- Refactor capture info, A field, B field dissection.
- Clean up dissection, removing private A field, B field structures.
- Added standard references.
svn path=/trunk/; revision=35743
In the standard 802.3at-2009 the PoE+ TLVs are 12 bytes long, but in the
earlier version 802.3bc-2009, they are 7 bytes long (the power type/
source/priority, and the requested and allocated fields are lacking).
Not respecting the length of the TLV leads to wireshark displaying garbage
data and could lead to reading outside of buffer.
svn path=/trunk/; revision=35737
The issue (in essence)
For:
char foo[][4] = {"abc", "defg", "hij"};
strlen(foo[1]) will be 7 and not 4 as expected;
Detected via msvc level 4 warning: "array is too small to include a terminating null character"
svn path=/trunk/; revision=35732
Found by reviewing msvc level 4 warnings "assignment within conditional expression".
(Unfortunately most of the warnings are false positives so this warning can't be enabled)
svn path=/trunk/; revision=35726
Make a global variable static (since it's apparently not used elsewhere);
Whitespace changes (indentation, trailing, etc).
svn path=/trunk/; revision=35725
This patch (against revision 35716) resolves the following bug:
[introduced in patch attached to Bug #5518]
"Dissector bug, protocol RSVP, in packet 78:
More than 1000000 items in the tree -- possible infinite loop"
Actually the bug is resolved by the "return" statement that was erased by
mistake. The patch fixes another issue: the code didn't take care of the fact
that TLVs must be padded to a length multiple of 4.
See:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5518https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5628
From me:
Change two bytestring_to_str(tvb_get_ptr(...),...) to tvb_bytes_to_str(tvb,...)
svn path=/trunk/; revision=35722
Add Bearer Control Mode selection support in gtpv1 dissector.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5634
Sligtly reworked by me:
- prefix names with gtp
- Use proto_tree_add_item()
- remove ref to specific protocol version, as it's probably a mix.
- Changed the update to the AUTHORS file.
svn path=/trunk/; revision=35699
DRSUAPI dissector. Updated the packet-dcerpc-drsuapi.c file manually
because it used to be auto-generated, but appears to have had changes
since then.
svn path=/trunk/; revision=35690
Add 30 years of seconds, not 20 years, since the DHCP_LLT time is seconds
since Jan 1 2000 and epoch is 30 years before that.
svn path=/trunk/; revision=35686
The radiotap standard just adopted the new MCS field to display MCS
information. The attached patch allows wireshark to parse that field.
From me:
Terminate value_strings. Move the IEEE80211_RADIOTAP_XCHANNEL definition
to packet-radiotap-defs.h.
svn path=/trunk/; revision=35684
- add new PROTECTION obj c-type 2 (RFC4872)
- add new TLVs for IF_ID (RFC4920)
- add Path Key subobj in ERO (RFC5520)
- add new ASSOCIATION obj c-type 4 (oif2008.389)
- add new LSP_ATTRIBUTES and LSP_REQUIRED_ATTRIBUTES objects (RFC5420)
- improved ERROR object dissection and new error values added
- ADMIN_STATUS transformed to filter and new flags added
- minor fix to conversation (not applied to ACK, SREFRESH and HELLO messages)
to resolv displaying of "Unknown session type" string in such messages
Moreover, I've deleted some "enum" statements for error values that I thought
they were useless since they were used only once throughout the RSVP dissector
code.
See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5518
From me: fix two typos.
svn path=/trunk/; revision=35681
*Bug Fixes
*NodeId length is now configurable
*Added missing messages
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5620
From me:
-Remove trailing blanks from a few lines;
-Put "editor mode lines" at the end of the source file.
svn path=/trunk/; revision=35674
- Simplify a proto_tree_add_uint() call into proto_tree_add_item()
- Mention RFC 1002 in comment above message type definitions
- Expand field descriptions for length field
svn path=/trunk/; revision=35668
Patch to add a new dissector for Realm Specific IP (RSIP) as defined by
RFC 3102, RFC 3103, and RFC 3104.
This is a very basic dissector. It could be extended to do addtional RSIP
protocol violation testing. The dissector is written such that it should be
easy to add later.
svn path=/trunk/; revision=35653
Remove the filters on IPv6 Link Local and Multicast addresses, since
these _can_ be resolved through the hosts file and manual entry.
svn path=/trunk/; revision=35651
Allow TDLS Setup Response/Confirm to not include optional fields
Verifying whether non-zero status code is used and use explicit validation of
the remaining length and an expert info instead of implicit failure by an
exception.
svn path=/trunk/; revision=35642
because the ep memory is cleared before the init routine is called.
