packet-fbzero.c:348:47: error: ‘tag_len’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
Change-Id: I775edcae2bfdc6184267ee8d1873744a675e0fba
Under some conditions the trailer can be added after the FCS has already
been added. Advance 4 bytes and take a second look for a triler without
needing to resort to walking the trailer.
Whether over RTP or just UDP, it's possible to get multiple simultaneous MP2T
transport streams between the same pair of IPs but on different ports. They
will not be part of the same reassembly. Thus the reassembly table functions
that use ports as well should be used to avoid ressembly errors and overlaps.
If the encapsulation is WTAP_ENCAP_PER_PACKET, all we know about the
file is that it might not include radiotap packets and, if it does, it
also includes non-radiotap packets.
If it's *not* WTAP_ENCAP_PER_PACKET, properly report it
(wtap_file_type_subtype() returns the *file type* of the file, not the
*link-layer header type* - yes, that *happens* to work for a pcap file
with Ethernet packets, because the values of WTAP_ENCAP_ETHERNET and
WTAP_FILE_TYPE_SUBTYPE_PCAP both *happen* to be 1, but that's pure
luck).
While we're at it, test only once for --skip-radiotap-header and put
both tests inside that if.
In the heuristic function we don't know the length of the CID in the short
header, so we assume the worst case scenario compatible with packet length
(no more than 20 bytes)
The private members save_action_ and remove_action_ in class FieldFilterEdit
are not used. Remove them.
(It looks as if FieldFilterEdit was copied from DisplayFilterEdit, where
those two actions are present and linked to slots...)
There's a check for adding a zero length fragment to a reassembly in progress,
but it accidentally checks fd_head->tvb_data (the reassembly in progress)
instead of fd_i->tvb_data (the new fragment) before calling tvb_get_data() on
fd_i->tvb_data. (Note that data / fd_head->tvb_data is created based on the
sum of the lengths of all the fd_i->tvb_data, so the former can only be NULL
if all the latter are, but it's possible for one fragment to be zero length
but not the entire reassembly. Thus this is the necessary and sufficient check.)
Fixes#15569
Adds job of building the HTML versions of the
Wireshark User Guide and Wireshark Developer Guide.
PDF versions are not built because it would take significantly longer
(~10 mins instead of ~5 minutes)
cfile_dump_open_failure_message() opens a file for output, not input, so
use output_file_description(), not input_file_description() (i.e., "-"
means "standard output", not "standard input").
Request-response tracking of STUN messages encapsulated in CLASSIC-STUN
packets (via DATA attribute) doesn't work right now.
The reason for this is that req-resp tracking is usually performed on
first-pass, but CLASSIC-STUN attributes are not dissected on first-pass
(on wireshark, at least). So the encapsulated STUN messages are never
elaborated on first pass, either.
Add Ethertype for Cisco ACI ARP gleaning and dissect its payload
Improve some Cisco ACI vendor specific DHCP options
Update mcp after looking at knet_parser.py
Update lldp after looking at knet_parser.py
Also reorder some ETHERTYPEs by value
Add a check for valid CoAP info in dissect_thread_coap() before use.
It may happen that this is NULL because setting a decode_as rule
for application/octet-stream will also catch other packets.
The Diameter type Address hase a two byte address type family field
previously only IPv4 and IPv6 was handled. Add handling of E.164 when
encoded as a string.
It is called as a protocol by GTP as before, but making it separate
and findable by name protocol allows for that layer to be logged and
dissected separately.
Filipe Laíns