Some binary logcat packets has more then one line, show them in
a convenient form.
Change-Id: I008aac6fe5589f2b10db51f7221853f9d79bbc7a
Reviewed-on: https://code.wireshark.org/review/2549
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Fix invalid structure casting by using defaults values,
this also fix DecodeAs for A2DP.
Do the same for VDP.
Change-Id: I360787af648ed65205eb54732ab6d88f8532cf15
Reviewed-on: https://code.wireshark.org/review/2551
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Some interfaces support multiple Bluetooth adapters with events like
add/remove. We must support that to distinquish adapters streams
in case that new adapter has the same id that old one.
Next one is create session for "Connection Handle", so
next layer will now when it is connected and disconnected.
This is also used to distinguish streams.
Change-Id: I9e062c8e4cc9c033b75f1a596e8351a215169843
Reviewed-on: https://code.wireshark.org/review/2548
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Hopefully, this will fix the warnings from the buildbot that entry_item
was used without being set.
Change-Id: Ibfd921bfbbad68cd8eafd1e3ad3d178cfca03d6e
Reviewed-on: https://code.wireshark.org/review/2547
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ieaa0fa5cdbe8dc8f50cf5b9ee432c786a8f9fc9a
Reviewed-on: https://code.wireshark.org/review/2540
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ia32c2f24df9392d1102fa1121ac93b1071bae7ca
Reviewed-on: https://code.wireshark.org/review/2538
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I6cbc5047b8d58ecbe41bf5392d31dc0adc81d5d5
Reviewed-on: https://code.wireshark.org/review/2537
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Iec3bdfcb3cb14e97045789aec1e11288357d379d
Reviewed-on: https://code.wireshark.org/review/2536
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I4e60295208c2ac35a452f5fb3dffd090cc151473
Reviewed-on: https://code.wireshark.org/review/2535
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
(just copied the existing code)
Change-Id: Ia6dd9be9b39c3c16408e22181225c18d56ac6016
Reviewed-on: https://code.wireshark.org/review/2534
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
This fix does change the format printed for values using bitmasks
(because the bit values are printed first) and is not always wanted
in this dissectors (because of readability).
We should have a better way of doing what I want in this dissectors,
so I'll have a look at this later.
Change-Id: I2477aa6b1d0c42a7ad5848bba3cb74dce3bba1f0
Reviewed-on: https://code.wireshark.org/review/2485
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Hopefully that name makes it clear what the routiner's purpose is, and
will encourage people to use it rather than using dissector_add_uint()
with a bogus integer value.
Change-Id: Ic5be456d0ad40b176aab01712ab7b13aed5de2a8
Reviewed-on: https://code.wireshark.org/review/2483
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I6653b733dfd2c587909371e50fd0c2efc4649dcd
Reviewed-on: https://code.wireshark.org/review/2482
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I5762fb30f57d0f9bc3e5fc786577ed1cc49b64d7
Reviewed-on: https://code.wireshark.org/review/2481
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Hidden fields are deprecated, and we were hiding them inconsistently anyways.
Bug:10211
Change-Id: Iaf1576ae7bc04c0c0bd896c096b117f1b8af2e9e
Reviewed-on: https://code.wireshark.org/review/2474
Reviewed-by: Evan Huus <eapache@gmail.com>
Also ensured some files have their correct names at the top so they are more easily grepped
Change-Id: Ib0f5ddf14eb1616a93dee496107dc0eb09048825
Reviewed-on: https://code.wireshark.org/review/2452
Reviewed-by: Michael Mann <mmann78@netscape.net>
Essentially:
When more data is needed to continue dissecting a PDU, use
DESEGMENT_ONE_MORE_SEGMENT instead of repeatedly requesting
additional bytes (for one or a few more fields).
- Improves the efficiency of the dissection;
- Prevents 'one-pass' tshark dissection from redissecting
the PDU repeatedly many, many times with each time dissecting
the PDU with one or a few more additional fields.
This generated *lots* of (repeated) output since a reassembled
VNC PDU can contain many fields (each of short length).
- (A comment in packet-tcp.c states, in effect, that repeatedly
requesting a specific amount of more bytes to dissect a PDU
will "break reassembly" although I note that the reassembly did
seem to work (in-efficiently)).
Note: Although this patch improves the handling of reassembly, the
dissector has significant issues. For example. see Bug #5366.
I expect this fixes the Bug #10134 issue: "Cannot allocate memory";
Before the fix, 'tshark -nVxr' for the input file generated trees with
multiple hundreds of thousands of entries and generated reassembled
PDUs consisting of many, many small fragments.
