Instead of calling the grep/sed pipelines for each file, build the
list of files in the beginning and call each pipeline only once,
passing the list to the first grep.
This results in a massive speedup in Cygwin; in my test, the time
it takes to run make-dissector-reg . dissectors packet-*.c in dissectors/epan
is reduced from ~116 to ~3 seconds. I also tried it on NetBSD, where
the time do to the same goes from ~6 to ~0.5 seconds.
Amend makefile comments to elide mentions of invoking multiple processes
per file.
Change-Id: Iad441e7d2b6cc3669dada57646e2f8f6b987fd34
Reviewed-on: https://code.wireshark.org/review/2826
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The catapult dissector tripped on this random file I had. A quick look
at other dissectors which use a construct like "-1] *= '*\\[rn]" showed
packet-irda too, so fix that as well.
Change-Id: I4b5fadcacd0b09d0fb29bdefc3dd1f28aef9b593
Reviewed-on: https://code.wireshark.org/review/2802
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Hopefully that name makes it clear what the routiner's purpose is, and
will encourage people to use it rather than using dissector_add_uint()
with a bogus integer value.
Change-Id: Ic5be456d0ad40b176aab01712ab7b13aed5de2a8
Reviewed-on: https://code.wireshark.org/review/2483
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Currently for all arrays, the generic ett_opcua_array is used, instead we want to be more selective for storing the expanded state of subtrees. This commit adds subtree identifiers for all array types.
Change-Id: Idcec51a200d1109cdb557d3366021d3b066b453d
Reviewed-on: https://code.wireshark.org/review/2176
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Display 'Array of <fieldname>' instead of 'Array of Simple Type'
- Display array indexes for simple types
- Display data type in simple type arrays
Change-Id: Id2cc746898f97ce329c6afb9cc49f1907a9f18e4
Reviewed-on: https://code.wireshark.org/review/2161
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also make repetition_coding_indications[] standard terminated.
Change-Id: Ice20e1f27f5ab4d111f893608a230b83899efc9f
Reviewed-on: https://code.wireshark.org/review/2288
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
- make ett_opcua_transport static, is only used locally
- format code grouping extern ett variables
- add subtree variables for encodingmasks of simple types
Change-Id: Ia044ca6ca0ff19e940a03d21610db67fe3679b01
Reviewed-on: https://code.wireshark.org/review/2157
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Checks if a StatusCode has any of the additional info bits set and displays them accordingly.
Change-Id: Ic584233083174d3fd30c6ec6684f308e0e5ae22e
Reviewed-on: https://code.wireshark.org/review/2127
Reviewed-by: Evan Huus <eapache@gmail.com>
Adds a table containing all known StatusCodes and displays them if found.
The list of StatusCodes is in a separate file for easy generating of the list if necessary.
Change-Id: Iab74b22b7fc4fb53d8f072c4e3a4cea4ae18196c
Reviewed-on: https://code.wireshark.org/review/2126
Reviewed-by: Evan Huus <eapache@gmail.com>
The NoOf... fields are not used at all in the dissector.
Change-Id: I1f20a9992eab5d47c7e0ad34dabeaed07efa4a80
Reviewed-on: https://code.wireshark.org/review/2130
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Return the ServiceId of the service calls for displaying if it's a request or response
- Add the missing parsing code for CloseSecureChannel, some fields were missing
Change-Id: Id9b1e1986e222a77ad979fb615adc6ac62a4ced8
Reviewed-on: https://code.wireshark.org/review/2125
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
ServiceFaults are always sent as a service response and never as value, this moves the parsing code to the correct location.
Change-Id: Ida9cb561aa40fcbfc3c0429aed732d108b295138
Reviewed-on: https://code.wireshark.org/review/2124
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Adds hf_register_info for all possible NodeId identifier types for unified displaying.
Change-Id: Ic7a8077a32f435d5acfb1a956117d21a0b51b43b
Reviewed-on: https://code.wireshark.org/review/2123
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
There are no 'URI' NodeIds, removed this option and changed GUID/Opaque to their correct values as stated in the UA specification.
Change-Id: Ibf9afdbd72f8ad336f5eb83ece5adbcce51e8365
Reviewed-on: https://code.wireshark.org/review/2122
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
- Rename Uri to NamespaceUri for clarity
- Correct NsId to NsIndex
- ByteString NodeIds are called 'Opaque'
Change-Id: I622d408ef9e19a2a899906b4127bae497735d402
Reviewed-on: https://code.wireshark.org/review/2121
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Only the bits 0-3 are significant for the type of the NodeId contained in the ExpandedNodeId.
The other bits are a mask telling if a NamespaceUri and/or a ServerIndex is set.
Change-Id: I17948524f8a1bf6cb9dffc5f66ec5cddee580bcd
Reviewed-on: https://code.wireshark.org/review/2120
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
tvb_new_subset -> tvb_new_subset_remaining it appears that's what the intention is.
