This is a breaking change.
prefs_register_filename_preference hasn't been differentiating
between files to be saved and ones to be opened.
On GTK, a neutral dialog is used, so no problems there.
On Qt, a save dialog has been always used, even in dissectors that
were reading configuration files without modification.
prefs_register_filename_preference now takes an argument to indicate
whether UI could be a save dialog with a warning on overwriting
a file, or whether it's a general purpose open file dialog.
Qt now does this. Previously no warning was shown on overwriting a file,
so it may be used for opening files too without irritating the user.
This has been changed, as non-destructive reads should now use
the open dialog.
Dissectors were changed accordingly.
Change-Id: I9087fefa5ee7ca58de0775d4fe2c0fdcfa3a3018
Reviewed-on: https://code.wireshark.org/review/21086
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The tap was just a trick to get fields and protocols registered as being
of interest. Now that we have mechanisms by which postdissectors can
explicitly register fields and protocols as being of interest, and are
using that, the trick is no longer needed.
Change-Id: I0bccc88a1e4ee4c9fc84b90d968820375594c5c1
Reviewed-on: https://code.wireshark.org/review/21157
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The tap was just a trick to get fields and protocols registered as being
of interest. Now that we have mechanisms by which postdissectors can
explicitly register fields and protocols as being of interest, and are
using that, the trick is no longer needed.
Change-Id: Ib2620ff32c41ffa050203c1d4481c63535fb3f4b
Reviewed-on: https://code.wireshark.org/review/21156
Reviewed-by: Guy Harris <guy@alum.mit.edu>
They deal with sets of hfids, which can belong to protocols as well as
fields (I guess you could argue that a protocol is a field, but...).
Change-Id: Ibd103cfa26427ead4ef54be89f1251908004cfae
Reviewed-on: https://code.wireshark.org/review/21154
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That's currently required to get the fields we want.
Bug: 12161
Change-Id: Ic1066334358c58fa915ef886b2658902393172c7
Reviewed-on: https://code.wireshark.org/review/21153
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Some routines had "matecfg", some had "mc"; be a bit more consistent.
Change-Id: I3406488315483fb281ebc3fb8a23e9e1b2104a14
Reviewed-on: https://code.wireshark.org/review/21152
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Pass it as an argument to everything else, so only packet-mate.c has the
notion of there being *a* configuration, and everything else takes the
configuration as an argument.
Change-Id: Ia92c1539586d3e71580fd822cf07bd3d79a6f093
Reviewed-on: https://code.wireshark.org/review/21151
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make it local to mate_tree(), and pass it to mate_pdu_tree().
Change-Id: I489683614b4d65aec3ddd94ce2c9077180e769ca
Reviewed-on: https://code.wireshark.org/review/21149
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There's a Lemon bug where this grammar produces a parser that fails
assertions; to work around it, we disable assert() failures.
(A bug report has been sent to sqlite-users about this.)
Change-Id: I6812b20fafe318425b37755a15009b0baf2d68a2
Reviewed-on: https://code.wireshark.org/review/21148
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Flagged during value_string duplication check
Change-Id: Ia6b657b6e0d8e60cf69ea0e40199b78e96837ecc
Reviewed-on: https://code.wireshark.org/review/21133
Reviewed-by: Michael Mann <mmann78@netscape.net>
This reverts commit c63c5c8c42.
This is probably easier than just abandoning it and trying to remove it from my repository.
https://xkcd.com/1597/
Change-Id: Ibba2107cfa9c60c86862b16a4cac31689670e137
Reviewed-on: https://code.wireshark.org/review/21127
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Builds on my machines, physical and virtual, crash with an assertion
failure in the MATE Lemon grammar when parsing the MATE configuration
file in bug 12161 - on Mac OS X Lion with llvm-gcc, Ubuntu 15.10 with
GCC, and on macOS Sierra with clang.
Builds on the macOS buildbot do *not* fail.
So put the result of Lemon in the MATE plugin into the release tarball,
so I can compare it with what Lemon generates on my machine.
Change-Id: I2d5ecee68535a8b4803de0bd7f02d448ab629083
Reviewed-on: https://code.wireshark.org/review/21126
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
register.c, and the plugin.c for various plugins, are generated by tools
that must be available to do a build, and aren't distributed as part of
the source tarball. That means "make distclean" should remove them. Do
so.
Change-Id: I9e37abdafb50234cf1ebb5fb828446e45e605d78
Reviewed-on: https://code.wireshark.org/review/21125
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Field 'Stream Based Volume ID' (unistim.stream.volume.id) has a conflicting entry in its value_string: 111 is at indices 0 (C1=0xFF00 C2=0x00 C3=0x00 c4=0x00 Steady on. -13 dBmO per frequency.) and 1 (C1=0x0505 C2=0x0505 C3=0x0505 c4=0xFF00 3 burst(0.1 sec on,0.1 sec off),Then steady on.-13 dBmO per frequency.))
