I9327bbf25effbb441e4217edc5354a4d5ab07186
Reviewed-on: https://code.wireshark.org/review/33045
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make sure we link each application that calls WSAStartup with ws2_32.lib.
Pass version 2.2 to WSAStartup. Wikipedia says it was introduced in 1996,
so we should be OK.
Ping-Bug: 15711
Change-Id: I431839e930e7c646669af7373789640b5180ec28
Reviewed-on: https://code.wireshark.org/review/33033
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
In ws_pipe_wait_for_pipe() on Windows, the WaitForMultipleObjects() waits
on the pending pipe connection events and process handle. If the process
handle is signalled, then it means that the process did exit without
connecting to the pipes.
The WaitForMultipleObjects() was not waiting on the process handle and thus
if the process did fail without connecting to pipes the Wireshark gui was
frozen for 30 seconds.
This change fixes the freeze by increasing the number of handles, so
WaitForMultipleObjects() is aware of the process handle.
Change-Id: Id13824a60baf4be7795cbe1d5ed1c7932edbff45
Reviewed-on: https://code.wireshark.org/review/33028
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I9b0c6b118b5f866abc969a437bbd9b9a28271bf0
Reviewed-on: https://code.wireshark.org/review/32841
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Creating Job Object named "Local\Wireshark child process cleanup"
results in the job being shared between all Wireshark instances run
within a single session.
When two or more Wireshark instances were running, debug message appeared:
"Could not assign child cleanup process: Access is denied. (5)"
As the child process was not assigned to a job, it was possible that the
child process was still active even after Wireshark did terminate.
This fixes the issue by creating unnamed job object which is not shared.
Change-Id: I59adc2aacff0151802163f155d68cbc8022c1479
Reviewed-on: https://code.wireshark.org/review/32985
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
On Windows, ws_pipe_spawn_sync always leaks 'winargs', and leaks 'argv'
on some error paths. Fix these and refactor the common argument parsing
functionality to reduce duplication of functionality.
Change-Id: I8fa5ca45aec20b53f6fa243b0dd07241a345f7ab
Reviewed-on: https://code.wireshark.org/review/32932
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The function returns a GPid, not a gboolean. Callers (mmdbresolv and
extcap) only assume WS_INVALID_PID to be invalid (as documented).
Change-Id: I40b491272a451f569864fa3259009d6d3fcce772
Fixes: v2.5.1rc0-413-g1a0987904f ("Generalize our process spawning code.")
Reviewed-on: https://code.wireshark.org/review/32933
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The ws_pipe_wait_for_pipe() implementation had multiple issues:
* Use auto-reset events with ConnectNamedPipe (should be manual-reset)
* Leaking event handles
* Not checking return value from CreateEvent()
* Waiting on closed handles
This change fixes all the above mentioned issues.
Bug: 15696
Change-Id: Ia0c389a902655f85eccb0c59288b4a7d49da48c9
Reviewed-on: https://code.wireshark.org/review/32896
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The WIRESHARK_EXTCAP_DIR environment variable is currently only used on
Windows, and on UN*X when not running from the build directory. In order
to avoid copying the sampleif.py test utility to the program directory,
let's prioritize the environment variable over the build directory.
Update the outdated comments while at it, the version directory has been
removed long time ago. (The comments are based on the one for plugins.)
This also fixes the test suite on macOS where the extcap subdirectory is
located in the appbundle directory and not the build directory.
Change-Id: I329bb233b1dd0b9c1422c2ebd60a6455347e1d62
Reviewed-on: https://code.wireshark.org/review/32890
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Callers should not include empty strings in arguments list. Log warning
message instead of silently dropping remaining arguments.
Change-Id: Ia68c7b90cec860e032f81a4008aa005b07ebcfd5
Ping-Bug: 15586
Reviewed-on: https://code.wireshark.org/review/32849
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This significantly reduces the initialization time when system is using
small pipe buffers. No time is lost on periodic process status checks as
WaitForMultipleObjects() returns when the stdout/stderr data was read
and/or when process finishes.
Bug: 14657
Change-Id: I61fabf986577db7102a3136df83d2d92c7156727
Reviewed-on: https://code.wireshark.org/review/32773
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If the PATHEXT environment variable contains .py and extcap is enabled,
then Wireshark did leak 2 pipes for every .py file present in the extcap
directory (regardless if there was .bat wrapper for it or not).
Bug: 15689
Change-Id: Iae402c0075ee8155a7205a59711bbae734da7e9e
Reviewed-on: https://code.wireshark.org/review/32812
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(Routines, so that if we internationalize strings not in the Qt code,
this can return the appropriately translated version.)
Change-Id: I1c169d79acde2f0545af7af2a737883d58f52509
Reviewed-on: https://code.wireshark.org/review/32549
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This helps the developer in the debug phases.
Change-Id: I85558334b5d618219a48a6c00129cd36a6ab0b10
Reviewed-on: https://code.wireshark.org/review/32531
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Add support for decrypting IEEE 802.11 WPA3-Personal / SAE traffic.
SAE uses AES encryption but a different key derivation function (KDF)
making Wireshark fail to decrypt such captures. Also both KDF and
decryption method is determined based only on EAPOL key description
version. This is not enough to figure out that SAE is being used.