Change-Id: I2334bbf3f10475b3c22391392fc8b6864454de2d
Reviewed-on: https://code.wireshark.org/review/1999
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Issue found while playing with MSVC /GL option
Change-Id: I1f734eb4054349c706b529d8080036b00e66397a
Reviewed-on: https://code.wireshark.org/review/1998
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
which can be used to call the found heuristic dissector on the next pass.
Introduce call_heur_dissector_direct() to be used to call a heuristic
dissector which accepted the frame on the first pass.
Change-Id: I524edd717b7d92b510bd60acfeea686d5f2b4582
Reviewed-on: https://code.wireshark.org/review/1697
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Always call $(top_srcdir)/tools/checkAPIs.pl with -sourcedir=$(srcdir)
from Makefile.am to allow out-of-source 'make checkapi'.
Change-Id: I60d7e0079984a8ededdacf4517a0738486fa7973
Reviewed-on: https://code.wireshark.org/review/1294
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Using sed : sed -i '/^\*\* \$Id\$/,+1 d') (2 star and space)
Change-Id: I48505ffb8bfa103cd7db0117e18cdb1925a7034d
Reviewed-on: https://code.wireshark.org/review/884
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Last one $Id$ (remove by hand) to make checkAPI haapy !
Change-Id: I5adfdcac0629a36e08c5fe3ea7960bdbc251364f
Reviewed-on: https://code.wireshark.org/review/887
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Using sed : sed -i '/^\# \$Id\$/,+1 d') (start with dash)
Change-Id: Ia4b5a6c2302f6a531f6a86c1ec3a2f8205c8c2dd
Reviewed-on: https://code.wireshark.org/review/881
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Using sed : sed -i '/^\* \$Id\$/,+1 d') (no space before star)
Change-Id: I318968db2b8512ba1303b5fc5c624c66441658f0
Reviewed-on: https://code.wireshark.org/review/879
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Using sed : sed -i '/^\$Id\$/,+1 d') (No space or star before $Id$)
Change-Id: I0801bd7cf234d32487008a8b6dcee64875b07688
Reviewed-on: https://code.wireshark.org/review/876
Reviewed-by: Evan Huus <eapache@gmail.com>
There have been discussions on -dev about removing this and I believe I was the last holdout. Finally convinced that I should just have a local copy (ignored by git)
Change-Id: Ic72a22baf58e3412023cf851f0fce16eb07113b0
Reviewed-on: https://code.wireshark.org/review/681
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That just breaks too many things.
This catches the examples of that found in bug 9878. There might be
others that my grepping didn't find.
We should also have the checkAPIs.pl script check for this, so this
isn't a full fix for bug 9878.
Change-Id: I3bf6f1fc0fe8654d0f54a995e72f1966ae012f5e
Reviewed-on: https://code.wireshark.org/review/623
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Added DCP decoding of reset to factory
removed unused value_strings
corrected decoding of PDSubFrameBlock
most of the length display added a dec_hex display
Signed-off-by: Widok <kellingwido@aol.com>
Change-Id: I17b59b45eff37b65047a7a3e5e275f01a37ee616
Reviewed-on: https://code.wireshark.org/review/517
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(Copyright or info about file...)
Change-Id: I90ba8b1c3ec8406b0c3365a69a8555837fc4bbb1
Reviewed-on: https://code.wireshark.org/review/515
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If the string doesn't end with a null-terminator in the given length it causes a
read-overflow. Should fix bug #9717.
Change-Id: I44647ef8ecb856e07d1175777ed603736ec63553
Reviewed-on: https://code.wireshark.org/review/90
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The majority of the fixes are for calls to uat_new(). Instead of
having each caller cast its private data to (void**), we use void*
in the uat_new() API itself. Inside uat_new(), we cast the void*
to void**.
Some dissectors use val64_string arrays, so a VALS64() macro was
added for those, to avoid using VALS(), which is useful only for
value_string arrays.
packet-mq.c was changed because dissect_nt_sid() requires
a char**, not a guint**. All other callers of dissect_nt_sid() use
char*'s (and take the address of it) for their local storage. So,
this was changed to follow the other practices.
A confusion between gint and absolute_time_display_e in packet-time.c
was cleared up.
The ugliest fix is the addition of ip6_guint8_to_str(), for exactly
one caller. The caller uses one type of ip6 address byte array,
while ip6_to_str() expects another. This new function is in place
until the various address implementations can be consolidated.
Add VALS64() to the developer documentation.
Change-Id: If93ff5c6c8c7cc3c9510d7fb78fa9108e4552805
Reviewed-on: https://code.wireshark.org/review/48
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
safe accessor functions, and it's all done via scary bit-twiddling macros to
boot.
