Set index start to 1 for Friendly Operator Name subtree.
Moved lang code and name string within subtree.
Bug: 16534
Change-Id: I0fd4d926f585ec432a869c7a15e13b84d5d0f2fb
Reviewed-on: https://code.wireshark.org/review/36996
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Adjusted dissect_anqp_capab_list() to include
~anqp_subtype and ~anqp_reserved fields when
WFA HS2.0 exists as a vendor-specific capability ID.
Bug: 16548
Change-Id: I2923df3f6de42a58af643cd07b29c77e802cdcab
Reviewed-on: https://code.wireshark.org/review/37147
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"If the cookie is valid, the server sends a SYN-ACK acknowledging both
the SYN and the data." https://tools.ietf.org/html/rfc7413#page-6
Tested with tcp_tfo_session.pcapng from Bug 12838.
Bug: 16515
Change-Id: Idff67e9098d558ea60337b01e5c74514397a470f
Reviewed-on: https://code.wireshark.org/review/36994
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
1. Electronic Key Segment: Add support for Serial Number Key Format
2. Electronic Key Segment: Display more values in generated (response) output
3. Display Route/Connection Path in response data
4. Add more device types, class names
5. Minor display improvements to text strings, units for clarity
Change-Id: Ie7738cb395579674db448535474444da49b5b297
Reviewed-on: https://code.wireshark.org/review/37156
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Show the Stream ID in the Info column after the RESET_STREAM,
STOP_SENDING, MAX_STREAM_DATA, and STREAM_DATA_BLOCKED frame types.
Change-Id: Icec0b35dcd0cd79d5be519505d7b3b98c0af9ca7
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/37157
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
d5fc969e57 removed
stdio.h's include. The missing stdio.h broke
the CentOS7 build. This commit removes calls to
fprintf to fix the CentOS7 build.
Change-Id: I3f93973ae6901a30414a75a8156967a0e470db90
Reviewed-on: https://code.wireshark.org/review/37137
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Clean up the generators and generated dissectors a bit by updating
the header, removing unwanted includes and completing the modelines
block.
Change-Id: I8ff80b05bb598c3fa5a5f91a24d5caba87eb712e
Reviewed-on: https://code.wireshark.org/review/37154
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The current state of generated code from the IDL specification is not
reproducible with the current omniidl backend. This change brings the
backend in line with the currently committed generated source code.
The exception to this is that the exceptions (no pun intended) were
collected in a dictionary of unspecified ordering, therefore inherently
non-reproducible. These thus differ from the previously committed source
code (packet-parlay.c), but do contain the same lines.
Also this rolls back commit 443df93896
because the committed generated source files were not created with the
backend with this change, nor do they fail to build, as claimed in that
commit.
Special thanks to Luke Mewburn for working on the dictionary problem.
Change-Id: I7707746d263c7556eb06883c877f70f0e9b357c5
Reviewed-on: https://code.wireshark.org/review/37153
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Added two fields for EAP-SIM/AKA Notification Type.
Added value_string array for AT_NOTIFICATION types & external ref.
Updated else if statements to a switch for EAP-SIM and EAP-AKA
Updated eap_sim_aka_attribute_vals[] and added Client Error Codes
Bug: 16539
Change-Id: Iaf9949d713d700330536e805d9ceb9328d183744
Reviewed-on: https://code.wireshark.org/review/36999
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
/opt/SourceCode/wireshark/epan/dissectors/packet-flip.c 155 warn V547 Expression 'chksum_hdr_chksum == computed_chksum' is always false.
/opt/SourceCode/wireshark/epan/dissectors/packet-zbee-zcl-meas-sensing.c 1295 err V590 Consider inspecting the '(value > 0x0000) || (value > 0xfffd)' expression. The expression is excessive or contains a misprint.
/opt/SourceCode/wireshark/ui/qt/lte_rlc_statistics_dialog.cpp 504 warn V668 There is no sense in testing the 'channel_item' pointer against null, as the memory was allocated using the 'new' operator. The exception will be generated in the case of memory allocation error.
Bug: 16335
Change-Id: Ief19a82e84bd16df33c453d6cc30db37f1c589ea
Reviewed-on: https://code.wireshark.org/review/37150
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Added unknown data field at end of EAP Identity
dissection to ensure clean offsets to CRC/Checksum.
