Also change bytestring_to_str to match bytes_to_ep_str_punct functionality (limiting byte string size)
Change-Id: Idb958c7f0c203d103629469302b81fa922714f7e
Reviewed-on: https://code.wireshark.org/review/6369
Reviewed-by: Michael Mann <mmann78@netscape.net>
Changed all remaining code in wslua that was using emem, to use wmem or
simpler methods.
Bug: 9927
Change-Id: I3d19a770e0fd77d996bdb6b61a76a722cc2bcd55
Reviewed-on: https://code.wireshark.org/review/6109
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
e.g. tvb_get_guint16(tvb, offset, ENC_LITTLE_ENDIAN)
Change-Id: Iea02fd59b13678aca741d028fb1f66f334447498
Reviewed-on: https://code.wireshark.org/review/6191
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
no ethertype 0x8203-0x8205 support in trunk.
0x8204 is QNX OS VER 6's qnet ethernet protocol number.
Bug:3934
Change-Id: I5f3e910876bb7fb86de2111f856d026fdf220917
Reviewed-on: https://code.wireshark.org/review/2954
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
string, not an EP-allocated one.
Change-Id: I3918ed66429c588d4503d98e10dc460b099e550e
Reviewed-on: https://code.wireshark.org/review/3795
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
This lets us blow up with oversized 64-bit length values, before casting
them to the 31-bit lengths we can actually handle in Wireshark, rather
than blindly casting them with weird results.
Use that in the MySQL dissector, and, if we get past the test, cast the
lengths to int to squelch warnings.
Change-Id: I3a5e9bd0027fa4ddcb9622f77952dba8f6b23c27
Reviewed-on: https://code.wireshark.org/review/3362
Reviewed-by: Guy Harris <guy@alum.mit.edu>
g867a1827e7dc88896ee27a107eb35c4b3973d270 introduced a change to cleanup/fix
handling of bounds checks for -1 length fields, but it ended up guaranteeing a
throw for 0-length tvbs, which isn't good; we ought to be able to add 0-length
FT_PROTOCOL items at the very least.
Better names for the function than _cheat are welcome, but I want to shut up the
buildbot.
Change-Id: I24610f947d03dac32766e2a0ffa0ff7bcc74c3e8
Reviewed-on: https://code.wireshark.org/review/1303
Reviewed-by: Evan Huus <eapache@gmail.com>
This commit adds tvb_get_string_bytes and proto_tree_add_bytes_item routines for
getting GByteArrays fields from the tvb when they are encoded in ASCII hex string form.
The proto_tree_add_bytes_item routine is also usable for normal
binary encoded byte arrays, and has the advantage of retrieving
the array values even if there's no proto tree.
It also exposes the routines to Lua, both so that a Lua script can take
advantage of this, but also so I can write a testsuite to test the functions.
Change-Id: I112a038653df6482a5d0ebe7c95708f207319e20
Reviewed-on: https://code.wireshark.org/review/1158
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit adds tvb_get_string_time and proto_tree_add_time_item routines for
getting nstime fields from the tvb when they are encoded in ASCII string form.
The proto_tree_add_time_item routine is also usable for normal
big/little-endian encoded time_t, and has the advantage of retrieving
the value even if there's no proto tree.
It also exposes the routines to Lua, both so that a Lua script can take
advantage of this, but also so I can write a testsuite to test the functions.
Change-Id: I955da10f68f2680e3da3a5be5ad8fdce7ed6808c
Reviewed-on: https://code.wireshark.org/review/1084
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add an FT_STRINGZPAD type, for null-padded strings (typically
fixed-length fields, where the string can be up to the length of the
field, and is null-padded if it's shorter than that), and use it. Use
IS_FT_STRING() in more cases, so that less code needs to know what types
are string types.
Add a tvb_get_stringzpad() routine, which gets null-padded strings.
Currently, it does the same thing that tvb_get_string_enc() does, but
that might change if we don't store string values as null-terminated
strings.
