Get rid of stuff probably left over from copying-and-pasting a
lines-of-text dissector that *did* register for a media type.
Change-Id: I1197b254dd66d82883a4078c043f5cf1b2777e17
Reviewed-on: https://code.wireshark.org/review/8946
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That assumption will cease to be valid in the future.
Change-Id: I021900c7a2f18f94e24cf6d372bb0c5e6fa3fdfe
Reviewed-on: https://code.wireshark.org/review/8945
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make the "previous protocol data" union in bluetooth_data_t a
discriminated union, and use the discriminator to decide whether to use
a given member of the union or not (or to check whether the member you
plan to use is valid).
Have separate top-level dissectors depending on what the data type
pointed to by the "data" argument is.
Use that member to point to pseudo-header metadata, and, for now, set it
to point to the appropriate pinfo->pseudo_header value; eventually, we
plan to pass the pseudo-header pointer in as the "data" argument from
the "frame" dissector.
Don't overwrite the pseudo-header in the packetlogger dissector -
construct a new one and pass it in.
Change-Id: Ia1ef71e7082a964c5d92d47221f8c00e32f3f087
Reviewed-on: https://code.wireshark.org/review/8943
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Otherwise it is put in the top tree, which seems a bit surprising (as seen in the attachment for bug 11271)
Change-Id: I0e7f9c89d8ecaeecc3a951893e10154bc11927d3
Reviewed-on: https://code.wireshark.org/review/8927
Reviewed-by: Anders Broman <a.broman58@gmail.com>
move tfs_response_request to epan/tfs.[ch] and use this
Change-Id: I29d5894fade721b5234649a7c2d83dd1d6a19a0d
Reviewed-on: https://code.wireshark.org/review/8930
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(https://tools.ietf.org/html/draft-ietf-roll-trickle-mcast-12)
Change-Id: Idde0f0ef6c23b4c91f08fed1d5b18c68e8c5cf4e
Reviewed-on: https://code.wireshark.org/review/8885
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
As defined in section 7.2.3.10 "Experimenter
Flow Match Fields" of openflow-switch v1.3.5 spec.
Change-Id: I7268f614417720f225a22b226c8f21603b7f2d0f
Reviewed-on: https://code.wireshark.org/review/8882
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fixes these warnings reported by Undefined Behavior Sanitizer (UBSan)
while running the test suite:
icmp: left shift of 55099 by 16 places cannot be represented in type 'int'
wimax: left shift of 1 by 31 places cannot be represented in type 'int'
Change-Id: I72913a901b61033098750da9c8f1617b055999a1
Reviewed-on: https://code.wireshark.org/review/8913
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Please found it under Bluetooth menu. It shows all devices found
in logs, not only connected, all that its address can be found in
logs. Show if device is local (in most cases: capturing on it side)
and manufacturer and LMP version what should answer the question what
version of Bluetooth is used by Bluetooth device chip.
Also firmware version.
Change-Id: I32e3b7100cdebcaa850b6541de0ab89dff41c0e1
Reviewed-on: https://code.wireshark.org/review/8901
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Have separate dissectors for ATM MPLS pseudo-wire traffic and regular
traffic. That way, we can handle the regular traffic dissectors being
handed private data, e.g. an ATM pseudo-header from libwiretap.
Change-Id: I11e5abfdb1c3a5acc070ddaba8ef53813bc85e1a
Reviewed-on: https://code.wireshark.org/review/8921
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Idec2ca4f2db7a10e96c7acb030e0619c4f607b73
Reviewed-on: https://code.wireshark.org/review/8920
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ie86519345556b4a674ff1c7b4527de7219b2a539
Reviewed-on: https://code.wireshark.org/review/8919
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Fixes this UBSan warning:
epan/dissectors/packet-ber.c:1917:23: runtime error: left shift of
54645397829836991 by 8 places cannot be represented in type
'long int'
Integers are two's complement, so really just cast it to unsigned to
avoid undefined behavior and still set the upper bit.
