Get rid of ATTRS_BLOCK, which is either empty or sets a value for attr.
We can initialize attr in any case, either to NULL or to the attributes
provided by the caller. This makes the code a bit easier to read (at
least for me).
Change-Id: Ib26ea5ec099b365303de5aaf407470ad48b126f9
Reviewed-on: https://code.wireshark.org/review/32186
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Users should not be starting Wireshark as root user (sudo or root
login). If they do, then they can already execute arbitrary code via C
plugins, or read and write arbitrary files. Limiting the Lua API will
not really help these users to prevent breaking their system further.
Therefore remove all artificial restrictions and allow users to run
user-supplied scripts by default. If for whatever policy reason this
flag is set to false, then only Lua dissectors from the global system
directory are executed. It is their responsibility not to provide a free
root shell to the user.
Note that "running_superuser" will also be true if setuid root while the
effective and real user is no longer root. This happens due to
relinquish_special_privs_perm(). In this case, disabling the Lua API is
just annoying with no benefits.
Change-Id: Ie8a38e6160d861f02cbb70dcd1d90462153f4665
Link: https://www.wireshark.org/lists/wireshark-dev/201902/msg00004.html
Reviewed-on: https://code.wireshark.org/review/31913
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
dofile is currently disabled whenever Wireshark or tshark was started as
root, calling it will result in Lua errors on startup.
Even if dofile were not disabled, the Lua Evaluate menu option enables
arbitrary Lua code execution. The other options (Console, help links)
are not that important either, so just disable it when run as root.
Change-Id: I0785fe9b3d4678d71ae1e0178811dada471c3525
Link: https://www.wireshark.org/lists/wireshark-dev/201902/msg00004.html
Reviewed-on: https://code.wireshark.org/review/31912
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The subtree indexes are only used in the dissector so it's not
needed to defer the deletion.
Change-Id: I33600897a186c078cc1021cde5a1d90054d475c8
Reviewed-on: https://code.wireshark.org/review/31800
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add missing group values. Update regex to match TELEPHONY_MTP3.
Change-Id: I709a416e30d79c2de69887548015a3c1ecfe5bab
Reviewed-on: https://code.wireshark.org/review/31779
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The filename is included in the error message from Lua so we don't
need to display this twice.
Change-Id: I00aa7255ff24b07b9f45a8e814a97b61c35936e1
Reviewed-on: https://code.wireshark.org/review/31768
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Error messages without a stack trace are rather hard to debug for more
complex Lua dissectors. Be sure to append one, it will look like this:
tshark: Lua: Error during loading:
/tmp/kdnet/kdnet.lua:13: bad argument #3 to 'proto_field_constructor' (Display must be either base.NONE, base.DOT, base.DASH, base.COLON or base.SPACE)
stack traceback:
[C]: in function 'proto_field_constructor'
/tmp/kdnet/kdnet.lua:13: in function 'add_field'
/tmp/kdnet/kdnet.lua:35: in function 'add_fields'
/tmp/kdnet/kdnet.lua:242: in main chunk
It would be nice to reuse the error handler for dissector calls as well,
but I am not sure whether this works with absolute indices which are
used almost everywhere in wslua.
Change-Id: I89b2dcd360fce3865e1bf052b9fe03e888aae167
Reviewed-on: https://code.wireshark.org/review/31763
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Fixes memory leaks reported by ASAN for the test_wslua_pinfo test.
Change-Id: Id7e79e63559db1e7f8b27d566048eab9268d9237
Reviewed-on: https://code.wireshark.org/review/31754
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
If a ProtoField object was created, but not linked to a Proto, then some
fields (name, abbrev, blob) could leak. Fixes ASAN test failures for
four wslua tests.
Change-Id: I570ea154153b505ba81edb2bbf538e6dc1438728
Reviewed-on: https://code.wireshark.org/review/31750
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Proto objects were only freed while reloading Lua plugins, be sure to
release these on program exit too. Fix missing deallocation of heur_list
(matches per-protocol cleanup in proto_cleanup_base).
Be sure to keep a reference to the "Pref" object after registering it to
a Proto, otherwise it could be garbage-collected early, resulting in
memleaks (because the preference was still in use).
Fixes a lot of memory leaks reported by ASAN for tests, ten tests were
affected by Proto_new leaks, four were affected by the new_pref leaks.
Change-Id: Ica52718849a33eda614775f533dc0fcefec9cc74
Reviewed-on: https://code.wireshark.org/review/31746
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change the "Field" type to actually point to a structure. Do not cheat
and overload the pointer to mean "char*" in one context, and
"header_field_info*" in another. It was very confusing.
Implement Field__gc to free the Field structure that was allocated in
Field_new. This fixes the memory leak in Field_new.
Now the test_wslua_field test passes when executed with ASAN and a bunch
of other wslua tests also improve.
Change-Id: Ibc4318b76bb893151fd40c3fbc595402fba7a60a
Reviewed-on: https://code.wireshark.org/review/31743
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
luaL_optinteger will raise an error when the argument is an invalid
number. Delay the allocation to avoid a leak. Fixes the
test_wslua_nstime test under ASAN.
Change-Id: I6856fd218897565a60786d820f43192b41d489f2
Reviewed-on: https://code.wireshark.org/review/31744
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Since v2.9.1rc0-528-g31aba351e2, it is clear that wtap file formats
should free earlier comments before writing a new one. Do so.
Fixes leaks reported by ASAN for test_wslua_file_acme_reader.
Change-Id: Iafb643f01f5973f2d3b88f244ee70e8c0c451080
Reviewed-on: https://code.wireshark.org/review/31738
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The memory ownership of wtap_rec::opt_comment was not clear. Users of
wtap were leaking memory (editcap.c). wtap readers were not sure about
freeing old comments (erf) or simply ignored memleaks (pcapng).
To fix this, ensure opt_comment is owned by wtap_rec and free it with
wtap_rec_cleanup. The erf issue was already addressed since
cf_get_packet_comment properly duplicates wth.opt_comment memory.
- wtap file formats (readers):
- Should allocate memory for new comments.
- Should free a comment from an earlier read before writing a new one.
- Users of wth:
- Can only assume that opt_comment remains valid until the next read.
- Can assume that wtap_dump does not modify the comment.
- For random access (wtap_seek_read): should call wtap_rec_cleanup
to free the comment.
The test_tshark_z_expert_comment and test_text2pcap_sip_pcapng tests now
pass when built with ASAN.
This change was created by carefully looking at all users opt
"opt_comment" and cf_get_packet_comment. Thanks to Vasil Velichkov for
an initial patch which helped validating this version.
Bug: 7515
Change-Id: If3152d1391e7e0d9860f04f3bc2ec41a1f6cc54b
Reviewed-on: https://code.wireshark.org/review/31713
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Vasil Velichkov <vvvelichkov@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
At the moment, wslua first registers a class and then adds its
attributes in a second step. This registration creates empty __getters
and __setters tables which are later populated with the getter and
setter methods of the attributes.
Looking at the code and the comments, it seems that this was meant to be
a temporary solution. Eventually, attributes should be stored in
wslua_class' attrs field. The code to read and write attributes was
already updated to handle this.
Add new macros WSLUA_REGISTER_CLASS/_META_WITH_ATTRS that store the
attributes in wslua_class. Defining new macros is simpler than modifying
WSLUA_REGISTER_CLASS/_META to register attributes. If we did the latter,
we'd have to add an empty attribute list for all classes without
attributes.
We can now drop the WSLUA_REGISTER_ATTRIBUTES macro and the
wslua_reg_attributes function.
Using this new way of registering attributes, the __getters and
__setters tables are still available. The tests is the test suite that
rely on those tables still pass.
Change-Id: I526b9116435645c9c54ab69a05c3c7f3d459ec33
Reviewed-on: https://code.wireshark.org/review/31417
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
What we were calling the "name" is actually a description to show to
users; what were calling the "short name" is just the name to use on the
command line.
