Since Ie5e670b769eb0674950f3679ef511047641c2873 we no longer support
synchronous name resolution.
Change-Id: Icc65bd665bd610d89f894549e77608cfb5ef4c53
Reviewed-on: https://code.wireshark.org/review/15165
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I38c2b337bf276f6edc6b5d3f10e47ae81a1610b5
Reviewed-on: https://code.wireshark.org/review/15167
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The preference is disabled by default and saves a little
bit of memory for those that don't get process information
from IPFIX.
Change-Id: I4b6a106d156862a8d53bf2ad5ee88ea857637815
Reviewed-on: https://code.wireshark.org/review/15139
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
These file formats have 16-bit packet lengths, so, even with some extra
metadata added, the packet data length will never be bigger than
WTAP_MAX_PACKET_SIZE. (No, we won't ever reduce WTAP_MAX_PACKET_SIZE.)
Change-Id: I9e1b1d90971f91cc6e5d66d0aa93841445b2bc22
Reviewed-on: https://code.wireshark.org/review/15186
Reviewed-by: Guy Harris <guy@alum.mit.edu>
And note the cases where we don't have to check, as the length in the
file is 2 bytes long, and 65535 + the metadata length is <
WTAP_MAX_PACKET_SIZE.
Change-Id: I1e690eeee900b9aa7484dc0bd0c106dc38c77269
Reviewed-on: https://code.wireshark.org/review/15180
Reviewed-by: Guy Harris <guy@alum.mit.edu>
And use the actual packet length, rather than a fixed value, as the
buffer size we need for the packet.
Change-Id: I3af6724210a85b50610839d1bdf97fcf5a152b2f
Reviewed-on: https://code.wireshark.org/review/15179
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Treat the packet length as unsigned - it shouldn't be negative in the
file. If it is, that'll probably cause the sscanf to fail, so we'll
report the file as bad.
Check it against WTAP_MAX_PACKET_SIZE to make sure we don't try to
allocate a huge amount of memory, just as we do in other file readers.
Use the now-validated packet size as the length in
ws_buffer_assure_space(), so we are certain to have enough space, and
don't allocate too much space.
Merge the header and packet data parsing routines while we're at it.
Bug: 12396
Change-Id: I7f981f9cdcbea7ecdeb88bfff2f12d875de2244f
Reviewed-on: https://code.wireshark.org/review/15176
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Treat the packet length as unsigned - it shouldn't be negative in the
file. If it is, that'll probably cause the sscanf to fail, so we'll
report the file as bad.
Check it against WTAP_MAX_PACKET_SIZE to make sure we don't try to
allocate a huge amount of memory, just as we do in other file readers.
Use the now-validated packet size as the length in
ws_buffer_assure_space(), so we are certain to have enough space, and
don't allocate too much space.
Merge the header and packet data parsing routines while we're at it.
Bug: 12395
Change-Id: Ia70f33b71ff28451190fcf144c333fd1362646b2
Reviewed-on: https://code.wireshark.org/review/15172
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Qt 5.2 added QMenu::setAsDockMenu. Use it to add recent items to the
Wireshark dock menu.
Add QWinJumpList code which does something similar. Comment it out
because it does it slowly and not-quite-correctly.
Change-Id: I801b1037b998516eacab695f982d7d6e889bafb6
Reviewed-on: https://code.wireshark.org/review/15166
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Treat the packet length as unsigned - it shouldn't be negative in the
file. If it is, that'll probably cause the sscanf to fail, so we'll
report the file as bad.
Check it against WTAP_MAX_PACKET_SIZE to make sure we don't try to
allocate a huge amount of memory, just as we do in other file readers.
Use the now-validated packet size as the length in
ws_buffer_assure_space(), so we are certain to have enough space, and
don't allocate too much space.
Bug: 12394
Change-Id: Ifa023ce70f7a2697bf151009b035a6e6cf8d5d90
Reviewed-on: https://code.wireshark.org/review/15169
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That way they only need to be allocated if analysis is being done.
