While "os_info_str" is freed after the loop, "cpu_info_str" was leaked.
Change-Id: Ia4069403c0a5dd5cc6bd7ed61726c1bfa9736b19
Reviewed-on: https://code.wireshark.org/review/22465
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When the current capture buffer is too small, it must be increased
before attempting to read the next data packet.
Fix developed by Mikael Kanstrup (and Guy), I added comments such that
the next reader does not have to guess whether "incl_len" is
accidentally used for reading from the buffer (it is not).
Change-Id: I980bd21ac79601a34d57ffc99a34bfb54c297ac0
Fixes: v2.5.0rc0-28-gd0865fd619 ("Allow bigger snapshot lengths for D-Bus captures.")
Bug: 13852
Reviewed-on: https://code.wireshark.org/review/22464
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove a double lookup in RLSD message dissection, too
Ping-Bug:13861
Change-Id: Ie971c0779baad76fb22f8a59d045e38c072e8f06
Reviewed-on: https://code.wireshark.org/review/22448
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Useful when you have long sessions, without the start (i.e. CC/CR) and the end
(i.e. RLSD/RLC).
Similar to 10d2e65228
Change-Id: Ifb97bd9fe88ee59f3816fce1111132b247bf46c8
Reviewed-on: https://code.wireshark.org/review/22446
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Added support for registering custom dissectors for AECP vendor unique command and response message
dissection.
Fixed a minor typo
Change-Id: I7ae363f126d4db513be0529fc6dd7fd189d4f3d8
Reviewed-on: https://code.wireshark.org/review/22438
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This shows the elements in a little-endian fashion and aligns with
other element trees using bitmask.
Change-Id: I8e16eaee9944c2b56bc9fe18f31a983047aca121
Reviewed-on: https://code.wireshark.org/review/22453
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix indent and spacing in if-statements to improve readability.
Change-Id: I3bd295d5d397e6e4b211c2d6fed25ab93e14142c
Reviewed-on: https://code.wireshark.org/review/22452
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Combining all seperate heuristic dissector into one 'fp over udp' dissector.
Also refactored the 'unknown format' dissector (formarly heur_dissect_fp) so it could work 'chained' to the others.
Change-Id: I396c362a400f51171ee091317b6735dfd8bd19df
Reviewed-on: https://code.wireshark.org/review/22368
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Allow the ordering of the filter buttons via drag/drop in
the toolbar
Change-Id: Id8793d6514bae36066a7a23d6890985665e753bd
Reviewed-on: https://code.wireshark.org/review/22422
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Change the wording to make it more like the other option
menus
Change-Id: I0d071aecd80131e5304737a1746f3a41f546c8e4
Reviewed-on: https://code.wireshark.org/review/22441
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
No code changes.
Change-Id: I282334594be476596f30e8396fe66a995e3e0292
Reviewed-on: https://code.wireshark.org/review/22439
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
On UN*X, you can get C99-or-later compilers, and we request that in the
autoconf script, so it's really a requirement.
At least as I read
https://msdn.microsoft.com/en-us/library/34h23df8%28v=vs.100%29.aspx
Visual Studio 2010 (and earlier, going back to VS .NET 2003) supports
the "Use of block-scope variables initialized with nonconstant
expressions", with an example of an aggregate (array) initialization
involving function calls, so it sounds as if it's available on Windows
with any version of VS that we support.
(If I've missed something, it'll presumably show up when something is
built with MSVC, and we can update this at that point.)
So the only thing to avoid is initializing global or static variables
with a value that has to be evaluated at run time (the ability to do
that is probably present in most environments, as I think C++
constructors for variables with static storage duration might have to be
evaluated before main() is called, but I guess few C compilers bother to
use it).
Expand the example in the hopes of avoiding confusion between "static
storage duration" (which something declared "static" has, but which
anything declared with file scope, whether declared "static" or not,
also has) and "static storage duration and internal linkage", which is
what the "static" keyword specifies.
Change-Id: I338eb0892e656c2ab59519e4bf76e1dfbec2fa7d
Reviewed-on: https://code.wireshark.org/review/22434
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It only applies to variables with static storage duration, i.e. global
and static variables. Expand the example of how to do it, to make it a
bit clearer.
