When specifying a filename preference (e.g. the SSL pre-master secret
log filename) don't warn about overwriting the file. Most of the time
we're reading the file and when we're not (e.g. for the SSL debug log)
overwriting it is kind of the point.
Preference descriptions are plain text. We display them in tooltips as
rich text. Convert them accordingly.
Fixup some of the SSL preference descriptions.
Bug: 11010
Change-Id: I4f1b1f3dd270c01648d9dd52ae20381c3c0d2e37
Reviewed-on: https://code.wireshark.org/review/8665
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Final part.
While there change deprecated tvb_length-xxx() calls
Change-Id: I8b0cf823c2d37a92c58fcb653f7fe1e8fdad5a79
Reviewed-on: https://code.wireshark.org/review/8642
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Id7ef95a56d9d8cc01f9a1a4556ad056b8bb7f8bc
Reviewed-on: https://code.wireshark.org/review/8654
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
remove also orig_offset (no longer needed)
Change-Id: Idc65b45fb67bae6acdca33962f3352a50296a6e5
Reviewed-on: https://code.wireshark.org/review/8650
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ib7df1e2c40ad86866f5a3d6902a7a92144028be7
Reviewed-on: https://code.wireshark.org/review/8620
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
It's a FT_UINT_STRING field type
This reverts commit dc14e3ce0d.
Change-Id: I1185efbad459887fb9c16fb01e670bc43e6f2d84
Reviewed-on: https://code.wireshark.org/review/8623
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Pointed out by a warning in a compilation for ARM.
Change-Id: Iab2748adbdc88c9e6749da1c3835896683a1a091
Reviewed-on: https://code.wireshark.org/review/8648
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: If66a3951037d01c1aa502c0695ea11c62cc4d208
Reviewed-on: https://code.wireshark.org/review/8633
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I656fa2f69453916dd5466265220e2b4590d3631c
Reviewed-on: https://code.wireshark.org/review/8632
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
delete unnecessary initialisations
declare variables at the start of a function
Change-Id: Ib427790c51c1fc7433d0f3c17dc9fa4748585180
Reviewed-on: https://code.wireshark.org/review/8631
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
sort them by layer
wrap long lines
make the filter strings consistent
Change-Id: Ibbeb405c6356abe61dd9a0194af1c072d2c1c971
Reviewed-on: https://code.wireshark.org/review/8630
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I53f9df7bf193551e786ad4ece368f3de702ce8de
Reviewed-on: https://code.wireshark.org/review/8628
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I3905fb83f5f70ee80e54fba479c0e8caca5baa6c
Reviewed-on: https://code.wireshark.org/review/8627
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I6648c20a003392a7435ca0461d2b004a1d415d51
Reviewed-on: https://code.wireshark.org/review/8626
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Id3e6258036112a64e4111d0483c572697681eb89
Reviewed-on: https://code.wireshark.org/review/8625
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Stop out of tree builds picking up the in-tree version and config.h
Change-Id: Icadc46cab66db72af2d475eac31b28d0ca10df90
Reviewed-on: https://code.wireshark.org/review/8204
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ic7385d0555d72aa8ea2b9beb284ca1f6a115b174
Reviewed-on: https://code.wireshark.org/review/8616
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ifb404f5bab58d06d7e1f0106f284c7ae9858a502
Reviewed-on: https://code.wireshark.org/review/8617
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
coverity picked up on this being effectively dead code, and it's trivial to
prove it will never trigger
Change-Id: I5a2893671a764914f483d4ff6bcc835c9b0d3b28
Reviewed-on: https://code.wireshark.org/review/8615
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ia56d41d3591f759619f13d6df679579f9d9888f7
Reviewed-on: https://code.wireshark.org/review/8621
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I1ff863d0a4e114223b8fe283b1dc894e39fcefd7
Reviewed-on: https://code.wireshark.org/review/8618
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 8573
Change-Id: I65a71a2c12cda61ed4c4b52a8ea0441261782942
Reviewed-on: https://code.wireshark.org/review/8597
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is not an optimal solution, but fixes the reported problem.
The do_address functionality should probably be rewritten to
only use pinfo for storing data.
Bug: 11210
Ping-Bug: 8515
Change-Id: I2625cc4044ab93b6e943a3c2d2ffd1b26149da29
Reviewed-on: https://code.wireshark.org/review/8585
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
left shift of 1 by 31 places cannot be represented in type 'int'
Change-Id: I0135b73c14bab05153a9ba2f5477f8651388037d
Reviewed-on: https://code.wireshark.org/review/8588
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
NFSv4 attributes are transferred as a bitmask, followed by each of the
attributes in the bitmask. The offset and length of the dissected attribute
values should point at where the attribute values are; instead, they were
pointing at the bitmap. Fix that.
Change-Id: I4f93b7fffd7497306ae828a2fbd3c0e9b0accd1c
Reviewed-on: https://code.wireshark.org/review/8536
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The NFSv4.1 dacl and sacl attributes consist of a 32-bit acl flags field,
followed by an access control list in the same format as the acl attribute.
Bug: 11208
Change-Id: I5fb08f9764c21cd6abb4ee02265e4e6b4ed54f01
Reviewed-on: https://code.wireshark.org/review/8526
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
A character "v" was mapped to a different command parameter. So we
should replace it.