Implement the alternative KDF needed to derive valid PTK. Also
implement a function to parse pairwise + group cipher suites and
auth key management type from RSNE tag. Using this new function
together with a number of new cipher and AKM lookup functions
correct KDF for SAE can be selected.
Bug: 15621
Change-Id: I8f6c917af1c9642c276a244943dd35f850ee3757
Reviewed-on: https://code.wireshark.org/review/32485
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Set a bigger IO buffer to avoid syscall overhead.
See https://github.com/the-tcpdump-group/libpcap/issues/792
Change-Id: If370da5ab2b70a9d0c925dd7c4c5c135c675c3f6
Reviewed-on: https://code.wireshark.org/review/31326
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In CMake we only used PROJECT_RELEASE_VERSION to construct our plugin
path, so rename it to PLUGIN_PATH_ID. Use a dash to separate version
numbers on macOS in order to allow code signing and a period elsewhere.
In the C code we only used VERSION_RELEASE to construct our plugin path,
so rename it to PLUGIN_PATH_ID.
Change-Id: I02abc591d7857269e8d47b414b61df4b28a25f2d
Reviewed-on: https://code.wireshark.org/review/32013
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
If the JSON output is written in a script tag for a HTML page, be sure
to not to break it.
Change-Id: I1b9ba6a39faf266e8a7bf9befa2899978beb130c
Reviewed-on: https://code.wireshark.org/review/31953
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add locale-independent version that replaces json_dumper_value_anyf for
floating-point numbers. NaN and -/+Infinity are mapped to null.
Change-Id: I8e7856de480b7bcafe77ddd015239e1257768ced
Reviewed-on: https://code.wireshark.org/review/31948
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <jbwzawadzki@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
User guides are installed to doc/Wireshark. Use doc/wireshark instead.
Remove leftover variable CPACK_PACKAGE_NAME.
Change-Id: I9a1d6bdc7d8f0b48c61e43679285d5ba83904a63
Reviewed-on: https://code.wireshark.org/review/31851
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
That's what g_strerror() does, and it means that the caller doesn't need
to free the string (it's kept around, and if another call to
win32strerror() generates the same string, the interned string is
returned).
Change-Id: I564bb700fabe2629131fb1c6468494dd5f5fc9e3
Reviewed-on: https://code.wireshark.org/review/31854
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use FormatMessageW() to get a UTF-16-encoded Unicode error string,
rather than an error string in the local code page, and then convert it
from UTF-16 to UTF-8.
Make it dynamically-allocated, so it's big enough and so that we are
thread-safe. Make the callers free the result.
Change-Id: I217aec5a644fa0176a829f181eb05561cb9d10f4
Reviewed-on: https://code.wireshark.org/review/31846
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Instead of using "$ORIGIN/../lib" just use "$ORIGIN".
Also be explicit in configuring the relative RPATH. We don't want
to assume a default relative path, in case more targets are addded,
out of caution.
Change-Id: I3b7f5e8de7be8bb30aca3b433212113d876c4163
Reviewed-on: https://code.wireshark.org/review/31647
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The new value has been chosen to make room for sharkd packet output
as: proto.c:MAX_TREE_LEVELS * 2 + 10% of additional sharkd overhead.
A new regression test for sharkd has been added that requires more
than 15 levels.
Change-Id: Ie54955c79c50c60b95c99b1a3c472888fc4842ac
Reviewed-on: https://code.wireshark.org/review/31624
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This is more explicit and easier to read with slightly better locality
while using less code.
Also less awkward when the package doesn't fit the narrow package list
expectations.
The ws_find_package() macro doesn't include all the status messages. The
choice was to rely on standard find_package() and feature_summary() output
and be less verbose.
Avoid polluting the CLI build interface. Per target include paths and
macro definitions are preferred.
Because this patch intentionally removes the global CMAKE_*_FLAGS
and include_directories() usage in favor of target properties, some
untested build configurations may inadvertently break because of
missing ${PACKAGE}_INCLUDE_DIRS or ${PACKAGE}_DEFINITIONS. This
required a manual review of dependencies that might have been
incomplete.
${PACKAGE_VAR}_LINK_FLAGS seems to be unused.
Changing the CMake Qt code to use more modern CMake component syntax
is left as future work.
Change-Id: I3ed75252189a6e05a23ed6e619088f519cd7ed78
Reviewed-on: https://code.wireshark.org/review/31496
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
parameter 'argv' not found in the function declaration [-Wdocumentation]
Change-Id: I68262a23e3a6f4b50d8b5e666b92f055feeaf74f
Reviewed-on: https://code.wireshark.org/review/31424
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
parameter 'string' not found in the function declaration [-Wdocumentation]
Change-Id: I8c6fe47e708411e329954a682ea4da10aad348f6
Reviewed-on: https://code.wireshark.org/review/31423
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Found by clang-tidy.
Change-Id: I2f89c6860d591c5c1563b9ca01306bb3d9e5e42c
Reviewed-on: https://code.wireshark.org/review/31359
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Found by clang-tidy.
Change-Id: I0d324faf494f6b68275d6ff600304f716529778b
Reviewed-on: https://code.wireshark.org/review/31358
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Found by clang-tidy.
