FT_STRINGZ means "terminated by a null character", so there can't be
non-null characters following the terminating null.
FT_STRINGZPAD doesn't only mean "padded with nulls"; there are protocols
where a string that's not the full length of the part of the packet for
the string has a null terminator but isn't guaranteed to be fully padded
with nulls. We can later add a separate type for fields where we really
*should* check that the padding is all nulls.
Change-Id: I5964817b4b847cb4db73f8ac673141052e8ef92c
Reviewed-on: https://code.wireshark.org/review/38230
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Section D.2.4.3 "protocol identity" of IEEE 802.1Q-2018 says:
The protocol identity field shall contain the first n octets of the
protocol after the layer 2 addresses (i.e., for example, starting
with the EtherType field) that the sender would like to advertise.
Show it as FT_BYTES, not FT_STRINGZ.
Add a comment explaining that, and expand a comment to indicate what
specifications there are for LLDP and some Organizationally Specific
TLVs.
Change-Id: I8c41026379731d1c05134d6e7ad563227f9fbfde
Reviewed-on: https://code.wireshark.org/review/38229
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Fix some Wayback Machine URLs that no longer work because the
wayback.archive.org domain name no longer works.
Update some Microsoft URLs that used to go through the Wayback Machine
to point to the current versions at docs.microsoft.com.
Update a comment to reflect the disappearance of a Network Associates
document and its absence from the Wayback Machine.
Change-Id: I27a5b19fa7747a8f601fd9e6c0bf75aba0a3528e
Reviewed-on: https://code.wireshark.org/review/38225
Reviewed-by: Guy Harris <gharris@sonic.net>
Add URLs from newer versions of the protocol documentation.
Change-Id: I03d6b4d34ce7f7b831a4eda3075b65b026f96526
Reviewed-on: https://code.wireshark.org/review/38224
Reviewed-by: Guy Harris <gharris@sonic.net>
Update one URL to a newer location and newer version of the document;
change the other one to use HTTPS.
Change-Id: I18bb2a14722c4e340a3e5f1afe0198def9d4fceb
Reviewed-on: https://code.wireshark.org/review/38223
Reviewed-by: Guy Harris <gharris@sonic.net>
The original document no longer appears to be available; point to the
Wayback Machine version.
Change-Id: I9f0b0742339cc7a982e638cbae5155e9ac6c1d20
Reviewed-on: https://code.wireshark.org/review/38222
Reviewed-by: Guy Harris <gharris@sonic.net>
Don't just pass ENC_NA, pass ENC_ASCII|ENC_NA, to mark all string
fetches with the encoding to use.
Change-Id: Icbe533b8e36d6df25841049950512cecd4c247a1
Reviewed-on: https://code.wireshark.org/review/38221
Reviewed-by: Guy Harris <gharris@sonic.net>
Don't just pass ENC_NA, pass ENC_ASCII|ENC_NA, to mark all string
fetches with the encoding to use.
Change-Id: If834f216a49787ff09b3b714d755d9467848e5a5
Reviewed-on: https://code.wireshark.org/review/38220
Reviewed-by: Guy Harris <gharris@sonic.net>
GSMTAP has recently gained support for wrapping E1/T1 protocol traces.
This is very useful as contrary to pcap/wtap file based protocol traces,
GSMTAP can be streamed in real-time.
The GSMTAP pseudo-header encodes information such as
* the E1/T1 timeslot number
* the E1/T1 subeslot number (if I.460 is used)
* the E1/T1 line/span number (somewhat awkwardly as 'antenna number')
* the payload (LAPD, Frame Relay, TRAU, ...)
In this first implementation in wireshark, only FR and LAPD
sub-dissectors are added. The other payloads (TRAU) do not have any
wireshark dissectors so far.
Change-Id: Ib699e9231ef7b9e6c5053e6b920954b3e7b0a4a4
Reviewed-on: https://code.wireshark.org/review/38213
Reviewed-by: Vadim Yanitskiy <vyanitskiy@sysmocom.de>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
I cannot find any mention in Q.933 that those two information elements
should not be present in CS0. In fact, multiple real-world traces
I just recently took from Cisco and Ericsson equipment encodes
those IEs in normal codset 0.