Rename some routines and structure members, and put the name first and
description second in the table.
Expand some descriptions to give more details (e.g., to be more than
just a capitalized version of the name).
Fix the CamelCase capitalization of InfiniBand.
Change-Id: I060b8bd86573880efd0fab044401b449469563eb
Reviewed-on: https://code.wireshark.org/review/31472
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This allows taps that can fail to report an error and fail; a failed
tap's packet routine won't be called again, so they don't have to keep
track of whether they've failed themselves.
We make the return value from the packet routine an enum.
Don't have a separate type for the per-packet routine for "follow" taps;
they're expected to act like tap packet routines, so just use the type
for tap packet routines.
One tap packet routine returned -1; that's not a valid return value, and
wasn't one before this change (the return value was a boolean), so
presume the intent was "don't redraw".
Another tap routine's early return, without doing any work, returned
TRUE; this is presumably an error (no work done, no need to redraw), so
presumably it should be "don't redraw".
Clean up some white space while we're at it.
Change-Id: Ia7d2b717b2cace4b13c2b886e699aa4d79cc82c8
Reviewed-on: https://code.wireshark.org/review/31283
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit 5953756305.
The public API should not be polluted with Windows-specific hacks. As we
already override dofile/loadfile, those should be fixed instead.
Ping-Bug: 15118
Change-Id: Ia9d5e64e8ef14032f982f695ffd4cac59067bb17
Reviewed-on: https://code.wireshark.org/review/31134
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reloading Lua plugins did not actually remove registered FileHandler
instances which resulted in a use-after-free of lua_State. Fix this by
tracking instances and release them in wslua_deregister_filehandlers.
Other required fixes to allow reregistration after reloading:
- Fix END_FILEHANDLER_ROUTINE not to block all new registrations.
- wtap file subtypes are apparently persistent, even after
"unregistering". Fix this by looking up the previous subtype that
matches the FileHandler short name. Add a small sanity check to
wtap_register_file_type_subtypes to prevent internal handlers from
being overwritten.
This patch creates a potential memleak of registered_file_handlers as
wslua_deregister_filehandlers is not called on program exit (yet?).
Bug: 13264
Change-Id: I4f5935cde6ff8dc4de333359bad3efca96d4fb9b
Reviewed-on: https://code.wireshark.org/review/31068
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add ws_dofile() and ws_loadfile(), which are like the substitute
dofile() and loadfile() we provide, but that, on Windows, take a UTF-8
path rather than a path in the local code page.
Use that to load console.lua.
This means we can load console.lua on Windows even if the full path to
it includes non-ASCII characters.
Bug: 15118
Change-Id: Iaa00639563fe53a34e1e24e42022f3886a38e7c5
Reviewed-on: https://code.wireshark.org/review/31075
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Currently our Windows code looks for data files in the same
folder as the binary executable (presumably to make the
application relocatable, although it should be possible
to improve this with relative paths?).
Ping-Bug: 15301
Change-Id: I0fef4e87dc9d1d8edef81dd11755761fddd0fd12
Reviewed-on: https://code.wireshark.org/review/30819
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
This:
1) means that we don't have to flag the compression argument with a
comment to indicate what it means (FALSE doesn't obviously say "not
compressed", WTAP_UNCOMPRESSED does);
2) leaves space in the interfaces in question for additional compression
types.
(No, this is not part 1 of an implementation of additional compression
types, it's just an API cleanup. Implementing additional compression
types involves significant work in libwiretap, as well as UI changes to
replace "compress the file" checkboxes with something to indicate *how*
to compress the file, or to always use some other form of compression).
Change-Id: I1d23dc720be10158e6b34f97baa247ba8a537abf
Reviewed-on: https://code.wireshark.org/review/30660
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use it for all the per-file information, including the per-file
link-layer type and the per-file snapshot length.
Change-Id: Id75687c7faa6418a2bfcf7f8198206a9f95db629
Reviewed-on: https://code.wireshark.org/review/30616
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Have the routines always take a parameters pointer; pass either null or
a pointer to an initialized-to-nothing structure in cases where we were
calling the non-_ng versions.
Change-Id: I23b779d87f3fbd29306ebe1df568852be113d3b2
Reviewed-on: https://code.wireshark.org/review/30590
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The code for the Address class already contains commented-out code for a
number of additional address types.
Activate the draft constructor for ethernet addresses and complete it.
Use the newly-added function to parse a string that contains an ethernet
address.
Add a basic test tvb.lua. Read an ethernet address from a tvb and
compare it to a constant Address.ether object.
Change-Id: I9771dd6e7ade4b572a8b864b8986d641b4eba3e5
Reviewed-on: https://code.wireshark.org/review/30163
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
A range string is passed as a table of tables, eg:
range_string = {
{ 0, 24, "Some string for values 0 to 24" },
{ 25, 25, "The string for value 25" },
{ 26, 255, "The string for the remainder" }
}
Included is a minimal Lua test for range strings and value strings
(which did not have one previously.) It will take more time than I
currently have to figure out how to do a more exhaustive test.
Also fixed some grammar issues in error messages along the way.
Change-Id: Ia9d1efc8adabb6528c4bdcf1624c9ede49e2fdc6
Reviewed-on: https://code.wireshark.org/review/30211
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
We use the per-file encapsulation everywhere else; use it there as well.
Change-Id: I3e3df234a9f541a9d90e54a3c0f41b5019e00bb3
Reviewed-on: https://code.wireshark.org/review/29940
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Rename packet-ssl{,-utils}.[ch] to packet-tls{,-utils}.[ch].
Change-Id: I4732162ec131ddf0734b3dd191ccc9e48a76ce06
Reviewed-on: https://code.wireshark.org/review/29659
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
No functional change, just using the correct macro for value_strings.
Other fixes: Taking the address of the first element of an array gives
the same address as the array itself. An array of a structure with a
single element is the same as the single element itself (packet-sprt.c).
Change-Id: I08bc9de49fbd1659a6700ace863e5f05144c7b3e
Reviewed-on: https://code.wireshark.org/review/29752
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add the ability to specify maximum function counts for each group to
checkAPIs. Add maximum counts for the "termoutput" and "abort" groups
where needed. Show summaries in various checkAPI targets.
Switch uses of ws_g_warning back to plain g_warning.
Change-Id: I5cbddc8c671729e424eed8551f69116d16491976
Reviewed-on: https://code.wireshark.org/review/29721
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This reverts commit f94cfa0cdc.
Reason for revert: we don't use those diagnostic pragmas with those
older compilers.
Change-Id: I5154527dcc3813fb893c382059cb33538f2d29f7
Reviewed-on: https://code.wireshark.org/review/29639
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The "debug" logging function overwrites the "debug" package which breaks
luacov: https://github.com/keplerproject/luacov/issues/55
Change-Id: I9b6025c060733198bfff8ea959444c09d6e08709
Reviewed-on: https://code.wireshark.org/review/29449
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The g_base64_decode_inplace() does not handle zero length string
so add a guard for this before calling.
Bug: 15113
Change-Id: I89fa17dd62af238f4282835c317e5c8be6e0c8a1
Reviewed-on: https://code.wireshark.org/review/29428
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Replace ws_base64_decode_inplace() with g_base64_decode_inplace()
or g_base64_decode(), which was introduced in glib 2.12.
The only observed difference is a need for zero-terminate the buffer
after decoding.
Change-Id: Ia102d0d8e9bec575ffeddf448191a3f6de9fb1ed
Reviewed-on: https://code.wireshark.org/review/29382
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We are exporting a registration function from libwireshark just
to have it passed back as a callback. Seems unnecessary.