Change-Id: I5afce9464536cbbaf8f7f84b165d2ef56e166c2e
Reviewed-on: https://code.wireshark.org/review/31357
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
* Generated code and 256-element lookup table with pycrc
* Combined 2 crc6 functions which both have same poly 0x6f and lookup table
* Using the example file from the bug report,
$ tshark -r ~/Downloads/M1_header_crc.pcapng -V | grep "Calculated CRC"
1101 00.. = Header CRC: 0x34 [Calculated CRC 0x34]
Header and Calculated CRC are now both 0x34 (correct value)
* pycrc settings for generation:
$ python pycrc.py --reflect-in False \
--reflect-out False \
--xor-in 0 \
--xor-out 0 \
--algorithm table-driven
--width 6 \
--poly 0x2f
* To manually check 3GPP protocol header CRCs, use above command with flag
--check-hexstring=<HEADER HEX>
Bug: 14875
Change-Id: I283f52fcae10b2f92f107df6988629d49d692428
Reviewed-on: https://code.wireshark.org/review/31356
Reviewed-by: Ross Jacobs <rossbjacobs@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Newer versions of libpcap define it (due to the somewhat infelicitous
API for "active mode" remote capture, which returns a socket); don't
define it ourselves if it's already defined.
Change-Id: I620576620fd2708ebd503da696e17b472bc20472
Reviewed-on: https://code.wireshark.org/review/31344
Reviewed-by: Guy Harris <guy@alum.mit.edu>
A call to this function means a programming error. g_error makes it
fatal and terminates the program, making the debug easier.
Change-Id: I5c9e82507482733b4d450ed6c3a9fc17fb0fcdca
Reviewed-on: https://code.wireshark.org/review/31310
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Gracefully handle repeated calls of ws_buffer_free on the same buffer to
avoid strange crashes in other new users that allocate a "small" buffer.
The first call to ws_buffer_free would store data pointer in the
'small_buffers' array for reuse and set the pointer to NULL. Result:
(gdb) p cfile.rec.options_buf
$2 = {
data = 0x0,
allocated = 2048, // Oops, not modified!
start = 0,
first_free = 0
}
All users of Buffer (including ws_buffer_free) however asssume that
'allocated' reflects the actual size of 'data'. If this is not the case
(if ws_buffer_free is called again), then a data pointer (NULL!) will be
stored and the next ws_buffer_init request for a "small buffer" will
result in unexpected behavior (including crashes).
Fix the issue by clearing the 'allocated' field as well. Add assertions
to catch such issues earlier rather than crashing at random users of
these buffers (such as frame_tvbuff).
Bug: 15263
Change-Id: I0b491c3fccac8c6fddd43779629343d721638ca9
Reviewed-on: https://code.wireshark.org/review/31278
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
cmdarg_err() is for reporting errors for command-line programs and
command-line errors in GUI programs; it's not something for any of the
Wireshark libraries to use.
The various routines for parsing numerical command-line arguments are
not for general use, they're just for use when parsing arguments.
Change-Id: I100bd4a55ab8ee4497f41d9651b0c5670e6c1e7f
Reviewed-on: https://code.wireshark.org/review/31281
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
NISO Z39.50 is a protocol used by libraries and library vendors for information retrieval and catalog manipulation. It is defined using ASN.1 using BER encoding. It has an assigned TCP port of 210. This is an initial implementation.
Features:
- The Z39.50 standard OIDs are defined.
- The bib-1 attribute set is decoded.
- The bib-1 diagnostics are decoded.
- Some OCTET STRINGs which are nearly always printable ASCII are special-cased.
- The MARC (MAchine Readable Cataloging) format is decoded. Only the MARC21 variant is
currently handled, but this is one of the most common variants. The most common tags
are decoded. The MARC dissector is included in the Z39.50 dissector, but the code is
structured in such away that it could be pulled out.
Todo:
- Add information to the Wiki about Z39.50.
As part of this work, the definition of isdigit_string() was fixed to avoid const complaints.
Change-Id: I29a7db53375ef8be83738a1ab98707761d878717
Reviewed-on: https://code.wireshark.org/review/31209
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Print warnings to help with debugging. Add Jakub (author of
json_puts_string).
Change-Id: I8bf039afc21357e97accb2a9abf9378735af12eb
Reviewed-on: https://code.wireshark.org/review/31041
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Setting LIBRARY_OUTPUT_DIRECTORY to Wireshark.app/Contents/Frameworks
for each of our libraries ends up installing a fully versioned .dylib
along with soversion and unversioned symlinks, which is more than we
want and which wastes disk space when osx-app.sh dsymifies our
libraries.
Leave LIBRARY_OUTPUT_DIRECTORY unset and depend on osx-app.sh to copy
our libraries into place.
Bug: 15361
Change-Id: If0fbaa796b4be806e2aa13887e511a330fe55df5
Reviewed-on: https://code.wireshark.org/review/31139
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This is needed for ek json compatibility.
Change-Id: I75c74a1dc7996f3f4c17071508655ae6e3c6b94c
Reviewed-on: https://code.wireshark.org/review/30993
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Allow the function json_puts_string() to be called with the NULL
argument that translates to 'null' json object.
Change-Id: I3d2aafad446962d3342ab30b9d509f054d393c64
Reviewed-on: https://code.wireshark.org/review/30978
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Rename DATAFILE_DIR to be closer to CMake and avoid mixing
with the staging dir path variable of the same name.