Change-Id: Ie0c473a35a77351dd10d6c9df2c34a39f077fca4
Reviewed-on: https://code.wireshark.org/review/22430
Reviewed-by: Guy Harris <guy@alum.mit.edu>
ManageInterfacesDialog::on_addPipe_clicked uses g_new0 to create an
"interface_t" instance, but InterfaceTreeCacheModel uses qDeleteAll
which results in ASAN reporting "alloc-dealloc-mismatch (malloc vs
operator delete)".
To fix this, remove the dynamic allocation and make
InterfaceTreeCacheModel store the instance internally.
Change-Id: I9426dfc88d0a54a889bbbc9cf336c0a6af76920e
Reviewed-on: https://code.wireshark.org/review/22410
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Look for our merge module using find_path. This should be more reliable
and doesn't assume our build and target platforms are the same.
Change-Id: I95a4454a063af2f978550b8cf1f1624c4aeb5ebc
Reviewed-on: https://code.wireshark.org/review/22426
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Adds a context menu for the toolbar filter buttons, which allows for
opening the preference for the filter buttons, as well as direct edit,
removal and disable functionality
Change-Id: I5f2d132737c77804cf22834574dfe3c02f85fbdf
Reviewed-on: https://code.wireshark.org/review/22327
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Instead of using one big linked list, we use a stack of list once all the pointers of one level have been handled the list is removed from the stack and we go to the level before.
Because of this the lists are much smaller and far less CPU is spent iterating on the objects or inserting objects in the list
Bug: 10544
Change-Id: I432aaf5b4b781411c92da92abe9c5503034b65dc
Reviewed-on: https://code.wireshark.org/review/4598
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
androiddump used to start tcpdump without specifying the interface
to capture packets on. This works when only one interface is up
but when multiple interfaces are up the output might be empty.
This change let tcpdump list all available network interfaces
and adds a unique extcap interface for each interface that is 'up'
on the device.
Change-Id: Icf0d7fa8f38320092579d4163dcdbcf2b687d8cc
Reviewed-on: https://code.wireshark.org/review/22402
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Instead of treating all output from Android tcpdump as Ethernet
data link type parse what tcpdump acually tells it to be.
This is needed as there are cases when the output is not Ethernet.
For example when starting packet capture on a device with multiple
interfaces up.
NOTE: As translation between tcpdump reported DLT and androiddump's
internal type was needed for now support is only added for types
used by network interfaces of tested devices (i.e. ETHERNET and
LINUX_SSL).
Change-Id: Ie3f9167176c336cb31f6e681f1daac6135a78883
Reviewed-on: https://code.wireshark.org/review/22401
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Isolate dissection of individual IEs to capture out-of-bound errors
and to continue with next IE on error.
Create subtree for each IE containing the TLV header. Reduce
information in overall Header IEs item.
Differentiate unknown and unsupported IE. Show more information.
Add warning if IE dissection consumes less content than the
indicated length.
Simplify Time Correction IE dissection and make more consistent.
Naming changes for consistency with standard.
Change-Id: I80f15edb646a15c0ed43d6571200a5d89cdeb7b5
Reviewed-on: https://code.wireshark.org/review/22381
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make the variable used for it an int; that's large enough, and, on
Windows, not so large that it provokes warnings.
Change-Id: I00600d816f69d79f7a42eb09b1290ff7708b0bfc
Reviewed-on: https://code.wireshark.org/review/22420
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For example, on at least some versions of Fedora, if you have a 64-bit
machine, have both the 32-bit and 64-bit versions of the run-time zlib
package installed, and have only the *32-bit* version of the zlib
development package installed, it'll find the header, and think it can
use zlib, and will use it in subsequent tests, but it'll try and link
64-bit test programs with the 32-bit library, causing those tests to
falsely fail. Hilarity ensues.
Change-Id: Ic2536e8a652ef96e2a3923c1faa61f6c8c06bf58
Reviewed-on: https://code.wireshark.org/review/22417
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
All strings sent to adb are prefixed with the length as a 4 byte
hex string. The length info prefix was manually hard coded into
strings. To avoid mistakes when updating code and to simplify
reading the source code instead let the various adb_send functions
calculate string lengths and generate the 4 byte hex string
prefixes.
Change-Id: I4178e9df5930a1c7904053e5a7750c943efddc84
Reviewed-on: https://code.wireshark.org/review/22399
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
On Windows, we build libz as part of the Wireshark build process, so we
don't necessarily *have* a libz library to search or inflatePrime() at
this point; the search fails on the buildbots, for example.
