Add a recursion check to tvbparse so that we don't overflow our stack.
Bug: 14253
Change-Id: I0f667c3720311318267a1184b33e33253f8ff729
Reviewed-on: https://code.wireshark.org/review/25202
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
We copy them after, for example, switching profiles; we should do so
when they're initially loaded as well.
Change-Id: Iadd67d20b1be8cc14be1b19543f914f71e4c9c00
Reviewed-on: https://code.wireshark.org/review/25208
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The default value of kernel.unprivileged_bpf_disabled is 0 which means
this is enabling the BPF JIT compiler for unprivileged users. Given that
this is a known attack vector for Spectre variant 1 (CVE-2017-5753) this
is not a setting that a utility should be tampering with.
Tshark's and dumpcap's help message is changed by Balint Reczey to suggest
enabling BPF manually after considering security-related implications.
Change-Id: I1cc34cbd6e84485eba9dee79a8700aa388354885
Signed-off-by: Balint Reczey <balint.reczey@canonical.com>
Bug: 14313
Reviewed-on: https://code.wireshark.org/review/25192
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
If there's a network interface on the device without the 'flags'
field and at the same time exist other network interfaces
with the 'flags' field present a null-dereference happens accessing
the non-matched regex flags field.
Fix crash by adding explicit null check to ensure (optional) regex
group really matched.
Fixes: 7dcf57719f ("androiddump: Support older on-target tcpdump versions")
Change-Id: Ia08dd8547c9cdda96b3c62b99d98ff1d85bd6cd2
Reviewed-on: https://code.wireshark.org/review/25198
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dissecting of LS Types bytes for LS Requests was missing.
Dissecting of LS Types bytes for LS Acknowledgments have been implemented.
Bug: 14310
Change-Id: I13d5b564a1e97f0c5a33c749273b11f94c90cbc0
Reviewed-on: https://code.wireshark.org/review/25183
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Sort properly by module title.
Also consolidate some of the searching in PrefModuleTreeView.
Change-Id: I5312581c63f8626de08bd9f03613219b34bf968a
Reviewed-on: https://code.wireshark.org/review/25176
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Protocols of protocol type 802.2 (PT = 2) are encoded with the
"normal" ethernet type when PT length == 8.
Used reference: https://docs.fd.io/vpp/17.10/d2/d71/cdp__protocol_8h_source.html
Show IPv6 addresses as IPv6 and not as bytes.
Change-Id: I0f192e758bcc1a562f042609fa5d0d9527551bb8
Bug: 14311
Reviewed-on: https://code.wireshark.org/review/25168
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The Smart Energy Tunneling cluster can carry various payloads.
The type of payload is determined when the tunnel is established.
However, we cannot be sure to capture the tunnel establishment and
therefore heuristics are used to determine the payload type.
The IP protocol is added as a heuristic dissector because the
specification allows IP in the tunnel payload. However, the only
real life payload type I am aware of is GBCS messages in
UK Smart Metering (https://smartenergycodecompany.co.uk).
Finally, if a heuristic dissector cannot be found, the Data
dissector is used.
Change-Id: I4942bf00d0d0efe7047db6494cd4f8a9d19c96b6
Reviewed-on: https://code.wireshark.org/review/25181
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Boye Petersen <martinboyepetersen@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is a simple example of changing preferences that don't
affect dissection to something else, so that changing them
doesn't cause a file to be redissected unnecessarily
Change-Id: I77c64c739e8bbc9f2a202f744f27cb07be4a822b
Reviewed-on: https://code.wireshark.org/review/25173
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
We currently accumulate all of the object data in memory, so we can't
support objects whose size doesn't fit in a size_t; that means the
maximum object size is 2^32-1 bytes on ILP32 platforms, even though we
allow the size to be up to 2^63-1 bytes.
Change-Id: I2b45f2f1a6a4a68c97d34931aea6f5294db41b6e
Reviewed-on: https://code.wireshark.org/review/25174
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also export as text just the networks.
Change-Id: I228d65cb219792a70c6077932dbe9cf65b92eb6e
Reviewed-on: https://code.wireshark.org/review/25169
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Add flags field to preference structure to help determine what
areas of Wireshark are affected by a preference changing. The
intent is to be able to distinguish dissection from GUI or other
changes that are not dissection.
The default is to have all preferences affect dissection, but their
flags can be changed. This patch doesn't change any flags from the
default.
Change-Id: Ied5ae961bc3f33f5b730b2892fff3fa0898380b8
Reviewed-on: https://code.wireshark.org/review/25171
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use SetConsoleTextAttribute to reset our colors on Windows. Update the
release notes and man page.
Change-Id: I2bc309787f9c2331324503092bd1c9ae6360eb55
Reviewed-on: https://code.wireshark.org/review/25170
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Initializing a static member on Windows C++ has to be done differently.
This fixes the segfault introduced with Ia611ec192dcc1ad638a997182cec1ab5bdb7859c
Change-Id: Ib7a9840feda74830f835345c666f57e23e9e4e0b
Reviewed-on: https://code.wireshark.org/review/25163
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This check has been alreay done in line 433: since then packet_size
is only decreased, then the check is redudant.
Change-Id: I8ede5c733867ccc98ab2d470181d1e4a29ae5b49
Reviewed-on: https://code.wireshark.org/review/25023
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Abstract out the different types of preferences into a visitor
and factory pattern to handle the preference dialog.
Change-Id: Ia611ec192dcc1ad638a997182cec1ab5bdb7859c
Reviewed-on: https://code.wireshark.org/review/25142
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The refactoring in ga79b7986 did not preserve the font size
for the profile name in the status bar.
Change-Id: If38224a43043dd572992836b6fe78f1829f9cccd
Reviewed-on: https://code.wireshark.org/review/25159
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Do not add two "Handle:" in COL_INFO for opcode "Error Response".
Change-Id: I13dd5fc3bbef1762c2e868dfe885fa5d6437412e
Reviewed-on: https://code.wireshark.org/review/25152
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add a recent.gui_bytes_encoding preference and use it for the byte view
encoding as requested in bug 14044.
The recent.gui_bytes_view preference is an enum, so make it one.
Bug: 14044
Change-Id: Ibc40721c29465aca1940467e41d71e9dd2485e71
Reviewed-on: https://code.wireshark.org/review/25147
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
If on Long Header, the version field is set to 0x00000000, it is a version Negotiation Packet
with the list of all supported version (with some GREASE)
Bug: 13881
Change-Id: I56b7cecd112950fb557aadc434f367b74eebe07b
Reviewed-on: https://code.wireshark.org/review/25138
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
With draft-08 Connection ID is changed to Omit Connection ID in Short Header frame
Bug: 13881
Change-Id: I9e53dc370ea692636143d2129754a3dc62d068bd
Reviewed-on: https://code.wireshark.org/review/25136
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The sized (WWxHH) icons in the toolbar directory aren't limited to
toolbars. Create a "stock_icons" directory and move them and their
related SVGs there.
Change-Id: I2c1852499594aa738371c79542f24bd3351653bb
Reviewed-on: https://code.wireshark.org/review/25133
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ib2b6d4f73a6c9f1dacb728f6275a240487a73a02
Reviewed-on: https://code.wireshark.org/review/25149
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Explicitly return 0 from make-dissectors on success. Hopefully this will
fix some Windows builder failures.
Change-Id: I0c172597584c52ced2380719135e8559ef83392a
Reviewed-on: https://code.wireshark.org/review/25150
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>