Change-Id: I7b1e02152d8bde14cca210fbfae4acbdba7d78d7
Reviewed-on: https://code.wireshark.org/review/30916
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Fixes an issue where sometimes datafile_dir is not freed
before exiting.
Change-Id: I2ff7d1b8ea4e20a1ce98e5e11965073eb479bb03
Reviewed-on: https://code.wireshark.org/review/30909
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Extcap executables require libwsutil.dll from the program directory.
These were loaded by setting the PATH environment variable, but this
is not thread-safe (and caused sporadic tests failures as a result).
Use SetDllDirectory instead, this also prevents loading DLL files
from arbitrary directories in PATH.
To make this work, the search logic for Npcap has to be modified to
avoid relying on SetDllDirectory. This implies that Npcap cannot be
used on Windows 7 anymore until KB2533623 (July 2011) is applied.
Change-Id: I3fc42ff76e75ae162b6dd31103451fb8f71c09e6
Reviewed-on: https://code.wireshark.org/review/30804
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
libwireshark and libwiretap have their INTERFACE link dependencies
changed to the required set.
libwsutil keeps a default public visibility. Further work may
show some unneeded link requirements.
The executable dependencies are adjusted accordingly.
Change-Id: I3a534f72403819cac136ae47a3d80acee76e0fb3
Reviewed-on: https://code.wireshark.org/review/30815
Reviewed-by: João Valverde <j@v6e.pt>
The deadlock can be observed with a slow malloc implementation, e.g.
ASAN_OPTIONS=fast_unwind_on_malloc=0 tshark --version
(This calls extcap_run_all which uses threads and ws_pipe_spawn_sync.)
Change-Id: Iff329c465c53ed177980368cd645f59222f88dd3
Reviewed-on: https://code.wireshark.org/review/30777
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
While at it prefer to use add_definitions() instead of config.h. This
puts all definitions in the same place and limits the scope to the
respective wsutil API.
Change-Id: Idc30914220b876865e0ae47709e6f17eb9b0fc2c
Reviewed-on: https://code.wireshark.org/review/30782
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Install headers to support plugins development on Windows.
Change-Id: I3161bd2f730edf62ab44fee6ce4fedbb9aee0d31
Reviewed-on: https://code.wireshark.org/review/30776
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
This avoids an unnecessary explicit cast. For clarity, rename the
working directory argument to match g_spawn_sync.
Change-Id: Idf7072cd590e686294d953f77da2a52c861a89c0
Reviewed-on: https://code.wireshark.org/review/30763
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When Wireshark uses a synchronous spawn (e.g., to launch an extcap)
it would be nice to be able to see what command line is constructed
to launch the process, and to see what comes back. The output will
go to the g_log.
Change-Id: Iec6baeebc026cd80398084c9644fc916ab068e2f
Reviewed-on: https://code.wireshark.org/review/30475
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
JSON-GLib was added in v2.9.0rc0-201-g511c2e166a, but is no longer
necessary since we have a home-grown JSON dumper (wsutil/json_dumper.h).
Remove the remaining traces and additionally remove GObject from
FindGLIB2.cmake since it was only added for JSON-GLib.
Change-Id: If9dfd2c60cec130f98109d100bdb6618bde06ba0
Reviewed-on: https://code.wireshark.org/review/30733
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The (optional) JSON-GLib library adds dependencies on GObject, GIO. For
statically linked oss-fuzz builds it also adds libffi and more. To avoid
these dependencies, replace JSON-GLib by some custom code. This allows
`tshark -G elastic-mapping` to be enabled by default without extra deps.
API design goals of the new JSON dumper library:
- Small interface without a lot of abstraction.
- Avoid memory allocations if possible (currently none, but maybe
json_puts_string will be replaced to improve UTF-8 support).
- Do not implement parsing, this is currently handled by jsmn.
Methods to open/close array/objects and to set members are inspired by
the JsonGlib interface. The interfaces to write values is inspired by
the sharkd code (json_puts_string is also borrowed from that).
The only observed differences in the tshark output:
- JSON-GLib ignores duplicates, json_dumper does not and may produce
duplicates and currently print two "ip.opt.sec_prot_auth_unassigned".
- JSON-GLib adds a space before a colon (unimportant formatting detail).
- (Not observed, but UTF-8 strings will be wrong like bug 14948.)
A test was added to catch changes in the tshark output. I also fuzzed
json_dumper with libFuzzer + UBSAN/ASAN and fixed an off-by-one error.
Change-Id: I0c85b18777b04d1e0f613a3d59935ec59be87ff4
Link: https://www.wireshark.org/lists/wireshark-dev/201811/msg00052.html
Reviewed-on: https://code.wireshark.org/review/30732
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rename wsjson_unescape_json_string to json_decode_string_inplace
(inspired by the g_base64_decode_inplace name). Rename
wsjson_is_valid_json to json_validate (inspired by g_unichar_validate).
Ideally json_parse is inlined with its user (sharkd_session.c), but that
requires exporting the jsmn_init and jsmn_parse functions... Hence the
dependency on jsmn.h remains in wsjson.h.
Change-Id: I7ecfe3565f15516e9115cbd7e025362df2da5416
Reviewed-on: https://code.wireshark.org/review/30731
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The modelines says tabs, but the actual indentation is 8 spaces. Let's
change it to match the standard 4 spaces in the top-level .editorconfig.