Change-Id: I970037c346fbaa4bffa5726fd5bee5f69396eabf
Reviewed-on: https://code.wireshark.org/review/2471
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Also rename base protocol filter name to match prefix of all other fields
Change-Id: Iff234c1443252b9f8e6d87fd7a76925746b5e513
Reviewed-on: https://code.wireshark.org/review/2449
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Cleaned up filter names that were shared, but had different types (which can cause problems in a display filter compare)
Also cleaned up many [FIELDDESCR] that effectively mimicked the field name. Even more could probably be done (and/or rename field name to be more descriptive), but I was being conservative.
Change-Id: I2e072b4f411c390b9430a0a0d903133d6decae5e
Reviewed-on: https://code.wireshark.org/review/2448
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't manually fetch each character to find ',' use tvb_find_guint8()
Change-Id: I29711421469e868a86bf2edd7adf8dcc85ed26eb
Reviewed-on: https://code.wireshark.org/review/2446
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I59ad726c16d4a85dd065f4a21bdf5d86e47c82cd
Reviewed-on: https://code.wireshark.org/review/2451
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(unknown length)
this fixes bug 9527
Change-Id: I255ae9662dfeea06e61e4b0891e0ea8eaa254d0f
Reviewed-on: https://code.wireshark.org/review/2462
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ie1a71046b791bcbbf3cf02ddd1c4ddc88b388302
Reviewed-on: https://code.wireshark.org/review/2461
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Check for all the different AF_INET6 values that are on various OSes.
If Totem is, and will forever be, used *ONLY* on one particular OS, feel
free to remove the uses of other _AF_INET6 values (but do *not* change
back to using the OS's AF_INET6; this should dissect the protocol
correctly on *all* OSes).
Add a common AF_INET definition to epan/aftypes.h while we're at it, and
use that; as most OSes picked up 4.2BSD's AF_INET value, most if not all
of them use 2, but IPv6 came out after 4.2BSD, and various OSes all
picked their own values for AF_INET6.
Change-Id: Iae15dfdd15203ed3ecd078a6499821dc09139a98
Reviewed-on: https://code.wireshark.org/review/2458
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ib3a1ddc4342a7a8648d6ed8bfcb35aa229c56a27
Reviewed-on: https://code.wireshark.org/review/2445
Reviewed-by: Michael Mann <mmann78@netscape.net>
At least now it does. (So does ep_address_to_str().)
Change-Id: I5fdf15ca42faac802fd21b4b6f5b750ed402bd05
Reviewed-on: https://code.wireshark.org/review/2442
Reviewed-by: Guy Harris <guy@alum.mit.edu>
ep_address_to_str() doesn't crash if called outside packet scope, but
it's still not correct to use outside packet scope. Use
address_to_str(NULL, ...) to allocate those strings, and then explicitly
free them when we're done; exceptions don't get thrown between the
allocate and free, so there's no risk of a leak.
Change-Id: Iea2af93b0757e648d399e2ba64249224eb7e9e3c
Reviewed-on: https://code.wireshark.org/review/2438
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Most (all?) of these functions are being called within GUI, so they can't have packet_scope, which is why they weren't already converted (I made this mistake once already)
This reverts commit 7fea55a054.
Change-Id: I4bf29b206e5e1f5daefcec131309a8f6e78e1eb1
Reviewed-on: https://code.wireshark.org/review/2428
Reviewed-by: Michael Mann <mmann78@netscape.net>
From Masatake YAMATO
changes in patch3 (Masatake YAMATO):
* Fix a typo(s/Sequnce/Sequence/)
* Use variable len instead of a number literal
* Put _U_ marker to length parameter of dissect_corosync_totemsrp_ip_address
* Use tvb_report_length instread of tvb_length
changes in patch5 (Masatake YAMATO):
* packet-corosync-totemsrp.c: Adapt to new dissector_try_heuristic interface
+ pass hdtbl_entry argument to dissector_try_heuristic.
* packet-corosync-totemnet.c: Initialize corosync_totemnet_port to 5405
changes in patch6 (Masatake YAMATO):
* packet-corosync-totemsrp.c: Use tvb_reported_length instead of tvb_length.
* packet-corosync-totemsrp.c: Remove unnecessary trailing space in string literals.
* packet-corosync-totemnet.c: Remove SVN Id tag in a comment.
changes in patch8 (Masatake YAMATO):
* packet-corosync-totemnet.c: Remove SVN Id tag in comment(again).
* packet-corosync-totemsrp.c: Use val_to_str_const instead of val_to_str.
changes in patch9 (Masatake YAMATO):
* wsutil/sober128.[ch]: New files derived from packet-corosync-totemnet.c.
Decryption code is moved here.
* packet-corosync-totemnet.c: Remove all decryption code from this file.
Change-Id: Id832d9c5ce1be1668c857c9bbf39e8a84c31880c
Reviewed-on: https://code.wireshark.org/review/725
Reviewed-by: Evan Huus <eapache@gmail.com>
Evan Huus