Do not display "A RX payload: <MISSING>" as it suggests something is wrong
with the packet. It is perfectly valid for RX packets to only contain modem
status.
Ping-Bug: 11743
Change-Id: I9b3417ec9404758fdc093b01ea0e7761822615f2
Reviewed-on: https://code.wireshark.org/review/37862
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Some packets (as the ones generated by oss-fuzz) can reach the
reassembly code without pinfo->src/dst defined. We need to prematurely
exit in those cases and handle the reassembly code accordingly.
Bug: 16696
Change-Id: I6d0c6c95ba8123879e9c9e3e06bfc139425d9ddd
Reviewed-on: https://code.wireshark.org/review/37859
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Adding support for DNS Stateful Operations as defined in RFC8490
Change-Id: I8dc95b53bddef0c6a6cd5e5233d1097e930c473f
Reviewed-on: https://code.wireshark.org/review/37850
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- refactoring of B&R specific company naming
Change-Id: Ic8533617f61f5bee009e1d00ebc323e00f28b3e8
Reviewed-on: https://code.wireshark.org/review/37851
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Commit "QUIC: fix decryption when the client uses an empty SCID"
addressed the root cause that prevented connections from being correctly
linked. However another trace with an empty DCID was still properly
linked even in presence of the bug.
It turns out that an earlier optimization has an unintended change.
If a short packet was preceded by any packet with a DCID of exactly 20
bytes, then a connection with an empty CID is looked up as expected, by
`quic_connection_find_dcid(pinfo, NULL, from_server)`. However if no
earlier DCID of exactly 20 bytes exists, then a lookup by address/port
would occur. That is why earlier traces still decrypt successfully.
Restore the intended behavior to ensure that (1) invalid DCIDs in a Long
Header packet are ignored, and (2) Short Header Packets are not
accidentally matched to a wrong session based on an address/port match.
The latter could occur if the same src/dst address/port tuple is reused
across different QUIC connections when all CIDs are not 20 bytes.
Change-Id: Ida2523a0922314c7a455dec7e1f8f0442be27e94
Ping-Bug: 13881
Fixes: v2.9.0rc0-1878-gfc9e404ab2 ("QUIC: small connection tracking optimization")
Reviewed-on: https://code.wireshark.org/review/37845
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use ws_strtou64 to convert __REALTIME_TIMESTAMP= and other timestamps,
which should work across platforms.
Bug: 16664
Change-Id: I371f2b60e1957e57dbbdbbc3ded5ad49e8eb79d1
Reviewed-on: https://code.wireshark.org/review/37849
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This was previously limited to one byte (=4 slots), and afaik no readers
existed that supported more slots until now - now there is the sysmocom
octsim that as the name implies offers 8 slots.
Change-Id: I5eccc7b6fb0d3c12ef7d7379d3ee88b5e7c45b71
Reviewed-on: https://code.wireshark.org/review/37816
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Here we conform to the latest ieee1905 Multi-AP spec as tested by the
WFA. We also add support for reassembling ieee1905 messages.
Bug: 16660
Change-Id: Ic67784d7c213856a364f88c177ede9688271ea2a
Reviewed-on: https://code.wireshark.org/review/37574
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Only do retransmission detection for CON and NON type messages.
Change-Id: I5b5d93800918a98d4d321d1dcd0f3090b485ba9e
Reviewed-on: https://code.wireshark.org/review/37842
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Construct FTDI FT reassembly table key based on desegment data. This
makes sure that the code can find corresponding data in the reassembly
table (which wasn't true for fuzzed captures).
Ping-Bug: 16691
Change-Id: I37f29aca07ec5e27f8a07db9233a9bb6d809dbda
Reviewed-on: https://code.wireshark.org/review/37841
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When scanning for Bad Command synchronization code 0xFA followed by the
command byte, only request reassembly if the last byte is 0xFA.
Ping-Bug: 16691
Change-Id: Ic04f47e2baece05c0a9a7f748d3035b18cf4e6a2
Reviewed-on: https://code.wireshark.org/review/37840
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Maintain separate RX and TX command info trees. When dissecting TX
packets during the first pass, the code has to traverse no more entries
than added by single TX packet. After the first pass there is no longer
a need to find the correct spot in the list, as the TX command info tree
points directly to the correct location.
Ping-Bug: 16691
Change-Id: Ie4a1d2e1152876b8b0a09308ed5a182b9a2e2895
Reviewed-on: https://code.wireshark.org/review/37837
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The snappy decompression routine has the same bug that was fixed for lz4 in
79576219c9 ("kafka: lz4: free the composite tvb only once").
Refactor the composite tvb handling for snappy as well. Allocate the
composite tvb only if we are cetain that data will be added to it.
Do not free the composite tvb ourselves, leave this to epan cleanup.