Change-Id: I49f50688b9e68d597190d891b114eea1ff3e4858
Reviewed-on: https://code.wireshark.org/review/21059
Reviewed-by: Michael Mann <mmann78@netscape.net>
As the comments say, proto_find_finfo() is slower than
proto_get_finfo_ptr_array(), as it has to scan the entire tree, and,
given that we're priming the tree with the fields we need (which we
*have* to do to *guarantee* that we'll get the fields we want;
requesting that a protocol tree be constructed isn't sufficient, and
asking for a "visible" protocol tree is overkill),
proto_get_finfo_ptr_array() will work.
Change-Id: Ic1e21105a0a89003a3cdd3d7a2e55ac287ddad5e
Reviewed-on: https://code.wireshark.org/review/21068
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This makes sure that postdissectors that indicate that they need certain
fields in the first pass will get them.
While we're at it:
Fix the field-fetching code in TRANSUM not to assume it got any
instances of the field being fetched.
Rename process_packet_first_pass() in sharkd to process_packet(), as
it's the only routine in sharkd that processes packets.
Rename process_packet() in tshark and tfshark to
process_packet_single_pass(), as it's what's used if we're only doing
one-pass analysis.
Clean up comments and whitespace.
Change-Id: I3769af952c66f5ca4b68002ad6213858ab9cab9b
Reviewed-on: https://code.wireshark.org/review/21063
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Currently, this is only used to determine whether a protocol tree needs
to be built on the first pass or not - if there are postdissectors that
need fields, it does - but eventually we should be able to use it to
prime the dissection to deliver those fields in cases where we don't
need the *entire* protocol tree (rather than using a hack such as
cooking up a fake tap with a fake filter to do that).
Update MATE and TRANSUM to use it.
Clean up code to check whether we need a protocol tree, and add comments
before that code indicating, in each case, what the criteria are.
The array of postdissectors includes a length, so we don't need to
separately keep track of the number of postdissectors.
Clean up indentation while we're at it.
Change-Id: I71d4025848206d144bc54cc82941089a50e80ab7
Reviewed-on: https://code.wireshark.org/review/21029
Reviewed-by: Guy Harris <guy@alum.mit.edu>
BASE_VALS_NO_UNKNOWN is a special value_string value for only a single
(maybe 2) numerical value(s). If a field has the numerical value
that doesn't match anything in the value_string, just the number
is supplied for the field (no "Unknown")
Dissectors that had this use case have been converted in the patch.
Change-Id: Ie63a36cceec2fe4436938ec7e3d7f9e690d2b8d9
Reviewed-on: https://code.wireshark.org/review/20736
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add a "report a warning message" routine to the "report_err" code in
libwsutil, and rename files and routines appropriately, as they don't
only handle errors any more.
Have a routine read_enabled_and_disabled_protos() that reads all the
files that enable or disable protocols or heuristic dissectors, enables
and disables them based on the contents of those files, and reports
errors itself (as warnings) using the new "report a warning message"
routine. Fix that error reporting to report separately on the disabled
protocols, enabled protocols, and heuristic dissectors files.
Have a routine to set up the enabled and disabled protocols and
heuristic dissectors from the command-line arguments, so it's done the
same way in all programs.
If we try to enable or disable an unknown heuristic dissector via a
command-line argument, report an error.
Update a bunch of comments.
Update the name of disabled_protos_cleanup(), as it cleans up
information for disabled *and* enabled protocols and for heuristic
dissectors.
Support the command-line flags to enable and disable protocols and
heuristic dissectors in tfshark.
Change-Id: I9b8bd29947cccdf6dc34a0540b5509ef941391df
Reviewed-on: https://code.wireshark.org/review/20966
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We don't allow that. Use proto_tree_add_boolean() instead.
Change-Id: I59ed0f0dc731b1ce4b5d921cd4e85b1c101cb2a8
Reviewed-on: https://code.wireshark.org/review/20821
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I5c74a34619ea66c3ac2a77d10b31a3f1256c6595
Reviewed-on: https://code.wireshark.org/review/20707
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
PDPortStatistic with BlockVersionLow = 1 has 2 bytes CounterStatus while
PDPortStatistic with BlockVersionLow = 0 has 2 bytes Padding.
Change-Id: I39783ad29993501249bfa7875760b505ded6a8e9
Reviewed-on: https://code.wireshark.org/review/20563
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Since AMFilterData block is removed from PROFINET specification,
related parts are removed from dissector.
Change-Id: I0f9f346fd409fc0cb78f4d7a8ca5869229d68bed
Reviewed-on: https://code.wireshark.org/review/20546
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dissecting AMR doesn't work properly when AM_Location.Structure don't equal to 2.
Bug: 13480
Change-Id: Ie116e10f6e88e240b2f1ae4e1eab27b24350e55a
Reviewed-on: https://code.wireshark.org/review/20529
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Birol Capa <birol.capa@siemens.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A special ARType for System redundancy IOCARSR (0x0020) used to indicate
SR during the IODConnectReq for Advanced Startup ARs (StartupMode:=1).
With this change, the ARUUID is subdivided into several parts.
APDUStatus dissection is affected by Primary/Backup switchover.