Fixed the variable name for the no_yes true_false_string.
Update reference to protocol description.
svn path=/trunk/; revision=35626
In semcheck.c the display filter string of an expression is checked against the
header_field_info.display value BASE_CUSTOM. But the value of BASE_CUSTOM is
applied as bitmask while the actual type is an enum (BASE_CUSTOM = 6).
With this BASE_DEC, BASE_DEC_HEX and BASE_HEX_DEC are also matching and are not
accepted as filter expression.
Actually: BASE_DEC works but not BASE_HEX. And the problem only shows up when
trying to match a field in one of these bases against a string (from a
value_string).
svn path=/trunk/; revision=35621
The patch I am attaching here is for dissecting LISP data packets.
From me:
Minor cleanups.
Showing the reserved field.
Adding to all makefiles and release notes.
svn path=/trunk/; revision=35615
of going through a temporary variable). This just makes it more obvious which
add_bytes_format() calls are or are not being given pointers into the TVB.
Use tvb_ip_to_str() and tvb_ip6_to_str() in a couple spots.
svn path=/trunk/; revision=35593
result from the ADDCARRY portion of the REDUCE macro.
-#define ADDCARRY(x) (x > 65535 ? x -= 65535 : x)
+#define ADDCARRY(x) {if ((x) > 65535) (x) -= 65535;}
The new code is from in_cksum.c in the Tahoe/CGI port of 4.4BSD-Lite2 (we're
using the "Portable Version" copy otherwise).
svn path=/trunk/; revision=35589
packet-dcerpc.c:4056:19: error: comparison of integers of different signs:
'guint32' (aka 'unsigned int') and 'int' [-Wsign-compare]
for (i = 0; i < (int) commands_nb; ++i) {
~ ^ ~~~~~~~~~~~~~~~~~
... by removing the "(int)" cast
svn path=/trunk/; revision=35587
A patch to enhance the ICMPv6 dissector
- Make ICMP Type (sub)field filterable
- Add Inverse Neighbor Discovery (RFC 3122)
- Remove dependency to packet-ipv6.h
- Cleanup packet-ipv6.h
- Update RFC Draft to draft-ietf-roll-rpl-17 (with make a sub dissector
for RPL Control and add Secure RPL...)
- Replace tvb_get_ipv6/ip6_to_str by new function tvb_ip6_to_str
- and other enchancements.....
svn path=/trunk/; revision=35586
proto_tree_add_*(): just use proto_tree_add_item().
Replace some tvb_get_ptr()s with tvb_get_ephemeral_string() or
tvb_get_const_stringz().
Use tvb_memeql() & tvb_memcmp().
svn path=/trunk/; revision=35558
functions act like their non-tvb counterparts except that they take a tvb and
and offset instead of a pointer to a byte array.
This basically saves the dissectors from having to call tvb_get_ptr()--which in
this case eliminates a couple of typos in the length given to tvb_get_ptr().
svn path=/trunk/; revision=35549
return string is NULL terminated.
There's no need to pass the result of tvb_get_ptr() as the 'value' in
proto_tree_add_*(): just use proto_tree_add_item().
svn path=/trunk/; revision=35548
Use tvb_ip_to_str().
There's no need to pass the result of tvb_get_ptr() as the 'value' in
proto_tree_add_*(): just use proto_tree_add_item().
Replace some tvb_get_ptr()s with tvb_get_ephemeral_string()s to ensure the
return string is NULL terminated.
svn path=/trunk/; revision=35547
Use tvb_ip_to_str() and tvb_ip6_to_str().
There's no need to pass the result of tvb_get_ptr() as the 'value' in
proto_tree_add_*(): just use proto_tree_add_item().
Replace some tvb_get_ptr()s with tvb_get_ephemeral_string()s to ensure the
return string is NULL terminated.
svn path=/trunk/; revision=35546
There's no need to pass the result of tvb_get_ptr() as the 'value' in
proto_tree_add_*(): just use proto_tree_add_item().
Replace some tvb_get_ptr()s with tvb_get_ephemeral_string()s to ensure the
return string is NULL terminated.
svn path=/trunk/; revision=35545
>Linking fails now:
>epan/.libs/libwireshark.so: undefined reference to `hf_bssgp_elem_id'
>epan/.libs/libwireshark.so: undefined reference to `bssgp_elem_fcn'
>epan/.libs/libwireshark.so: undefined reference to `ett_bssgp_elem'
>epan/.libs/libwireshark.so: undefined reference to >`bssgp_elem_strings'
>Did you miss packet-bssgp.c in that commit?