This appears to have been broken since commit
bafebc7b80 in 2005, when the code was
first introduced.
Change-Id: I4c0ad080447d492b541cf7abd1e3f24a0e85084a
Reviewed-on: https://code.wireshark.org/review/38212
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3GPP TS 48.016 specifies GPRS-NS over Frame Reley. In Section
6.1.1 it explicitly states that ITU-T Q.933 Annex A for FR PVC
must be supported. In real-world Gb-over-FR protocol traces I also
see related LMI messages on DLCI=0.
Hence, let's not dispatch DLCI=0 messages to the GPRS-NS dissector,
where they are all detected wrongly. Only non-zero DLCI are NS-VC.
Change-Id: I6ce3557cda0da31323a851008bf648047ba1f926
Reviewed-on: https://code.wireshark.org/review/38211
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There is IPv4 Address/ 6 null bytes / IPv4 Address
IPv4 Address is client ? DC ?
Bug: 16657
Change-Id: Ie09f4598e18e26c95d297e3c622c80d3395d25d4
Reviewed-on: https://code.wireshark.org/review/38196
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I2fad824ca417dcd089fabfdf06f28529c7ee9e87
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Reviewed-on: https://code.wireshark.org/review/37949
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
'couchbase.flex_frame_extras' exists multiple times with incompatible types: FT_STRING and FT_UINT8
Change-Id: Ide607ca786e19015f4aae3cfbe85675581968267
Reviewed-on: https://code.wireshark.org/review/38011
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There can be multiple PDV segments in the same frame that belong to
different reassemblies. Change the reassembly_id used for the
reassembly tables so that it is not identical for all segments in
the same presentation context (but still unique for a given reassembly),
so that that case can be handled properly. Otherwise fragment_add_seq_next
will retrieve the wrong reassembly for one of the segments (especially
on the second pass.)
Bug: 13110
Change-Id: Ib967fc7f6b7b591b9e3494d81d3b5d4ecc43cac1
Reviewed-on: https://code.wireshark.org/review/38200
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There are undefined bytes which must be included in DHCP
suboption block according to DCP Block Length. In other
words, there are still bytes after dissection of defined
parameters finish but DCP block length does not finish.
In order to solve the problem, these bytes are included in
DHCP suboption block and marked Undefined. The byte number
can be 1, so bytes word in pn_user_data is changed to byte.
Change-Id: I2be23b41a9827f9c2159b97a05658ddf557865cf
Reviewed-on: https://code.wireshark.org/review/38203
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Domain ID in non participant discovery packets is deduced from the port.
This is valid only when using UDP. If using TCP that values must be
taken from the discovery or otherwise mark it as unknown.
Change-Id: I8fe64f5f67d86412edefdccdca8ded63193f6e14
Reviewed-on: https://code.wireshark.org/review/38003
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If one field uses a report ID, all other should too. Otherwise we don't
know if the first byte is a report ID or a data value.
Change-Id: I84f5cde3f08c26d904d7c5f66e8d622b820b3f6c
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Reviewed-on: https://code.wireshark.org/review/37781
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There cases where we may want to pre-allocate some memory before
appending all the fields.
Change-Id: Ic46e83733d4338dbda45b2ca3ff2d533c5b44026
Signed-off-by: Filipe Laíns <lains@archlinux.org>
Reviewed-on: https://code.wireshark.org/review/38122
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
format_text(alloc, string, strlen(string)) is a common idiom; provide
format_text_string(), which does the strlen(string) for you. (Any
string used in a %s to set the text of a protocol tree item, if it was
directly extracted from the packet, should be run through a format_text
routine, to ensure that it's valid UTF-8 and that control characters are
handled correctly.)
Update comments while we're at it.
