Fixes ASAN test failures for test_wireshark_capture_from_stdin and
test_wireshark_capture_from_fifo tests.
Change-Id: I196fe2a299761f95e07b3091b934a566403e3e3f
Reviewed-on: https://code.wireshark.org/review/31844
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The RSA Keys API and GUI are only functional when GnuTLS support is
available. Be sure to hide the functions in the header and hide the
preferences panel when GnuTLS support is missing.
Change-Id: I0a52ab142c4d45b8186780ea9b1645542dcc6305
Fixes: v2.9.1rc0-585-gec8f506c4b ("Qt: add initial RSA Keys preference frame")
Reviewed-on: https://code.wireshark.org/review/31837
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
In some cases the column width and/or hidden setting is not correctly applied
when switching between profiles having different hidden settings.
Unhiding the column before applying width and hidden setting fixes this issue.
Bug: 15466
Change-Id: I09e3451612ba6dd0510b19f7f4d84d281b0188b5
Reviewed-on: https://code.wireshark.org/review/31812
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Update release notes now that this GUI is mostly functional.
Change-Id: I118fbbe879e366643084f0e7ac3e437a29f21d5f
Reviewed-on: https://code.wireshark.org/review/31797
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Load the list of key URIs, strip known keys, ask for a PIN, add valid
results to the list. Apply this list on pressing OK in the preferences
dialog or revert the changes on pressing Cancel.
Change-Id: Id48cd9b876b4d272eb6dbdadf8a0859190cc0ce8
Reviewed-on: https://code.wireshark.org/review/31796
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The RSA Keys frame is intended to configure RSA keys (both key files and
PKCS #11 tokens). Add a new "RSA Keys" item to the preferences menu.
Implement addition and removal of PKCS #11 libraries and add an initial
version that displays configured RSA keys.
The "Add new token…" button will be implemented later.
Change-Id: Ie5b9eb403afc7bebeb7be8bd53d4d4b30842204c
Reviewed-on: https://code.wireshark.org/review/31795
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
UatModel could be constructed with a name instead of an epan_uat type.
To allow those users to save/revert the uat, make sure to expose a
method that does not require access to the underlying epan_uat type.
Change-Id: I1d1a5811c1025bd9c2a2ea1722f460e6ac33b9aa
Reviewed-on: https://code.wireshark.org/review/31793
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Set the push button as parent to the save menu so it will be deleted
when that parent is destroyed.
Change-Id: Ic396dcf25092c90cd305a010be3d551d8ad8397c
Reviewed-on: https://code.wireshark.org/review/31802
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The memory ownership of wtap_rec::opt_comment was not clear. Users of
wtap were leaking memory (editcap.c). wtap readers were not sure about
freeing old comments (erf) or simply ignored memleaks (pcapng).
To fix this, ensure opt_comment is owned by wtap_rec and free it with
wtap_rec_cleanup. The erf issue was already addressed since
cf_get_packet_comment properly duplicates wth.opt_comment memory.
- wtap file formats (readers):
- Should allocate memory for new comments.
- Should free a comment from an earlier read before writing a new one.
- Users of wth:
- Can only assume that opt_comment remains valid until the next read.
- Can assume that wtap_dump does not modify the comment.
- For random access (wtap_seek_read): should call wtap_rec_cleanup
to free the comment.
The test_tshark_z_expert_comment and test_text2pcap_sip_pcapng tests now
pass when built with ASAN.
This change was created by carefully looking at all users opt
"opt_comment" and cf_get_packet_comment. Thanks to Vasil Velichkov for
an initial patch which helped validating this version.
Bug: 7515
Change-Id: If3152d1391e7e0d9860f04f3bc2ec41a1f6cc54b
Reviewed-on: https://code.wireshark.org/review/31713
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Vasil Velichkov <vvvelichkov@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
cf_get_packet_comment already has one code path that returns duplicated
memory. Be sure to document the requirement to free this memory and
adjust Qt to avoid memory leaks.
Be firm and assume that wth.opt_comment is owned by wth, so duplicate it
before returning it from cf_get_packet_comment.
Change-Id: I91f406296c9db5ea21b90fc2e108c37de4528527
Ping-Bug: 7515
Reviewed-on: https://code.wireshark.org/review/31712
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Vasil Velichkov <vvvelichkov@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Manually checked all callers of wtap_seek_read to ensure that
wtap_rec_cleanup is called. Added missing wtap_rec_cleanup to:
- Completion of sequential read: wtap_sequential_close
- Callers of wtap_seek_read:
- users of cf_read_record_r:
- PacketListRecord::dissect
This fixes one of the two ASAN memleak reports while running
test_tshark_z_expert_comment and test_text2pcap_sip_pcapng (the other is
about opt_comment which is still unfixed).
Vasil Velichkov also found this issue and came up with a similar fix.
Change-Id: I54a6aa70bfdb42a816d03ad4861d0ad821d0ef88
Reviewed-on: https://code.wireshark.org/review/31709
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The glib gboolean and integer types are used interchangably,
while a proper use is easily achievable.
Change-Id: I8943bb90c9f23c0e58c296ad3b45153d0364953c
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/31708
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Include the current word in the filter completion list to give the
user a more complete picture of what constitutes a valid single-token
protocol name.
Bug: 15431
Change-Id: I77cfc78f19623d9aefd4441a67ed3ae72068034e
Reviewed-on: https://code.wireshark.org/review/31654
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
From the updates to text2pcap take the updates to the code comments and
apply them here as well. This also applies to the User Guide help texts.
Change-Id: I4e73fb1372ea0c1866c6d0fee7c14bc645fbe1b1
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/31636
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This is more explicit and easier to read with slightly better locality
while using less code.
Also less awkward when the package doesn't fit the narrow package list
expectations.
The ws_find_package() macro doesn't include all the status messages. The
choice was to rely on standard find_package() and feature_summary() output
and be less verbose.
Avoid polluting the CLI build interface. Per target include paths and
macro definitions are preferred.
Because this patch intentionally removes the global CMAKE_*_FLAGS
and include_directories() usage in favor of target properties, some
untested build configurations may inadvertently break because of
missing ${PACKAGE}_INCLUDE_DIRS or ${PACKAGE}_DEFINITIONS. This
required a manual review of dependencies that might have been
incomplete.
${PACKAGE_VAR}_LINK_FLAGS seems to be unused.
Changing the CMake Qt code to use more modern CMake component syntax
is left as future work.
Change-Id: I3ed75252189a6e05a23ed6e619088f519cd7ed78
Reviewed-on: https://code.wireshark.org/review/31496
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Resources such as translations (autogenerated qm files) and SVG images
resulted in non-reproducible builds. Be sure to disable this to make the
resources reproducible on Qt < 5.8 or Qt >= 5.9 (excluding Qt 5.8.x).
With this change, the Wireshark build is reproducible invariant of the
build directory (but not the source directory).
Bug: 15163
Change-Id: I9240d2aa6e7298e1928c0f1d97ce83673320024d
Reviewed-on: https://code.wireshark.org/review/31593
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The correct method of selection of colors is just using the
QColorDialog not a specialized object. Implementing it just
that way, to correct bug on Linux
Bug: 15399
Change-Id: I3c4785d352888ec34c34534667c3f7df182f9fd7
Reviewed-on: https://code.wireshark.org/review/31465
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Save 800ms and avoids a synchronization point (improves build
parallelism) by directly adding object files to the wireshark binary.
Change-Id: I7d1484c65a26f3f6874474b61d38ba474aba8347
Reviewed-on: https://code.wireshark.org/review/31512
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
What we were calling the "name" is actually a description to show to
users; what were calling the "short name" is just the name to use on the
command line.
Rename some routines and structure members, and put the name first and
description second in the table.
Expand some descriptions to give more details (e.g., to be more than
just a capitalized version of the name).
Fix the CamelCase capitalization of InfiniBand.
Change-Id: I060b8bd86573880efd0fab044401b449469563eb
Reviewed-on: https://code.wireshark.org/review/31472
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Set the push button as parent to the profile list menu so it will
be deleted when that parent is destroyed.
Change-Id: Ide4a234e039a3e27d9ee4732a3800906c80be173
Reviewed-on: https://code.wireshark.org/review/31446
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Only copy ASCII characters when doing "Copy Bytes as Hex + ASCII Dump"
from the ByteView. This is what we do in all other Hex Dumps.
Also change the parameter name to reflect this.
Change-Id: I63cc79ffa014fd9aa50c84d765ee168f0b1ea44a
Reviewed-on: https://code.wireshark.org/review/31442
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Draw a circle+backslash or a warning triangle in the far right of the
line edit entry for invalid and deprecated filters respectively. This
should provide an additional clue for color blind users.
