It is fine to dissect and cache columns data during color dissection if
it won't evict already cached data. There is rather high probability of
using the column data because color information is dissected in order.
The personal extcap folder $XDG_CONFIG_DIR/wireshark on Linux is
inconsistent with the global extcap folder (lib/wireshark/extcap)
and personal plugins folder (.local/lib/wireshark/plugins) and also
the configuration folder should not contain architecture-specific files.
The extcap personal folder is changed from:
.config/wireshark/extcap
to:
.local/lib/wireshark/extcap
QItemSelectionModel tracks both the selected index and the
current index.
PacketList redraws when the *selected* index changes, not
the current index. Clearing the current index, and then marking
the same packet as selected and current fires currentChanged but
not selectionChanged. So drawCurrentPacket needs to call
clearSelection(), not clearCurrentIndex(), in order to trigger
a redissection of the currently selected packet and update
the packet details.
For example, if you mark or unmark the currently selected frame,
this causes the packet details to update. Cf 52955b9c43,
which fixed the same issue but for Find Packet.
Fix#14330.
Only TCP uses fragments, but we don't need to check FOLLOW_TCP
because the fragments pointers exist but are null if not being
used. See the similar code in epan/follow.c
Part of making it simpler for dissectors to register with Follow.
The websocket protocol masking feature makes follow TCP stream
on websocket traffic show masked payload. To easily view unmasked
and reassembled websocket payload add follow websocket stream
support.
Install documentation to DOCDIR instead of DATADIR.
The code must be fixed to open the Help URLs from
this new path.
This only affects Unix-like FHS platforms. Windows
installation does its own thing.
Needs testing with macOS packaging.
Return the percentage in the UNFORMATTED_DISPLAYDATA converted
from our string so it it compares properly with an equality filter.
Use QVariant comparisons where appropriate so that Filter by
works as expected with types that are not integers, such as doubles
the City/Country strings from GeoIP, or when absolute start time
is used for conversation starts.
Fix#18738.
Obtain the capture file read lock when computing protocol hierarchy
stats to prevent segfaulting if the file is closed.
The protocol hierarchy stats are always computed on all the packets
of the current file that pass the current filter, so don't let it run
until a read or rescan is complete.
Since the protocol hierarchy stats use the common progress bar,
these two changes keep it from hijacking the progress bar when a
rescan is in progress, which led to anomolies with the stop button
behavior and clearing the progress bar when the stats were done
(but not the temporarily paused rescan.)
Make the stop button actually stop the protocol hierarchy stats.
In the future, the protocol hierarchy stats could perhaps use
process_specified_records from file.c
Fix#18787. Fix#18788.
ElidedLabel escapes HTML after !9261, so use its own methods to make text
small and italicized instead of passing in rich text.
IOGraphDialog used to make an error message, if it existed, bold.
Perhaps ElidedLabel should have a way to have prepended bold
text for such usage.
Autoset "Limit to display filter" if a display filter is
present when the dialog is open, but do not re-enable it each
time the widget is updated, if the user has unchecked it.
[skip ci]
Fix#18461
QVariant canConvert<double>() does not test that a particular QVariant
value can be converted to a double, but only that at least some values
of that type can convert. (Just checking the type is much faster than
actually trying the conversion; this is why convert() has a boolean
output parameter as well.) It thus always returns TRUE for strings even
for strings that fail to convert, and is not by itself a useful test
when trying to sort unknown types.
Luckily, we don't need to test this anyway. Set the default data role used
for sorting to UNFORMATTED_DISPLAYDATA, so the parent QSortFilterProxyModel
will handle QVariants that are numbers appropriately. In particular,
this makes the GeoIP city and country column strings in the Endpoints
table sort correctly.
Fix#18749
When converting from our columns as displayed to the canonical
list of columns, add 1 for the missing conversation ID if it
is not present (as opposed to if it is present.) Also change the
test for the total packets to account for the new conversation ID
column.
