This adds some custom logic to check if we were given
the obsolete 'console.log.level' setting from the CLI
arguments, that specified the log level using a bitmask
copied from GLib. If we find that map the bitmask to a
wslog log level.
In any case the option is not removed from the argv (unlike
other wslog arguments like --log-level, etc.).
Adds deprecation warning for 'console.log.level' printed to
the console.
Related to #17763.
This matches the original implementation and allows displaying
logs to the console, including debug information, when running
an extcap from the CLI for testing and development purposes.
This should make extcap logging bug-for-bug compatible with the
behavior before dc7f0b88bb.
Imitate the GLib logic for selecting the console output stream
according to the log level. Levels MESSAGE and above go to
stderr. INFO and below go to stdout, unless stderr is chosen
using ws_log_console_writer_set_use_stderr().
It turns out some old extcap code was subtly dependending
on this behavior.
Extcaps require a log file when invoked in child mode. It also has
a specific flag to enable debugging, other that the wslog options.
Fix the logging to:
1. Enable debug log level if --debug is used.
2. Do not emit messages to the stderr if debug is enabled.
This brings extcap logging to the same feature level it had before
wslog replaced GLib logging.
We should not replace chars that cannot be represented
in ASCII, to avoid mangling UTF-8. This assumes every
string is UTF-8, of course.
This only affects the display of the compiled filter.
Before:
Filter: http.user_agent == "João"
Constants:
00000 PUT_FVALUE "Jo\xc3\xa3o" <FT_STRING> -> reg#1
After:
Filter: http.user_agent == "João"
Constants:
00000 PUT_FVALUE "João" <FT_STRING> -> reg#1
Add @file markers for remaining non-dissector
files that contain functions exported with
WS_DLL_PUBLIC so that Doxygen will
generate documentation for them.
Move epan_memmem() and epan_strcasestr() to wsutil/str_util.
Rename to ws_memmem() and ws_strcasestr(). Add compile time
check for a system implementation and use that if available.
We invoke those functions using a wrapper to avoid exposing
_GNU_SOURCE outside of the implementation.
Convert the tm struct to nstime first, then apply the timezone
offset, because applying the offset to the hours and minutes fields
directly can require carrying or borrowing in base 24 and 60 arithmetic.
Don't blindly examine the fifth byte in the input string without testing
earlier bytes. Instead, process the year by hand before calling sscanf.
ISO 8601 times don't switch between Basic and Extended format in the
middle, so for the later possible buffer overflows just use the
previously determined format.
A number of protocols have IDs that can be reused that are used as
lookup keys. In most cases the frame number should be used as well
to differentiate repeat appearances of an ID. For response/request
matching, it is frequently useful to find the most recent frame number
(greatest value less than or equal to the current one) that contained
an ID.
We can achieve that by using a multimap that stores values with a given
ID in a tree keyed with the frame number. This works better than using
a map or a tree alone:
1) A map isn't ordered, so doesn't allow for less than or equal comparison.
2) Using a tree requires an ordering on all the ID components, and then
having to test all the components other than the frame number separately
for equality after retrieval.
Currently the multimap does not support inserting items without specifying
the tree key (and having the multimap generate a key), because the total
capacity of trees (including deleted nodes) is not tracked. If other use
cases are needed, this could be added later along with more generic
multimap support.
Use a multimap in ANSI MAP, ANSI TCAP, and GSM SMS, all of which need to
match lookup IDs that can be reused. Fix#7653.
Change our developer.gnome.org/glib URLs to
developer-old.gnome.org/glib. The official documentation for GLib
appears to be at https://docs.gtk.org/glib/, but it has a different
layout than the gnome.org content (and is surprisingly resistant to
exploration IMHO). We can switch to developer-old.gnome.org using a
simple substitution and it still seems to be updated, so do that for
now.
Instead of removing extra log information in the log handler
for the default log level, do it in the ws_message() macro.
This means ws_log_full() will work as expected.
Rename to ws_return_val_if_null() because the name needs to be more
generic to indicate it should be used to return any kind of value,
not just pointers.
Increase the log level to something more appropriate because failing
any of these checks is considered to be a programming error.
Add the faulty variable name to the output message.
Add the macro ws_return_val_if_zero() for completeness.
