This commit adds tvb_get_string_bytes and proto_tree_add_bytes_item routines for
getting GByteArrays fields from the tvb when they are encoded in ASCII hex string form.
The proto_tree_add_bytes_item routine is also usable for normal
binary encoded byte arrays, and has the advantage of retrieving
the array values even if there's no proto tree.
It also exposes the routines to Lua, both so that a Lua script can take
advantage of this, but also so I can write a testsuite to test the functions.
Change-Id: I112a038653df6482a5d0ebe7c95708f207319e20
Reviewed-on: https://code.wireshark.org/review/1158
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The -X read_format extension was added in code but in the manuals.
Change-Id: I21692120229ef531671fc3db247809ace69d23b3
Reviewed-on: https://code.wireshark.org/review/742
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
There have been discussions on -dev about removing this and I believe I was the last holdout. Finally convinced that I should just have a local copy (ignored by git)
Change-Id: Ic72a22baf58e3412023cf851f0fce16eb07113b0
Reviewed-on: https://code.wireshark.org/review/681
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This adds the ability for Lua scripts to register heuristic dissectors
for any protocol that has registered a heuristic dissector list, such
as UDP, TCP, and ~50 others. The Lua function can also establish a
conversation tied to its Proto dissector, to avoid having to check the
heuristics for the same flow. The example dissector in the testsuite
has also been enhanced to include a heuristic dissector, to verify
the functionality and provide an example implementation.
Change-Id: Ie232602779f43d3418fe8db09c61d5fc0b59597a
Reviewed-on: https://code.wireshark.org/review/576
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Do with tvb_get_stringz() what was done with tvb_get_string().
Redo the comments for the string get routines to try to give more detail
in a fashion that's a bit less hard to read.
Warn, in comments, of the problems with using
tvb_get_string()/tvb_get_stringz() (i.e., if your strings are non-ASCII,
all bytes with the 8th bit set are going be replaced by the Unicode
REPLACEMENT CHARACTER, and displayed as such).
Warn, in a comment, of the problems with tvb_get_const_stringz() (i.e.,
it gives you raw bytes, rather than guaranteed-to-be-valid UTF-8).
Update documentation and release notes appropriately.
Change-Id: Ibd3efb92a203861f507ce71bc8d04d19d9d38a93
Reviewed-on: https://code.wireshark.org/review/327
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- rename tvb_length and similar to tvb_captured_length and similar; leave
#defines in place for backwards-compat, but mark them clearly as deprecated in
code comments and in checkAPI
- remove tvb_get_string as C code and just leave a #define in place for
backwards-compat; mark it clearly as deprecated in code comment and checkAPI
- update READMEs and sample dissector for all of the above
- while in the neighbourhood, make checkAPI skip (and warn) for missing files
instead of bailing on the whole check, so subsequent files still get checked
Change-Id: I32fc437896ca86ca73e9b49d5f50400adf8ec5ad
Reviewed-on: https://code.wireshark.org/review/311
Reviewed-by: Evan Huus <eapache@gmail.com>
As discussed in bug 3513 and 9709, one can register more than one new ProtoFields for
the same field name. Of course C-code can do that too, and does a LOT apparently, but
if they're not similar ftypes then things can get scrweed up in display filters.
So this change prevents duplicate field registration of dissimilar ftypes. The
similarity is based on the discussion on the mailing list, and the listing in
README.developer has been updated to refelect that as well.
Also, this change adds a testscript for Proto/ProtoFields.
Change-Id: I43bd323f785245941a21289647332a19adec2a9d
Reviewed-on: https://code.wireshark.org/review/285
Reviewed-by: Evan Huus <eapache@gmail.com>
This change adds the ability to pass on to lua scripts loaded from the
command-line (tshark or wireshark) additional arguments supplied by the
command-line. This will help us in our testsuites, but also might be
useful for user-created scripts. The additional arguments are passed in
using the '-X' eXtension switch.
Change-Id: Ib94cdf1ffd194ca84692fee7816665e4ff95efbd
Reviewed-on: https://code.wireshark.org/review/156
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
Spawned from https://www.wireshark.org/lists/wireshark-dev/201402/msg00024.html
Add some ignore rules for files that can't/shouldn't include a license header.
Reorganize some ignore rules to group rules with similar motivations.
Add a header to autogen.sh and attribute it to just "The Wireshark Authors"
since while Gilbert wrote the original version it's gone through so many changes
over the years that sorting out proper authorship is unnecessarily complex.
Add headers to Graeme Hewson's two files as verified by private email, and
update his address in the AUTHORS file per his request.
