packet-thrift.c:99: warning: declaration of 'tvb_captured_length' shadows a global declaration
packet-thrift.c:114: warning: declaration of 'tvb_captured_length' shadows a global declaration
packet-thrift.c:138: warning: declaration of 'tvb_captured_length' shadows a global declaration
packet-thrift.c:166: warning: declaration of 'tvb_captured_length' shadows a global declaration
Change-Id: I0ce4fc0bf6470f1b3a89de599346c1efe8bb93cf
Reviewed-on: https://code.wireshark.org/review/8308
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Need to have packet-gias.c in the DIRTY_CORBA_IDL_DISSECTOR_SRC grouping to work around the warnings still generated.
Change-Id: I08ea1f7d90577cc112b85e7fc00171827f58d6d2
Reviewed-on: https://code.wireshark.org/review/8266
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Unfortunately it prevents compilation with GCC. I'll just use "cmake -DDISABLE_WERROR=ON" on the affected machine for now.
This reverts commit cdaad86072.
Change-Id: I54c0e7882e42dd39b81c90c761e4aaec6d757bd1
Reviewed-on: https://code.wireshark.org/review/8297
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I40b1ff8ffca3c0e1cafb79af4ed5df26eda7182b
Reviewed-on: https://code.wireshark.org/review/8212
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The fix for GCC 5's -Wlogical-not-parentheses d7b2327 triggers
-Wparentheses-equality in clang. Try to work around the issue with
diagnostic suppression.
Change-Id: I5eea1d3e76f6d2aa14a2595cd4455dcd2818f6a1
Reviewed-on: https://code.wireshark.org/review/8295
Reviewed-by: Gerald Combs <gerald@wireshark.org>
wrap long lines, remove a trailing space
Change-Id: Ie9cd268ffbc6d021a3f90f3644dc8665daa8e5ca
Reviewed-on: https://code.wireshark.org/review/8292
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Also, set decoded to TRUE after we return from a dissector; that makes
it a bit clearer when we're setting it.
Change-Id: Ief3e999c72954e08d4608b15b49921da294807c1
Reviewed-on: https://code.wireshark.org/review/8284
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This adds limited support for heuristic subdissectors with IPv6.
The initial motivation is STT but it should transparently work
for other protocols using IP heuristic dissectors in a manner
similar to the non-heuristic dissectors.
The limitation is in regards to IPv6 extension headers. IPv6 has
multiple checks against the next protocol table when determining
when the protocol is an unknown extension header or not. This
assumes that the check is cheap and has no side effects, neither
of which is true for heuristic dissectors. As a compromise, this
assumes that the next protocol is registered as protocol, even
if is not the one that is ultimately dissected. Although not
strictly correct, in practice this is true for existing protocols
and likely future ones because the heuristic dissectors are
overriding non-heuristic ones.
Change-Id: Iff8cfc148ced5ca16191cc2b1879ad87e38d23cd
Reviewed-on: https://code.wireshark.org/review/8197
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: I727132effdb17138c35b0f3282f2f7b3dddb05b4
Reviewed-on: https://code.wireshark.org/review/8278
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Check the captured length as well as the reported length, as is done in
other checksumming code paths.
Change-Id: I55371d99a28ffd1325e7266037cced580077d80b
Reviewed-on: https://code.wireshark.org/review/8272
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't bother doing the checksum, as we don't know how much to checksum;
don't assume setting pim_length to 0 will force it not to be
checksummed, as it doesn't; and don't test twice for a version != 2.
Change-Id: I1c2ed3ecf1572aef6c5af140c410f9cdd0e9c3a6
Reviewed-on: https://code.wireshark.org/review/8271
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Just reuse the result we got from an earlier call.
Change-Id: Icb4617d731d9e3f152ce762f56a1c32567cbde4a
Reviewed-on: https://code.wireshark.org/review/8270
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Update a URL, and tell The Story About PIM, or, at least, about various
drafts floating around. I guess it took a while for the protocol to
settle down, and a number of things changed significantly between early
drafts and RFC 2117, including whether the protocol runs atop IGMP or
directly atop IP.
There doesn't appear to be *any* draft that corresponds to what
dissect_pimv1() dissects; all have significant differences.
Change-Id: Ia9c80cc384546b0a822a59fef01c1476f95ad8a6
Reviewed-on: https://code.wireshark.org/review/8269
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit 3ca9318d82.
