packet-amqp.c:10660: warning: implicit conversion shortens 64-bit value into a 32-bit value
packet-amqp.c:10661: warning: implicit conversion shortens 64-bit value into a 32-bit value
Change-Id: Ic1c19edf10432dccb5fc4f3ea07defd45b9eef17
Reviewed-on: https://code.wireshark.org/review/10054
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
draft-ietf-pce-segment-routing has been issued. Reference:
https://mailarchive.ietf.org/arch/msg/pce/Zdsc0HHl1SLvpANRWhpLvIzJQyI
There are implementations out there that are using 5 as SR-ERO subobject
identifier (instead of 36 that will be assigned by IANA) and 27 as the
PATH-SETUP-TYPE TLV identifier (instead of 28 that will be assigned by
IANA). This patch decodes both 5/36 as SR-ERO subobject and 27/28 as
PATH-SETUP-TYPE. It is unlikely that IANA will re-assign code points 5
and 27 in the near future.
Change-Id: Ie2efa869344e4c1121f19f1ee3a71711d566a037
Signed-off-by: ff <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/10057
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Change-Id: I875ecb05e0919e81e6d8d1d00f802c8d5df5b214
Reviewed-on: https://code.wireshark.org/review/10053
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
The CMake dumpbabi targets collectively copy over 800 files. Do
that when when we build the actual targets instead of at configure
time. Hopefully this will speed up initial CMake runs.
Change-Id: I6e4d691e24c73ea05d638a0f897f570541c84e38
Reviewed-on: https://code.wireshark.org/review/10052
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Timestamps are currently dissected as integer numbers; two aspects need to
be recatored to correctly dissect timestamps:
- the add_1_0_proto_item() function
- protocol fields (hf_xxx) and the get_amqp_1_0_value_formatter()
(1)
The AMQP 1.0 dissector rely on the proto_tree_add_item. There is only one
invocation common for all datatypes (in add_1_0_proto_item), which cannot
pass any type-specific ENC_xxx specifiers and it cannot handle custom
datatypes like AMQP timestamp.
I propose to replace the add_1_0_proto_item() by type-specific dissectors that
will correctly set the ENC_xxx specifiers and handle exceptional cases like
the AMQP timestamp or the zero-length true/false datatypes.
(2)
The get_amqp_1_0_value_formatter implements a table-driven magic to select
alternate hf_xxx field based on the actual datatype. This however
- defines alternate fields where the standard permits only one datatype
- does not support fields that can contain any datatype ("*")
- does not support FT_TIMESTAMP
I propose to make this mechanism less table-driven (more explicit and more
flexible) and allow all alternates permitted by the standard.
Change-Id: Ib2cbda632d4c81ec3e6b81f539fe77bb913afc1c
Reviewed-on: https://code.wireshark.org/review/9528
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I6505ce34de84bfe46d5bc7b4d6a3c6044f3fb4b5
Reviewed-on: https://code.wireshark.org/review/10041
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
When created, they have a reference count of 1; when added to an action
group, the reference count is increased as a pointer is held by the
action group. Release the reference we got, as we're not holding onto
it.
Also, rename "menu_item" to "menu_action", to indicate that it's an action.
Change-Id: I54543dcc2e6c3b341a9f584fe1b6099a134771b3
Reviewed-on: https://code.wireshark.org/review/10049
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also, use g_strconcat() in other places where we prepend / to action
names.
Hopefully, this will make it easier to find common code between all the
N different places where we add menus and menu items.
Change-Id: Iee876866730cada64428df17f1f3c4552cc3ac93
Reviewed-on: https://code.wireshark.org/review/10048
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Action names are expected to begin with /, so prepend a /.
Fixes the "plugin" menu mechanism (which could be used by built-in code
as well, so it's not really a "plugin" menu mechanism).
Change-Id: Ic45412399078796359649cc876d2c8bfc9a790c6
Reviewed-on: https://code.wireshark.org/review/10046
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Callers may need to know information like retransmissions, etc which will be lost.