Bug: 16529
Change-Id: I09bc945bb89a91231bb82ced011ca3d1075a7788
Reviewed-on: https://code.wireshark.org/review/37094
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The unique id for SOME/IP-SD was not unique for eventgroups since
it was made up by the service id and instance id only.
This patch adds the eventgroup id to fix this.
Bug: 16549
Change-Id: I16bf0884d4a7bc1d3df5de868833fb1887ba0baa
Reviewed-on: https://code.wireshark.org/review/37131
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In parse_VENDOR() get the length of the raw data (presumed to be
vendor-specific data) by using proto_tree_add_item_ret_length(), and add
that to the offset.
Should addresses PVS-Studio complaint
/opt/SourceCode/wireshark/epan/dissectors/packet-infiniband.c 2782 warn
V1048 The '* offset' variable was assigned the same value.
Change-Id: Icac567e3ef2ad0484aaa111e5bc8a5cd83d9d8a5
Reviewed-on: https://code.wireshark.org/review/37143
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Keep the endianness (as an ENC_ value) in the info structure we use
while dissecting.
When dissecting an SPB, peek ahead at the byte-order magic before
dissecting the block length, to determine the byte order of all fields
in that block *and* all other blocks in that section. Report an error
and stop dissecting if the byte-order magic isn't valid.
Change-Id: I6d94d4fad10d60f327f4a486e180cdcee2f6be2d
Reviewed-on: https://code.wireshark.org/review/37138
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Do it the same way that wiretap/pcapng.c does it.
Bug: 16440
Change-Id: Ied811e5d10d4219de718f4f74254440b324f0ed1
Reviewed-on: https://code.wireshark.org/review/37132
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
The "Original Packet Length" field of a Simple Packet Block can be
greater than the amount of data actually captured; the Interface
Description Block's snap length must be checked as well.
To enable this in the MIME Files Format dissector, the
`interface_description` needs to store the snap length. This allows the
appropriate section of `dissect_block()` to access it via the `info`
parameter.
The "Captured Length" field from EPB/PB dissection is added to SPB
dissection as a generated field to clarify the difference between it and
the field labelled "Packet Length".
Bug: 16526
Change-Id: I27f2fccc9ed2f682377059931b18d7e42d7ff0a3
Reviewed-on: https://code.wireshark.org/review/37095
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
This is the dissector for the LBMSRS protocol which
comes under the 29West protocol suite
Bug: 16466 - LBMSRS sample capture file uploaded in this bug
Change-Id: I7458783f8cff5179064fbd68e910c162db1c5fd7
Reviewed-on: https://code.wireshark.org/review/36917
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When reading a new SHB in a pcapng file, reset the array of interface
descriptions to empty. No blocks that follow will be referring to
interfaces from the previous section.
Ping-Bug: 16526
Change-Id: Iaa4257e3392bb829445aab1f79b54334f5db0263
Reviewed-on: https://code.wireshark.org/review/37092
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Have a routine that takes an interface ID as an argument and:
if it's within range, fetches the interface description and
returns a pointer to it;
if it's not within range, adds an expert info and returns NULL;
and have the code to dissect blocks with interface IDs just call it.
Change-Id: I705fe94a9a5fb5a27650465f3c55e0dc1b6fbd23
Reviewed-on: https://code.wireshark.org/review/37090
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
The interface ID is just an ordinal; there's no reason to show it as hex
(we don't show it as hex if we're treating a pcapng file as a capture
rather than a file to be dissected).
The packet drops count is just a count, so, again, there's no reason to
show it as hex.
The hash algorithms numbers are given in decimal in the pcapng spec, so
display it as decimal.
Change-Id: I93fd50e7243a5b012bd29324f7116e634aca62af
Reviewed-on: https://code.wireshark.org/review/37072
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
/opt/SourceCode/wireshark/epan/dissectors/packet-osc.c 367 err V562 It's odd to compare 0 or 1 with a value of 0.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 960 note V576 Incorrect format. Consider checking the eighth actual argument of the 'proto_tree_add_subtree_format' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 980 note V576 Incorrect format. Consider checking the third actual argument of the 'proto_item_append_text' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 2473 note V576 Incorrect format. Consider checking the fourth actual argument of the 'col_prepend_fstr' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 2482 note V576 Incorrect format. Consider checking the fourth actual argument of the 'col_append_fstr' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 2633 note V576 Incorrect format. Consider checking the fourth actual argument of the 'col_append_fstr' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 2650 note V576 Incorrect format. Consider checking the fourth actual argument of the 'col_prepend_fstr' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-stun.c 565 warn V1051 Consider checking for misprints. It's possible that the 'reported_length' should be checked here.
