and also fix warning found by fix-encodings-args
Change-Id: I20193d9f2700e8ede439dcc848390ff7672239b3
Reviewed-on: https://code.wireshark.org/review/1318
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Also, remove some more proto_tree_add_text() occurrences.
Change-Id: Ie46e16308b95f190229c22d06c5235ea3464394a
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1317
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Otherwise we end up doing reassembly of long messages one painful byte at a time
even when all of those bytes are in the same TCP payload. This results in
ridiculous memory usage.
Change-Id: Ie28d5ade1fec54e6ebc225341582270651d7371c
Closes-Bug: 10018
Reviewed-on: https://code.wireshark.org/review/1312
Reviewed-by: Evan Huus <eapache@gmail.com>
it no longer has any warnings
This reverts commit 30c9f421c0.
Change-Id: I5cc71f905ffa4f00ffb44ad7d03b2684c2e44e38
Reviewed-on: https://code.wireshark.org/review/1316
Reviewed-by: Evan Huus <eapache@gmail.com>
it no longer has any warnings
This reverts commit 3ff57c86ad.
Change-Id: I655f4cf682eb6784340799c54d2f9a6cc5321812
Reviewed-on: https://code.wireshark.org/review/1315
Reviewed-by: Evan Huus <eapache@gmail.com>
Avoid printf warnings when loading a capture with kerberos packets
when not having configured a keytab file.
Change-Id: I0950daa18c42f4687d29101fac74f6f6bd6071b1
Reviewed-on: https://code.wireshark.org/review/1300
Reviewed-by: Evan Huus <eapache@gmail.com>
As pointed out by David Ameiss, I only did automake the first time round.
Change-Id: Ie72ab5014d8f21d194d15af430c6c0a8a612f5f7
Reviewed-on: https://code.wireshark.org/review/1309
Reviewed-by: Evan Huus <eapache@gmail.com>
It currently generates some unused functions.
Change-Id: I59e2ffefbf66975d35f2a89c2c49c3ab61f41a84
Reviewed-on: https://code.wireshark.org/review/1306
Reviewed-by: Evan Huus <eapache@gmail.com>
- Create/use an extended value string;
- Use ...add_text() instead of ..._add_string() for a packet details "header" line
(Removes a filter named "mqtt" (not the 'protocol' filter));
- Fix what is (IMO) a slightly misleading display of "Connect Flags";
- Remove two lines of duplicate code;
- Localize some variables;
- Remove some unneeded initializers;
- Set tab-stops, etc in editor mode-lines to 8;
- 'offset++' ==> 'offset += 1';
- Do some minor whitespace changes.
Change-Id: Ia891c6893643790dbb26510f060c4fb6dfe1fe3a
Reviewed-on: https://code.wireshark.org/review/1304
Reviewed-by: Bill Meier <wmeier@newsguy.com>
g867a1827e7dc88896ee27a107eb35c4b3973d270 introduced a change to cleanup/fix
handling of bounds checks for -1 length fields, but it ended up guaranteeing a
throw for 0-length tvbs, which isn't good; we ought to be able to add 0-length
FT_PROTOCOL items at the very least.
Better names for the function than _cheat are welcome, but I want to shut up the
buildbot.
Change-Id: I24610f947d03dac32766e2a0ffa0ff7bcc74c3e8
Reviewed-on: https://code.wireshark.org/review/1303
Reviewed-by: Evan Huus <eapache@gmail.com>
Ie4d1edfd67a8e6f02834573f29f07baf79058534 created a several duplicate hf_ registrations. That led to the exposure of some other potential problems with generating sequences.
Still not quite complete, but want to pacify the buildbots, so there is a small amount of manual editing to comment out a few duplicated hfs in packet-parlay.c.
Change-Id: I0ff8a9795e213ab966db8d6333b9477bad06250b
Reviewed-on: https://code.wireshark.org/review/1302
Reviewed-by: Michael Mann <mmann78@netscape.net>
It causes the DTLS decryption test suite to fail for some reason, and I don't have time/energy to investigate further, so we should probably revert it until that gets resolved.
This reverts commit fc5d8db74d.
Change-Id: Iac9a7592047d2e080e380a70752efa076303e442
Reviewed-on: https://code.wireshark.org/review/1297
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
This has two expected uses:
- Many current users of wmem_tree don't actually need the predecessor lookup
it provides (the lookup_le function family). A hash map provides straight
insertion and lookup much more efficiently than a wmem_tree when predecessor
lookup isn't needed.
- Many current users of glib's hash table and hash functions use untrusted data
for keys, making them vulnerable to algorithmic complexity attacks. Care has
been taken to make this implementation secure against such attacks, so it
should be used whenever data is untrusted.
In my benchmarks it is measurably slower than GHashTable, but not excessively
so. Given the additional security it provides this seems like a reasonable
trade-off (and it is still faster than a wmem_tree).
Change-Id: I2d67a0d06029f14c153eaa42d5cfc774aefd9918
Reviewed-on: https://code.wireshark.org/review/1272
Reviewed-by: Evan Huus <eapache@gmail.com>
This patch fixes dissection of some fields and restores some of the
output before the dissector was updated not to use proto_tree_add_text()
calls.
While at it improve the consistency in the code.
