Change-Id: Ic8878f818a89ebc1056777a5b0838e8a5b1215d5
Reviewed-on: https://code.wireshark.org/review/4834
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The condition triggering an expert info if the reliability
parameter is non-zero, but a reliable data channel is
negotiated was wrong. Now the type field is considered
correctly.
While there, update the reference.
Change-Id: I1f2f78861d6a44c5334fd44e2038bbfdc52fa919
Reviewed-on: https://code.wireshark.org/review/4900
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
reported by Jean-Marc Lamond
Bug: 10597
Change-Id: I481fad9cd0b8d55e3dd3af00cde2897105547f13
Reviewed-on: https://code.wireshark.org/review/4898
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
exit the loop if dissect_unknown_data() returns 0
Change-Id: I681d170d4daf8efb06231790652ff7c941b46d89
Reviewed-on: https://code.wireshark.org/review/4882
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I529a601ce83c446247cee1e87386622462f24f56
Reviewed-on: https://code.wireshark.org/review/4896
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I96ff9ee0967fcdb2c8122649a2363a36ea2a2882
Reviewed-on: https://code.wireshark.org/review/4884
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
for the private OID.
Change-Id: Ibb86d8523f1aee14ba1a843ec3ad4becc7729013
Reviewed-on: https://code.wireshark.org/review/4893
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Code generated by the current version of Pidl dissects bitset fields
twice - once with proto_tree_add_item(), which puts the actual item into
the tree, so that we can create a subtree under it, and once with a
dissect_dcerpc_{type}() routine, to fetch the value and step past the
field. The second call passes an hf_ index value of -1; interpret that
as meaning "don't put this into the protocol tree", rather than just
blindly calling proto_tree_add_XXX with -1 and getting a dissector
assertion.
Change-Id: I42fc023e77514a8a8a25d5c9db11fa3ef053babf
Reviewed-on: https://code.wireshark.org/review/4892
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove some trailing white space while we're at it.
Change-Id: If399077a799e24302640776760b4388687ecad4f
Reviewed-on: https://code.wireshark.org/review/4889
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add checks for too-short length fields.
Increment the offset after some proto_tree_add_item() calls to skip past
the item.
Make some other length calculations use the start of the item to which
the length applies, not the start of the *list* of items.
Fix a double-digit field to be 2 bytes long (as the documentation says
it is).
Add a comment about a field that isn't always present but that's
specified in a tn5250_add_hf_items() list.
Fix DEFINE PITCH TABLE to match what the documentation appears to say it
is.
Change-Id: Ibcdc580045c68e8d0d8f35011dfe72b9c245e157
Reviewed-on: https://code.wireshark.org/review/4888
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This function did not work after svn revision 51396.
This fix affects http, imf and ldap preferences.
Change-Id: I6fcb24c968d03c7d1fdc018cfa907f9cfd8809bb
Reviewed-on: https://code.wireshark.org/review/4881
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Bug: 10596
Change-Id: I64509aa49fce4893dee4e7a74a560e09a98830f6
Reviewed-on: https://code.wireshark.org/review/4878
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
We're not including ctype.h in the test program, so don't use toupper().
The test program might not be built with GLib, so don't use
g_ascii_toupper(), either. Just compare against both 'Y' and 'y'.
Change-Id: Iabc04a5fecb04110c0d16b24a047de72eabbb2bc
Reviewed-on: https://code.wireshark.org/review/4870
Reviewed-by: Guy Harris <guy@alum.mit.edu>
They don't handle values outside the range -1 to 127, and their behavior
is locale-dependent. Use g_ascii_isXXX() and g_ascii_toXXX() instead of
isXXX() and toXXX().
If you're checking for printable ASCII, don't use isascii() and don't
use iscntrl(), use g_ascii_isprint(). If you're checking for graphical
ASCII, i.e. printable ASCII except for a space, use g_ascii_isgraph().
Use ws_xton() to convert a hex digit character to the corresponding
numeric value.
Change-Id: Id3039bc586fbf66d8736c2df248c790c0d7a2330
Reviewed-on: https://code.wireshark.org/review/4851
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The result of the '>>' expression is undefined if mask_greatest_bit_offset = 0.
Change-Id: I15b094a5220a5075878bad65ab0b8c5279e80e8a
Reviewed-on: https://code.wireshark.org/review/4723
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I77e1f5788e0567dcaef9f75e1f45e61c63d54b4e
Reviewed-on: https://code.wireshark.org/review/4849
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
That way, we don't do locale-sensitive case-insensitivity (yes, the
locale can affect case-mapping - in a Turkish locale, "I" isn't the
upper-case version of "i", for example).
Change-Id: I5f7663e85160558ff3769617f924e45049c9c384
Reviewed-on: https://code.wireshark.org/review/4843
Reviewed-by: Guy Harris <guy@alum.mit.edu>
All of the calls removed are followed by proto_tree_add_xxx calls of the same offset/length of the tvb_ensure_bytes_exist call. The proto_tree_add_xxx calls should throw the exception, so we don't need the "double check".