Related to #18738
We want to return with failure when the number of entries in
the row we're trying to append is greater than the number of
columns, not less than the number of rows in the table.
The IO Graph is the only place that uses appendEntry, and this
allows adding IO Graphs past the tenth graph.
Fix#18762
Make the "ninja install" target in the MINGW64 shell work and
allow Wireshark to run from the msys2 installation, besides
the build directory.
To clarify the names used here MSYSTEM is the distribution with a
Linux-like environment for Windows. MINGW is the toolchain.
It is possible to use MinGW without MSYS2 and we generally select
the CMake variables WIN32/MSVC/MINGW/USE_MSYSTEM taking that into
consideration but that WIN32+MINGW platform is not supported at the
moment and it's unlikely to be supported in the near future.
Originally WS_DISABLE_DEBUG was chosen to be
similar to G_DISABLE_ASSERT and NDEBUG.
However generator expressions are essential for modern CMake
but the syntax is weird and having to use negations makes it
ten-fold worse.
Remove the negation. Instead of changing the CMake variable
reverse the macro definition for WS_DISABLE_DEBUG.
The $<CONFIG:cgs> generator expression with multiple config arguments
requires CMake >= 3.19 so we can't use that yet for a further
syntactical simplification.
Instead of connecting ColoringRulesDialog's buttonBox accepted()
signal to two different slots (once in the .ui file, and one
automatically from a name), accept the dialog only after writing
the colors.
This prevents starting to recolor the PacketList before the new color
list has been been written.
Fix#12475. Fix#15471.
The filterPackets method calls file.c/cf_filter_packets,
which calls rescan_packets, which sends signals when done that
eventually calls the PacketList::captureFileReadFinished
PacketList::captureFileReadFinished invalidates all the column
strings after the rescan may have updated their information
(e.g., delta time to previous displayed packet), so it is not
necessary to reset the column strings a second time explicitly
in filterPackets.
Commit 38cde83a5c added the reset
to filterPackets, but commit bbe5fc1028
added the invalidateAllColumnStrings to captureFileReadFinished
that made the prior commit unnecessary.
Introduce a preference for the number of rows whose column text can
be cached, and allow sorting of the packet list only when the
number of displayed rows can fit in the cache. This preference only has
an effect for sorting based on columns that require dissection and
caching the column text. This reduces the number of dissections from
O(N log N) to N. Subsequent sorts are even faster.
Columns based on frame data are unaffected, as they sort much faster
as dissection is not required.
Set the size of the QCache introduced in 8c6854fb65 based
on this preference.
Send a temporary status message to the status bar if we try to sort
but there are too many rows, explaining why sorting did not happen and
that the layout preferences can be changed.
Ping #18741
When dissectors register for Follow Stream, have them register a
function for finding the next valid sub stream id for a given
stream and substream id pair. This function is NULL if the dissector
does not use sub stream IDs.
Use this function in follow_stream_dialog to update the sub stream
id widget (and use the absence of the function to disable and hide
the widget.) Use this function in the CLI tap-follow to determine
whether to parse a sub stream id from the command line options.
This removes the dependencies on epan/dissectors from the Qt
follow_stream_dialog, and gets us closer to having dissectors
being able to register for Follow Stream without having to update
anything in the common source code.
Remove MINIMIZE_STRING_COPYING define because the code does not even
compile anymore. Do not cache strings when ensuring rows are colorized
to avoid thrashing cache. Store column data only for last 500 accessed
records to ensure there is upper bound for the cache size.
Fixes#18741
Similar to commit dbb9fe2a37, proto_item_fill_display_label
now uses address_to_display for FT_IPv4, FT_IPv6, and FT_FCWWN,
the other three address types that double as field types and which
have optional name resolution.
Add these to the list of types that, if present in a custom column,
has the GUI enable the checkbox to switch between "resolved" (names)
and not (values).
This allows adding custom columns with these field types with both
resolved and non resolved text. Note that the appropriate Name
Resolution preference settings must be enabled for the type as well.
