Don't just display every field that's not a STRING as a lump of hex
bytes; display them (and make them filterable) according to their data
type.
Change-Id: I5717c45bc970616ba9438277e1bcaae46c3cbdf8
Reviewed-on: https://code.wireshark.org/review/13669
Reviewed-by: Guy Harris <guy@alum.mit.edu>
De Morganize an expression.
Clear the selection at start. Selecting the first item (104apci) seems
to confuse people.
Change-Id: I8fcd1f068f1801042a2658940175b46bdfb2b462
Reviewed-on: https://code.wireshark.org/review/13647
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
the code in question deals with the scenario where the length field's
value is larger than the number of remaining bytes
we can simply stop the dissection if truncation of the data is expected
if not, we continue disecting and we'll get an exception when we reached
the end of the data...
Change-Id: I3f29df694d9ea7d41f19511d267ef6b785527e3c
Reviewed-on: https://code.wireshark.org/review/13624
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
into consideration.
This makes it possible to differentiate between packets on different
vlans and can be expanded to handle tunnels.
Change-Id: Id36e71028702d1ba4b6b3047e822e5a62056a1e2
Reviewed-on: https://code.wireshark.org/review/13637
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It adds string-type fields to the protocol tree and returns the value of
the string.
Add the new bitmask-adding routines to the Debian symbol list while
we're at it.
Change-Id: Idaeec44c9cd373588cadce85010f3eaf1f3febb5
Reviewed-on: https://code.wireshark.org/review/13657
Reviewed-by: Guy Harris <guy@alum.mit.edu>
In CMake and Autotools, warn the user when neither c-ares nor ADNS is
present. Note that we might want to make asynchronous DNS a requirement.
Change-Id: Ia9cce56cc2286cdc72303fc1410f899f9c320d84
Reviewed-on: https://code.wireshark.org/review/13080
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
(The routing token/cookie needs to be dissected better.)
Change-Id: I33464a846cda711aa430ba8f71dfe1959de3b7f9
Reviewed-on: https://code.wireshark.org/review/13651
Reviewed-by: Guy Harris <guy@alum.mit.edu>
packet-ositp.c is more complete and is what's used, so we don't need
packet-x224.c.
Change-Id: Id3409d7b2af0e4ecbc64c74bb6d1ed9ea8f31738
Reviewed-on: https://code.wireshark.org/review/13650
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add tables for heuristic dissectors, and add dissectors for the stuff
Microsoft puts there for RDP; they're violating the COTP spec, but I
guess they're stuck because they're using TP0, which doesn't support
user data.
While we're at it, add variants of proto_tree_add_bitmask() and
proto_tree_add_bitmask_flags() that return the bitmask, for use by
callers.
A side-effect of the change is that the proto_tree_add_bitmask routines
no longer treat the encoding as a Boolean, so we have to pass
ENC_LITTLE_ENDIAN or ENC_BIG_ENDIAN, not just some non-zero or zero
value. Do so.
Rename ositp_decode_CC() to ositp_decode_CR_CC(), to note that it
decodes both CR and CC PDUs.
Bug: 2626
Change-Id: If5fa2a6dfecd9eb99c1cb8104f2ebceccf1e57c2
Reviewed-on: https://code.wireshark.org/review/13648
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Valgrind reports leaks like these when spawning extcap processes (for
example when displaying or refreshing interface list with extcap
interfaces present):
3,917 (464 direct, 3,453 indirect) bytes in 29 blocks are definitely lost in loss record 58,301 of 58,638
at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0xA6D2610: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA6E822D: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA6B913B: g_error_new_valist (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA6B94ED: g_set_error (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA710B03: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA710E17: g_spawn_sync (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0x44C677: extcap_foreach (extcap.c:199)
by 0x44CCAD: extcap_interface_list (extcap.c:413)
by 0x72B548: capture_interface_list (capture_ifinfo.c:126)
by 0x7336FA: scan_local_interfaces (iface_lists.c:141)
by 0x55F01F: WiresharkApplication::refreshLocalInterfaces() (wireshark_application.cpp:898)
...
Change-Id: If8f750f5f8fa42a6f0884bb0e6bbbd71bd8f68aa
Reviewed-on: https://code.wireshark.org/review/13631
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: I3c55af73ba989080cf6dfe206d25a6d4923ac7f1
Reviewed-on: https://code.wireshark.org/review/13622
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also add check to has_configuration
Change-Id: Ia0ffbd3bf68ad51c26bc75b5ee179db179e22bd4
Reviewed-on: https://code.wireshark.org/review/13635
Reviewed-by: Roland Knall <rknall@gmail.com>
This patch creates the functionality of saving all parameters
for extcap devices in the general preference section.
For now, multiselect and fileselect do not save their values
but patches for this will be provided in the future
Also, all preferences are stored as strings to make handling
easier. This might change in the future, but for the first version
it will stick.
Restore to Defaults is not implemented as of yet, and will be
in a future version, once the preference storing is finalized
Bug: 11666
Change-Id: I178346405146d2e43f4f3481c05c92c0b3595af5
Reviewed-on: https://code.wireshark.org/review/13451
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Found by clang. Compiler warning:
warning: format specifies type 'void *' but the argument has type 'char *' [-Wformat-pedantic]
Change-Id: I7f370b06f98490cd6e363a9679a449420c8c8021
Reviewed-on: https://code.wireshark.org/review/13602
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Very weak form of heuristics has been added based on the FLAP id byte,
but disabled by default. Make it possible to use this protocol in the
RSA keys list dialog.