Bug: 13456
Change-Id: I0504ad2f4d15c491b0142c6d24bb8b849a929ba2
Reviewed-on: https://code.wireshark.org/review/20422
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Allow the enable/disable of an element
Change-Id: I9652e8d74b261ba259cebfba53e7bc7ef560d347
Reviewed-on: https://code.wireshark.org/review/20370
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Allow to add and remove single items from a selector list and also
fixing the selection of items in a selector list
Change-Id: I0c69ea97db6ca1a6932939f0df9049c6fb720f77
Reviewed-on: https://code.wireshark.org/review/20363
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Small improvement in the title texts.
Change-Id: Ia413577386dab11f78fd141d6333944beefb5b33
Reviewed-on: https://code.wireshark.org/review/20295
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Creates an interface for plugins and other parts of the code, to
add a new toolbar to the system and have various widget types interact
with this toolbar.
All toolbars added via this interface, will be added to an additional
submenu called "Additional Toolbars" within Wireshark.
Also a demo plugin is being provided, demonstrating various features
of the toolbar, including updating the gui elements. It also demonstrates
how to update toolbar items.
Change-Id: I8d0351224b3d7f4b90220d58970b51695551d7e3
Reviewed-on: https://code.wireshark.org/review/19803
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
proto_find_finfo doesn't have NULL tree protection, so protect it from
transum dissector.
Bug: 13395
Change-Id: I1037c675cf10b959f116b20b12cc7b388c175cd3
Reviewed-on: https://code.wireshark.org/review/20077
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I795fc3a3cf4ca93483f870d229668d7f747bb799
Reviewed-on: https://code.wireshark.org/review/20147
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.
Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This function will free the resources allocated by the caller.
Change-Id: Ib486c14e4fd3c321662fb71f7fd06733ce9a64a4
Reviewed-on: https://code.wireshark.org/review/19375
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This emphasizes that there is no such thing as *the* routine to
construct a subset tvbuff; you need to choose one of
tvb_new_subset_remaining() (if you want a new tvbuff that contains
everything past a certain point in an existing tvbuff),
tvb_new_subset_length() (if you want a subset that contains everything
past a certain point, for some number of bytes, in an existing tvbuff),
and tvb_new_subset_length_caplen() (for all other cases).
Many of the calls to tvb_new_subset_length_caplen() should really be
calling one of the other routines; that's the next step. (This also
makes it easier to find the calls that need fixing.)
Change-Id: Ieb3d676d8cda535451c119487d7cd3b559221f2b
Reviewed-on: https://code.wireshark.org/review/19597
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is mostly to address memory leaks in range preferences (the biggest
user of range functionality) on shutdown.
Now range preferences must use epan scoped memory when referencing
internal preference structures to keep consistency.
Change-Id: Idc644f59b5b42fa1d46891542b53ff13ea754157
Reviewed-on: https://code.wireshark.org/review/19387
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
grepping for "Decode As" comments reveals exactly was pinos were
created for - distinguishing multiple dissection functions in a
single dissection table.
Change-Id: Iaa9294045e9d0633563e7d763cb585c0e6dc598f
Reviewed-on: https://code.wireshark.org/review/19490
Reviewed-by: Michael Mann <mmann78@netscape.net>
They already know who they are when they register themselves. Saving the
handle then to avoid finding it later.
Not sure if this will increase unnecessary register_dissector functions
(instead of using create_dissector_handle in proto_reg_handoff function)
when other dissectors copy/paste, but it should make startup time
a few microseconds better.
Change-Id: I3839be791b32b84887ac51a6a65fb5733e9f1f43
Reviewed-on: https://code.wireshark.org/review/19481
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This prevents MATE from (falsely) being included in the list of
protocols for any given frame.
Change-Id: I9ffdfb52cf31dfda89b674a41bcc0992e17de5e8
Reviewed-on: https://code.wireshark.org/review/19432
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Enable/disable preference not needed - just use Enabled Protocol
dialog interface. Added support for backwards compatibility of preference.
2. Add value_string for calculation values
3. Create an structured array of "hfs of interest" so they can more easily
be extended.
4. Convert a bunch of arrays into hash tables and lists. For the amount
of wasted space they were taking up, we can live with the very slight
performance degrade. Also puts less limits on number of things to process.
Change-Id: I7399789d62432b507062ed9cdc20ad974b9dde1b
Reviewed-on: https://code.wireshark.org/review/19406
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Per bug 12915, SMB2 message ID should be treated as a unsigned 64bit value.
Have transum logic match that as it was assuming SMB2 message ID was a
signed 64bit value
Change-Id: Ide0c12b505d1eef2aeb89d165a3ea59058e6be34
Reviewed-on: https://code.wireshark.org/review/19407
Reviewed-by: Michael Mann <mmann78@netscape.net>
Set a variable that we were supposed to be setting.
Also, note some items that should probably be expert info items instead
of, or in addition to, additional text at the end of protocol tree items.
Addresses CID 1397702.
Change-Id: I2ff0c2549f229546035964efa6af19b77646f7d2
Reviewed-on: https://code.wireshark.org/review/19397
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I70ccf182160086a4c04467eec214857a461a2869
Reviewed-on: https://code.wireshark.org/review/19373
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
the last one
Change-Id: I8b279d11b61645a19b0b356d52cf66eed0180700
Reviewed-on: https://code.wireshark.org/review/19372
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Part 2...
