While we're at it, use decimal, rather than hex, for option numbers;
they're given in decimal in the pcapng spec.
And fix a typo.
Change-Id: I2a6e857a29d5bcb6533b8f5aef00711dd57e6df5
Reviewed-on: https://code.wireshark.org/review/36600
Reviewed-by: Guy Harris <gharris@sonic.net>
No need to decrement it every loop. Furthermore, when more types are
supported, same line can be reused.
Change-Id: Ic61c2e839d8dcb0e035172d706978a18b16520df
Reviewed-on: https://code.wireshark.org/review/36592
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
The csnStreamDissector() shall not return 0 prematurely if no more
bits left in the input buffer. Otherwise some malformed packets
may not be displayed by Wireshark as such, confusing the user(s).
There are two possible cases:
a) The number of remaining bits is negative - this is an error
in any case. Return CSN_ERROR_NEED_MORE_BITS_TO_UNPACK.
b) The number of remaining bits is zero - this might be an error
or not depending on particular CSN.1 definition. We don't
know in advance without entering the parsing loop.
In case a) everything is simple, while in case b) we should not
make precipitate decicions. Some CSN.1 definitions have names
like 'M_*_OR_NULL', what basically means that they're optional
and can be ignored or omitted.
Most of the case statements do check whether the number of remaining
bits is enough to unpack a value, so let's leave the final decicion
up to the current handler (pointed by pDescr) if no more bits left.
This is a port of the original patch [1] for OsmoPCU [2].
[1] https://gerrit.osmocom.org/c/osmo-pcu/+/17394
[2] https://osmocom.org/projects/osmopcu/
Change-Id: If35d62b1cb81e8b2909401684c3b801cb79f1294
Reviewed-on: https://code.wireshark.org/review/36588
Reviewed-by: Pau Espin Pedrol <pespin@sysmocom.de>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
- Add some missing vendors
- Rename field (controltype -> controlcode)
- Show 'prologue' field (could be controlled by pref, but not many fields..)
- Remove some _U_ decorations
Change-Id: I91f06b806cbf6d037d0503256ad90809abdaf937
Reviewed-on: https://code.wireshark.org/review/36587
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
1. Add missing sparebits in I010_020 and I010_070
2. Correct scaling factor for I010_042 to 1 m instead of 0.5
Thanks to Marko Hrastovec <marko.hrastovec@gmail.com> for the suggestions.
Change-Id: I22f360f9b687c4b38b36bb2d5dd81db36536497c
Reviewed-on: https://code.wireshark.org/review/36586
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Struct Layout:
struct acTOpenOrUpdateSBCSession
{
int CidA;
int CidB;
int ChannelACommandSeqNumber;
int ChannelBCommandSeqNumber;
acMediationLevel AudioMediationLevel;
int SourceDirection;
int DestinationDirection;
acAudioTranscodingMode AudioTranscodingMode;
acSBCConnectionType SBCConnectionType;
acTSBCChannelConfiguration ChannelAConfiguration;
acTSBCChannelConfiguration ChannelBConfiguration;
};
acTSBCChannelConfiguration size can vary, so Channel B might be
incorrectly dissected.
Fix by recognizing the first field of acTSBCChannelConfiguration and
dividing the remaining size by 2, giving each channel the same byte
count.
Change-Id: I961394523fc307fa214d36c3eae5589f788fc6df
Reviewed-on: https://code.wireshark.org/review/36584
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Start dissecting the class-specific control messages.
Change-Id: I21e97777c9fc0396a8c0c575ba21909f58bbb577
Reviewed-on: https://code.wireshark.org/review/36539
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Only build the capture information dialog if we're going to support
capturing; otherwise, that dialog never pops up.
Don't include ui/capture.h in ui/qt/wireshark_application.cpp if we
don't have pcap, either; it's not needed, and breaks compilation.
Change-Id: If9a52239fd2c81c37663be8044ecd67f4569d61b
Reviewed-on: https://code.wireshark.org/review/36585
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Instead of having programs that use the capchild library define
functions with known names, with the library routines calling back
routines with those names, have function pointers for those callbacks in
the capture_session structure, and have capture_session_init() set them.
Make the callback routines in TShark and in the ui library static.
Change-Id: Ia1ba6119c5ef7708e0f87b8420f200136ba41eae
Reviewed-on: https://code.wireshark.org/review/36583
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
If we're capturing to multiple files, whenever we are told about a new
file, we must close the old file, so we don't leak file descriptors and
wtap structures.
Have cf_close() handle the work of closing, the way it does in file.c,
and, when we *open* a file, set the state in capture_file to
FILE_READ_IN_PROGRESS.
Bug: 16457
Change-Id: I04a01c30571b7e3575dee5e7252a59bb1ee8abbc
Reviewed-on: https://code.wireshark.org/review/36580
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
There's two variants for the Ms Radio Access Capabilities.
