which we're making a subset, so that if the parent tvbuff is marked as a
fragment, the child tvbuff will be marked as one as well.
svn path=/trunk/; revision=48953
[ 6%] Building C object epan/CMakeFiles/epan.dir/dissectors/packet-pw-fr.c.o
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-pw-fr.c: In function ‘dissect_pw_fr’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-pw-fr.c:81:4: error: typedef ‘packet_quality_e’ locally defined but not used [-Werror=unused-local-typedefs]
} packet_quality_e;
^
svn path=/trunk/; revision=48948
[ 5%] Building C object epan/CMakeFiles/epan.dir/dissectors/packet-dcerpc-rs_pgo.c.o
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-rs_pgo.c: In function ‘dissect_rs_pgo_query_t’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-rs_pgo.c:631:5: error: typedef ‘rs_pgo_query_t’ locally defined but not used [-Werror=unused-local-typedefs]
} rs_pgo_query_t;
^
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-rs_pgo.c: In function ‘dissect_rs_pgo_query_key_t’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-rs_pgo.c:845:5: error: typedef ‘rs_pgo_query_t’ locally defined but not used [-Werror=unused-local-typedefs]
} rs_pgo_query_t;
^
cc1: all warnings being treated as errors
make[2]: *** [epan/CMakeFiles/epan.dir/dissectors/packet-dcerpc-rs_pgo.c.o] Error 1
[ 5%] Building C object epan/CMakeFiles/epan.dir/dissectors/packet-pw-fr.c.o
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-pw-fr.c: In function ‘dissect_pw_fr’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-pw-fr.c:81:4: error: typedef ‘packet_quality_e’ locally defined but not used [-Werror=unused-local-typedefs]
} packet_quality_e;
^
svn path=/trunk/; revision=48947
as overflows in offsets, where the error presumably was that some field
size was so bogusly huge that it overflowed 32 bits; that's a malformed
packet even if the packet wasn't reassembled.
svn path=/trunk/; revision=48945
See Section 5.7 (Setting the AD Bit on Queries) of RFC 6840 (Clarifications and Implementation Notes for DNS Security (DNSSEC))
The semantics of the Authentic Data (AD) bit in the query were
previously undefined. Section 4.6 of [RFC4035] instructed resolvers
to always clear the AD bit when composing queries.
This document defines setting the AD bit in a query as a signal
indicating that the requester understands and is interested in the
value of the AD bit in the response. This allows a requester to
indicate that it understands the AD bit without also requesting
DNSSEC data via the DO bit.
svn path=/trunk/; revision=48942
haven't reassembled, we're probably moving sequentially through the
packet, which means that we'll run past the end of the fragment rather
than past the end of what would have been the reassembled packet had we
reassembled it.
I.e., there's little reason to care whether we're past the end of the
fragment but not past the end of the packet, or whether we're past the
end of the packet; in either case, we're past the end of the fragment,
and if somebody wants to know whether the packet is malformed by
stopping short of certain fields, they should enable reassembly.
So we get rid of the explicit fragment length in tvbuffs and, instead,
have a "this is a fragment" flag; if that flag is set, we throw
FragmentBoundsError rather than ReportedBoundsError if we run past the
end of the reported data.
(This also means we could flag the tvbuff even if we don't know how
large the reassembled packet will be, e.g. when doing IP reassembly.)
Replace tvb_new_subset_length_fragment() with tvb_new_subset_length()
and a new "set the "this is a fragment flag"" routine.
svn path=/trunk/; revision=48940
Major NFS dissector cleanup. Consistent naming, spacing, line wrapping,
variable initialization, ...
For full details see comment #18 of the bug.
svn path=/trunk/; revision=48934
"Cast scrolling values to gdoubles, not gfloats - GtkAdjustment have
always taken doubles that I've been able to find, and casting to floats
causes loss of precision and weird bugs when the values get enormous."
svn path=/trunk/; revision=48930
ENC_BIG_ENDIAN or ENC_LITTLE_ENDIAN.
Treat the AP PS Buffer State subfield of the QoS field the same way we
treat other subfields in the second byte of the QoS field - show it as
the upper 8 bits of the (shown as big-endian) QoS field. Fix a bitmap
while we're at it.
Show the channel map as an FT_NONE - it's a structure with two bytes.
svn path=/trunk/; revision=48924
first fragment of a non-reassembled packet, and we know the length the
packet would have if it were reassembled, this field holds the length of
the fragment, and the "reported length" field shows the length the
packet would have if it were reassembled, so going past the end of the
fragment but staying within the length of the reassembled packet can be
reported as "dissection would have worked if the packet had been
reassembled" rather than "the packet is too short, so it was probably
malformed".
Add a FragmentBoundsError exception, thrown in the "dissection would
have worked if the packet had been reassembled" case.
Add a new tvb_new_subset_length_fragment() routine to create a new
subset tvb with specified fragment and reported lengths. Use it in the
CLNP dissector.
Add some more sanity checks in the CLNP dissector.
svn path=/trunk/; revision=48917
trying to handle reassembly of packets with *differing* handshake length
values a bit better.
Make coding style a little more consistent.
svn path=/trunk/; revision=48916
data stream", only the first FIN segment is reported with the
reassembled packet.
Show the TCP fragment tree *before* processing the payload, so it's
shown even if processing the payload throws an exception.
svn path=/trunk/; revision=48915
data stream", only the first FIN segment is reported with the
reassembled packet.
Show the TCP fragment tree *before* processing the payload, so it's
shown even if processing the payload throws an exception.
svn path=/trunk/; revision=48914
we thrown an exception if the lengths are too long.
For UCS-2/UTF-16 strings, do an extra length check to avoid overflows,
but throw ReportedBoundsError if the check fails, so we report them the
same way we report other too-large length errors.
Just use proto_tree_add_item() to put UCS-2/UTF-16 strings (assumed to
be UTF-16, not UCS-2; is that correct?) into the protocol tree.
svn path=/trunk/; revision=48913
From Uli Heilmeier
The current version of the SMTP dissector expects a 'AUTH LOGIN' mechanism without checking the mechanism.
When some other mechanism (like NTLM or PLAIN) is in use the decoding is wrong. Furthermore it is expected that the username is in a seperate packet. When the username is in the AUTH line the password is shown as smtp.auth.username and the username is not decoded.
svn path=/trunk/; revision=48910
revisit this reassembly (in a multi-pass program such as Wireshark, or
TShark with -2), we'll throw the same error.
In fragment_set_tot_len(), allow the length to be set to a value that's
before the offset of existing fragments; we'll catch that later when the
reassembly completes. This lets us handle some problems with DTLS less
confusingly.
When adding frames to an already-completed reassembly, check for
fragments that overlap existing fragments or go past the end of the
reassembly, and report errors.
When completing a reassembly, make the buffer for the reassembled data
big enough to contain the specified data length for the reassembly, even
if that's less than the offset + length of the last fragment. Flag all
fragments that go past that length as "too long", and only copy out what
part of them fits, if any. That lets us flag the correct fragment or
fragments as being "too long".
When adding fragments, do some additional checks, even if we're not
doing the first pass through the packets, so errors that show up in the
first pass also show up on subsequent passes.
svn path=/trunk/; revision=48909
Evan Huus