Change-Id: I4f1078b20f41800f72a751612703ad0d4c2ae87b
Reviewed-on: https://code.wireshark.org/review/6323
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
These "bases" will put a ".", "-", or ":" respectively between hexidecimal bytes in the field in packet view and display filter. FT_BYTES with BASE_NONE will have no separator in the packet view, but continue to have the ':' as a separator in the display filter.
Converted the "string" hf_ entries that used tvb_fc_to_str as a string to use proto_tree_add_item with FT_BYTES/BASE_DOT type.
Converted applicable tvb_bytes_to_ep_str_punct() calls to use the new BASE values.
Change-Id: I2442185bb314d04a3ff2ba57883652ecd738b5f9
Reviewed-on: https://code.wireshark.org/review/6098
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also, convert the "string" hf_ entries that used tvb_fcwwn_to_str as a string to use proto_tree_add_item with FT_FCWWN type.
Change-Id: I4ca77870499fd8239584a70874998b5d194a7167
Reviewed-on: https://code.wireshark.org/review/6036
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I1d258923a7a63539ec8456d3e306bca5016a1e4b
Reviewed-on: https://code.wireshark.org/review/6060
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I40d0c8253743183aecef252040b7dd6742ae5c71
Reviewed-on: https://code.wireshark.org/review/5934
Reviewed-by: Michael Mann <mmann78@netscape.net>
(Along the lines of provious changes.)
Change-Id: I22d76f22400d4a93242392ff4688acc753eb0039
Reviewed-on: https://code.wireshark.org/review/5961
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Give the field name in the message.
Change-Id: I046c74b451b473c9c87c2980122b025390f82cc8
Reviewed-on: https://code.wireshark.org/review/5959
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Otherwise it will trigger an assert
Fixes a regression introduced in gf002332
Change-Id: I0cffa2c952b7eff085a1834ebabfec03342095bd
Reviewed-on: https://code.wireshark.org/review/5950
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: I8cce9fddbfe950e27e96ea8a5a6d2e0921ff4260
Reviewed-on: https://code.wireshark.org/review/5933
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I74ddb6fc629ef32b217dede7a3ba652cbbf5ab12
Reviewed-on: https://code.wireshark.org/review/5932
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
You can now add column with Custom type with more than one field
by using OR "||" splitter.
Bug: 9695
Change-Id: Ia82a91e7a35b867647d36cb9626e3870f46c0d85
Reviewed-on: https://code.wireshark.org/review/5804
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Have dissectors register their desire to be part of "color" conversation filters and have the GUI use that registered list. GUI actually using API will come in a separate commit.
Change-Id: I5ffe922d97894fe7bf3182056b76ab5839a9461a
Reviewed-on: https://code.wireshark.org/review/5658
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's proto_tree_add_bitmask with the ability to control the data appended to header.
Change-Id: Icce97437ba7cfc9158ec204a837da8db8138424a
Reviewed-on: https://code.wireshark.org/review/5533
Reviewed-by: Michael Mann <mmann78@netscape.net>
It appears that Wireshark allows (and currently has) fields with the
same name with differing "strings" content.
Change-Id: Iddac5a2c9f456a97ea676f2007f43d786482eebd
Reviewed-on: https://code.wireshark.org/review/5491
Reviewed-by: Bill Meier <wmeier@newsguy.com>
This improvement avoids use of deallocated memory (crash) if using a
deregistered field in display filter, color filter, custom column and
other cases when the field is used as "interesting field".
This functionality is currently used in http, imf and ldap preferences.
Also removed unused proto_registrar_n() as this does not work correctly
after deregistering fields.
Change-Id: I043e3bf7a98bd773c9801e712a012d1eab8a7f94
Reviewed-on: https://code.wireshark.org/review/5161
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Stig Bjørlykke <stig@bjorlykke.org>
it returns the parent tree of a given tree object
Change-Id: I191e0221651ffb5b26df761e9a25075aa0eb2ad3
Reviewed-on: https://code.wireshark.org/review/4954
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
That slightly better expresses the intent.
Also, fix the message printed for bad bytes in a field name to handle
bytes that are bad because they don't correspond to printable ASCII
characters.
Change-Id: I01f232c35bbbe30286999b6c607bfcf3d491453d
Reviewed-on: https://code.wireshark.org/review/4976
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When the user hovers over a byte view field, highlight it and show a
description in the status bar.
Add a "byte" status bar context and fix a label stack pop bug.
Keep proto_find_field_from_offset from matching generated items.
Otherwise hovering and selecting finds things like GeoIP entries and
checksum validation information. This affects the GTK+ UI as well.
Change-Id: Ic81c0d8159510a72d30c41f961807d8a48d05e16
Reviewed-on: https://code.wireshark.org/review/4943
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This function did not work after svn revision 51396.
This fix affects http, imf and ldap preferences.
Change-Id: I6fcb24c968d03c7d1fdc018cfa907f9cfd8809bb
Reviewed-on: https://code.wireshark.org/review/4881
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The result of the '>>' expression is undefined if mask_greatest_bit_offset = 0.