Change-Id: Id219bd2b04de2003b5bfa4a33893d0310856275d
Reviewed-on: https://code.wireshark.org/review/19368
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I9d9ffdb7d32a940dbe155e82946d59f649cafe09
Reviewed-on: https://code.wireshark.org/review/19345
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I93b24285443d99799f83c40f61f413c2d106c85f
Reviewed-on: https://code.wireshark.org/review/19338
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Burst 4 and Burst 5 values are now properly decoded.
Change-Id: I6232a19eb849a419825be69435069e4be721cbc1
Reviewed-on: https://code.wireshark.org/review/19327
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 13251
Change-Id: I56a01e779f7f0eadc8a078f88543269a91148f00
Reviewed-on: https://code.wireshark.org/review/19293
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Many proto_item_append_text calls were just adding a unit string to a field.
There's a better way to do that now.
Change-Id: Id18d5ac1ea4d8ecdc4cbe7ebaec07fbd2eab6e78
Reviewed-on: https://code.wireshark.org/review/19289
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Several calls to proto_tree_add_uint_format_value could be better served
using BASE_UNIT_STRING with a "unit string" in hf_ field. There also
a few cases where proto_tree_add_uint_format_value could just be
proto_tree_add_uint.
Added a few more "common" unit string values to unit_strings.[ch]
Change-Id: Iaedff82c515269c9c31ab9100dff19f5563c932d
Reviewed-on: https://code.wireshark.org/review/19242
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add plugin to autofoo and CMake build systems and fix errors found
Add plugin to Windows installer (optional component activated by default)
Change-Id: Id1b777bdee04e53076b3291f6fb68d5abad6985d
Reviewed-on: https://code.wireshark.org/review/19228
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
A plugin to calculate response, service and spread time values based on
the RTE model.
Bug: 12892
Change-Id: I47d7e5354fc269916851a318fef10b826897eaf8
Reviewed-on: https://code.wireshark.org/review/17750
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That way, if we #define anything for large file support, that's done
before we include any system header files that either depend on that
definition or that define it themselves if it's not already defined.
Change-Id: I9b07344151103be337899dead44d6960715d6813
Reviewed-on: https://code.wireshark.org/review/19035
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When LineDelay is decoded, the FormatIndicator is not evaluted.
Sample LineDelay: 2147483658 (0x80 00 00 0a)
This value should be 10,
since FormatIndicator (Bit 31) = 0x01 states that this is a CableDelay.
Change-Id: I08ae8e6de8b6f8c493122109e29e91dc47096734
Reviewed-on: https://code.wireshark.org/review/18950
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
DOCSIS update with basic defragmentation
Bug: 13106
Change-Id: Idbb42c80b87c0c3189da087b523733cf0b19967c
Reviewed-on: https://code.wireshark.org/review/18676
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I5b7d97b6238c26dd8fa748aaa59a84eb4a03274c
Reviewed-on: https://code.wireshark.org/review/18814
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Identification and Maintenance (I&M) and AssetManagement (AM) functions
are to collect information about the assets of an automation plant
to cover the use cases such as
identification, configuration, commissioning, diagnosis etc..
PROFINET plugin should support the Asset Management Record (AMR).
Bug: 13112
Change-Id: I9c557b5f7f4f633fdd475c2c9e8900a8e6c2ba47
Reviewed-on: https://code.wireshark.org/review/18719
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The MRP PDU dissection is updated with respect to MRP standard IEC62439-2 Ed.2.
0x88e3 is added for MRP Ether Type
String definions of MRP block and sub block types are updated.
dissect_pn_ManuData function is removed since it is not used anymore.
Change-Id: Iec6666abc75bcba4189f2c38851407abc23267f9
Reviewed-on: https://code.wireshark.org/review/18730
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Timestamp decoding is added.
Name of "Stop Observer" is changed as "Observer Status Observer".
TimeStatusObserver padding bytes location is changed.
Text of RS_ReasonCode for value "0" is changed from "Reserved" to "No Detail".
Change-Id: I2c231d75001a89a1e41f2518f5c6ca1fdf49a2f0
Reviewed-on: https://code.wireshark.org/review/18662
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The main reason fclose() could fail is if the file is open for writing,
not all the buffered data has been written out at the time fclose() was
called, and the attempt to write it out fails. In any case, the file
handle is no longer valid after fclose() completes, whether the close
succeeds or not, so there's no reason to keep it around.
There's no reason to check whether it's null in a loop called in code
where it's not null to start with and where it's not set to null in the
loop.
This should fix CID 1374111.
Change-Id: Ib8067a17731b41d6b184a5a415addc2ecaa7c00c
Reviewed-on: https://code.wireshark.org/review/18359
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Similar to the "tcp.port" changes in I99604f95d426ad345f4b494598d94178b886eb67,
convert dissectors that use "udp.port".
More cleanup done on dissectors that use both TCP and UDP dissector
tables, so that less preference callbacks exist.