Change-Id: Ic30e60de1382f4325bd75e814444205f2fc5a359
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1283
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Previously a sequence of "native" types (int, float, etc) generated a proto_tree_add_uint (for the loop over the sequence) and a proto_tree_add_XXX (for the "native" type), but only 1 hf variable was created for the "loop" field, so DISSECTOR_ASSERT_NOT_REACHED would be generated if "native" type != uint. Now a separate hf_ variable is generated for the "loop" and "native" type.
Also update existing IDL dissectors with new generator logic.
Change-Id: Ie4d1edfd67a8e6f02834573f29f07baf79058534
Reviewed-on: https://code.wireshark.org/review/1274
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(not sure why, but regeneration also "moved" some hf_ variables from previous version)
Change-Id: I197eacbb3f892dbdca6e6bc354fc88240c1bfb34
Reviewed-on: https://code.wireshark.org/review/1291
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Treat FT_BYTES and a few others the same as FT_PROTOCOL: allow a zero length
but throw an exception if the offset is already beyond the end of the TVB
(prior to this change it would assert out). This (when manually applied to
master-1.10) fixes https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9999 .
While we're at it: tvb_captured_length_remaining() no longer returns -1 (see
r52571) so don't expect it to. Instead just use
tvb_ensure_captured_length_remaining() to throw an exception if the offset is
bad.
Change-Id: I686722a4fed46b86139466afcf64ff02f319c702
Reviewed-on: https://code.wireshark.org/review/1289
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Remove unneeded #includes;
- Move proto_reg_handoff...(() to the end of the file as per convention;
- Use dissector_add_handle() instead of using dissector_add_uint(..., 0, ...);
- #if 0 an unused global function (which caused a [-Wmissing-prototypes] warning);
- Remove an empty proto_reg-handoff...();
- 'if (already_registered)' not required in one case.
Change-Id: I74f267c2721df13eb4d52d7f19a6ded423218a39
Reviewed-on: https://code.wireshark.org/review/1277
Reviewed-by: Bill Meier <wmeier@newsguy.com>
This is more reliable than doing "tree math" and corrects the intention of 5470356154 which made the incorrect assumption that tcp_dissect_pdus will be called with the tree that is passed into a protocol's main dissection function (directly from TCP).
Change-Id: I6ffc2188420ab74784c7bc2c69aa79ff071c90b6
Reviewed-on: https://code.wireshark.org/review/1214
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rather than using a hash table, which is overkill and slow, embed a
doubly-linked-list in the prefix structure.
On my tests with some random capture file and tshark -nxVr:
- normal block allocator: ~2.1 seconds
- old (slow) strict allocator: ~4.2 seconds
- new (fast) strict allocator: ~2.8 seconds
The buildbot will thank me :)
Change-Id: I2fb42229c4ee4c40bbe45ba04b7848792998eaa9
Reviewed-on: https://code.wireshark.org/review/1251
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Modern hosts typically open many more TCP and UDP connections than in
years past. For an example opening a popular news site in a web browser
can easily trigger dozens of separate connections. At the same time our
services file has accumulated a lot of cruft over time. As a result
transport name resolution is a bunch of lies.
Change-Id: Ibbca5b1c7ea1e800fc46dad63b9270128dacd721
Reviewed-on: https://code.wireshark.org/review/1240
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I9b0cb7c8602f813fd06f1b3ea6107ed6fe8d72ed
Reviewed-on: https://code.wireshark.org/review/1244
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I5e0e44019ddee4d39fbf2d6204c40c02d3e97c6f
Reviewed-on: https://code.wireshark.org/review/1243
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Bugs fixed:
- DISSECTOR_BUG (reported by proto.c) when displaying "Parameters"
(Apparently introduced in I8de7a19 (gc538b44))
- Incorrect byte pane highlighting for ARG_ARRAY container type
(In dissector code as originally committed)
- "uint32uint32" should be "uint32" in packet details.
(In dissector code as originally committed)
Cleanup:
- Remove unneeded #includes;
- Simplify some code;
- Remove unneeded initializers;
- Fix: "warning: no previous prototype...[-Wmissing-prototypes]"
- Reformat hf[] array entries;
- Fix some spelling;
- Do indentation, whitespace & formatting style changes.
Change-Id: If1f488f10ba83b27f75a1f71cf4bce7d5279e87c
Reviewed-on: https://code.wireshark.org/review/1238
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
This is substantially more memory-efficient, shaving another ~1.5MB off our base
usage. It also lets us remove the annoying extra "last_field" pointer and
simplify proto_register_field_common(). It also accidentally fixed what may
have been a memory leak in proto_unregister_field().
It unfortunately complicates proto_get_next_protocol_field() to require
refetching the protocol each time, but that is itself just an array-lookup under
the covers (and isn't much used), so I don't expect the performance hit to be
noticable.
Change-Id: I8e1006b2326d6563fc3b710b827cc99b54440df1
Reviewed-on: https://code.wireshark.org/review/1225
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Shaves ~1.5MB off our base memory usage, and provides O(1) operations instead of
O(log n). We don't need the additional operations a tree provides.
Change-Id: I6159d09ee380a2bca0de3bb2d031a874d8eb79d2
Reviewed-on: https://code.wireshark.org/review/1224
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: Ia0779c6055f6e2864d2099fd607d9763e4040380
Reviewed-on: https://code.wireshark.org/review/1233
Reviewed-by: Michael Mann <mmann78@netscape.net>
Alexis La Goutte