That way, we're not assuming that there's one, and only one, of each of
those options.
That also lets us not have to modify the options to replace linefeeds
with spaces - we just make a copy of the option string, do the
replacement, print the modified copy, and free the copy.
Change-Id: I6c51a0a5e70ac01b03b3657a8e2aef39fefcafa6
Reviewed-on: https://code.wireshark.org/review/15601
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Otherwise, if you've modified the file (added, removed, or changed
comments), and you try to close the file or quit, and answer "Save" to
the "save your work?" question, Wireshark tries to clean up the wmem
scopes, but the file scope hasn't been left, and wmem crashes with an
assertion error.
(The GTK+ version does the close, so it doesn't have the bug.)
Change-Id: Ie5942e415cfab1907e29b09926a62e2679aca6ee
Reviewed-on: https://code.wireshark.org/review/15598
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The second argument is a bool, so pass bool constants.
(The C integer constants presumably get coerced correctly, but we might
as well be clean.)
Change-Id: Ia170b443bb9933a8916d9dc25d7492fc8acf1f22
Reviewed-on: https://code.wireshark.org/review/15596
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The protocol list tree item used in a frame/file is near the bottom
of items under the frame/file tree. Move it a little farther down until
after the rest of the frame/record is dissected. This prevents the need
for proto_item_append_string (and its special handling)
Change-Id: Iea4eaac7675126ebad642b11fa86ad211f21ae26
Reviewed-on: https://code.wireshark.org/review/15589
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Clean up the next / previous logic a bit. If the selected item is out of
range, move it in-range.
Change-Id: Idd5f83e7f4ccf960500f261e1c2292da6cecab57
Reviewed-on: https://code.wireshark.org/review/15591
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Revert "Test: Make capture_step_stdin more verbose." and "Test: more
suite-capture debugging." Tests on the Windows 8.1 builder have been
passing since recommended OS updates were installed on the 24th.
This reverts commits 7f710ef2b5 and
f52c3c468a.
Change-Id: I7cf10a38ba001426baea5fc76a34610c3a26ced2
Reviewed-on: https://code.wireshark.org/review/15590
Reviewed-by: Gerald Combs <gerald@wireshark.org>
In GTK GUI, "NFS" shows up twice in the ONC-RPC Service Response Time
Programs list. That's probably confusing enough to users. In Qt
the "second" NFS wasn't showing up at all (or getting overwritten)
because it was hashing on program name.
Make NFS programs unique with a "stubbed" protocol.
Bug: 12478
Change-Id: Ic4ebdab8ba8b70e6026e1fb0f8e8defd4532b0f2
Reviewed-on: https://code.wireshark.org/review/15587
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
"if (boolean)" suffices to test for true, and "if (!boolean)" suffices
to test for false.
Most of the time, explicitly comparing against TRUE or FALSE is
harmless, although possibly slightly less efficient, as you're
explicitly testing against 1 rather than testing for "not zero".
*However*, if you want to test whether a given bit is set in a flags
field, "if ((flags & flagbit) == TRUE)" *DOES NOT WORK* unless "flagbit"
is equal to 1, because TRUE is equal to 1, and if "flagbit" is not equal
to 1, "flags & flagbit" will *NEVER* be equal to 1.
So comparing "== TRUE" is a bad habit to get into, as it might lead to
its use when doing bit testing.
While we're at it, clean up some other tests:
"if (!(x == FALSE))" really means "x is true", so write it as
such, i.e. "if (x)";
if (a && b)
do this;
if (a && !b)
do that;
reads better as
if (a) {
if (b)
do this
else
do that
}
when doing bit testing, there's no need to shift the bit, just
test it (and, no, that doesn't conflict with the bit about TRUE
being 1 - *just test the bit*, it's the standard C idiom).
Fixes CID 1362119.
Change-Id: I011154caae45307796ffd270d265c05a2533b1db
Reviewed-on: https://code.wireshark.org/review/15585
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Bug:12415
Change-Id: I457bda34b089f95525192ed4cdce0d4fe8883fd7
Reviewed-on: https://code.wireshark.org/review/15305
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
SMB Nt Transact Create can have an extended response like
SMB Nt Create, as described in MS-SMB 2.2.7.1.2
Bug: 12477
Change-Id: Id1d7b96a1eb336b8c45bcb9af7b7d1b9b42c662a
Reviewed-on: https://code.wireshark.org/review/15577
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The file system type string can be decoded in either the
three word seven word formats. While I'm here, comment
the various formats an simplify a bit.