Change-Id: Ia668b0b0bead7bb4c4ba0a60f51f53daf2095a36
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
Reviewed-on: https://code.wireshark.org/review/8571
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Presumably it got the port when it became an RFC.
Change-Id: I0afb815bcfe4b36b896fa6f7e62f93047a36b05b
Reviewed-on: https://code.wireshark.org/review/8576
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
As either Grace Hopper or Andrew Tanenbaum, depending on which claim you
read, said, "The {wonderful,good} thing about standards is that there
are so many to choose from." Which standard for Lawful Intercept headers
do you want?
Change-Id: I8633e3d3e3d9a205f643d63980a80986e59d43f4
Reviewed-on: https://code.wireshark.org/review/8579
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Trailing whitespaces, indent and typo fixed, used value_string.
Fixed EOF Problem (Ubuntu Petri Dish failed)
Bug:11213
Change-Id: I4ecc11b17c34dd993a72903ad4314c51ada64e02
Reviewed-on: https://code.wireshark.org/review/8532
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Bug: 7496
Change-Id: Ic1648f1c111913b7370b2eaf5557c4d8ea078033
Reviewed-on: https://code.wireshark.org/review/8546
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Double space between Signal Strength and [percent]
Change-Id: Ibf645a9e44d2e642df8fd53afd0a6ccbbb2adde0
Reviewed-on: https://code.wireshark.org/review/8549
Reviewed-by: Anders Broman <a.broman58@gmail.com>
("And that, children, is why we always test different message types before submitting").
Change-Id: I29c730c01db4596a2326dcadfcffa3a20758569a
Reviewed-on: https://code.wireshark.org/review/8539
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: Ic5f87480273e0a097900ace6a7538c34b2a89444
Reviewed-on: https://code.wireshark.org/review/8545
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I02349c2e7aa00c1b105ab069a9fe9b66d130bc7d
Reviewed-on: https://code.wireshark.org/review/8543
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Added back code removed in commit for bug 8515.
Bug: 11210
Change-Id: I23bf56f88d8a1320da8404a82a8d9d3aacc3dace
Reviewed-on: https://code.wireshark.org/review/8537
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Part 2
Update VPLS-BGP and BGP-AD
Change-Id: I6a311bfc69d9666be6f83e38042745162701aaac
Reviewed-on: https://code.wireshark.org/review/8485
Reviewed-by: Michael Mann <mmann78@netscape.net>
The next commit will use some of these definitions before their (previous)
point of definition.
Change-Id: Ic7c96bc48d338bb7b44bf295af3fadc3e7bec370
Reviewed-on: https://code.wireshark.org/review/8525
Reviewed-by: Michael Mann <mmann78@netscape.net>
Inspired by the patch in bug 3749, added better dissection of opcodes and better (but not complete) support of multiple messages in a frame.
Provided links to firebird source.
Bug: 3749
Change-Id: I403728d32d634c23e1af7ce842f9aaca4014ed78
Reviewed-on: https://code.wireshark.org/review/8494
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I422e8644445d7bb8a8ae43f426183db6b8974839
Reviewed-on: https://code.wireshark.org/review/8530
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
rename some variables and remove obsolete comments while we're at it
Change-Id: Ib400c371ea52c3681fbc1d25ef42791e4aeff9e4
Reviewed-on: https://code.wireshark.org/review/8529
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I593527fafa38312d5d4e8f778e9af0d6294bb3f8
Reviewed-on: https://code.wireshark.org/review/8528
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
if the response TPDU starts with 0x80 (T_SB), this is not an unknown
tag, it simply indicates that the optional header and body are absent
this bug was introduced in e597acdc48
Change-Id: I076a0c9f0ea124e11edbb7a0bc0e41d1ab6f374a
Reviewed-on: https://code.wireshark.org/review/8527
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
It's already put there by dissect_ntlmv2_response(); no need to do it
again.
Also, rename "NTLM Client Challenge" to "LMv2 Client Challenge", as
that's what it is (ChallengeFromClient from 2.2.2.4 LMv2_RESPONSE), and
rename "Client Challenge" to "NTLMv2 Client Challenge", as that's what
*it* is (ChallengeFromClient from 2.2.2.7 NTLM v2:
NTLMv2_CLIENT_CHALLENGE).
Change-Id: If95e2c77323cb597df7e400bf9ffc045d94c60e2
Reviewed-on: https://code.wireshark.org/review/8524
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The "result" argument to dissect_ntlmssp_blob() is never null, so don't
check for it being null.
Have separate clauses for LmChallengeResponse and NtChallengeResponse,
and do the checks for NTLMv1 vs. NTLMv2 inside those clauses.
Do the copy to client_challenge within the AUTHENTICATE message parsing
only if we've already determined that it's an NTLMv2 message.
Add some comments to better explain what's being done and to ask some
questions.
Change-Id: I52345eaeac4252d928b2e477751817084bf4e363
Reviewed-on: https://code.wireshark.org/review/8523
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Not all requests have them, so check for them to avoid crash.