/opt/SourceCode/wireshark/epan/dissectors/packet-umts_fp.c 4126 warn V1051 Consider checking for misprints. It's possible that the 'reported_length' should be checked here.
/opt/SourceCode/wireshark/epan/dissectors/packet-umts_fp.c 4942 warn V1051 Consider checking for misprints. It's possible that the 'reported_length' should be checked here.
/opt/SourceCode/wireshark/ui/voip_calls.c 1444 err V773 The 'comment' pointer was assigned values twice without releasing the memory. A memory leak is possible.
/opt/SourceCode/wireshark/wsutil/filesystem.c 1531 err V773 The function was exited without releasing the 'files' pointer. A memory leak is possible.
/opt/SourceCode/wireshark/wsutil/filesystem.c 1717 err V773 The function was exited without releasing the 'files' pointer. A memory leak is possible.
Bug: 16335
Change-Id: I8df3ba6d070823dcb43c4152d9156358f701e8dc
Reviewed-on: https://code.wireshark.org/review/37069
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Fix the check for the Interface Statistics Block as well.
Make the check for the Simple Packet BLock similar to the other checks -
at the beginning, set interface_id to 0 and then check interface_id
against the size of the array.
Change-Id: Ib05255fe13eca6292447f365b62ff3094805bd4a
Reviewed-on: https://code.wireshark.org/review/37071
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
*Any* packet block can have an invalid interface ID; that's not just an
error in the first packet block.
For Enhanced Packet Blocks and Packet Blocks, you can have an invalid
interface ID even if you've already seen one or more Interface
Description Blocks; you have to check whether the interface ID is >= the
number of IDBs we've seen.
Change-Id: I33268d224ef3ad928ad9c000027fb6783806b978
Reviewed-on: https://code.wireshark.org/review/37070
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
A valid pcapng file must have an IDB before any EPB/SPB/PB/ISB. So check
our interface count when we parse the first such block of a section, and
add expert info if there are no interfaces.
Discovered during work on Bug #16526.
Ping-Bug: 16526
Change-Id: I23ff452fd163a0e4472e0658a905f85ab85d5e9d
Reviewed-on: https://code.wireshark.org/review/36986
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Simply free RX tvb if there isn't any actual RX payload.
Ping-Bug: 11743
Change-Id: I05b6818cf7889a44730c4d44980947cece65395e
Reviewed-on: https://code.wireshark.org/review/37025
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Reviewed-by: Filipe Laíns <lains@archlinux.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
/opt/SourceCode/wireshark/epan/dissectors/packet-aoe.c 328 warn V581 The conditional expressions of the 'if' statements situated alongside each other are identical. Check lines: 323, 328.
/opt/SourceCode/wireshark/epan/dissectors/packet-aprs.c 1148 warn V1037 Two or more case-branches perform the same actions. Check lines: 1148, 1161
/opt/SourceCode/wireshark/epan/dissectors/packet-lsd.c 127 err V547 Expression 'strlen("cookie") == 0' is always false.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 3385 warn V547 Expression 'conversation == NULL' is always true.
/opt/SourceCode/wireshark/epan/dissectors/packet-snort-config.c 465 note V576 Incorrect format. Consider checking the fourth actual argument of the 'g_snprintf' function. Under certain conditions the pointer can be null.
/opt/SourceCode/wireshark/epan/dissectors/packet-snort.c 630 warn V768 The variable 'condition' is of enum type. It is odd that it is used as a variable of a Boolean-type.
/opt/SourceCode/wireshark/epan/dissectors/packet-snort.c 969 warn V547 Expression '!attempt_match' is always false.