Change-Id: I2b26b095f5e4f6f8d5d083d41ceaae98f9284fba
Reviewed-on: https://code.wireshark.org/review/30730
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We were not calling TerminateProcess() to stop mmdbresolve.Exe process on
Windows.
Bug: 15248
Change-Id: Ic90cf438a8003a6fefb023b7056984681ce09b46
Reviewed-on: https://code.wireshark.org/review/30449
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make ws_basetostru32(), and the other ws_baseto... routines, public, and
use ws_basetostru32() when parsing ranges, to detect additional errors
such as negative values.
Addresses part of
https://ask.wireshark.org/question/5538/preference-range/.
Change-Id: I00fac97a198a237b01b5cd9406ea32c220f80972
Reviewed-on: https://code.wireshark.org/review/30266
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Check if data is available on stderr before doing a blocking read() to
avoid an infinite read loop when having less data than STDERR_BUFFER_SIZE.
Append data instead of overwrite when doing multiple read() to fetch
available data.
This is a regression from g6a949ed155.
Bug: 15205
Change-Id: I84b232aeafb6123f77f3f5d48bbe89326fe7eb0f
Reviewed-on: https://code.wireshark.org/review/30209
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The purpose of this function is to check if a configuration file exists
and has at least one entry which is not a comment.
Use this when building the list of profiles where the user can copy
configuration from, to avoid listing profiles with empty files or files
with only comments.
Change-Id: If45f52025959818fb1213ffac488cd59441e9fce
Reviewed-on: https://code.wireshark.org/review/30113
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Call it from wmain() in the command-line tools, passing it the input
argument count and vector, and call it from main() in Wireshark, after
getting a UTF-16 argument vector from passing the result of
GetCommandLineW() to CommandLineToArgvW().
Change-Id: I0e51703c0a6c92f7892d196e700ab437bd702514
Reviewed-on: https://code.wireshark.org/review/30063
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Doing so for command-line programs means that the argument list doesn't
ever get converted to the local code page; converting to the local code
page can mangle file names that *can't* be converted to the local code
page.
Furthermore, code that uses setargv.obj rather than wsetargv.obj has
issues in some versions of Windows 10; see bug 15151.
That means that converting the argument list to UTF-8 is a bit simpler -
we don't need to call GetCommandLineW() or CommandLineToArgvW(), we just
loop over the UTF-16LE argument strings in argv[].
While we're at it, note in Wireshark's main() why we discard argv on
Windows (Qt does the same "convert-to-the-local-code-page" stuff); that
means we *do* need to call GetCommandLineW() and CommandLineToArgvW() in
main() (i.e., we duplicate what Qt's WinMain() does, but converting to
UTF-8 rather than to the local code page).
Change-Id: I35b57c1b658fb3e9b0c685097afe324e9fe98649
Ping-Bug: 15151
Reviewed-on: https://code.wireshark.org/review/30051
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use this in profile_exists() and copy_persconffile_profile().
Change-Id: I48728038b086a38822ef71766b23db8050deb464
Reviewed-on: https://code.wireshark.org/review/30027
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
With autotools, it was possible that the binary was located in a .libs
directory, but with CMake the executables directory and data directory
are the same (except macOS with app bundles). Use this property to get
rid of the hard-coded build directory. Helps with reproducible builds.
Bug: 15163
Change-Id: I5b8807a03783a9919fba7b0cc83f5c162caa8052
Reviewed-on: https://code.wireshark.org/review/29984
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the ability to specify maximum function counts for each group to
checkAPIs. Add maximum counts for the "termoutput" and "abort" groups
where needed. Show summaries in various checkAPI targets.
Switch uses of ws_g_warning back to plain g_warning.
Change-Id: I5cbddc8c671729e424eed8551f69116d16491976
Reviewed-on: https://code.wireshark.org/review/29721
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Replace ws_base64_decode_inplace() with g_base64_decode_inplace()
or g_base64_decode(), which was introduced in glib 2.12.
The only observed difference is a need for zero-terminate the buffer
after decoding.
Change-Id: Ia102d0d8e9bec575ffeddf448191a3f6de9fb1ed
Reviewed-on: https://code.wireshark.org/review/29382
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A CMake config-file package provides support for downstreams using
CMake and Wireshark libraries to easily configure the libwireshark
dependency with:
find_package(Wireshark CONFIG [REQUIRED])
target_link_libraries(foo epan)
The FindWireshark.cmake file is no longer needed.
See cmake-package(7) for more details on CMake's package system.
Change-Id: Ie8af1d44417a99dd08d37959f7b2ffca88572ec2
Reviewed-on: https://code.wireshark.org/review/29208
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Change the plugin compatibility check to make it more convenient to
define and check the major.minor Wireshark version.
Change-Id: I2a6d2a746682c29504311cce5c457e0a852c3daf
Reviewed-on: https://code.wireshark.org/review/29224
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
The Remarks section in WaitForMultipleObjects describes what kind of
handles the function can wait for. Pipe handles are not listed there.
The problem was introduced in c18459e66e
While it might be possible to setup overlapped reads on the pipe handles
and then wait on overlapped events, it would result in quite complex
code. As a tradeoff, simply keep peeking at the pipes every 100 ms.