Create the macros TVB_NIB_WORD and TVB_NIB_NIBBLE that (should) behave just
like the raw-pointer NIB_WORD and NIB_NIBBLE macros, except using the safe tvb
functions instead.
Replace two instances with the safe versions, which fixes an out-of-bounds
access caught by my valgrind fuzzer. If this doesn't break anything then we
should probably do a wholesale replacement at some point, but I'm not feeling
that adventurous at the moment.
svn path=/trunk/; revision=54951
declares the functions must be included, in order to make sure the
declarations match the function signature. Make it so - which means
creating the header file in the first place.
Also, declare proto_register_wimax_compact_dlmap_ie() early in
wimax_compact_dlmap_ie_decoder.c, similar to what we do in
wimax_copact_ulmap_ie_decoder.c.
svn path=/trunk/; revision=54739
CC packet-ecatmb.lo
packet-ecatmb.c: In function 'dissect_ecat_mailbox':
packet-ecatmb.c:877:64: error: 'info.anSdoInfoUnion.Entry.ValueInfo' may be used uninitialized in this function [-Werror=uninitialized]
packet-ecatmb.c:796:38: note: 'info.anSdoInfoUnion.Entry.ValueInfo' was declared here
packet-ecatmb.c:884:34: error: 'info.anSdoInfoUnion.Entry.Res.BitLen' may be used uninitialized in this function [-Werror=uninitialized]
packet-ecatmb.c:796:38: note: 'info.anSdoInfoUnion.Entry.Res.BitLen' was declared here
svn path=/trunk/; revision=54286
bytestring_to_ep_str (now deprecated). Use the new one in a few obvious places.
Also just print directly to the buffer when loading ethernet addresses for
resolution. The straight-to-buffer bytes_to_hexstr seems useful, maybe it
shouldn't be in a private header...
svn path=/trunk/; revision=54270
obvious that the returned string is ephemeral, and opens up the original names
in the API for versions that take a wmem pool (and thus can work in any scope).
svn path=/trunk/; revision=54249
From Deon van der Westhuysen
- Bug fix: object leak in stats_tree after a tap reset (for example apply statistics preferences with a stats_tree window open)
- Bug fix: correct sample code in README.stats_tree
- Add: slash in plug-in name now creates submenu as docs describe (was a bug?)
- Add: menu separator before the stat_tree registered plug-ins
- Add: stats_tree can now calculate averages for nodes; automatically calculated for range nodes. Add section in README.stats_tree describing averages.
- Add: stats_tree can now calculate burst rate of each node (like rate but with a shorter, sliding time window)
- Add: sorting for stats_tree plug-ins. Can sort on node name, count, average, min, max values and burst rate.
- Add: preferences for stats_tree system (default sort column, burst calc params)
- Add: stats_tree window copy to clipboard and export and plain text, csv and XML.
- Added sample of new functionality in $srcdir/plugins/stats_tree/pinfo_stats_tree.c
- Moved all stats_tree sample plug-ins to "IP Statistics" submenu.
svn path=/trunk/; revision=53657
I'm not sold on the name or module the proto_data functions live in, but I believe the function arguments are solid and gives us the most flexibility for the future. And search/replace of a function name is easy enough to do.
The big driving force for getting this in sooner rather than later is the saved memory on ethernet packets (and IP packets soon), that used to have file_scope() proto data when all it needed was packet_scope() data (technically packet_info->pool scoped), strictly for Decode As.
All dissectors that use p_add_proto_data() only for Decode As functionality have been converted to using packet_scope(). All other dissectors were converted to using file_scope() which was the original scope for "proto" data.
svn path=/trunk/; revision=53520
no val_to_string_repr method, we don't need to check whether it has such
a method, and thus don't need to include epan/ftypes/ftypes-int.h.
svn path=/trunk/; revision=53293
Now that "bytes consumed" can be determined, should tcp_dissect_pdus() take advantage of that?
Should tcp_dissect_pdus return length (bytes consumed)? There are many dissectors that just call tcp_dissect_pdus() then return tvb_length(tvb). Seems like that could all be rolled into one.
svn path=/trunk/; revision=53198
All "generated" source was manually modified (with the power of search/replace), but I believe the "source input" files have been adjusted (checked into revs 53098 and 53099) to reflect the necessary changes (with possible whitespace formatting differences).
The Microsoft compiler doesn't flag "unused function parameters", so I apologize in advance if I may have missed a few. The "dcerpc_info* di" parameter is used in almost every function.
svn path=/trunk/; revision=53100
If it's used by a third-party plugin, please submit a patch that passes the ETHERCAT_MBOX_HEADER structure through the data parameter of the "new" style dissector function.
svn path=/trunk/; revision=53094
- when the text parameter is constant col_add_str() and col_set_str() are equivalent but col_set_str() is faster.