Mac OS X buildbot are not happy
packet-gias.c:356: warning: 'hf_UCO_InvalidInputParameter_details' defined but not used
packet-gias.c:359: warning: 'hf_UCO_ProcessingFault_details' defined but not used
packet-gias.c:360: warning: 'hf_UCO_SystemFault_details' defined but not used
packet-gias.c:5275: warning: 'decode_UCO_Ratio_st' defined but not used
packet-gias.c:5303: warning: 'decode_UCO_DirectAccessLocation_st' defined but not used
packet-gias.c:5588: warning: 'decode_UCO_Coordinate3d_st' defined but not used
packet-gias.c:5612: warning: 'decode_UCO_Circle_st' defined but not used
packet-gias.c:5625: warning: 'decode_UCO_Ellipse_st' defined but not used
packet-gias.c:5656: warning: 'decode_UCO_SimpleGSImage_st' defined but not used
packet-gias.c:5671: warning: 'decode_UCO_SimpleCImage_st' defined but not used
packet-gias.c:5694: warning: 'decode_UCO_CompressedImage_st' defined but not used
packet-gias.c:5836: warning: 'decode_GIAS_ImageSpec_st' defined but not used
Change-Id: Iee076c00eb4e48571a99f6b854b7e3e52983c2f8
Reviewed-on: https://code.wireshark.org/review/8265
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I11beada78d2f2b4359d3638cdbcb6f43623fd10c
Reviewed-on: https://code.wireshark.org/review/8262
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Should fix the following runtime error reported by Joerg:
../../asn1/c1222/packet-c1222-template.c:1427:3: runtime error: null pointer passed as argument 1, which is declared to never be null
../../asn1/c1222/packet-c1222-template.c:1427:3: runtime error: null pointer passed as argument 2, which is declared to never be null
Change-Id: I2f952815ed81e47b504e6479835a357b7656828e
Reviewed-on: https://code.wireshark.org/review/8251
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Shift 1U instead, to make sure it's unsigned; the result of, for
example, the result of shifting a signed value left is undefined if the
value times 2^{shift count} doesn't fit in the *signed* type of the
shifted value. That means, in particular, that the result of shifting 1
left by {number of bits in an int - 1} is undefined. (In *practice*,
it'll probably be -2^32, with the bit you want set, but that's not
guaranteed, and GCC 5.1 seems not to like it.)
Make some other left-hand operands of <<, and some variables holding
results from shifts of that sort, unsigned, while we're at it.
Change-Id: Ie72a9d0d518f59b35948267d10c80735d162e8bb
Reviewed-on: https://code.wireshark.org/review/8264
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Iab2559c2bac5550987c108c6e917506fcec525e9
Reviewed-on: https://code.wireshark.org/review/8221
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Shift 1U instead, to make sure it's unsigned; the result of, for
example, the result of shifting a signed value left is undefined if the
value times 2^{shift count} doesn't fit in the *signed* type of the
shifted value. That means, in particular, that the result of shifting 1
left by {number of bits in an int - 1} is undefined. (In *practice*,
it'll probably be -2^32, with the bit you want set, but that's not
guaranteed, and GCC 5.1 seems not to like it.)
This fixes the *other* generator for the X11 header files; we manually
fix the file in question, because life's too short to spend very much of
it trying to debug Perl issues that cause a
Can't use string ("1") as a HASH ref while "strict refs" in use at
../../tools/process-x11-xcb.pl line 675.
at ../../tools/process-x11-xcb.pl line 1859
at ../../tools/process-x11-xcb.pl line 1859
failure.
Change-Id: I3dd46025b2ae461e63034b36ab11cdbc9380b696
Reviewed-on: https://code.wireshark.org/review/8263
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Shift 1U instead, to make sure it's unsigned; the result of, for
example, the result of shifting a signed value left is undefined if the
value times 2^{shift count} doesn't fit in the *signed* type of the
shifted value. That means, in particular, that the result of shifting 1
left by {number of bits in an int - 1} is undefined. (In *practice*,
it'll probably be -2^32, with the bit you want set, but that's not
guaranteed, and GCC 5.1 seems not to like it.)
This fixes the generator for the X11 header files; we manually fix the
header file in question, because life's too short to spend very much of
it trying to debug Perl issues that cause a
Can't use string ("1") as a HASH ref while "strict refs" in use at
../../tools/process-x11-xcb.pl line 675.
at ../../tools/process-x11-xcb.pl line 1859
at ../../tools/process-x11-xcb.pl line 1859
failure.
Change-Id: Ia903e9dacad49021bc0dfe129b9393ad426de9eb
Reviewed-on: https://code.wireshark.org/review/8261
Reviewed-by: Guy Harris <guy@alum.mit.edu>
NDEBUG is undefined. Protect rv and its use accordingly.
Change-Id: Iadbc55f74ccb797d7e812090140e636713658aa7
Reviewed-on: https://code.wireshark.org/review/8260
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
This reverts commit 39a31c3205.
rv is used in an assert, thus breaking debug builds.
Change-Id: Ide9c287a9b6bfe07554a9429d3d216266d63c017
Reviewed-on: https://code.wireshark.org/review/8259
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
/home/jmayer/work/wireshark/git/epan/nghttp2/nghttp2_hd.c: In function ‘hd_inflate_remove_bufs_with_name’:
/home/jmayer/work/wireshark/git/epan/nghttp2/nghttp2_hd.c:1736:10: error: variable ‘rv’ set but not used [-Werror=unused-but-set-variable]
size_t rv;
^
turning error.