Change-Id: I6ba4f4bf4c1d2af856027cca36ffd6d4f7f49f36
Bug: 14657
Reviewed-on: https://code.wireshark.org/review/29163
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
On Windows the code calling extcap worked as follows:
1. Create stdout and stderr pipes with default buffer size
2. Execute extcap redirecting output to the pipes
3. Wait for extcap process to exit
4. Read the data from stdout pipe
This resulted in deadlock when the extcap wrote more data than the pipe
could buffer. This was especially seen with USBPcap as it is quite
normal to have plenty of USB devices connected.
Fix the issue by contantly reading the stdout data and storing it in
GString. To prevent similar deadlock on the stderr, the stderr data is
being constantly monitored as well (and discarded).
Change-Id: I0f93e6d79617cef0e828aef2b96fad2757227923
Bug: 14657
Reviewed-on: https://code.wireshark.org/review/29159
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The WireGuard dissector will need X25519 to enable decryption, add a
Gcrypt implementation that implements the NaCl/Sodium interface.
While inspired by the MPI example in t-cv25519.c, note subtle but
important correctness/interoperability fixes: add a check for infinity
(gcry_mpi_ec_get_affine) and handle short values from gcry_mpi_print.
The last issue is ugly, perhaps the high level API (gcry_pk_decrypt)
should be used instead (which < 2% slower than this MPI implementation).
(Both issues were found through fuzzing.)
As for alternative options, Sodium is superior but would be a new
dependency. For some older performance and usability notes (comparing
crypto_scalarmult_curve25519_base (note "_base") against others), see
https://lists.gnupg.org/pipermail/gcrypt-devel/2018-July/004532.html
Performance comparison on Ubuntu 18.04 (i7-3770) between Sodium 1.0.16
against Gcrypt 1.8.3 and Gcrypt 86e5e06a (git master, future 1.9.x) by
computing 65536 times X25519(1, 8) via crypto_scalarmult_curve25519:
Sodium (sandy2x): 1.4x faster than ref10
Sodium (ref10): 1 (baseline)
Gcrypt (git): 5x slower than ref10, 7x slower than sandy2x
Gcrypt (1.8.3): 17x ref10, 24x sandy2x (took 65 seconds)
Change-Id: Ia54e73cc3cc469a6697554729aff4edd19f55630
Ping-Bug: 15011
Reviewed-on: https://code.wireshark.org/review/28987
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Or, at least, use them in the libwiretap file-writing code; we can
change other places to use them as appropriate.
Change-Id: I63af2267a22a158ee23f3359b043913dac0e285b
Reviewed-on: https://code.wireshark.org/review/28783
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For better type safety
Change-Id: Ida7b98af8c44a52ddac2c4ab0702db2519a0c4af
Reviewed-on: https://code.wireshark.org/review/28570
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This allows code to initialize them without having to know the details
of the structure; the initializes should, and will, be changed if the
members of the structure are changed.
Change-Id: I93e6ebfcde9ceca17df696fcba4e8410c5afb175
Reviewed-on: https://code.wireshark.org/review/28501
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Adds the Windows 10 (and Server 2016) Release ID to the info in the
About Wireshark blurb.
The ID displayed in parentheses, e.g.
Running on 64-bit Windows 10 (1803), build 17134
Change-Id: I1bbce27e149dbf6da6da7847ad1f7dd861176ece
Reviewed-on: https://code.wireshark.org/review/28475
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove -DBUILD_WINDOWS and sections of code that we no longer use.
Bug: 14715
Change-Id: Iae1a950e2f52f4ce45fcf0ae5dea06c1172c3a28
Reviewed-on: https://code.wireshark.org/review/28466
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Multi-configuration generators (such as Xcode or VS) append the current build configuration to most paths (eg. Debug/Release). Currently this results in inconsistent paths for the application bundle and the included command line tools. This commit sets the correct path information for multi-configuration generators for macOS application bundles. The standard Makefile behaviour is untouched.
One Windows specific configuration was changed, as it was conflicting with these changes. This needs to be checked before merging.
Additionally the wrapper scripts are omitted for Xcode, as the path to the binaries depends on the configuration chosen in Xcode. Therefore it is not viable to create these scripts in the cmake run.
Bug: 11816
Change-Id: Ib43d82eb04600a0e2f2b020afb44b579ffc7a7c9
Reviewed-on: https://code.wireshark.org/review/28291
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
gd2e0724afc moved our library versions into their own variables named
FULL_SO_VERSION. They're no longer used and interfere with
tools/release-update-debian-soversions.sh so remove them.
Fix some shellcheck warnings in release-update-debian-soversions.sh
while we're here.
Bug: 14778
Change-Id: I0eb0bb4ab4c482bdb8a94f8c18aa04c6c83c781b
Reviewed-on: https://code.wireshark.org/review/28068
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Using an environment variable the user can override the config
directory. Keep the previous Windows-specific variable ("WIRESHARK_APPDATA")
alive for backward compatibility.
Change-Id: I2350b815e60e7dbb19f9c193d7aaaa68f94576b2
Reviewed-on: https://code.wireshark.org/review/27946
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
DWORD on windows is unsigned, then there is no point in checking
for negative values.
