The result of the '<<' expression is undefined if no_of_bits - 1 is negative.
Change-Id: I3fff09afe414bdd9d6736ee351f1c542c503b93d
Reviewed-on: https://code.wireshark.org/review/4698
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
strncasecmp() has been prohibited for years (in favor of the g_ascii_ version).
Change-Id: I64b7c29099b1c5240757e2026fe3490096a84755
Reviewed-on: https://code.wireshark.org/review/4980
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Rename strnatcmp()/strnatcasecmp() to ws_ascii_XXX(), and make them use
the g_ascii_XXX() routines rather than ctype.h routines, to eliminate
locale-dependent behavior.
(If you want locale-dependent "natural order" sorting, you probably want
"dictionary order" sorting, which is more complicated than just natural
order sorting.)
Change-Id: I837f2776b2a909b547dc9a6072e497911b5380e5
Reviewed-on: https://code.wireshark.org/review/4985
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is not built if we have glibc (as we already have getopt() from
it), and it's not part of glibc, so....
Change-Id: Iae4ff944c78fc55a8cd2eaf523a3696c47b741d7
Reviewed-on: https://code.wireshark.org/review/4769
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- use G_GINT64_MODIFIER instead of "%ll"
- use G_GUINT64_CONSTANT instead of ULL
- add some missing explicit casts
Change-Id: Ic048d9ee8966ea504ea542cefe55688edcfb2dc7
Reviewed-on: https://code.wireshark.org/review/4644
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
There are protocols out there that have 64-bit wide bit mask fields, so
make the internal representation and bitfield decoders 64-bit aware.
For this, the ws_ctz() fallback and bits_count_ones() have to be tweaked
slightly.
Change-Id: I19237b954a69c9e6c55864f281993c1e8731a233
Reviewed-on: https://code.wireshark.org/review/4158
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The main site URI scheme is now https. Update the URL in some other
places while we're here.
Change-Id: Ib03d4fd1c58dabd3cf5050dc4f79216e0b94d525
Reviewed-on: https://code.wireshark.org/review/4133
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add a new routine to wsutil to make this easy: printable_char_or_period().
Bug: 10439
Change-Id: I0eb2bb6bc0676a1035c3d845b5e20276fa04de60
Reviewed-on: https://code.wireshark.org/review/3981
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Apple would really rather that you use their Shiny Happy Frameworks
rather than those crufty old cross-platform APIs. We are a
cross-platform program, and will use platform-specific APIs only if
there's enough benefit to doing so - and, in this case, that means
"using the platform-specific APIs on OS X and the other APIs on other
platforms", so that's two code paths to maintain, so "enough benefit"
has to outweigh the issues with that.
Change-Id: I370ba469a6f5892143d72179d15c9fe22d664fdf
Reviewed-on: https://code.wireshark.org/review/3881
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make sure there's always a space between a number and "[TGMK]bytes",
"[TGMK]bits", and "[TGMK]packets".
Change-Id: I710385303e451e9aea6fc9bbea562f59ca0d22c9
Reviewed-on: https://code.wireshark.org/review/3810
Reviewed-by: Guy Harris <guy@alum.mit.edu>
don't pick up the in-tree copy.
Change-Id: I7ec473876cdba1a025c52362d7f6adc62d24ce71
Reviewed-on: https://code.wireshark.org/review/3798
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
add_plugin() no longer returns ENOMEM. Remove code in
plugins_scan_dir() which printed an error message
if ENOMEM returned by add_plugin().
Fix comment re add_plugin() return values.
Change-Id: Id5170c28e2a55884d41ceebc4e07f16389b75a2a
Reviewed-on: https://code.wireshark.org/review/3774
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Extcap is a plugin interface, which allows for the usage
of external capture interfaces via pipes using a predefined
configuration language which results in a graphical gui.
This implementation seeks for a generic implementation,
which results in a seamless integration with the current
system, and does add all external interfaces as simple
interfaces.
Windows Note: Due to limitations with GTK and Windows,
a gspawn-winXX-helper.exe, respective gspawn-winXX-helper-console.exe
is needed, which is part of any GTK windows installation.
The default installation directory from the build is an extcap
subdirectory underneath the run directory. The folder used by
extcap may be viewed in the folders tab of the about dialog.
The default installation directory for extcap plugins with
a pre-build or installer version of wireshark is the extcap
subdirectory underneath the main wireshark directory.
For more information see:
http://youtu.be/Nn84T506SwU
bug #9009
Also take a look in doc/extcap_example.py for a Python-example
and in extcap.pod for the arguments grammer.
Todo:
- Integrate with Qt - currently no GUI is generated, but
the interfaces are still usable
Change-Id: I4f1239b2f1ebd8b2969f73af137915f5be1ce50f
Signed-off-by: Mike Ryan <mikeryan+wireshark@lacklustre.net>
Signed-off-by: Mike Kershaw <dragorn@kismetwireless.net>
Signed-off-by: Roland Knall <rknall@gmail.com>
Reviewed-on: https://code.wireshark.org/review/359
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use it in the ATM dissector, and use a tvbuff version, so that we don't
do tvb_get_ptr() ourselves.