Display it as a pathname in the native format (e.g., C:\this\is\wrong),
not as the path component of the URL supplied (e.g., /C/this/is/wrong).
Fixes some confusion that appeared in a comment in #15592 (but not the
underlying bug - fixing that bug should prevent that dialog from popping
up in the first place).
Have proto_item_fill_display_label (which is used for custom
columns resolved type and packet diagrams) use address_to_display
for FT_ETHER. This is resolved when name resolution for MAC
Addresses is enabled.
Add FT_ETHER to the list of types that, if present in a custom
column, has the GUI enable the checkbox to switch between "resolved"
and "unresolved" text.
This allows FT_ETHER custom columns to be displayed as either
resolved addresses or unresolved. (Note that to be displayed
as resolved, the column resolved option must be checked and
the name resolution preference enabled.)
Fix#18665
The shortcut for adding a new packet comment is not available
until the menu has first been shown, or a packet has been selected.
This is a bug, as it is not clear to the user, why the shortcut should
exist in one instance and not in the other. Therefore the shortcut is
always added.
It is not added in the .ui files, as this would trigger a new set of
translations.
Fixes#18673
Commit e1a8f0119e ("Extcap prefs: Editor remembers empty values")
inadvertently made the immutable checkbox visible next to uncheckable
multicheck items. Restore former behavior, that is display only labels
for uncheckable multicheck items, by setting unchecked state only for
checkable items.
Uncheckable items, since its introduction in commit 9c1225f735
("Modify multicheck to accept parent parameter."), were used to display
additional labels in USBPcap configuration options to aid user in
determining which individual device to filter on. Without the additional
information determining for example which "USB composite device" is of
interest to the user is really problematic.
Disable UTF-8 debug checks for release builds for optimization
purposes.
Also remove unused macro that currently lacks a proper use case.
Change version info to be more complete about the build type without
being too verbose.
This adds support to Wireshark for custom context menus for packets, so
that when a packet's context menu is opened (e.g., by right-clicking),
Wireshark can support doing things like "run a program" or
"open a URL" with a field from the packet as a parameter. Note that
this is similar to ArcSight's integration commands feature.
For example, it could be used like the following:
```
ROBTEX_URL = "https://www.robtex.com/dns-lookup/"
local function search_robtex(...)
local fields = {...};
for i, field in ipairs( fields ) do
if (field.name == 'http.host') then
browser_open_url(ROBTEX_URL .. field.value)
break
end
end
end
register_packet_menu("Search host in Robtex", search_robtex, "http.host");
```
Fixes issue #14998
As the QString::toLocal8Bit() documentation says,
"On Unix systems this is equivalen to toUtf8(), on Windows the systems
current code page is being used."
This is problematic for the Packet Comments dialog, since the comments
need to be UTF-8 as per the pcapng specification. Use toUtf8() instead
there and in the Import Text dialog.
Remove the toLocal8Bit() calls from the Extcap Options dialog since they
weren'nt needed.
Blind attempt at fixing #18698.
Currently the autocompletion engine always suggests a protocol
field completion, even in places where it isn't syntactically
valid.
Fix that by compiling the preamble to the token under the cursor
and checking the returned error. If it is DF_ERROR_UNEXPECTED_END
that indicates a field or literal value was expected. Otherwise
a field replacement is not valid in this position.
Fixes#12811.
Return an struct containing error information. This simplifies
the interface to more easily provide richer diagnostics in the future.
Add an error code besides a human-readable error string to allow
checking programmatically for errors in a robust manner. Currently
there is only a generic error code, it is expected to increase
in the future.