Change-Id: I0b03fb19ebdff86e610cd4571fc30c49b7bd1284
Reviewed-on: https://code.wireshark.org/review/27766
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
caputils/ws80211_utils.c contains a re-definition of the linux kernel's
nla_for_each_nested() macro that applies the correct casts to allow
compilation with a C++ compiler.
Make this definition public by moving it into a new wsutil/netlink.h
file. Include the kernel's original definition before we overwrite it. This
way, it's not necessary for a .c file to include wsutil/netlink.h after
the system includes.
Use our nla_for_each_nested() version in extcap/dpauxmon.c to squelch the
following compiler warning:
[1664/2251] Building C object
extcap/CMakeFiles/dpauxmon.dir/dpauxmon.c.o
../extcap/dpauxmon.c: In function ‘family_handler’:
../extcap/dpauxmon.c:168:13: warning: request for implicit conversion
from ‘void *’ to ‘struct nlattr *’ not permitted in C++ [-Wc++-compat]
nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], rem_mcgrp) {
Change-Id: I6ba40ef6343c5d168c1b0c4554f13202911ded76
Reviewed-on: https://code.wireshark.org/review/27688
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Define DIAG_OFF_PEDANTIC and DIAG_ON_PEDANTIC, and have it do nothing on
Clang prior to 4.0.
Change-Id: Ic6b2e607659db66f3210401024bf3f2239665506
Reviewed-on: https://code.wireshark.org/review/27649
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
sys/stat.h and sys/types.h date back to V7 UNIX, so they should be
present on all UN*Xes, and we're assuming they're available on Windows,
so, unless and until we ever support platforms that are neither UN*Xes
nor Windows, we don't need to check for them.
Remove the CMake checks for them, remove the HAVE_ values from
cmakeconfig.h.in, and remove all tests for the HAVE_ values.
Change-Id: I90bb2aab37958553673b03b52f4931d3b304b9d0
Reviewed-on: https://code.wireshark.org/review/27603
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
g_ptr_array_free(a, FALSE) returns "a->pdata". Callers that do not
handle this will leak memory (e.g. "tshark -G plugins"). Convert other
users to use the return value instead of direct access to "a->pdata".
Change-Id: I29835477d587f5f54bf0d94cdae9f375e3da3ce3
Reviewed-on: https://code.wireshark.org/review/27437
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Fix memleaks and complaint when trying to load non-JSON file as JSON:
"GError set over the top of a previous GError or uninitialized memory."
Change-Id: If5ab04dbb757636f66130bf1f8de1a45748bf541
Fixes: v2.9.0rc0-276-g73a1e98f4e ("wsutil: use json-glib instead of jsmn if present.")
Reviewed-on: https://code.wireshark.org/review/27469
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
On Windows, epan/addr_resolv.c has a different definition of structures
"hashipv4_t" (and "hashipv6_t") because the size of the "ip" member is
dependent on "WS_INET_ADDRSTRLEN". A mismatch resulted in two different
structures where the "name" field got shifted (resulting in empty names
in the resolved addresses table due to leading nul bytes).
Since including ws2tcpip.h for the appropriate definition results in
various compile errors (config.h, packet-dcerpc-misc.h, ...) and the
larger definition is actually not needed, just use constants again.
Bug: 14667
Change-Id: I4f8b300eb977be55f16ac40cacc78a5549e2732f
Fixes: v2.5.0rc0-1503-gde1b26a3c6 ("More ws_inet_ntop() tweaks.")
Reviewed-on: https://code.wireshark.org/review/27453
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It is now considered stable enough to be our default capture driver if present
Change-Id: I7f3cdabcbaea526949afa47164e520202e6b93f2
Reviewed-on: https://code.wireshark.org/review/27393
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
That leaves only AIX (and, if we're looking at dead UN*Xes, IRIX and
Tru64 UNIX) as platforms on which we can't fetch that.
Change-Id: If7a6a425aba30e1abf82ecc66f6c28dc532a227c
Reviewed-on: https://code.wireshark.org/review/27358
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This makes it match 1) the way the function is defined, if it is defined
and 2) the type returned if it's a macro, not a function.
Change-Id: I708a44d2d20f44e58d6ae0228a11e622e7648022
Reviewed-on: https://code.wireshark.org/review/27320
Reviewed-by: Guy Harris <guy@alum.mit.edu>
These directories have had trailing slashes for years and users seem to
rely on it, so restore this assumption for backwards compatibility. The
underlying API function (Dir.persconffile_path()) is not changed because
trailing slashes were not documented for that function.
For consistency, ensure that all Lua Dir functions return paths without
trailing slashes.
Bug: 14619
Change-Id: Ia299864999578884b1ad1cd48f1bd883bce6879d
Fixes: v2.5.0rc0-579-gfb052a637f ("Use g_build_filename() instead, fix indentation")
Reviewed-on: https://code.wireshark.org/review/27166
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Display element value as bytes if value is not a valid UTF-8 string.
Add a new utility function isprint_utf8_string().
Change-Id: I211d5ed423b53a9fd15eb260bbc6298b0b8f46a0
Reviewed-on: https://code.wireshark.org/review/27178
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
.libs is a libtoolism, and we're not using autotools or libtool any
more, so there aren't any more libtoolisms.