Change-Id: I15b094a5220a5075878bad65ab0b8c5279e80e8a
Reviewed-on: https://code.wireshark.org/review/4723
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- use G_GINT64_MODIFIER instead of "%ll"
- use G_GUINT64_CONSTANT instead of ULL
- add some missing explicit casts
Change-Id: Ic048d9ee8966ea504ea542cefe55688edcfb2dc7
Reviewed-on: https://code.wireshark.org/review/4644
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
There are protocols out there that have 64-bit wide bit mask fields, so
make the internal representation and bitfield decoders 64-bit aware.
For this, the ws_ctz() fallback and bits_count_ones() have to be tweaked
slightly.
Change-Id: I19237b954a69c9e6c55864f281993c1e8731a233
Reviewed-on: https://code.wireshark.org/review/4158
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We rarely, if ever, want to, or need to, explicitly set the captured
length of a packet; we want to set the *reported* length and let the
tvbuff code figure out how much of that data was actually captured.
Change-Id: I9b93d296197989f677d888b10954589dfc1edc59
Reviewed-on: https://code.wireshark.org/review/4138
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Replace some conditional + fprintf + DISSECTOR_ASSERT()s with
DISSECTOR_ASSERT_HINT() or just change the DISSECTOR_ASSERT() to
DISSECTOR_ASSERT_NOT_REACHED() when the hint requires formatting.
Change-Id: I80c7c6579d7755a60d644b5ef60ec4e3299ba0ab
Reviewed-on: https://code.wireshark.org/review/4115
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
If we try we may (in the case of setting the length or end) mistakenly assert
out.
Bug: 10329
Change-Id: I52083ba17f6427712a6a363f48f1f7ae51f2b74b
Reviewed-on: https://code.wireshark.org/review/4093
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
For field types where it doesn't mean "to the end of the tvbuff", treat
it like other negative length values - as if it were unsigned and thus
Very Large and thus likely to be past the end of the tvbuff. That way,
some of the "we hax0red your SNMP packets" captures, with length fields
of 0xffffffff, report malformed packets rather than dissector bugs.
Change-Id: Id53f828b06b6febe7d79f8539e54523e0b43e5c2
Reviewed-on: https://code.wireshark.org/review/4091
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I2e8d18df71688c654f7acaff51fae7823c08aa6a
Reviewed-on: https://code.wireshark.org/review/3677
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Other minor cleanup while in the neighborhood.
Change-Id: Ib76f4a9f89b5933425760af0a980c6a549031b8f
Reviewed-on: https://code.wireshark.org/review/3537
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This is what you get for forward-cherrypicking commits you made on master-1.12.
Change-Id: I8e51181d497dc63c614fe623439506cfe99c6fa3
Reviewed-on: https://code.wireshark.org/review/3385
Reviewed-by: Evan Huus <eapache@gmail.com>
Otherwise the offsets will be wrong when calling, e.g. proto_item_set_end.
Bug:10329
Change-Id: I5ae0c660af90678e446817b65f83c075e7c0b84e
Reviewed-on: https://code.wireshark.org/review/3341
Reviewed-by: Evan Huus <eapache@gmail.com>
... As would be the case if proto_tree_add_text() + proto_item_add_subtree()
were used. (This initialization value is only used when TRY_TO_FAKE_THIS_ITEM()
shortcuts us out.)
As reported/discussed on -dev:
https://www.wireshark.org/lists/wireshark-dev/201407/msg00031.html
Change-Id: I4af63e3cf0a70607d58b4641597b2ce7907fbb8b
Reviewed-on: https://code.wireshark.org/review/3271
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: I64bb64787c83ffe712ffd348cceb5449690dd6d0
Reviewed-on: https://code.wireshark.org/review/3247
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
There is still some const-incorrect usage of them but those can be ironed
out after this change has been made.
Change-Id: Iba0631c804bdab34d7c0232b49967130e3370488
Reviewed-on: https://code.wireshark.org/review/3199
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Refactor (non-GUI) conversation table functionality from gtk/Qt to epan. Also refactor "common GUI" conversation table functionality.
The idea is to not have to modify the GUI when a dissector adds a new "conversation type"
Change-Id: I11f08d0d7edd631218663ba4b902c4a4c849acda
Reviewed-on: https://code.wireshark.org/review/3113
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Unfortunately, certain proto_hier_tree_model.c functions
assume/require that a cookie generated by
proto_(first|next)_protocol_field() will never have a NULL value.
Bug introduced in gd47ae54.
Change-Id: I42763d02f700e15ca9b3ab9980943d4f8d933ca9
Reviewed-on: https://code.wireshark.org/review/2712
Reviewed-by: Evan Huus <eapache@gmail.com>
This is intended as a replacement for all of the proto_tree_add_text followed by proto_item_add_subtree calls.
Change-Id: I892136d7b9d8b4e100996097eff62ce7af9512d2
Reviewed-on: https://code.wireshark.org/review/2472
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I24fe3cc4a3589dadc4528a77fe7ff13d06b1a983
Reviewed-on: https://code.wireshark.org/review/2245
Reviewed-by: Michael Mann <mmann78@netscape.net>