Change-Id: Ibd46013ddbdbdf634e7df1eb7dd50c60a1f62e26
Reviewed-on: https://code.wireshark.org/review/8257
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Shift 1U instead, to make sure it's unsigned; the result of, for
example, the result of shifting a signed value left is undefined if the
value times 2^{shift count} doesn't fit in the *signed* type of the
shifted value. That means, in particular, that the result of shifting 1
left by {number of bits in an int - 1} is undefined. (In *practice*,
it'll probably be -2^32, with the bit you want set, but that's not
guaranteed, and GCC 5.1 seems not to like it.)
Change-Id: I96114047d402d1bae537cdfeb28a8564b1c94712
Reviewed-on: https://code.wireshark.org/review/8256
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Shift 1U instead, to make sure it's unsigned; the result of, for
example, the result of shifting a signed value left is undefined if the
value times 2^{shift count} doesn't fit in the *signed* type of the
shifted value. That means, in particular, that the result of shifting 1
left by {number of bits in an int - 1} is undefined. (In *practice*,
it'll probably be -2^32, with the bit you want set, but that's not
guaranteed, and GCC 5.1 seems not to like it.)
Change-Id: I0d27565c382a04ceda9eec65f45a430ceb74cf53
Reviewed-on: https://code.wireshark.org/review/8255
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- DCOM:
* Mark some DCOM functions as public do allow calls from plugins
* Add Support for Additional Variant Types Money, I8, UI8
* Fix an uint32 overflow when dissecting nwstringz0 where the length is 0
* Use WS_DLL_PUBLIC instead of WS_DLL_PUBLIC_DEF
Change-Id: I02861a09203c6b42326f5a7b7e652e0f7c26d369
Reviewed-on: https://code.wireshark.org/review/8222
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
While we are at it, let's use pinfo memory pool instead of making a copy of the string to be freed afterwards
Change-Id: Ic92b3a09b053e8394f194b595272c7b228bd6b2b
Reviewed-on: https://code.wireshark.org/review/8236
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
argument 'expression' of command @param is not found in the argument list of __DISSECTOR_ASSERT_STRINGIFY(s)
The following parameters of __DISSECTOR_ASSERT_STRINGIFY(s) are not documented: parameter 's'
The following parameters of __DISSECTOR_ASSERT_CMPINT(a, op, b, type, fmt) are not documented: parameter 'type', fmt
The following parameters of proto_tree_add_bitmask_list(proto_tree *tree, tvbuff_t *tvb, const guint offset, const int len, const int **fields, const guint encoding) are not documented: parameter 'len'
Change-Id: I6adc34e66f45cdba63c34e87db762b39a281d127
Reviewed-on: https://code.wireshark.org/review/8230
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The following parameters of tvb_address_var_to_str(wmem_allocator_t *scope, tvbuff_t *tvb, address_type type, const gint offset, int length) are not documented: parameter 'length'
Change-Id: I0b93a2b47601bbb5ef424b6d0c2651952241ce32
Reviewed-on: https://code.wireshark.org/review/8229
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The following parameters of follow_index(stream_type stream, guint32 addr) are not documented: parameter 'stream'
Change-Id: I983a82e297d2e794c225ce1c3986f9752cad81e6
Reviewed-on: https://code.wireshark.org/review/8228
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The following parameters of WMEM_COPY_ADDRESS(scope, to, from) are not documented: parameter 'scope'
Change-Id: Ice1bddb55839f7aa839bdf6dec74211cf7e4d9dc
Reviewed-on: https://code.wireshark.org/review/8227
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The "EPSG Draft Standard 302-A: High Availability" introduces
the new frame "AMNI". This change adds support to correctly
dissect POWERLINK AMNI frames.
Change-Id: I9e402423296c4e82a25e897de964629bb695d566
Reviewed-on: https://code.wireshark.org/review/8215
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Bug: 9363
Change-Id: Ic64716ef0156607ca40773cef8e76fc4a0825b3c
Reviewed-on: https://code.wireshark.org/review/8196
Reviewed-by: Michael Mann <mmann78@netscape.net>
The build warning:
C:/buildbot/wireshark/wireshark-master-64/win7x64/build/cmbuild/epan/uat_load.c(1348):
warning C4267: '+=' : conversion from 'size_t' to 'guint', possible loss of data
is caused by parse_str_pos being a guint and adding a size_t value.
Fix by declaring parse_str_pos as size_t.
Change-Id: I0e33ea710abeb0ea23d816f35bc3eda8d9b13e60
Reviewed-on: https://code.wireshark.org/review/8198
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Add a pointer to the callback, which will provide an enum value,
for each calling GUI entity, as well as a pointer to the main
structure for that entity.
For Qt this can be used for instance, to connect to slots of the
main instance, to update a calling dialog.