Change-Id: I7621005c9be11691d319102326824c5e3520a6f3
Reviewed-on: https://code.wireshark.org/review/29328
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Deprecate "disable_lua" in favor of "enable_lua". Configuration options
typically use "true" or a similar value to enable features. Using
"disable_lua = false" to enable Lua seems odd.
Change-Id: I224acad0559d409ea0a28b5555d1eb898564328c
Reviewed-on: https://code.wireshark.org/review/28773
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"nstime_t{A, B}" is defined as "A + B * 10^9" rather than an integer
part A and fractional part B.
Bug: 14720
Change-Id: I5321db7d5ecea8f976291d2a22667b02162194e2
Reviewed-on: https://code.wireshark.org/review/27775
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
g_array_free(a, FALSE) returns "a->data". Callers that do not handle
this will leak memory. Convert other users to use the return value
instead of direct access to "a->data".
Change-Id: I0a29864e8106c0bf09e9573ef29e4474179c4171
Reviewed-on: https://code.wireshark.org/review/27438
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
g_ptr_array_free(a, FALSE) returns "a->pdata". Callers that do not
handle this will leak memory (e.g. "tshark -G plugins"). Convert other
users to use the return value instead of direct access to "a->pdata".
Change-Id: I29835477d587f5f54bf0d94cdae9f375e3da3ce3
Reviewed-on: https://code.wireshark.org/review/27437
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
While at it, use g_build_filename. Found by Clang Static Analyzer.
Change-Id: I5c50f50abb8c16a553586c548ccd1ae6c3cdd8c1
Reviewed-on: https://code.wireshark.org/review/27439
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I541bd728c159e95c2d5daa8ce0bfea3961ff1db9
Reviewed-on: https://code.wireshark.org/review/27203
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
These directories have had trailing slashes for years and users seem to
rely on it, so restore this assumption for backwards compatibility. The
underlying API function (Dir.persconffile_path()) is not changed because
trailing slashes were not documented for that function.
For consistency, ensure that all Lua Dir functions return paths without
trailing slashes.
Bug: 14619
Change-Id: Ia299864999578884b1ad1cd48f1bd883bce6879d
Fixes: v2.5.0rc0-579-gfb052a637f ("Use g_build_filename() instead, fix indentation")
Reviewed-on: https://code.wireshark.org/review/27166
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It has been replaced by cmake.
Change-Id: I83a5eddb8645dbbf6bca9f026066d2e995d8e87a
Reviewed-on: https://code.wireshark.org/review/26969
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add 8-bit, 16-bit, 24-bit, and 32-bit "fetch signed value" routines, and
use them rather than casting the result of the 8/16/24/32-bit "fetch
unsigned value" routines to a signed type (which, BTW, isn't sufficient
for 24-bit values, so this appears to fix a bug
in epan/dissectors/packet-zbee-zcl.c).
Use numbers rather than sizeof()s in various tvb_get_ routines.
Change-Id: I0e48a57fac9f70fe42de815c3fa915f1592548bd
Reviewed-on: https://code.wireshark.org/review/26844
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Always display Lua messages (to match tshark), do not send them to
qDebug as they will not be visible with the default log options.
Change-Id: I660a3877355891d45881b26735596ea6dc8a8b29
Fixes: v2.5.0rc0-2037-gc9b6887d84 ("wslua: Fix logger after g6a5e90f2")
Reviewed-on: https://code.wireshark.org/review/26599
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Allow FileHandlers to specify the extension that is used for saved
files. Implementation note: previously "fh->extensions" was unused;
memory is not freed anywhere because registered file handlers can
currently not be destroyed.
Bug: 14386
Change-Id: I65509c10a678fc6af0cf6a4c5c8aed56e79ea34a
Reviewed-on: https://code.wireshark.org/review/26399
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
In true_false_string_from_table(), keep the pointers to the "true" and
"false" strings in local non-const pointer variables, so we can free
them without a complaint.
Only when we're finished, and have valid "true" and "false" strings, do
we allocate the true_false_string structure and fill it in with those
pointers.
Change-Id: I6eb3ee46bdc47bf42d6e913c72884f0eac22997e
Reviewed-on: https://code.wireshark.org/review/26353
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Separate the stuff that any record could have from the stuff that only
particular record types have; put the latter into a union, and put all
that into a wtap_rec structure.
Add some record-type checks as necessary.
Change-Id: Id6b3486858f826fce4b096c59231f463e44bfaa2
Reviewed-on: https://code.wireshark.org/review/25696
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The first is deprecated, as per https://spdx.org/licenses/.
Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed
Reviewed-on: https://code.wireshark.org/review/25661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
pinfo->pkt_encap is jsut a copy of pinfo->phdr->pkt_encap; no need for
the copy.
Expand a comment while we're at it.
Change-Id: I5fcfe694ecba42507f1d629d01440da0a0989501
Reviewed-on: https://code.wireshark.org/review/25643
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The data for an address is *not* guaranteed to be aligned on any
particular boundary, so, for IPv4 addresses, don't assume it's aligned
on a 32-bit boundary - copy it with memcpy() and use the result of the
copy.
For IPv6 addresses, cast the data pointer to a pointer to a *const*
ws_in6_addr, so we don't throw away constness.
Change-Id: I0e00263f594d7778c3bd9b98e4336cb201c1f3d5
Reviewed-on: https://code.wireshark.org/review/25580
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Open lua scripts when double-clicked. Behavior depends on your system
configuration. Add tooltips accordingly.
Let Qt wrap the "Wireshark" tab information.
Set column widths by eyeballing their contents.
Elide the Folders and Plugins strings in the middle.
Fixup placeholder text capitalization.
Draw links using the palette link color.
Change-Id: Ic141eae05541480ec1e254c55fd81728d04713d9
Reviewed-on: https://code.wireshark.org/review/25510
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move checking of encoding before allocating nstime.
Found by clang.
Change-Id: I3c1de5fae6fcf52393cc38302359f21f17808087
Reviewed-on: https://code.wireshark.org/review/25442
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Putting up for review, though I am not completely convinced that
file_gets() can return an empty line.
Bug: 14295
Change-Id: If36761ea511b66c01a9f167809a218a7eadbfcc5
Reviewed-on: https://code.wireshark.org/review/24997
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Qt log output changes in g6a5e90f2 changed the Qt message handler
to use g_log. Lua logging already used g_log. The Qt variant of
funnel logger, which is used by Lua as g_log backend, is currently
using qDebug and this gives recursive calls to g_log and thus an assert.
Rewrite the lua logging to not use g_log.
Change-Id: Icf4f0022a11cb32d2b4f413f76d946f2506e283d
Reviewed-on: https://code.wireshark.org/review/24888
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Do not give an uninitialised error pointer to g_dir_open(), this
will give a crash if g_dir_open() fails.
Remove wslua_dir.dummy because it is not used by anyone.
Change-Id: I044eee021393f2ea2aa022138bbf6fd099eb0908
Reviewed-on: https://code.wireshark.org/review/24840
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Free some variables in error handling.
Change-Id: I0d0653962b11f760c31872aa7e5b5f1d20c54dcb
Reviewed-on: https://code.wireshark.org/review/24842
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This will make the code easier and removes the use of a generic
"Expert Info" as name.
Change-Id: I57ad2adb851726106ddc5009f3c6ca61721f647a
Reviewed-on: https://code.wireshark.org/review/24792
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change the expert info registry to use summary text as field name instead
of blurb to show the correct column header tooltip in custom columns.
Preserve backward compability by not use empty summary text.
Change-Id: Ibbaf142165be0d9f42d1e2476f39f8d251ea0593
Reviewed-on: https://code.wireshark.org/review/24788
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Follow-up to b695b3e2f7.
Change-Id: I7e36519f2c3806c1205d05437671325080974257
Reviewed-on: https://code.wireshark.org/review/24524
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Replace with conversation API that limits the "endpoint" to a single
uint32 value.