Change-Id: I0bd3594bc739e0cca447ac06f34a471441cf2e70
Reviewed-on: https://code.wireshark.org/review/3513
Reviewed-by: Guy Harris <guy@alum.mit.edu>
And note that it's the same polynomial for the MPEG-2 CRC.
Change-Id: Ie89e392156ae77a2adeec3eb8e704aa75c0cd0dc
Reviewed-on: https://code.wireshark.org/review/3512
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have the wsutil routine just accumulate the stuff from the buffer handed
to us. Have the IUUP dissector deal with the extra stuff. Add a
update_crc10_by_bytes_tvb() routine, which is passed a tvbuff, offset,
and length, and use that rather than using tvb_get_ptr() in dissectors.
Change-Id: Iadd0823c764080e60d1339abb94d2e19150eabfe
Reviewed-on: https://code.wireshark.org/review/3509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
So just use crc16_x25_ccitt_tvb(), which goes a byte at a time rather
than a bit at a time, and which takes a tvbuff rather than requiring you
to call tvb_get_ptr().
It also doesn't 1's-complement the result, so we can compare it against the
0x1D0F in ETSI TS 102 821 V1.4.1 (2012-10) rather than against a
1's-complement version, 0xE2F0.
Change-Id: Ia513f851f0a8ff1e7853278ddf3618c532fb2aba
Reviewed-on: https://code.wireshark.org/review/3507
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There are routines that take a buffer and a length and that take a
tvbuff, offset, and length; use those routines in the DNP dissector
(which no longer needs its own table and loop), and use the tvbuff
routine instead of calling tvb_get_ptr().
Change-Id: Ic67b0f3b65b94ea47c0fdc2f3d3b6f88df77f9c6
Reviewed-on: https://code.wireshark.org/review/3505
Reviewed-by: Guy Harris <guy@alum.mit.edu>
In particular, epan/wslua/lrexlib.c has its own buffer_ routines,
causing some linker warnings on some platforms, as reported in bug
10332.
(Not to be backported to 1.12, as that would change the API and ABI of
libwsutil and libwiretap. We should also make the buffer_ routines in
epan/wslua/lrexlib.c static, which should also address this problem, but
the name change avoids other potential namespace collisions.)
Change-Id: I1d42c7d1778c7e4c019deb2608d476c52001ce28
Reviewed-on: https://code.wireshark.org/review/3351
Reviewed-by: Guy Harris <guy@alum.mit.edu>
file in the build directory (rather than the source directory).
Change-Id: I365e573ee84e9a41aa76f4aa9a4a6efaf42fb60e
Reviewed-on: https://code.wireshark.org/review/3334
Reviewed-by: Evan Huus <eapache@gmail.com>
Items are sorted by value.
Move common conversation code to ui/conversation_hash.[ch]. Add a
conversation_type_e enum along with convenience functions for fetching
titles, tap names, etc.
We have a single main dialog instead of a main dialog + individual
protocol dialogs. It de-clutters the statistics menu and results in
simpler code. Conversation type tabs can be added and removed within the
dialog itself. The tab list is sticky and saved with the current profile
when the dialog closes. Data can be copied as CSV or YAML.
Add a FilterAction class and a corresponding filterAction slot to
MainWindow. Use it for the Conversations context menu.
Add an addressResolutionChanged signal and related plumbing.
Get rid of the iterator members in the conversation item struct. Update
the GTK+ code accordingly.
Excercise for the reader:
- Update TShark to use the common hash code.
Ping-Bug: 9231
Ping-Bug: 8703
Ping-Bug: 6727
Change-Id: I8728d771fc5b1a85937bed9d898e53c3ecc3a544
Reviewed-on: https://code.wireshark.org/review/2987
Reviewed-by: Michael Mann <mmann78@netscape.net>
Some routines Wireshark uses are present in some, but not all,
platforms; for routines that would be used on all platforms, libwsutil
provides its own implementations on platforms that lack them.
On platforms that provide a routine, that routine will not be part of
the API and ABI, and, if we do an API or ABI check using the header
libwsutil provides to declare the function on platforms that lack it, we
may have a collision between the declaration in our header and the
declaration in a system header.
There's no guarantee that we can make them match, as the declaration
might differ from platform to platform and from platform version to
platform version, so we simply leave the header file out of the check if
we have the function on the platform on which we're checking the API or
ABI.
Change-Id: I8a23e63d9e17e5c1f5a83304dbe14d1e7df22e7e
Reviewed-on: https://code.wireshark.org/review/3115
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Otherwise, if you link with both libwiretap and libfiletap, it's
anybody's guess which one you get. That means you're wasting memory
with two copies of its routines if they're identical, and means
surprising behavior if they're not (which showed up when I was debugging
a double-free crash - fixing libwiretap's buffer_free() didn't fix the
problem, because Wireshark happened to be calling libfiletap' unfixed
buffer_free()).