Inspired by https://www.wireshark.org/lists/wireshark-dev/201604/msg00218.html
Ping-Bug: 12367
Change-Id: I797e5b305133d85a2a89688109cc3a218d0a9e88
Reviewed-on: https://code.wireshark.org/review/15138
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Wireshark was failing to parse DOCSIS 3.1 BPKM Response (Auth Reply)
messages with a key length of 256 bytes, which is in the DOCSIS 3.1
specification located here:
http://www.cablelabs.com/specification/docsis-3-1-security-specification/
See Appendix I.4 "Authorization Reply"
Change-Id: Ic50eb4a2d637a7bc47385b7c0a96c830f7a920be
Reviewed-on: https://code.wireshark.org/review/15149
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make sure we replace a line using the same line endings.
Change-Id: I73b07a773bc39b05ba7a73b3c3c984a73c545a48
Reviewed-on: https://code.wireshark.org/review/15157
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Print our various version variables when we set versions.
Change-Id: I9212369c17f3d2a040e83900945eb57670d4992d
Reviewed-on: https://code.wireshark.org/review/15156
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Make sure we zero our PROCESS_INFORMATION struct before passing it to
CreateProcess.
Change-Id: Ib42320965bb7b2d37a9fc106d78ace02153e48d2
Reviewed-on: https://code.wireshark.org/review/15154
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
CreateProcess can modify its second (lpCommandLine) argument. Don't
pass it the output of utf_8to16.
Constify the return value of utf_8to16.
Change-Id: I0d4361396e90c88a4ab2a3f2f0e058230e897fdf
Reviewed-on: https://code.wireshark.org/review/15155
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Get rid of the printable-IP-address member of a sub_net_hashipv4; it's
not used.
Free hash buckets of those structures iteratively, not recursively.
Change-Id: I1ee8f46d3175a380e6a439fe71e7c06a0e939a3d
Reviewed-on: https://code.wireshark.org/review/15150
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Bug: 12374
Change-Id: I2df806c902b932d87e82f6f097f7acce814e5040
Reviewed-on: https://code.wireshark.org/review/15126
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add a #define USE_SYSTEM_LANGUAGE for the language string meaning "use
the system setting", and use that instead of hardcoding "system" in
various places.
If "language" is null, don't try to write it to the file with fprintf()
- on *most* systems, that prints "(null)", but on some systems, such as
Solaris, it *crashes*. Write USE_SYSTEM_LANGUAGE instead. Check for
"(null)" and treat it as meaning "use the system language".
Map "auto" to "use the system language" as well, for backwards
compatibility.
Change-Id: Iba9be540a5139e9cca8bddd0761ee4cbf0f79a49
Reviewed-on: https://code.wireshark.org/review/15147
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Force the display filter toolbar to update its layout when we recreate
our filter buttons. This ensures that we draw the overflow icon in
the right place.
Change-Id: Ibfb34b77d565e8db15bb2576249e0e3016993083
Reviewed-on: https://code.wireshark.org/review/15145
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
(Doing this for freedesktop.org-compliant systems requires adding a MIME type;
yes, I just made the application/x-micropross-mplog MIME type up.)
Change-Id: I11d8cc22571dd39984f8237d0ef995922bdfd15f
Reviewed-on: https://code.wireshark.org/review/15012
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Chances are they want to include the file extension in wiretap's list of
file extensions (for the File->Open dialog) as well as the various files
needed for integration with the various desktop environments that
Wireshark supports.
(I should have put this advice there years ago when creating the
freedesktop.org mime-package file.)
Add a comment to the mime-package file explaining its purpose, giving
a link to the specification, and talking about MIME types and the registration
thereof.
Change-Id: I60540bf88062b7a90653888534405f6aef4f657c
Reviewed-on: https://code.wireshark.org/review/15011
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Split OverlayScrollBar into parent and child scroll bar widgets. This
gives us two packet list scroll bars: a packet map, which draws and
operates on nearby packets and a normal scroll bar.
