A block can have zero or more instances of a given option. We
distinguish between "one instance only" options, where a block can have
zero or one instance, and "multiple instances allowed" options, where a
block can have zero or more instances.
For "one instance only" options:
"add" routines add an instance if there isn't one already
and fail if there is;
"set" routines add an instance if there isn't one already
and change the value of the existing instance if there is one;
"set nth" routines fail;
"get" routines return the value of the instance if there is one
and fail if there isn't;
"get nth" routines fail.
For "multiple instances allowed" options:
"add" routines add an instance;
"set" routines fail;
"set nth" routines set the value of the nth instance if there is
one and fail otherwise;
"get" routines fail;
"get nth" routines get the value if the nth instance if there is
one and fail otherwise.
Rename "optionblock" to just "block"; it describes the contents of a
block, including both mandatory items and options.
Add some support for NRB options, including IPv4 and IPv6 option types.
Change-Id: Iad184f668626c3d1498b2ed00c7f1672e4abf52e
Reviewed-on: https://code.wireshark.org/review/16444
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(Gotta ensure that there's always at least one commit here that's less
than a year old. :-))
Change-Id: I297920f1b68dd49550ce07544797a9f2cb854cf5
Reviewed-on: https://code.wireshark.org/review/16432
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Based on AT&T Windows 8 Extended API Requirements version 1.8.0
Change-Id: Iaf54173812a02023581c530f2340ea21e9e220d9
Reviewed-on: https://code.wireshark.org/review/16431
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Found by VS Code Analysis
Change-Id: I76ea860cd86b41ef33c47dcc8f6b1c122f8bb668
Reviewed-on: https://code.wireshark.org/review/16424
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Current ERSPAN II dissector does not support parsing EN field and Index.
The patch follows the field description in draft:
https://tools.ietf.org/html/draft-foschiano-erspan-01
Change-Id: I92ce56264be0fb2560c4d1a5da35738cf45a8c96
Reviewed-on: https://code.wireshark.org/review/16400
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I9244edc537d2eb49d73e097a4cb34bf2cde868e4
Reviewed-on: https://code.wireshark.org/review/16395
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The valid array in a struct mcs_vht_valid is indexed by the bandwidth
and the NSS-1; use the NSS-1, not the NSS, as the index.
The maximum possible value of the NSS is MAX_VHT_NSS, so allow a value
of MAX_VHT_NSS.
Change-Id: I49585f217f3e70356c1dd1ba32b6c714ce202236
Reviewed-on: https://code.wireshark.org/review/16426
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Found by VS Code Analysis.
Change-Id: Idab6cb5496749ebff47466b20a9a665b1574565d
Reviewed-on: https://code.wireshark.org/review/16421
Reviewed-by: Michael Mann <mmann78@netscape.net>
This should keep VS Code Analysis happy.
Change-Id: I99ebdc644ba353d5986d6509da784eeaa37dcc8f
Reviewed-on: https://code.wireshark.org/review/16420
Reviewed-by: Michael Mann <mmann78@netscape.net>
If this is APS ACK, do not overwrite its column description by Test Profile command description.
Change-Id: Ibd4ae978776ad9e9924e6933ede90bc2ad8855de
Reviewed-on: https://code.wireshark.org/review/16414
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fill in our port information using StringCchPrintf on Windows instead
of g_snprintf. Loading a large-ish test capture here under the VS 2013
profiler showed that we spent 620 samples in col_append_ports. Switching
from g_snprintf to StringCchPrintf reduced that to six samples.
Inline col_snprint_port while we're here.
Change-Id: I955e5baa66ebb9cc950fc0eb1682d3c015c7a55a
Reviewed-on: https://code.wireshark.org/review/16416
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Based on IEEE Std 802.1BR-2012
Bug: 12613
Change-Id: Ic5198471f67a1af728df40a09443a1cab2621169
Reviewed-on: https://code.wireshark.org/review/16402
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I40dab9d392ddea1f895b88f8f19c1194e56563a2
Reviewed-on: https://code.wireshark.org/review/16408
Reviewed-by: Amitoj Setia <amitoj_setia@yahoo.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If it is ok to parse packets with bas FSC, FCS may be even absent. Parse MAC command even if remaining buffer length is less that FCS size in such case.
Change-Id: Ibbc9fed7ab87d0511f8c97db8e0e3bdf562cd15c
Reviewed-on: https://code.wireshark.org/review/16412
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This prevents tshark from crashing when run with "-T fields -e data".
I5778b08c52119b5be1ec482be9417b3c4ba8ed62 mistakenly removed this line (this
'data' is a write_field_data_t rather than the print_data structure that
change was cleaning up).
Bug: 12616
Change-Id: I773e47f12f852e19a20ec29a43eb3a0953923173
Reviewed-on: https://code.wireshark.org/review/16415
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Use a wmem_array to perform strict checking.
Fold cmprI/cmprE dissection into a single loop.
Change-Id: I67443a604b47cd9cbca32c7f7276a7e2229580f1
Reviewed-on: https://code.wireshark.org/review/16348
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: I93e1c64597f309db5341c6ccadfdb3b23c056182
Reviewed-on: https://code.wireshark.org/review/16397
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Some if checks are confusing the analysis, but it does add some
future-proofing.