Bug: 12479
Change-Id: Ie5554068bef9d9c916c6c9862da00529639863b3
Reviewed-on: https://code.wireshark.org/review/15580
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The SMB2 ioctl FSCTL_SRV_ENUMERATE_SNAPSHOTS is currently
presented as FSCTL_GET_SHADOW_COPY_DATA (incorrect).
Bug: 11405
Change-Id: I7f025d1cf219c583666f4e6faedfc7adc3fbf14b
Reviewed-on: https://code.wireshark.org/review/15582
Reviewed-by: Anders Broman <a.broman58@gmail.com>
SMB2 Notify needs to treat STATUS_NOTIFY_ENUM_DIR the same as success.
MS-SMB2 3.3.4.4 mentions this.
Bug: 12128
Change-Id: I3fea5f958449a469ccf66ea637db2d0db236c464
Reviewed-on: https://code.wireshark.org/review/15584
Reviewed-by: Anders Broman <a.broman58@gmail.com>
These calls to proto_item_append_string were not taking into account all
of the special treatment needed to use it, so proto_item_append_text
(or similar) was probably intended.
Change-Id: I5d1f092f8162a87d30fc8dc694f6124dc81372b5
Reviewed-on: https://code.wireshark.org/review/15575
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The write functionality was too PCAPNG-specific and the intention is to
keep the option blocks as generic as possible.
So moved the write functionality back to pcapng.c and added a
wtap_opttype API to loop through all options in the block
(wtap_optionblock_foreach_option)
Change-Id: Iaf49126a1a3e2ed60ae02c52878ca22671dac335
Reviewed-on: https://code.wireshark.org/review/15525
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
New implemented functions for profinet plug-in to read cyclic RTC1 data
frames more detailed and further to dissect PROFIsafe on PROFINET frames.
New functions include:
- Reading the PROFINET "Ident OK" Frame for detailed module information,
as ModuleIdentNr., SubModuleIdentNr., etc. total dynamically
- Improved the existing dissection of fParameter with usage of GSDML-files,
as the indexnumber for those parameters can change
- Reading a GSDML-file for further module-information, such as PROFIsafe
Module, etc.
- Aded new pnio protocol preferences, in which the user can define its own
network path to his GSDML-files, so that Wireshark is able to read those
files for detailed information output.
- Added new filter functions for PROFINET and PROFIsafe
- All gained and saved information will be used to dissect the cyclic
PROFINET frames
Bug: 12216
Change-Id: I379da1d349fa099047953042f1aa30450bee5b30
Reviewed-on: https://code.wireshark.org/review/14119
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Birol Capa <birol.capa@siemens.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 12473
Change-Id: Id513a89c5674e7288c7e0b12a06076eec18ff830
Reviewed-on: https://code.wireshark.org/review/15568
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 12472
Change-Id: I94740078631e96980f14ade5df8ae9694c9d73b1
Reviewed-on: https://code.wireshark.org/review/15565
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add next (N) and previous (P) keyboard shortcuts. The GTK+ UI uses the
down and up keys, but we're already using those for panning the Y axis.
Add a scroll margin when using N and P.
Add mouse wheel and trackpad support.
Disable mouse dragging for now until we figure out how to limit it to
our axis boundaries.
Ping-Bug: 12419
Change-Id: I292319928db365206277bf2bb3e42e14ef811ff0
Reviewed-on: https://code.wireshark.org/review/15559
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
packet-wsp.c hasn't used proto_tree_append_string() since
Ic5467289aae7d54e78c1fd65f93358387d6139aa. Use packet-frame as the example
instead.
Change-Id: I69fb10679ec1685a61aac182414e596b345153fd
Reviewed-on: https://code.wireshark.org/review/15563
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Prior to this change all JXTA-over-UDP frames throw an exception after setting
COL_PROTOCOL.
The offset used when adding the protocol to the tree had already been
incremented to point to the end of the TVB; use tree_offset (which is the
current offset) instead.
This code has been here since r17282 (2006) so presumably the change is that
proto_tree_add_protocol_format() started throwing an exception when offset
points to the end of the TVB sometime between then and now.
Change-Id: Iadbcada29cd235e8abe5662b825a2d97ff6f7308
Reviewed-on: https://code.wireshark.org/review/15560
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Escape HTML markup before showing hint text. Otherwise things like SIP
addresses won't be displayed correctly.
