Add parsing of DHCPv4 option 82.9.4491.2..7
- DPoE System Version (2)
- DPoE System DHCPv4 PBB Service (4)
- CMTS CM Service Class (5)
- CMTS MSO Defined Text (6)
- Secure File Transfer URI (7)
Add parsing of DHCPv6 Relay Agent CMTS Capabilities Option 2
- DPoE System Version (2)
Add an allocated size element to the TOP_ELEMENT_CONTROL struct and use
it to make sure we're not trying to read past the end of a buffer in
canonify_unencrypted_header. Fixes#17636.
Remove now unused defines. Add the BSAP and BSSAP-LE pinos to the tree
as the parent protocol (so that the BSSAP default proto preference can
be selected from the Packet Details and Packet List).
Set the BSSAP+ Decode As preference with the newer Decode As API, so
that we don't need a preference callback.
Move BSSAP-LE and BSAP to pinos so that Decode As on a SCCP SSN
can specify the protocol of choice. The heuristic dissector still
depends on a preference, but change the existing two boolean
preferences to a three way enum. Separate the BSSAP and BSSAP-LE
dissector tables so that the code is cleaner.
Add BSAP, BSSAP-LE, and BSSAP+ to the SCCP UAT for even finer-grained
control. Fix#16828
The heuristic dissector doesn't always work. It is convenient to have
DVB-S2 in the "decode as" menu as well.
The heuristic dissector does not dissect packets where the modeadapt
cannot be detected (CRC errors or other problems). The "decode as"
dissector, on the other hand, will attempt decoding anyway, using the
preferred mode adaptation set in preferences.
If a subdissector requests one more segment for a PDU of unknown length,
but we can't do reassembly for whatever reason, that's not necesarily a
dissector bug (while it could be the result of a bad heuristic, it can
happen from a checksum failing validation or reassembly preferences
disabled.)
The correct error is a FragmentBoundsError (dissector requested bytes
that it couldn't get due to not being reassembled), which is what
we would also throw if the returned PDU length were greater than the
tvb length instead of unknown. Fix#16689.
When OpenReceiveChannel/OpenReceiveChannelAck and
StartMediaTransmission/StartMediaTransmissionAck messages are seen, RTP
streams are created so Wireshark decodes related UDP as RTP.
Note: Multichannel commands (e.g. OpenMultiMediaReceiveChannel) are not
processed as I have no sample to test it.
The fragment length field of DCERPC connection-oriented PDUs includes
the length of the fixed header, and so must be at least that large.
Don't return a (bogus) PDU length zero from get_dcerpc_pdu_len,
because tcp_dissect_pdus interprets that as "need one more segment"
instead of as a bogus value; instead return one, which the TCP
dissector will correctly recognize as bogus.
Also, take into account the offset passed into get_dcerpc_pdu_len
(it is almost always 0, which is why the code previously worked),
and increase the fixed length value passed to tcp_dissect_pdus
to the real fixed header length (so that the TCP dissector will
recognize more bogus values as bogus.)
Fix#14728.
We know the lengths (or at least bounds on them) for most message
types, so if we have a nonsense value assume that we're actually
seeing Continuation Data (or unsupported Message Stream Encryption.)
Also support the extended message type a little bit, at least to
display the bencoded dictionary when it's type ID 0.
In rare circumstances, a pure ACK will be followed by a series of
TCP ACK unseen segments in the opposition direction. Only the first
packet of this series should be marked as such. Closes#11624
In dissect_unassociated_sta_link_metric_response, offset wasn't being
incremented after sta_count was read. The same byte was being read as
the first octet of the MAC address.
When the user has manually registered to a port a dissector other than
the default subdissector (through Decode As, or the preferences
registered via dissector_add_uint_[range_]with_preference), try
those ports with a custom dissector first.
There's a few dissectors (e.g., GTP) that have port preferences
that haven't been migrated to use the DECODE_AS_ preferences for
various reasons; this won't change anything when their preferences
are changed from the default, though it can still work via Decode As.
Fixes#6223 and #12168.
Move dissectors.c to a separate object library so that the rest of the
dissectors don't have to wait for it to be generated. This reduces build
time here by a few seconds when ccache is enabled.
packet-tcpcl.c:1071:9: warning: Value stored to 'frm' is never read [deadcode.DeadStores]
packet-tcpcl.c:1706:21: warning: Value stored to 'sep' is never read [deadcode.DeadStores]
packet-tcpcl.c:1762:21: warning: Value stored to 'sep' is never read [deadcode.DeadStores]
packet-ieee80211.c:17423:9: warning: Value stored to 'offset' is never read [deadcode.DeadStores]
packet-ieee80211.c:17424:9: warning: Value stored to 'tag_len' is never read [deadcode.DeadStores]
packet-ieee80211.c:17430:10: warning: Value stored to 'offset' is never read [deadcode.DeadStores]
packet-ieee80211.c:17431:10: warning: Value stored to 'tag_len' is never read [deadcode.DeadStores]
packet-ieee80211.c:17437:10: warning: Value stored to 'offset' is never read [deadcode.DeadStores]
packet-ieee80211.c:17438:10: warning: Value stored to 'tag_len' is never read [deadcode.DeadStores]