These display bases work to replace unprintable characters so the
name is a misnomer. In addition they are the same option and this
display behaviour is not something that is configurable.
This does not affect encodings because all our internal text strings
need to be valid UTF-8 and the source encoding is specified using
ENC_*.
Remove the assertion for valid UTF-8 in proto.c because
tvb_get_*_string() must return a valid UTF-8 string, always, and we
don't need to assert that, it is expensive.
- Implements the BACnet /SC datalink using encrypted TLS communication
over TCP/IP and the websocket protocol.
- Updated list of vendor ID's
- Added new BACnet services Who-Am-I / You-Are
- Some corrections for revision 22.
- Fixed bug issue #17142
Add support internally to using iconv (always present with glib) to convert
strings from various encodings to UTF-8 (using REPLACEMENT CHARACTER as
recommended), and use that to support GB 18030 and EUC-KR. Replace call
directly to iconv in ANSI 637 for EUC-KR to new API. Update comments
and documentation around character encodings. It is possible to replace
the calls to iconv with an internal decoder later. Tested on Linux and
on Windows (including with illegal characters). Closes#16630.
Add convenience routines for getting and setting a per-protocol,
per-packet depth value, which can be used to limit recursion, nesting,
cycling, etc. Use them in the BACapp, DAAP, Mongo, VLAN, and WBXML
dissectors.
Change-Id: I172514828169253ae7fcf9162c9d7eeb3041ff9c
Reviewed-on: https://code.wireshark.org/review/36846
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Track our recursion depth in fAbstractSyntaxNType. It calls several
functions which in turn call it, which makes it easy to overflow the
stack.
Bug: 16474
Change-Id: Ibad29272f99449bfa13b7422692e20ba8a79e19c
Reviewed-on: https://code.wireshark.org/review/36725
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Improved decoding of trendlog type "any-value"
- Added enumeration strings for odd/even month
Change-Id: I96c775e07dabe48b31e81eec28d9ea31f78e4b75
Reviewed-on: https://code.wireshark.org/review/34521
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Implemented labeling of decoding BACnet object identifier so that
difference between device and other object id's are shown in the
decoding tree.
Bug: 16008
Change-Id: I145e26803e1b6c70c2980858c1b946a285382726
Reviewed-on: https://code.wireshark.org/review/34340
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Update build-in vendor ID list with last years additions.
Change-Id: I1916e160f6bcea5e94ce203b50f4a27a6ca1d261
Reviewed-on: https://code.wireshark.org/review/34460
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This allows taps that can fail to report an error and fail; a failed
tap's packet routine won't be called again, so they don't have to keep
track of whether they've failed themselves.
We make the return value from the packet routine an enum.
Don't have a separate type for the per-packet routine for "follow" taps;
they're expected to act like tap packet routines, so just use the type
for tap packet routines.
One tap packet routine returned -1; that's not a valid return value, and
wasn't one before this change (the return value was a boolean), so
presume the intent was "don't redraw".
Another tap routine's early return, without doing any work, returned
TRUE; this is presumably an error (no work done, no need to redraw), so
presumably it should be "don't redraw".
Clean up some white space while we're at it.
Change-Id: Ia7d2b717b2cace4b13c2b886e699aa4d79cc82c8
Reviewed-on: https://code.wireshark.org/review/31283
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Bug: 4234
Change-Id: Ibd59809b2dd9890a7851eb57ef7af384e280a74b
Reviewed-on: https://code.wireshark.org/review/31222
Reviewed-by: Michael Mann <mmann78@netscape.net>
Replaced global vars with fPresentValue and wrapper functions.
Split bacapp.present_value dissector based on datatype for filtering.
Replaced char array buffers with wmem api calls.
Rebased commit onto latest master branch.