Change-Id: If07be9b9e850c244336a7069599cd554ce312dd3
Reviewed-on: https://code.wireshark.org/review/18120
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
According to specification:
Value(UUID): 00000000-0000-0000-0000-000000000000
Meaning: Reserved
Use: The value NIL indicates the usage of the implicit AR.
Change-Id: Iea807f14bf6da36700b778a1383ebd970aa105a5
Reviewed-on: https://code.wireshark.org/review/17951
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Can prevent really long loops from fuzz testing.
Bug: 12851
Change-Id: I85e00af2c4753ce4c5bcb650a7df188d7f679c9a
Reviewed-on: https://code.wireshark.org/review/18136
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This patch introduces new APIs to allow dissectors to have a preference for
a (TCP) port, but the underlying data is actually part of Decode As functionality.
For now the APIs are intentionally separate from the regular APIs that register a
dissector within a dissector table. It may be possible to eventually combine the
two so that all dissectors that register with a dissector table have an opportunity
to "automatically" have a preference to adjust the "table value" through the
preferences dialog.
The tcp.port dissector table was used as the guinea pig. This will eventually be
expanded to other dissector tables as well (most notably UDP ports). Some
dissectors that "shared" a TCP/UDP port preference were also converted. It also
removed the need for some preference callback functions (mostly when the callback
function was the proto_reg_handoff function) so there is cleanup around that.
Dissectors that has a port preference whose default was 0 were switched to using
the dissector_add_for_decode_as_with_preference API rather than dissector_add_uint_with_preference
Also added comments for TCP ports used that aren't IANA registered.
Change-Id: I99604f95d426ad345f4b494598d94178b886eb67
Reviewed-on: https://code.wireshark.org/review/17724
Reviewed-by: Michael Mann <mmann78@netscape.net>
The Reporting System (RS) ASE is composed of Observers and Event buffer queues.
Bug: 12959
Change-Id: Ibce2d607bffe9c04b24e8ccd5ef502307fbba7c6
Reviewed-on: https://code.wireshark.org/review/17965
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Instead of checking for the boolean "FALSE", just set an empty string.
This avoids the need to check for WERROR_COMMON_FLAGS before using it.
The transformation is the same for all files, remove
"if (WERROR_COMMON_FLAGS)" and "endif()", reindent and add quotes (since
we have a string here and not a list).
Modelines have been added where missing.
Change-Id: I0ab05ae507c51fa77336d49a99a226399cc81b92
Reviewed-on: https://code.wireshark.org/review/17997
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
The variable may not have been initialized.
To make code more readable and to avoid possible future mistakes
initialize the variables.
Change-Id: I0c5e78b6d625c87252a4c47e263a3d5c701f2674
Reviewed-on: https://code.wireshark.org/review/17962
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A switch statement has no section labeled default.
To make the code more readable add the default statement with a good comment.
Change-Id: Iacd9b1520628e229baedc89277d07ffac2caf1b6
Reviewed-on: https://code.wireshark.org/review/17960
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
'fp' pointer variable was freed or deleted in an earlier statement.
To make code more readable and to avoid possible future mistakes
make sure that developer sees this situation.
Change-Id: Ib5b9c4c32000adf05a30e094ebc98fe4bc4cfa52
Reviewed-on: https://code.wireshark.org/review/17961
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A NULL pointer is possibly being passed to a function identified.
Change-Id: I87afb4fcd669451d94fecbcb827e7ff82d3e6740
Reviewed-on: https://code.wireshark.org/review/17950
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Use strcmp to sort AVPs in an AVPL and for matching instead of comparing
pointer addresses. Pointers can only be used for (in)equality, there is
no ordering in them. Matching of attributes however requires a better
ordering to know whether the operator (condition) or whether the operand
(data) can be skipped. Otherwise it is possible that condition (b)
randomly fails to match data (a,b).
User-visible changes (mainly edge cases):
- Loose (a=1, a?) on data (a=0, a=1) would previously fail to return
(a=0,a=1) because the a? condition is not tried for data a=0. Now it
tries all compatible conditions for a data AVP.
- Any Match condition like (a=1, a^1) would previously be treated the
same as (a=1) while (a^1, a=1) would still be seen as (a^1, a=1). The
first case is now fixed to match (a=1, a^1). (Via a fix in insert_avp
to ensure that (a=1) is not considered the same as (a^1).)
- Every (a=1, a=2) on data (a=1, b=1) previously failed, but the
comment "it will not create a list if there is not a match for every
attribute in op" suggests that it should return (a=1).
- Every (a=1) on data (a=2) previously succeeded (bug) while it would
fail on (a=2, b=1). This is fixed now by checking whether any of the
conditions really have matching data for the attribute.
Other changes: optimize merge_avpl and new_avpl_*_match to insert in
linear time instead of quadratic, rewrite and add comments in an attempt
to make it easier to understand. Merge the new_avpl_every_match and
new_avpl_exact_match functions and rename it to new_avpl_pairs_match to
reflects its actual implemented functionality.
Not addressed in this patch is the quasi-randomness of the returned
data AVPL. AVPLs are unordered, so the condition Strict (a?) on data
(a=1, a=2) could in theory return either (a=1) or (a=2). In practice
this returns (a=1) because of alphabetical ordering, but this cannot
really be relied on. It gets worse for conditions like Strict (a?, a>1),
these are considered undefined behavior (without warnings for now).