Bug: 15326
Change-Id: I55a1e214834a340ccda3bfe8880bba12c5e274e9
Reviewed-on: https://code.wireshark.org/review/30936
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rename the Remove action in the welcome page to "Remove from list" to
indicate that the file is only removed from the list, not from disk.
Change-Id: I4a47c9852203596cc601bf254a4bcfc700ccd025
Reviewed-on: https://code.wireshark.org/review/31433
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add a menu item for "Show in Finder/Folder" for plugins in cases where
Wireshark loads plugins from other folders than is listed in "Folders".
Change-Id: I8cc42d9992d885f1ca37f5769d7292bed1584f4b
Reviewed-on: https://code.wireshark.org/review/31270
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Doing so means we'd close the FD, but we've already closed it.
Addresses Coverity CID 1442274.
Change-Id: I5aab1bd4b82e9ac0901bcdbc1ddb6b16eec30573
Reviewed-on: https://code.wireshark.org/review/31312
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We've already reported the files that couldn't be saved; no need to tell
the user something they already know by that point.
Change-Id: I8251a46134342df6b40a6324aa76a5237fde7c93
Reviewed-on: https://code.wireshark.org/review/31298
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
If a particular save failed, always let the user know.
Change-Id: I618e0ff82813cd4249ab7b1714f9a50e095a1ea8
Reviewed-on: https://code.wireshark.org/review/31296
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Limiting the maximum *path* name length is bogus; if the user wants to
store the file in some directory deep under the root (UN*X) or the root
of the drive (Windows), that's their choice - don't prevent them from
saving in a directory with a path longer than some maximum or limit the
file name based on the length of the path leading up to it.
Limiting the maximum *file* name is presumably to cope with, for
example, HTTP objects with a URL that had a very long query component,
so it makes sense.
Change-Id: Idfc7de8124ee80bdd4950341ff2239834eb9f6f6
Reviewed-on: https://code.wireshark.org/review/31295
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have eo_save_entry() use the report_ routines to report errors, so they
pop up a dialog in Wireshark and print an error message in command-line
programs such as TShark. Use it instead of local_eo_save_entry().
Change-Id: I689fd880ff2a31486372374560129ee9d9692b1e
Reviewed-on: https://code.wireshark.org/review/31294
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This allows taps that can fail to report an error and fail; a failed
tap's packet routine won't be called again, so they don't have to keep
track of whether they've failed themselves.
We make the return value from the packet routine an enum.
Don't have a separate type for the per-packet routine for "follow" taps;
they're expected to act like tap packet routines, so just use the type
for tap packet routines.
One tap packet routine returned -1; that's not a valid return value, and
wasn't one before this change (the return value was a boolean), so
presume the intent was "don't redraw".
Another tap routine's early return, without doing any work, returned
TRUE; this is presumably an error (no work done, no need to redraw), so
presumably it should be "don't redraw".
Clean up some white space while we're at it.
Change-Id: Ia7d2b717b2cace4b13c2b886e699aa4d79cc82c8
Reviewed-on: https://code.wireshark.org/review/31283
Reviewed-by: Guy Harris <guy@alum.mit.edu>
cmdarg_err() is for reporting errors for command-line programs and
command-line errors in GUI programs; it's not something for any of the
Wireshark libraries to use.
The various routines for parsing numerical command-line arguments are
not for general use, they're just for use when parsing arguments.
Change-Id: I100bd4a55ab8ee4497f41d9651b0c5670e6c1e7f
Reviewed-on: https://code.wireshark.org/review/31281
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The third URL works, but let's go https: for it. The other two don't.
Line-wrap another part of the comment while we're at it.
Change-Id: I744770c859b317ace2a71e82f86e2419b6d7ef2b
Reviewed-on: https://code.wireshark.org/review/31276
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(Thanks for killing off a bunch of comment mechanisms, not saving the
old comments and placing them somewhere useful, and not even allowing
the Wayback Machine to archive at least some of those sites, Microsoft.)
Change-Id: Ie4258250a0176a56ee33be77604acf43c6886e0f
Reviewed-on: https://code.wireshark.org/review/31274
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Class TrafficTableTreeWidget is used by the conversation and enpoint
dialogs, both of which are subclasses of WiresharkDialog.
Those dialogs use WiresharkDialog::registerTapListener() to register tap
listeners. When the dialog is closed, those listeners are removed by
WiresharkDialog::removeTapListeners().
TrafficTableTreeWidget's destructor tries to remove its tap listener a
2nd time after WiresharkDialog did its cleanup. This causes warnings
Warn remove_tap_listener(): no listener found with that tap data
Don't call remove_tap_listener() from TrafficTableTreeWidget's
destructor. The destructor is now empty and can be removed completely.
Change-Id: I3143fa1c5116203f4a0be791bd4c5f08135aefb0
Reviewed-on: https://code.wireshark.org/review/31259
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add interface name (colon delimited) to SP_DROPS ('D') message so when dropped
packets are outputted, they include the interface name for clarity.
Bug: 13498
Change-Id: I68cdde4f20a574580f089dc5096d815cde5d3357
Reviewed-on: https://code.wireshark.org/review/31218
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Extcap utilities can be Python scripts. Show the files as URLs and
allow double click to open.
Change-Id: I214caa2683896b89fbe6243562eee9b12d4ae217
Reviewed-on: https://code.wireshark.org/review/31221
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
No yet available at 100% (35,8%) but work in progress...
Change-Id: I3d0d861037abe5e5f2611f95ac27ad42c8d20c47
Reviewed-on: https://code.wireshark.org/review/31158
Reviewed-by: Anders Broman <a.broman58@gmail.com>
No yet available at 100% (57,05%) but work in progress...
Change-Id: I3fa95c49003aa6fd5183d24fe76b721520a44ba0
Reviewed-on: https://code.wireshark.org/review/31157
Reviewed-by: Anders Broman <a.broman58@gmail.com>
QTextEdit supports the scrollbar. The drawback of having a scrollbar
is that we need to remove the space (on the right, at least). This change
switches from QLabel to QTextBrowser and removes the empty spaces and the
horizontal layout (not needed anymore). The resulting look is a mix
from the Authors tab and original look.
While on it, the default height has been increased to make room for the full
message (not needing the scrollbar with the defualt message) and the link
to the wireshark site has been made clickable.
Bug: 15375
Change-Id: Id0a10f366c0797c98264d3a1cad58a4dc11467e3
Reviewed-on: https://code.wireshark.org/review/31153
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When TimeShiftDialog is used, it should trigger the need to save the packet capture.
Ping-Bug: 14306
Change-Id: Ia0dfbefdabcb9d759b5ed2ce897637f9727d0768
Reviewed-on: https://code.wireshark.org/review/31057
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I1fde99f9c2f282ec4709a04bcb8dcdf7bbbc72a8
Reviewed-on: https://code.wireshark.org/review/31152
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Write the "Packet list column pixel widths" preference value in a
format that is both more human friendly and is more consistent with
other similarly formatted multivalued preference values.
From this ...
> # Packet list column pixel widths.
> # Each pair of strings consists of a column format and its pixel width.
> column.width: %m, 75, %t, 72, %s, 113, %d, 113, %p, 92, %L, 82, %i, 475
To this ...
> # Packet list column pixel widths.
> # Each pair of strings consists of a column format and its pixel width.
> column.width:
> %m, 75,
> %t, 72,
> %s, 113,
> %d, 113,
> %p, 92,
> %L, 82,
> %i, 475
The preference reading code already accepts this new format.
Change-Id: Id731ec81e8ebf87ecfb268e48dfeaa96d8e00668
Reviewed-on: https://code.wireshark.org/review/31140
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In ModulePreferencesScrollArea we create QPushButtons that open modal
UAT and file dialogs. Open them via the "clicked" signal instead of
the "pressed" signal. "clicked" is a general activation signal that
fires after the mouse button has been clicked+released or a keyboard
event. "pressed" fires before "released" and can be problematic in
some cases.
Bug: 15366
Change-Id: Icb353d86ae0a4b4b97e5f63df791ec562070756d
Reviewed-on: https://code.wireshark.org/review/31123
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Free the wspstat_t only after freeing the hash table contained in it.
Change-Id: I2aa31d74b6d0f86e5404a9b614fee8a3f6708938
Ping-Bug: 15365
Reviewed-on: https://code.wireshark.org/review/31108
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It really shouldn't free the comment passed to it, as the caller
allocated it, and knows how to free it if necessary; it might not even
have been allocated.
Make the comment argument a "const char *" to 1) allow passing string
constants etc. and 2) to catch any attempts to free it in
exp_pdu_open().
Make the callers free it after exp_pdu_open() returns.
