This reverts commit 28719a4e4e.
Most of the change to remove "lib" seems to work, but the list of libraries to sign appears not to be in the source repository, so I can't make that step work.
Change-Id: I32e400593e8a39f582cc702df34eea7f6e9e722a
Reviewed-on: https://code.wireshark.org/review/2972
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Some Microsoft errata were caused by bad decoding and were not actually
problems. Remove the unneeded tests and expert information.
Add PRID ranges values to Layer Presence bytes.
Change-Id: I0b2b555bc448f0b4ee142b2920ae4e37d54ccab4
Reviewed-on: https://code.wireshark.org/review/2958
Reviewed-by: Anders Broman <a.broman58@gmail.com>
wIndex often contains different fields in it's upper & lower byte.
Printing in hex makes these seperate fields easier to read.
Change-Id: I69fb7e14b4f5b5a1ecd61bcae34f6d100f1a94b6
Reviewed-on: https://code.wireshark.org/review/2961
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I8d66b1bc7dbdfee3d4bf6fd3b3c21c6323b66f44
Reviewed-on: https://code.wireshark.org/review/2946
Reviewed-by: Michael Mann <mmann78@netscape.net>
Without this patch, pinfo->ptype is PT_UNKNOWN
Change-Id: Ia15b5115f874d0c9ff69be11ed7ee3dac1fadbd5
Signed-off-by: Yan Burman <yanb@mellanox.com>
Reviewed-on: https://code.wireshark.org/review/2941
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Without it, dual-band DF-3C feature does not work
Change-Id: I95d4a7320b77c6093f5d51efdbb2b21af0deab11
Reviewed-on: https://code.wireshark.org/review/2942
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Previously we just call HPACK decompressor when dessecting packets.
This is fine for the first linear scan. But later same packet may be
dissected more than once and their header block data will be fed into
decompressor again. This makes header compression context out-of-sync
because HPACK decompressor only works when data is fed linearly. This
change fixes this issue by caching decompressed headers in the first
linear scan. On random packet dissecting, they are just looked up.
This change adds support of changing header table size by inspecting
SETTINGS frame and tracking its SETTINGS ACK.
Change-Id: I9c75c67f8677063e443f9b131740f3ee94ff8a63
Reviewed-on: https://code.wireshark.org/review/2616
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Summary of changes since draft-12:
* Pad High and Pad Low wereare replaced with single Pad Length field.
* Padding was removed from CONTINUATION frame.
* ALTSVC and BLOCKED frames were removed.
* Per-frame compression and its associated SETTINGS flag were removed.
* HPACK Huffman code table and static header table were updated.
Change-Id: I9c4f05f8cd937bfadbb1b912f2b9ffb31e9c18d5
Reviewed-on: https://code.wireshark.org/review/2615
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Modelled after ccf7ed00b6 which detects
the header digest field, this patch adds auto-detection for the Data
Digest field which comes after the data segment.
Since the digest is now automatically detected, drop the three related
preferences.
Verified against scsi-osd-example-001.pcap (from SampleCaptures).
Change-Id: Icd89f1be58889c7ab70aca9dff7d3f99c8fe04d6
Reviewed-on: https://code.wireshark.org/review/2882
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Freeing it after the exception doesn't do much, for obvious reasons. Also move
the allocation a bit later, and add modelines.
This fixes one major memory leak, although on inspection this code still isn't
safe since there are exception-throwing functions called all over the place with
glib memory active. Outside the scope of this fix though.
Bug: 10265
Change-Id: I1fe272e92b92cac6b99abb84866b8ae9b582e24c
Reviewed-on: https://code.wireshark.org/review/2931
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In commit 4afd70d ("Use g_hash_table_new_full to free some values"), the
hashtable gained a destroy handler which frees memory. This
inadvertently destroyed a conversation during key updates.
Fix this by not calling _remove (and thereby calling the destroy
handler), but use _steal instead. (Suggestion by Evan Huus).
Bug: 10263
Change-Id: I9fa7f5a697599f42894d38718b00b9c0c1b57004
Reviewed-on: https://code.wireshark.org/review/2924
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Evan Huus <eapache@gmail.com>
Encountered with the following attachments from bugs:
6575-test-dlmapc-wmx
6577-test-dlmapc-wmx
6579-test-dlmapc-wmx
Also added modelines.
Change-Id: I3859bed618830ad359bd0b2b1fdfc3c5fc13269e
Reviewed-on: https://code.wireshark.org/review/2920
Reviewed-by: Evan Huus <eapache@gmail.com>
target type
Change-Id: If7efc629247480fbfb231b965a358803b67e1504
Reviewed-on: https://code.wireshark.org/review/2919
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For each displayed packet list row, save a copy of or a pointer to
column strings similar to ui/gtk/packet_list_store.c. This lets us call
epan_dissect_run only once per row.
Bug: 9511
Change-Id: I17e8ebeb5ed70518c9047413c3b2a46f01e904ef
Reviewed-on: https://code.wireshark.org/review/2752
Reviewed-by: Anders Broman <a.broman58@gmail.com>
New dissectors return an integer, not a boolean, fix that.
