proto_strlcpy in normal situations returns the number of bytes
copied (because the return value of g_strlcpy is strlen of the
source buffer). It can copy no more than dest_size - 1, because
dest_size is the size of the buffer, including the null terminator.
(https://docs.gtk.org/glib/func.strlcpy.html)
Returning dest_size can cause offsets to get off by one and reach
the end of the buffer, and can cause subsequent calls to have
buffer overflows. (See #16905 for an example in the comments.)
Several of the constant length string built in address types don't
check to see if the buf_len passed in is long enough to write
the string.
This can cause buffer overflows, e.g. with a custom column with
many FT_ETHER fields.
Allow checking if a slice exists. The result is true if the
slice has length greater than zero.
The len() function is implemented as a DFVM instruction instead.
The semantics are the same.
Remove the "ugly internal SVN file hack" block from make-version.pl. It
only worked for Subversion versions prior to 1.4, which was released in
2006.
Remove the Bazaar (bzr) block. James Brown may not have sang about it,
but even so it's a Git's world.
Remove the Tortoise block. As noted in a comment, it appears to be dead
code.
Port 45564 is not IANA registered for Apache. The heartbeat
messages all start with the same 8 character ASCII delimiter
string, so use that for heuristics.
There is no need for nesting event loops when showing menus. Show menus
asynchronously to limit possibilities of hard to debug problems related
to re-entering event loop.
This removes unparsed name resolution during the semantic
check because it feels like a hack to work around limitations
in the language syntax, that should be solved at the lexical
level instead.
We were interpreting unparsed differently on the LHS and RHS.
Now an unparsed value is always a field if it matches a
registered field name (this matches the implementation in 3.6
and before).
This requires tightening a bit the allowed filter names for
protocols to avoid some common and potentially weird conflicting
cases.
Incidentally this extends set grammar to accept all entities.
That is experimental and may be reverted in the future.
Make it so that "Edit->Preferences->Columns" can also set the
resolved/unresolved status of custom columns. Hide the checkbox
when the fields don't support it (including any non custom
columns.) Also make the checkbox entries in the column list model
not editable.
Fix#15394
Add a textbox to allow for filtering the traffic types
in the conversation and endpoint dialog. The current implementation
allows for an easier growth of the list entries. To ensure that
the user can find the entry he/she/they is looking for fast, add
a textbox for filtering
Treat all 4 octets of the control field as a single little-endian value
divided into bitfields. We already showed *some* subfields as
bitfields; this means we show *all* of them that way.
That makes the display more clearly show which bits in those octets
correspond to which fields.
It also fixes the dissection of the type field; we have separate
bitfields for I frames (1-bit bitfield) and S and U frames (2-bit
bitfield).
Use proto_tree_add_item_ret_uint() to fetch the values other than the
frame type value.
Fixes#18167.
Not all display filters are valid for custom columns (see #15990).
Use the validation function for custom columns instead of the
display filter validation when adding or editing a custom column
through Edit->Preferences, as the Edit Column in the packet list
header already does.
Revisit this if we ever do expand the list of possible custom
columns.
Strengthen the DCP-ETSI (TS 102 821) heuristic from matching
two bytes to matching four bytes. Split the heuristic and
non-heuristic dissector pieces, and add the non-heuristic
dissector for Decode As.
KNX/IP has an IANA registered port, 3671, and some other ports commonly
used but unregistered (or registered to other services). It also has
no heuristics. Add a port range preference defaulting to the registered
port.
tplink-smarthome uses a port registered by IANA to another application.
At least add a heuristic; since the message is always JSON, we
can decode and test the first two characters.
David Perry