The current xcbproto has some more files.
Not everybody builds with Make; say "build the x11-dissector target", to
make it more generic in the CMake era, and give both Make and Ninja
examples.
Change-Id: I5a3c9b4dd3112cdc3054b37e4ead3abfe278df93
Reviewed-on: https://code.wireshark.org/review/37516
Reviewed-by: Guy Harris <gharris@sonic.net>
mvfst 0xfaceb002 is compatible with draft-27, see
d1a3652a4c
This is necessary to support 0xfaceb002 decryption since draft-29
changed the salt again.
Bug: 16378
Change-Id: Ib186effdb5e85bc6d48fffbfbb1f3498bf89860d
Reviewed-on: https://code.wireshark.org/review/37493
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Set the options of rtps_add_zlib_compressed_typeobject used or unused
according to the presence of zlib.
Change-Id: I73d995fce9ec5a65b0d6ebce6c2510b6d25ad347
Reviewed-on: https://code.wireshark.org/review/37495
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Another instance of this problem that showed up when working on the fix
to the data types of those tables (fixing the data types mean that these
errors cause the conpile to fail; as indicated, that's one reason to fix
them).
Change-Id: Ia1953b95968101f27fedd98a5fc2854101779deb
Reviewed-on: https://code.wireshark.org/review/37509
Reviewed-by: Guy Harris <gharris@sonic.net>
The arrays of pointers to header field hf_ values were getting
overwritten if the fields in question are unknown; that meant that, in
all future dissections, they would be dissected as unknown *even for
packets where they are known*.
Make them auto arrays, instead, so that each call to the dissector has
its own copy, properly initialized at run time, that it can scribble
over as it chooses without damaging the array for the next call.
This involves a cast to work around the type of the array argument being
"const int **", which means "pointer to pointer to const int",
not "pointer to const pointer to (non-const) int". That meant that the
scribbling on the static array was *not* detected at compile time.
Fixing the type is a *lot* of work, but may catch other instances of
this problem, and may prevent future instances of it. That's a project
for a separate commit, however.
Bug: 16636
Change-Id: I985157063488739bb59f87780c017e94e2380343
Reviewed-on: https://code.wireshark.org/review/37502
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Prof. Doppler's name is spelled with two "p"s.
Change-Id: Ia25d45b0a890be8c954a67b1ce5860753c1de25d
Reviewed-on: https://code.wireshark.org/review/37498
Reviewed-by: Guy Harris <gharris@sonic.net>
Replacing FT_STRING with FT_UINT_STRING and removing length field where
it existed.
Change-Id: I5dc8b8ba472f161d604e4c157a9b0230694ea87a
Reviewed-on: https://code.wireshark.org/review/37463
Reviewed-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The preprocessor statements in the function get_compiler_info were
indented with a mixed approach: indented, but not following the style
of the rest of the file. The indented approach has been followed to
increase the readability, but with tabs, as in the rest of the file.
Other indentation issues fixed.
Change-Id: I6486c2cfa640f87c90a7fe4b7d95848d02249d23
Reviewed-on: https://code.wireshark.org/review/37481
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't rely on the item having the name "Real-Time Transport Protocol",
as that's fragile. We could check for the abbreviation or filter name
being "rtp", but we can avoid string comparisons entirely by getting the
ID for the protocol "rtp" and comparing the item's ID with that.
Change-Id: I2a859f0b346f15a797fb5de75e0cf5c0b5abcfe9
Reviewed-on: https://code.wireshark.org/review/37490
Petri-Dish: Guy Harris <gharris@sonic.net>
Reviewed-by: Orgad Shaneh <orgads@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Say "attempt to XXX", as the attempt might not succeed.
Fix a copied-and-pasted comment to reflect what
proto_is_frame_protocol() does.
Change-Id: Ia16a98064b87001f019fda43f2db2970a89e355e
Reviewed-on: https://code.wireshark.org/review/37486
Reviewed-by: Guy Harris <gharris@sonic.net>
This patch allows to parse authentication-only MACsec messages
and show the payload.