So, on Windows, we just assume we have a new enough version of libz, so
that it has inflatePrime().
Bug: 13850
Change-Id: Ied0909f4a591ff3312d83a2a2ed41e3cd12218e8
Reviewed-on: https://code.wireshark.org/review/22413
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
"enterprise-numbers" is converted to tab-separated values and renamed
"enterprises". Unused fields are stripped.
PENs are stored in a hash table loaded at run-time.
User "enterprises" file is loaded from the personal config dir.
Misc make-sminmpec.pl improvements and fixes.
Note: names of type "Entity (formerly ...)" have the formerly part commented out for a cleaner output.
Change-Id: I60c533afbe3e399077fbf432088064471ad3e1e2
Reviewed-on: https://code.wireshark.org/review/22246
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
Make the frame into a two-row frame to better accomodate
the comments field, and reinstate the correct action for the
buttons
Change-Id: I171e4bc3c7f195b7179cd6b1c2ab4ab42ede9c04
Reviewed-on: https://code.wireshark.org/review/22405
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Same code pattern is used over and over when connecting to an adb
server. Introduce a helper function that perform the function of
connecting to specified adb server and transport.
Change-Id: Id2f72f1eb976fa0d742a6db1ef6d592264990ba1
Reviewed-on: https://code.wireshark.org/review/22398
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Comments in code claim:
"The data we are getting from the tcpdump stdoutput stream as the
stdout is the text stream it is convertinng the 0A=0D0A; So we
need to remove these extra character."
This is not true on non-Windows systems at least so avoid the filter
when not built for Windows.
NOTE: A problem with the filter is that it operates on all bytes
received on the socket, including packet data(!). Capturing
data with CR/LFs (for example an HTTP request) will fail. Ideally
the filter should be replaced with some other mechanism but as I
don't have a Windows system to verify that the comment claims are
valid, this change will at least make androiddump work on
non-Windows systems.
Bug: 13510
Change-Id: Ic00f44fa7516c0db7fc015ed8685deb365a347db
Reviewed-on: https://code.wireshark.org/review/22397
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Go from <expression>,<comment> to <comment>\n<expression>
Bug: 13814
Change-Id: I842e38798eba7ff87751733ce0b2befdc9c8c27f
Reviewed-on: https://code.wireshark.org/review/22395
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix deprecation warnings that occur with cmake 3.8, replacing it by
some other function that is supported since at least cmake 2.8.8.
This also updates URLs and splits the description in a package
description and the purpose for the package (shown on the next line).
Change-Id: Ic0f37898593f48b8f37f6a228dae49288f20538f
Reviewed-on: https://code.wireshark.org/review/22393
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Packet statistics were not showing the packets above 5120 due to
the last entry being reformatted and not parsed correctly.
Since the last entry is "reformatted" for better user string,
also "reformat" the last entry as it goes through "range processing".
Bug: 13844
Change-Id: Id49b41c08111dcad1590e034159b81ead8636c4e
Reviewed-on: https://code.wireshark.org/review/22382
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a field to the display filter button UAT to allow comments
to be displayed as part of the tooltip to the diplay filter
button
Bug: 13814
Change-Id: I74459e4102856258d31d6429e2fd924a9f798cd5
Reviewed-on: https://code.wireshark.org/review/22390
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The filter expressions data was shoved into the preference file in a
very loose, non-arrayed form. It's much easier to manage in code
(and for users in a separate file) as a UAT.
The GTK GUI was hacked to use the existing UAT dialog rather than
rewrite the pref_filter_expressions.c to support a UAT. Should
be okay since it's deprecated.
Change-Id: I688cebb4b7b6594878c1398365e79a205f1902d9
Ping-Bug: 13814
Reviewed-on: https://code.wireshark.org/review/22354
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
"Warning" is a more appropriate name because filter may not
be as deterministic as user desires
Bug: 13834
Change-Id: Ie34e37db8866dc409f25df227a4d34e7c11d0058
Reviewed-on: https://code.wireshark.org/review/22392
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
ITU Y.1711 at https://www.itu.int/rec/T-REC-Y.1711-200402-I/en states
that OAM payloads are big endian (section 5.3) as reported on bug.
Bug: 8292
Change-Id: Id30e340eee5f5a5c96020cdd1770fa48adb5d169
Reviewed-on: https://code.wireshark.org/review/22383
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Peter Wu