Change-Id: I46f56e130de8f419a19b56ded914e24cc7518a66
Reviewed-on: https://code.wireshark.org/review/1082
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: If043683f366fedd849688ca3c512707954221a3b
Reviewed-on: https://code.wireshark.org/review/984
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When capturing, they'll be in host byte order. The top of the libpcap
trunk and 1.5 branch, when reading a file, will, if necessary, byte-swap
the type and length values so that they're in the byte order of the host
reading the file (rather than the host that wrote the file).
Do the same when we read a file, and have the NFLOG dissector assume
host byte order for those fields.
Change-Id: I493aed1e07b626af1157d75f3bc293b0a694ad07
Reviewed-on: https://code.wireshark.org/review/148
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Do with tvb_get_stringz() what was done with tvb_get_string().
Redo the comments for the string get routines to try to give more detail
in a fashion that's a bit less hard to read.
Warn, in comments, of the problems with using
tvb_get_string()/tvb_get_stringz() (i.e., if your strings are non-ASCII,
all bytes with the 8th bit set are going be replaced by the Unicode
REPLACEMENT CHARACTER, and displayed as such).
Warn, in a comment, of the problems with tvb_get_const_stringz() (i.e.,
it gives you raw bytes, rather than guaranteed-to-be-valid UTF-8).
Update documentation and release notes appropriately.
Change-Id: Ibd3efb92a203861f507ce71bc8d04d19d9d38a93
Reviewed-on: https://code.wireshark.org/review/327
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- rename tvb_length and similar to tvb_captured_length and similar; leave
#defines in place for backwards-compat, but mark them clearly as deprecated in
code comments and in checkAPI
- remove tvb_get_string as C code and just leave a #define in place for
backwards-compat; mark it clearly as deprecated in code comment and checkAPI
- update READMEs and sample dissector for all of the above
- while in the neighbourhood, make checkAPI skip (and warn) for missing files
instead of bailing on the whole check, so subsequent files still get checked
Change-Id: I32fc437896ca86ca73e9b49d5f50400adf8ec5ad
Reviewed-on: https://code.wireshark.org/review/311
Reviewed-by: Evan Huus <eapache@gmail.com>
better.
We don't need eventlog_get_unicode_string_length() in the eventlog
dissector, either - tvb_unicode_strsize() does the job just as well.
svn path=/trunk/; revision=54874
UTF-8 strings.
Add that mapping for null-terminated ASCII strings.
Factor out some common parts of comments about string routines, and
clean up some other comments.
svn path=/trunk/; revision=54868
instead, have static routines to get UCS-2 (no surrogate pairs) and
UTF-16 (with surrogate pairs) strings, with the routines to handle
UTF-16 actually handling surrogate pairs.
Update some out-of-date comments while we're at it.
svn path=/trunk/; revision=54318
obvious that the returned string is ephemeral, and opens up the original names
in the API for versions that take a wmem pool (and thus can work in any scope).
svn path=/trunk/; revision=54249
proto_tree_add_item was valid *before* we short-circuited based on a NULL tree.
This was good in that it removed a common source of really-long-loop bugs. It
was less good in that it cost us about 8% in speed when doing a tree-less
dissection, but we decided the tradeoff was worth it.
After Anders' recent mail to -dev about performance, I started thinking about
how to optimize this. It occurred to me that the vast majority of the logic
involved in the check was dealing with the length value - fetching the actual
length if it was a counted string, calculating the length if it was -1, adding
the length to the offset in a way that was free from overflows, etc.
All of this is (theoretically) unnecessary - simply checking the offset without
worrying about the length will still catch the very-long-loops, since it is the
offset that increases in each iteration, not the length.
All that to justify:
- implement tvb_ensure_offset_exists which throws an exception if the offset is
not within the tvb
- use it instead of all the complicated other logic in the pre-short-circuit
step of proto_tree_add_item and friends
This gives us back about 3/4 of the performance we lost in the original patch.