(Alternatively, we could have exp_pdu_open() take the file name argument
and generate the comment itself, so that all code paths generate the
same comment.)
Change-Id: I6e6924b05565761b641a6c3b4d9a2e97f4264e1b
Ping-Bug: 15365
Reviewed-on: https://code.wireshark.org/review/31105
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There's no guarantee that sp->filter is non-null; if it's null, that
means there's no filter.
Bug: 15369
Change-Id: I2a61db2e134aa70d30c2265b63aabf99c35e362e
Reviewed-on: https://code.wireshark.org/review/31096
Reviewed-by: Guy Harris <guy@alum.mit.edu>
On Windows, filename strings inside Wireshark are UTF-8 strings, so
error messages containing file names are UTF-8 strings. Convert from
UTF-8, not from the local code page.
Bug: 15367
Change-Id: I52f3de2606ec6a592e7cb82b1a9aaeeef8acecef
Reviewed-on: https://code.wireshark.org/review/31090
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When creating the temporary capture file to store the imported data in
the file is created with the pcap format. To conform to the change to
using pcapng format by default it is only reasonable to generated a
temporary pcapng format file as well.
Change-Id: I842431c1449751f8f2f3b85a47cab731de794c8a
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/31066
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Id720d7857328c1f464c4568b0a279a864921b031
Reviewed-on: https://code.wireshark.org/review/31052
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Ensure that capture_stat_start always returns a non-NULL if_stat_cache_t
pointer. This keeps InterfaceTreeModel::updateStatistic from repeatedly
running dumpcap when we're unable to gather statistics, e.g. when we
don't have capture permissions.
Bug: 14284
Change-Id: Id408714a934abab2abdee1d4bb5e4bed872af016
Reviewed-on: https://code.wireshark.org/review/31038
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Have a ws_init_version_info() routine that, given an application name
string:
constructs the app-name-and-version-information string, and
saves it;
adds the initial crash information on platforms that support it,
and saves it.
Have show_version() use the saved information and take no arguments.
Add a show_help_header() routine to print the header for --help
command-line options, given a description of the application; it prints
the application name and version information, the description, and the
"See {wireshark.org URL}" line.
Use those routines in various places, including providing the
"application name" string in pcapng SHBs.
Change-Id: I0042a8fcc91aa919ad5c381a8b8674a007ce66df
Reviewed-on: https://code.wireshark.org/review/31029
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The multicast statistics tap provides a continually updating list which the draw function just has to iterate through.
Bug: 15271
Change-Id: I270e7ca9460ec9568756b6c8d98f4f17653c8cad
Reviewed-on: https://code.wireshark.org/review/30976
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Get rid of the IMPORT_MAX_PACKET #define; just directly use
WTAP_MAX_PACKET_SIZE_STANDARD, to match what text2pcap.c does.
Update comments in text2pcap.c and ui/text_import.c to say the maximum
packet size is WTAP_MAX_PACKET_SIZE_STANDARD.
Change-Id: I34118f76426d1416fccf43b2a356ad8d200de19b
Ping-Bug: 15292
Reviewed-on: https://code.wireshark.org/review/30945
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Import size is increased to 256kiB, but tooltip says 64kB.
Adjust text according to limit set bt code.
Change-Id: I586248fd25a96e4ffe0936babc90b4150c14f118
Ping-Bug: 15292
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/30940
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't set the display filter combo's minimum size. This lets us show
more filter expression buttons.
Clear the filter expression toolbar before redrawing it. This gets rid
of a leftover artifact here on macOS.
Change-Id: Iab944e8992caf554e024521df52d0089a4501674
Reviewed-on: https://code.wireshark.org/review/30902
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We don't need it and, if there *is* no pcap.h header, because the pcap
headers aren't installed, it won't compile.
Bug: 15317
Change-Id: Ie2a107f6117aad8f87943cd72269211f13b71142
Reviewed-on: https://code.wireshark.org/review/30883
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The key for the manuf table is 24 bits of the ether addr while the key
for services table needs is a 16 bit port. Store this value directly,
saving some memory and improving startup time by a tiny bit.
Likewise for ipxnet_hash_table and vlan_hash_table. These tables seem
unused though, perhaps it should be removed.
Change-Id: Ide9ffad8e2c9af24afa82adb2e009f32a5f43d38
Reviewed-on: https://code.wireshark.org/review/30756
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use the libwiretap APIs to get lists of all compressed file suffixes or
to get the compressed file suffix for a given compression type.
(The net effect is the same, as the only compression type supported is
gzip, but if any compression types are added in the future, that code
won't need to be changed.)
Change-Id: I7de3b764604d50c4c60b6f20dd16ee87fc00e5b2
Reviewed-on: https://code.wireshark.org/review/30734
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Move all the compressed-file type stuff to wiretap/file_wrappers.c.
Rename wtap_compressed_file_extension() to
wtap_compression_type_extension() for consistency with the other
compression-type-extension routine names.
Move the declarations of the compression-type-extension routines in the
header file.
wtap_compression_type_extension() now returns NULL for
WTAP_UNCOMPRESSED; there's no need to special-case it.
Get rid of the now-unused wtap_compression_type_supported() and
WTAP_NUM_COMPRESSION_TYPES.
Change-Id: Ib93874079bea669a0c87104513dba0d21390455a
Reviewed-on: https://code.wireshark.org/review/30729
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It *should* never happen, but just make sure of that by calling it only
for "open for writing" ("save") dialogs.
Change-Id: I1813f31537c0aa4efdf08c1622db9cb9e7f5ae83
Reviewed-on: https://code.wireshark.org/review/30726
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add wtap_compressed_file_extension(), which returns NULL for
WTAP_UNCOMPRESSED and the appropriate file extension for other
compression types.
Add wtap_compression_type_supported(), which returns TRUE for
WTAP_UNCOMPRESSED and all supported compression types and FALSE
otherwise. ("Supported" means "the code can decompmress files in that
compression format and can write files in that compression format", so
WTAP_GAIP_COMPRESSED is supported iff libwiretap is built with zlib.)
In MainWindow::fileAddExtension, instead of checking for
WTAP_GZIP_COMPRESSED and using ".gz" as the extension, use the extension
returned by wtap_compressed_file_extension() for the compression type.
Change-Id: I47cb0eca8c887ada3562df30b54e76509008180f
Reviewed-on: https://code.wireshark.org/review/30707
Reviewed-by: Guy Harris <guy@alum.mit.edu>
compressed_file_extension shouldn't include the ".", as we insert the
"." before it.
Use it when appending the extension, rather than hardwiring "gz" in two
places.
Change-Id: I89e3ed1df9a8457fdbb6e6386686176816f4671b
Reviewed-on: https://code.wireshark.org/review/30682
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If the file is to be compressed, then:
if the type in which the file is to be written has a set of extensions
it uses, leave the file name alone if it ends with one of those
extensions followed by the extension for the compression type,
otherwise append the default extension for that file type followed by
the extension for the compression type;
if it doesn't, leave the file name alone if it ends with the extension
for the compression type, otherwise append the extension for the
compression type;
otherwise:
if the type in which the file is to be written has a set of extensions
it uses, leave the file name alone if it ends with one of those
extensions, otherwise append the default extension for that file type followed by
the extension for the compression type;
if it doesn't, leave the file name alone if it ends with the extension
for the compression type, otherwise append the extension for the
compression type.
Change-Id: I7c4093af28cc30d579a2ae9faa8f4164b4764001
Reviewed-on: https://code.wireshark.org/review/30681
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I08d45c87c9232edcabfc69d25a773552fe9e0871
Fixes: v2.9.0rc0-2567-g43872a3a0e (""." in version numbers and file names isn't translated into other languages.")
Reviewed-on: https://code.wireshark.org/review/30680
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
"xxx.pcap.gz" is "xxx.pcap.gz" in any language. "3.0.1" is "3.0.1" in
any language.
Change-Id: I231a3f9bd21a3ea5d56a8e410d20b1bc3927540f
Reviewed-on: https://code.wireshark.org/review/30676
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Iabdd87128a2af8c668c0602ea677f71984e64723
Fixes: v2.9.0rc0-2556-gb894c53d5e ("Add an API to get a description of a compression type, and use it.")
Reviewed-on: https://code.wireshark.org/review/30670
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add wtap_compression_type_description(), which returns NULL for
WTAP_UNCOMPRESSED and a descriptive string for other compression types.
Instead of checking for WTAP_GZIP_COMPRESSED and appending "(gzip
compressed)", just pass the compression type to
wtap_compression_type_description() and, if the result is non-null,
append its result, wrapped in parentheses, with a space before the left
parenthesis.
