Remove our popcount implementation in favor of ws_count_ones, which
is our other popcount implementation. This required updating and
running process-x11-xcb.pl.
Change-Id: I8634c55242113b338c5b0173837c35f98b148b4f
Reviewed-on: https://code.wireshark.org/review/26454
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The on-air time for a packet was calculated wrong because it was
using the wrong number of on-air bytes. This has been corrected.
Calculating delta time start-to-start for BLE 4.2 requires support
for on-air packet size up to 255 bytes (LE Data Length Extensions).
For this the payload length size in the header has changed to two
bytes.
Calculating delta time start-to-start for BLE 5.0 needs physical
layer data rate (LE 1M PHY or LE 2M PHY). For this the flags was
extended with PHY values.
Removed superfluous min and max length checks.
Change-Id: I40bef14f0c19ee77a402efc76e5d01826e63e603
Reviewed-on: https://code.wireshark.org/review/26457
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix two compile time warnings while at it.
Change-Id: I4e1539bec9a5b5092acde221e1d434dbd325ab42
Reviewed-on: https://code.wireshark.org/review/26453
Petri-Dish: Jörg Mayer <jmayer@loplof.de>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Add dissection of more tokens in the TDS5 tokenized request packet. These include RPC calls and parameterized language calls. The majority of the remaining tokens are associated with cursors. Cursors are a large enough problem to merit a separate patch.
Change-Id: I5bdf33cd167178c2bc6027a5434740d70ef50744
Reviewed-on: https://code.wireshark.org/review/26455
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Skip some header checks on Windows when we're sure they will always
be true.
Change-Id: I4ff7c867b9268a53692085553055dcbc0f90ae1d
Reviewed-on: https://code.wireshark.org/review/26452
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Exclude wmem_test from the default Wireshark.sln build similar to our
other test programs.
Change-Id: If9a16944823bb3a928260c5e1307870253f1da8f
Reviewed-on: https://code.wireshark.org/review/26456
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Extract code for reuse with early data decryption. No functional change.
Change-Id: I0df1a12a9780a8cfba951e9944ce9665a4b70f7a
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/26444
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I34f610a19a972db1c08d7896453e5ed671ec4dc6
Reviewed-on: https://code.wireshark.org/review/26394
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
At the moment, Lua dissectors always pass a NULL data parameter, so
dissectors like eth should gracefully handle that.
Bug: 14293
Change-Id: Ida4d0530a9c417db5960475274315d4acc3704a8
Fixes: v2.1.0rc0-1575-g8ec153f938 ("Have the "maybe an FCS" version of the Ethernet dissector take a data argument.")
Reviewed-on: https://code.wireshark.org/review/26431
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The dissector had been a plugin since at least 1.3 (based on comments in the
dissector). Not all of the most current APIs were used for functionality
and there was some cruft left over.
Also disable F5ETHTRAILER by default since it doesn't have a discriminating
heuristic.
Change-Id: I8c977167a906eafd6fbb663d2fe6c44f080f2209
Reviewed-on: https://code.wireshark.org/review/26428
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
All current uses of ws_find_media_type_parameter need wmem_packet_scope(), but there
is no sense in limiting what other dissectors may want to do.
Change-Id: I35b0dd2a024a0ae0a8345577dd92a1a21ddd2cc4
Reviewed-on: https://code.wireshark.org/review/26427
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
- show the MIC of the received packet
- show only payload (without) MIC as data when decryption failed
- show key number (UAT row index) used for decryption
- small cleanups
Change-Id: I7815349e99b178c219a0e649d3d65f0b6eaa7201
Reviewed-on: https://code.wireshark.org/review/26362
Reviewed-by: Ed Beroset <beroset@ieee.org>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ie56e3546fc1bc5da61f95456e15544a2880c819d
Reviewed-on: https://code.wireshark.org/review/26418
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The length check in dissect_enip_tcp() was previously removed but
it's necessary to filter out one byte messages that are mostly likely
TCP keep alives.
Bug: 14434
Change-Id: I44c10aaf0a2e06870ad82f87aab9d72548b77f9f
Reviewed-on: https://code.wireshark.org/review/25807
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add and dissect country ISO codes. Prefer them when printing summary
information.
Change-Id: I3ce2bde88fa5ca2604c8bb745c42f239660252ff
Reviewed-on: https://code.wireshark.org/review/26415
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
C prior to C99 and C++ prior to C++11 don't allow a comma there; we
require C99, at least on UN*X, but don't require C++11.
Change-Id: Ia652de44315d4d87e75f583317b7b1069c8804e7
Reviewed-on: https://code.wireshark.org/review/26411
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's not just worrying about the lack of a check for a null return, it's
worried about the leak. Assign the result to a different variable and,
if the result is null, free the old data before exiting, and if it's not
null, assign the new variable to the one we're using as a pointer to the
array.
Change-Id: Ia1d5d271293e13708c35a7562a1f40671304c417
Reviewed-on: https://code.wireshark.org/review/26410
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add ws_pipe_kill_child_on_exit, which associates a child process handle
with a job object that has the JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE
flag set.
Call it when we create a process in ws_pipe_spawn_sync and
ws_pipe_spawn_async. Note that we might want to use it elsewhere.
Change-Id: Ia0f6863ea4df0ab8623bb923a49da7776d83bd33
Reviewed-on: https://code.wireshark.org/review/26398
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This should squelch a warning from VS Code Analyzer.
Change-Id: I69e528c3dfd851d287b1faebc1469cd700fa9ef5
Reviewed-on: https://code.wireshark.org/review/26402
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Unlikely, but not impossible, and should squelch a VS Code Analyzer
warning.
Change-Id: I399c08896a3f08962ca46483d47ba5f6cbe4f28e
Reviewed-on: https://code.wireshark.org/review/26400
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Previously there were three different pipe validity checks:
PID != WS_INVALID_PID, PID != 0 and stdin != 0. This resulted in
using/closing file descriptors which might be owned by something else.
When no GeoIP databases are defined, mmdb_resolve_stop would be called
to close the pipe and set PID to WS_INVALID_PID. stdin is however not
cleared and future invocations would try to close the previous fd.
Change-Id: I1d15da29208efb41098ee6a4edeeabf61f84c2b3
Fixes: v2.5.1rc0-466-ga1da75c554 ("Transition from GeoIP Legacy to MaxMindDB.")
Reviewed-on: https://code.wireshark.org/review/26391
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: Idfb2b5a9d6fd1c571a5a9edeb91e7f9281a06df0
Reviewed-on: https://code.wireshark.org/review/26363
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
from draft-08 (07 ?) it is now handshake secret (and no cleartext secret)
Bug: 13881
Change-Id: I03983c13f0c37839e1a41b6beb20f6e133adc8f8
Reviewed-on: https://code.wireshark.org/review/26390
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
4630b4fcf8 sets octetCount to 0 in case of error. Let's check this
return value to avoid an infinite loop
Bug: 14519
Change-Id: Ie3519067d609afb1bbf9e67f7f15f95911d2b173
Reviewed-on: https://code.wireshark.org/review/26388
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The cluster registration and initialisation is done in the functions 'proto_reg_handoff_zbee_zcl_XXX'.
In these functions the 1st step was to register the dissector.
Then the cluster was initialised via the function 'zbee_zcl_init_cluster'.
In this patch the registration and initialisation is now done by the function 'zbee_zcl_init_cluster'.
In this way we have a more uniform way of registration.
Change-Id: If865d904ea51c299a48e5c0004f3f280b7479d49
Reviewed-on: https://code.wireshark.org/review/26325
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Gerald Combs