We're still ~2% slower than without any check, but this is the best I can think
of right now.
svn path=/trunk/; revision=52578
explicit, and frees up the "generic" names (like tvb_memdup) for new signatures
that take the appropriate wmem pool.
Majority of the conversion done with sed.
svn path=/trunk/; revision=52164
haven't reassembled, we're probably moving sequentially through the
packet, which means that we'll run past the end of the fragment rather
than past the end of what would have been the reassembled packet had we
reassembled it.
I.e., there's little reason to care whether we're past the end of the
fragment but not past the end of the packet, or whether we're past the
end of the packet; in either case, we're past the end of the fragment,
and if somebody wants to know whether the packet is malformed by
stopping short of certain fields, they should enable reassembly.
So we get rid of the explicit fragment length in tvbuffs and, instead,
have a "this is a fragment" flag; if that flag is set, we throw
FragmentBoundsError rather than ReportedBoundsError if we run past the
end of the reported data.
(This also means we could flag the tvbuff even if we don't know how
large the reassembled packet will be, e.g. when doing IP reassembly.)
Replace tvb_new_subset_length_fragment() with tvb_new_subset_length()
and a new "set the "this is a fragment flag"" routine.
svn path=/trunk/; revision=48940
first fragment of a non-reassembled packet, and we know the length the
packet would have if it were reassembled, this field holds the length of
the fragment, and the "reported length" field shows the length the
packet would have if it were reassembled, so going past the end of the
fragment but staying within the length of the reassembled packet can be
reported as "dissection would have worked if the packet had been
reassembled" rather than "the packet is too short, so it was probably
malformed".
Add a FragmentBoundsError exception, thrown in the "dissection would
have worked if the packet had been reassembled" case.
Add a new tvb_new_subset_length_fragment() routine to create a new
subset tvb with specified fragment and reported lengths. Use it in the
CLNP dissector.
Add some more sanity checks in the CLNP dissector.
svn path=/trunk/; revision=48917
tvbuff, and a length from that offset, and returns a subset tvbuff
referring to that data (or throws an exception). This does what most if
not all calls to tvb_new_subset() (other than the ones that really
should be calls to tvb_new_subset_remaining()) should be doing, i.e.
setting the reported length of the tvbuff to the specified length and
calculating the appropriate value of the captured length based on that.
We aren't using it yet, but we will....
svn path=/trunk/; revision=47768
tvb_set_subset(); code should use tvb_new_real_data() and various
tvb_new_subset routines. (Neither tvb_new() nor tvb_set_real_data() nor
tvb_set_subset() were exported in libwireshark.def, nor were they used
outside tvbuff.c; tvb_set_real_data() and tvb_set_subset() weren't even
being used *inside* tvbuff.c.)
svn path=/trunk/; revision=47753
routines to create new tvbuffs that do what dissectors need to do, and
those are the only routines that should be used.
svn path=/trunk/; revision=47752
Put the code that's currently common to the ENC_ASCII and ENC_UTF_8
cases in tvb_get_ephemeral_string_enc() into tvb_get_ephemeral_string(),
and call tvb_get_ephemeral_string() in those cases. Skip the
tvb_ensure_bytes_exist() and ensure_contiguous() calls in the ENC_UTF_16
and ENC_UCS_2 cases, as they're unnecessary there.
Update the comment for tvb_get_ephemeral_string_enc().
Make tvb_get_ephemeral_stringz_enc() handle the encodings that
tvb_get_ephemeral_string_enc() does.
svn path=/trunk/; revision=42627
proto_tree_add_item() calls.
Add new "add_packet_field" method to the TreeItem class, taking a
protocol field (*not* a protocol), TvbRange, and encoding value as
arguments.
Add the ENC_ values to init.lua. Make them all hex #defines so
make-init-lua.pl can easily extract them.
Export tvb_unicode_strsize() for use by Lua (and elsewhere as desired).
