yyin is initialized to stdin. When we're reading from files, we set it
so that it points to the FILE from which we're reading, but when we're
reading from a string, we don't set it, leaving it to point to stdin.
This means that, just as the "read from the input" routine has to be set
differently when reading from a file or a string, the "close the current
input" routine has to be set differently as well.
Bug: 14577
Change-Id: Ie05880775612867e9037ace2de0cd0a0dd2fabb5
Reviewed-on: https://code.wireshark.org/review/26719
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The expand_dns_name() function is not used outside of the DNS dissector
(any more?). Remove the function declaration from the public header
file, make the function internal.
Change-Id: Ibba81fa68a0dfd195ca3bbfca3eca20c39cc01f4
Reviewed-on: https://code.wireshark.org/review/26698
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
according to 3gpp 36133v1404, nrsrq value ranges from -34db to 2.5db
according to 3gpp 36355v1404, nrsrq reporting value ranges from 0 to 74
Change-Id: Ie5cc9880526ba6919785a8e355178ac08b34a1a0
Reviewed-on: https://code.wireshark.org/review/26707
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Updated on 31st March 2018:
- UUIDs
- Company Ids
- links to Assign Numbers
- change of "Bond Management Feature" to (..) Features seems to be mistake,
so I ignore it, but fix btatt name of this characteristic
Change-Id: If76148c70276017647f5d3de000be112de102988
Reviewed-on: https://code.wireshark.org/review/26696
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Devices names from Extended Inquiry Response should be displayed
for BD_ADDRs provided by EIR/AD attribute BD_ADDR, but also HCI layer.
Change-Id: I042960661c29f6a8df13b2dda87e5f9533f4da09
Reviewed-on: https://code.wireshark.org/review/26697
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Add missing SPI VERB
Improve display some Fields in SPI OPEN
Change-Id: Ibe585d80ac7e3ddf1c85c972f0dd5cd50d64598c
Reviewed-on: https://code.wireshark.org/review/26686
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove an increment of the offset variable from after the last field.
Change-Id: Iee33caec4f58206e3e223390227907ae61092533
Reviewed-on: https://code.wireshark.org/review/26691
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Let's indicate the right payload length.
While we are at it, let's catch bounds errors as the erroneous payload
migth be malformed.
Change-Id: I360e8068f48e53cd5355f8c02b20d265df1fb2ff
Reviewed-on: https://code.wireshark.org/review/26689
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Add assert and remove some code from scan builds.
Change-Id: I32747d1a61f183e4c918d9f50ec8337eaef47f0d
Reviewed-on: https://code.wireshark.org/review/26483
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Refactor ieee802154_set_mac_key to return the number of keys set and
only try to decrypt with the alt_key if actually provided
Bug: 14522
Change-Id: I40802dff8c08f7f82b792fb16f5f91aa3b9e20cc
Reviewed-on: https://code.wireshark.org/review/26677
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: If3544b57fac913e3c447910e35fc642651ac69e1
Reviewed-on: https://code.wireshark.org/review/26681
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This adds support for the HE-MU header as recently modified. It also
handles the unknown fields correctly, and has been subjected to some
captures as well.
Change-Id: Id0c6c3b4dd0f0a91722d0a1a2c1706270862d97e
Reviewed-on: https://code.wireshark.org/review/25479
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
QoS Queue Size is only applicable when To DS is true and for QoS Data,
QoS Null and QoS Data+CF-Ack frames.
Based on a reasonably careful reading of IEEE802.11-2016.
Change-Id: I16e7e7f4d0f3336e7d05c5f4f9c80179d514ec19
Reviewed-on: https://code.wireshark.org/review/26212
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
This patch adds support for sequencing HTTP Redirects. This enables
tracking of HTTP-based redirects, which may not have a Referer header.
As such, this patch also renames 'HTTP Referer statistics' to
'HTTP Request Sequences' to better reflect the more generic
functionality.
Note that this does not fully support RFC 3986. An external library like
uriparser.github.io may be a better option for efficient, full relative
HTTP URL resolution.
A Sample PCAP to test functionality is available here:
https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=get&target=http_redirects.pcapng
A sample PCAP to demonstrate usefulness is available here:
https://www.malware-traffic-analysis.net/2015/08/31/page2.html
(examine request to hxxp://lk2gaflsgh.jgy658snfyfnvh.com/service.php)
Change-Id: I9edd1a1de86228b0dcb1df9f6f30e24379684321
Reviewed-on: https://code.wireshark.org/review/26679
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
There is a typo on the attribute name for the ZCL OTA attribute 0x0000.