Change-Id: I265fb8ad9f63132bee6eeb1aa521cae8b8df82b9
Reviewed-on: https://code.wireshark.org/review/8521
Reviewed-by: Michal Orynicz <michal.orynicz@tieto.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Icf1686e9f1530a602ec5b03572be53d4f245d70c
Reviewed-on: https://code.wireshark.org/review/8520
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I4f78a3a15aa04c52042f7461d11b31c95f7e9590
Reviewed-on: https://code.wireshark.org/review/8519
Reviewed-by: Michael Mann <mmann78@netscape.net>
HCI Commands in most cases generate response in Event queue, so try
to map event to command and give user response time information.
Change-Id: Ib4956829b7d0064ab528aa3202f8f959d8d371b7
Reviewed-on: https://code.wireshark.org/review/8514
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
New event will be added later, for now all number are useful.
Change-Id: I83b77627dfb0c511710c3080aaac0f6857f76137
Reviewed-on: https://code.wireshark.org/review/8513
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Check previous dissector before cast data parameter.
That also causes Head overflow too.
Change-Id: I8f6ce2ec183e4c757613fd7e1959d9d0e4cfc89e
Reviewed-on: https://code.wireshark.org/review/8512
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
It is used to distinguish SCO streams.
Stream Number increase any time when new SCO connection is created.
Change-Id: I6cf68914112980cdbad345e52469bf2baf214551
Reviewed-on: https://code.wireshark.org/review/8510
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
API used by this field is implemented, so field can be enabled now.
Change-Id: Ifc8de81157c9b125ba769d14ec57a498d9810c5f
Reviewed-on: https://code.wireshark.org/review/8507
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Also map some Types to Dissector Table dissectors.
Change-Id: I1a1924924ac569368b3a4fafdc05c98e4a8d4841
Reviewed-on: https://code.wireshark.org/review/8506
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
It will be useful for analysis. Also support partialy known path,
unknown part is shown as "?".
Change-Id: I0299e64d233022d1941b364afc4a6be0c9f4d23e
Reviewed-on: https://code.wireshark.org/review/8505
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
The values make more sense swapped (and the code is super-old) so I'm assuming
this was just a long-uncaught typo. Fixes a valgrind error at any rate.
Also replace a malloc+memcpy with a memdup for simplicity.
Bug: 11203
Change-Id: I74c0aff548b844cf90610db56a143f3eac172658
Reviewed-on: https://code.wireshark.org/review/8493
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
There's all sorts of interesting stuff out there on the Intertubes if
you happen to be searching for the right thing.
Change-Id: Ib5e18ece5dfaa284ece8cfda23887a9408c8318e
Reviewed-on: https://code.wireshark.org/review/8503
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Bug: 2771
Change-Id: Ic2904c981a182be5859c3840025e7ffa9ea387ed
Reviewed-on: https://code.wireshark.org/review/8501
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Give better comments describing the 5 different formats Aruba equipment
can use.
It's "Aruba Networks", not "ARUBA" anything.
Change-Id: I300d77375e8182b60e830cb545d8802c1a49569c
Reviewed-on: https://code.wireshark.org/review/8500
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I0b19d4576b652dc9dd94346c75945e0bdc554a0e
RFC7540: Hypertext Transfer Protocol Version 2 (HTTP/2)
RFC7541: HPACK: Header Compression for HTTP/2
Reviewed-on: https://code.wireshark.org/review/8478
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ib533bd2526c27cf5f1161616fcf52136e40c827a
Reviewed-on: https://code.wireshark.org/review/8484
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix an infinite loop when no transaction end offset is present and
`megaco_tvb_find_token` returns -1.
Bug: 11193
Change-Id: I82c7b795e522efca674787e504427f64b8c28fc4
Reviewed-on: https://code.wireshark.org/review/8483
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
No need to run them through the "raw IP" dissector.
Change-Id: I63639651873f00326a20b88a08ecb4ab3b9a83b3
Reviewed-on: https://code.wireshark.org/review/8459
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's completely normal that there's no link information when you're dissecting
raw packets. This does leave the Raw protocol tree without any children
(which looks a little funny) but I don't want to take it out and I don't see
anything useful to put under it.
Also change the Raw protocol item to cover all the bytes of the TVB (like the
frame item).
Change-Id: I44c1ac954c9989273d0c461ba366caba0a480ea6
Reviewed-on: https://code.wireshark.org/review/8454
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make a union of the 4 bytes of the address and the address as a 32-bit
integer, and fill in the bytes differently based on whether it's an
interior or exterior route. Rather than just casting a pointer to a
byte to a pointer to a 4-byte integer - which may not be safe, as the
byte array might not be properly aligned - just use the integer member
of the union.
Change-Id: Ic0e78a832cedb9a5a8d435a6c911409b17e41685
Reviewed-on: https://code.wireshark.org/review/8443
Reviewed-by: Guy Harris <guy@alum.mit.edu>
*seq[slength - 1] means *(seq[slength - 1]), where seq points to a
"const gchar *", so it fetches the pointer at an offset of slength - 1
from the pointer to which seq points, and dereferences that pointer.
What's wanted is (*seq)[slength - 1], i.e. fetch the pointer to which
seq points, and fetch the byte at an offset of slength - 1 from the byte
to which said pointer points.