I'll try to clean this up in the next few days.
svn path=/trunk/; revision=35544
Additional function codes: Disable unsolicited messages, Open\Close\Delete file
Additional data objects: Analog output events, File objects and Octet string events.
Improved Info column display for reassembled fragments.
Changed all event timestamps to be UTC as per protocol spec.
svn path=/trunk/; revision=35533
bootp option 123 has 2 chooses - coordinate based location RFC 3825 or
CableLabs DSS_ID. Add better support for having 2 DSS_ID with dynamic
size (up to 32 byte each)
svn path=/trunk/; revision=35530
Replace ip6_to_str((tvb_get_ptr(...)) with tvb_ip6_to_str().
There's no need to pass the result of tvb_get_ptr() as the 'value' in
proto_tree_add_*(): just use proto_tree_add_item().
Replace some tvb_get_ptr()s with tvb_get_ephemeral_string()s.
Replace some memcpy()+tvb_get_ptr() with tvb_memcpy().
svn path=/trunk/; revision=35529
This patch adds support for the following fields in Meta protocol:
- Deciphered
- Local Device ID,
- Remote Device ID,
- Tap Group ID,
- TLLI,
- Calling Station ID,
- Called Station ID
svn path=/trunk/; revision=35524
do the same as the non-tvb equivalents but take a TVB and an offset instead
of a pointer to an array of bytes.
Their purpose is to prevent (many) dissectors from doing:
ip_to_str(tvb_get_ptr(...)).
(About the names and the location: I like the names as they are but the names
imply that they should live in tvbuff.c. That would make some sense but
I didn't want to pull to_str.h into tvbuff.c...)
svn path=/trunk/; revision=35519
The first time a value_string_ext() is accessed, _match_strval_ext_init() is
used before the real match function is called. This function was not expanded
to take an idx parameter (in rev 35451). It compiled only because the function:
a) previously did not match _value_string_match_t
b) and the difference was being cast away when assigning _match_strval to it
(So the fact that the index parameter was not added was also ignored.)
To fix the problem, give _match_strval_ext_init() and index parameter and use
it instead of a dummy variable when calling the real match function. That way
the first call to match_strval_ext_idx() will return an actual (initialized)
index.
To prevent the problem in the future, make the vse argument to
_match_strval_ext_init() const *and then cast away the constness* so the
function can modify the vse.
svn path=/trunk/; revision=35508
Improved the decoding of OID search ranges in AgentX dissector:
1/ OID highlighting on first OID of a range was too long.
The code incorrectly used the length of the printable string instead
of the length of the source data.
2/ Added bitwise dissection of the 'include' field of an OID decoding.
3/ Added corrected 'start/end' range information to SearchRange decoding to
discriminate between an 'end' indicator (old way) and the new way that
shows both an inclusive/exclusive indicator as well as a start/end range
indicator. (applicable to getnext/getbulk requests).
svn path=/trunk/; revision=35500
proto_tree_add_string(): just use proto_tree_add_item().
Replace some tvb_get_ptr()s with tvb_get_ephemeral_string()s.
In a couple of places an hf variable was being used as the length in a call to
proto_tree_add_*(). Use the appropriate variable instead.
svn path=/trunk/; revision=35497
proto_tree_add_string(): just use proto_tree_add_item().
Replace some tvb_get_ptr()s with tvb_get_ephemeral_string()s.
In a couple of places an hf variable was being used as the length in a call to
proto_tree_add_*(). Use the appropriate variable instead.
svn path=/trunk/; revision=35496
proto_tree_add_string(): just use proto_tree_add_item().
Replace some tvb_get_ptr()s with tvb_get_ephemeral_string()s.
In a couple of places an hf variable was being used as the length in a call to
proto_tree_add_*(). Use the appropriate variable instead.
svn path=/trunk/; revision=35495
pointer to a NULL-terminated string in the TVB. It is no safer than dissectors
which call tvb_get_strsize() and then tvb_get_ptr() but it makes it clear that
this usage of tvb_get_ptr() is safe.
This function is slightly more efficient than tvb_get_ephemeral_stringz()--but
only as long as we're not using composite TVBs.
svn path=/trunk/; revision=35493
fragment->len was left unitialized.)