Change-Id: Ifa6b04f868512574de53b6bce507e343f6e219d4
Reviewed-on: https://code.wireshark.org/review/8085
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also fixing indentation problem
Bug: 10304
Change-Id: I560db0e8cce9fdf796a47e387f2d681abe54a653
Reviewed-on: https://code.wireshark.org/review/8192
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This adds some essential features for STT dissection including
using a heuristic IP dissector to ensure we get the right traffic,
segment reassembly, and additional field decoding.
Based on work original done by Andrew Evans.
Change-Id: Ic89d6b16803185c7f58b73935c2646d532d0ae14
Reviewed-on: https://code.wireshark.org/review/8187
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The 'num_digits' parameter to add_digits_string_info_col can come straight from
the packet. Verify it is sane (e.g. the number of bytes required are actually
present) as otherwise we can try and allocate enourmous quantities of memory for
no reason.
Also clean up the routine; fix indenting, and simplify the loop variables.
Bug: 11148
Change-Id: I11052652f8d42fa2bb31f37e3c74523842bb3096
Reviewed-on: https://code.wireshark.org/review/8195
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The IP dissector passes 'tree' to its heuristic dissectors instead
of the 'parent_tree' passed to the normally registered dissectors.
These two are generally the same except that 'tree' is set to NULL
in cases where IP is not referenced - a local optimization that
should not be passed down to the lower layers. The result is that
the filter:
ip && PROTO matches
but:
PROTO does not match.
This changes the two types of dissectors to behave the same by
getting 'parent_tree'.
Change-Id: I78690d4767d2e3a763fd4388792c49aa5df0a962
Reviewed-on: https://code.wireshark.org/review/8190
Reviewed-by: Guy Harris <guy@alum.mit.edu>
packet-c15ch.c:5798: warning: comparison of unsigned expression >= 0 is always true
packet-c15ch.c:5809: warning: comparison of unsigned expression < 0 is always false
packet-c15ch.c:5841: warning: comparison of unsigned expression < 0 is always false
packet-c15ch.c:5859: warning: comparison of unsigned expression < 0 is always false
packet-c15ch.c:5917: warning: comparison is always false due to limited range of data type
Change-Id: Ia12f83c070bc1b794581cd37e330c38b0bad0516
Reviewed-on: https://code.wireshark.org/review/8174
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Bug: 11063
Change-Id: I3daa9e6a75e52df1587678bd78f42e4e46fe4509
Reviewed-on: https://code.wireshark.org/review/7557
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Iaff4551f87fa8d74a09a99c3c772c8abbdf60198
Reviewed-on: https://code.wireshark.org/review/8168
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It doesn't work any more for empty (length==0) PDUs.
Similar to bug 10646/Ifb96768969a43c59367b73e7bb940ceeb02cf6b0 (for RPC).
Untested as I'm not set up to build IDL dissectors now.
Bug: 11134
Change-Id: I77aacc2590acbacbe02edb1768e754f92f87bc23
Reviewed-on: https://code.wireshark.org/review/8163
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: Ie02f809e69cf9e7980d90ab02a2d4f34a465e0cd
Reviewed-on: https://code.wireshark.org/review/8170
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I48f39c148006e25fa98b75656cbb11496bce9d25
Reviewed-on: https://code.wireshark.org/review/8169
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I3b5452ef8cfd4fac414b2c5bdd7926ea679b8029
Reviewed-on: https://code.wireshark.org/review/8167
Reviewed-by: Michael Mann <mmann78@netscape.net>
Part 2 of a few
Change-Id: Ic1f1aafe2ed02dce95b15c03a91cbd68807a5cf4
Reviewed-on: https://code.wireshark.org/review/8165
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This allows checkAPIs to continue checking the 'convert' field for correctness
when dissectors use value_string_ext_new() to build their value_string_ext's
(without resorting to tricks like getting the address of the dereferenced
pointer).
This will be used to resolve the checkAPIs failure in patch set 3 of
Ia5c96b1f6f1fe3a9521b3d70142889e3881fae5e .
Change-Id: I700d86b9076f077706d34000f5a6aa5c96351f69
Reviewed-on: https://code.wireshark.org/review/8162
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
one (and only one) Application ID list.
This means we don't have to list all the Application IDs several times in the
XML file. Collapse those lists into one (much more complete, now) list while
also fixing URIs for several of the specifications (and making it clear for
others that we don't have access to the specification--by declaring their
URI to be "none").
Add a bunch more entries to the list of application IDs.
Change-Id: Ia5c96b1f6f1fe3a9521b3d70142889e3881fae5e
Reviewed-on: https://code.wireshark.org/review/8147
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This allows for a more natural organization of AVP definitions: they can now
be grouped by application (including the base application) or vendor ID. This
means we can stop using the "workaround" (for those vendors who define AVPs
but don't have their own application ID) of finding some random application ID
to put in a vendor-specific xml file just to satisfy the parser.