Change-Id: Ia5d080ae8b9dd39aef5e700daeede5c235b425ea
Reviewed-on: https://code.wireshark.org/review/8908
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Based on the heuristic suggested by Jasper, check whether ethertype matches
IPv4, ARP, RARP, VLAN or IPv6 and decode payload as Ethernet PW (CW heuristic)
by default. Otherwise display payload as data by default.
This can be overridden by the 'Decode As' configuration.
Follow up of g7ca0472
Bug: 11271
Change-Id: Idb2ce1f8b967813a8f4a5e29e6005d5442729395
Reviewed-on: https://code.wireshark.org/review/8912
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Set a correct data length: 16-bytes, not 1-byte. And use the
standard function to print the uuid.
Change-Id: Ic4cc8d8de3f469e43664fbd7f6eb89083dc83be6
Reviewed-on: https://code.wireshark.org/review/8905
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Packets with a decimal datatype should be correctly dissected.
Yet, we still cannot display the decimal floating-point numbers as
there is no support in printf and glib.
Change-Id: I48a6dafd1e12ab55f660fad37a759dd16a9cf4b1
Reviewed-on: https://code.wireshark.org/review/8902
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Fix "malformed" packets where there is only one attribute of DID.
Change-Id: If71ec66e09edbb7c1ca2ebf97acbf65cc52ab038
Reviewed-on: https://code.wireshark.org/review/8898
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Add support for RPCoRDMA and as a result support NFSoRDMA protocol
Bug:11251
Change-Id: I1a4af1b4e6b344224f5ce0efa77d7dbfca8aae46
Signed-off-by: Slava Shwartsman <slavash@mellanox.com>
Signed-off-by: Yan Burman <yanb@mellanox.com>
Reviewed-on: https://code.wireshark.org/review/8758
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The code was added to dissect CAT004.
Change-Id: I7be543468d7df959db6bcef53d21d49846d29990
Reviewed-on: https://code.wireshark.org/review/8883
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The standard says that (unless otherwise specified) AMQP uses
network byte order for all numeric values.
Change-Id: I3ca154a6fb882d9194a9af891f92f760aae776eb
Reviewed-on: https://code.wireshark.org/review/8889
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The start_ptr parameter was missing.
Bug: 11264
Fixes: 8ccf65bfb2 Eliminate proto_tree_add_text from a few dissectors.
Change-Id: I52a59fe572cd1d0da8c6eb64e703752f5e352ed6
Reviewed-on: https://code.wireshark.org/review/8878
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: Ieef2747ce7cc42f0f1b56dd48268d65b1875a5d6
Reviewed-on: https://code.wireshark.org/review/8879
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I134290624d40b7a14c3aaeb2f0793838a411805e
Reviewed-on: https://code.wireshark.org/review/8876
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 594
Change-Id: Ib41c4c753e24ac78b39463ab1daae7fd00631230
Reviewed-on: https://code.wireshark.org/review/8851
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Allow the command layer to be shown for duplicated frames
if needed for deep-packet analysis
Change-Id: I2e0026b6e448ebfd96f879f2f002a6f30a0a5031
Reviewed-on: https://code.wireshark.org/review/8874
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- Add b16 counter to SPDO Time Request/Response
- Mark generated time fields as generated
- Fix +1 addition for frameOffset
- Fix CRC2 calculation for subframes with just 5 bytes datalength
Change-Id: I59ef7bf445de47c2bd165ae0f94d64d9f11d636b
Reviewed-on: https://code.wireshark.org/review/8875
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
'type' = FATTR4_BITMAP_ONLY
This patch updates the code accordingly.
Vars 'num_bitmaps', and 'count' are declared as guint8 but being passed to
32-bit fields of proto_tree_add_uint() and tvb_ensure_bytes_exist(). In
glibconfig.h 'guint8' is defined as 'typedef unsigned char guint8;' and in
'limits.h', ‘char’ is defined as 8 bits: #define CHAR_BIT 8 /* number of
bits in a char */. These vars have been changed to 32-bits.