Ping-Bug: 12184
Change-Id: I0008448ffcb96183f106cb937c4f488e26a82f92
Reviewed-on: https://code.wireshark.org/review/17777
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The translation of all RPCInterfaceUUID for PNIO evaluates to "PNIO".
However, UUID allows distinction of
- UUID_IO_DeviceInterface (IOD-IF)
- UUID_IO_ControllerInterface (IOC-IF)
- UUID_IO_SupervisorInterface (IOS-IF)
- UUID_IO_ParameterServerInterface (PServ-IF)
Bug: 12938
Change-Id: I97c27808f61abd96728421488bb0ee5fdbace566
Reviewed-on: https://code.wireshark.org/review/17865
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add an FT_CHAR type, which is like FT_UINT8 except that the value is
displayed as a C-style character constant.
Allow use of C-style character constants in filter expressions; they can
be used in comparisons with all integral types, and in "contains"
operators.
Use that type for some fields that appear (based on the way they're
displayed, or on the use of C-style character constants in their
value_string tables) to be 1-byte characters rather than 8-bit numbers.
Change-Id: I39a9f0dda0bd7f4fa02a9ca8373216206f4d7135
Reviewed-on: https://code.wireshark.org/review/17787
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The fields have names beginning with "ecatf.", the dissector is called
"ecatf", and it's only the frame layer of EtherCAT anyway, so just call
it "ecatf".
Change-Id: I2f127363fd115c307f0525f612fe184a30d46c55
Reviewed-on: https://code.wireshark.org/review/17406
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have all dissector tables have a "supports Decode As" flag, which
defaults to FALSE, and which is set to TRUE if a register_decode_as()
refers to it.
When adding a dissector to a dissector table with a given key, only add
it for Decode As if the dissector table supports it.
For non-FT_STRING dissector tables, always check for multiple entries
for the same protocol with different dissectors, and report an error if
we found them.
This means there's no need for the creator of a dissector table to
specify whether duplicates of that sort should be allowed - we always do
the check when registering something for "Decode As" (in a non-FT_STRING
dissector table), and just don't bother registering anything for "Decode
As" if the dissector table doesn't support "Decode As", so there's no
check done for those dissector tables.
Change-Id: I4a1fdea3bddc2af27a65cfbca23edc99b26c0eed
Reviewed-on: https://code.wireshark.org/review/17402
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I7606ee55be4428909e255496c0344fffe5847f02
Reviewed-on: https://code.wireshark.org/review/16804
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fill in the "gaps" so that all dissectors that verify checksums have both a
status and expert info field.
Also address comments from original proto_tree_add_checksum patch that didn't make it.
Ping-Bug: 8859
Change-Id: I2e6640108fd6bb218cb959fe9e4ba98a13e43a2f
Reviewed-on: https://code.wireshark.org/review/16590
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Create ws_g_warning for legitimate uses of g_warning
2. Use proto_tree_add_debug_text
3. Comment some out
Change-Id: Ida044bf40286b955fdd529c4f9907c8e09b3d7c5
Reviewed-on: https://code.wireshark.org/review/16678
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Many of the complaints from checkAPI.pl for use of printf are when its embedded
in an #ifdef and checkAPI isn't smart enough to figure that out.
The other (non-ifdef) use is dumping internal structures (which is a type of
debug functionality)
Add a "ws_debug_printf" macro for printf to pacify the warnings.
Change-Id: I63610e1adbbaf2feffb4ec9d4f817247d833f7fd
Reviewed-on: https://code.wireshark.org/review/16623
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I1e6bd722b3f04f171b462fc680ca080bb7ec03c7
Reviewed-on: https://code.wireshark.org/review/16625
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This is an attempt to standardize display/handling of checksum fields for all dissectors.
The main target is for dissectors that do validation, but dissectors that just report the
checksum were also included just to make them easier to find in the future.
Bug: 10620
Bug: 12058
Ping-Bug: 8859
Change-Id: Ia8abd86e42eaf8ed50de6b173409e914b17993bf
Reviewed-on: https://code.wireshark.org/review/16380
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Some needed to check return value, others were converted to use strtoul.
Change-Id: I55aae216f95362b67e006f6e682abbd5ae2c8dcc
Reviewed-on: https://code.wireshark.org/review/16502
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Perhaps they cannot ever have values > 65535, but there's really no
benefit to restricting them to 16 bits on the 32-bit and 64-bit
platforms on which we run, and this might address what CID 1364088 is
*really* complaining about.
Change-Id: I5238261d04783401873de89469f8e2906554add4
Reviewed-on: https://code.wireshark.org/review/16454
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Some UN*Xes declare an index() function, that being the name strchr()
originally had in V7 UNIX. This causes warnings from compilers if you
have a variable named "index", so rename the variable.
