See the comment for details.
Change-Id: I0b1800dd884736e00201f09166c0d2bd6795b6c3
Reviewed-on: https://code.wireshark.org/review/1047
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This avoids using tvb_get_nstringz0(), and simplifies the check.
Change-Id: Ib33cf22bf79d4fac8896c25a8b879eeb6e506831
Reviewed-on: https://code.wireshark.org/review/1044
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I0310368319fe70782bd2c3b48e100292cd93d8c4
Reviewed-on: https://code.wireshark.org/review/1042
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Make the top-level item for a ServiceContext an item for the
ServiceContext as a while, and put the VSCID under it like other items,
rather than making the VSCID the top-level item.
Don't dissect the VSCID using the value_string field for the Object
Management Group's SCIDs; use that value_string field for the SCID if
the VSCID is 0 (meaning "Object Management Group"), and have no
value_string field for the VSCID otherwise (the interpretation of the
SCID depends on the value of the VSCID).
Dissect the encapsulation information even for unknown ServiceContexts.
If the ServiceContext's length is bigger than what it's supposed to be,
throw an exception if it's also bigger than the data available in the
packet; this squelches a run-time warning in that case.
Change-Id: I11cc62c2e32f4623dba2a551119b3146a7037e6d
Reviewed-on: https://code.wireshark.org/review/1038
Reviewed-by: Guy Harris <guy@alum.mit.edu>
trans_info is part of the conversation info
Change-Id: I3eafe893324d7d6d23c5475f6f7aa34b7520a6b8
Reviewed-on: https://code.wireshark.org/review/1018
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
these values are already part of usb_conv_info
Change-Id: I79f0c67c91f0f93ba2d52ef08875833eee5e9efd
Reviewed-on: https://code.wireshark.org/review/1017
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
We have epan/ipproto.h to define various IP protocol numbers; use that.
Change-Id: I1ec72028182125f7e11dc159791753ee26d35f12
Reviewed-on: https://code.wireshark.org/review/1027
Reviewed-by: Guy Harris <guy@alum.mit.edu>
And don't assume you can dereference the pointer nonetheless; that
doesn't work on SPARC, for example - you get an unaligned-access trap.
Instead, use pntoh32() to fetch IPv4 address values from the address
structures.
While we're at it, just use guint32 for those addresses; we don't need
in_addr_t.
Change-Id: I84e6c653fe33b1bc6e67d9097ce423b82f1eb0c8
Reviewed-on: https://code.wireshark.org/review/1024
Reviewed-by: Guy Harris <guy@alum.mit.edu>
They are 16-bit in the Windows header; make them that way everywhere, so
that we don't get "shortening 16 bits to 8 bits" warnings.
Change-Id: I18f4c4254f224d76a90f3e87bc2f28cba011b5a3
Reviewed-on: https://code.wireshark.org/review/1021
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ib2374df62daf0fc26fb02202d3a64e59b902a1e8
Reviewed-on: https://code.wireshark.org/review/1016
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Id3938253bbc63cc27823afa326b1997182e3943d
Reviewed-on: https://code.wireshark.org/review/1015
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I0d12586afb3723a0da9d24ab2a4b7aa2426b5512
Reviewed-on: https://code.wireshark.org/review/1014
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I67b83c07c591ef926e5eee94a5526479453d6955
Reviewed-on: https://code.wireshark.org/review/1013
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I091f35ecca8c1418e86ac41018beca705bb1fcd6
Reviewed-on: https://code.wireshark.org/review/1012
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Idd98825cbbc6bcc27823afac26b1997182e994cd
Reviewed-on: https://code.wireshark.org/review/1011
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Windows still needs the definition of in_addr_t
Change-Id: I43c417de8e8199cfa58b9d494be5e828f959f1a9
Reviewed-on: https://code.wireshark.org/review/1009
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Graham Bloice <graham.bloice@trihedral.com>
* Remove flag I and F (from old draft of draft-ietf-ospf-manet-or)
* Add flag AT (Authentication) from RFC6506 (RFC7166)
Closed-bug: 9941
Change-Id: If6e9c2aa3d2e437ac499253a3061579f344fe607
Reviewed-on: https://code.wireshark.org/review/1003
Reviewed-by: Anders Broman <a.broman58@gmail.com>
So don't pull in <netinet/in.h>. Also, avoid <sys/types.h> in
packet-dcom.c.
While we're at it, do *not* assume that pinfo->src or pinfo->dst are
IPv4 addresses.
Change-Id: I5fc8e859780a8d863aaf6e90a21a7039cabae0e6
Reviewed-on: https://code.wireshark.org/review/1006
Reviewed-by: Guy Harris <guy@alum.mit.edu>
What matter in these cases is the number of bytes on the wire; either
sizeof(guint8) = 1, sizeof(guint16) = 2, and sizeof(guint32) = 4, in
which case just using 1, 2, and 4 avoids "64-bit to 32-bit conversion"
warnings on LP64 and LLP64 environments, or they're not equal, in which
case using 1, 2, and 4 rather than the sizeof()s is correct.