- same for replace col_append_fstr and col_append_str
- remove col_clear() when it's redundant:
+ before a col_set/col_add if the dissector can't throw an exception.
- replace col_append() after a col_clear() with faster col_add... or col_set
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9344
svn path=/trunk/; revision=52948
convert all existing UAT update callbacks to use glib memory instead of
ephemeral memory for that string.
UAT code paths are entirely distinct from packet dissection, so using ephemeral
memory was the wrong choice, because there was no guarantees about when it would
be freed.
The move away from emem still needs to be propogated deeper into the UAT code
itself at some point.
Net effect: remove another bunch of emem calls from dissectors, where replacing
with wmem would have caused assertions.
svn path=/trunk/; revision=52854
Not sure which memory allocation should be used here (using wmem caused crash), but this revision can at least be easily backported to 1.10 where the bug was reported.
Also allow a single number to be used in the stats range since it's considered a valid "range" by the UAT.
svn path=/trunk/; revision=52679
2. Converted several add_protocol_subtree calls to add_tlv_subtree to get true filterability. Many of the add_protocol_subtree are effectively being (ab)used as proto_tree_add_text with different highlighting.
3. Convert tvb_new_subset into tvb_new_subset_length.
Still looks like some of the remaining "protocols" need more specific filters, and should just be regular FT_BYTES fields.
svn path=/trunk/; revision=52235
I want to follow up with some massive cleanup (remove PITEM_FINFO calls), but this with r52208 should be good enough to backport to 1.8 and 1.10 to fix bug 5349. Cleanup shouldn't need to be backported.
svn path=/trunk/; revision=52209
of the if (tree) tests in dissect_mac_header_generic_decoder(), as some
of the stuff done inside there should be done even if we're not building
a protocol tree, e.g. CRC stuff and calling subdissectors.
Get rid of a gratuitous pair of curly braces, and fix the indentation of
one line, while we're at it.
svn path=/trunk/; revision=52208
they're not being used, the compiler can be made to warn about that.
In this case, Broadcast_Control_Pointer_IE() was used because of a
missing case in a switch statement; put that case in.
svn path=/trunk/; revision=52204
1. Remove message type field from all MAC Management "sub"dissectors and place it in Mac Management subdissector itself. This may cause backwards-compatibility issues (malformed packets) with third-party subdissectors of the MAC Management dissector, but it didn't make sense to have so many filters for a single enumerated value, especially when the various "protocol" filters covers many of them.
2. Removed some if(tree) checks as column info and calling other dissectors are sometimes executed underneath. Some of this is in preparation for addressing bug 5349.
3. Make all dissector functions (and a few others) static, and use register_dissector() when necessary.
4. Convert generic decoder CRC errors into expert info, rather than have it be a "protocol" filter (it just looks funny that way)
In general, these dissectors seem "over-protocolized". I understand the need for all of the dissectors, but I don't know if they all need "protocol" status.
svn path=/trunk/; revision=52203
Have the makefiles do all the work setting up proto_register_<dissector> and proto_reg_handoff_<dissector>, rather than sprinkled throughout the dissectors with extern declarations.
More is coming to make more functions static (because of current makefile fixes) and cleanup MAC Management dissectors to remove unnecessary/duplicative code, but I wanted to get the build issues squared away.
svn path=/trunk/; revision=52167
NOTE: Some of the expert group values may need to be checked, PI_UNDECODED doesn't always seem like the right choice. I thought PI_PROTOCOL should be used more.
This concludes the conversion expert_add_info_format for all dissectors (where the function isn't commented or #defined out). Onto the "internal" (epan/lua) uses of the call.
svn path=/trunk/; revision=51841
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9036
Don't change the length *and* the offset when adjusting for the ethercat header,
just the offset is enough (the length is then right).
svn path=/trunk/; revision=51360
fragment or reassembled data, not a pointer to the data itself; instead
of having to construct a tvbuffs for the reassembled data, we can now
just use the existing tvbuff.
Spell out "fragment" and "fragmentation" in comments while we're at it.
svn path=/trunk/; revision=50584
just define WS_DLL_PUBLIC_NOEXTERN inside the ifdefs, and define
WS_DLL_PUBLIC as WS_DLL_PUBLIC_NOEXTERN followed by "extern".
Then rename WS_DLL_PUBLIC_NOEXTERN to WS_DLL_PUBLIC_DEF, to clarify that
it's what should be used for definitions; at least on Windows, you
*have* to use it when declaring arrays without a size, and, whilst you
might be able to use WS_DLL_PUBLIC for definitions of functions and
perhaps data definitions other than no-size arrays, it might be clearer
to rename WS_DLL_PUBLIC to WS_DLL_PUBLIC_DECL and use it only for
declarations.
svn path=/trunk/; revision=50334