Change-Id: Ia8549efa1c96510ffce97178ed4ff7be4b02eb6e
Reviewed-on: https://code.wireshark.org/review/38202
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
- use segment size during sdo (write by index) payload decoding process
- set mapping-sections of sdo objects one level lower
Bug: 16792
Change-Id: Iae3f2095142ad076f7cde6266493e7308c65a51f
Reviewed-on: https://code.wireshark.org/review/38199
Reviewed-by: Christian Krump <christian.krump@br-automation.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
it is possible to have multiple range port for TSAgent
Change-Id: I7b45f30a1d1cf974ffcf62d2f19dbc30b621ec4e
Reviewed-on: https://code.wireshark.org/review/38186
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update the data related to ITU-T E.212 with the latest released information
as found in the ITU-T Operational Bulletins, amended with some other online
resources where the ITU-T seem not be informed yet.
Also retain the UTF-8 encoding of the registered data.
Bug: 16755
Change-Id: I13ba306558c0768379fa0e82db84e30f57af8259
Reviewed-on: https://code.wireshark.org/review/38159
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
With commit f8a394022b the Unassigned
entries were put in with off-by-one values. This changes puts them
in their right place.
Change-Id: I77c6eb4c47f17b8fba2dd662d3589ff63855e55f
Reviewed-on: https://code.wireshark.org/review/38179
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Implement updates of the following lists:
List of Signalling Area/Network Codes (SANC), based on
Annex to the ITU Operational Bulletin No. 1125 - 1.VI.2017
List of International Signalling Point Codes (ISPC), based on
Annex to ITU Operational Bulletin No. 1199 - 1.VII.2020
Also retain the UTF-8 encoding of the registered data.
Change-Id: I8c0ff7107a9489d7ec6ed1cc272717f06e2e7599
Reviewed-on: https://code.wireshark.org/review/38073
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The hf field was already created, but it was just not used anywhere.
Change-Id: I7af885911093d6a7a57a408c6d4d11bda155e6f6
Reviewed-on: https://code.wireshark.org/review/38178
Reviewed-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
SI symbol for kilohertz is kHz, not KHz.
Ping-Bug: 11743
Change-Id: Ie6cafd242b2e479783ecd8ab8a04c08effe23413
Reviewed-on: https://code.wireshark.org/review/38168
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Set I/O to only drive on a '0' and tristate on a '1' command essentially
sets each I/O output type to either Open-Drain or Push-Pull.
Ping-Bug: 11743
Change-Id: I580d63c80114ad8f4a7cb1fc82a3c40720cc71e6
Reviewed-on: https://code.wireshark.org/review/38167
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
'check_tfs.py --common' can look for tfs values that appear multiple times.
Current output prior to these dssector changes was:
('No Extension', 'Extension') appears 3 times in: ['epan/dissectors/packet-bssap.c', 'epan/dissectors/packet-camel.c', 'epan/dissectors/packet-gsm_map.c']
('Optimised for signalling traffic', 'Not optimised for signalling traffic') appears 3 times in: ['epan/dissectors/packet-gsm_a_gm.c', 'epan/dissectors/packet-gsm_map.c', 'epan/dissectors/packet-gtp.c']
('Data PDU', 'Control PDU') appears 3 times in: ['epan/dissectors/packet-pdcp-lte.c', 'epan/dissectors/packet-pdcp-nr.c', 'epan/dissectors/packet-rlc-nr.c']
('Message sent to originating side', 'Message sent from originating side') appears 3 times in: ['epan/dissectors/packet-q2931.c', 'epan/dissectors/packet-q931.c', 'epan/dissectors/packet-q933.c']
('User', 'Provider') appears 3 times in: ['epan/dissectors/packet-q2931.c', 'epan/dissectors/packet-q931.c', 'epan/dissectors/packet-q933.c']
The first and last ones were made common, the others seem a little too specialised.
Checking some of the existing items in tfs.c (using QtCreator's 'Find Usages'),
some of the common items are used a lot, but many of them are not referenced.
Change-Id: Ia4006d2c4fa7cafbc3b004dc7a367a986dbeb0c4
Reviewed-on: https://code.wireshark.org/review/38177
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>