The intention is to eventually have "layered" endpoints, because circuit_id
was used in cases where src/dest port have already been populated (and
are used for layers above). Those src/dest ports should just be treated
as just another endpoint, but we currently only have support for one.
Change-Id: Ic6aa7ef0241275aa4dfde9459194369b48c72960
Reviewed-on: https://code.wireshark.org/review/24369
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That allows a parallel typedef of ws_in4_addr for guint32.
Change-Id: I03b230247065e0e3840eb87635315a8e523ef562
Reviewed-on: https://code.wireshark.org/review/24073
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Autotools has the very useful feature by design of allowing the user
to override the default build flags (you break it you keep it).
Apparently CMake applies COMPILE_OPTIONS target property after
CMAKE_{C,CXX}_FLAGS so that doesn't work here. Prepend our flags to those
variables instead to make it work then.
Specific target flag overrides can still be added with COMPILER_OPTIONS
(e.g: generated files with -Wno-warning) but this is less effective and
then we're back at the point where this overrides user flags. It's less
of a concern though.
Change-Id: I44761a79be4289238e02d4e781fef0099628817b
Reviewed-on: https://code.wireshark.org/review/23675
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Relax requirements for upgrades and make running side-by-side installations
more convenient.
Change-Id: I5299eed005a4748c54465dec90f477adb577e056
Reviewed-on: https://code.wireshark.org/review/23619
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
WS_DLL_PUBLIC const char *get_plugin_dir(void);
WS_DLL_PUBLIC const char *get_plugins_pers_dir(void);
Opt for the plural form consistently (for public functions at least).
Change-Id: I8a5861ad7f90f9c87168bd3275bd9dbc5c83b749
Reviewed-on: https://code.wireshark.org/review/23608
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Some code is unreachable in some configurations.
Change-Id: I23ff9a6032f4f7f6eb8e6607c6473a77a8bb6ac6
Reviewed-on: https://code.wireshark.org/review/23561
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Obviate allocation on every call to get_plugins_pers_dir().
Change-Id: I089ae499f93739d490d4552f59b5db5996f7d26f
Reviewed-on: https://code.wireshark.org/review/23495
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: João Valverde <j@v6e.pt>
Optimize code and open possibility for enriching IPv6 tap data.
Change-Id: I5a204d7464cde32123d5bfe664cc9b6bcf08dbe1
Reviewed-on: https://code.wireshark.org/review/23340
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
The Dissector.list, Listener.list and Field.list functions do not accept
a parameter. Passing one however results in a crash because the first
element is not the expected table, but the first function parameter.
Change-Id: I8483d0aa20716045472f30f5b41a449bed549b05
Reviewed-on: https://code.wireshark.org/review/23209
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Also, fix error messages reported for lua_load() to speak of
precompilation, not execution (the script isn't *executed* until
lua_pcall() is called).
Change-Id: I7ac9ee6e5df7612f9af141e51958fbfad38a4083
Reviewed-on: https://code.wireshark.org/review/23023
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Support per-packet comments in ERF_TYPE_META through a new Anchor ID
extension header with per-Host unique 48-bit Anchor ID which links an
ERF_TYPE_META record with a packet record. There may be more than one
Anchor ID associated with a packet, where they are grouped by Host ID
extension header in the extension header list. Like other ERF_TYPE_META
existing comments should not be overwritten and instead a new record
generated. See erf_write_anchor_meta_update_phdr() for detailed comments
on the extension header stack required.
As Wireshark only supports one comment currently, use the one one with
the latest metadata generation time (gen_time). Do this for capture
comment too.
Write various wtap metadata in periodic per-second ERF_TYPE_META records
if non-WTAP_ENCAP_ERF or we have an updated capture comment.
Refactor erf_dump to create fake ERF header first then follow common
pseudoheadr and payload write code rather than two separate code paths.
Support an ERF_HOST_ID environment variable to define Wireshark's Host
ID when writing. Defaults to 0 for now.
ERF dissector updates to support Anchor ID extension header with basic
frame linking.
Update ERF_TYPE_META naming and descriptions to official name
(Provenance)
Core changes:
Add has_comment_changed to wtap_pkthdr, TRUE when a packet
opt_comment has unsaved changes by the user.
Add needs_reload to wtap_dumper which forces a full reload of the file
on save, otherwise wireshark gets confused by additional packets being
written.
Change-Id: I0bb04411548c7bcd2d6ed82af689fbeed104546c
Ping-Bug: 12303
Reviewed-on: https://code.wireshark.org/review/21873
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stephen Donnelly <stephen.donnelly@endace.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Absolute and Relative time fields could not be converted to seconds
without converting to string and parsing to number.
Fixed conversion in generated code that was subject to precision loss
Usage:
f=Field.new("frame.delta_time")
delta=f().value:tonumber()
Change-Id: I6ef91c6238a6c2ed9adf6cae03f8913f0a09332e
Reviewed-on: https://code.wireshark.org/review/22316
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make two minor adjustments to allow building on Windows when the source
directory is specified in UNC notation (\\server\volume\directory)
instead of mapping such a directory to a drive letter.
Cmake's add_custom_command() calls "cd <work_dir>" if a working
directory is define as part of the rule. However,
cd \\server\volume\directory
is not allowed.
Modify the two occassions where the working directory is derived from
CMAKE_SOURCE_DIR.
For copying some install files, we can get away with using the absolute
path for each source file to be copied.
The perl script that creates the tap listing for lua does not depend on
a working directory at all. We can simply remove the WORKING_DIRECTORY
parameter.
Change-Id: Iac8e0addc44650692c1263fdca11f68315f50c63
Reviewed-on: https://code.wireshark.org/review/22236
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Use WTAP_MAX_PACKET_SIZE_STANDARD, set to 256KB, for everything except
for D-Bus captures. Use WTAP_MAX_PACKET_SIZE_DBUS, set to 128MB, for
them, because that's the largest possible D-Bus message size. See
https://bugs.freedesktop.org/show_bug.cgi?id=100220
for an example of the problems caused by limiting the snapshot length to
256KB for D-Bus.
Have a snapshot length of 0 in a capture_file structure mean "there is
no snapshot length for the file"; we don't need the has_snap field in
that case, a value of 0 mean "no, we don't have a snapshot length".
In dumpcap, start out with a pipe buffer size of 2KB, and grow it as
necessary. When checking for a too-big packet from a pipe, check
against the appropriate maximum - 128MB for DLT_DBUS, 256KB for
everything else.
Change-Id: Ib2ce7a0cf37b971fbc0318024fd011e18add8b20
Reviewed-on: https://code.wireshark.org/review/21952
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This function returns TRUE/FALSE depending whether the specified ProtoField/Dissector
needs to be dissected. By using this function in conjunction with the TreeItem.visible
attribute, Lua dissectors can be significantly sped up by making less C interop calls
which are relatively slow in terms of dissection especially when using sub-protocols
where the dissection of an entire protocol can be skipped.
Added tests for TreeItem:referenced to protofield.lua
Change-Id: I44feacb91a2a5b0e3c28c0ccd8d6b04cccd67261
Reviewed-on: https://code.wireshark.org/review/21387
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The only place the time stamp precision is used is in the libpcap code,
where it determines whether to write out microsecond-precision or
nanosecond-precision time stamps; we can determine that by looking at
the type/subtype field, which is also part of that structure, so do
that.
We weren't setting it consistently - we were only setting it in libpcap
and a few other capture file writers, and not in other capture file
writers - and none of the writers other than libpcap used it.
Change-Id: If53779cf4823ca936b8bf3e8a7dbcfea5850e652
Reviewed-on: https://code.wireshark.org/review/21171
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Currently, this is only used to determine whether a protocol tree needs
to be built on the first pass or not - if there are postdissectors that
need fields, it does - but eventually we should be able to use it to
prime the dissection to deliver those fields in cases where we don't
need the *entire* protocol tree (rather than using a hack such as
cooking up a fake tap with a fake filter to do that).