Change-Id: Ide3a88d1c02e525fe1aadd176068ce68c2330b98
Reviewed-on: https://code.wireshark.org/review/37838
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Decryption of short header packets would fail if the client sends a SCID
due to a logic error. This was observed with Chrome 86.0.4198.2.
Thanks to Ashwin Jagadish for the report and sample capture.
Change-Id: I81f5ab1bc1ea1b379e4edd65969d3c3e58340065
Ping-Bug: 13881
Fixes: v2.9.0rc0-269-gec30d0b004 ("QUIC: implement connection migration (draft -10 and -11)")
Reviewed-on: https://code.wireshark.org/review/37830
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Display unknown TP types directly in the tree, users can then easily
look it up in sources such as
https://github.com/quicwg/base-drafts/wiki/Temporary-IANA-Registry
Fix display of large GREASE such as 0x3b318c8103de1274.
Change-Id: I6665fa4337e92ae973979813b7e58d66f38ae0fb
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/37829
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Display command code in command in packet entry. Fix command response in
linking when response for subsequent commands in packet was not in the
same packet as for the first command. Link to response packet only for
commands that actually have response.
Ping-Bug: 11743
Change-Id: I7c336202cf7d89b5cf785ad6ede8f1a71e0dc063
Reviewed-on: https://code.wireshark.org/review/37827
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
FTDI FT does not have a sense of data segments. It simply transports
asynchronous data bytes between two parties. MPSSE dissector notifies
FTDI FT dissector when it needs more data to process command and/or
response using the desegment API.
FTDI FT assumes that the segment starts at the offset given by MPSSE and
ends when either MPSSE does no longer ask for more data, or when MPSSE
asks for more data but not from the beginning of tvb passed to it (when
packet contains both end of previous segment and start of a new one).
Ping-Bug: 11743
Change-Id: Ib400bedd4d61166c98f711e4ab132a3a3bd8051d
Reviewed-on: https://code.wireshark.org/review/37709
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
predfined tf strings are used for the new introduced ring reduncancy flags
Change-Id: I5273eff410391bf4f104feea8602377698a97c8d
Reviewed-on: https://code.wireshark.org/review/37819
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Christian Krump <christian.krump@br-automation.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Avoid string literals while at it to avoid -Wpointer-sign warnings with
GCC 10. This has the additional benefit of avoiding storing the trailing
NUL byte after the data, resulting in a tiny reduction in binary size.
This compound literal syntax is supported since C99 which is permitted
by doc/README.developer.
Change-Id: I35f4d3a46aa78e12915d92136f1de0891131bede
Reviewed-on: https://code.wireshark.org/review/37818
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We need wmem_file_scope() to handle path attribute info after
MPLS/VNI label.
Bug: 16678
Change-Id: Ib487b271110c78d2d4ae10f01fc24cda3edc0713
Reviewed-on: https://code.wireshark.org/review/37790
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There are some ring redundancy flags available in the SOA frame.
These flags could be interesting for some users and should be decoded.
Bug: 16687
Change-Id: Ica20a9b2a87adf31dca3b064785cdac2e5bc3d2c
Reviewed-on: https://code.wireshark.org/review/37810
Reviewed-by: Christian Krump <christian.krump@br-automation.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The page at
https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-printer
lists a number of printer attributes that correspond to the attributes
listed here.
Describe what the hidden attribute means, more clearly describe whta the
enable-devq attribute means, and clean up other descriptions to make
them more stylistically consistent.
Change-Id: I4830df6dc610bce6b7603750d5c4aa73685f6c28
Reviewed-on: https://code.wireshark.org/review/37806
Reviewed-by: Guy Harris <gharris@sonic.net>
From reading GNU libc's .x file for NIS+ (which has an Oracle America
copyright, suggesting that it was originally a file from Sun, and thus
likely to be the official NIS+ rpcgen file), and from reading the way
the GNU libc code treats the return value of the return value of an
NIS_CALLBACK RPC, it appears to be a Boolean where "true" means that the
callback in question is still running and "false" means it's not
running.
Label the results as such.
(I should probably really check the Illumos source to see if it includes
the NIS+ client and server and, if so, read that, so see what Sun's code
did.)
Change-Id: I4eb430dfca3d1162972a2a750effc31f626f20bf
Reviewed-on: https://code.wireshark.org/review/37791
Reviewed-by: Guy Harris <gharris@sonic.net>
The current dissector only allows 10 nested vlan tags and stops
dissections, if more are present.
This patch lets the TECMP dissetor reset the VLAN depth for
each embedded Ethernet frame it hands over the Ethernet dissector.
Bug: 16685
Change-Id: I29a726274a01c2ef296d4d1eeaffd6d5960db294
Reviewed-on: https://code.wireshark.org/review/37786
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rickard Holmberg
Eric Wild