* The usual encoding with spare bits (usually to fill up to octet boundary)
as defined in TS 24.008 Table 10.5.146
And there's too:
* MS Radio Access Capabilities 2 IE from TS44.060 section 12.30, which is
the same but removing all spare bits, and which is used in messages like
Packet Resource Request and Additional MS RAC messages.
The later is used basically for messages having extra IEs after the MS
Radio Access capabilities IE, since they are encoded immediatelly
afterwards.
So this patch does:
* Adds the expected spare bits (M_PADDING) to MS_Radio_Access_capability_t
* Creates a new MS_Radio_Access_capability2_t without padding
* Updates code to use the new "2" version where needed.
The new MS_Radio_Access_capability_t with padding is disabled since it's
not used in wirehsark because it's using an ad-hoc decoder for that TS
24.008 IE: see packet-gsm_a_gm.c de_gmm_ms_radio_acc_cap()
Port from osmo-pcu.git e50ce6e45c4509805807d599cadf1a1b23d37f63
Related: https://osmocom.org/issues/4463
Change-Id: Ie2844bd94437c8d7a50787cc7c8c4d81a4fc48ba
Reviewed-on: https://code.wireshark.org/review/36574
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
It seems the assumptions regarding maximum number of RA capabilitites
in one message were wrong. Doing some rough calculations, each RA
capabilitiy value (without extensions) can take around 20ish bits, which
means for a message containing up to 52 bytes that quite a lot of
different values could be theoretically fed in. Let's be safe and
increase the array size to be able to handle all different access
technologies listed in See TS 24.008 table 10.5.146 following
restrictions:
* "The MS Radio Access capability is a type 4 information element, with a maximum length of 52 octets."
* "Among the three Access Type Technologies GSM 900-P, GSM 900-E and GSM 900-R only one shall be present."
* "the mobile station should provide the relevant radio access
capability for either GSM 1800 band OR GSM 1900 band, not both".
Port from osmo-pcu.git 7faa5da209d0ef48fe593603c217615f09fb61fb.
Related: https://osmocom.org/issues/4463
Change-Id: Ief5189f88ba0e4970847567c9a15b1ada8b9df4b
Reviewed-on: https://code.wireshark.org/review/36573
Reviewed-by: Harald Welte <laforge@gnumonks.org>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
This way the macros can be used to access the arrays themselves and
calculate its static size to enable validation lateri on.
In the case of Packet_Access_Reject_t, modify the description to use a
M_REC_TARRAY_1 object to get rid of access to 2nd element. The new
description is the correct one, since the first element is mandatory
according to TS 44.060 Table 11.2.1.
Port from osmo-pcu.git 81b40cbaf3070f70954663f68375100128bdc77e.
Change-Id: I48fc257305af799beb6a48ffc6d11b73026bff51
Reviewed-on: https://code.wireshark.org/review/36571
Reviewed-by: Harald Welte <laforge@gnumonks.org>
Reviewed-by: Vadim Yanitskiy <axilirator@gmail.com>
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
This way if CSN1 encoded bitstream contains more elements than what the
defintion expects it will fail instead of overflowing the decoded
buffer.
Example: RA Capabilities struct (recursive array) sent by a real android phone
when attaching to the network. Then SGSN sends it back and osmo-pcu would crash
similar to this:
*** stack smashing detected ***: terminated
Process terminating with default action of signal 6 (SIGABRT): dumping core
at 0x4C62CE5: raise (in /usr/lib/libc-2.31.so)
by 0x4C4C856: abort (in /usr/lib/libc-2.31.so)
by 0x4CA62AF: __libc_message (in /usr/lib/libc-2.31.so)
by 0x4D36069: __fortify_fail (in /usr/lib/libc-2.31.so)
by 0x4D36033: __stack_chk_fail (in /usr/lib/libc-2.31.so)
by 0x124706: testRAcap2(void*) (RLCMACTest.cpp:468)
Port from osmo-pcu.git efad80bfbffb2a35d2516e56dc40979f19c6c370
Related: https://osmocom.org/issues/4463
Change-Id: I6bdd6960141829491aebbfdaab548c41d4a3bc9f
Reviewed-on: https://code.wireshark.org/review/36572
Reviewed-by: Harald Welte <laforge@gnumonks.org>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Add support to dissect ASTERIX CAT010 Version 1.10
Change-Id: I82f59555e75c03fc4bd2819b2455f7fd6fa08384
Reviewed-on: https://code.wireshark.org/review/36560
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Requires an updated wireshark/wireshark-ubuntu-dev image:
https://github.com/wireshark/wireshark-ubuntu-dev-docker/pull/2
Remove -Wframe-larger-than while at it. The default size in our CMake
config is 32k. Clang should not significantly go over it. If so, then it
has to be solved there, and not in the Gitlab config.