Bug: 16624
Change-Id: I7fd071e6c7f5522f302255d65560f0848a262bfb
Reviewed-on: https://code.wireshark.org/review/37445
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Since draft 27 the minimum transport parameter size can be smaller than
4 due to variable-length encoding. With ngtcp2-29-dsb.pcapng, the
active_connection_id_limit at the end covers only three bytes for
example. Even though the correct length is normally set later, the early
attempt to read four bytes resulted in an Malformed Packet exception.
Change-Id: I9ec6ec6c66ce7a993f2fcfdc987e35966dc809ac
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/37483
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
We pass an acdr_dissector_data_t * to dissectors for the
"acdr.media_type" dissector table, but the JSON dissector expects an
http_message_info_t *.
Hilarity ensues.
Instead, have our own dissector for VoiceAI, that calls the JSON
dissector and passes it *no* data.
Bug: 16622
Change-Id: Icb5b216ed63ab02680372836885b27de9541684c
Reviewed-on: https://code.wireshark.org/review/37484
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Add a dissector for Asphodel (https://bitbucket.org/suprocktech/asphodel).
Asphodel is a protocol for streaming real-time data from sensors in industrial
environments. This protocol dissector supports complete dissection of the UDP
advertisment packets, and simple dissection of the TCP command and stream data.
Sample Capture:
https://wiki.wireshark.org/SampleCaptures#Asphodel_Protocol
Change-Id: I6a7f730a4ce5349ac48b4fd86e61429983af5bf9
Reviewed-on: https://code.wireshark.org/review/37318
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
rawshark.c:1347:21: note: opposite inner condition: pos>=len
if (pos >= len) { /* There should always be a following character */
Change-Id: I2e1c6b3d031db4f658bb579e0c8aba8cac7c5cb5
Reviewed-on: https://code.wireshark.org/review/37475
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Clang's __VERSION__ shows a trailing space. This ends up in a useless
space before the period, that shows a different output from other
compilers. Example:
Built using clang Clang 10.0.0 .
Built using gcc 7.5.0.
Fixed by stripping it in clang only.
Change-Id: I98dfce46b189fc6b2b58950dbb27f69d271bd729
Reviewed-on: https://code.wireshark.org/review/37480
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change the separator from && to // due to popular support for
that separator instead.
Bug: 16498
Change-Id: I0ee934f3f8a7b9ff1c062b533046980e3feb3d99
Reviewed-on: https://code.wireshark.org/review/37465
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit extends decoding of source/group/unicast addresses as
defined in RFC4601 while preserving the existing fields.
Furthermore Joint Attributes TLVs as defined in RFC5384 are added for
encoded source addresses.
Initial decoding of Vector Attribute TLV Format as defined in RFC5496.
Bug: 16613
Change-Id: Ie2f142ef2ed48254c8483180eb4b310674d3437b
Reviewed-on: https://code.wireshark.org/review/37468
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Since the original introduction of sshdump, ssh_userauth_publickey_auto
was already in use which would try the ssh-agent on non-Windows
platforms. There is no need to explicitly call ssh_userauth_agent which
is dead code anyway due to a typo in the macro name.
Change-Id: I976ec3da9e35ade63983ba5ca01163714d466912
Reviewed-on: https://code.wireshark.org/review/37476
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Mostly redundant tests, but for bthci dissectors,
avoid using a key that points to out-of-scope variables.
Change-Id: I2785690b8487d45c4e2daff0b6e03cd8747ed410
Reviewed-on: https://code.wireshark.org/review/37467
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
RTP has two dissector tables, one directly associated with payload types, and
one which is associated with strings that appear in SDP commands. This makes
all dissectors that are registered as a dynamic payload type that can be
configured by SDP appear as a Decode As option for the RTP PT table.
Some protocols were registered in the table for configuration by SDP but
had no way to register with the rtp.pt table. These include EVRC, H.223,
and v150fw.
