tools/dfilter-test.py is the main script, others are imported as needed.
Change-Id: I5ce7bd298b90d3e16c83c6b219c2717ccbcf2a10
Reviewed-on: https://code.wireshark.org/review/26944
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For the "802.15.4 with FCS" link-layer type, strip what FCS we find, if
any, off and use that new tvbuff for all dissection except for
checking and dissection of the FCS itself.
For the "802.15.4 without FCS" link-layer type, don't fake an uncaptured
FCS by increasing the reported length, just use the tvbuff as is.
This means we handle 802.15.4 the same way we handle other link-layer
types where the FCS might, or might not, appear as part of the captured
data.
Change-Id: Ia91b7fb0aad495876be00bf813c6b6517e5e11d7
Reviewed-on: https://code.wireshark.org/review/26947
Reviewed-by: Guy Harris <guy@alum.mit.edu>
1. Use explicit cast from gint16 to gint then to gdouble
- I can understand my compiler - implicit cast is not explicit cast
2. Fix const cast by remove "const" from one field but add it whenever
possible in other places
Change-Id: Iab7401f972c40bca2df58f91b89e29cf2d7cf11b
Reviewed-on: https://code.wireshark.org/review/26917
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michal Labedzki <michal.labedzki@wireshark.org>
According to RFC 5280 (Section 4.2.1.6. Subject Alternative Name), an
iPAddress can be either four (IPv4) or sixteen octets (IPv6).
Bug: 14603
Change-Id: I6894f78c8e3f2a1b10940379397c87bbf981d4d6
Reviewed-on: https://code.wireshark.org/review/26891
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Bring up an expert info if the file contains a record whose captured
length is larger than the reported length. Abort the dissection in this
case since we rely on those lengths to find the next record.
Change-Id: If249d0fe670373417bbfef6759edc0b020a9f5cb
Reviewed-on: https://code.wireshark.org/review/26885
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Craig Jackson <cejackson51@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The length field's value doesn't include the length of the length field
itself.
Change-Id: Icd0cc2721a32212296929d248b9305b0f4a051e6
Reviewed-on: https://code.wireshark.org/review/26920
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We don't just reassemble DOCSIS MAC frames, we reassemble other forms of
higher-level packet atop an MPEG Transport Stream as well.
Change-Id: If6e709a8d2d3e574fbaedb1fcac74797c5664aa5
Reviewed-on: https://code.wireshark.org/review/26905
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The exception mechanism is setjmp/longjmp-based, so we need to mark
offset as volatile, otherwise the longjmp might not restore its value.
Change-Id: Ib63070bbbbe1f16a93cb58aa7ee5ef2a5488df8a
Reviewed-on: https://code.wireshark.org/review/26901
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That way, some exception thrown higher in the protocol stack doesn't
stop us from dissecting the next TSP.
Change-Id: Ib756e5d62806caf0edd4e4ded18bb94000653d39
Reviewed-on: https://code.wireshark.org/review/26897
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This allows a better check of the required version.
Change-Id: I6c4aab67c73434aff4ad744caa2d0add9ec6225c
Reviewed-on: https://code.wireshark.org/review/26889
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This patch adds dissecting of several attributes in RTM_NEWLINK and
RTM_NEWADDR.
Change-Id: Iab476e7439a9bcbc25e70cded67bc371788baec4
Reviewed-on: https://code.wireshark.org/review/26830
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It is not inherited by previous target.
Change-Id: I11be59211a900375e02fce8c05cc4164b8dc42e4
Reviewed-on: https://code.wireshark.org/review/26877
Reviewed-by: Anders Broman <a.broman58@gmail.com>
According to 3GPP TS 29.244 v15.1.0
Change-Id: Idcaad3eccf0bd5c9cc57eca5038313fd14916963
Reviewed-on: https://code.wireshark.org/review/26859
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The dissector handle is already known so it's no need to fetch
this again using find_dissector().
Change-Id: Id48066ab881f2b80ec9e3a6e86bc1e41f32cd1ec
Reviewed-on: https://code.wireshark.org/review/26873
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This fixes a regression issue from g57fed5d1 when freeing the
arguments passed to extcap.
Change-Id: Ic4d6a129569f9e691fd2608e0229342b8b5e9783
Reviewed-on: https://code.wireshark.org/review/26870
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Added a dissector for the mgmt_nwk_unsolicited_enhanced_update_notify
from the R22 spec (clusterID = 0x003b)
Change-Id: I5d60ef0a762f932a7f814743d1c219428c8f9e73
Reviewed-on: https://code.wireshark.org/review/26865
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This dissector defines a bunch of ett arrays, most of which contain a
constant list of ett entries. Fill those arrays directly when they're
declared, this is what the vast majority of other dissectors do.
Fix some whitspace things while at it.
Change-Id: Iae85e2449024ef04b2a44bd847c45515f8efc903
Reviewed-on: https://code.wireshark.org/review/26869
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
remove unnecessary return statement
remove a wrong comment
Change-Id: I40afd8144178a2cccba67289d5a3120dd5719ad0
Reviewed-on: https://code.wireshark.org/review/26868
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
flags are uint8 but the whole list was set as uint16
Change-Id: I8726fe533253fd1339351f581e7a2fe01c0edce2
Reviewed-on: https://code.wireshark.org/review/26849
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Matej Tkac <matej.tkac.mt@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Otherwise you can trigger an exception interrupting the packet dissection
when the snaplen defined is shorter than the payload length
Bug: 14598
Change-Id: Ibeb6482495ed67c7669574bdcd7c429523318428
Reviewed-on: https://code.wireshark.org/review/26858
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Add a "guides" bcond so that we can make Asciidoctor and the HTML guide
installation optional.
Change-Id: I5f9e6cc59689dba7d600cc721547aed020652f00
Reviewed-on: https://code.wireshark.org/review/26867
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a splitter to the capture file properties dialog. This allows for
modifying the relative sizes of the details vs comment boxes. People who
paste lots of text into the capture file comment may want a lager box
for it.
Change-Id: Id79d9f5fd7e589a2ba88aa5f16b52bb37d7c47ae
Reviewed-on: https://code.wireshark.org/review/26845
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>