Change-Id: I79a999c7838a883953795d5cbab009966e14b65e
Reviewed-on: https://code.wireshark.org/review/30666
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This:
1) means that we don't have to flag the compression argument with a
comment to indicate what it means (FALSE doesn't obviously say "not
compressed", WTAP_UNCOMPRESSED does);
2) leaves space in the interfaces in question for additional compression
types.
(No, this is not part 1 of an implementation of additional compression
types, it's just an API cleanup. Implementing additional compression
types involves significant work in libwiretap, as well as UI changes to
replace "compress the file" checkboxes with something to indicate *how*
to compress the file, or to always use some other form of compression).
Change-Id: I1d23dc720be10158e6b34f97baa247ba8a537abf
Reviewed-on: https://code.wireshark.org/review/30660
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use it for all the per-file information, including the per-file
link-layer type and the per-file snapshot length.
Change-Id: Id75687c7faa6418a2bfcf7f8198206a9f95db629
Reviewed-on: https://code.wireshark.org/review/30616
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Error:
../ui/alert_box.c: In function ‘cfile_write_failure_alert_box’:
../ui/alert_box.c:359:13: error: this statement may fall through [-Werror=implicit-fallthrough=]
simple_error_message_box(
^~~~~~~~~~~~~~~~~~~~~~~~~
"Frame %u%s has a network type that differs from the network type of earlier packets, which isn't supported in a \"%s\" file.",
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
framenum, in_file_string,
~~~~~~~~~~~~~~~~~~~~~~~~~
wtap_file_type_subtype_string(file_type_subtype));
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../ui/alert_box.c:364:9: note: here
case WTAP_ERR_PACKET_TOO_LARGE:
^~~~
Change-Id: I55464afff5625ae8c587470e417234560c7e606c
Reviewed-on: https://code.wireshark.org/review/30623
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
If, in the process of opening the input file, we determine that it has
packets of more than one link-layer type, we can catch attempts to write
that file to a file of a format that doesn't support more than one
link-layer type at the time we try to open the output file.
If, however, we don't discover that the file has more than one
link-layer type until we've already created the output file - for
example, if we have a pcapng file with a new IDB, with a different
link-layer type from previous IDBs, after packet blocks for the earlier
interfces - we can't catch that until we try to write the packet.
Currently, that causes the packet's data to be written out as is, so the
output file claims it's of the file's link-layer type, causing programs
reading the file to misdissect the packet.
Report WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED on the write attempt
instead, and have a nicer error message for
WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED on a write.
Change-Id: Ic41f2e4367cfe5667eb30c88cc6d3bfe422462f6
Reviewed-on: https://code.wireshark.org/review/30617
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Previously 'tshark -z expert' was failing with abort when a packet
contains a comment
- Add a new comment parameter and update the tshark's manual page
- Add a new comment_level severity and change the default lavel to it.
- Add various 'tshark -z expert' tests
Change-Id: I188317da5e00019b8f2b725f0fe84942f774520f
Reviewed-on: https://code.wireshark.org/review/30610
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have the routines always take a parameters pointer; pass either null or
a pointer to an initialized-to-nothing structure in cases where we were
calling the non-_ng versions.
Change-Id: I23b779d87f3fbd29306ebe1df568852be113d3b2
Reviewed-on: https://code.wireshark.org/review/30590
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Four variants of wtap_dump_open_ng exists, each of them take the same
three parameters for the SHB, IDB and NRB blocks that has to be written
before packets are even written. Similarly, a lot of tools always create
these arguments based on an existing capture file session (wth).
Address the former duplication by creating a new data structure to hold
the arguments. Address the second issue by creating new helper functions
to initialize the parameters based on a wth. This refactoring should
make it easier to add the new Decryption Secrets Block (DSB).
No functional change intended.
Change-Id: I42c019dc1d48a476773459212ca213de91a55684
Reviewed-on: https://code.wireshark.org/review/30578
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Remove "Export SSL Session Keys", "Import/Export Color Filters" and
"Export Raw Bytes" dialogs. These were only used by GTK+ as Qt has its
own implementation.
Change-Id: I0520a0f6e35d0f8a55c58e77f89c5229393c2b23
Reviewed-on: https://code.wireshark.org/review/30559
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the ability to rotate files after a specified number of packets (`-b
packets:NUM`). Move some condition checks to capture_loop_write_packet_cb.
Add `-a packets:NUM` in order to be consistent. It is functionally
equivalent to the `-c` flag.
Add a corresponding "packets" option to the Capture Interfaces dialog
Output tab.
Add initial tests for autostop and ringbuffer conditions.
Change-Id: I66eb968927ed287deb8edb96db96d7c73526c257
Reviewed-on: https://code.wireshark.org/review/30534
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix the build for displaying the tabs wrongly on mac
Change-Id: I58265b7cf9a4758885ef1add13417c42a467be9d
Reviewed-on: https://code.wireshark.org/review/30462
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
To mimic the behaviour we have with remote controls, we
hide the wireless toolbar if it cannot be used, instead
of displaying an empty toolbar with the information that
it is not supported
Change-Id: Iccb0bf78a29a2547adf2290198df8a1bf3450d82
Reviewed-on: https://code.wireshark.org/review/30455
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: I9d81bda8a33c7a07118e8aff2917215c92e870f4
Reviewed-on: https://code.wireshark.org/review/30436
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
When importing a file from hex dump, this change adds a way to
add a custom dummy header. It's an export_pdu header which uses
one single tag: the protocol name. This allows to call directly
a dissector without more dummy headers.
Example: it can be used to call the DNS dissector without fake
eth/ip/udp headers.
Change-Id: I12fd6d09a131acd9bd1f0d7c4c8aefcd0d718b26
Reviewed-on: https://code.wireshark.org/review/30403
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Follow the logic in tools/generate_authors.pl for matching the
Acknowledgements section (which looks for a substring match instead of a
literal string.
Change-Id: I42e1553b6820af3fb2d5b9cda0fa0e6e6ca7e729
Reviewed-on: https://code.wireshark.org/review/30432
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add prefix and postfix "=" to satisfy text splitter to avoid empty text area.
Change-Id: I3c8e4fd4711ea8fcc7bba9583ff3fe5cb06ce4a1
Reviewed-on: https://code.wireshark.org/review/30428
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I5e9025545f9127d1c5c6200844f9b917af975998
Reviewed-on: https://code.wireshark.org/review/28844
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Avoid assuming an export object's row number is consistent throughout,
because the row number can change if the display is filtered or sorted.
Instead, look up the index in the model with mapToSource().
Bug: 14545
Change-Id: I61099dfb4f3abc056417eb7d6ffbc7a988553dd8
Reviewed-on: https://code.wireshark.org/review/30388
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add a preference (enabled by default) that can enable/disable the ability for Wireshark to autocomplete display and capture filter controls.
Bug: 14368
Change-Id: Ib2b688bb75c4465dab14a6a635a870d7e5c4fe80
Reviewed-on: https://code.wireshark.org/review/30320
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Opening the Follow TCP Stream dialog triggers redissection and ended up
triggering a "first <= rowCount(parent)" assertion failure. Fix the
first and end arguments to reflect the actual number of displayed rows.
Bug: 15014
Change-Id: Ic07834948a133bea752e45751ebe8be2da98a35e
Reviewed-on: https://code.wireshark.org/review/30302
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Register the follow_free as a finish callback.
Call the tap's finish callback in free_tap_listener which is called from
both remove_tap_listener and tap_cleanup.
Describe the finish callback in README.tapping
Change-Id: Ie79ce8f39b0ca6d84810d2e3307dcff38b18d3ac
Reviewed-on: https://code.wireshark.org/review/29309
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The purpose of this function is to check if a configuration file exists
and has at least one entry which is not a comment.
Use this when building the list of profiles where the user can copy
configuration from, to avoid listing profiles with empty files or files
with only comments.
Change-Id: If45f52025959818fb1213ffac488cd59441e9fce
Reviewed-on: https://code.wireshark.org/review/30113
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add the pathLabel for Coloring Rules, Decode As, Display Filters
and Capture Filter. Put the absolute file path into the pathLabel
if the file exists. This aligns with UAT dialogs and frames.
Change-Id: I72bd06e31bab220de0a0ef8df99df9a4daed667c
Reviewed-on: https://code.wireshark.org/review/30089
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a new button to UAT frames to copy entries from another profile.
Change-Id: I9decb5ed5d67e97388ee7b22a15cacae4d5a3621
Reviewed-on: https://code.wireshark.org/review/30084
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Refactor CopyFromProfile class from Button to Menu to make it
usable for existing buttons, both QPushButton and QToolButton.
Change-Id: I7d23b4225dbe45f961fb05e73dbb4dd51e6f8ea1
Reviewed-on: https://code.wireshark.org/review/30083
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add a clear all button to easily remove all existing entries.