Also (unrelated): save a couple of calls to tvb_reported_length() since the
value is already stored in a variable.
svn path=/trunk/; revision=35485
FCoIB – Fibre Channel over InfiniBand. The protocol enables transmission of
Fibre Channel frames over InfiniBand networks. It is based on encapsulation of
Fibre Channel frames over InfiniBand UD transport. The discovery protocol is
based on the FIP protocol (not supported by this patch).
This patch adds an FCoIB dissector to Wireshark. It is based in large part on
the existing FCoE dissection code.
This code is submitted on behalf of Mellanox Technologies Ltd.
svn path=/trunk/; revision=35475
rules. (Is this the right fix? I had to remove a now meaningless
comparison of psm > 0x1000 (4096) since psm is now a guint8 not a guint16.)
svn path=/trunk/; revision=35463
20:15:19 Err Field 'Link-local Address' (pmip6.lila_lla) is an FT_IPv6
but is being displayed as BASE_HEX instead of BASE_NONE
svn path=/trunk/; revision=35439
packet-mip6.c:801: warning: 'hf_pmip6_opt_ipack' defined but not used
packet-mip6.c:802: warning: 'hf_pmip6_opt_ipack_res' defined but not used
svn path=/trunk/; revision=35438
packet-gtpv2.c:2648: warning: return type defaults to 'int'
packet-gtpv2.c: In function 'dissect_udp_s_port_nr':
packet-gtpv2.c:2690: warning: unused parameter 'length'
packet-gtpv2.c: In function 'dissect_gtpv2_fq_csid':
packet-gtpv2.c:2845: warning: unused parameter 'length'
packet-gtpv2.c: In function 'dissect_gtpv2_emlpp_pri':
packet-gtpv2.c:2927: warning: implicit declaration of function 'be_emlpp_prio'
packet-gtpv2.c: At top level:
packet-gtpv2.c:3056: warning: initialization from incompatible pointer type
svn path=/trunk/; revision=35431
dissector-bug macros. If it's just that we're missing some packets, we
should handle that as best we can and, if there's stuff we can't do,
maybe put something into the protocol summary or tree saying "not enough
information". Don't just spit out a warning message which the user
might not even see.
svn path=/trunk/; revision=35426
the discussion in bug 5541. Since we now have the window size value as
well as the scaled window size, there is no need anymore for the
tcp preference "tcp_window_scaling".
svn path=/trunk/; revision=35425
abbreviation
** ERROR **: Field 'IPv4 Address' (gtpv2.ipv4_addr) is an FT_IPv4 but is being
displayed as BASE_DEC instead of BASE_NONE
svn path=/trunk/; revision=35420
just put the reply body, if any, into the protocol tree as a blob. The
protocol tree will note that it's an unknown status.
svn path=/trunk/; revision=35414
one of the macros to report that, or you have a problem with the packet,
in which case you should note that in the protocol tree, or you have
something you don't understand, in which case you should dissect
whatever of it you do understand and put something appropriate, if
possible, into the protocol tree for the rest.
(And, if the length isn't right, there's not much you can do about it -
you have to trust the length, and manage to fail somewhere else.)
svn path=/trunk/; revision=35408
field names and adding descriptions, changing the Domain GUID in the "LDAP
ping" response to a FT_GUID instead of FT_BYTES, etc.
svn path=/trunk/; revision=35407
In dissect_amqp_0_10_array() if the 'type' is unknown, don't loop (for
potentially a very long time) adding the same element over and over again
(since the type is unknown, we don't know how much to increase the offset so
an exception is never thrown).
svn path=/trunk/; revision=35406
in MSCLDAP packets per Microsoft's MS-ADTS specification, section 7.3.1.1,
revision 26 (11/19/2010). Also re-format code a bit.
svn path=/trunk/; revision=35403
in the tree of the service record broken out. For example,
"_ldap._tcp.domain.com" shows:
Service: ldap
Protocol: tcp
Name: domain.com
svn path=/trunk/; revision=35401
terminated strings (retrieved with tvb_get_ptr()), just use
tvb_get_ephemeral_string() and the standard strtoul{l} functions.
svn path=/trunk/; revision=35394
From me: add 0_9 to names for #defines and routines for 0-9, add expert
info for the "you ran past the end of the field table" error.
svn path=/trunk/; revision=35380
causes (should have been in rev 35366).
When generating TVB subsets, limit the subset's backing and reported lengths to
the (captured) TVB length and the reported TVB length, respectively.
This allows us to dissect most of the packet in
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5546
before asserting out.
It also yields similar better behavior when the capture is limited by a
snapshot length.
svn path=/trunk/; revision=35368