There's nothing *tap-specific about Buffers, anyway, so it really
belongs in wsutil.
Change-Id: I91537e46917e91277981f8f3365a2c0873152870
Reviewed-on: https://code.wireshark.org/review/3066
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit c5a50df51f.
Most of the change to remove "lib" seems to work, but the list of libraries to sign appears not to be in the source repository, so I can't make that step work.
Change-Id: I6ead152fc308480d02266b0f3f0caaa873caf6d2
Reviewed-on: https://code.wireshark.org/review/2973
Reviewed-by: Guy Harris <guy@alum.mit.edu>
"libXXX" is a UN*X convention; see whether we can do without it on
Windows.
Change-Id: I03a377ed5121a8dff7a53203b34e441abffcbb85
Reviewed-on: https://code.wireshark.org/review/2968
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The WRETH dissector showed up some garbage in the column display. Upon
further inspection, it turns out that the format string had a trailing
percent sign which caused (unsigned)-1 to be returned by
g_printf_string_upper_bound (in emem_strdup_vprintf). Then ep_alloc is
called with (unsigned)-1 + 1 = 0 memory, no wonder that garbage shows
up. ASAN could not even catch this error because EP is in charge of
this.
So, start adding G_GNUC_PRINTF annotations in each header that uses
the "fmt" or "format" paramters (grepped + awk). This revealed some
other errors. The NCP2222 dissector was missing a format string (not
a security vuln though).
Many dissectors used val_to_str with a constant (but empty) string,
these have been replaced by val_to_str_const. ASN.1 dissectors
were regenerated for this.
Minor: the mate plugin used "%X" instead of "%p" for a pointer type.
The ncp2222 dissector and wimax plugin gained modelines.
Change-Id: I7f3f6a3136116f9b251719830a39a7b21646f622
Reviewed-on: https://code.wireshark.org/review/2881
Reviewed-by: Evan Huus <eapache@gmail.com>
When ASAN is enabled, a false buffer overflow warning is raised. It is
a false positive since everything starting at '\0' will get ignored by
the PCMPISTRI instruction (see Intel(r) SSE4 Programming Reference,
5.3.1.5 "Valid/Invalid Override of Comparisons", and 5.3.1.2
"Aggregrate Operation", case "Equal any").
Concerns about reading past the end of the page turns out to be false,
there always seem to be a valid page after the current one (for static
and heap memory at least). It is an non-issue since strlen also does
not have issues with this.
Rather than fully disabling SSE 4.2 and using the fallback
implementation for ASAN-enabled builds, read the set of characters from
'a' into the mask without a 128-bit read and then still use SSE 4.2
for the actual query.
Bug: 10214
Change-Id: Ie4a526e60b43bfc08dd1d821556766f14a49be4d
Reviewed-on: https://code.wireshark.org/review/2618
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Evan Huus <eapache@gmail.com>
With autotools, CMake, and nmake, if we have a function, #define
HAVE_{function_name_in_all_caps}, otherwise don't #define it.
If we provide our own version of a function in libwsutil, make sure we
have a header that declares it, and *ONLY* include that header if
HAVE_{function_name_in_all_caps} is *NOT* defined, so that we don't have
the system declaration and our declaration colliding.
Check for inet_aton, strncasecmp, and strptime with CMake, just as we do
with autotools.
Simplify the addition of {function_name_in_all_caps}_LO to libwsutil in
autotools.
Change-Id: Id5be5c73f79f81919a3a865324e400eca7b88889
Reviewed-on: https://code.wireshark.org/review/2903
Reviewed-by: Guy Harris <guy@alum.mit.edu>
BYTE2WORD() doesn't modify what its argument points to, so make that
argument a const unsigned char *.
This lets us get rid of casts that cast away constness.
Change-Id: I44a58bd3d75fc77a022b7e8f7fa9b43990bcf81c
Reviewed-on: https://code.wireshark.org/review/2876
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Pull the "cast this to a pointer to an __m128i" idiom into a macro, and
use the macro; have that macro use "const" in the casts.
Change-Id: Ife90b7daef2f09368790f3b2ffbb227d6d794dea
Reviewed-on: https://code.wireshark.org/review/2871
Reviewed-by: Guy Harris <guy@alum.mit.edu>
wsutil contains the only code that uses version.h; make the dependency
explicit, to see whether that fixes the current build issues with Debian
packaging.
Also, get rid of all *other* dependencies on gitversion.
Change-Id: I89fa5e4112633b83a1a7dfa349bc337e3688575f
Reviewed-on: https://code.wireshark.org/review/2823
Reviewed-by: Guy Harris <guy@alum.mit.edu>
SetProcessDEPPolicy() is the API; PSetProcessDEPPolicy is just a local
pointer variable that either points to that API's implementation (if
it's available) or is null (if it isn't).
Change-Id: I676fbb75019e32af511cefa6f1c7b7124ac9d8e8
Reviewed-on: https://code.wireshark.org/review/2735
Reviewed-by: Guy Harris <guy@alum.mit.edu>