Change-Id: I3f8b6b0aeb308701eb34ae6f6f735af6995ed441
Reviewed-on: https://code.wireshark.org/review/9940
Reviewed-by: Michael Mann <mmann78@netscape.net>
If we try and reassemble a fragment whose end does not line up exactly with the
start of the following fragment, abort or else we will leave uninitialized gaps
in the resulting buffer.
Bug: 11436
Change-Id: I4cd05c1a9ac4404bf70a3945f80b12f7bf5f74ee
Reviewed-on: https://code.wireshark.org/review/9983
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Icea1659395d7bc16e367b74a695586926b33149b
Reviewed-on: https://code.wireshark.org/review/9968
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I36a3d15a4fa86847a83d1dbea40111d36d7cfd61
Reviewed-on: https://code.wireshark.org/review/10036
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
At least with kqueues, NOTE_REVOKE is delivered if the file system
containing the vnode in question is unmounted, and that gets mapped to a
change notification by QFileSystemWatcher, so the right thing should
happen.
I'm not sure whether the right thing happens on Windows.
Change-Id: I1e4c0d510f31f68d574c4d4cf20524666382930f
Reviewed-on: https://code.wireshark.org/review/10039
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Somebody asked about repeated SMB traffic when running the Qt Wireshark:
https://ask.wireshark.org/questions/45036/permanent-smb2-traffic-with-1997
and that's due to said polling. On the main desktop platforms (Windows,
OS X, Linux) we can use QFileSystemWatcher plus, on Windows and OS X,
some additional stuff to check for unmounts (and get FreeBSD as a
freebie, as it works the same as OS X), and avoid timeout-based polling.
Change-Id: I3a1d0110fedcdb442ed09c16dab4bf0cb06ca331
Reviewed-on: https://code.wireshark.org/review/10038
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The default version doesn't use GTK+ any more, so the version we
distribute doesn't have "Categories=System;Monitor;GTK;", and the Debian
version presumably shouldn't put it into category "GNOME".
Change-Id: I4e59026b5c4f26d02e4a96686e339f8d54bdcd1e
Reviewed-on: https://code.wireshark.org/review/10035
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The default binary, "wireshark", is now a Qt binary; "wireshark-gtk" is
the GTK+ one.
Change-Id: Ibfec5d796a9796c2588c4305b18dc4506a435228
Reviewed-on: https://code.wireshark.org/review/10034
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Using 2 spaces for indent is way past its prime.
Change-Id: I80caf89f15e576f9aeb25754576a9f18215ccb3c
Reviewed-on: https://code.wireshark.org/review/10032
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Append to end and prepend to start, not the opposite.
Change-Id: Ic0e2a7f04a0d9ff18a6fd7063d0550ad35eece1a
Reviewed-on: https://code.wireshark.org/review/10027
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This fixes some issues with use-after-free when reload Lua plugins.
Change-Id: I63f3fd9ebe8a19008f560e72067f2078f5eaf759
Reviewed-on: https://code.wireshark.org/review/10026
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Changing fields in http, imf or ldap used to trigger redissect twice
because of UAT_AFFECTS_FIELDS and UAT_AFFECTS_DISSECTION.
Also changed from redrawVisiblePackets() to columnsChanged() because
fields in a custom column may have changed.
This also fixes reloading Lua plugins with Lua fields in custom columns.
Change-Id: I805a765690decbe7434dbf1c33ebd1113e23d16d
Reviewed-on: https://code.wireshark.org/review/10025
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Fix heuristic checks to handle sliced packets correctly. "Correctly"
means "fail the heuristic", as the heuristic checks every single byte of
the putative Ixia trailer, as one thing it does is check the checksum,
which is in the last 2 bytes of the trailer and checks everything before
it. So just return 0 if the full trailer isn't part of the captured
data.
Try to handle being handed a tvbuff that contains an FCS by looking at
the putative "magic number" locations where it would be if the tvbuff
didn't include the FCS and, if that doesn't match, where it would be if
it *did* include the FCS. If the former doesn't match but the latter
does, assume that means it does include the FCS, and do all other
processing under that assumption.