Change the attribute name to match the ZCL specification document.
Change-Id: I83f42128fb3fac8c75124f375dda392d6c8bdcab
Reviewed-on: https://code.wireshark.org/review/26678
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It was introduced in CMake 3.1, so, unless we require CMake 3.1 or
later, we'd have to manually try to enable C99 support on pre-3.1
releases, so we might as well just do it manually all the time - it's
not clear that CMAKE_C_STANDARD does it much better, especially give
that, for example, it wasn't until CMake 3.9 that support for enabling
C99 support in IBM XL C was added.
Change-Id: I51038b90fd3d8ab5050c5da4441765b19db9091b
Reviewed-on: https://code.wireshark.org/review/26648
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
When operating a Nano node behind a NAT, non-standard ports are commonly
used for the protocol. The option to enable a heuristic dissector should
be helpful in this scenario.
Change-Id: I74abd8c90e9e5cebc0251662ade73f4e6e5e21bd
Reviewed-on: https://code.wireshark.org/review/26668
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
simplify the code to distinguish between request and response
remove the if(tree) check
remove the offset variable, which is always 0
reformat the code
remove the incorrect descriptions ("echo data") for request and response
don't modify the display filter names
Change-Id: Iffe074ceef5fe2dda9e0b134a8dc4db70881d3e4
Reviewed-on: https://code.wireshark.org/review/26667
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"cmake -E env" was added in CMake 3.1, but we currently support 2.8.12
at minimum. Add a best-effort replacement for older versions. There are
some limitations from CMake (see comments), but these should not affect
the current user (FindAsciidoctor.cmake).
Change-Id: I56c92aa9ad42fb3950dbdfd955d4ff902111e0d7
Fixes: v2.5.1rc0-76-g94a0f7c641 ("Switch from AsciiDoc to Asciidoctor.")
Reviewed-on: https://code.wireshark.org/review/26658
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Also, move some symbols to the correct location.
Change-Id: Iba2df29961ba2fd13bda069e7664dc55df50bb53
Reviewed-on: https://code.wireshark.org/review/26665
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The code to read and skip btsnoop header was written in a way where
it reads up to PACKET_LENGTH bytes of data, skips the header, then
move rest of data back start of buffer. So far so good. The code
then resets number of bytes used in buffer making it skip rest of
all data read.
Many times this works fine but only by luck. When there's no data
transfers first recv call will always only return the header
(sender side writes header separately right after accept).
When data transfers are ongoing first recv call will return both
header and data. Then initial data is lost but more importantly
risk parsing data with invalid offset.
Fix by reading btsnoop header separately from rest of data.
Change-Id: Ie52c33f943d8b311e0cd5638ec1a7d4840e271b8
Reviewed-on: https://code.wireshark.org/review/26659
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michal Labedzki <michal.labedzki@wireshark.org>
https://www.iana.org/assignments/bgp-parameters/bgp-parameters.xhtmlhttps://tools.ietf.org/html/rfc4893
-------------------------------------------
NEW BGP speakers carry AS path information expressed in terms of 4-
octet Autonomous Systems numbers by using the existing AS_PATH
attribute, except that each AS number in this attribute is encoded
not as a 2-octet, but as a 4-octet entity. The same applies to the
AGGREGATOR attribute - NEW BGP speakers use the same attribute,
except that the AS carried in this attribute is encoded as a 4-octet
entity.
-------------------------------------------
Change-Id: I4ccfc2c18e8777a800211dd285550723ac0da872
Reviewed-on: https://code.wireshark.org/review/26647
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Additionally, add an attribute to the tap function to prevent future
callers from leaking this memory.
Change-Id: Ief6af2bbc74d19153628f09d7b273e85cb2284ab
Reviewed-on: https://code.wireshark.org/review/26642
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We should not be throwing an exception while checking if the packet
really contains our protocol. Add a length check to make sure that the
initial tvb_get_ntohl() call will not fail.
Read the message type after the heuristic check.
Change-Id: I397732dbec20bcd0ab5356e8c3500fd0cb6e1434
Reviewed-on: https://code.wireshark.org/review/26634
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>