Have a routine to read the Sniffer record header, and call that in
ngsniffer_read() and ngsniffer_seek_read(). Only call
ngsniffer_process_record() for frame records that we understand, so that
we only allocate a block for those rather than for records we don't
understand or for EOF records, potentially leaking them.
This patch adds support to DoIP and ISO15765 to pass the diagnostic
address or addresses to UDS. UDS takes the relevant address into account
for the data identifier and routine identifier name resolution.
Wireshark/tshark may be built without Lua support. This patch adds an
error message if the user specifies the `-X lua_script` command-line
argument to a program built without Lua support, so the user is not left
wondering why their script isn't working.
Use correct offset for P1 and P2 when showing channel operation
and channel number.
According to TS 102 221 V14.2.0 the Open channel operation is using
P2 for channel, and let UICC assign when this is 0. Show P3 as Le.
Make P3 optional because it's not present in at least Close channel
operation.
Change text in Info column to avoid "Channel Channel: x".
Add git dissection test cases to existing testing suite for: finding git
packets, finding the Git Protocol version, finding the right amount of
Flush and Delimiter packets, not finding Malformed packets.
Part of #17093
Without that, you could add a comment to a record in a file format the
reading code for which doesn't allocate blocks, but the comment doesn't
get saved, as there's no block in which to save the comment option.
This simplifies some code paths, as we're either using the record's
modified block or we're using the block as read from the file, there's
no third possibility.
If we attempt to read a record, and we get an error, and a block was
allocated for the record, unreference it, so the individual file readers
don't have to worry about it.
Update channel to include index to clear up possible confusion if this
is RF channel, or channel index.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Update channel to include index to clear up possible confusion if this
is RF channel, or channel index.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
New HCI commands/event dissected:
- LE Set Data Related Changes Command
- LE Set Default Subrate Command
- LE Subrate Request Command
- LE Subrate Change Event
5.3 version number added, LE event mask, supported commands and
LE feature bitmaps updated.
A packet that has been received by the sniffer with CRC errors will not
decrypted properly by the sniffer. Mark the decrypt failure reason as
CRC error instead of MIC error.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Set PacketDiagram as parent of QGraphicsScene so the scene is destroyed
together with PacketDiagram.
Dynamically allocate WiresharkApplication and explicitly call its
destructor when no longer needed. This results in deletion of
FunnelAction objects created in register_menu_cb() and QAction objects
created in TapParameterDialog::registerDialog(). For some reason, when
breakpoint was set inside WiresharkApplication destructor it would not
get triggered on exit, and so the child objects would get reported as
memory leaks.
Delete main window and application only after epan_cleanup(). This makes
lua plugins actually call ops during cleanup (e.g. destroy_text_window)
and makes it possible to free the memory allocated in FunnelStatistics
constructor.
Use "flags" for the OPT_PKT_FLAGS option value, as we do elsewhere. Use
"lapd_flags" for the variable holding the LAPD flags.
We don't need to initialize flags, as we extract the OPT_PKT_FLAGS
option into it immediately after initializing it (if the attempt to get
that option fails, it's not set, but it's not used, either).
Instead of creating endless loop and synchronizing using QWaitCondition,
execute the syntax worker check in its thread by emitting signal. The
syntax worker thread affinity is set to worker thread so the slots
handling takes place within the worker thread context.
Remove unnecessary initializations.
Rename the variable for the packet ID option to match the name of the
option (it's epb_packetid in the pcapng spec, with no underscore between
"packet" and "id").
Attempting to release 3.5.0 failed with
No local changes to save
Creating ./wireshark-3.5.0.tar.xz
fatal: not a valid object name: stash@{0}
Use CI_COMMIT_SHA for our export commit if it exists.
AMQP calls a subdissector table before tcp_dissect_pdus() is used to
desegment PDUs (see commit 27c10ed72e),
so pinfo->can_desegment needs to be restored before it is decremented
a second time. Fixes#14217.
Move the extraction of the option value from the option content from the
callers of pcapng_process_uint32_option() to
pcapng_process_uint32_option() itself.
Windows can allow Unicode in filenames now, and export_object.c
has its own eo_massage_str function that the GUI and CLI already
call to create safe filenames when they are saved. There's no need
for an individual dissector like SMB to have its own (worse)
implementation of the same functionality, and to call it before
filenames are displayed. Fix#17530
That way, add-on modules to handle block types not handled by the core
pcapng code can use pcap_process_options() to process a block's options
and can use the routines to handle the "standard" option value types to
handle particular options.
Also, allow both everything-is-little-endian and
everything-is-big-endian Custom Block types in pcap_process_options().
- Make sure reassembly requests & errors are properly propagated from
any point in the PDU, no matter how many sub-structure levels.
- Handle the sub-dissection methods as well:
- Ensure the sub-dissection methods handle errors from previous calls.
- Reduce the error handling needed in sub-dissector implementations.
- Add missing sub-dissection methods for list, set, and map.
- Add the handling of sub-structure.
- Handle Compact protocol in addition to the existing binary protocol.
- Include and improve MR !3171
- Handle reassembly the same way as for binary protocol.
- Handle sub-dissection with the same functions.
=> Sub-dissectors only depend on .thrift files.
Additional changes:
- Use of constants instead of hard-coded values.
- Removed U64 support (never supported by thrift code generator, only
referenced in the C++ thrift library header but not supported in reality.
- Removed references to UTF-8 and UTF-16 string for the same reason.
- Replaced references to UTF-7 string with just string (same reason).
- Replaced references to byte with i8 as the documentation explicitly
states that byte is a compatibility name.
Documentation reference:
- https://thrift.apache.org/developers
- https://thrift.apache.org/docs/idl.html
- https://github.com/apache/thrift/blob/master/doc/specs/thrift-compact-protocol.md
- https://erikvanoosten.github.io/thrift-missing-specification/
- https://diwakergupta.github.io/thrift-missing-guide/Closes#16244
Additional changes:
- Add authors and improve consistency
- Fix typo and clarify documentation
Use an apostrophe instead of RIGHT SINGLE QUOTATION MARK in our PDF and
EPUB filenames. Some programs (notably Okular) can't open filenames with
extended characters, at least on Windows.
Guy Harris