Move error location information to the struct. Change callers and
implementation to use the new interface.
qcustomplot.cpp:34001:37: warning: The left operand of '-' is a garbage value [core.UndefinedBinaryOperatorResult]
qcustomplot.cpp:34001:37: warning: The right operand of '-' is a garbage value [core.UndefinedBinaryOperatorResult]
(ported from commit a0328bdb03)
qcustomplot.cpp:26643:9: warning: 1st function call argument is an uninitialized value [core.CallAndMessage]
qcustomplot.cpp:27752:11: warning: 1st function call argument is an uninitialized value [core.CallAndMessage]
qcustomplot.cpp:27779:11: warning: 1st function call argument is an uninitialized value [core.CallAndMessage]
qcustomplot.cpp:34087:7: warning: 2nd function call argument is an uninitialized value [core.CallAndMessage]
(ported from commit 075ee9138a)
qcustomplot.cpp:22400:17: warning: The left operand of '>' is a garbage value [core.UndefinedBinaryOperatorResult]
qcustomplot.cpp:22400:17: warning: The right operand of '>' is a garbage value [core.UndefinedBinaryOperatorResult]
qcustomplot.cpp:35170:17: warning: The left operand of '>' is a garbage value [core.UndefinedBinaryOperatorResult]
qcustomplot.cpp:35170:17: warning: The right operand of '>' is a garbage value [core.UndefinedBinaryOperatorResult]
(ported from commit 6fd4188804)
Warning triggered using AppleClang 11.0.0.
/Users/buildslave/builds/UfJL1hoT/0/wireshark/wireshark/ui/qt/widgets/qcustomplot.cpp:16020:17: error: HTML tag 'tt' requires an end tag [-Werror,-Wdocumentation-html]
parameter as <tt>QVariant(\ref QCPDataSelection)</tt>. All plottables that weren't touched by \a
~^~~
1 error generated.
(ported from commit 6d2aea45e4)
(ported from commit 3903740534)
QCustomPlot's adaptive sampling decimates the data to be plotted based
on the screen resolution. Specifically, if many data points fit within
the same pixel on the X (key) axis, then QCustomPlot attempts to plot
only the min value, the max value, and a few values in-between to
maintain a good "density" on the Y (value) axis.
The density QCustomPlot wants is about one datapoint for every 4 pixels
covered by the value range of a single X (key) pixel. Unfortunately,
this calculation is flawed if all values also fit within a single pixel
on the Y (value) axis - so this change fixes that bug.
(cherry picked from commit 92e652ebfa)
Starting with Qt 5.10 (our earliest supported version),
Qt has a qsizetype (alias of ssize_t) that functions
like size() and indexOf() return. On clang that does not
have the same size as an int, so cast it away in a number
of places.
Rename flex macros using parenthesis (mostly a style issue):
DIAG_OFF_FLEX -> DIAG_OFF_FLEX()
DIAG_ON_FLEX -> DIAG_ON_FLEX()
Use the same kind of construct with lemon generated code using
DIAG_OFF_LEMON() and DIAG_ON_LEMON(). Use %include and %code
directives to enforce the desired order with generated code
in the middle in between pragmas.
Fix a clang-specific pragma to use DIAG_OFF_CLANG().
DIAG_OFF(unreachable-code) -> DIAG_OFF_CLANG(unreachable-code).
Apparently GCC is ignoring the -Wunreachable flag, that's why
it did not trigger an unknown pragma warning. From [1}:
The -Wunreachable-code has been removed, because it was unstable: it
relied on the optimizer, and so different versions of gcc would warn
about different code. The compiler still accepts and ignores the
command line option so that existing Makefiles are not broken. In some
future release the option will be removed entirely. - Ian
[1] https://gcc.gnu.org/legacy-ml/gcc-help/2011-05/msg00360.html
/Users/buildslave/builds/UfJL1hoT/0/wireshark/wireshark/ui/qt/widgets/qcustomplot.cpp:16020:17: error: HTML tag 'tt' requires an end tag [-Werror,-Wdocumentation-html]
parameter as <tt>QVariant(\ref QCPDataSelection)</tt>. All plottables that weren't touched by \a
~^~~
1 error generated.
On older Qt versions (5.12?) QVector needs to be included,
not just QObject. (It isn't needed on 5.15, possibly because
QVector is an alias for QList in newer Qt versions.)