Change-Id: I76e7ee2b7b85a9b4e5f9f5a788a89f38f70ee8ce
Reviewed-on: https://code.wireshark.org/review/30052
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Call it from wmain() in the command-line tools, passing it the input
argument count and vector, and call it from main() in Wireshark, after
getting a UTF-16 argument vector from passing the result of
GetCommandLineW() to CommandLineToArgvW().
Change-Id: I0e51703c0a6c92f7892d196e700ab437bd702514
Reviewed-on: https://code.wireshark.org/review/30063
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Doing so for command-line programs means that the argument list doesn't
ever get converted to the local code page; converting to the local code
page can mangle file names that *can't* be converted to the local code
page.
Furthermore, code that uses setargv.obj rather than wsetargv.obj has
issues in some versions of Windows 10; see bug 15151.
That means that converting the argument list to UTF-8 is a bit simpler -
we don't need to call GetCommandLineW() or CommandLineToArgvW(), we just
loop over the UTF-16LE argument strings in argv[].
While we're at it, note in Wireshark's main() why we discard argv on
Windows (Qt does the same "convert-to-the-local-code-page" stuff); that
means we *do* need to call GetCommandLineW() and CommandLineToArgvW() in
main() (i.e., we duplicate what Qt's WinMain() does, but converting to
UTF-8 rather than to the local code page).
Change-Id: I35b57c1b658fb3e9b0c685097afe324e9fe98649
Ping-Bug: 15151
Reviewed-on: https://code.wireshark.org/review/30051
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a new button to the IO Graphs dialog to copy entries from
another profile. Add a clear all button to easily remove all
existing entries before copying.
Change-Id: I66cb27163663e5f2223d0dd3f8566f0fbebb553c
Reviewed-on: https://code.wireshark.org/review/30043
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The correct role for the newly introduced copy from profile button is
ActionRole because it "causes changes to the elements within the dialog".
Change-Id: I8613d00c0fdb33f2873e999aea9a54ea1f49dffb
Reviewed-on: https://code.wireshark.org/review/30044
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Call createIOGraph() when adding a new graph by duplicating
an existing to actually create the new graph.
This is a regression from g5b3e3ee5.
Change-Id: If1d8e4386a44dc4867d75fbad2d9ebb2e4b22307
Reviewed-on: https://code.wireshark.org/review/30034
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add 'v' option for VLAN ID resolving and get rid of
deprecated 'C' option.
Bug: 14826
Change-Id: I63104f4a465d251048693ad02882ea7eb2c4d926
Reviewed-on: https://code.wireshark.org/review/30029
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a new button to UAT dialogs to copy entries from another profile.
Change-Id: I641ba764d8738f738466529d74d4a21ff13075a0
Reviewed-on: https://code.wireshark.org/review/30028
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add a new button to the Coloring Rules dialog to copy entries from
another profile, or system defaults. The "copy from profile" button
will also be used for other dialogs.
Add a clear all button to easily remove all existing entries before
importing or copying from another profile.
Change-Id: Ia1e66444731018372b4354164c5a722fd73d403b
Reviewed-on: https://code.wireshark.org/review/30008
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The Configuration Profiles dialog shows global profiles in Italic.
Align the profiles popup menu to also do this.
Change-Id: Ifc22f1bb905cd407682adbdc5e4cbee4c42cb961
Reviewed-on: https://code.wireshark.org/review/29989
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
If ByteViewTab is related to a use-after-free crash, then the issue is
probably related to the backing buffer becoming invalid. Document this.
Change-Id: I7f7c8daaf86b42f00b7886de54507d425e5312f6
Reviewed-on: https://code.wireshark.org/review/29924
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Check for enabling the clear button when loading a UatDialog.
Also move setting enabled property to false for deleteToolButton,
copyToolButton, moveUpToolButton, moveDownToolButton and clearToolButton
to uat_dialog.ui.
Change-Id: I1ff3ed9906eb541e929297b34abcce2bee4a062c
Reviewed-on: https://code.wireshark.org/review/29953
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Default set enabled property to false for deleteToolButton and
copyToolButton because no item is selected.
Change-Id: I99bfb572abb9bc38cbf49c6b1fabdeefac4f8d90
Reviewed-on: https://code.wireshark.org/review/29951
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Default set enabled property to false for deleteToolButton and
copyToolButton because no item is selected.
Change-Id: I6ead2fa17cf1fd5bc165526fb76d104af6d5234d
Reviewed-on: https://code.wireshark.org/review/29949
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
To prevent potential interference with other users of the capture file,
read data in a private buffer instead of reusing the one from capFile.
Change-Id: I6d689440e0cc13ef522e874fd8e5795a97a6aca7
Reviewed-on: https://code.wireshark.org/review/29922
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
To prevent potential interference with other users of the capture file,
read data in a private buffer instead of reusing the one from capFile.
An accidental (?) change in commit v2.9.0rc0-2001-g123bcb0362 resulted
in "cf_read_record" reallocating the capture_file->buf buffer. That
issue combined with the current behavior would result in a crash when
ignoring a packet followed by two times opening a context menu:
==32187==ERROR: AddressSanitizer: heap-use-after-free on address 0x7fda91642800 at pc 0x55a98f3faaa7 bp 0x7fffa2807860 sp 0x7fffa2807858
READ of size 1 at 0x7fda91642800 thread T0
#0 0x55a98f3faaa6 in QByteArray::operator[](int) const /usr/include/qt/QtCore/qbytearray.h:476:47
#1 0x55a9901006eb in ByteViewText::drawLine(QPainter*, int, int) ui/qt/widgets/byte_view_text.cpp:370:35
#2 0x55a9900fd109 in ByteViewText::paintEvent(QPaintEvent*) ui/qt/widgets/byte_view_text.cpp:217:9
...
#50 0x55a98e9fd32a in PacketList::contextMenuEvent(QContextMenuEvent*) ui/qt/packet_list.cpp:614:15
...
0x7fda91642800 is located 0 bytes inside of 3038371-byte region [0x7fda91642800,0x7fda919284a3)
freed by thread T0 here:
#0 0x55a98e65fd99 in __interceptor_realloc (run/wireshark+0x1019d99)
#1 0x7fdac6e1bb88 in g_realloc /build/src/glib/glib/gmem.c:164
#2 0x7fdaac12c908 in wtap_read_packet_bytes wiretap/wtap.c:1368:2
#3 0x7fdaabf01e5a in libpcap_read_packet wiretap/libpcap.c:789:7
#4 0x7fdaabef887d in libpcap_seek_read wiretap/libpcap.c:690:7
#5 0x7fdaac12d5f5 in wtap_seek_read wiretap/wtap.c:1431:7
#6 0x55a98e6c8611 in cf_read_record_r file.c:1566:8
#7 0x55a98e6c88c5 in cf_read_record file.c:1576:10
#8 0x55a98ea0b725 in PacketList::getFilterFromRowAndColumn() ui/qt/packet_list.cpp:1041:14
#9 0x55a98e94e4a1 in MainWindow::setMenusForSelectedPacket() ui/qt/main_window_slots.cpp:1175:39
previously allocated by thread T0 here:
#0 0x55a98e65fd99 in __interceptor_realloc (run/wireshark+0x1019d99)
#1 0x7fdac6e1bb88 in g_realloc /build/src/glib/glib/gmem.c:164
#2 0x7fdaac12c908 in wtap_read_packet_bytes wiretap/wtap.c:1368:2
#3 0x7fdaabf01e5a in libpcap_read_packet wiretap/libpcap.c:789:7
#4 0x7fdaabef887d in libpcap_seek_read wiretap/libpcap.c:690:7
#5 0x7fdaac12d5f5 in wtap_seek_read wiretap/wtap.c:1431:7
#6 0x55a98e6c8611 in cf_read_record_r file.c:1566:8
#7 0x55a98e6c88c5 in cf_read_record file.c:1576:10
#8 0x55a98e6e0bde in cf_select_packet file.c:3777:8
#9 0x55a98e9ea2ff in PacketList::selectionChanged(QItemSelection const&, QItemSelection const&) ui/qt/packet_list.cpp:420:9
This should be fixed now by I4f1264a406a28c79491dcd77c552193bf3cdf62d,
but let's avoid the shared buffer. It's not exactly a hot code path
anyway.
Change-Id: I548d7293a822601f4eb882672477540f066a066b
Reviewed-on: https://code.wireshark.org/review/29921
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We initialized it, but only cleaned it up in an error code path, not in
the regular code path. That could leak memory.
Change-Id: Ic6689163ca58990fa5091b23e7ab2e0292eed76c
Reviewed-on: https://code.wireshark.org/review/29930
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We initialized it, but only cleaned it up in an error code path, not in
the regular code path. That could leak memory.