Update MATE and TRANSUM to use it.
Clean up code to check whether we need a protocol tree, and add comments
before that code indicating, in each case, what the criteria are.
The array of postdissectors includes a length, so we don't need to
separately keep track of the number of postdissectors.
Clean up indentation while we're at it.
Change-Id: I71d4025848206d144bc54cc82941089a50e80ab7
Reviewed-on: https://code.wireshark.org/review/21029
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a "report a warning message" routine to the "report_err" code in
libwsutil, and rename files and routines appropriately, as they don't
only handle errors any more.
Have a routine read_enabled_and_disabled_protos() that reads all the
files that enable or disable protocols or heuristic dissectors, enables
and disables them based on the contents of those files, and reports
errors itself (as warnings) using the new "report a warning message"
routine. Fix that error reporting to report separately on the disabled
protocols, enabled protocols, and heuristic dissectors files.
Have a routine to set up the enabled and disabled protocols and
heuristic dissectors from the command-line arguments, so it's done the
same way in all programs.
If we try to enable or disable an unknown heuristic dissector via a
command-line argument, report an error.
Update a bunch of comments.
Update the name of disabled_protos_cleanup(), as it cleans up
information for disabled *and* enabled protocols and for heuristic
dissectors.
Support the command-line flags to enable and disable protocols and
heuristic dissectors in tfshark.
Change-Id: I9b8bd29947cccdf6dc34a0540b5509ef941391df
Reviewed-on: https://code.wireshark.org/review/20966
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add ABSOLUTE_TIME_* defines to the base table in init.lua for use
in ProtoField.absolute_time.
Change-Id: I5c99eafdac97655d71fd4f3374294cd587afaf0a
Reviewed-on: https://code.wireshark.org/review/20543
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Also add documentation strings to the base values.
Change-Id: I00ac8f154fdd0382106ed27d740e16956520be97
Reviewed-on: https://code.wireshark.org/review/20554
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
When using base.UNIT_STRING in a ProtoField the table must be given.
Change-Id: Ie4beb93b5597a97a99939ef2c60a1ee7ece328f2
Reviewed-on: https://code.wireshark.org/review/20542
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Check base value for signed integer before unsigned to avoid a case
where the valid bases for a unsigned integer is presented in a error
message when a signed type is used.
Change-Id: Idfb87597779652e32adceacad220d748afda5e85
Reviewed-on: https://code.wireshark.org/review/20541
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Remove double start-of-comments and some leading spaces.
Change-Id: I1c5ba49990076cc2d32da2d0a3bb0f54ec31e823
Reviewed-on: https://code.wireshark.org/review/20540
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reject ProtoField signed integer types with base other than base.DEC
and base.UNIT_STRING. Update documentation for this.
Bug: 13484
Change-Id: I55a636c89704e96a598f1f185faabd8ad13d96f1
Reviewed-on: https://code.wireshark.org/review/20533
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
WSLUA documents FileHandler:read as returning a boolean or integer.
Ignore strings, do not treat strings as number even if it is possible.
Remove undocumented feature of FileHandler:seek_read that used returned
strings as the frame data. Use FrameInfo:read_data instead. This avoids
interpreting numbers as data which caused surprising behavior when
combining with FileHandler:read.
Documentation has been improved to document the return value, this is
consistent with the documentation in the WSLUA tests.
Change-Id: I31f74ec33ff0e43c90d83c1904af43801886cfa1
Reviewed-on: https://code.wireshark.org/review/19366
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The default separator is really an empty string, not a single space.
This has been wrongly documented since the beginning.
Change-Id: I5598daec1486ce17cfeeaf5697f9759172db9cf5
Fixes: v1.11.3-rc1-1760-g860747e1e7 ("Adds some Lua helper functions: some commonly used functions, and to help troubleshooting Lua scripts")
Reviewed-on: https://code.wireshark.org/review/20296
Reviewed-by: Michael Mann <mmann78@netscape.net>
This emphasizes that there is no such thing as *the* routine to
construct a subset tvbuff; you need to choose one of
tvb_new_subset_remaining() (if you want a new tvbuff that contains
everything past a certain point in an existing tvbuff),
tvb_new_subset_length() (if you want a subset that contains everything
past a certain point, for some number of bytes, in an existing tvbuff),
and tvb_new_subset_length_caplen() (for all other cases).
Many of the calls to tvb_new_subset_length_caplen() should really be
calling one of the other routines; that's the next step. (This also
makes it easier to find the calls that need fixing.)
Change-Id: Ieb3d676d8cda535451c119487d7cd3b559221f2b
Reviewed-on: https://code.wireshark.org/review/19597
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is mostly to address memory leaks in range preferences (the biggest
user of range functionality) on shutdown.
Now range preferences must use epan scoped memory when referencing
internal preference structures to keep consistency.
Change-Id: Idc644f59b5b42fa1d46891542b53ff13ea754157
Reviewed-on: https://code.wireshark.org/review/19387
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I4d1cf878245b03665207a500fb7593be1435c3d3
Reviewed-on: https://code.wireshark.org/review/19371
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add handling of STR_ASCII and STR_UNICODE as base types for string
and stringz. Add handling of SEP_DOT, SEP_DASH, SEP_COLON and
SEP_SPACE for bytes and uint_bytes. Add SEP_NONE for completeness.
Change-Id: Ida46c215fee7ec7132ec91ab5dd6cb3de4628920
Reviewed-on: https://code.wireshark.org/review/19337
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Fixes Lua on macOS, tested with an out-of-tree build:
WS_BIN_PATH=$PWD/run ../wireshark/test/test.sh -s wslua
Previously programs that were ran from the build directory would load
data files (radius/, diameter/, init.lua) from the source directory.
Then in the case of Lua, files were loaded from the program directory
($BUILDDIR/run/init.lua on Linux) or source directory
(sSOURCEDIR/epan/wslua/console.lua).
On macOS, this does not work for Lua since files are installed into
$BUILDDIR/run/Wireshark.app/Contents/Resources/share/wireshark/init.lua
instead. Since CMake always copies data files (radius, console.lua,
etc.) into the build directory, make get_datafile_dir() return this
"run" directory instead.
Change-Id: If97d2f5686271caf9ad4d4e4fc58e902dc592a98
Reviewed-on: https://code.wireshark.org/review/19330
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add support for using unit names in ProtoField integer types by
using base.UNIT_STRING.
Add unit name table argument in ProtoField.float() and
ProtoField.double() (and made backward compatibility).
The use of base.UNIT_STRING is not really the best API for adding
unit names in Lua, but is the simples solution without adding new
arguments to ProtoField.
Change-Id: Ib5d064480cffd970a41db1764440642f6c593bb2
Reviewed-on: https://code.wireshark.org/review/19313
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Also added a note above field_display_e enum to indicate that this
values are parsed in make-init-lua.pl to build init.lua.
Change-Id: Ibd125684f9a68e1b8116fae0ccbc72147825d75d
Reviewed-on: https://code.wireshark.org/review/19336
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Because luaL_argerror() does a longjmp all memory free must be done
before calling this.
Also rewrote true_false_string_from_table() to be a bit simpler
and to give argument error when too many strings in the table.
Change-Id: Ied0fa468f1274155c746fe2e086dacf1a8582b08
Reviewed-on: https://code.wireshark.org/review/19325
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
FT_CHAR is straightforward to support.
Split the list of "invalid" types into a list of "unsupported" types and
a short list of "invalid" types, containing FT_PCRE (which isn't a valid
type for a field) and "everything else". Add FT_IEEE_11073_SFLOAT and
FT_IEEE_11073_FLOAT to the "unsupported" list.
Flag the whole unsupported list as just "not handled yet".
