Currently the type length of the host key is parsed but not displayed.
This commit fixes that.
Change-Id: I3db149129609c3ec5cd24e1031c35481ce3d2f81
Reviewed-on: https://code.wireshark.org/review/30375
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The SSH dissector currently displays the padding as a member of the
Key Exchange Tree.
According to the RFC, the padding is a member of the 'Binary Packet'.
This commit adjusts the display accordingly.
Change-Id: I24ea2b44b8b7253bbdf61057cb7f0b845d6e7f74
Reviewed-on: https://code.wireshark.org/review/30372
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The RTPS dissector now reassembles and shows the full sample
when it has been fragmented into several DATA_FRAG submessages.
There is a boolean preference to enable this feature (disabled
by default due to the potential memory consumption it can cause).
Change-Id: I394c042acdd54953ad6a082b385a5b94c9097cd5
Bug: 15227
Reviewed-on: https://code.wireshark.org/review/30297
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
'double' tests have been disabled in aa03833 due to format change
in ntp fields.
Change-Id: Id3ab0a736c164bb7fdfed7b5da8856b512308978
Reviewed-on: https://code.wireshark.org/review/30366
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Adding the name to the tree at the same offset (1) where we read it.
Bug: 15236
Change-Id: Iefe1a74d7f4d547a049e0b82dca51964e48fa9b7
Reviewed-on: https://code.wireshark.org/review/30370
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This IE is of TV type, not TLV type, so there is no length check to
perform.
Bug: 15237
Change-Id: Iafee6e43984d70cd046452687518b9cad5d30957
Reviewed-on: https://code.wireshark.org/review/30364
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Memleak found by bug 15231 fixed. Two branches in time processing merged together as they had same content.
Bug: 15231
Change-Id: I6396210a19e3af30f3c0f6c00ab6266e086bd4c3
Reviewed-on: https://code.wireshark.org/review/30362
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The LQI is defined as a unit-less index derived from the SNR.
Change-Id: I40627b34130a93fa0464cd478ab50cd487c59e22
Reviewed-on: https://code.wireshark.org/review/30348
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Both are only applicable for unicast transmissions, and the latter is
only meaningful for UL-SCH
Change-Id: If8a512b02964ec1be63a3901bd8c84082325659e
Reviewed-on: https://code.wireshark.org/review/30342
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
id_list and ofs_list contain offsets read directly from the packet.
While the field type is FT_UINT32, it is somehow interpreted as signed
number. This means that ofs_table->offset_list[id_list[idx]]=... could
in fact result in an arbitrary write before "ofs_table->offset_list" due
to id_list[idx] being negative.
Another way for id_list[idx] to remain negative (-1) is for the loop to
terminate before all "field_count" elements are set. Thus, remove the
"datalen_remaining >= L_LBMPDM_OFFSET_ENTRY_T" check, if the offset is
invalid the proto_tree_add_item accessors will throw an exception.
Fixes the crash in the linked bug. Regression tested against the 8
capture files from bug 9718, its dissection results are still the same.
Bug: 15132
Change-Id: If5d2f11ee47578acb80bc43ba7ed16adb27e0c02
Fixes: v1.11.3-rc1-2270-g2f4ca9c8d9 ("Initial checkin of LBM aka 29West dissectors. See Bug 9718.")
Reviewed-on: https://code.wireshark.org/review/30300
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This change adds a python (3) script that generates the file packet-dcm.h from
the DocBook sources of the DICOM standard. They can either be present in the
current directory where the script is run, otherwise the current version is
downloaded from the DICOM standard official website.
Change-Id: Ibc0d88e52a5960b48624f729a67a0effbb7c1005
Reviewed-on: https://code.wireshark.org/review/30338
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This is in preparation for generating the tables automatically from the DocBook version
of the DICOM standard. In this commit, there are no changes to the actual contents
of the tables, to facilitate reviewing the actual changes that results from the update.
Change-Id: I3b11597277537901e5804bb246d5f3777bb463d9
Reviewed-on: https://code.wireshark.org/review/30337
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Previously installed as transitive dependency of libgtk2.0-dev.
Installed as transitive dependency of libjson-glib-dev since
v2.9.0rc0-201-g511c2e166a, but this is an optional package.
Change-Id: Id4b8523b2d614d273fdb71e91878d4d1a4518572
Fixes: v2.9.0rc0-310-gf23a934492 ("Don't install autotools or GTK+, but do install CMake.")
Reviewed-on: https://code.wireshark.org/review/30336
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The chmods seem to be working.
Change-Id: I0f85a1428de511497597a3fd304c700ea1a1f846
Reviewed-on: https://code.wireshark.org/review/30331
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For some reason it's *not* taking away write permission; make it verbose
to try to debug that.
