Don't crash on a malformed SMB packet. According to svn blame, this code
has been here since rev 21713 though maybe something else changed to make the
crash apparent.
svn path=/trunk/; revision=32650
Printing to the source and destination columns by the Infiniband dissector is
not working properly. This patch changes the printing code to perform the
correct operations, so that the source and destination information properly
appears in the columns.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4739
svn path=/trunk/; revision=32648
This patch adds code for correct dissection of two performance management
datagrams to the Infiniband dissector. The added MADs are PortCounters and
PortCounters Extended.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4741
svn path=/trunk/; revision=32647
This patch fixes a bug in Infiniband dissection where the offset was
incorrectly incremented in some cases leading to attempt to read past the end
of the tvb and a MALFORMED-PACKET error being issued.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4738
svn path=/trunk/; revision=32645
The function "dissect_v9_pdu" of "epan/dissectors/packet-netflow.c" decodes
NetFlow v9 packets and IPFIX packets with same logic. But, the "scope field" is
different between NetFlow v9 and IPFIX. NetFlow v9 has only 5 kind of scopes.
On the other hand, many Information Elements can be used as scope fields in
IPFIX packets.
svn path=/trunk/; revision=32627
The change put in with rev 11382 meant that, on 64-bit systems, we could not
parse negative numbers into integers (since -1 taken as an unsigned 64-bit
number is (significantly) larger than G_MAX_UINT32).
To fix this, split the val_from_unparsed() routine for integers into two
routines: one for signed and one for unsigned; each routine can then do the
appropriate "is this bigger than what fits in a *32?" test.
svn path=/trunk/; revision=32616
initiators to a different host/port and thus often redirect to non-3260.
The heuristics to detect iscsi is quite weak since there is very little
in the average iscsi header that can be used to semi-reliably identify
something as iscsi and not random data/something else.
As such, the heuristics also use/rely on the port being 3260 in order
to reduce the otherwise massive numbver of false positives that would arise.
Add decoding of the text key/value pairs and trigger on TargetAddress.
This field would describe a address/port where we can quite reliably
assume that this traffic is indeed iscsi and not something else.
When seeing the iscsi redirect/TargetAddress, use this as a signalling hint
and register a conversation dissector for TCP to that address/port so that
any future packet to/from this port is sent to the iscsi dissector.
If the signalling/redirect is not in the capture, wireshark will not detect
the traffic as iscsi and the user will have to use DecodeAs. and manually
\set it to iscsi.
svn path=/trunk/; revision=32595
Gerald Combs