Change-Id: I62d2d7eead53377e4e601594a035b4395fdbeead
Reviewed-on: https://code.wireshark.org/review/18979
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: If1daef88dce166ec92f00a8c6e71bcb220d25e0c
Signed-off-by: Franklin "Snaipe" Mathieu <snaipe@diacritic.io>
Reviewed-on: https://code.wireshark.org/review/18917
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
In the C API, one can register a heuristic for the same protocol on different
lists by specifying another unique short_name. This is impossible in the
lua API, as the protocol name is used as the short name itself.
This change fixes that by creating an unique shortname composed of the
protocol name and the target list name.
Change-Id: I2c30ce6e4f7a3b38879180c64cf8564f779163b4
Signed-off-by: Franklin "Snaipe" Mathieu <snaipe@diacritic.io>
Reviewed-on: https://code.wireshark.org/review/18711
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
* Added support for 3-byte integers in :int() and :le_int()
* Added support for 5, 6, and 7-byte integers in :int64() and :le_int64()
Change-Id: If9ab4ea806191bc63effe45a081b9c65693c2367
Signed-off-by: Franklin "Snaipe" Mathieu <snaipe@diacritic.io>
Reviewed-on: https://code.wireshark.org/review/18672
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
* Implement Tvb:ipv6()
* Handle FT_IPv6 protofields during insertion in the lua tree
* Implement Address.ipv6(hostname)
Change-Id: I585c392681b3aef02ed8ee956f74051d77fb28d4
Signed-off-by: Franklin "Snaipe" Mathieu <snaipe@diacritic.io>
Reviewed-on: https://code.wireshark.org/review/18442
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Previously the metatables for classes were the same for the class and
its instances. This results in issues like calling __gc on the class
table on exit.
Make it possible to declare separate class methods (functions) and
instance methods. Observe that all attributes apply to the instances
only, so make these just available on the instance.
The attribute/methods lookup method (via __index/__newindex) have been
rewritten to use upvalues, removing the technical need for the
properties __getters/__setters/__methods. The "lua globals" test still
checks for these, but it could be removed in the future.
To fix bug 12968, the __gc method is removed from the class method.
Future patches should remove the WSLUA_REGISTER_CLASS,
WSLUA_REGISTER_META and WSLUA_REGISTER_ATTRIBUTES macros completely and
create split class functions/methods (such that __call for an instance
cannot accidentally be invoked on the class).
Removed duplicate "fragmented" property from Pinfo (which triggered an
error) and replaced exit() by g_error() for debugger friendliness.
Remove lua_shiftstring since checkstring always returns non-NULL.
Bug: 12968
Change-Id: I57f8a93d08bb84c79b0e94cf2c82d8402fc16646
Reviewed-on: https://code.wireshark.org/review/18026
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Internal change, this allows use of negative indices for
lua_rawgetfield/lua_rawsetfield convenience functions and is closer to
lua_getfield/lua_setfield semantics in terms of indices.
Add lua_absindex for compatibility with Lua 5.1 (do not bother exporting
it yet since it is only used in this file, also do not rename it since
it is the same functionality with no Wireshark-specific changes.)
Change-Id: I322954ef461164ec514ed9f034ae2691775e67da
Reviewed-on: https://code.wireshark.org/review/18025
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Improve example with better formatting, clarification comments and more
common variable names.
Extend make-wsluarm.pl to support arguments containing underscores.
Fixes the description of dissect_tcp_pdus.
Change TvbRange.tvb(tvb) into tvbrange:tvb() and ByteArray.tvb(name)
into bytearray:tvb(name), these are really instance methods.
Change-Id: I1e20ef46195dc6c06f9ac790d3432db283d21a5e
Reviewed-on: https://code.wireshark.org/review/18226
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ti->item is NULL for the root item, prevent a NULL-deref by Lua script.
Bug: 13017
Change-Id: I5e7f71d014a01bab615288df76509b3ef97b1bf6
Reviewed-on: https://code.wireshark.org/review/18247
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't set `lua_tvb` (or any of the other global variables) to NULL after a
Lua dissector is called: it's possible that the caller is also a Lua dissector
which may want/need that (global) variable to still be set (to the value it
had before the sub-dissector was called).
This fixes the problem reported in:
https://ask.wireshark.org/questions/56110/lua-error-tvbs-can-only-be-created-and-used-in-dissectors
Making these variables not be a globals (as suggested at the top of
init_wslua.c) might be a better solution--for another day.
Change-Id: I14fb8ec35b62abeda3f3471a323b88c80537a06e
Reviewed-on: https://code.wireshark.org/review/18095
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Lua 5.2.4 built with -DLUA_USE_APICHECK detected a stack issue:
tshark: lapi.c:175: lua_settop: Assertion `(-(idx+1) <= (L->top - (func + 1))) && "invalid new top"' failed.
Function File_read always assumes that File_read_line pushes a value on
the stack (which clearly did not happen). On read failure, it would then
pop the stack (tripping the assertion) to push nil.
The other user (File_lines) is also affected by this change, but the Lua
5.2.4 documentation says that it should also return nil on EOF, fitting
this implementation.
Change-Id: I9cc8a5319523b2b56f4ae4735bbdbc1196387386
Reviewed-on: https://code.wireshark.org/review/18016
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Instead of checking for the boolean "FALSE", just set an empty string.
This avoids the need to check for WERROR_COMMON_FLAGS before using it.
The transformation is the same for all files, remove
"if (WERROR_COMMON_FLAGS)" and "endif()", reindent and add quotes (since
we have a string here and not a list).
Modelines have been added where missing.
Change-Id: I0ab05ae507c51fa77336d49a99a226399cc81b92
Reviewed-on: https://code.wireshark.org/review/17997
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Have all dissector tables have a "supports Decode As" flag, which
defaults to FALSE, and which is set to TRUE if a register_decode_as()
refers to it.
When adding a dissector to a dissector table with a given key, only add
it for Decode As if the dissector table supports it.
For non-FT_STRING dissector tables, always check for multiple entries
for the same protocol with different dissectors, and report an error if
we found them.
This means there's no need for the creator of a dissector table to
specify whether duplicates of that sort should be allowed - we always do
the check when registering something for "Decode As" (in a non-FT_STRING
dissector table), and just don't bother registering anything for "Decode
As" if the dissector table doesn't support "Decode As", so there's no
check done for those dissector tables.
Change-Id: I4a1fdea3bddc2af27a65cfbca23edc99b26c0eed
Reviewed-on: https://code.wireshark.org/review/17402
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Setting our compiler warning flags in CMAKE_C_FLAGS does not allow
using different flags per target.
Allow for that possibility by setting the internal WS_WARNINGS_{C,CXX}_FLAGS
and using the COMPILE_OPTIONS property to set them.
This change is just setting mechanism and there should be no difference
in generated warnings.
The check_X_compiler_flag cmake test is changed to test each flag individually.
We need a list, not a space separated string, and the aggregate test is not
significant.
Change-Id: I59fc5cd7e130c7a5e001c598e3df3e13f83a6a25
Reviewed-on: https://code.wireshark.org/review/17150
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: Ibc43b1976d5827e8c40252a5200852fbcd00b70c
Reviewed-on: https://code.wireshark.org/review/16763
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: João Valverde <j@v6e.pt>
The g_warning calls seem legitimate, so "hide" them from checkAPIs.pl.
Change-Id: I6d25b08e22aeeb0244e07836385f2b67d6261546
Reviewed-on: https://code.wireshark.org/review/16703
Reviewed-by: Michael Mann <mmann78@netscape.net>
Many of the complaints from checkAPI.pl for use of printf are when its embedded
in an #ifdef and checkAPI isn't smart enough to figure that out.
The other (non-ifdef) use is dumping internal structures (which is a type of
debug functionality)
Add a "ws_debug_printf" macro for printf to pacify the warnings.