Removed date and time present_value field dissectors.
dissectors added:
bacapp.object_name
bacapp.to_state
bacapp.from_state
bacapp.notify_type
bacapp.error_code
bacapp.error_class
bacapp.event_type
present_value dissectors added:
bacapp.present_value.null
bacapp.present_value.boolean
bacapp.present_value.uint
bacapp.present_value.int
bacapp.present_value.real
bacapp.present_value.octet_string
bacapp.present_value.char_string
bacapp.present_value.bit_string
bacapp.present_value.enum_index
Change-Id: I3ba9327ee22787da59190204e808f8c10dc8fabd
Reviewed-on: https://code.wireshark.org/review/30847
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add 8-bit, 16-bit, 24-bit, and 32-bit "fetch signed value" routines, and
use them rather than casting the result of the 8/16/24/32-bit "fetch
unsigned value" routines to a signed type (which, BTW, isn't sufficient
for 24-bit values, so this appears to fix a bug
in epan/dissectors/packet-zbee-zcl.c).
Use numbers rather than sizeof()s in various tvb_get_ routines.
Change-Id: I0e48a57fac9f70fe42de815c3fa915f1592548bd
Reviewed-on: https://code.wireshark.org/review/26844
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
bf_arr is used as %s argument to proto_tree_add_subtree_format(), so it need to be NUL terminated.
Add + 1 to bf_arr size, and use sizeof() in memset() calls.
ASAN report:
ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7ff1b179f150 at pc 0x00000044cf31 bp 0x7ffdc7493cf0 sp 0x7ffdc74934a0
READ of size 258 at 0x7ff1b179f150 thread T0
SCARINESS: 41 (multi-byte-read-stack-buffer-overflow)
#0 0x44cf30 in printf_common(void*, char const*, __va_list_tag*) /src/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_format.inc:548
#1 0x498cfc in __vsnprintf_chk /src/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc:1558
#2 0x5775cf in proto_tree_set_representation /src/wireshark/epan/proto.c:5508:9
#3 0x577eb1 in proto_tree_add_text_valist_internal /src/wireshark/epan/proto.c:1226:2
#4 0x5782d5 in proto_tree_add_subtree_format /src/wireshark/epan/proto.c:1249:7
#5 0x73c73f in fBitStringTagVS /src/wireshark/epan/dissectors/packet-bacapp.c:7490:15
#6 0x73ad20 in fApplicationTypesEnumeratedSplit /src/wireshark/epan/dissectors/packet-bacapp.c:7569:26
#7 0x73a484 in fApplicationTypes /src/wireshark/epan/dissectors/packet-bacapp.c:7635:12
#8 0x7395db in fIAmRequest /src/wireshark/epan/dissectors/packet-bacapp.c:13412:14
#9 0x7383e1 in dissect_bacapp /src/wireshark/epan/dissectors/packet-bacapp.c:14163:9
Found by oss-fuzz/5452.
Change-Id: I57e948904f707c5003a389431b009a37c1212e04
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5452
Reviewed-on: https://code.wireshark.org/review/25544
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Ping-Bug: 12457
Change-Id: Ie97747704b12a0ba70bb6adb1a8c251dfcaca08f
Reviewed-on: https://code.wireshark.org/review/25132
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ide5d7f2241db4ac87ed516f91f0bcaca347bb546
Reviewed-on: https://code.wireshark.org/review/24496
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.
Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Have all dissector tables have a "supports Decode As" flag, which
defaults to FALSE, and which is set to TRUE if a register_decode_as()
refers to it.
When adding a dissector to a dissector table with a given key, only add
it for Decode As if the dissector table supports it.
For non-FT_STRING dissector tables, always check for multiple entries
for the same protocol with different dissectors, and report an error if
we found them.
This means there's no need for the creator of a dissector table to
specify whether duplicates of that sort should be allowed - we always do
the check when registering something for "Decode As" (in a non-FT_STRING
dissector table), and just don't bother registering anything for "Decode
As" if the dissector table doesn't support "Decode As", so there's no
check done for those dissector tables.
Change-Id: I4a1fdea3bddc2af27a65cfbca23edc99b26c0eed
Reviewed-on: https://code.wireshark.org/review/17402
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Most protocols just want to limit COL_INFO or COL_PROTOCOL
so give that level of granularity.