Other protocols had a long standing preference to set a dynamic payload type,
but they still did not appear in the Decode As menu unless that preference
was changed from the default, largely because of the way that the preference
was not actually registered with the rtp.pt table unless it had a value in
the dynamic payload type range. These include EVS, H.263P, H.264, H.265,
ISMACryp, IuUP, LAPD, MP4V-ES, RTP-MIDI, and VP8.
RFC 3551 says that not just the dynamic payload types, but also the unassigned
and even the statically assigned payload types MAY be dynamically reassigned as
necessary, so this patch also allows these preferences to be set for payload
types less than 96. The only payload type not allowed is 0 (which RFCs 3551 and
7007 say must be μ-law PCM), which is handy anyone for backwards compatibility
with preferences that used to be uints (where 0 meant disabled.)
All protcols which formerly used a uint preference are all converted to a
range preference, and the text is changed to be similar for each. This works
in a backwards compatible fashion, and any defaults are maintained.
The patch also adds some of the dissector variants as PINOs so that they will
show up with distinct names in the Decode As menus, and changes some of the
protocol short names so that the entry in Decode As is clearer and matches
what is used for other similar protocols.
Change-Id: I68627b5c3e495d9fc813d88208f3b62e47e0c4de
Reviewed-on: https://code.wireshark.org/review/37396
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Two things were broken with command 77 decoding:
1. There's an additional byte in the request, which is not present in
the response, so the offsets where misplaced for all requests by one.
2. The embedded command (like all the other HART pass-through commands)
distinguishes between long and short addresses, depending on the
delimiter byte in front. When using that long address (which is the
usual thing for all embedded commands except command 0) the remaining
fields where also displaced.
Both points lead to obviously broken decoding due to misplaced offsets.
Fixes: 0ee1445ada ("Improve HART dissector")
Signed-off-by: Alexander Dahl <ada@thorsis.com>
Change-Id: I4355fe73b5164a4f03e522127ed487749279da65
Reviewed-on: https://code.wireshark.org/review/37411
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There was a problem in FETCH response parsing when the server had more data than the requested
maximal return size. In such case the server checks if the first chunk of data fits into buffer. If it does not,
the first chunk is returned as a whole to the requestor. Otherwise it is assumed that the client is capable
of discarding invalid content and the server pushes maximum available block. It makes sense, because
the default block is 10MB and pushing it opaque leverages zero-copy IO from the file system to the network.
In the existing implementation it was assumed that the last batch is aligned with the end of the buffer.
Actually, if there is some data more, the last part is delivered truncated.
This patch:
* fixes the last part alignment handling
* adds opaque field for truncated content
* moves preferred replica field to the proper context
Bug: 16623
Change-Id: Iee6d513ce6711091e5561646a3fd563501eabdda
Reviewed-on: https://code.wireshark.org/review/37446
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This feature introduced in V15.5.0 allows to have up to 15 DRBs by
adding LCID 32 to 38
Change-Id: I4442e26d115efe484eda4f2d8921483cf4278b99
Reviewed-on: https://code.wireshark.org/review/37462
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Add an option of '-x' to tools/cppcheck.sh to support XML output.
Change-Id: I2921d7cd57ee9c925419247a0238b572f637c854
Reviewed-on: https://code.wireshark.org/review/37424
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Use the raw value for the block "More Flag", not the already adjusted one.
Change-Id: I13ddd24c4f9b9201798d18abe008945879f03774
Reviewed-on: https://code.wireshark.org/review/37442
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add an option to list our allowed licenses.
Remove a couple of GTK+ entries while we're here.
Change-Id: I1c8cf3314cff369766f1ba25438f16c69f42a1ba
Reviewed-on: https://code.wireshark.org/review/37409
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Remove #defines not needed in any part of the sourcecode
Change-Id: I042ed4ae5750c07e3316b9a18516359213cf7998
Reviewed-on: https://code.wireshark.org/review/37438
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Mark the "Reassembled in" link item as generated.
Change-Id: Id8f7b26cf77aa5bc82de07799bb1468c8b8a4209
Reviewed-on: https://code.wireshark.org/review/37441
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Guy Harris
Vadim Yanitskiy