Change-Id: I7246f5e6093d035bad59be530893f3fc54dad97e
Reviewed-on: https://code.wireshark.org/review/8441
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is useful when people export displayed packets of a USB sub dissector (like MBIM) without keeping
the USB setup requests and still expect to have "Decode As" functionality working
Change-Id: Iad32ddc7b87544ff568a091f03e393a106f38554
Reviewed-on: https://code.wireshark.org/review/8430
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I455a4f81798c7a99a48551ae362dabf2b697cf88
Reviewed-on: https://code.wireshark.org/review/8427
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Have megaco dissector display fields as their are "interpreted", not as raw data with "interpretation" as a subtree
2. Replace/remove proto_tree_add_text
3. Convert some "numeric string fields" into numeric values.
4. Add some more dissection discovered while looking for sample captures.
Bug: 6732
Ping-Bug: 10909
Change-Id: Ie051a8a16ef2355681a24be8789bae0971632cd1
Reviewed-on: https://code.wireshark.org/review/8382
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use proto_tree_add_item when it is possible
Add display of reserved field...
Change-Id: Id47c237f06e28e7d5dfbd92848dc26a7496cf799
Reviewed-on: https://code.wireshark.org/review/8398
Reviewed-by: Anders Broman <a.broman58@gmail.com>
rewrite display of PIM(v1) Address and remove last proto_tree_add_text call :)
Change-Id: I020970e80338d15dbe68e32713b8ada31fd0a4e2
Reviewed-on: https://code.wireshark.org/review/8397
Reviewed-by: Anders Broman <a.broman58@gmail.com>
only 2 proto_tree_add_text calls, (it will be remove on another patch)
Change-Id: I670e37bbbe1cc3ae740a94cd620fa14f20cb9feb
Reviewed-on: https://code.wireshark.org/review/8396
Reviewed-by: Michael Mann <mmann78@netscape.net>
Since Diameter does heuristic checks before calling tcp_dissect_pdus() we
have to "manually" ask for more data if the tvb is too short for our
heuristics.
Bug: 11183
Change-Id: I14c36042306b532b53df80cc3971866b76094084
Reviewed-on: https://code.wireshark.org/review/8405
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
- ensure that MBIM tree is not below URB setup one
- do not try to dissect an empty tvb
Change-Id: I8c6655727eec7df84882fd861d5581848340e0f3
Reviewed-on: https://code.wireshark.org/review/8410
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
http://www.bitterfilms.com/rejected.html
1) There is *NO* guarantee that you can safely dereference a misaligned
pointer.
2) There is *NO* guarantee that you are running on a little-endian
machine, so that an attempt to fetch a 32-bit integer through such a
pointer will fetch it in little-endian form.
Instead, fetch it using tvb_get_letohl(), which 1) doesn't care about
alignment and 2) always fetches in little-endian order.
Change-Id: I44721cbf3c4456797990cc741836c9dd8c6c3696
Reviewed-on: https://code.wireshark.org/review/8423
Reviewed-by: Guy Harris <guy@alum.mit.edu>
http://www.bitterfilms.com/rejected.html
1) There is *NO* guarantee that you can safely dereference a misaligned
pointer.
2) There is *NO* guarantee that you are running on a little-endian
machine, so that an attempt to fetch a 32-bit integer through such a
pointer will fetch it in little-endian form.
Instead, fetch it using tvb_letohl(), which 1) doesn't care about
alignment and 2) always fetches in little-endian order.
Change-Id: I30ad6607b7c6d5047245bfcfdcbe757b02d02172
Reviewed-on: https://code.wireshark.org/review/8422
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That field is just a void *, so there's no need to cast them, and at
least one of those casts generates alignment warnings with -Wcast-align.
Change-Id: I88e22a794a8c990b01e7ed8f45951a2665febbc1
Reviewed-on: https://code.wireshark.org/review/8421
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There is *no* guarantee that it's aligned on a 4-byte boundary, and
there is *no* guarantee that you can safely dereference an unaligned
pointer. See bug 11172 for a crash on Solaris/SPARC caused by those
assumptions both being false.
Change-Id: I30d97aebd42283545f5b8f6d50fa09c5b476ec47
Reviewed-on: https://code.wireshark.org/review/8412
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Hopefully, that'll convince Microsoft's static analyzer that nr will
always be >= 1, so you can safely subtract 1 from it and use it as an
array index.
Get rid of the vht_mimo_control_t structure in favor of a few variables
for the bitfields we actually use.
Make some tables static - no need to initialize them every time we enter
the routine.
Change-Id: Icde05a768ea1a9c897b69003afcab1dddeffaaf5
Reviewed-on: https://code.wireshark.org/review/8411
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Part 1
Change-Id: Icbc73690370eba07e77b35d2815346f1d5a44347
Reviewed-on: https://code.wireshark.org/review/8386
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
CDR strings appear to be both counted *and* NULL-terminated in many cases,
which is rather weird, so if we see a NULL-terminator, ignore it in the count;
otherwise we print a trailing '\000' on all the strings we put in the tree.