Rework a couple of Vendor-specific xml files as an example.
Note: this does mean that vendor IDs can no longer be defined inside of the
base or other application. If that's a problem the parser could be made
(through some duplication of code) to understand the old format too.
Change-Id: I5119f0dc7f8e3bbf59e2207046a8bb0f42ab0ca1
Reviewed-on: https://code.wireshark.org/review/8141
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Question: "what if we didn't capture the entire fragment due to a too-short
snapshot length?"
Answer: An assertion fails and we leak a bunch of memory.
Don't do that.
Bug: 11129
Change-Id: I0adfb217f0e66ae8f5f6255a4caf7ff940826b59
Reviewed-on: https://code.wireshark.org/review/8128
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
We had several copies of that code; put it into a filetime_to_nstime()
routine in wsutil, and call that common routine instead.
Change-Id: I1eb5579c36c129ff8d23f9212285ab3f63be0f43
Reviewed-on: https://code.wireshark.org/review/8142
Reviewed-by: Guy Harris <guy@alum.mit.edu>
we can always get it back from git if we want
Change-Id: I61911628541cf4ed4be20e736e41fbaa58978d75
Reviewed-on: https://code.wireshark.org/review/8124
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The correct bit has to be set in the value passed in; create a
proto_tree_add_boolean64() that takes a 64-bit argument and use that.
Change-Id: I28eaab38308baa908bdc1b043b2f0b87a17afe0d
Reviewed-on: https://code.wireshark.org/review/8131
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Just pass 1 or 0 to proto_tree_add_boolean() depending on whether the
64-bit value is non-zero or zero.
Change-Id: I5b55c9aff4e559fb8e62bd96ae2b0b34e45189fa
Reviewed-on: https://code.wireshark.org/review/8129
Reviewed-by: Guy Harris <guy@alum.mit.edu>
In proto_item_add_bitmask_tree(), if use_value is true, base the routine
we use to add the item to the tree on the type of the field being added.
Also, use DISSECTOR_ASSERT_NOT_REACHED(), not g_assert_not_reached(), to
catch types that aren't integral or Boolean.
Change-Id: I6ff9867bddcae16ddf8b689b48fdc93c6f949105
Reviewed-on: https://code.wireshark.org/review/8127
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Implementing a tap interface as well as a packet structure
which contains all necessary information from a single
openSAFETY frame.
This structure is located in a separate packet-opensafety.h so
that plugins and other programs, which want to utilize the tap
interface, may benefit from the same defines
The 40bit calculation was implemented in a wrong fashion,
so that it never calculated the correct UDID
Change-Id: I62895f91d0a255a5489b9bf397a40d824a27383f
Reviewed-on: https://code.wireshark.org/review/7275
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
HeaderID is bitfield in real. There is information about
length-information in value part.
Change-Id: Ib861f658c7b56e16df8a6514de69215138a1740d
Reviewed-on: https://code.wireshark.org/review/8039
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Part 1 of a few
Change-Id: I413f23dfa92da5488ca8a7f62ca0738b25004635
Reviewed-on: https://code.wireshark.org/review/8117
Reviewed-by: Michael Mann <mmann78@netscape.net>
Application Parameters are defined in profile specification.
If there is not enough infgormation to recognize profile user must have
ability to do that manually.
Also add expert info that packet is manually "Decoded As".
Change-Id: I8a735d46d365d712995cd8cc00b2f46849c8afb4
Reviewed-on: https://code.wireshark.org/review/8044
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Miscellaneous corrections in ZigBee Green Power commissioning cluster dissection.
Change-Id: I6aaf5f2c1ad5c70d1961709c0e94ab5c5af81ec7
Reviewed-on: https://code.wireshark.org/review/8094
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
following ge243b0041 check the last add_tagged_field for avoid a Coverity warning
(Yes the code is already safe..)
Ping-Bug: 11110
Change-Id: Iaceb8cf9c91de426bc5e5408b4271091cab57862
Reviewed-on: https://code.wireshark.org/review/8084
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also clean up alignment.
Change-Id: Ib1efb5f642489ea2ddfe2d129c083eda72551bad
Reviewed-on: https://code.wireshark.org/review/8100
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fix miscelleanous errors in ZigBee Green Power
Change-Id: Ie5d379228a755ea09821148dc508108c6293da81
Reviewed-on: https://code.wireshark.org/review/8095
Reviewed-by: Evan Huus <eapache@gmail.com>
One structure and one hash table with very simple uses. Fixes a memory leak.
Change-Id: I727b7d5b0b17c2fcfaaad57797d11090e392253b
Ping-Bug: 11123
Reviewed-on: https://code.wireshark.org/review/8088
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Move the req_id field to the "message-dependent data" section of the header
struct, since in the spec I found it is not specified in the common GIOP header
(even though it appears to be present in all message types). Regardless, this
better reflects the fact that it is not initialized by the primary tvb_memcpy,
only the independent fields are.