Change-Id: Idc9ef37f9650197da096cc8e3cb3ed459b71dea0
Reviewed-on: https://code.wireshark.org/review/27137
Reviewed-by: Guy Harris <guy@alum.mit.edu>
From compilation log:
epan/ipv4.h:19:10: fatal error: 'wsutil/inet_ipv4.h' file not found
tools/oss-fuzzshark/fuzzshark.c:27:10: fatal error: 'version_info.h' file not found
Change-Id: I3e147e014ae398ae07e64aec5a6535a8f9e357a3
Reviewed-on: https://code.wireshark.org/review/27076
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This puts more distance between the caller and the underlying
library. At the moment we're using libjsmn, but other libraries
(like json-glib) could be used.
Change-Id: I1431424a998fc8188ad47b71d6d95afdc92a3f9e
Reviewed-on: https://code.wireshark.org/review/27055
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It has been replaced by cmake.
Change-Id: I83a5eddb8645dbbf6bca9f026066d2e995d8e87a
Reviewed-on: https://code.wireshark.org/review/26969
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make sure we zero-initialize pipeinsts, otherwise ConnectNamedPipe will
have indeterminate behavior according to the MSDN documentation for the
OVERLAPPED structure.
Change-Id: I38d9680cf01b0a8f9e566a85a7a330f6c0aa9a48
Ping-Bug: 14532
Reviewed-on: https://code.wireshark.org/review/26784
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Valgrind considers the "cpuid" instruction to always depend on inputs from eax
and ecx, even though it's only a subset of values of eax for which ecx is
relevant. If ecx is undefined when cpuid is executed, the outputs of cpuid
will be considered undefined.
Instead of suppressing the resulting uninitialised-value warning (the
suppression for which is now out-of-date anyway, now that
register_all_protocols is moved to a worker thread), let's simply set ecx to
zero in ws_cpuid.
Testing done: Built Wireshark on Linux amd64. Before this change, running
"tools/valgrind-wireshark.sh ./test/captures/dhcp.pcap" with
valgrind-3.12.0.SVN on Debian 9.4 amd64 would yield the following Valgrind
error:
==2416== Thread 2:
==2416== Conditional jump or move depends on uninitialised value(s)
==2416== at 0xACB8B22: ws_mempbrk_sse42_compile (ws_mempbrk_sse42.c:58)
==2416== by 0x74F4960: register_all_protocols_worker (register.c:37)
==2416== by 0xB1403D4: g_thread_proxy (gthread.c:784)
==2416== by 0xD438493: start_thread (pthread_create.c:333)
==2416== by 0xB4CAACE: clone (clone.S:97)
With the change, the above message is gone. Inspected the disassembly of
function ws_cpuid, and it looks sane -- just an added "xor ecx, ecx" at the
top.
Change-Id: I2fb382309cac234c400286a6e9fac7d922912c63
Reviewed-on: https://code.wireshark.org/review/26733
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Have it take a format and argument list as arguments, and have the
formatting done inside the reporting code. That way, we're not relying
on any particular wmem scope working.
If WIRESHARK_ABORT_ON_DISSECTOR_BUG is set, try to add the message to
the crash information (currently only supported in macOS), and print it
to the standard error, before crashing. We won't necessarily have a
usable crash dump to analyze, so we can't rely on that to find the cause
of the crash.
Ping-Bug: 14490
Change-Id: I2b39169c45c84f2ada31efa1d413bd28c140f8f4
Reviewed-on: https://code.wireshark.org/review/26643
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The "bag" was not deallocated when the key is successfully loaded.
Parse all bag elements rather than clearing the bag after the first
iteration (this restores previous behavior).
Change-Id: Ib52da6586f7435d18fa5b0660e7771436544b634
Fixes: v2.5.0rc0-613-gf63b68f707 ("Further cleanups.")
Reviewed-on: https://code.wireshark.org/review/26481
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Set CREATE_BREAKAWAY_FROM_JOB only on Windows 7 and earlier. It's not
needed otherwise and might fail in some cases.
Change-Id: I15843b5c1ae3c352fa267228b94b6933074a07f3
Reviewed-on: https://code.wireshark.org/review/26465
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Remove our popcount implementation in favor of ws_count_ones, which
is our other popcount implementation. This required updating and
running process-x11-xcb.pl.
Change-Id: I8634c55242113b338c5b0173837c35f98b148b4f
Reviewed-on: https://code.wireshark.org/review/26454
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add ws_pipe_kill_child_on_exit, which associates a child process handle
with a job object that has the JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE
flag set.
Call it when we create a process in ws_pipe_spawn_sync and
ws_pipe_spawn_async. Note that we might want to use it elsewhere.
Change-Id: Ia0f6863ea4df0ab8623bb923a49da7776d83bd33
Reviewed-on: https://code.wireshark.org/review/26398
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Previously there were three different pipe validity checks:
PID != WS_INVALID_PID, PID != 0 and stdin != 0. This resulted in
using/closing file descriptors which might be owned by something else.
When no GeoIP databases are defined, mmdb_resolve_stop would be called
to close the pipe and set PID to WS_INVALID_PID. stdin is however not
cleared and future invocations would try to close the previous fd.
Change-Id: I1d15da29208efb41098ee6a4edeeabf61f84c2b3
Fixes: v2.5.1rc0-466-ga1da75c554 ("Transition from GeoIP Legacy to MaxMindDB.")
Reviewed-on: https://code.wireshark.org/review/26391
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
João Valverde