Change-Id: I180309953d36798d2da3a74959cdd934adc5a4a3
Reviewed-on: https://code.wireshark.org/review/30325
Reviewed-by: Guy Harris <guy@alum.mit.edu>
But *do* get rid of the pre-launchd XQuartzFixer startup item; it's
probably not there, but we might as well leave things as clean as we
can.
Change-Id: Icfdbe6c0d022cde8cf30bd3c79fbf77896e6fe98
Reviewed-on: https://code.wireshark.org/review/30322
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I1f828df1735bd10ef8849d208e10ea1339ba37e2
Reviewed-on: https://code.wireshark.org/review/26403
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a preference (enabled by default) that can enable/disable the ability for Wireshark to autocomplete display and capture filter controls.
Bug: 14368
Change-Id: Ib2b688bb75c4465dab14a6a635a870d7e5c4fe80
Reviewed-on: https://code.wireshark.org/review/30320
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
dfilter/group_double tests have been removed and need to be replaced by leveraging
another protocol.
Bug: 15049
Change-Id: I354a27a5217336ee5c9b1d021a2d3226e3532eec
Reviewed-on: https://code.wireshark.org/review/29035
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Take away group write permission for stuff under
/Library/Application Support/Wireshark. For some reason, it's getting
set; it's not necessary.
Change-Id: I4280a635e0c171cf5ad17cb91fe20d746c2daf79
Reviewed-on: https://code.wireshark.org/review/30317
Reviewed-by: Guy Harris <guy@alum.mit.edu>
WNSRP packets are the same as SRP packets, just with a different Command Code.
Change-Id: I41e0ab4cbe90497fd7fb4142b119edb79c1477df
Reviewed-on: https://code.wireshark.org/review/30205
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Opening the Follow TCP Stream dialog triggers redissection and ended up
triggering a "first <= rowCount(parent)" assertion failure. Fix the
first and end arguments to reflect the actual number of displayed rows.
Bug: 15014
Change-Id: Ic07834948a133bea752e45751ebe8be2da98a35e
Reviewed-on: https://code.wireshark.org/review/30302
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix the build with newer gcc versions:
./epan/dissectors/packet-ldap.c
./asn1/ldap/ldap.cnf: In function ‘dissect_ldap_AttributeValue’:
./asn1/ldap/ldap.cnf:453:11: error: variable ‘len’ set but not used [-Werror=unused-but-set-variable]
cc1: all warnings being treated as errors
ninja: build stopped: subcommand failed.
Change-Id: Id3a5369b4ca29f6989ab7b0bd652d72c239164a5
Reviewed-on: https://code.wireshark.org/review/30313
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Nest testing was added in I5f6da3a3e269f6db1b690b77470ddf60045bcedd as
a reaction to CVE-2018-12086. In this changed there was only nest
increment without decrement.
Bug: 15226
Change-Id: I178fad4be1106c8da23351220c95c85274bddc30
Reviewed-on: https://code.wireshark.org/review/30285
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
They don't need it; read permission suffices.
While we're at it, rename a variable to indicate that it's the path to
the plist for ChmodBPF, not the path to the executable for ChmodBPF.
Change-Id: Ib7537e26ae3f4477c4110759049a8cd7d2f09cf6
Reviewed-on: https://code.wireshark.org/review/30303
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Instead of trying to byte swap all of pcapng's block types, refuse
to handle pcapng sources that have a different byte order.
Rename cap_pipe_adjust_header to cap_pipe_adjust_pcap_header.
Change-Id: I2615da57ba9d3fc365c631dc191f7767a284d460
Reviewed-on: https://code.wireshark.org/review/30235
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: James Ko <jim.list@hotmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If no dissector is defined, the macro should not be defined either.
Change-Id: If9c24d2b223e93f1d42f8a7444fd019aad4c5c1d
Fixes: v2.9.0rc0-2266-g7e88bb5e53 ("fuzzshark: integrate oss-fuzz targets in CMake")
Reviewed-on: https://code.wireshark.org/review/30299
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The COMPILE_OPTIONS source file property was introduced with CMake 3.11,
disable warnings via a target property instead (available since 2.8.12).
Disable some VS Code Analysis warnings. These flags seem to be accepted
since VS2015, so they can be added unconditionally.
Change-Id: Idfbf154caf8c1168f1f871a640a25b816a2cfab8
Fixes: v2.9.0rc0-2274-g7ce9081fdc ("lemon: sync with upstream (2018-09-08)")
Reviewed-on: https://code.wireshark.org/review/30298
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Daniel Hirschberger