Change-Id: I63610e1adbbaf2feffb4ec9d4f817247d833f7fd
Reviewed-on: https://code.wireshark.org/review/16623
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A string option, if present, always has a value; it might be a null
*string*, but you won't get a null pointer (if the option isn't present,
it simply isn't present).
Fix some comments while we're at it.
Change-Id: I9c1420f56998a7d04de5c5cc2e92631b181f303a
Reviewed-on: https://code.wireshark.org/review/16564
Reviewed-by: Guy Harris <guy@alum.mit.edu>
A block can have zero or more instances of a given option. We
distinguish between "one instance only" options, where a block can have
zero or one instance, and "multiple instances allowed" options, where a
block can have zero or more instances.
For "one instance only" options:
"add" routines add an instance if there isn't one already
and fail if there is;
"set" routines add an instance if there isn't one already
and change the value of the existing instance if there is one;
"set nth" routines fail;
"get" routines return the value of the instance if there is one
and fail if there isn't;
"get nth" routines fail.
For "multiple instances allowed" options:
"add" routines add an instance;
"set" routines fail;
"set nth" routines set the value of the nth instance if there is
one and fail otherwise;
"get" routines fail;
"get nth" routines get the value if the nth instance if there is
one and fail otherwise.
Rename "optionblock" to just "block"; it describes the contents of a
block, including both mandatory items and options.
Add some support for NRB options, including IPv4 and IPv6 option types.
Change-Id: Iad184f668626c3d1498b2ed00c7f1672e4abf52e
Reviewed-on: https://code.wireshark.org/review/16444
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It is unlikely that tree:add(nil) or tree:add(nil, tvb) represents a
valid invocation. Most likely the developer made a mistake and tried
something like:
local pf_thing = ProtoField.string("some.thing", "Description")
some_proto.fields = { pf_thing }
...
tree:add(some_proto.fields.thing, tvb())
which should have been:
some_proto.fields = { thing = pf_thing }
or:
tree:add(pf_thing, tvb())
Save the developer some pain and bail out early.
Change-Id: I59fc04153f02bb186b47b763676a68bb0271df76
Reviewed-on: https://code.wireshark.org/review/16177
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Ensure that the member cannot be NULL at initialization, simplifies
checkCaptureInfo and checkCaptureInfoConst logic.
Change-Id: I2d9caa4a235310569ebbf0b30199dd3df7a4c093
Reviewed-on: https://code.wireshark.org/review/14791
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reduce noise, no caller has used this parameter since its introduction.
Msotly automated regex search and replace.
Change-Id: I4b1180bfee8544b38d19c9c440ff5b9b0dc080b2
Reviewed-on: https://code.wireshark.org/review/14790
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This doesn't try to use any data from multiple Section Header blocks, it
just converts single Section Header block usage into a GArray, so the
potential is there to then use/support multiple Section Header blocks
within a file format (like pcapng)
Change-Id: I6ad1f7b8daf4b1ad7ba0eb1ecf2e170421505486
Reviewed-on: https://code.wireshark.org/review/15636
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also add a length parameter to wtap_optionblock_set_option_string
Change-Id: I8c7bbc48aa96b5c2a91ab9a17980928d6894f1ee
Reviewed-on: https://code.wireshark.org/review/15505
Reviewed-by: Anthony Coddington <anthony.coddington@endace.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Previous patches converted all fvalue_to_string_repr calls to expect
an allocated buffer (and not a passed in one). Now changing signature
to force an allocated buffer. Added wmem in case that can be taken
advantage of within epan (and since the function signature was changing
anyway).
Change-Id: Ica1ac4a9a182ce0e73303856329e198d9d525b7b
Reviewed-on: https://code.wireshark.org/review/15343
Reviewed-by: Michael Mann <mmann78@netscape.net>
This generates a top level target, checkAPI, that is
excluded from the ALL build target, so must be run separately.
On Windows using a Visual Studio generator, call
msbuild /p:Configuration=RelWithDebInfo checkAPI.vcxproj
Change-Id: I44a57c564dcfc75499463b942436f4b920a82478
Reviewed-on: https://code.wireshark.org/review/14873
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
A similar problem was addressed in v1.99.10rc0-339-g82b2258, but that
patch missed the get_pdu_len function. A crash could occur when
get_pdu_len does not return a number or when it raises a Lua error.
Change-Id: I1a42a95d88708ae3bf6e015ba8d7af4db5071a00
Reviewed-on: https://code.wireshark.org/review/14954
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Follow up to 2226802826.
Change-Id: Icd199a692f13bf30a68f655e30d7353987b22a6c
Reviewed-on: https://code.wireshark.org/review/14942
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reset wslua_dfilter and remove the Field tap_listener when
reloading plugins.
Check for tap listeners in rescan_packets() after ws_epan_new()
because Lua may register the Lua field tap when adding Fields.
Bug: 12328
Change-Id: Ibbd8339033132c6f3b61d7e9c9ced9ed2b9affec
Reviewed-on: https://code.wireshark.org/review/14871
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The current wslua code does not properly handle out of memory
conditions. Since recovering from OOM is difficult in many places, just
abort the program (which is done by g_realloc).
Change-Id: Idae68d08c90c82ba5df18a28cc1e507d61d20e78
Reviewed-on: https://code.wireshark.org/review/14786
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Use ex_opt_get_nth instead of ex_opt_get_next to avoid consuming the
parameters. This ensures that lua scripts via the "-Xlua_script"
parameter are also reloaded.
Change-Id: I316726cdf99f7ee3d738d3632a7f639ea8596f96
Reviewed-on: https://code.wireshark.org/review/14870
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
luaL_error never returns, free memory before.
Change-Id: Ibcdbdb6afea5d2dab7be6a16c4c2536dcf14220a
Reviewed-on: https://code.wireshark.org/review/14734
Reviewed-by: Michael Mann <mmann78@netscape.net>
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
A Proto may be only be registered with a heuristic dissector once,
because we check this in heur_dissector_add().
Change-Id: I524fa832b647d557f13aedcb870f7789058d2180
Reviewed-on: https://code.wireshark.org/review/14436
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Use pkg-config if a zlib.pc file is available.
Remove the now redundant AC_TRY_LINK_FUNC test (there are no linker flags
for GTK+ here).
Change-Id: I7de744749eba7231ae0097b975144b76ffcf1bdb
Reviewed-on: https://code.wireshark.org/review/14263
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Smaller epan/CMakeLists.txt is easier to work with and this structure
is well suited to CMake. It should make it easier to manage and configure
each epan module differently if necessary.
Change-Id: Ia649db3b7dcd405aa43dbdba3288699d5e375229
Reviewed-on: https://code.wireshark.org/review/14068
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
in wslua_init(), our lua instance L is set to NULL if
disable_lua is true in init.lua
make sure that we leave wslua_init() in this case
if we don't, we crash in lua_pop(L,1); with L==NULL
Program received signal SIGSEGV, Segmentation fault.
0x00007fffefb41a73 in lua_settop () from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0
(gdb) bt
#0 0x00007fffefb41a73 in lua_settop () from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0
#1 0x00007ffff4fb50e4 in wslua_init (cb=cb@entry=0x516f40 <splash_update(register_action_e, char const*, void*)>,
client_data=client_data@entry=0x0) at init_wslua.c:900
[...]
Bug:12196
Change-Id: Ic338c4edcb897c0eaa9b6755bbb6c9991ec6ed02
Reviewed-on: https://code.wireshark.org/review/14228
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Try to improve address API and also fix some constness warnings
by not overloading the 'data' pointer to store malloc'ed buffers
(use private pointer for that instead).
Second try, now passing test suite.