When creating a ProtoNode, count the (non-hidden) children and put
them in a QVector. This saves time having to iterate through all
of a node's children (or the parent's children) each time the
model or view wants to get the row or index number. Create and
delete the needed ProtoNodes when the root node is changed, instead
of recreating them on demand from the proto_nodes (since they're no
longer a thin wrapper.)
Fix#18625
Add -Werror=unused-but-set-variable to our default compiler flags and fix
```
epan/dissectors/packet-dcerpc-frsrpc.c:709:10: error: variable 'nb_chunk' set but not used [-Werror,-Wunused-but-set-variable]
guint32 nb_chunk = 0;
^
```
```
epan/dissectors/packet-dcom-oxid.c:175:13: error: variable 'u32ItemIdx' set but not used [-Werror,-Wunused-but-set-variable]
guint32 u32ItemIdx;
^
```
```
epan/dissectors/packet-l2tp.c:1775:104: error: parameter 'ccid' set but not used [-Werror,-Wunused-but-set-parameter]
static int dissect_l2tp_ericsson_avps(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, guint32 ccid)
^
```
```
epan/dissectors/packet-ldp.c:1922:19: error: variable 'ix' set but not used [-Werror,-Wunused-but-set-variable]
guint8 ix;
^
```
```
epan/dissectors/packet-nas_5gs.c:4757:14: error: variable 'curr_len' set but not used [-Werror,-Wunused-but-set-variable]
guint i, curr_len;
^
```
```
epan/dissectors/packet-per.c:1769:6: error: variable 'extension_addition_entries' set but not used [-Werror,-Wunused-but-set-variable]
int extension_addition_entries;
^
```
```
epan/dissectors/packet-rtitcp.c:618:11: error: variable 'messages_count' set but not used [-Werror,-Wunused-but-set-variable]
guint messages_count, offset;
^
```
```
epan/dissectors/packet-tcp.c:2130:9: error: variable 'ackcount' set but not used [-Werror,-Wunused-but-set-variable]
int ackcount;
^
epan/dissectors/packet-tcp.c:3317:12: error: variable 'nbOptionsChanged' set but not used [-Werror,-Wunused-but-set-variable]
guint8 nbOptionsChanged = 0;
^
```
```
epan/dissectors/packet-zbee-zcl-se.c:11802:15: error: variable 'i' set but not used [-Werror,-Wunused-but-set-variable]
for (gint i = 0; tvb_reported_length_remaining(tvb, *offset) >= 5; i++) {
^
```
```
ui/iface_lists.c:142:23: error: variable 'linktype_count' set but not used [-Werror,-Wunused-but-set-variable]
gint linktype_count;
^
```
```
ui/voip_calls.c:456:15: error: variable 'item_num' set but not used [-Werror,-Wunused-but-set-variable]
guint item_num;
^
```
```
file.c:572:17: error: variable 'count' set but not used [-Werror,-Wunused-but-set-variable]
guint32 count = 0;
^
```
```
file.c:3667:24: warning: cast from 'const unsigned char *' to 'unsigned char *' drops const qualifier [-Wcast-qual]
pd = (guint8 *)ws_mempbrk_exec(pd, buf_end - pd, pattern, &c_char);
^
```
```
ui/qt/io_graph_dialog.cpp:1932:60: error: variable 'mavg_right' set but not used [-Werror,-Wunused-but-set-variable]
unsigned int mavg_in_average_count = 0, mavg_left = 0, mavg_right = 0;
^
```
```
ui/qt/stats_tree_dialog.cpp:166:9: error: variable 'node_count' set but not used [-Werror,-Wunused-but-set-variable]
int node_count = 0;
^
```
```
ui/qt/models/profile_model.cpp:1142:13: error: variable 'entryCount' set but not used [-Werror,-Wunused-but-set-variable]
int entryCount = 0;
^
```
Tomasz Moń