Change-Id: Ibb046005d1ef911ce0739ce70a0a55c13310cdf0
Reviewed-on: https://code.wireshark.org/review/16372
Reviewed-by: Guy Harris <guy@alum.mit.edu>
change filePosRecord's data type to long, this is what ftell() and
fseek() expect
limit filePosRecord's scope to the block where it's actually used
if ftell() returns < 0, don't move the file pointer and don't call
fseek() with the negative offset
Change-Id: If5a43099c32e476a691f4d6cd26ed7fb73490fcf
Reviewed-on: https://code.wireshark.org/review/16258
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
without the space, checkhf complains about an ei entry
martin@reykholt:~/src/wireshark.git$ ./tools/checkhf.pl plugins/profinet/packet-dcerpc-pn-io.c
ERROR: NO ARRAY: plugins/profinet/packet-dcerpc-pn-io.c, ei_pn_io_unsupported
Change-Id: Ie72efcec644225bc4f554117ae10672694823cad
Reviewed-on: https://code.wireshark.org/review/16257
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Now that nmake build system has been removed they are not needed anymore.
Change-Id: I88075f955bb4349185859c1af4be22e53de5850f
Reviewed-on: https://code.wireshark.org/review/16050
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Also some other tricks to remove unnecessary tvb_get_string_enc calls.
Change-Id: I2f40d9175b6c0bb0b1364b4089bfaa287edf0914
Reviewed-on: https://code.wireshark.org/review/16158
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
This will copy an address's "byte format" into a buffer. The original
intended design is for export_pdu functionality, which tries to do
this "manually" for many address types (and creates undesired dependencies)
The default functionality if a "byte format function" isn't provided
(currently the case for all address types) is a memcpy of the address
data. Providing "address to byte" functions to aid export PDU
functionality will be provided later.
Change-Id: I3703f9e617a8cef09165ad53a0f98c6372676b9b
Reviewed-on: https://code.wireshark.org/review/16070
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Most protocols just want to limit COL_INFO or COL_PROTOCOL
so give that level of granularity.
Bug: 12144
Bug: 5117
Bug: 11144
Change-Id: I8de9b7d2c69e90d3fbfc0a52c2bd78c3de58e2f8
Reviewed-on: https://code.wireshark.org/review/15894
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
assertion.
If a dissector forces registration of fields during dissection it needs to do
so in a way that clears the prefix registration. Otherwise epan will call the
registration routine a 2nd time (which will cause us to assert out) if a user
types a display filter (with the dissector's prefix) that doesn't exist.
Update the proto_register_prefix() comments to reflect this.
Change-Id: I3ce29243395fb55192bb5dfd950baa88410ac136
Reviewed-on: https://code.wireshark.org/review/15881
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
The tree item needed to test and append to isn't being stored,
so the items are never amended with notes, resulting in dead code.
Change-Id: Ib1a9b7994ad12a9a9013d1bc1e1e4c165f34f20f
Reviewed-on: https://code.wireshark.org/review/15826
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
+ TLV 15 has value decoded as on off
+ TLV 16 shows text parameters instead of decimal value
Change-Id: I6f0baa410f12e20825379a3ff0cd6174aa2bc576
Reviewed-on: https://code.wireshark.org/review/15678
Reviewed-by: Michael Mann <mmann78@netscape.net>
Next steps would be to add expert and add missing TLVs.
Change-Id: Ia05d81c380d412ab02e55bbfc08363d9153ff1c3
Reviewed-on: https://code.wireshark.org/review/15617
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I5083346cb03de522d76632eba5ec9cbbf17666ea
Reviewed-on: https://code.wireshark.org/review/15603
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"if (boolean)" suffices to test for true, and "if (!boolean)" suffices
to test for false.
Most of the time, explicitly comparing against TRUE or FALSE is
harmless, although possibly slightly less efficient, as you're
explicitly testing against 1 rather than testing for "not zero".
*However*, if you want to test whether a given bit is set in a flags
field, "if ((flags & flagbit) == TRUE)" *DOES NOT WORK* unless "flagbit"
is equal to 1, because TRUE is equal to 1, and if "flagbit" is not equal
to 1, "flags & flagbit" will *NEVER* be equal to 1.
So comparing "== TRUE" is a bad habit to get into, as it might lead to
its use when doing bit testing.
While we're at it, clean up some other tests:
"if (!(x == FALSE))" really means "x is true", so write it as
such, i.e. "if (x)";
if (a && b)
do this;
if (a && !b)
do that;
reads better as
if (a) {
if (b)
do this
else
do that
}
when doing bit testing, there's no need to shift the bit, just
test it (and, no, that doesn't conflict with the bit about TRUE
being 1 - *just test the bit*, it's the standard C idiom).
Fixes CID 1362119.
Change-Id: I011154caae45307796ffd270d265c05a2533b1db
Reviewed-on: https://code.wireshark.org/review/15585
Reviewed-by: Guy Harris <guy@alum.mit.edu>
New implemented functions for profinet plug-in to read cyclic RTC1 data
frames more detailed and further to dissect PROFIsafe on PROFINET frames.
New functions include:
- Reading the PROFINET "Ident OK" Frame for detailed module information,
as ModuleIdentNr., SubModuleIdentNr., etc. total dynamically
- Improved the existing dissection of fParameter with usage of GSDML-files,
as the indexnumber for those parameters can change
- Reading a GSDML-file for further module-information, such as PROFIsafe
Module, etc.