Bug: 11126
Change-Id: I45b6b414683a6f646d37c2e2001b7319d5c80be5
Reviewed-on: https://code.wireshark.org/review/8390
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Modified CIP Motion parser to include newly-defined Axis Safety related
fields in the status data set section.
Change-Id: I70c6dd345ae9353b87e6f7c1300b60687f41a1f6
Reviewed-on: https://code.wireshark.org/review/8342
Reviewed-by: Anders Broman <a.broman58@gmail.com>
While we are at it, put back some debug logs that were removed in g1439eb6 (otherwise msgbuf is no more initialized)
Change-Id: Ie34c4f2e638bc3ee77a0565446de37a15385dc0d
Reviewed-on: https://code.wireshark.org/review/8389
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: I2488a505e6634da5cbcaf2e86505414d34823b8e
Reviewed-on: https://code.wireshark.org/review/8381
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: If2f5ee4629b48fe0ffbe76c49952de8fb14fb64e
Reviewed-on: https://code.wireshark.org/review/8380
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Add separate ett for all possible information elements.
It's better to expand only necessary subtree but not all
Change-Id: If84359e28547ce5dcf753dc1bee691ece7f29ace
Reviewed-on: https://code.wireshark.org/review/8054
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Hopefully that'll make it a little easier to make sure that we're not
overflowing arrays.
Change-Id: I770df045ef9a45fd486c1271ea424b3334bb39d2
Reviewed-on: https://code.wireshark.org/review/8370
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Mistake when remove proto_tree_add_text calls
Change-Id: I820264b7a90a2563f846b6e6472416cd3e3278a4
Reviewed-on: https://code.wireshark.org/review/8368
Reviewed-by: Michael Mann <mmann78@netscape.net>
- fix PLSP-ID parsing, is a 20 bits field
- fix SID parsing, is in network order on the wire
- fix PATH-SETUP-TYPE and SR-PCE-CAPABILITY code points
Change-Id: If26035181462a9cad77a4a594aab3c007b4d00a2
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/8351
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This patch extends the existing decryption support for WPA to also
handle rekeys by checking each decrypted packet for a 4-way-handshake.
Rekeys can be used for WPA-PSK, but are more common with WPA-Enterprise
(WPA-EAP).
For decrypting WPA-EAP secured packets the user must provide all used PMK's
of the connection (aka PSK's) as WPA-PSK 32 byte hex values to wireshark
via the existing interface.
(The capture must have all 4-way-handshakes included also, starting with
the first unencrypted one.)
Every decrypted unicast packet will habe the used PMK and TK shown in the
CCMP/TKIP section below the key index in the GUI. Group packets will display the
GTK instead.
Additionally this fixes a small issue with group rekey handling, so every packet
can be selected in the GUI in random order, removing the need to manually find
the correct group keying packets prior to that.
It was tested primary with WPA-CCMP, but TKIP is also working.
One section in the code touch bluetooth 802.1X support. It should do
exactly the same, but will now also examine all decypted packets for rekeys.
Ping-Bug: 11172
Change-Id: I19d055581fce6268df888da63485a48326046748
Reviewed-on: https://code.wireshark.org/review/8268
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I66e4e4735a16de5e50f86e29c34202e6668cd44e
Reviewed-on: https://code.wireshark.org/review/8329
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also did some refactoring of existing code to make it more readable for the various existing function code types.
** Commit amendment to not use depreciated tvb_length() function.
Change-Id: Ia4c9f3514968c2a7bebc404ca9185cf8d814dfca
Reviewed-on: https://code.wireshark.org/review/8301
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Some other minor cleanup.
Change-Id: I267fe1512e57ce15f9e6be83ac1b55e6e897e7a1
Reviewed-on: https://code.wireshark.org/review/8322
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Specifically we put Experimental-Result-Codes specified by 3GPP in the XML file
and let other vendors' codes be handled through a dissector table.
Change-Id: I2c3977fb959ad84faa5cb90aeb3d191c8b465ede
Reviewed-on: https://code.wireshark.org/review/8319
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Change-Id: Ia8eca42bae42fb139bfc63232c6d9bf05811ad39
Reviewed-on: https://code.wireshark.org/review/8280
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
packet-thrift.c:99: warning: declaration of 'tvb_captured_length' shadows a global declaration
packet-thrift.c:114: warning: declaration of 'tvb_captured_length' shadows a global declaration
packet-thrift.c:138: warning: declaration of 'tvb_captured_length' shadows a global declaration
packet-thrift.c:166: warning: declaration of 'tvb_captured_length' shadows a global declaration
Change-Id: I0ce4fc0bf6470f1b3a89de599346c1efe8bb93cf
Reviewed-on: https://code.wireshark.org/review/8308
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Need to have packet-gias.c in the DIRTY_CORBA_IDL_DISSECTOR_SRC grouping to work around the warnings still generated.
Change-Id: I08ea1f7d90577cc112b85e7fc00171827f58d6d2
Reviewed-on: https://code.wireshark.org/review/8266
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I40b1ff8ffca3c0e1cafb79af4ed5df26eda7182b
Reviewed-on: https://code.wireshark.org/review/8212
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
wrap long lines, remove a trailing space
Change-Id: Ie9cd268ffbc6d021a3f90f3644dc8665daa8e5ca
Reviewed-on: https://code.wireshark.org/review/8292
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Also, set decoded to TRUE after we return from a dissector; that makes
it a bit clearer when we're setting it.