Change-Id: Ic4fe16a87646a7055f7639af050d53ff004eda5f
Reviewed-on: https://code.wireshark.org/review/16396
Reviewed-by: Michael Mann <mmann78@netscape.net>
Found by VS Code Analysis, verified with spec that mask isn't needed.
Also included link to current spec.
Bug: 1918
Change-Id: Ic3e8ee599501c7c12717649579ffd70581622178
Reviewed-on: https://code.wireshark.org/review/16392
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dissector handles created with create_dissector_handle() don't have a
name; report them as "(anonymous)" (there's no guarantee that the printf
family of routines don't crash when a null pointer is provided to %s -
the printf routines in at least some versions of Solaris *do* crash in
that case).
Change-Id: I561ff855a46eeb442299011d567f20751c5c6869
Reviewed-on: https://code.wireshark.org/review/16399
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I77a88b910fa51e09f9d5bdb541170de76ffb3708
Reviewed-on: https://code.wireshark.org/review/16386
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If profile id is ZigBee Test Profile #2, do not try to parse packet contents as other protocol above APS: ZCL or whatever else.
Change-Id: I0f1446aea9b270c226c7c472fe794e29240defc9
Reviewed-on: https://code.wireshark.org/review/16387
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also remove dissector_add_for_decode_as calls as dissector_add_uint
already handles that.
Change-Id: I87202d49765ffb1a2e6c922cb02b692fb16c0693
Reviewed-on: https://code.wireshark.org/review/16388
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
HTTP has multiple related packets, so seeing which are the actual request/response (related to the current selected packet) is helpful.
Change-Id: I833f4f620cfe8bfe9b1d7518c4e28fbd41b64e29
Reviewed-on: https://code.wireshark.org/review/16385
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The current ceph dissector assumes that the server will always send its
initial connection negotiation first, but that's not necessarily the
case, especially with the kernel client which sends its banner as soon
as the socket is created.
So, we need a better mechanism to determine which end is client and
which is the server. The server sends its own address and then the
address of the client, but the client only sends its own address. We
can determine whether the initial negotiation message is from the client
or server by looking at the data after the first entity addr and seeing
whether it also looks like an entity addr.
This patch takes that approach. It just grabs the address family from
the second address and sees whether it's IPv4 or IPv6. If it's not one
of those, then it assumes that it's not an entity_addr_t at all and is
therefore a request from the client.
We could go farther and try to verify the port and address as well, but
that's probably overkill. The address family is at the same offset as
the host_type field in the client's Connect request, but it's big endian
and the host_type is little endian. As long as we don't end up with
host_types that are 0x200 or 0xA00, this scheme should be OK.
Change-Id: I161d02da86d978272eff95497c6df66766b02ebc
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reviewed-on: https://code.wireshark.org/review/16043
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Newer versions of the Geneve protocol draft have defined additional
option classes. This updates the list so we can show the class name
instead of unknown.
Change-Id: I19f2024704abe2bc0692c73be783858d74323c0e
Reviewed-on: https://code.wireshark.org/review/16382
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
- return type of a function definition is always on a seperate line
- reformat single line expert items into multiline format
- no space between functionname and (
- reformat some hf_ elements that looked different from most others
- space after , where appropriate
- Fix the following warnings and errors from checkhf.pl
Unused href entry: epan/dissectors/packet-ieee80211.c: hf_ieee80211_ff_rcsi
Unused href entry: epan/dissectors/packet-ieee80211.c: hf_ieee80211_ff_rcsi_aid
Error: hf_ieee80211_ff_dsss_ofdm: FT_BOOLEAN with non-null 'convert' field missing TFS in epan/dissectors/packet-ieee80211.c
Error: non-null hf_ieee80211_ff_dsss_ofdm 'convert' field missing 'VALS|VALS64|RVALS|TFS|CF_FUNC|FRAMENUM_TYPE|&' in epan/dissectors/packet-ieee80211.c ?
Error: hf_ieee80211_operat_mode_field_channel_width is passing the address of a pointer to VALS in epan/dissectors/packet-ieee80211.c
Error: hf_ieee80211_operat_mode_field_rxnss is passing the address of a pointer to VALS in epan/dissectors/packet-ieee80211.c
Change-Id: Ide51d1871755199721e65c0f62b3f6a62ef1159e
Reviewed-on: https://code.wireshark.org/review/16381
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
and reject the packet if it is shorter
make sure that we don't throw an exception when we read the first byte
and haven't yet decided if the packet contains an iso7816 atr
Change-Id: I7b4c93cc7c55489467b46241f07a1bb5ddfd927a
Reviewed-on: https://code.wireshark.org/review/16377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Issue reported by Garri Djavadyan
Change-Id: I6dd4bd20d82a3f2cb8aa45f740f72d33e33053da
Ping-Bug:12604
Reviewed-on: https://code.wireshark.org/review/16374
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
remove unnecessary variable initializers
remove an unnecessary if (tree) check
Change-Id: I4c5326c11efe4fe38fb606a45ca7674484e9421c
Reviewed-on: https://code.wireshark.org/review/16371
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>