Initialize it and use it rather than creating a local for no reason; fixes the
possibility of using it uninitialized.
Bug: 11123
Change-Id: I3bae1df5123fbb1f2b86f7c42cee392b5b045c4f
Reviewed-on: https://code.wireshark.org/review/8087
Reviewed-by: Evan Huus <eapache@gmail.com>
-Correct parsrsing to get correct value (corect position in header).
-Rename hf_gsmtap_noise_dbm to hf_gsmtap_snr_db to reflect use and name in struct.
-Change order of decalaration/use of signal and snr to reflect position in struct.
-Change registered types to signed to reflect possible values and definition in struct.
Change-Id: I748bd19757c0dd87fe4ad0969dfcc8427b908aa2
Reviewed-on: https://code.wireshark.org/review/8077
Reviewed-by: Sylvain Munaut <246tnt@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Modify IS_ANALOG_SUBTYPE macro according to 07-5123-04 zigbee cluster
library specification. It wasn't filtering out the 8-bit enums ans 16
bit enum (digital types).
Bug: 11120
Change-Id: I74f1c0e6671b33fa69e5045cfc283ada3a39d380
Reviewed-on: https://code.wireshark.org/review/8069
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Add a lot of fields.
Change-Id: If12a30b1840c0dbe934bc6af264a068935912832
Reviewed-on: https://code.wireshark.org/review/8043
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
This should be checked - why are they being generated by idl2wrs?
Change-Id: I35956f95b3679fc06e2c63ddc1313733813e5f3f
Reviewed-on: https://code.wireshark.org/review/8062
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That assigns all string members with a g_strdup-family function, making
the assignment of the name similar to the other assignments.
Change-Id: I5f2a4afbad5173b8428ba1bbe435f851e8cc1a19
Reviewed-on: https://code.wireshark.org/review/8061
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Support for the reassembly of GIOP Fragment message types.
A new bool preference (giop.reassemble) is introduced to control reassembly
and it is enabled by default.
Change-Id: I10ca51f745710dca3b57a03cc89126f7b1dc06b4
Reviewed-on: https://code.wireshark.org/review/7966
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A Corba (GIOP) based protocol for the exchange of Intelligence, Surveillance
and Reconnaissance (ISR) products.
Defined in STANAG 4559/AEDP-5 "NATO Standard ISR Library Interface (NSILI)"
See http://www.nato.int/structur/ac/224/standard/4559/4559.htm for more
information.
The dissector is generated using idl2wrs using the gias.idl, with some
manual corrections, as noted in README.gias.
Patch Set 4: Initialise uninitialised variables and no longer mark them as
unused.
Change-Id: Ieae93a135b30078f2d34e66f8c7b2e476438224e
Reviewed-on: https://code.wireshark.org/review/7965
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There are some new attributes comparing MAP 1.1 to 1.2
and PBAP 1.1 to 1.2.
Change-Id: I4be2691e99d176c22676a00549aa550ea07e77e3
Reviewed-on: https://code.wireshark.org/review/8042
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Transport layer is RFCOMM. OBEX packet may be fragmented over RFCOMM.
If so then (Opcode + Final flag + ) Packet Length determines packet length,
but whole OBEX packet will be framented over parts/packet that first packet
has Packet Length and next packets are sequential parts of whole packet
(no header, etc.) Reassemble on this level is simple concatenation of all packet
up to Packet Length. Let threat packet shorted than 3 bytes as bad packet.
There is still no reasssemble on OBEX level (aka Final flag), so content send
over OBEX (vCards, files, XMLs) is still not reassembled.
Change-Id: I11882eb07480b34d274a4ca6e504e609dcf982c0
Reviewed-on: https://code.wireshark.org/review/8041
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
6LoWPAN is used by GATT level profile called IPSP.
Change-Id: Iff2e1a8d531072d9bba03e7d84b56db59110cb35
Reviewed-on: https://code.wireshark.org/review/8045
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Update to latest Bluetooth specification: 1.7 (previously 1.6)
Add +BIND and +BIEV commands, also update +BRSF to support new features.
There is still some things to implement, but need more work to do it, like
request-response tracking.
Change-Id: I195380b9588f3a3e5b07628fbe9d5c66ed46fbfd
Reviewed-on: https://code.wireshark.org/review/8046
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
And, as it's g_mallocated, we don't need to g_mallocate it again with
g_strdup().
The same is true of strings allocated with g_strconcat(). Don't make an
extra copy, and don't free up the original.
Change-Id: Iea470a4424a811934f7fb8b0ba8dd110d337e420
Reviewed-on: https://code.wireshark.org/review/8058
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Plugins may utilize the tap interface to provide special tools
or analysis options, not otherwise available in Wireshark, or
perhaps not allowed to be distributed freely. Up until now, those
tools either had to start automatically, or could not be started
at all, or had to be started separately.