Change-Id: Ief3e999c72954e08d4608b15b49921da294807c1
Reviewed-on: https://code.wireshark.org/review/8284
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This adds limited support for heuristic subdissectors with IPv6.
The initial motivation is STT but it should transparently work
for other protocols using IP heuristic dissectors in a manner
similar to the non-heuristic dissectors.
The limitation is in regards to IPv6 extension headers. IPv6 has
multiple checks against the next protocol table when determining
when the protocol is an unknown extension header or not. This
assumes that the check is cheap and has no side effects, neither
of which is true for heuristic dissectors. As a compromise, this
assumes that the next protocol is registered as protocol, even
if is not the one that is ultimately dissected. Although not
strictly correct, in practice this is true for existing protocols
and likely future ones because the heuristic dissectors are
overriding non-heuristic ones.
Change-Id: Iff8cfc148ced5ca16191cc2b1879ad87e38d23cd
Reviewed-on: https://code.wireshark.org/review/8197
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: I727132effdb17138c35b0f3282f2f7b3dddb05b4
Reviewed-on: https://code.wireshark.org/review/8278
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Check the captured length as well as the reported length, as is done in
other checksumming code paths.
Change-Id: I55371d99a28ffd1325e7266037cced580077d80b
Reviewed-on: https://code.wireshark.org/review/8272
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't bother doing the checksum, as we don't know how much to checksum;
don't assume setting pim_length to 0 will force it not to be
checksummed, as it doesn't; and don't test twice for a version != 2.
Change-Id: I1c2ed3ecf1572aef6c5af140c410f9cdd0e9c3a6
Reviewed-on: https://code.wireshark.org/review/8271
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Just reuse the result we got from an earlier call.
Change-Id: Icb4617d731d9e3f152ce762f56a1c32567cbde4a
Reviewed-on: https://code.wireshark.org/review/8270
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Update a URL, and tell The Story About PIM, or, at least, about various
drafts floating around. I guess it took a while for the protocol to
settle down, and a number of things changed significantly between early
drafts and RFC 2117, including whether the protocol runs atop IGMP or
directly atop IP.
There doesn't appear to be *any* draft that corresponds to what
dissect_pimv1() dissects; all have significant differences.
Change-Id: Ia9c80cc384546b0a822a59fef01c1476f95ad8a6
Reviewed-on: https://code.wireshark.org/review/8269
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit 3ca9318d82.
Mac OS X buildbot are not happy
packet-gias.c:356: warning: 'hf_UCO_InvalidInputParameter_details' defined but not used
packet-gias.c:359: warning: 'hf_UCO_ProcessingFault_details' defined but not used
packet-gias.c:360: warning: 'hf_UCO_SystemFault_details' defined but not used
packet-gias.c:5275: warning: 'decode_UCO_Ratio_st' defined but not used
packet-gias.c:5303: warning: 'decode_UCO_DirectAccessLocation_st' defined but not used
packet-gias.c:5588: warning: 'decode_UCO_Coordinate3d_st' defined but not used
packet-gias.c:5612: warning: 'decode_UCO_Circle_st' defined but not used
packet-gias.c:5625: warning: 'decode_UCO_Ellipse_st' defined but not used
packet-gias.c:5656: warning: 'decode_UCO_SimpleGSImage_st' defined but not used
packet-gias.c:5671: warning: 'decode_UCO_SimpleCImage_st' defined but not used
packet-gias.c:5694: warning: 'decode_UCO_CompressedImage_st' defined but not used
packet-gias.c:5836: warning: 'decode_GIAS_ImageSpec_st' defined but not used
Change-Id: Iee076c00eb4e48571a99f6b854b7e3e52983c2f8
Reviewed-on: https://code.wireshark.org/review/8265
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I11beada78d2f2b4359d3638cdbcb6f43623fd10c
Reviewed-on: https://code.wireshark.org/review/8262
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Should fix the following runtime error reported by Joerg:
../../asn1/c1222/packet-c1222-template.c:1427:3: runtime error: null pointer passed as argument 1, which is declared to never be null
../../asn1/c1222/packet-c1222-template.c:1427:3: runtime error: null pointer passed as argument 2, which is declared to never be null
Change-Id: I2f952815ed81e47b504e6479835a357b7656828e
Reviewed-on: https://code.wireshark.org/review/8251
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Shift 1U instead, to make sure it's unsigned; the result of, for
example, the result of shifting a signed value left is undefined if the
value times 2^{shift count} doesn't fit in the *signed* type of the
shifted value. That means, in particular, that the result of shifting 1
left by {number of bits in an int - 1} is undefined. (In *practice*,
it'll probably be -2^32, with the bit you want set, but that's not
guaranteed, and GCC 5.1 seems not to like it.)
Make some other left-hand operands of <<, and some variables holding
results from shifts of that sort, unsigned, while we're at it.
