The previous handling of LI=0 was a confusion with the LI=0 meaning from
EGPRS (see TS 44.060 B.8.2 Example 2) data block.
(cherry picked from commit 9d5de22a88)
Change PT_DECIMALLIT, PT_OCTALLIT and PT_HEXLIT tokens to uint64
type, and make PT_IDENT excluding '-' numbers which will be parsed
in protobuf_lang.y. That negative enum number and number type of
constant can be correctly parsed.
Note, intLit is uint32 for parsing fieldNumber and enumNumber,
but might be uint64 as constant.
close#16988
(cherry picked from commit 1fff3cb106)
You can't use packet scope if you're not dissecting a packet;
read_IOR_strings_from_file() is called from giop_init(), which is called
when a file is opened, not when dissecting a packet.
Use NULL as the scope, which just does a regular allocation, and free
the buffer when we're done.
Expand a comment to indicate that using dissection routines is *also* a
bad idea in code that's not used when dissecting packets.
Fixes#16984.
(cherry picked from commit 2c2ee172eb)
Cherry picking tends to add an extra blank line to the commit message.
Update the body check in validate-commit.py to allow for this.
Revert "tools: Skip over commit body checks." This reverts commit
24450d9c51.
(cherry picked from commit dd6b6f48dc)
This patch makes the parsing of length fields consistent by moving them
below their parent element and adjusting the length of the parent
element. And it fixes some problems by doing this.
Problems fixed by this:
- Bytes skipped after dynamic length arrays. This resolves#16951
- A byte was ignored before unparsed payload.
- Unions not marking the correct byte range.
- String having the length field twice.
Signed-off-by: Dr. Lars Völker <lars.voelker@technica-engineering.de>
(cherry picked from commit 9ac8dcb3a1)
Check if padding flag is set and alter length accordingly.
Display rtcp.xr.bl the same way as rtcp.length.
Fixes: wireshark/wireshark#16933
(cherry picked from commit e07bb433b2)
Refer to USB Device Class Definition for Video Devices
document revision 1.5.
* bmFramingInfo is 1 byte
* Cut & Paste error for bMaxVersion label
Change-Id: Ib1221886f864a6ab9dbab70a8e5fca6482bf4267
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
(cherry picked from commit b6222766cc)
Also, take a chance to correct the comment: section 6.11.0 does
not exit in 3GPP TS 44.018. In version 15.4.0 Release 15 of
the referenced document it is 10.5.2.31 (table 10.5.2.31.1).
(cherry picked from commit 732591237b)
Corretly decode MNC if it consists of 3 digits
Change to what is called big endinan MNC
8 7 6 5 4 3 2 1
+---+---+---+---+---+---+---+---+
| MCC digit 2 | MCC digit 1 | octet x
+---------------+---------------+
| Filler | MCC digit 3 | octet x+1
+---------------+---------------+
| MNC digit 2 | MNC digit 1 | octet x+2
+---------------+---------------+
MNC of length 3:
8 7 6 5 4 3 2 1
+---+---+---+---+---+---+---+---+
| MCC digit 2 | MCC digit 1 | octet x
+---------------+---------------+
| MNC digit 1 | MCC digit 3 | octet x+1
+---------------+---------------+
| MNC digit 3 | MNC digit 2 | octet x+2
+---------------+---------------+
From 3GPP TS 29.171
7.4.27 PLMN Identity
- digits 0 to 9, encoded 0000 to 1001,
- 1111 used as filler digit, two digits per octet,
- bits 4 to 1 of octet n encoding digit 2n-1
- bits 8 to 5 of octet n encoding digit 2n
The Selected PLMN identity consists of 3 digits from MCC followed by either
- a filler digit plus 2 digits from MNC (in case of 2 digit MNC) or
- 3 digits from MNC (in case of a 3 digit MNC).
(cherry picked from commit 156f9e81fc)
Don't try to dissect bytes as string and show its value item if the
bytes field has a subdissector. And add field subdissector under field
item instead of value item.
close#16956
(cherry picked from commit 1c5d577d63)
Creating protocols with unknown length must be created to the end of the TVB
first and reined back using proto_set_len() once the length becomes known.
Not doing so can make indentification of problems harder and prevents analysis
engines like MATE from properly processing the generated protocol trees.
With this change the remaining offending dissectors are corrected for this.
Closes#16961
(cherry picked from commit 918db88055)
Systemd journal entries aren't file-type-specific; they're found in both
systemd journal entry blocks in pcapng files and in systemd journal
export files. Give it a record type, for use with both file types.
This fixes#16955.
It also means that you can open a systemd journal export file and save
it as a pcapng file.
(cherry picked from commit 889e0d5cb6)
The macOS installer works differently from the way it did when that
message was written (it's now a drag-install for Wireshark, with
separate installers for ChmodBPF and for files to add the Wireshark
binary directory to the default $PATH), and the macOS main screen now
offers a "click this to install" link, running the ChmodBPF installer,
if the user doesn't have permissions to capture. Update the message
to reflect that (although that's wrong if you directly run dumpcap or
run it via TShark - this needs to be cleaned up in some fashion).
Fix a capitalization error while we're at it.
In the code that generates the main screen message to which the dumpcap
message refers, add a comment saying that, if the main screen message
changes, dumpcap's message should also be updated.
(cherry picked from commit 4fd7983b04)
The AT response may not contain a leading \r\n, so avoid checking
for this to determine if it's a response. This characters will be
removed as a part of white space removal anyway.
(cherry picked from commit 5413331ed3)
Start the limit at 2^32-1, as we use a guint32 to store the frame
number.
With Qt prior to Qt 6, lower the limit to 53 million packets; this
should fix issue #16908.
(cherry picked from commit 639891651f)
1) Allow AVP_DEBUGGING settings to be made from Preferences, iff compiled so.
2) Flush MATE/AVP debug output once sequential packet parse has completed.
(cherry picked from commit 5b2901d090)
Cherry-pick the part of 507dd98a58 that skips over commit body checks
since they might contain extra newlines due to appending "(cherry picked
from commit xxx)".
Don't double increment the count when saving all Export Objects,
which effectively halves the maximum number allowed.
(cherry picked from commit 56e19bec49)
Instead of grabbing the set of IDBs found at open time, have a loop
using wtap_get_next_interface_description() to read all unread IDBs run
after opening the input file, after reading a packet from the input
file, and after getting an EOF on the input file.
Add a routine wtap_uses_interface_ids() to check whether the file type
and subtype for a dump file uses interface IDs and requires IDBs. If
so, in the aforementioned loop, add the IDBs to the dump stream.
Add a routine wtap_dump_add_idb() to add IDBs to a dump stream. Have it
call a file-format-specific routine to add the IDBs; the only file type
that supports it is pcapng, and it 1) writes out the IDB and 2) adds it
to the set of IDBs for the stream.
Add a wtap_dump_params_init_no_idbs() routine that prevents the IDBs
from the input file from being used to initialize the output file; use
it in cases where we're using the aforementioned loop to copy over IDBs.
Don't require any IDBs to be present when opening a pcapng file for
writing; 1) the simplest pcapng file has just an SHB in it, 2) that
requirement causes dumps that don't provide IDBs at open time to fail,
and 3) the real issue is that we don't want packets with an interface ID
not corresponding to a known IDB, and we already have a check for that.
(There are some hacks here; eventually, when everything processes the
IDBs in such a loop, we may be able to get rid of the "two favors of
dump parameter initialization" hack.)
Fixes#15844.
Addresses the same issue in #15502, but there are other issues there
that also need to be addressed.
In addition, the merge code also needs to be changed to handle this.