Change-Id: I3891fcbd9dec8e5a4597404aa8131f28a1755a02
Reviewed-on: https://code.wireshark.org/review/36369
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The layout of OpenSecureChannel command is:
struct acTOpenSecureChannelSendCmd
{
int CID;
struct acTOpenChannelCmd OpenChannelCmd;
struct acTOpenSecureChannelCmd SecureChannelCmd;
};
OpenChannelCmd contains a field that stores the offset of
SecureChannelCmd (rtp_authentication_algorithm) from the beginning of
OpenChannelCmd (cmd_rev_lsb).
Support both forward and backward compatibility (added or missing fields).
Change-Id: If277996aa7fb94fef55ae34fed5a307728ebdf7c
Reviewed-on: https://code.wireshark.org/review/36566
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
wsutil/nstime.c:116: warning: Function 'nstime_sum' argument order different: declaration 'sum, b, a' definition 'sum, a, b'
Most likely copy/paste error from nstime_delta() above where that order makes sense.
Change-Id: Icea52b21781ebc09b2b80acdb34d61a28eb1e498
Reviewed-on: https://code.wireshark.org/review/36562
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Define a FunnelStatistics dtor and use it to clear our funnel
operations. This keeps us from crashing if we quit while a ProgDlg or
TextWindow is visible.
In FunnelStatistics::progressDialogNew, pass in our parent MainWindow
instead of depending on capture_file_ having a valid window pointer.
This lets us use a ProgDlg without having to load a capture file.
Define and use the _funnel_ops_id_t struct so that we don't have to cast
void pointers in a bunch of places.
Change-Id: I38dd3f254b705ddf82f7421a14d27b8c3ef7bc98
Reviewed-on: https://code.wireshark.org/review/36538
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fixing infinite loop bugs in multiple places. This
fix is not in bugzilla, it was found by inspecting
the code.
Change-Id: I7c58242d298a73fd929c327d254b34b3e60cf383
Reviewed-on: https://code.wireshark.org/review/36557
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is based on patch created by Krzysztof Opasiak.
USB is a stateful protocol. So we store the link to the previous
packets.
Ping-Bug: 15908
Change-Id: I5d844041b68375a5b3ffc46f1e8ffca2804ed5b6
Reviewed-on: https://code.wireshark.org/review/34309
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's already incluided in the template.
Change-Id: I534b0b116f232e2b0168e141ad865ec6c96612d3
Reviewed-on: https://code.wireshark.org/review/36546
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The asn1 dissector generator creates file with 2 spaces indentation.
The right way to indent a cnf file is the same, then.
Change-Id: I6a210ba17b332234678698d111863e27830dcece
Reviewed-on: https://code.wireshark.org/review/36545
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I17b94100139d3262315cb42b66fc245ade82224b
Reviewed-on: https://code.wireshark.org/review/36544
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I83070917b76c0d730148b29cc38151648a1a88de
Reviewed-on: https://code.wireshark.org/review/36542
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I32f636c5a8de652303fbe03668bf937004f2e6a8
Reviewed-on: https://code.wireshark.org/review/36543
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
dot11decrypt_system.h:274:11: warning: parameter 'decrypt_data' not found in the function declaration [-Wdocumentation]
dot11decrypt_system.h:277:11: warning: parameter 'decrypt_len' not found in the function declaration [-Wdocumentation]
dot11decrypt_system.h:279:11: warning: parameter 'key' not found in the function declaration [-Wdocumentation]
Change-Id: I9a0d1dd29ddd130b9425a38645777e4eb05e9fa3
Reviewed-on: https://code.wireshark.org/review/36540
Reviewed-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I45ae45f61042dc612a63727e9790bf3c036fa608
Reviewed-on: https://code.wireshark.org/review/36533
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
MFP enabled connections with SHA-256 key management (IEEE 802.11w) use
EAPOL key version == 3. This case was missing making decryption of such
connections fail. Allow key version 3 to handle these too.
Change-Id: If9e3fcc5c3bbfb46e82b39dfed5b2a74787a4f16
Reviewed-on: https://code.wireshark.org/review/36534
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Goodbye RTCP packet dissection has to derive whether the optional
"Reason for leaving" string is present or not. This has to be derived
from the length. When put into a compound RTCP packet, the length
derivation from the TVB length does not work, because another RTCP
packet may follow in this compound RTCP packet.
With this change the stated length of this RTCP packet is passed to
the RTCP BYE packet dissection function in order to make a proper
length determination and not overrun into the next RTCP packet in the
compound RTCP packet.
Bug: 16434
Change-Id: Iab0fdd52c745028a9928bbef6c731ff649213277
Reviewed-on: https://code.wireshark.org/review/36532
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>