Change-Id: Ie72a9d0d518f59b35948267d10c80735d162e8bb
Reviewed-on: https://code.wireshark.org/review/8264
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Iab2559c2bac5550987c108c6e917506fcec525e9
Reviewed-on: https://code.wireshark.org/review/8221
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Shift 1U instead, to make sure it's unsigned; the result of, for
example, the result of shifting a signed value left is undefined if the
value times 2^{shift count} doesn't fit in the *signed* type of the
shifted value. That means, in particular, that the result of shifting 1
left by {number of bits in an int - 1} is undefined. (In *practice*,
it'll probably be -2^32, with the bit you want set, but that's not
guaranteed, and GCC 5.1 seems not to like it.)
This fixes the *other* generator for the X11 header files; we manually
fix the file in question, because life's too short to spend very much of
it trying to debug Perl issues that cause a
Can't use string ("1") as a HASH ref while "strict refs" in use at
../../tools/process-x11-xcb.pl line 675.
at ../../tools/process-x11-xcb.pl line 1859
at ../../tools/process-x11-xcb.pl line 1859
failure.
Change-Id: I3dd46025b2ae461e63034b36ab11cdbc9380b696
Reviewed-on: https://code.wireshark.org/review/8263
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Shift 1U instead, to make sure it's unsigned; the result of, for
example, the result of shifting a signed value left is undefined if the
value times 2^{shift count} doesn't fit in the *signed* type of the
shifted value. That means, in particular, that the result of shifting 1
left by {number of bits in an int - 1} is undefined. (In *practice*,
it'll probably be -2^32, with the bit you want set, but that's not
guaranteed, and GCC 5.1 seems not to like it.)
This fixes the generator for the X11 header files; we manually fix the
header file in question, because life's too short to spend very much of
it trying to debug Perl issues that cause a
Can't use string ("1") as a HASH ref while "strict refs" in use at
../../tools/process-x11-xcb.pl line 675.
at ../../tools/process-x11-xcb.pl line 1859
at ../../tools/process-x11-xcb.pl line 1859
failure.
Change-Id: Ia903e9dacad49021bc0dfe129b9393ad426de9eb
Reviewed-on: https://code.wireshark.org/review/8261
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Shift 1U instead, to make sure it's unsigned; the result of, for
example, the result of shifting a signed value left is undefined if the
value times 2^{shift count} doesn't fit in the *signed* type of the
shifted value. That means, in particular, that the result of shifting 1
left by {number of bits in an int - 1} is undefined. (In *practice*,
it'll probably be -2^32, with the bit you want set, but that's not
guaranteed, and GCC 5.1 seems not to like it.)
Change-Id: I96114047d402d1bae537cdfeb28a8564b1c94712
Reviewed-on: https://code.wireshark.org/review/8256
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Shift 1U instead, to make sure it's unsigned; the result of, for
example, the result of shifting a signed value left is undefined if the
value times 2^{shift count} doesn't fit in the *signed* type of the
shifted value. That means, in particular, that the result of shifting 1
left by {number of bits in an int - 1} is undefined. (In *practice*,
it'll probably be -2^32, with the bit you want set, but that's not
guaranteed, and GCC 5.1 seems not to like it.)
Change-Id: I0d27565c382a04ceda9eec65f45a430ceb74cf53
Reviewed-on: https://code.wireshark.org/review/8255
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- DCOM:
* Mark some DCOM functions as public do allow calls from plugins
* Add Support for Additional Variant Types Money, I8, UI8
* Fix an uint32 overflow when dissecting nwstringz0 where the length is 0
* Use WS_DLL_PUBLIC instead of WS_DLL_PUBLIC_DEF
Change-Id: I02861a09203c6b42326f5a7b7e652e0f7c26d369
Reviewed-on: https://code.wireshark.org/review/8222
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
While we are at it, let's use pinfo memory pool instead of making a copy of the string to be freed afterwards
Change-Id: Ic92b3a09b053e8394f194b595272c7b228bd6b2b
Reviewed-on: https://code.wireshark.org/review/8236
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The "EPSG Draft Standard 302-A: High Availability" introduces
the new frame "AMNI". This change adds support to correctly
dissect POWERLINK AMNI frames.
Change-Id: I9e402423296c4e82a25e897de964629bb695d566
Reviewed-on: https://code.wireshark.org/review/8215
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Bug: 9363
Change-Id: Ic64716ef0156607ca40773cef8e76fc4a0825b3c
Reviewed-on: https://code.wireshark.org/review/8196
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also fixing indentation problem
Bug: 10304
Change-Id: I560db0e8cce9fdf796a47e387f2d681abe54a653
Reviewed-on: https://code.wireshark.org/review/8192
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This adds some essential features for STT dissection including
using a heuristic IP dissector to ensure we get the right traffic,
segment reassembly, and additional field decoding.
Based on work original done by Andrew Evans.
Change-Id: Ic89d6b16803185c7f58b73935c2646d532d0ae14
Reviewed-on: https://code.wireshark.org/review/8187
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The 'num_digits' parameter to add_digits_string_info_col can come straight from
the packet. Verify it is sane (e.g. the number of bytes required are actually
present) as otherwise we can try and allocate enourmous quantities of memory for
no reason.
Also clean up the routine; fix indenting, and simplify the loop variables.