It should be possible, that those tools may be started using a
menu entry directly from Wireshark. This interface tries to achieve
exactly that.
This interface uses a clean interface, which can be implemented in
any plugin or dissector. Documentation for this has been added to
README.plugins.
Separators are only supported for now in the Qt interface, but
URLs can now be added as a simple item, and the UI will use the
same methods used for other URL calls to open them.
Change-Id: I170107dafb66f6badaa864d05a9091e5cbbf52c2
Reviewed-on: https://code.wireshark.org/review/7865
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
offsetof() doesn't necessarily return an int-sized value; cast it to
guint.
Change-Id: Ie0072d62de0178f87bc3168e3f8f1a03d9ec69d5
Reviewed-on: https://code.wireshark.org/review/8053
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ica74f3f9239a96486967cf248feb4313bc390734
Reviewed-on: https://code.wireshark.org/review/7751
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add proto_tree_add_bitmask_value, proto_tree_add_bitmask_value_with_flags and proto_tree_add_bitmask_list to aid in the removal of proto_tree_add_boolean "groupings" as well as "groups" of fields that use proto_tree_add_item with the same offset/len.
This may be able to be optimized later, but the first step will be converting dissectors to use it. A sample conversion of each API is also included.
Change-Id: I53febc7450ad632482f82615a7fa62174f8472c9
Reviewed-on: https://code.wireshark.org/review/8038
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It makes the display more consistent with other fields of Location Estimate IE
Bug: 11114
Change-Id: Ib31c61a34f419cf97601a660f3b807454b1becd9
Reviewed-on: https://code.wireshark.org/review/8049
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Based on packet-ip.c
Change-Id: Ibc561b58d5f4b3e3469e1c578e83b3abe3c206f8
Reviewed-on: https://code.wireshark.org/review/8008
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
packet-ocfs2.c:249: comma at end of enumerator list [-Wpedantic]
packet-ocfs2.c:1171: no previous prototype for 'proto_register_ocfs2' [-Wmissing-prototypes]
packet-ocfs2.c:1651: no previous prototype for 'proto_reg_handoff_ocfs2' [-Wmissing-prototypes]
packet-ocfs2.c:1678:4: no newline at end of file [-Wnewline-eof]
Remove also unneed glib.h include
Change-Id: I47a03dbc9f175a0e2453dd90a733144ac9f95fc4
Reviewed-on: https://code.wireshark.org/review/8007
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
PROTO_TREE_ADD_XXX_ITEM had a bug in it for int values. This was
fixed by adding proto_tree_set_ ## ctype ## to the macro, but not
all compilers support macros at the end of a function, so just
remove the macro entirely and just have the duplicate code.
Change-Id: Icf92a6786daa0e84305ba174ce155833f90b6463
Reviewed-on: https://code.wireshark.org/review/8006
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I57e5dcfabc1c1b4c024b9e1cbfd8b9a34c79c330
Reviewed-on: https://code.wireshark.org/review/8003
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Address comments made after initial dissector was submitted.
Change-Id: Ic42431d8af1d281dbe6f67a8f3f4d5e0aeea4156
Reviewed-on: https://code.wireshark.org/review/7995
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
corrected the relative humidity measurement 0.00 to 100.00 values.
Previous version had bug for example 0.01% -> display 0.1%
Change-Id: I3955d36d1f2a1334ef7baab4fd854f13950d1951
Reviewed-on: https://code.wireshark.org/review/7983
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
add_tagged_field() may return 0 if the tag length is not what is
expected for this particular tag
Bug: 11110
Change-Id: Ia2fd6635613fb6d8e1264147d2ddd44162484887
Reviewed-on: https://code.wireshark.org/review/7989
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Add support of Reported Frame Body (subelement of Beacon Report)
Bug:11101
Change-Id: I44f313ef081fcba7aaf6208baed81a46152fddb6
Reviewed-on: https://code.wireshark.org/review/7970
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add new IE
19 Out-of-Band Group Owner Negotiation Channel
21 Service Hash
22 Session Information Data Info
23 Connection Capability Info
24 Advertisement_ID Info
25 Advertised Service Info
26 Session ID Info
27 Feature Capability
28 Persistent Group Info
Bug:11074
Change-Id: I627ca5906c1e3235aa7d4abb4ebfa757825b7fbf
Reviewed-on: https://code.wireshark.org/review/7914
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Just use Decode As directly.
Change-Id: Iab03a6ff8a70c3c6b0406f426e622eb52bb34ba7
Reviewed-on: https://code.wireshark.org/review/7902
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Just use Decode As directly.
Also replace "registered" dissectors which just the creation of a handle since the dissectors really don't need to be "found" outside of themselves.
Change-Id: I1e0c3ae784b71c0145b1f1730a97feae8e9f488f
Reviewed-on: https://code.wireshark.org/review/7899
Reviewed-by: Michael Mann <mmann78@netscape.net>
Other cleanup with FLIP dissector while in the neighborhood.