C:\Development\wireshark\wireshark\epan\ftypes\ftype-integer.c(448,47): warning C4267: 'function': conversion from 'size_t' to 'int', possible loss of data [C:\Development\wsbuild-msvc\epan\ftypes\ftypes.vcxproj]
C:\Development\wireshark\wireshark\epan\ftypes\ftype-integer.c(448,47): warning C4267: guint32_to_str_buf(fv->value.uinteger, buf, size); [C:\Development\wsbuild-msvc\epan\ftypes\ftypes.vcxproj]
C:\Development\wireshark\wireshark\epan\ftypes\ftype-integer.c(448,47): warning C4267: ^ [C:\Development\wsbuild-msvc\epan\ftypes\ftypes.vcxproj]
C:\Development\wireshark\wireshark\epan\ftypes\ftype-integer.c(793,31): warning C4267: 'function': conversion from 'size_t' to 'int', possible loss of data [C:\Development\wsbuild-msvc\epan\ftypes\ftypes.vcxproj]
C:\Development\wireshark\wireshark\epan\ftypes\ftype-integer.c(793,31): warning C4267: guint64_to_str_buf(val, buf, size); [C:\Development\wsbuild-msvc\epan\ftypes\ftypes.vcxproj]
C:\Development\wireshark\wireshark\epan\ftypes\ftype-integer.c(793,31): warning C4267: ^ [C:\Development\wsbuild-msvc\epan\ftypes\ftypes.vcxproj]
C:\Development\wireshark\wireshark\rawshark.c(1140,24): warning C4267: '=': conversion from 'size_t' to 'int', possible loss of data [C:\Development\wsbuild-msvc\rawshark.vcxproj]
C:\Development\wireshark\wireshark\rawshark.c(1140,24): warning C4267: fs_len = strlen(fs_buf); [C:\Development\wsbuild-msvc\rawshark.vcxproj]
C:\Development\wireshark\wireshark\rawshark.c(1140,24): warning C4267: ^ [C:\Development\wsbuild-msvc\rawshark.vcxproj]
Have these functions accept a zero max length to mean "display
the whole byte array". Change the max length parameter to receive a
number of bytes to print, not the length of the output character
string.
Adjust the macros bytes_to_str() and bytes_to_string_punct() to
produce the same output. Add more tests. Rename the functions to
bytes_to_str_maxlen() and bytes_to_str_punct_maxlen() because this is
an API break.
Matches is a special case that looks on the RHS and tries
to convert every unparsed value to a string, regardless
of the LHS type. This is not how types work in the display
filter. Require double-quotes to avoid ambiguity, because
matches doesn't follow normal Wireshark display filter
type rules. It doesn't need nor benefit from the flexibility
provided by unparsed strings in the syntax.
For matches the RHS is always a literal strings except
if the RHS is also a field name, then it complains of an
incompatible type. This is confusing. No type can be compatible
because no type rules are ever considered. Every unparsed value is
a text string except if it happens to coincide with a field
name it also requires double-quoting or it throws a syntax error,
just to be difficult. We could remove this odd quirk but requiring
double-quotes for regular expressions is a better, more elegant
fix.
Before:
Filter: tcp matches "udp"
Constants:
00000 PUT_PCRE udp -> reg#1
Instructions:
00000 READ_TREE tcp -> reg#0
00001 IF-FALSE-GOTO 3
00002 ANY_MATCHES reg#0 matches reg#1
00003 RETURN
Filter: tcp matches udp
Constants:
00000 PUT_PCRE udp -> reg#1
Instructions:
00000 READ_TREE tcp -> reg#0
00001 IF-FALSE-GOTO 3
00002 ANY_MATCHES reg#0 matches reg#1
00003 RETURN
Filter: tcp matches udp.srcport
dftest: tcp and udp.srcport are not of compatible types.
Filter: tcp matches udp.srcportt
Constants:
00000 PUT_PCRE udp.srcportt -> reg#1
Instructions:
00000 READ_TREE tcp -> reg#0
00001 IF-FALSE-GOTO 3
00002 ANY_MATCHES reg#0 matches reg#1
00003 RETURN
After:
Filter: tcp matches "udp"
Constants:
00000 PUT_PCRE udp -> reg#1
Instructions:
00000 READ_TREE tcp -> reg#0
00001 IF-FALSE-GOTO 3
00002 ANY_MATCHES reg#0 matches reg#1
00003 RETURN
Filter: tcp matches udp
dftest: "udp" was unexpected in this context.
Filter: tcp matches udp.srcport
dftest: "udp.srcport" was unexpected in this context.
Filter: tcp matches udp.srcportt
dftest: "udp.srcportt" was unexpected in this context.
The error message could still be improved.
Converting from freq to channel only needed the 6 GHz freq. range
to be added, however, converting from channel to freq. will require
the function ieee80211_chan_to_mhz to take a starting frequency as
there's overlap in the channel numbering between 2.4/5 GHz and 6 GHz
bands. This may not be possible in some cases, so for now the
function will continue to do the conversion based on the order
on which the freq. ranges are defined. Specifically, it will favor
2.4/5 GHz over 6 GHz.
Use wslog to output debug information. Being able to control
it at runtime is a big advantage.
We extend the syntax tree nodes with a method to return a
canonical string representation.
Add a routine to walk the tree and return an textual representation
for debugging purposes.
Profile files which is only used in Qt is not automatically registered
during startup and must be explicit registered.
Add profile_register_persconffile() to handle this registration.
This is more readable and the extra error checking is functionally
the same as the original upstream code too, that trigerred some
compiler warnings.
Add missing 'static' qualifier.
Add a test for 'ws_opterr'.
João Valverde