Bug: 11990
Change-Id: I61f24ae9679c738194393bed0d012d2a752171b2
Reviewed-on: https://code.wireshark.org/review/13195
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
From the comments in qlibrary_win.cpp:
// We make the following attempts at locating the library:
[ ... ]
// Windows
// if (absolute)
// fileName
// fileName + ".dll"
// else
// fileName + ".dll"
// fileName
We were passing "riched20.dll" to QLibrary, which meant that it searched
for "riched20.dll.dll" first.
Switch to ws_load_library, which we use elsewhere and which has much
safer default behavior.
Change-Id: Ic8f0cf5686c9b1856d37e76be4404d6236c076e5
Reviewed-on: https://code.wireshark.org/review/13607
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Clang's ASAN reported an ODR violation when plugins were loaded. Sure
enough, symbols did actually get loaded twice:
==5898==ERROR: AddressSanitizer: odr-violation (0x7fffd95a35e0):
[1] size=7 'version' plugins/mate/plugin.c:19:31
[2] size=6 'version' plugins/opcua/plugin.c:19:31
After this change, plugins cannot insert new symbols in the global
namespace.
Change-Id: Ib11f7263e9c586f8e7c1f8f5fb239b20d46ddd2f
Reviewed-on: https://code.wireshark.org/review/13260
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Found by clang's ccc-analyzer.
Change-Id: I04eaad73486a43a77c4f08cf519bbfe7d2d8c838
Reviewed-on: https://code.wireshark.org/review/13581
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If there are extcap interfaces present then each time the capture
interfaces list is displayed or refreshed a number of extcap related
allocations are leaked.
Valgrind reports leaks like these:
2,007 (144 direct, 1,863 indirect) bytes in 6 blocks are definitely lost in loss record 64,328 of 65,138
at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0xA6D2610: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA6E822D: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA6C94F3: g_list_append (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0x44C9AF: search_cb (extcap.c:451)
by 0x44C6FC: extcap_foreach (extcap.c:204)
by 0x44CDFF: extcap_get_if_configuration (extcap.c:473)
by 0x44CE3C: extcap_has_configuration (extcap.c:489)
by 0x654356: InterfaceTree::display() (interface_tree.cpp:199)
by 0x6547DF: InterfaceTree::getInterfaceList() (interface_tree.cpp:252)
by 0xBFCF2A5: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.2.1)
by 0x563F9A: WiresharkApplication::allSystemsGo() (wireshark_application.cpp:914)
by 0x4478D9: main (wireshark-qt.cpp:1373)
9,126 (432 direct, 8,694 indirect) bytes in 18 blocks are definitely lost in loss record 58,524 of 58,638
at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0xA6D2610: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA6E822D: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA6C94F3: g_list_append (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0x44C9AF: search_cb (extcap.c:451)
by 0x44C6FC: extcap_foreach (extcap.c:204)
by 0x44CDFF: extcap_get_if_configuration (extcap.c:473)
by 0x44CE3C: extcap_has_configuration (extcap.c:489)
by 0x654356: InterfaceTree::display() (interface_tree.cpp:199)
by 0xBFCF2A5: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.2.1)
by 0x4A3214: MainWindow::on_actionCaptureRefreshInterfaces_triggered() (main_window_slots.cpp:3605)
...
Change-Id: I9433b8e36813cbef9dca5ab08074e985793f4d0d
Reviewed-on: https://code.wireshark.org/review/13617
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
There is no padding in that case
Change-Id: Ib0ce37c4fea76435b4cedfbd7d3d72420e4860eb
Reviewed-on: https://code.wireshark.org/review/13618
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
CMake build is already using it.
Change-Id: Id0df316d41133bdb0483f3aa4c67d7a6b53aaf0c
Reviewed-on: https://code.wireshark.org/review/13616
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: I2aa1a2d0e20cca6c979d51135e7fe9ea7a084847
Reviewed-on: https://code.wireshark.org/review/13609
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ic23b26f87f38db0a40213ce7c954c8618dc966eb
Reviewed-on: https://code.wireshark.org/review/13610
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Separate the capture and display filter bookmark icons. Make the capture
icon green to match(-ish) the active capture icon. Tested on nice+new
and janky+old displays.
Change-Id: I6ed532c8a49da50fe2a7de3d8fbd0b1af7623b4a
Reviewed-on: https://code.wireshark.org/review/13612
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Just use the table - or an empty table if we're not including the
compressed file extensions.
Change-Id: I0b3ef3987e1986953f2957c27c84b2ee59b90bc0
Reviewed-on: https://code.wireshark.org/review/13611
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fix decoding of sendRoutingInfoForSM (SRISM)
application contexts version 1 and version 2.
Use a (slightly modified) version of the ASN.1 from
ETS 300 599: December 2000 (GSM 09.02 version 4.19.1), clause 14.7.6
which has LocationInfoWithLMSI that is incompatible with
application context version 3 in
3GPP TS 29.002 version 3.20.0 Release 1999, clause 17.7.6.
Bug: 9622
Ping-Bug: 9704
Change-Id: Icc9a0a1743a6eb4c907f4cab3fb2137db139ad74
Reviewed-on: https://code.wireshark.org/review/13572
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>