Change-Id: Icb5aa5b1a2df8919d8a4e54d88a5d865320bd279
Reviewed-on: https://code.wireshark.org/review/29929
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Let QByteArray own the memory instead of wmem to allow memory to be
released earlier.
Change-Id: Ibf6d1a56120d30daea76924b8006480854dcfbd3
Reviewed-on: https://code.wireshark.org/review/29923
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Show the warning about unknown colorfilters being disabled when
opening the "Coloring Rules..." dialog to make the user aware of
this before starting editing the rules.
The user may have corrected the filter and enabled it while having
the dialog open, and then this warning would be misleading.
Change-Id: Ic7f10495e5561bc2fea413c89cf9ebd187c8f113
Reviewed-on: https://code.wireshark.org/review/29909
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Make them obsolete preferences; if they had any use, it was with the
now-removed GTK+ UI.
Change-Id: I2b514148c8066c5c79cb402493f47a21d3679819
Reviewed-on: https://code.wireshark.org/review/29912
Reviewed-by: Guy Harris <guy@alum.mit.edu>
They're no longer used by any of the printing code; mark them as
obsolete.
Change-Id: Iceaf14f48f1bd35757a9a158a5348f6202b90fc7
Reviewed-on: https://code.wireshark.org/review/29911
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Rename packet-ssl{,-utils}.[ch] to packet-tls{,-utils}.[ch].
Change-Id: I4732162ec131ddf0734b3dd191ccc9e48a76ce06
Reviewed-on: https://code.wireshark.org/review/29659
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In the about dialog, create directories within the folders tab
if the user wants them to open and they do not exist yet
Change-Id: Ia95692dabef92392714c329c868abc78e3bcec6e
Reviewed-on: https://code.wireshark.org/review/29782
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The recently introduced %F in custom window title is empty when no
capture file is loaded. Check for this to avoid having a trailing
UTF8_EM_DASH or "[]" in the title.
Change-Id: I5fb0832a2898501cb128bd52b22a4dc5f3ad4f4e
Reviewed-on: https://code.wireshark.org/review/29800
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rename the "ssl" protocol to "tls" and add an "ssl" alias. Prefer "TLS"
over "SSL" in user interface text and in the documentation.
Fix the test_tls_master_secret test while we're here.
Bug: 14922
Change-Id: Iab6ba2c7c4c0f8f6dd0f6d5d90fac5e9486612f8
Reviewed-on: https://code.wireshark.org/review/29649
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Replace $HOME with ~ in window title %F variable.
Optimize code to check if variable is used before doing replacement.
Change-Id: I95ef8505e50379d98fdb1661e09394d1ded7ecca
Reviewed-on: https://code.wireshark.org/review/29597
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add some new variables to be used in custom window title.
%F = file path of the capture file
%S = a conditional separator (" - ") that only shows when surrounded
by variables with values or static text
Change-Id: I20a60a3018cc86236f4991030eadb7f51681cc32
Reviewed-on: https://code.wireshark.org/review/29534
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
When legacy filter expressions preferences are present, be sure to
(1) save the dfilter_buttons file when updating the preferences file and
(2) save the preferences file after updating the dfilter_buttons file.
Without doing (1), the old buttons will be lost. Without (2), restarting
Wireshark will result in duplicate buttons. Only write the files if the
user actually made other changes to avoid breaking profiles by just
opening Wireshark.
Bug: 15114
Bug: 15121
Change-Id: I5b9417c34146c4450526781a20308c9c98fb44a1
Reviewed-on: https://code.wireshark.org/review/29488
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Always restore column visibility when loading packets to avoid some
situations where the column hidden state was incorrect.
This fixes the following scenario:
- Apply a column and hide it using the column popup menu
- Apply another column and remove it using the column popup menu
- Close and reopen the capture file
- Observe the hidden column is shown, but with wrong width
Change-Id: I00531907b2383c6605a2d62e8243092906037d0c
Reviewed-on: https://code.wireshark.org/review/29516
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This also avoids issues if this isn't called in packet scope.
Change-Id: I7dbf5b49c9f7c1b442a1104156b004b339076c26
Reviewed-on: https://code.wireshark.org/review/29527
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- It cannot support IPv6.
- Non-standard use (specifically recommended against in the RFCs)
of the IPv4 fragment ID field.
- Has a narrow and non-obvious use case, IMO.
- It is not supported in the Qt GUI.
- Significant maintenance burden for an obscure feature.
Change-Id: Icaf429269dc42f78c38b8d20001508132499faf8
Reviewed-on: https://code.wireshark.org/review/29239
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Some older versions of Clang appear to think dividing a float by a
64-bit integer is narrowing 64 bits to 32 bits.
Change-Id: Ie3148ee6d5d5d0810d01e7d985b8e4320dacf565
Reviewed-on: https://code.wireshark.org/review/29518
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Adding the null check fixes a bug that made wireshark crash
when right clicking a subtree which doesn't have any preferences
and if none of the parents had one either.
The problem was introduced in commit 589413d877
Change-Id: Ia5bbae0a58298f3e9d912e44f33589da1cbfacc9
Reviewed-on: https://code.wireshark.org/review/29455
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The g_base64_decode_inplace() does not handle zero length string
so add a guard for this before calling.
Bug: 15113
Change-Id: I89fa17dd62af238f4282835c317e5c8be6e0c8a1
Reviewed-on: https://code.wireshark.org/review/29428
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Replace ws_base64_decode_inplace() with g_base64_decode_inplace()
or g_base64_decode(), which was introduced in glib 2.12.
The only observed difference is a need for zero-terminate the buffer
after decoding.
Change-Id: Ia102d0d8e9bec575ffeddf448191a3f6de9fb1ed
Reviewed-on: https://code.wireshark.org/review/29382
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This setting was only used in GTK.
Change-Id: If184c61e4e081992e517f480b4faf129b81508c1
Reviewed-on: https://code.wireshark.org/review/29388
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
A ByteViewTab with 0 bytes is not useful, but may happen.
The crash could be reproduced with the following Lua code:
local t = ByteArray.new():tvb()
Change-Id: I256fd7fc2b91aa3c1161c46558c647308a3d564b
Reviewed-on: https://code.wireshark.org/review/29383
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The Lua fake item will not give preferences for the last protocol
in the packet, so avoid this. The Lua fake item is always added when
having a Lua post-dissector, even if the post-dissector does not add
any elements to the tree.
Change-Id: I43427bf522a32feebd44f192888e73b5607e6fff
Reviewed-on: https://code.wireshark.org/review/29377
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The special-case "text only" header field will not give preferences for the
selected protocol, so we have to traverse the parents to get a usable node.
Change-Id: I647f275839db337dedaeb67664402af1fe9f21c1
Reviewed-on: https://code.wireshark.org/review/29363
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for aliasing one protocol name to another and for filtering
using aliased fields. Mark aliased fields as deprecated.
Rename the BOOTP dissector to DHCP and alias "bootp" to "dhcp". This
lets you use both "dhcp.type" and "bootp.type" as display filter fields
without having to duplicate all 500+ DHCP/BOOTP fields.
To do:
- Add checks to proto.c:check_valid_filter_name_or_fail?
- Transition SSL to TLS.
- Rename packet-bootp.c to packet-dhcp.c?
Change-Id: I29977859995e8347d80b8e83f1618db441b10279
Ping-Bug: 14922
Reviewed-on: https://code.wireshark.org/review/29327
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We are exporting a registration function from libwireshark just
to have it passed back as a callback. Seems unnecessary.
Change-Id: I7621005c9be11691d319102326824c5e3520a6f3
Reviewed-on: https://code.wireshark.org/review/29328
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
The hint label in Show Packet Bytes shows information about the selected
field, and the user should be able to select this text using the mouse.
Change-Id: Ic969dbd07cb1fcd61d0e8f777692523a0fc5850b
Reviewed-on: https://code.wireshark.org/review/29259
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Boolean field types will default to tfs_true_false if not having
a TFS set, so this should always be enabled for resolve.
Remove FT_FRAMENUM from this check because they will probably never
have a TFS or VALS setting.
Change-Id: I6295f8b7c9db7295eab1750e9c2cf0ee7382d43d
Reviewed-on: https://code.wireshark.org/review/29218
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Internals menu items were moved under the View menu a while back.
Fix an internals dialog title.
Change-Id: I78d61bf4f52bf9eb86cf7ff59fc036b9f7e846f5
Reviewed-on: https://code.wireshark.org/review/29228
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Ensure we remove the info status for a selected field when closing
a capture file to bring the text back to "Ready to load or capture".
