In the past, tvb_reported_length_remaining(), and thus
Tvb:reported_length_remaining(), may have returned -1 if the offset was
invalid. That's no longer the case; the former returns 0, and, as the
latter just returns the former's return value, that's true of the latter
as well.
It has a "reported length", which is the closes thing to an "actual
length", as it represents the length the packet, or subset thereof, had
on the network, and a "captured length", which is the amount of the
packet that the capture process saved.
In 99.999999999999999999999999999999% of all cases, a dissector should
look at the "reported length", not at the "captured length".
Rename the "len" method to "captured_len", leaving "len" around for
backwards compatibility.
Fix the documentation to reflect reality, to avoid issues such as #15655.
The length specified in a TvbRange is the *actual packet length*, not
the *sliced-to* length, so use tvb_new_subset_length() to cut it short.
This fixes the fix for #15655, and addresses at least some of the issues
in #17255.
This bug affects Lua plugin dissectors for encapsulation protocols like
GRE. Typically the dissector creates a range for the payload packet, then
calls the next dissector with a tvb derived from the range, using
TvbRange_tvb(). The original version calls
tvb_new_subset_length_caplen() using the remaining capture length for the
reported_len argument. The fix passes -1 as the reported length, and
tvb_new_subset_length_caplen() calculates the new reported_len as required.
The bug only affects large packets captured with a snaplen and
truncated, then decoded with a Lua plugin for the encapsulation header.
Here's the typical bug symptom, gleaned from tshark decode of
an encapsulated IP payload:
[Expert Info (Error/Protocol): IPv4 total length exceeds packet length (114 bytes)]
[IPv4 total length exceeds packet length (114 bytes)]
Closes#15655.
My initial fix caused several double-offset errors in TvbRange_raw()
because I was adjusting for the TvbRange's offset too early in the
process. The proper fix is to only adjust for it in the final call to
get the data.
I also simplified some of the bounds checks to be based on the values in
the TvbRange instead of calling `tvb_captured_length()` and the like,
because its bounds are already checked against the backing Tvb when it's
first taken.
Massively expanded the lua test suite to account for every combination
of passing offsets and lengths to a Tvb or TvbRange and to the
subsequent `:raw()` call.
Use lua_class_DissectorTable instead of lua_class_DissectorTables.
Use title case for each module.
Change-Id: Ie855022ee59a857c8ced7c3e6ba070ab494fa017
Reviewed-on: https://code.wireshark.org/review/36634
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Fields such as 'frame.time_delta' have no byte selection, they are added
with offset 0 and length 0, and evidently 'ws_tvb' is NULL. As
tvb_bytes_to_str expects a non-NULL tvb, explicitly check for this and
add a dummy placeholder. This is intended to be a human-readable string,
so prefer `<EMPTY>` over an empty string.
Change-Id: I32efe4cbefc6bcf0fa9fb94fcf25d7bf1628f3a7
Reviewed-on: https://code.wireshark.org/review/36440
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add 8-bit, 16-bit, 24-bit, and 32-bit "fetch signed value" routines, and
use them rather than casting the result of the 8/16/24/32-bit "fetch
unsigned value" routines to a signed type (which, BTW, isn't sufficient
for 24-bit values, so this appears to fix a bug
in epan/dissectors/packet-zbee-zcl.c).
Use numbers rather than sizeof()s in various tvb_get_ routines.
Change-Id: I0e48a57fac9f70fe42de815c3fa915f1592548bd
Reviewed-on: https://code.wireshark.org/review/26844
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move checking of encoding before allocating nstime.
Found by clang.
Change-Id: I3c1de5fae6fcf52393cc38302359f21f17808087
Reviewed-on: https://code.wireshark.org/review/25442
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This emphasizes that there is no such thing as *the* routine to
construct a subset tvbuff; you need to choose one of
tvb_new_subset_remaining() (if you want a new tvbuff that contains
everything past a certain point in an existing tvbuff),
tvb_new_subset_length() (if you want a subset that contains everything
past a certain point, for some number of bytes, in an existing tvbuff),
and tvb_new_subset_length_caplen() (for all other cases).
Many of the calls to tvb_new_subset_length_caplen() should really be
calling one of the other routines; that's the next step. (This also
makes it easier to find the calls that need fixing.)
Change-Id: Ieb3d676d8cda535451c119487d7cd3b559221f2b
Reviewed-on: https://code.wireshark.org/review/19597
Reviewed-by: Guy Harris <guy@alum.mit.edu>
* Added support for 3-byte integers in :int() and :le_int()
* Added support for 5, 6, and 7-byte integers in :int64() and :le_int64()
Change-Id: If9ab4ea806191bc63effe45a081b9c65693c2367
Signed-off-by: Franklin "Snaipe" Mathieu <snaipe@diacritic.io>
Reviewed-on: https://code.wireshark.org/review/18672
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
* Implement Tvb:ipv6()
* Handle FT_IPv6 protofields during insertion in the lua tree
* Implement Address.ipv6(hostname)
Change-Id: I585c392681b3aef02ed8ee956f74051d77fb28d4
Signed-off-by: Franklin "Snaipe" Mathieu <snaipe@diacritic.io>
Reviewed-on: https://code.wireshark.org/review/18442
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Improve example with better formatting, clarification comments and more
common variable names.