Bug: 12144
Bug: 5117
Bug: 11144
Change-Id: I8de9b7d2c69e90d3fbfc0a52c2bd78c3de58e2f8
Reviewed-on: https://code.wireshark.org/review/15894
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
event-time-stamps decode when array-index is 0.
Bug: 12422
Change-Id: I9f1f90e269352a49a8fc8a2ba2f64211f3cf7961
Reviewed-on: https://code.wireshark.org/review/15409
Reviewed-by: Michael Mann <mmann78@netscape.net>
Case 19 - change-of-reliability and related enums
Bug: 11734
Change-Id: Ie40acc9d157adcf4d69b9cc57c6419daf8f6263d
Reviewed-on: https://code.wireshark.org/review/15350
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ie39ef054a4a942687bd079f3a4d8c2cc55d5f22c
Reviewed-on: https://code.wireshark.org/review/12485
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Picking off "easy" dissectors that only have one or two exit points at most.
Change-Id: I3d5e576b796556ef070bb36d8b55da0b175dcba8
Reviewed-on: https://code.wireshark.org/review/11805
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The target here is the Decode As dialog where protocols have multiple registrations into a dissector table and that shows up as multiple entries in the Decode As dialog list with the same name so users are unsure which "dissector" they are choosing.
The "default" behavior (done in this commit) is to not allow duplicates for a dissector table, whether its part of Decode As or not. It's just ENFORCED for Decode As.
Bug: 3949
Change-Id: Ibe14fa61aaeca0881f9cc39b78799e314b5e8127
Reviewed-on: https://code.wireshark.org/review/11405
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reported by Graham:
packet-bacapp.c(5299) : warning C4146: unary minus operator applied to unsigned type, result still unsigned
Regression in v1.99.10rc0-330-g71ec57a ("bacapp: fix
-Wshift-negative-value").
Change-Id: Ia3ea3acad3afdf7b8a449224c815ea45d7fdbc2b
Reviewed-on: https://code.wireshark.org/review/10785
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Shifting a negative signed value is undefined. Found by Clang.
Change-Id: If58d7b82899859892d8c58d627e98a8a902dd7fd
Reviewed-on: https://code.wireshark.org/review/10780
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: If617016f588bbf940f37699e27559dc5c59cf508
Reviewed-on: https://code.wireshark.org/review/10349
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I6505ce34de84bfe46d5bc7b4d6a3c6044f3fb4b5
Reviewed-on: https://code.wireshark.org/review/10041
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This patch adds reassembly_table_destroy calls as cleanup function for
dissectors which have a simple init routine that just calls
reassembly_table_init (comments are ignored).
The changes were automatically generated using
https://git.lekensteyn.nl/peter/wireshark-notes/diff/one-off/cleanup-rewrite.py?id=4cc0aec05dc67a51926a045e1955b7a956757b5e
(with the if and assignment parsers disabled).
The only difference from the autogenerated output is that the XXX
comments from the init routines in smb-pipe and tds dissectors are kept.
Change-Id: I64aedf7189877247282b30b0e0f83757be6199e7
Reviewed-on: https://code.wireshark.org/review/9222
Reviewed-by: Michael Mann <mmann78@netscape.net>
Get rid of references to ep_ and se_ allocation in code that now uses
wmem allocation instead.
Fix API documentation of conversation_table.h routines to reflect that
as well - some APIs changed to pass wmem scopes.
Also, zbee_sec_key_hash() now takes the output buffer as an argument and
just returns it, and nobody actually uses the return value, so change it
to return void.
Change-Id: Ife1ec675a9322fd0f0be306a9d639ec17aad1c7a
Reviewed-on: https://code.wireshark.org/review/6636
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I79c613cbdd8dc939dd4c29ebc477fb6eefd5bfc4
Reviewed-on: https://code.wireshark.org/review/6371
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ibef3cee6930dea08fc7a87635c48de609d3d4015
Reviewed-on: https://code.wireshark.org/review/6299
Reviewed-by: Michael Mann <mmann78@netscape.net>
João Valverde