Change-Id: I4f15c5fae51958c1aff17ff819a9878fa6bd1f54
Reviewed-on: https://code.wireshark.org/review/999
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Sample file with traffic is the same as for CAT021 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9953). Apply filter "asterix.category == 23" to see only CAT023 packets.
A small change in actual dissecting code was also needed because of strange item I023/101. The first FX bit is in the second byte and then grows only for a byte.
Change-Id: I3f80e6e46b642efc6f2e19e6f931cdef1c39495a
Reviewed-on: https://code.wireshark.org/review/993
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If8fcfe1971c8863f370e440f64c36eb7566f6852
Reviewed-on: https://code.wireshark.org/review/113
Reviewed-by: Michael Mann <mmann78@netscape.net>
This squelches some run-time dissector asserts.
Change-Id: I0ce33c4eb6e9c3bd371e47363a981e9a7a0dc789
Reviewed-on: https://code.wireshark.org/review/997
Reviewed-by: Guy Harris <guy@alum.mit.edu>
So get rid of the commented-out FT_UCS2_LE; that would be handled as an
FT_STRING, FT_UINT_STRING, or FT_STRINGZ with an encoding of
ENC_UCS_2|ENC_LITTLE_ENDIAN.
Change-Id: I828fc1ed49843a503ec70e6adaf6dadd256df407
Reviewed-on: https://code.wireshark.org/review/996
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This squelches a run-time warning.
Change-Id: I5b147530b7f9255c3564fe24b56e0ea3eab45852
Reviewed-on: https://code.wireshark.org/review/995
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For various string types defined in X.680, use the appropriate encoding,
or ENC_ASCII|ENC_NA in some cases where we don't have an appropriate
encoding yet.
This most significantly fixes the handling of BMPString and
UniversalString, which are supersets of ASCII (Unicode Basic
Multilingual Plane and Unicode, respectively), but don't encode ASCII
characters as single octets. It also fixes UTF8String to, well,
properly recognize UTF-8.
This also lets us get rid of the special handling of SyntaxBMPString in
X.509sat (and, in fact, *requires* us to get rid of it, as, otherwise,
the string value appears twice).
Change-Id: I325c4e71a6110278eb23b86e0d986e6439cfc328
Reviewed-on: https://code.wireshark.org/review/994
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For each graph you can set:
- Its visibility
- A name
- A display filter
- Color, from a fixed list
- Plot style: Line, Impulse, Bar, Stacked Bar, Dot, Square, Diamond
- Basic Y Axes (packets/s, bytes/s, bits/s)
- Computed Y Axes (SUM, MIN, AVG, MAX)
- Smoothing
You can pan and zoom using the mouse and keyboard. Clicking on a graph
selects the last packet for that interval. If all graphs have the same Y
axis a single label is shown, otherwise a legend is shown.
The time scale (X axis) can be toggled between relative seconds and the
time of day.
Graphs can be saved as PDF, PNG, BMP, and JPEG. Settings are "sticky"
via the io_graphs UAT.
To do:
- Minimize graph drawing delays.
- Figure out why smoothing differs from GTK+
- Everything else at the top of io_graph_dialog.cpp
- Fix empty resets.
A fair amount of code was copied from TCPStreamDialog. We might want to
subclass QCustomPlot and place the shared code there.
Move common syntax checking to SyntaxLineEdit.
Move some common code from ui/gtk/io_stat.c to ui/io_graph_item.[ch] and
use it in both GTK+ and Qt.
Make the io_graph_item_t array allocation in io_stat.c static. The
behavior should be identical and this gives us additional compile-time
checks.
Change-Id: I9a3d544469b7048f0761fdbf7bcf20f44ae76577
Reviewed-on: https://code.wireshark.org/review/435
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Gerald Combs <gerald@wireshark.org>
Given an SDP m= line such as this:
m=audio 29156 RTP/AVP 18 0
SDP will show a media format of G.729 (the 18) and then two G.711 entries: one
for the extra space between the 18 and 0, and one format for the 0. The latter
is correct, but the extra space one isn't.
Technically such an m= line is malformed, since only one space is allowed
between payload formats; but it's definitely not a format of 0.
A similar thing happens in many parts of SDP dissection code. It needs to issue
an expert error and handle it gracefully.
Change-Id: I1f1500489a13a55e03fc8ea14b37d99a019fc449
Reviewed-on: https://code.wireshark.org/review/989
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Increase the max Diameter message size to 65534 and reject messages whose
flags have both the E- and R-bits set.
Change-Id: Ib11701a47d23ff042a346d59c56f9f0f4410e6b7
Reviewed-on: https://code.wireshark.org/review/990
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: If043683f366fedd849688ca3c512707954221a3b
Reviewed-on: https://code.wireshark.org/review/984
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Guy Harris