Note that it handles UTF-16 and UTF-8, and fix the comment to note that
its count of hexadectets *does* include the null terminator (that's what
the code does).
svn path=/trunk/; revision=42621
removes a potential buffer overflow and should fix a bunch of Coverity
errors mentioned in bug 6878.
We might want to do the same for no_of_bits.
svn path=/trunk/; revision=41945
- Essentially no changes from current dissector de facto tvbuff usage;
- Do away with 'usage_counts' and with 'used_in' GSLists;
- Manage tvb chains via a simple doubly linked list.
- API changes:
a. tvb_increment_usage_count() and tvb_decrement_usage_count() no
longer exist;
b. tvb_free_chain() can only be called for the 'top-level' (initial)
tvb of a chain) or for a tvb not in a chain.
c. tvb_free() now just calls tvb_free_chain() [should have no impact
on existing dissectors].
svn path=/trunk/; revision=40264
appropriately; the only valid encoding is big-endian, so we don't
actually do anything different with the argument, so as not to break
code that passed it a gboolean endian flag.
svn path=/trunk/; revision=39237
in README.devloper. Remove g_gnuc.h since it's no longer needed. Remove
tvbuff_init(), tvbuff_cleanup(), reassemble_init(), and
reassemble_cleanup() since they were only used for older GLib versions
which didn't support GSlices. Assume we always support the "matches"
operator.
svn path=/trunk/; revision=37978
make FT_STRING and FT_UINT_STRING handle string encodings.
Get rid of FT_EBCDIC in favor of FT_STRING with ENC_EBCDIC.
Add some URLs for DRDA.
Clean up some stuff in TN3270 and TN5250, including using ENC_ values
for proto_tree_add_item().
svn path=/trunk/; revision=37909
tvb_get_ephemeral_string() but takes an ENC_ value for the character
encoding. Use it in the MQ dissector to fetch strings to put, for
example, into the Info column, so we properly handle EBCDIC strings
there.
svn path=/trunk/; revision=37876
pointer to a NULL-terminated string in the TVB. It is no safer than dissectors
which call tvb_get_strsize() and then tvb_get_ptr() but it makes it clear that
this usage of tvb_get_ptr() is safe.
This function is slightly more efficient than tvb_get_ephemeral_stringz()--but
only as long as we're not using composite TVBs.
svn path=/trunk/; revision=35493
tvb_get_unicode_string()
tvb_get_ephemeral_unicode_string()
These function like their counterparts, tvb_get_string and
tvb_get_epemeral_string, for standard strings.
Also update comment on what the first such function,
tvb_get_ephemeral_unicode_stringz does regarding updating lengthp.
svn path=/trunk/; revision=35344
/*
* Given a tvbuff, an offset into the tvbuff, and a length that starts
* at that offset (which may be -1 for "all the way to the end of the
* tvbuff"), fetch BCD encoded digits from a tvbuff starting from either
* the low or high half byte, formating the digits according to an input digit set,
* if NUll a default digit set of 0-9 returning "?" for overdecadic digits will be used.
* A pointer to the EP allocated string will be returned.
* Note a tvbuff content of 0xf is considered a 'filler' and will end the conversion.
*/
svn path=/trunk/; revision=35286
is a unicode (UTF-16) version of tvb_get_ephemeral_stringz(). It scans
a tvbuff for a UTF-16 string and converts it to UTF-8 upon return.
svn path=/trunk/; revision=35253
"representation" - we already use "representation" to refer to the text
representation of fields.
Change some routines with an endianness argument to make it a
representation argument instead;
svn path=/trunk/; revision=32929
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4422
From me: Fix a number of instances where the function prototype or
the function definition wasn't changed so there was a mismatch
thus causing Windows (but not gcc) compilation errors.
svn path=/trunk/; revision=32365
The current implementation of tvb_new_subset_remaining() only has the THROW_ON(reported_length < 1) check removed when compared to tvb_new_subset(). So there's room for improvement in this function. We should be able to disable some more (redundant) bounds checking.
svn path=/trunk/; revision=29445
Michael Mann