Change-Id: I0ecdea447979b0ba508a8bb84bd67e4eb4b32a70
Reviewed-on: https://code.wireshark.org/review/7896
Reviewed-by: Michael Mann <mmann78@netscape.net>
Specifically: Management/Control frames saved by Microsoft Netmon (3.4?)
with "IEEE 802.11 plus Network Monitor radio header" encapsulation
may or may not be saved with an FCS.
See Bug 11105.
Fix: Use "check fcs" preference to specify whether Management & Control
frames have an fcs for this encapsulation.
Change-Id: Ibd0be7b4765c2df2b959cb2234aeed027266246b
Reviewed-on: https://code.wireshark.org/review/7939
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Bug: 5553
Change-Id: If297036b6d7a7afe163d97b05bc4a319d6cf2e97
Reviewed-on: https://code.wireshark.org/review/7949
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also create dissector table for AAL5 subdissectors. This isn't identified as a "Decode As" need, but now the conversion should be easier if that becomes needed.
Change-Id: Ie70318991874de9ef8d95a2853dfceb3c0b94a00
Reviewed-on: https://code.wireshark.org/review/7894
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Id55fcaa49d5ae46af2c26c7c641f6440335ca225
Reviewed-on: https://code.wireshark.org/review/7925
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ib3614431c3ff8f6e53fa0993e296ffea70926d03
Reviewed-on: https://code.wireshark.org/review/7911
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
the option parameter of output_fields_set_option() is always a
0-terminated string
therefore, option_value can't possibly be NULL, remove the NULL checks
if someone runs 'tshark ... -E header=', option_value is an empty
string, bail out in this case, don't parse *option_value and
*(option_value++) in the switch statements
Change-Id: I734b04aff653e8dbe990f546220595546e7503b0
Reviewed-on: https://code.wireshark.org/review/7904
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I45a4cbef7cb38a851c207fbe26ff412ffc502240
Reviewed-on: https://code.wireshark.org/review/7903
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ifcf1193f97df6911ca9a0cf5613c9450b8fce1e4
Reviewed-on: https://code.wireshark.org/review/7897
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Add expert info when there is some undecoded Measure Request/Report type (and subtype)
Change-Id: Iece7487680d3211f28365d6596db31f408edb96b
Ping-Bug:11101
Reviewed-on: https://code.wireshark.org/review/7876
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The IMF dissector doesn't properly handle the extra CRLF between
the headers and the body, leaving it as part of the last header,
and then fails to obtain the body contents due to incorrectly
specifying the length of the remaining data.
Change-Id: I8a1dfebd90e4cd5249f2244e9374a8e9ed3a25da
Reviewed-on: https://code.wireshark.org/review/7884
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
packet-bitcoin.c:1735:6: error: 'hfi_msg_getheaders_version' undeclared (first use in this function)
&hfi_msg_getheaders_version,
caused by previous commit. Weird that the compiler on my system didn't catch that.
Change-Id: I73cb06553bdf3a37f7c3d61d85f425d7c92d5b99
Reviewed-on: https://code.wireshark.org/review/7888
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
git/epan/dissectors/packet-bitcoin.c:270:26: error: ‘hfi_msg_getheaders_version’ defined but not used [-Werror=unused-variable]
Change-Id: Ifcbc8be775e5f435497f5391755356caee48a7d9
Reviewed-on: https://code.wireshark.org/review/7887
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
the EAPOL Key Exchange descriptions show key packets 2 and 4 as "Key (Message 4 of 4)"
Reason of issue :
In the IEEE 802.11 specification the value for the counter is defined as following:
Message #2 - counter = n
Message #4 - counter = n+1
So the only way to distinguish between message #2 and message #4 using the counter value would be for Wireshark to "look ahead" and compare the counter values (e.g., if counter1 < counter2, then message 2, else message 4).
Fix :
However, there is a much easier way to distinguish between message #2 and message #4. Instead of using the counter field, Wireshark could parse the "WPA Key Nonce" field (display filter = wlan_rsna_eapol.keydes.nonce).
According to the IEEE specification, sections 11.6.6.3 and 11.6.6.5 define the value for the WPA Key Nonce as following:
Message #2, Key Nonce = SNonce (Supplicant Nonce)
Message #4, Key Nonce = 0
So, the logic would be:
1. Use the Wireshark parser to determine the WPA Key Nonce value. The Key nonce field is 32 octets.
2. If !(keynonce), then message #2
Else message #4
(Only check the first 4 octets of nonce if equal to zero)
Issue reported by Murray Pickard
Reason of issue (and proposed fix) by Amato Carbonara
Bug: 10557
Change-Id: I66086ac27a4d7d3ac0356be295d23001e2af71c8
Reviewed-on: https://code.wireshark.org/review/7868
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: Ib1c2bb355c7757b1aca4b59953ca6ab94aa30593
Reviewed-on: https://code.wireshark.org/review/7873
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>