Change-Id: I5ceae978af0ff9e253dae4d3ec8ad9da20948de0
Reviewed-on: https://code.wireshark.org/review/15561
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add "Time" and "Comment" labels to the sequence diagram similar to the
GTK+ UI. Draw a border around the diagram as well.
Widen the default spacing and set it to a simple em-width multiple.
Fix our port number alignment.
Copy over the sequence diagram colors from the GTK+ UI and add them to
ColorUtils. Color sequences according to their respective conversation
numbers.
To do:
- Add zoom.
Ping-Bug: 12419
Change-Id: I3f9b4ffbfcc34aae1c38e303cd36ff207be247b1
Reviewed-on: https://code.wireshark.org/review/15554
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: If7eb246909abad2eeb9979cf14509a7d697dfd81
Reviewed-on: https://code.wireshark.org/review/15545
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Change-Id: I16a81cacef2b576f634a6726fa1620a0e6660e76
Reviewed-on: https://code.wireshark.org/review/15533
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Adam Goldman <adam.goldman@intel.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If we don't, Save As will always fail.
(I broke this in 6a992182ce)
Change-Id: I4abfe495af3aee470331ae5464acbd7d08028bf0
Reviewed-on: https://code.wireshark.org/review/15547
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
No need for obtuse math and lots of casting.
Change-Id: I41bf7dd98700b1b58eae93d36bb55e2e7017b506
Reviewed-on: https://code.wireshark.org/review/15532
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Exit early if there is no color rule before setting the parent menu enabled/disabled.
Bug: 12458
Change-Id: I37dc093681d3dc28afb60df7fd45e49ab804b2a1
Reviewed-on: https://code.wireshark.org/review/15538
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This will stop dissection of Bundle packets, but more importantly
prevents assertion in TCP dissector when trying to reassemble
the packets as TCPCL/Bundle.
Bug: 11395
Bug: 12462
Change-Id: I3a2ccd5e02022dfe03bc93d81bfbd3f2d3bcd8aa
Reviewed-on: https://code.wireshark.org/review/15537
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A pointer to a EAPOL_RSN_KEY is set on the packet presuming the
whole EAPOL_RSN_KEY is there. That's not always the case for
fuzzed/malicious captures.
Bug: 11585
Change-Id: Ib94b8aceef444c7820e43b969596efdb8dbecccd
Reviewed-on: https://code.wireshark.org/review/15540
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Single UNIX Spec says AF_INET and AF_INET6 are defined by
<sys/socket.h>, which means you *should* include it if you want those
defines, and it doesn't look as if DragonFly BSD's <netinet/in.h>
includes it.
Do the includes in the order in whcih dumpcap does them.
Change-Id: I2ee611fc08a5487d5b8ed48396aa2a49447c881a
Reviewed-on: https://code.wireshark.org/review/15542
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We use structures from it, and must not depend on <arpa/inet.h> or
<ifaddrs.h> to include it for us, as that doesn't necessarily happen on
all platforms (it doesn't happen on DragonFly BSD, for example).
Change-Id: Id0e6cc406b774efb076bb8e04827fdb7d502be16
Reviewed-on: https://code.wireshark.org/review/15541
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also add a length parameter to wtap_optionblock_set_option_string
Change-Id: I8c7bbc48aa96b5c2a91ab9a17980928d6894f1ee
Reviewed-on: https://code.wireshark.org/review/15505
Reviewed-by: Anthony Coddington <anthony.coddington@endace.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
When the user clicks Save As in the Follow Stream window, check that the
selected target file can be opened for writing. Bring up a warning box
if the file is not writable.
Change-Id: I76e67b064377dd432d3b14592f5096b99d9968c0
Reviewed-on: https://code.wireshark.org/review/15536
Reviewed-by: Michael Mann <mmann78@netscape.net>
It seems that the casts are required on OS X.
This reverts commit d8ef04c891.
Change-Id: I9644555552a6daab93334073a4fcf4f3f2522b59
Reviewed-on: https://code.wireshark.org/review/15539
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
sizeof() returns a size_t, which is unsigned
when we assign the result of sizeof() to an unsigned lvalue like a
guint, there's no point in casting to int
Change-Id: I9644c72a22a6dadb9ecd4073a4fcbd1c93517b59
Reviewed-on: https://code.wireshark.org/review/15531
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Guy Harris