Extend make-wsluarm.pl to support arguments containing underscores.
Fixes the description of dissect_tcp_pdus.
Change TvbRange.tvb(tvb) into tvbrange:tvb() and ByteArray.tvb(name)
into bytearray:tvb(name), these are really instance methods.
Change-Id: I1e20ef46195dc6c06f9ac790d3432db283d21a5e
Reviewed-on: https://code.wireshark.org/review/18226
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reduce noise, no caller has used this parameter since its introduction.
Msotly automated regex search and replace.
Change-Id: I4b1180bfee8544b38d19c9c440ff5b9b0dc080b2
Reviewed-on: https://code.wireshark.org/review/14790
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Try to improve address API and also fix some constness warnings
by not overloading the 'data' pointer to store malloc'ed buffers
(use private pointer for that instead).
Second try, now passing test suite.
Change-Id: Idc101cd866b6d4f13500c9d59da5c7a38847fb7f
Reviewed-on: https://code.wireshark.org/review/13946
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
This reverts commit 13ec77a9fc.
This commit introduces a segmentation fault for Lua code (uncovered by the test suite).
Change-Id: Ibc273d1915cda9632697b9f138f0ae104d3fb65e
Reviewed-on: https://code.wireshark.org/review/13813
Reviewed-by: João Valverde <j@v6e.pt>
Try to improve 'address' API (to be easier/safer) and also avoid
some constness warnings by not overloading the 'data' pointer to
store malloc'ed buffers (use private pointer for that instead).
Change-Id: I7456516b12c67620ceadac447907c12f5905bd49
Reviewed-on: https://code.wireshark.org/review/13463
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Delay allocation of a GByteArray to avoid a memleak on errors.
Change-Id: I2b2ae6d33407500e81a4f45b86ef82720d3443a4
Reviewed-on: https://code.wireshark.org/review/13553
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Replace CMP_ADDRESS, COPY_ADDRESS, et al with their lower-case
equivalents in the asn1 and epan directories.
Change-Id: I4043b0931d4353d60cffbd829e30269eb8d08cf4
Reviewed-on: https://code.wireshark.org/review/11200
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
the range.
Previously the length was ignored and 8 bytes were always read.
The constraint on int64() and le_int64() becomes stricter to match int()'s ones:
the range must be 1, 2, 4 or 8 octets long.
Change-Id: Ic66798757564ac840c332b978effb418726a654c
Reviewed-on: https://code.wireshark.org/review/9622
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
The size of some of the wslua source files has grown large, and it's hard
to quickly find things. So split them up based on class name, as much as
seems reasonable. Also have the make-wsluarm.pl Perl script handle this.
Change-Id: Ib495ec5c2a4df90495c0a05504856288a0b09213
Reviewed-on: https://code.wireshark.org/review/9579
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Add Lua functions so a plugin can introspect field information, such
as the type of field, flags, tvb, etc. Also add a couple of Tvb and
ByteArray methods. And cleanup the TreeItem code a little.
Change-Id: I7b58ce589ace91cce14b8abccd01ceabb63e2653
Reviewed-on: https://code.wireshark.org/review/6500
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
The format of the API chapter was a bit screwed up, as was the
indentation level of attributes. Also, some functions introduced
in 1.11.3 were not documented as being since that version.
Change-Id: I7912488c6da5b5ae72933e4c5ce49f8fbf0b0e34
Reviewed-on: https://code.wireshark.org/review/6753
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Lua prior to 5.3 defined luaL_{check,opt}int() as macros wrapping
luaL_{check,opt}integer() with a cast to int; Lua 5.3 doesn't.
It sounds as if the Lua developers are deprecating luaL_{check,opt}int():
http://osdir.com/ml/general/2014-10/msg46568.html
Change-Id: I2d0b649dcd57ede124f31d39f7945f342ae9b18f
Reviewed-on: https://code.wireshark.org/review/6744
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
Change-Id: I79c613cbdd8dc939dd4c29ebc477fb6eefd5bfc4
Reviewed-on: https://code.wireshark.org/review/6371
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Changed all remaining code in wslua that was using emem, to use wmem or
simpler methods.
Bug: 9927
Change-Id: I3d19a770e0fd77d996bdb6b61a76a722cc2bcd55
Reviewed-on: https://code.wireshark.org/review/6109
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Remove deprecated functions from Lua API code: tvb_length and
tvb_length_remaining. The calls to proto_tree_add_text() are
left in, as I have no idea what to replace them with. The calls
to ep_* are being left in, as they're removed by change-id
I3d19a770e0fd77d996bdb6b61a76a722cc2bcd55.
Bug: 10822
Change-Id: Ib0686f90be1edc892d3ecf401b91eb7484540b3e
Reviewed-on: https://code.wireshark.org/review/6247
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move it to the Developer's Guide while we're here.
Nudge the markup in epan/wslua where needed. Note that we should
probably convert it to AsciiDoc (if we're going to keep it in the DG) or
Doxygen.