Bug: 16335
Change-Id: I93bbc40f0467ebaab74335f6edc7d60e1c600a94
Reviewed-on: https://code.wireshark.org/review/37044
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
wiretap/erf_record.h has declarations for records in ERF files and in
LINKTYPE_ERF packets in pcap and pcapng files.
wiretap/erf-common.h has declarations of routines to be called by
pcap/pcapng reader code when processing LINKTYPE_ERF packets.
wiretap/erf.h is what's left, for use by wiretap/erf.c and the code with
the tables of file readers and writers.
Change-Id: Ia982e79b14a025a80dcbc7c812fb3b2cdb9c6aaa
Reviewed-on: https://code.wireshark.org/review/37021
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Stop including glib.h in dissectors, this will come in implicitly with
packet.h including proto.h, an essential include file for dissectors.
While at it, config.h is no longer conditional and stdio.h is usually
not needed either. Some other cleanups too.
Change-Id: I60c12f16d7ef1e6398509293031ffed7460d2c61
Reviewed-on: https://code.wireshark.org/review/36969
Reviewed-by: Orgad Shaneh <orgads@gmail.com>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The uftp4.complete.reserved field takes up 3 bytes, however the
associated tree item only highlights 2 bytes. Fixed to highlight all 3
bytes.
Change-Id: I720f0829648543aca615d0b539ba996d2cff7216
Reviewed-on: https://code.wireshark.org/review/36995
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
An entire pcapng file is dissected as a unit, so there's only one file;
the "file_number" field counts Section Header Blocks, so it's a section
number, not a file number. Rename it to "section_number".
Change-Id: I3ee477c9aa0ee4cdfa7496935b2be915c31a4644
Reviewed-on: https://code.wireshark.org/review/36977
Reviewed-by: Guy Harris <gharris@sonic.net>
Only use proto_tree_add_bytes_item() if you
1) are processing a hex string rather than binary byte array;
2) need the raw byte data.
While we're at it, fix the encoding argument in some calls adding
FT_BYTES fields to be ENC_NA, and, for some cases that could use
FT_UINT_BYTES, use proto_tree_add_item_ret_uint() to handle the length
and add a comment about that.
Change-Id: I6a1baca5c7da3001c0a6669f9c251e9773346c8c
Reviewed-on: https://code.wireshark.org/review/36967
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
modified the peekremote dissector to support 11ax flag in the extended
flags (one reserved bit set to 1 for ax and 1 for 160mhz). Also added
constants for new data rates MCS 10-11.When the 11ax flag is on,
decoding the phy as 11ax (11ax PHY is a different commit already in the
main code since november 2019)
Bug: 15740
Change-Id: Ida7977cdbbd5c83d2158115d9560c5acc815eab9
Reviewed-on: https://code.wireshark.org/review/36686
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rework the method verifying if there are more data in packed attribute
New version checks if there are any non-zero bits after the current bit in the
packet. If it sees some non-zero bits - that means there is some data in the
packet. If there are zero bits only - that means there is no more data in the
packet.
Changes affect RTSP/SDP dissector and they are specific for
SDP media attribute (a) fmtp/sprop-parameter-sets for H264 protocol
Bug: 16322
Change-Id: Ic4768c56f16b79cbf2ccac8a9736f8fa15043224
Reviewed-on: https://code.wireshark.org/review/36899
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit adds a basic dissector for ScyllaDB RPC protocol.
ScyllaDB (www.scylladb.com) is a No-SQL database serving multiple
client protocols (e.g. CQL). The newly introduced dissector
provides a way to inspect Scylla's internal protocol, used by
the nodes to communicate with each other - share data, gossip
the cluster state, update the schemas, etc.
This dissector implements only a shallow dissection of most packets,
i.e. recognizing the packet type. Two requests with deeper dissection
are MUTATION and READ_DATA, used by I/O operations in the database.
Bug: 16471
Change-Id: Ibba8262bd4e5a637b24b3e7846c42c6534ef811b
Signed-off-by: Piotr Sarna <sarna@scylladb.com>
Reviewed-on: https://code.wireshark.org/review/36633
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Add some ENC_ values for various flavors of packed BCD, and use that
instead of explicitly calling tvb_bcd_dig_to_wmem_packet_str() and
adding the result.
Change-Id: I07511d9d09c9231b610c121cd6ffb3b16fb017a9
Reviewed-on: https://code.wireshark.org/review/36952
Reviewed-by: Guy Harris <gharris@sonic.net>
Matthew Weant