There are 22 other dissectors that call "tvb_ensure_bytes_exist()". In
addition, there are an 215 CHECK_BYTE_COUNT_SUBR macro calls in
packet-smb.c which essentially do the same thing. README.developer does
state "you can check whether the data is present by using
"tvb_ensure_bytes_exist()" although this frequently is not needed." This
call has been removed in accordance with that statement.
Bug: 10483
Change-Id: Ib06ab14254882e9110af265d2d67a66dcce694f2
Reviewed-on: https://code.wireshark.org/review/8847
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
It was added (presumably by accident) in 41ac67c.
Change-Id: If9c2daae6d9f6a0f09fc04c5332faeaa69d355c2
Reviewed-on: https://code.wireshark.org/review/8855
Reviewed-by: Evan Huus <eapache@gmail.com>
the list.
The patch ensures that non-duplicate subnets are appended to the end of the
list rather than as the second element, which if there had been a second
element previously, the memory for it was effectively leaked.
It also allows /32 "subnets", even though arguably the hosts file should be
used instead, but now the test in read_subnets_file() matches the assert in
subnet_entry_set().
Bug: 11247
Change-Id: I54bf1cbb34edfcf410aa634043a377c27091df51
Reviewed-on: https://code.wireshark.org/review/8802
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The 'si' pointer was utilized before it was verified against nullptr.
Change-Id: I92faf43160698a548531dceb557cf4153d15d03f
Reviewed-on: https://code.wireshark.org/review/8845
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Split StatsTreeDialog into StatsTreeDialog and TapParameterDialog (its
base class). This more closely matches the GTK+ UI and paves the way for
more statistics dialogs.
Change-Id: I2630385534e829d99724673ade372fcb33200d07
Reviewed-on: https://code.wireshark.org/review/8842
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This reverts commit da1766e987.
I should have set CR-2 because I was working on the following update: According to RFC 5661, a zero attribute mask is acceptable if type FATTR4_BITMAP_ONLY is passed to dissect_nfs4_fattrs(). In addition I found guint8 vars 'num_bitmaps', and 'count' are declared as guint8 but being passed into 32-bit fields of proto_tree_add_uint() and tvb_ensure_bytes_exist().I will push a new patch for review.
Change-Id: I95e55af7fef17d0554f9741aa426feeeb95e2c21
Reviewed-on: https://code.wireshark.org/review/8843
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
`dissected_length` can come from the packet in some paths, meaning it can be 0
or negative and we need to check for underflows and other such problems
Bug: 11255
Change-Id: Iba55ec1824a391ec1c717bfea5b65cc6610fc081
Reviewed-on: https://code.wireshark.org/review/8839
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Observe that tcp_flags_to_str_first_letter is a copy of tcp_flags_to_str
with the flags[][4] variables copied and the loop variables inverted.
This misses the FIN bit, and runs past the flags buffer.
Behavior change: for consistency, move the reserved bits to the front
and print reserved bits individually. Old output / new output:
NCEUAPRSRRR
RRRNCEUAPRSF
Tested with this pcap with all flag bits set (0x0fff). hexdump:
d4c3b2a1020004000000000000000000ff7f000065000000b6b77455f3ac
06002800000028000000450000280001000040067ccd7f0000017f000001
0014005000000000000000005fff2000907f0000
Change-Id: I70e070808d1f0f9cd60eaf4f2b3f4ac6e3cfaada
Reviewed-on: https://code.wireshark.org/review/8826
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
pointer truncation from 'const guint16 *' to 'unsigned long'.
Even if we only require GLIB 2.16 this will fix the Windows build as we do
have a newer Glib on Windows.
Change-Id: Ie0644536783e8b298de59094fec240e249c9b27f
Reviewed-on: https://code.wireshark.org/review/8833
Reviewed-by: Anders Broman <a.broman58@gmail.com>