Change-Id: Ie175111043f98b7a37eeeb8d185a833d8e866f8b
Reviewed-on: https://code.wireshark.org/review/5203
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This commit adds tvb_get_string_bytes and proto_tree_add_bytes_item routines for
getting GByteArrays fields from the tvb when they are encoded in ASCII hex string form.
The proto_tree_add_bytes_item routine is also usable for normal
binary encoded byte arrays, and has the advantage of retrieving
the array values even if there's no proto tree.
It also exposes the routines to Lua, both so that a Lua script can take
advantage of this, but also so I can write a testsuite to test the functions.
Change-Id: I112a038653df6482a5d0ebe7c95708f207319e20
Reviewed-on: https://code.wireshark.org/review/1158
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit adds tvb_get_string_time and proto_tree_add_time_item routines for
getting nstime fields from the tvb when they are encoded in ASCII string form.
The proto_tree_add_time_item routine is also usable for normal
big/little-endian encoded time_t, and has the advantage of retrieving
the value even if there's no proto tree.
It also exposes the routines to Lua, both so that a Lua script can take
advantage of this, but also so I can write a testsuite to test the functions.
Change-Id: I955da10f68f2680e3da3a5be5ad8fdce7ed6808c
Reviewed-on: https://code.wireshark.org/review/1084
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This enhances the Lua API doc generator Perl script to handle
meta-information in description comments, such as bold, italics,
raw code, version info, etc.
The supported markup and codes are documented in make-wsluarm.pl.
It's not beautiful Perl code (I don't know Perl), and I'd rather
do it using Lua, but I think keeping it Perl makes more sense in
the long run.
Change-Id: I477b3ebe770075dcea9ec52708e2d6fb5758d2f4
Reviewed-on: https://code.wireshark.org/review/802
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This adds the ability for Lua scripts to register heuristic dissectors
for any protocol that has registered a heuristic dissector list, such
as UDP, TCP, and ~50 others. The Lua function can also establish a
conversation tied to its Proto dissector, to avoid having to check the
heuristics for the same flow. The example dissector in the testsuite
has also been enhanced to include a heuristic dissector, to verify
the functionality and provide an example implementation.
Change-Id: Ie232602779f43d3418fe8db09c61d5fc0b59597a
Reviewed-on: https://code.wireshark.org/review/576
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This fixes/addresses all the coverity warnings shown by
the buildbots. (I hope)
Change-Id: Ic2722df97c577d274e3cf3f0cbdca1902edde047
Reviewed-on: https://code.wireshark.org/review/423
Reviewed-by: Gerald Combs <gerald@wireshark.org>
There are some common things people need to do, such as convert to/from hex or get
the raw binary string in a ByteArray/Tvb/TvbRange. These have been added, as well
as some tests for them in the testsuites. Also, functions have been added to allow
a script to get all the available tap types and filter fields, since they are
not exactly what one can see in the Wireshark gui.
Change-Id: I92e5e4eae713bb90d79b0c024eaa4e55b99cc96b
Reviewed-on: https://code.wireshark.org/review/249
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Over time the various wslua classes/functions have gotten moldy, with different
ways of doing similar things. Some of it can't be changed without breaking
backwards compatibility for Lua scripts, so I didn't do that. But I did what
I could. The biggest change is a refactoring of how accessors/attributes
are handled in the code, so that most of them work the same way using the
same code.
Specific changes made:
* Added null/expired checking macro to class declarations for many classes
* Removed extraneous pointer/expired checking, since checkFoo() does that already
* Fixed "errors" reported by clang static analyzer; they were false positives, but it was easier to get it to stop complaining by changing the code
* Moved internal wslua functions from wslua_utils.c into a new 'wslua_internals.c' file
* Changed Listener/NSTime/Pinfo/Proto to use a common setter/getter accessor/attribute code model, instead of each of them doing their own
* Fixed some API doc mistakes, mostly around attributes that were documented as read-only but were actually read-write
Change-Id: Idddafc5fbd3545ebff29e063acc767e1c743a1a9
Reviewed-on: https://code.wireshark.org/review/271
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
Similar to bug 9725 and ProtoField.new(), the way the VALUESTRING argument is being checked
in the code for ProtoField.bool() ends up making it non-optional. This patch fixes that,
along with some minor API documentation fixes (text).
Change-Id: Iadb9a8ace9c5514fc623d882301fe16b637fe4ce
Reviewed-on: https://code.wireshark.org/review/125
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
usefulness, working around bug #9162 until Lua 5.3 is released.
The existing Int64 and UInt64 classes provide virtually no
usefullness, other than for creating a string of their value. While
one could then write Lua code to convert the string to Lua numbers and
such, ultimately Lua has no native 64-bit integer support, making such
a task difficult to handle in Lua. This change adds a host of
functions and operators to the existing Int64 (gint64) and UInt64
(guint64) classes, to enable true 64-bit integer support on par with
native Lua numbers.
A test script is also provided, which tests the functions/operators.
Change-Id: I4c5f8f5219b9a88198902283bd32ddf24c346bbe
Reviewed-on: https://code.wireshark.org/review/83
Tested-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Guy Harris