- Aded new pnio protocol preferences, in which the user can define its own
network path to his GSDML-files, so that Wireshark is able to read those
files for detailed information output.
- Added new filter functions for PROFINET and PROFIsafe
- All gained and saved information will be used to dissect the cyclic
PROFINET frames
Bug: 12216
Change-Id: I379da1d349fa099047953042f1aa30450bee5b30
Reviewed-on: https://code.wireshark.org/review/14119
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Birol Capa <birol.capa@siemens.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Previous patches converted all fvalue_to_string_repr calls to expect
an allocated buffer (and not a passed in one). Now changing signature
to force an allocated buffer. Added wmem in case that can be taken
advantage of within epan (and since the function signature was changing
anyway).
Change-Id: Ica1ac4a9a182ce0e73303856329e198d9d525b7b
Reviewed-on: https://code.wireshark.org/review/15343
Reviewed-by: Michael Mann <mmann78@netscape.net>
This generates a top level target, checkAPI, that is
excluded from the ALL build target, so must be run separately.
On Windows using a Visual Studio generator, call
msbuild /p:Configuration=RelWithDebInfo checkAPI.vcxproj
Change-Id: I44a57c564dcfc75499463b942436f4b920a82478
Reviewed-on: https://code.wireshark.org/review/14873
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Wireshark was failing to parse DOCSIS 3.1 BPKM Response (Auth Reply)
messages with a key length of 256 bytes, which is in the DOCSIS 3.1
specification located here:
http://www.cablelabs.com/specification/docsis-3-1-security-specification/
See Appendix I.4 "Authorization Reply"
Change-Id: Ic50eb4a2d637a7bc47385b7c0a96c830f7a920be
Reviewed-on: https://code.wireshark.org/review/15149
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
master-branch libpcap now generates a reentrant Flex scanner and
Bison/Berkeley YACC parser for capture filter expressions, so it
requires versions of Flex and Bison/Berkeley YACC that support that.
We might as well do the same. For libwiretap, it means we could
actually have multiple K12 text or Ascend/Lucent text files open at the
same time. For libwireshark, it might not be as useful, as we only read
configuration files at startup (which should only happen once, in one
thread) or on demand (in which case, if we ever support multiple threads
running libwireshark, we'd need a mutex to ensure that only one file
reads it), but it's still the right thing to do.
We also require a version of Flex that can write out a header file, so
we change the runlex script to generate the header file ourselves. This
means we require a version of Flex new enough to support --header-file.
Clean up some other stuff encountered in the process.
Change-Id: Id23078c6acea549a52fc687779bb55d715b55c16
Reviewed-on: https://code.wireshark.org/review/14719
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I9e67ccee06c93c25c766fae8bdd8a9890416655f
Reviewed-on: https://code.wireshark.org/review/14648
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: Idee70e6eaa926efb74cd4ff0bb529a601edbb67e
Reviewed-on: https://code.wireshark.org/review/13729
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This saves many dissectors the need to find the data dissector and store a handle to it.
There were also some that were finding it, but not using it.
For others this was the only reason for their handoff function, so it could be eliminated.
Change-Id: I5d3f951ee1daa3d30c060d21bd12bbc881a8027b
Reviewed-on: https://code.wireshark.org/review/14530
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Started by grepping call_dissector_with_data, call_dissector_only and call_dissector and traced the handles passed into them to a find_dissector within the dissector. Then replaced find_dissector with find_dissector_add_dependency and added the protocol id from the dissector.
"data" dissector was not considered to be a dependency.
Change-Id: I15d0d77301306587ef8e7af5876e74231816890d
Reviewed-on: https://code.wireshark.org/review/14509
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I5c7529bc630ad7312011b04ce101ba3608041d35
Reviewed-on: https://code.wireshark.org/review/14435
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Was using AT_NONE as "unknown address type" instead of "no address".
Ping-Bug: 12205
Change-Id: Ic1d7022f8eaa3dfab9bb7b607eed264cc527c87c
Reviewed-on: https://code.wireshark.org/review/14242
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ia2ef8c4211ca717d6e99f596cd7f2de92d5aa7ca
Reviewed-on: https://code.wireshark.org/review/14202
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Try to improve address API and also fix some constness warnings
by not overloading the 'data' pointer to store malloc'ed buffers
(use private pointer for that instead).
Second try, now passing test suite.
Change-Id: Idc101cd866b6d4f13500c9d59da5c7a38847fb7f
Reviewed-on: https://code.wireshark.org/review/13946
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Remove mostly obsolete aclocal macros. Make GTK build flags a strict superset
of GLib flags. Use GTK build variables for GTK GUI and GLib elsewhere. Add
dependency flags explicitly instead of using WS_CPPFLAGS.
Some minor improvements and fixes for missing/unnecessary variables (no impact
on our test builds).
Change-Id: I3e1f067a875f79d6516c1fa7af986f17a7a6b671
Reviewed-on: https://code.wireshark.org/review/14005
Reviewed-by: João Valverde <j@v6e.pt>
Ahmad Fatoum