Change-Id: I2946675b2c0bc47cb8c05c1d391ff8a0875e8c7f
Reviewed-on: https://code.wireshark.org/review/29216
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Store the association id instead of a pointer to the volatile
"sctp_assoc_info_t" structure because it gets freed after a rescan.
Bug: 14970
Change-Id: Id8fe2dfe3549bd711fc8ddef0770b217e83c2088
Fixes: v1.11.3-rc1-604-g796bf409b0 ("Add dialogs and graphs to analyse SCTP behavior similar to the GTK version.")
Reviewed-on: https://code.wireshark.org/review/28711
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Allocate the exp_pdu_data using the wmem_packet_scope allocator so the
epan_dissect_run_with_taps will free it after calling all registered tap
listeners.
valgrind --tool=memcheck --leak-check=full ./run/tshark -r sctp.pcap -U "OSI layer 3" -w exported.pcap
32 bytes in 1 blocks are definitely lost in loss record 48 of 76
at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
by 0xB3FC3C5: g_malloc (gmem.c:99)
by 0x68C2BE1: export_pdu_create_tags (exported_pdu.c:251)
by 0x68C2D5E: export_pdu_create_common_tags (exported_pdu.c:231)
by 0x70AA54E: create_exp_pdu_proto_name (packet-sctp.c:3240)
by 0x70AA54E: export_sctp_data_chunk.part.23 (packet-sctp.c:3268)
by 0x70AB76B: export_sctp_data_chunk (packet-sctp.c:3256)
by 0x70AB76B: dissect_data_chunk (packet-sctp.c:3509)
Change-Id: I6e247ab2861bbb053f0958faf253913b28dbcbeb
Reviewed-on: https://code.wireshark.org/review/29126
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
capture_opts_add_iface_opt(), when called in a program acting as a
capture child, will fetch the description for the interface, and will
also generate a "display name" for the interface.
In the process, we clean up capture_opts_add_iface_opt() a bit,
combining duplicate code.
We rename console_display_name to just display_name, as it may also be
used in the title bar of Wireshark when capturing.
Change-Id: Ifd18955bb3cb41df4c0ed4362d4854068c825b96
Reviewed-on: https://code.wireshark.org/review/29117
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's only used there, so move it there.
Change-Id: I68472150e020ba94166782e3e4c08cba94c0f9ee
Reviewed-on: https://code.wireshark.org/review/29114
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Rename some of the columns - IFTREE_COL_NAME is the interface name,
IFTREE_COL_DESCRIPTION is the description/friendly name, and a new
IFTREE_COL_DISPLAY_NAME column is the display name (which may include
both the description and the interface name). Rename
IFTREE_COL_INTERFACE_COMMENT to just IFTREE_COL_COMMENT - there's no
*other* type of comment, and "IF" is short for "interface".
In the interface frame, use IFTREE_COL_DISPLAY_NAME, as that's the only
column that shows both and thus has something for all interfaces.
In the "Manage interfaces" dialog, put the description before the
interface name, as it was in earlier versions.
Change-Id: If0d959dcd4ca99913c941df00621da3c478233f6
Reviewed-on: https://code.wireshark.org/review/29090
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't show the display name, as that may include either the interface
name, which is already in another column, or the column comment, which
is also already in another column.
Change-Id: I12f81d9e4579b82267062bb5e4e745925ed382b7
Reviewed-on: https://code.wireshark.org/review/29087
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Windows is not the only OS with "friendly" names for interfaces; macOS
has them as well, and some *BSDs let you tag interfaces with names as
well.
The column headings for the "Interface Name" and the "Friendly Name"
were backwards.
Change-Id: I72543505cec9d479d8ab8aab3850daab3667805f
Reviewed-on: https://code.wireshark.org/review/29082
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's not a set of command-line options, it's information that's used
when showing summary information about the interface.
Change-Id: Ie1c3d998a3cc7cd8b54945186098ebae726cef11
Reviewed-on: https://code.wireshark.org/review/29070
Reviewed-by: Guy Harris <guy@alum.mit.edu>
253 (8 direct, 245 indirect) bytes in 1 blocks are definitely lost in loss record 87 of 93
at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
by 0xBC4B3C5: g_malloc (gmem.c:99)
by 0x13E225: exp_pdu_open (tap_export_pdu.c:128)
372 (40 direct, 332 indirect) bytes in 1 blocks are definitely lost in loss record 88 of 93
at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
by 0xBC4B3C5: g_malloc (gmem.c:99)
by 0xBC62FF6: g_slice_alloc (gslice.c:1025)
by 0xBC16984: g_array_sized_new (garray.c:194)
by 0x13E143: exp_pdu_open (tap_export_pdu.c:93)
Change-Id: I24a3cec1dc4491032232c282b01fea04a23872b3
Reviewed-on: https://code.wireshark.org/review/28934
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When the SCTP association contains a single DATA/SACK chunk in direction
the max and min TSN values are equal and as a result the Y axis range is
(maxTSN, maxTSN) or (0, 0) and the dots for the TSN are not visible
To fix this always set the Y axis maximum to maxTSN + 1 similar to the X
axis maximum of max_secs + 1
Also removed one unused local variable
Change-Id: Id38eb4dbd13a8ebbba98d4df00f3707331bd1464
Reviewed-on: https://code.wireshark.org/review/28862
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When the capture does not contains SCTP INIT and INAT_ACK packets the
startArwnd value is 0 (not set) and as a result the Y axis range is
(0,0) and the dots are not visible
Change-Id: Iafb1981e62f28fe09b106138836c866d0dbebb27
Reviewed-on: https://code.wireshark.org/review/28861
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Explain some of the magic numbers and other parts of the sparkline code.
Change-Id: Idfad30e773bd852ac021326467cf03ada91f6efc
Reviewed-on: https://code.wireshark.org/review/28874
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Those two members are leftovers from the gtk interface where a single
button was used. Current Qt interface uses three buttons so those two
members are no longer needed.
Change-Id: I10e8c6aa887582e21ceec87bc3021a49abcc34dd
Reviewed-on: https://code.wireshark.org/review/28834
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Every time the graph is redrawn new items are added to the vectors but
these items are never removed and the used memory increase over time
which for larger captures could be problematic.
Change-Id: I5f029d5f48e215aacf4a69fb7aef348d16df9846
Reviewed-on: https://code.wireshark.org/review/28782
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Remove MainWindow::createByteViewDialog, which was called once and
contained one line.
Change-Id: Ibe03db2c527b0a817d8b99df87d161405805bac3
Reviewed-on: https://code.wireshark.org/review/28733
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
QCustomPlot 1.3.1 includes a fix for a crash ("Fixed potential crash in
QCPGraph::pointDistance if getScatterPlotData returns empty list").
Full changelog: http://www.qcustomplot.com/release/1.3.2/changelog.txt
The new files are based on QCustomPlot-source.tar.gz (1.3.2) with
Alexis' typo and license header changes from v1.99.2rc0-479-gc411029a3c
("Update to QCustomPlot 1.3.0") applied. All successive Wireshark
patches up to v2.5.0rc0-854-g6f28f1a59e ("Fix MacOS build") were
applied. The Retina patches ("Fix QCustmPlot retina problems." and "QCP:
Fix retina label calculations.") gave conflicts due contextual changes
which I resolved by renaming newCachedLabel to cachedLabel (following
the change in upstream commit baaad24706187f5be0a68011c780b51c4de11558).
Bug: 14971
Change-Id: I5012cb5a867891b466cbf1898fe4c28cbd11ba20
Reviewed-on: https://code.wireshark.org/review/28732
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Construct MainWindow::df_combo_box_ in our initializer list, otherwise
anything that triggers a resizeEvent early on might result in an NPE.
Wait until everything is in place before calling setMinimumWidth.
Bug: 14979
Change-Id: I78b349f9c3ea53d8b1399a77169bbbd0a4a69191
Reviewed-on: https://code.wireshark.org/review/28728
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Ensure that columns with numbers are sorted according to their numeric
value instead of their alphabetical order.
Bug: 11460
Change-Id: I6ccfb9d3699c7e95de4ed31eb9424c5687661593
Reviewed-on: https://code.wireshark.org/review/28652
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For formats other than "Raw" and "UTF-8", the written file does not
match the actual stream data. It would be duplicated in strange ways.
Executing the "Save As" action twice while the dialog is open would also
write two different files (huh?).
As a quick fix, just replace the strange save logic by writing the text
field contents. A functional difference is that previously it would
write data while parsing the "follow data" list, now it uses the text
field contents. That data will now be truncated after 500 MB.