Add header to one of Ulf Lamping's files, as verified by private email.
Only remaining problem is the reedsolomon code.
Change-Id: Ifb7de8c4b4d79012553e29d459a0145d39f51df5
Reviewed-on: https://code.wireshark.org/review/145
Reviewed-by: Evan Huus <eapache@gmail.com>
Rename "SVNPATH" to "GITBRANCH" since that seems more appropriate.
Rename "svnversion.h" to "version.h" as Evan suggested. Update some
URLs. In make-version.pl, make sure we don't set an improper upstream
branch name. Use the number of commits + short hash from `git describe`
for package names by default.
Change-Id: I922bba8d83eabdf49284a119f55b4076bc469b96
Reviewed-on: https://code.wireshark.org/review/139
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The majority of the fixes are for calls to uat_new(). Instead of
having each caller cast its private data to (void**), we use void*
in the uat_new() API itself. Inside uat_new(), we cast the void*
to void**.
Some dissectors use val64_string arrays, so a VALS64() macro was
added for those, to avoid using VALS(), which is useful only for
value_string arrays.
packet-mq.c was changed because dissect_nt_sid() requires
a char**, not a guint**. All other callers of dissect_nt_sid() use
char*'s (and take the address of it) for their local storage. So,
this was changed to follow the other practices.
A confusion between gint and absolute_time_display_e in packet-time.c
was cleared up.
The ugliest fix is the addition of ip6_guint8_to_str(), for exactly
one caller. The caller uses one type of ip6 address byte array,
while ip6_to_str() expects another. This new function is in place
until the various address implementations can be consolidated.
Add VALS64() to the developer documentation.
Change-Id: If93ff5c6c8c7cc3c9510d7fb78fa9108e4552805
Reviewed-on: https://code.wireshark.org/review/48
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Also added some minor text to README.wslua for developers.
Change-Id: I50b36f06710da6920ad98be6dde27d6091d91d54
Reviewed-on: https://code.wireshark.org/review/50
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Stig Bjørlykke <stig@bjorlykke.org>
In addition, change the hex bytes so that they represent a valid, well-formed packet, rather than a malformed RSVP packet. This should allow a user to more clearly verify that the text2pcap converstion worked as expected in the event he/she desires to test text2pcap using the example provided.
svn path=/trunk/; revision=54454
on what libwiretap thinks it is.
Update some comments to reflect the death of the hack used to include
(libwiretap) plugin support in programs not built with libwireshark.
svn path=/trunk/; revision=54015
From Deon van der Westhuysen
- Bug fix: object leak in stats_tree after a tap reset (for example apply statistics preferences with a stats_tree window open)
- Bug fix: correct sample code in README.stats_tree
- Add: slash in plug-in name now creates submenu as docs describe (was a bug?)
- Add: menu separator before the stat_tree registered plug-ins
- Add: stats_tree can now calculate averages for nodes; automatically calculated for range nodes. Add section in README.stats_tree describing averages.
- Add: stats_tree can now calculate burst rate of each node (like rate but with a shorter, sliding time window)
- Add: sorting for stats_tree plug-ins. Can sort on node name, count, average, min, max values and burst rate.
- Add: preferences for stats_tree system (default sort column, burst calc params)
- Add: stats_tree window copy to clipboard and export and plain text, csv and XML.
- Added sample of new functionality in $srcdir/plugins/stats_tree/pinfo_stats_tree.c
- Moved all stats_tree sample plug-ins to "IP Statistics" submenu.
svn path=/trunk/; revision=53657
There is following error message with cmake :
CMake Warning at CMakeLists.txt:490 (find_package):
By not providing "FindQt5LinguistTools.cmake" in CMAKE_MODULE_PATH this
project has asked CMake to find a package configuration file provided by
"Qt5LinguistTools", but CMake did not find one.
Could not find a package configuration file provided by "Qt5LinguistTools"
with any of the following names:
Qt5LinguistToolsConfig.cmake
qt5linguisttools-config.cmake
Add the installation prefix of "Qt5LinguistTools" to CMAKE_PREFIX_PATH or
set "Qt5LinguistTools_DIR" to a directory containing one of the above
files. If "Qt5LinguistTools" provides a separate development package or
SDK, be sure it has been installed.
CMake Error at ui/qt/CMakeLists.txt:205 (QT5_ADD_TRANSLATION):
Unknown CMake command "QT5_ADD_TRANSLATION".
svn path=/trunk/; revision=53169
In the process, fix various man page descriptions of the -t flag,
and add support for UTC absolute times in the iousers and iostat TShark
taps.
svn path=/trunk/; revision=53114
Jeff Morriss