Change-Id: Idc101cd866b6d4f13500c9d59da5c7a38847fb7f
Reviewed-on: https://code.wireshark.org/review/13946
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
HT tab stops are set every 8 spaces on UN*X; UN*X tools that treat an HT
character as tabbing to 4-space tab stops, or that even are configurable
but *default* to 4-space tab stops (I'm looking at *you*, Xcode!) are
broken. tab-width: 4, tabstop=4, and tabSize=4 are errors if you ever
expect anybody to look at your file with a UN*X tool, and every text
file will probably be looked at by a UN*X tool at some point, so Don't
Do That.
Adjust indentation to reflect the mode lines.
Change-Id: Icf0831717de10fc615971fa1cf75af2f1ea2d03d
Reviewed-on: https://code.wireshark.org/review/14150
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This was inspired by https://code.wireshark.org/review/9729/, but takes it in a different direction where all options are put into an array, regardless of whether they are "standard" or "custom". It should be easier to add "custom" options in this design. Some, but not all blocks have been converted.
Descriptions of some of the block options have been moved from wtap.h to pcapng.h as it seems to be the one that implements the description of the blocks.
Also what could be added/refactored is registering block behavior.
Change-Id: I3dffa38f0bb088f98749a4f97a3b7655baa4aa6a
Reviewed-on: https://code.wireshark.org/review/13667
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Remove mostly obsolete aclocal macros. Make GTK build flags a strict superset
of GLib flags. Use GTK build variables for GTK GUI and GLib elsewhere. Add
dependency flags explicitly instead of using WS_CPPFLAGS.
Some minor improvements and fixes for missing/unnecessary variables (no impact
on our test builds).
Change-Id: I3e1f067a875f79d6516c1fa7af986f17a7a6b671
Reviewed-on: https://code.wireshark.org/review/14005
Reviewed-by: João Valverde <j@v6e.pt>
Add a check for out-of-bounds before calling tvb_strsize() because
this will THROW an exception if not finding a terminating NUL.
Unhandled exceptions will mess up Lua luaL_error() handling and
will end up in a crash.
Change-Id: Ieafef59a3858656e0d8c79904828b631657b4cbc
Reviewed-on: https://code.wireshark.org/review/13842
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
On error in Dissector_call and DissectorTable_try we should not
terminate with WSLUA_ERROR because the error is already reported
in the tree with show_exception().
Change-Id: I60739f12cb8b16fe2270f47701286fd0dbf04c6f
Reviewed-on: https://code.wireshark.org/review/13819
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This reverts commit 13ec77a9fc.
This commit introduces a segmentation fault for Lua code (uncovered by the test suite).
Change-Id: Ibc273d1915cda9632697b9f138f0ae104d3fb65e
Reviewed-on: https://code.wireshark.org/review/13813
Reviewed-by: João Valverde <j@v6e.pt>
Try to improve 'address' API (to be easier/safer) and also avoid
some constness warnings by not overloading the 'data' pointer to
store malloc'ed buffers (use private pointer for that instead).
Change-Id: I7456516b12c67620ceadac447907c12f5905bd49
Reviewed-on: https://code.wireshark.org/review/13463
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
The proto tree is needed in several cases when using Lua field extractors,
because they fetch values from the tree. Without a valid field extractor
a Lua plugin may misbehave and display wrong column info.
This fixes column issues when:
- Calling resetColumns() in Qt. This involves adding a display filter,
change time display format, change name resolution and other changes
in UI which requires column updates.
- Print summary lines.
- Export as CSV and PSML.
Change-Id: Ieed6f8578cdf2759f1f836cd8413a4529b7bbd80
Reviewed-on: https://code.wireshark.org/review/13708
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
GNU coding standards recommend against it and automake is designed
around it.
This allows overriding the global build flags using AM_CFLAGS, etc.,
or per object flags, something that is difficult or impossible currently
because of automake precedence rules.
Change-Id: I3f1ea12e560af5a46b2f04b342b1882bbf123f12
Reviewed-on: https://code.wireshark.org/review/13455
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Delay allocation of a GByteArray to avoid a memleak on errors.
Change-Id: I2b2ae6d33407500e81a4f45b86ef82720d3443a4
Reviewed-on: https://code.wireshark.org/review/13553
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add fields for the absolute time stamp (and another field for a presence
flag for the absolute time stamp) and the packet encapsulation for the
packet.
This lets us remove the field for the packet encapsulation in the
frame_data structure; do so.
Change-Id: Ifb910a9a192414e2a53086f3f7b97f39ed36aa39
Reviewed-on: https://code.wireshark.org/review/13499
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This makes it possible to trigger reloading Lua plugins from
within a Lua plugin. This can be used when having a plugin to
update local plugins from a external source.
Renamed reload() to reload_packets() to clarify what's reloaded,
and added a alias (marked as obsoleted) from reload().
Change-Id: I4e529992af5f651613950329e73718dbda317d2e
Reviewed-on: https://code.wireshark.org/review/13024
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
proto_item_get_len() is *not* guaranteed to return a correct value.
Even if there's a non-null tree item, it might be pointing to a "faked"
item; it really shouldn't be used.
So add proto_tree_add_item_ret_length() and
proto_tree_add_item_new_ret_length(), which calculate the real length
themselves and return it through a pointer.
Fix as many places as we straightforwardly can to use them rather than
to use proto_item_get_len(). (There's a Lua API for
proto_item_get_len(), so we keep it around, but we should add Lua APIs
for the new routines, and deprecate the old API.)
Fix ptvcursor_add() to do the same thing that
proto_tree_add_item_ret_length() and
proto_tree_add_item_new_ret_length() do.
Split the TRY_TO_FAKE_THIS_ITEM macros into a macro to check for the
tree being null and to try to fake the item. We don't always use the
former macro, as we might need to do more than just return NULL if the
incoming tree is null (for example, calculating the item's real length
and using it...).
new_field_info() never returns NULL; remove checks for it. The check
for a null tree is done before the calls to new_field_info().
Change-Id: I002a218d1f810c73e0de837e0ac6ebcde21bacec
Reviewed-on: https://code.wireshark.org/review/13139
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Free the Pref enum values in Pref__gc().
Change-Id: I4d66dbe7ee4879f3b14094135887d78cba876ea3
Reviewed-on: https://code.wireshark.org/review/12628
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Store the Pref default string value and ensure this is freed both
when registering the pref and when not.
Use g_malloc0 to allocate Pref and avoid several init's.
Change-Id: I5f97a15d06068d7805f02f7c7feea61f9b2030f5
Reviewed-on: https://code.wireshark.org/review/12626
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reverted some unneeded changes from 7f074364 because it's currently
only used for FT_ABSOLUTE_TIME.
Also fixed some small indent issues.
Change-Id: I923e35bf8ad4e991518bee973b87d4be06137463
Reviewed-on: https://code.wireshark.org/review/12539
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The preference has already been deregistered at that point, so the value
of the preference has been freed and the pointer to it has been set to
null, so it's already been freed and its pointer no longer points to it
and the free from Lua will do nothing.
Change-Id: I11bf74932303151483cd3699659f67d64b466759
Reviewed-on: https://code.wireshark.org/review/12606
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Capture dissectors could be architected like dissection dissectors, with tables and subtables and possibly using tvbs to pass there data instead of raw byte arrays. This is a first step towards that by refactoring capture_info_packet() to work off of a "capture dissector table"
Registering the capture dissection functions instead of calling them directly also clears up a bunch of dissector header files who sole purpose was providing the capture dissection function definition.
Change-Id: I10e9b79e061f32d2572f009823601d4f048d37aa
Reviewed-on: https://code.wireshark.org/review/12581
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The check in tmp_fld_check_assert() does terminate with g_error
if given an empty string as name, so we have to check for this.
Change-Id: I084e3e715bd319484a52f60ef90c1a2aea30df1b
Reviewed-on: https://code.wireshark.org/review/12534
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Martin Kaiser