Change-Id: I79dea0cc4274d503d61ce8823dc783c542764f6b
Reviewed-on: https://code.wireshark.org/review/2884
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: Ie10ac4f5f04a23344d183e095bbafb23c6409144
Reviewed-on: https://code.wireshark.org/review/2904
Reviewed-by: Michael Mann <mmann78@netscape.net>
The WRETH dissector showed up some garbage in the column display. Upon
further inspection, it turns out that the format string had a trailing
percent sign which caused (unsigned)-1 to be returned by
g_printf_string_upper_bound (in emem_strdup_vprintf). Then ep_alloc is
called with (unsigned)-1 + 1 = 0 memory, no wonder that garbage shows
up. ASAN could not even catch this error because EP is in charge of
this.
So, start adding G_GNUC_PRINTF annotations in each header that uses
the "fmt" or "format" paramters (grepped + awk). This revealed some
other errors. The NCP2222 dissector was missing a format string (not
a security vuln though).
Many dissectors used val_to_str with a constant (but empty) string,
these have been replaced by val_to_str_const. ASN.1 dissectors
were regenerated for this.
Minor: the mate plugin used "%X" instead of "%p" for a pointer type.
The ncp2222 dissector and wimax plugin gained modelines.
Change-Id: I7f3f6a3136116f9b251719830a39a7b21646f622
Reviewed-on: https://code.wireshark.org/review/2881
Reviewed-by: Evan Huus <eapache@gmail.com>
With autotools, CMake, and nmake, if we have a function, #define
HAVE_{function_name_in_all_caps}, otherwise don't #define it.
If we provide our own version of a function in libwsutil, make sure we
have a header that declares it, and *ONLY* include that header if
HAVE_{function_name_in_all_caps} is *NOT* defined, so that we don't have
the system declaration and our declaration colliding.
Check for inet_aton, strncasecmp, and strptime with CMake, just as we do
with autotools.
Simplify the addition of {function_name_in_all_caps}_LO to libwsutil in
autotools.
Change-Id: Id5be5c73f79f81919a3a865324e400eca7b88889
Reviewed-on: https://code.wireshark.org/review/2903
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add support for Prefix, STAP, MTAP, NI-MTAP, and PACSI packet types.
Add support for Microsoft SEI messages [MS-H264PF]
Add support for dissecting scalable profiles
SDP: Add profile-level-id decode for payload type H264-SVC
MS-H264PF: http://msdn.microsoft.com/en-us/library/hh659565.aspx
Update #1 - Fix Tabs -> Spaces, Reinsert accidentally removed entry 19
from h264_type_values
Update #2 - Changed to using expert info for exceptions and Microsoft
errata.
Update #3:
- Correct handling of truncated packets
- Use guid functions and compare techniques
- Correct ranges for expert info messages
- Change to using reported_length from captured_length
Change-Id: I520a3c9a6d85c78a976b520cf5a6a405064a48f1
Reviewed-on: https://code.wireshark.org/review/2580
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: Id1997c3c8f6d0460da7f0faa58798a72737dd667
Reviewed-on: https://code.wireshark.org/review/2898
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I3efa2a81ab2685cde6eae0a00b24520478a545ce
Reviewed-on: https://code.wireshark.org/review/2900
Reviewed-by: Michael Mann <mmann78@netscape.net>
As suggested by Alexis reviewing change Ie76c5a810af927b, this issue was
scattered throughout the v4/v5 openflow dissectors. Hopefully I got all of them.
Original issue found in bug 10259.
Change-Id: Idf87deea34132aec5cd4e8f83264906a29b15568
Reviewed-on: https://code.wireshark.org/review/2878
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The return value of new dissectors is the number of bytes that were
successfully dissected, not a boolean. Fix that and get rid of an
unnecessary iSCSIPdusDissected variable.
Change-Id: Ie31df393a1eb44f185d320a4c2d35f5e8b7d7bd9
Reviewed-on: https://code.wireshark.org/review/2889
Reviewed-by: Evan Huus <eapache@gmail.com>
new dissectors return an int, not a boolean...
Change-Id: I88e19f7c0dc14da3649d1522ffe936538a867753
Reviewed-on: https://code.wireshark.org/review/2888
Reviewed-by: Evan Huus <eapache@gmail.com>
Return value "-1" means that more data is requested. The dissector
actually doesn't have any idea what to do with the data, so just return
the data dissected so far.
tcp stream 3182 from c05-http-reply-r1.pcap (SampleCaptures) was
incorrectly detected as MIKEY, it was actually HTTP...
Change-Id: Idca3d3e2f85e821df70436a675699b5834236f89
Reviewed-on: https://code.wireshark.org/review/2887
Reviewed-by: Evan Huus <eapache@gmail.com>
uint16 & 0xFF00 will always equal 0. Use tvb_get_guint8 instead. Convert
from tvb_length to tvb_captured_length.
Fix the return value of dissectors, 0 means reject but that cannot be
combined with reassembly requests.
Change-Id: I5fca66e2e809699392237aff5813eecdfb15857f
Reviewed-on: https://code.wireshark.org/review/2885
Reviewed-by: Evan Huus <eapache@gmail.com>
Fixes a good 80-90KB of leaks in certain cases.
Bug: 10261
Change-Id: I81d57ac67219e730b03649b9fdfc2306807bdb97
Reviewed-on: https://code.wireshark.org/review/2879
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ia2567695ffed30c990eda3740b08bfab101cea96
Reviewed-on: https://code.wireshark.org/review/2883
Reviewed-by: Michael Mann <mmann78@netscape.net>