Bug: 11148
Change-Id: I11052652f8d42fa2bb31f37e3c74523842bb3096
Reviewed-on: https://code.wireshark.org/review/8195
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The IP dissector passes 'tree' to its heuristic dissectors instead
of the 'parent_tree' passed to the normally registered dissectors.
These two are generally the same except that 'tree' is set to NULL
in cases where IP is not referenced - a local optimization that
should not be passed down to the lower layers. The result is that
the filter:
ip && PROTO matches
but:
PROTO does not match.
This changes the two types of dissectors to behave the same by
getting 'parent_tree'.
Change-Id: I78690d4767d2e3a763fd4388792c49aa5df0a962
Reviewed-on: https://code.wireshark.org/review/8190
Reviewed-by: Guy Harris <guy@alum.mit.edu>
packet-c15ch.c:5798: warning: comparison of unsigned expression >= 0 is always true
packet-c15ch.c:5809: warning: comparison of unsigned expression < 0 is always false
packet-c15ch.c:5841: warning: comparison of unsigned expression < 0 is always false
packet-c15ch.c:5859: warning: comparison of unsigned expression < 0 is always false
packet-c15ch.c:5917: warning: comparison is always false due to limited range of data type
Change-Id: Ia12f83c070bc1b794581cd37e330c38b0bad0516
Reviewed-on: https://code.wireshark.org/review/8174
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Bug: 11063
Change-Id: I3daa9e6a75e52df1587678bd78f42e4e46fe4509
Reviewed-on: https://code.wireshark.org/review/7557
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Iaff4551f87fa8d74a09a99c3c772c8abbdf60198
Reviewed-on: https://code.wireshark.org/review/8168
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It doesn't work any more for empty (length==0) PDUs.
Similar to bug 10646/Ifb96768969a43c59367b73e7bb940ceeb02cf6b0 (for RPC).
Untested as I'm not set up to build IDL dissectors now.
Bug: 11134
Change-Id: I77aacc2590acbacbe02edb1768e754f92f87bc23
Reviewed-on: https://code.wireshark.org/review/8163
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: Ie02f809e69cf9e7980d90ab02a2d4f34a465e0cd
Reviewed-on: https://code.wireshark.org/review/8170
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I48f39c148006e25fa98b75656cbb11496bce9d25
Reviewed-on: https://code.wireshark.org/review/8169
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I3b5452ef8cfd4fac414b2c5bdd7926ea679b8029
Reviewed-on: https://code.wireshark.org/review/8167
Reviewed-by: Michael Mann <mmann78@netscape.net>
Part 2 of a few
Change-Id: Ic1f1aafe2ed02dce95b15c03a91cbd68807a5cf4
Reviewed-on: https://code.wireshark.org/review/8165
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
one (and only one) Application ID list.
This means we don't have to list all the Application IDs several times in the
XML file. Collapse those lists into one (much more complete, now) list while
also fixing URIs for several of the specifications (and making it clear for
others that we don't have access to the specification--by declaring their
URI to be "none").
Add a bunch more entries to the list of application IDs.
Change-Id: Ia5c96b1f6f1fe3a9521b3d70142889e3881fae5e
Reviewed-on: https://code.wireshark.org/review/8147
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We had several copies of that code; put it into a filetime_to_nstime()
routine in wsutil, and call that common routine instead.
Change-Id: I1eb5579c36c129ff8d23f9212285ab3f63be0f43
Reviewed-on: https://code.wireshark.org/review/8142
Reviewed-by: Guy Harris <guy@alum.mit.edu>
we can always get it back from git if we want
Change-Id: I61911628541cf4ed4be20e736e41fbaa58978d75
Reviewed-on: https://code.wireshark.org/review/8124
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Implementing a tap interface as well as a packet structure
which contains all necessary information from a single
openSAFETY frame.
This structure is located in a separate packet-opensafety.h so
that plugins and other programs, which want to utilize the tap
interface, may benefit from the same defines
The 40bit calculation was implemented in a wrong fashion,
so that it never calculated the correct UDID
Change-Id: I62895f91d0a255a5489b9bf397a40d824a27383f
Reviewed-on: https://code.wireshark.org/review/7275
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
HeaderID is bitfield in real. There is information about
length-information in value part.
Change-Id: Ib861f658c7b56e16df8a6514de69215138a1740d
Reviewed-on: https://code.wireshark.org/review/8039
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Part 1 of a few
Change-Id: I413f23dfa92da5488ca8a7f62ca0738b25004635
Reviewed-on: https://code.wireshark.org/review/8117
Reviewed-by: Michael Mann <mmann78@netscape.net>
Application Parameters are defined in profile specification.
If there is not enough infgormation to recognize profile user must have
ability to do that manually.
Also add expert info that packet is manually "Decoded As".
Change-Id: I8a735d46d365d712995cd8cc00b2f46849c8afb4
Reviewed-on: https://code.wireshark.org/review/8044
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Miscellaneous corrections in ZigBee Green Power commissioning cluster dissection.
Change-Id: I6aaf5f2c1ad5c70d1961709c0e94ab5c5af81ec7
Reviewed-on: https://code.wireshark.org/review/8094
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>