The packet map is drawn to the left of the child scroll bar. This gives
us more room to draw and doesn't obscure the scroll bar itself (which is
a problem on newer versions of Windows). When the user clicks on a
portion of the map, scroll to that part of the packet list.
Draw marked packet ticks over the normal scroll bar. Marked & ignored
are on the left, time references are on the right.
To do:
- Borrow more from packet fence and graph something (packet size? time
delta?)
Change-Id: Ie952fcbd98fd0e047200f2279cb63227feabf5b1
Reviewed-on: https://code.wireshark.org/review/15046
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
By default GtkToolbar shows overflow items in a menu. QToolBar shows
them in a bigger toolbar. This is a problem for users with lots of
display filter expressions because expanding the display filter toolbar
can make it very tall.
QToolBar can optionally overflow into a menu, but as noted in
https://bugreports.qt.io/browse/QTBUG-2472 there isn't a way do so
directly, e.g. with a setter. Force an overflow menu in the display
filter toolbar by adding a child QToolBar and adding filter expression
actions to it.
While we're here, set the minimum width of the display filter edit to
two-thirds of the width of the main window.
Change-Id: I49cd58397e087f1aa79b5bbce471f827e9804148
Reviewed-on: https://code.wireshark.org/review/15134
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This didn't fix the test failures.
This reverts commit e5f4c5c8a8.
Change-Id: I0cff5eff88d2b49806797cef83338dbbace42a4c
Reviewed-on: https://code.wireshark.org/review/15135
Reviewed-by: Gerald Combs <gerald@wireshark.org>
As the MSDN documentation says, "CreateProcess returns without waiting
for the new process to finish its initialization." Add an SP_INIT sync
pipe indicator on Windows and use it in dumpcap to signal to its parent
that it has started up.
Change-Id: I88a4c158871dbe2dd6eba13434e92c5d4b1c2e4b
Reviewed-on: https://code.wireshark.org/review/15132
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Bug: 12382
Change-Id: I52a4c78cd0d901b8c28106bf33627a3f956b5e48
Reviewed-on: https://code.wireshark.org/review/15133
Reviewed-by: Michael Mann <mmann78@netscape.net>
Some versions of rpmbuild fail this test. Use rpm instead.
Fixup for bbea6a1c9f.
Change-Id: I6068541d5944b08140ea7fc5efd13ad488dda1f3
Reviewed-on: https://code.wireshark.org/review/15131
Reviewed-by: João Valverde <j@v6e.pt>
The common case for this is using Decode As over the Modbus/TCP port preference. Here the port preference is used to determine request/response because the protocol itself doesn't have any indications (so Decode As can't be helpful). Looking into the packet itself can lead to too many false positives.
Bug: 10933
Change-Id: Ic6b4304f062f55ff273105edbb0d272c30e53506
Reviewed-on: https://code.wireshark.org/review/15127
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
In capture_step_stdin, print information about our test capture if we
fail.
Change-Id: I046f9d22b1bb2d52d96926f50379ab51e6279eb3
Reviewed-on: https://code.wireshark.org/review/15125
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add some verbosity to the stdin capture test. Hopefully this will shed
some light on the Windows 8 builder failures.
Change-Id: Ife2bbbaeed7a1e4a7ddd1c1f86322ba25d154f4c
Reviewed-on: https://code.wireshark.org/review/15122
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Explicitly pass /install to the Visual C++ redistributable installer. A
few people have reported issues with missing or incorrect redistributable
files after installing Wireshark but unfortunately haven't provided
much in the way of further detail. Is it possible that the installer
sometimes goes into /repair, /layout, or /uninstall modes?
Remove checks for old, unsupported compilers while we're here.
Change-Id: I4e24dbe562c8aeb6ce63ec98ea1601cba5256806
Reviewed-on: https://code.wireshark.org/review/15120
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Change-Id: Iae5c032e3d21a694845b89b285d61d45c6f8584f
Reviewed-on: https://code.wireshark.org/review/15105
Reviewed-by: Yang Luo <hsluoyz@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Jeff Morriss