Bug: 14933
Change-Id: I498676389d0da3ac070346d6903bd2e6b0fc7674
Fixes: v1.11.0-rc1-2538-g80f9326b2f ("Add TCP/UDP/SSL Follow feature to QtShark")
Reviewed-on: https://code.wireshark.org/review/28663
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It strips off all suffixes, which is not useful behavior; it assumes
that nobody uses "." for any purpose other than separating a file name
from an extension - 1994 called, they want their version of Windows
back (and UN*X called, too...).
For the "Saving XXX" status bar message, just use the entire last
component of the file name.
Change-Id: Ib34fde3e49cd791c7baf333eebb71a8dbd672c19
Reviewed-on: https://code.wireshark.org/review/28638
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Strip off only extensions that correspond to file types we know about;
QFileInfo::baseName() strips off *all* extensions, where "extension" is
"anything preceded by a .", so it turns foo.bar.pcap.gz into foo, not
foo.bar. We don't want that; instead, we strip off only those
extensions that correspond to file types we know how to read, so we'd
strip off .pcap.gz in foo.bar.pcap.gz, and strip off .pcap in
foo.bar.pcap, leaving foo.bar in both cases.
Change-Id: I5385921ad2f0fef815d52e9902fef15735fd9dae
Reviewed-on: https://code.wireshark.org/review/28636
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When switching from ASCII to other modes (such as Hex), the previous
text to packet number mapping was not cleared. This resulted in
using the wrong packet number when hovering over the packet data.
Change-Id: I29ba1786925490c33fc9181373a31d51f5091642
Reviewed-on: https://code.wireshark.org/review/28614
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reverse the payload chunks list to achieve a running time of O(n) rather
than O(n²) for insertion of all chunks. Executing a RelWithDebInfo+ASAN
build with `tshark -r chargen-session.pcapng.gz -qz follow,tcp,hex,0`
previously took 11m5s to complete, but now finishes in 16 seconds.
Tested using a capture file with 152k TCP packets (from bug 11777).
Backport note: must update ui/gtk/follow_stream.c too.
Change-Id: Icf70d45f33d4399e53209fb6199d3809608c8d99
Reviewed-on: https://code.wireshark.org/review/28595
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For example, if the file is foo.pcap, make the default name for a saved
PDF of some graph be foo.pdf, as it was prior to 2.6, not foo.pcap.pdf.
Change-Id: Ide99c9c7fa1f3d16f829e731f968a209fbb52b8d
Reviewed-on: https://code.wireshark.org/review/28624
Reviewed-by: Guy Harris <guy@alum.mit.edu>
While we're at it, sort some method declarations and definitions, to
group the top-level summary/details/bytes yes/no options together, with
two groups of suboptions for summary and details below.
Bug: 14945
Change-Id: Id06dd64e44b18b13e2131482edef46aee3efbd63
Reviewed-on: https://code.wireshark.org/review/28620
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For filePath() and fileName(), just return a null string if we can't
convert from the native encoding to UTF-8 - those aren't used for
displaying, those are used for setting the main window's file name and
for generating names of files to save based on the capture file name.
Have fileDisplayName() just return the display name, without
"[closing]"/"[closed]" decoration or a special case for no file being
open (just return a null string if there's no file open), and have
fileTitle() return the decorated display name.
Change-Id: I244f318d5444dcf58527e5d38c4d073c28b73810
Reviewed-on: https://code.wireshark.org/review/28594
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That more closely matches the name of the file.h routine that it uses.
Change-Id: Ia206fb8331f4f3ad8035da9f6137ad2428d53a49
Reviewed-on: https://code.wireshark.org/review/28589
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That's needed to support the "proxy icon", so it can be dragged.
Change-Id: I1ad209cd43a2a6df9c52d076f6513780b0ac51be
Reviewed-on: https://code.wireshark.org/review/28587
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It now does the heavy lifting, so MainWindow::setTitlebarForCaptureFile()
doesn't have to duplicate it.
Change-Id: I97ded85306e625b2c67c3fde62a636ec6818a6f5
Reviewed-on: https://code.wireshark.org/review/28586
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't use CaptureFile.fileTitle() if you're constructing a pathname; use
it only if you're constructing a window title.
Change-Id: I40f225ddb07be2f7dc3ae03108dae816846f20c7
Reviewed-on: https://code.wireshark.org/review/28582
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For dialogs and auxiliary windows, if we have a live capture that hasn't
yet been saved to a permanent location, there's no good reason to show
the temporary file name in the title bar, as:
it's a random string that doesn't indicate where the capture was done
and that could confuse people (see, for example, the confusion in bug
14929, in which somebody referred to the "Follow TCP Stream" window as
the ".pcap dialog" because its title had ".pcap" at the end, due to
the capture file being a temporary file and its name showing up in the
title bar of that window);
it differs from what the main window title bar shows.
While we're at it, don't assume that the file name in the capture_file
structure is a UTF-8 string - some UN*Xes might not use UTF-8 for file
names.
Change-Id: I0d3dfd5d7f896ea37533daf7089b688710dbabf0
Reviewed-on: https://code.wireshark.org/review/28581
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Closing a capture file while it is being loaded will result in a crash.
As a workaround, disallow closing the capture file. The requested action
(e.g. MainWindow::openCaptureFile) will be silently ignored.
While at it, protect process_specified_records (called when saving
files) similarly to cf_read and fix a crash that occurs when a capture
from the Capture Dialog is started while a file is being loaded:
file.c:360:cf_close: assertion failed: (cf->state != FILE_READ_IN_PROGRESS)
Bug: 10870 # moving rapidly between large files in a file set
Bug: 13594 # start capture while loading/saving file
Bug: 14351 # open another file while loading file
Change-Id: I6ce8f3163c3fa4869f0299e49909a32594326ce4
Reviewed-on: https://code.wireshark.org/review/28541
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That makes it clearer that it's not a string, and avoids some type
complaints from change Ida7b98af8c44a52ddac2c4ab0702db2519a0c4af.
Update a comment while we're at it.
Change-Id: I6737bb2a7ff3b4d461700c641cb580194f7809e7
Reviewed-on: https://code.wireshark.org/review/28572
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That makes it clearer that it's not a string, and avoids some type
complaints from change Ida7b98af8c44a52ddac2c4ab0702db2519a0c4af.
Update a comment while we're at it.
Change-Id: Idba56f38d58d87f73aee41a11195371021a1328d
Reviewed-on: https://code.wireshark.org/review/28571
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove -DBUILD_WINDOWS and sections of code that we no longer use.
Bug: 14715
Change-Id: Iae1a950e2f52f4ce45fcf0ae5dea06c1172c3a28
Reviewed-on: https://code.wireshark.org/review/28466
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
When dragging on the wrong position in the toolbar, wireshark
crashes
Change-Id: I756e9caebc844d32e99e9fd3e338a872986b9e96
Reviewed-on: https://code.wireshark.org/review/28458
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
If the packet-testing expression for a coloring rule is set to an
invalid expression, disable the filter; this should provide at least
*some* indication to the user that it's not valid, although we should
really pop up a dialog or something - the little small-type notice below
the list of filters is *really* not all that obvious.
Ping-Bug: 14906
Change-Id: I3c036c3509520913db0a64c30bc1c57c0c7667bc
Reviewed-on: https://code.wireshark.org/review/28444
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fix the prepare possibility of applying a display filter button
Change-Id: I85364b40272139f0d0c69a2735a876a3a5f5db7a
Reviewed-on: https://code.wireshark.org/review/28440
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Remove all filter toolbar related stuff into a separate class
and away from MainWindow
Change-Id: I36d937be6c2686b16a8d494213dc740d8d28efcb
Reviewed-on: https://code.wireshark.org/review/28432
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
*rtp_stream* -> rtpstream to follow common name
Change-Id: I381bc1cdb8206c5cfe67e94dd7fb1a5cb25f9c16
Reviewed-on: https://code.wireshark.org/review/28394
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move the standard C includes up to the top, while we're at it.
Change-Id: I627536097955d96e7e5dcd48d9c1cc38a221fefb
Reviewed-on: https://code.wireshark.org/review/28375
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Cast the result of a floating-point calculation to guint32; presumably
it will have no fractional part or we're deliberately discarding the
fractional part, and will never be greater than 2^32-1, so tell the
compiler we mean to discard the fractional part and have no need to
worry about the integral part being too large.
Change-Id: I432df46b59fe3192cd0a804d3d1db1f95983abe2
Reviewed-on: https://code.wireshark.org/review/28367
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Changes:
- rtpstream_info_calc_t created
- rtpstream_info_calculate and rtpstream_info_calc_free functions created
- RTP code updated to use such functions
Change-Id: I1053a46cbd0cdef9d70382135da46e732b5af8b8
Reviewed-on: https://code.wireshark.org/review/28361
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Peter Wu