There are probably more calls that can be removed, these were just obvious as first glance, spurred mostly by noticing the (ab)use in packet-wsp.c
Change-Id: I37cee347c8cf8ab0559e21562c802d3b37f4871e
Reviewed-on: https://code.wireshark.org/review/4833
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Fix Field 'Server Version' (tds.server_version) is an integral value (FT_UINT32) but is being displayed as BASE_NONE
Change-Id: I601e71ac8e7928ef90fdd16956af3a34bca269a9
Reviewed-on: https://code.wireshark.org/review/4836
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This is a temporary/preliminary fix to prevent the buildbot fuzz-test
failures seen when testing the capture file attached to Bug #10582.
As noted in the bug, a complete fix will require some reworking of
the amqp dissector.
Change-Id: I2571f1eeb46a7eede04b8d809e87b95f1ff529df
Reviewed-on: https://code.wireshark.org/review/4835
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Change-Id: Ib3dc7f8a87e55ef34d4847f4837d645e418607a3
Reviewed-on: https://code.wireshark.org/review/4826
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I6e1e62ff7910be535229d7e1a15557879a5cee1f
Reviewed-on: https://code.wireshark.org/review/4832
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I51702e9372551a28ea604d21d4bbf0eb4d9588ae
Reviewed-on: https://code.wireshark.org/review/4831
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ie2a395b808a8879625185a6de458f61d386cff55
Reviewed-on: https://code.wireshark.org/review/4830
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ie9596df97a135b411693eefc39fdbd03316166a0
Reviewed-on: https://code.wireshark.org/review/4828
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ie084a33be94d91eec7f5f70ef31fcb0835ad266c
Reviewed-on: https://code.wireshark.org/review/4829
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If73e3bb924036b7746d15058e9fca6f551f9538c
Reviewed-on: https://code.wireshark.org/review/4827
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This field can be used for adding filterable subtree entries.
Change-Id: Id395c9a8194dc00e6544170631b48d71ae9dd33e
Reviewed-on: https://code.wireshark.org/review/4573
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
In Wireshark, the option's TTL field looks ok, but the [TTL diff] field points to the byte after the TTL field, which is part of the nonce field.
The nonce field is being read one byte after where it should be read and so the value being read is incorrect.
Moreover, the option data length says 6 but because of the extra byte being read 7 bytes are being read for this option data and the next option is read one byte later incorrectly so the options after the QuickStart option are being read incorrectly.
Found by boaz
Bug:10575
Change-Id: Icd836b2a5c2f92cef7b6fea61957a85fca5e3352
Reviewed-on: https://code.wireshark.org/review/4815
Reviewed-by: Michael Mann <mmann78@netscape.net>
there's a single IPv6 packet with Mobile Node Link Layer Identifier mobility option.
The option's data length is 9 but and since the Reserved field takes 2 bytes, the Link Layer Identifier field should take 7 bytes.
However, the Link Layer Identifier field is read until the end of the packet, which is 519 bytes.
Bug:10578
Change-Id: I518de7f6b75e5b749cb029845fd4846954ca6d0e
Reviewed-on: https://code.wireshark.org/review/4818
Reviewed-by: Michael Mann <mmann78@netscape.net>
There's a single IPv6 packet with Binding Authorization Data for FMIPv6 mobility option.
The option's data length is 14 but and since the SPI takes 4 bytes, the Authenticator field should take 10 bytes.
However, the Authenticator field is read until the end of the packet, which is 178 bytes.
Found by boaz
Bug: 10577
Change-Id: Ia79c5131d8477c1a7c111c47c2a94e990bbeae4d
Reviewed-on: https://code.wireshark.org/review/4817
Reviewed-by: Michael Mann <mmann78@netscape.net>
One of the mobility options is the IPv6 Address/Prefix.
The prefix length of this option is 52.
Note that according to RFC 5568, the prefix length is in bits and not in bytes.
The IPv6 Address/Prefix field of this option marks 52 bytes.
In addition, I'm not sure that the IPv6 Address/Prefix field is a variable size field.
RFC 5568 section 6.4.2 has a diagram of this options that shows this field as if it always takes 128 bits, and the prefix length field just says the length of the prefix (not the length of the field).
Found by boaz
Bug:10576
Change-Id: I2a9a35cb7c537ec3b91c9a089f14fa31f41d8c80
Reviewed-on: https://code.wireshark.org/review/4816
Reviewed-by: Michael Mann <mmann78@netscape.net>
Correctly set the length of LBT-RM and LBT-RU header blocks.
Various other cosmetic cleanups.
Change-Id: If19bbdeb10176b8059fd4cf657719b3b9817bc6a
Reviewed-on: https://code.wireshark.org/review/4776
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
I'm not sure why the check is only for alphabetical characters; if
that's correct, change this to use g_ascii_isalpha, and change
is_printable_ascii to is_ascii_alpha or something such as that.
Don't use ctype.h routines, as they are locale-dependent.
Change-Id: I61d0672350d35ad918e95d7e96ed5dd263102da9
Reviewed-on: https://code.wireshark.org/review/4805
Reviewed-by: Guy Harris <guy@alum.mit.edu>