Clean up some comments.
Fix an hf_ variable name to match the field name, and put the tvbuff
value fields in the order of their types.
Don't fail if the field length is 0 - it's a value length, so it could
in theory be 0. Rely on the length checks for individual types to catch
problems.
Change-Id: Idc834aa6637cfbbafd6499060a007e720378154e
Reviewed-on: https://code.wireshark.org/review/10024
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The Ixia trailer is a variable-length sequence of TLVs followed by some
fixed-length fields. Describe it as such.
Realign some #defines while we're at it.
Change-Id: I5fc45a1d44978f1dc1f13e7098c3f797838db7b3
Reviewed-on: https://code.wireshark.org/review/10022
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Protocol is TLV protocol and with this change I add one more field to it.
It is entire backward compatible.
Format is as follow:
Fields Trailer Length 0xAF12(Signature) Trailer Checksum
The fields portion of the trailer is a series of 2-byte fields followed by variable
length data. The first byte indicates the field type, the 2nd byte indicates the
field length. The values supported are listed below:
1 Reserved (Original Packet Size)
3 Timestamp (From Local Timebase)
4 Timestamp (From NTP source)
5 Timestamp (From GPS)
6 Timestamp (From 1588)
7 Timestamp (From Holdover)
Change-Id: I0a3b31cfbc5b6273e1f5326d9841e449735967fe
Reviewed-on: https://code.wireshark.org/review/9854
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
TODO:
- LUA is commented out probably needs to be built with MSVC 2015.
- GeoIP is commented out, causes packet-ip* to not build.
- Qt not built, needs Qt with MSVC 2015
Change-Id: I1658077931b89b9a22ee32e5ed7de38e07fb6a55
Reviewed-on: https://code.wireshark.org/review/8683
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I1e6bf52fad1b1fffefc174a557ff836f400e8fd7
Reviewed-on: https://code.wireshark.org/review/9996
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This option skips some bytes when fuzzing, that prevents some headers from being changed. This focuses fuzzer to a smaller part of the packet.
Change-Id: I1db83235e93f2774a9991e3af70f633487b816fa
Reviewed-on: https://code.wireshark.org/review/9982
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Essentially: Do the version checks at compile time using
#if statements (even though the compiler
probably optimized out the run time checks).
Change-Id: I4879b39729ba5bd6b1c478ac43c107cb9fb445b3
Reviewed-on: https://code.wireshark.org/review/10006
Reviewed-by: Bill Meier <wmeier@newsguy.com>
[...]\packet-pdc.c(205) : fatal error C1001: An internal error has occurred in the compiler.
(compiler file 'f:\dd\vctools\compiler\utc\src\p2\main.c', line 246)
To work around this problem, try simplifying or changing the program near the locations listed above.
Please choose the Technical Support command on the Visual C++
Help menu, or open the Technical Support help file for more information
INTERNAL COMPILER ERROR in 'C:\Program Files\Microsoft Visual Studio 14.0\VC\BIN\cl.EXE'
Please choose the Technical Support command on the Visual C++
Help menu, or open the Technical Support help file for more information
Change-Id: I505898d0c76244a56d75af1a1c5bf30554dd9a2b
Reviewed-on: https://code.wireshark.org/review/10005
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Add RpcServiceResponseTimeDialog, which handles DCE-RPC and ONC-RPC
service response time statistics. Try to make it as lightweight as
possible, since we might want to pull this into the RPC dissectors
similar to the other SRT statistics.
Allow program names on the command line in place of numbers or UUIDs. Make
matches case-insensitive. E.g. the following are equivalent:
-z rpc,srt,100003,3
-z rpc,srt,nfs,3
-z rpc,srt,NFS,3
as are the following:
-z dcerpc,srt,f5cc5a18-4264-101a-8c59-08002b2f8426,56
-z dcerpc,srt,nspi,56
-z dcerpc,srt,NSPI,56
Change-Id: Ie451c64bf6fbc776f27d81e3bc248435c5cbc9e4
Reviewed-on: https://code.wireshark.org/review/9981
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>