Avoid displaying duplicate port numbers with transport name resolution disabled and
make some dissector code simpler.
Introduces port_with_resolution_to_str_buf() function and amends UDP/TCP/DCCP/SCTP to
use the new field display type.
Change-Id: Ifb97810b9c669ccbb1a310a2c0ffd6e2b63af210
Reviewed-on: https://code.wireshark.org/review/10625
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I6298b3de5f0a1cb988014ff16082eaf8c2a3c3c0
Reviewed-on: https://code.wireshark.org/review/10786
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Convert remaining dissectors to use cleanup routines when possible.
(Single-)linked lists require NULL, so do reset their pointers to NULL.
Generated with
https://git.lekensteyn.nl/peter/wireshark-notes/diff/one-off/cleanup-rewrite.py?id=69af86e6c2cf965ba3d7f9636b647b195f0b7d57
(with AUDIT = ALWAYS_EMIT_CLEANUP_CODE = True)
Remaining dissectors which did not need further changes:
epan/dissectors/packet-aeron.c
epan/dissectors/packet-bootp.c
epan/dissectors/packet-brdwlk.c
epan/dissectors/packet-drda.c
epan/dissectors/packet-etch.c
epan/dissectors/packet-fix.c
epan/dissectors/packet-fw1.c
epan/dissectors/packet-lbm.c
epan/dissectors/packet-ldss.c
epan/dissectors/packet-simulcrypt.c
epan/dissectors/packet-spdy.c
epan/dissectors/packet-starteam.c
epan/dissectors/packet-udp.c
Change-Id: Idcacfea6a5de38d40e67db4cdcd0452ad9f9a6a9
Reviewed-on: https://code.wireshark.org/review/9228
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also fix up the hf description to make it clearer (to me) that this frame number is pointing *to* the ACK, not *from* it.
Change-Id: Ic60e949e65f3988f9ac34fff39d4addc28a1fdbc
Reviewed-on: https://code.wireshark.org/review/7658
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Have them return TRUE on success and FALSE on failure. Check the return
value rather than whether the error string pointer is null or not.
Change-Id: I800a03bcd70a6bbb7b217cf7c4800e9cdcf2189c
Reviewed-on: https://code.wireshark.org/review/7222
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This prevents the tap from crashing (asserting out) because there's no
(initialized) TVB to look at.
Bug: 9849
Change-Id: I370a49ef32a67e504c30cf1762a2180bf13c56ca
Reviewed-on: https://code.wireshark.org/review/7190
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
UAT error strings are usually allocated by g_strdup() or
g_strdup_printf(), and must ultimately be freed by the caller.
Make the pointer-to-error-string-pointer arguments to various functions
be "char **", not "const char **".
Fix cases that finds where a raw string was being used, as that won't
work if you try to free it; g_strdup() it instead.
Add a missing free of an error string.
Remove some no-longer-necessary casts.
Remove some unnecessary g_strdup()s (the string being handed to it was
already g_malloc()ated).
Change some variable declarations to match.
Put in XXX comments for some cases where the error string is just freed,
without being shown to the user.
Change-Id: I40297746a2ef729c56763baeddbb0842386fa0d0
Reviewed-on: https://code.wireshark.org/review/6525
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Adjust any other ep_ related APIs related to the transition.
Change-Id: I961b371c2c4bda557e0f1817705c27eef0dae66c
Reviewed-on: https://code.wireshark.org/review/6388
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"stat name" has been official changed to "endpoints" for all dissectors, rather than a mixture of "host"/"endpoints" based on dissector.
Change-Id: If34bcb5165b493948e784ba038ab202803a59843
Reviewed-on: https://code.wireshark.org/review/6154
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Icd04c5f1f09b9cf704828e4b6a598cd2c1f6dd15
Reviewed-on: https://code.wireshark.org/review/6172
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fifth batch (packet-rtp.c -> end).
Will look at cleaning up and committing script afterwards.
Change-Id: I8ed61dc941d98d3f7259a9d1f74e214eb7b4bfa2
Reviewed-on: https://code.wireshark.org/review/6052
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
This allows dissector lists to be looked up by name, so they can be
shared by multiple dissectors.
(This means that there's no "udplite" heuristic dissector list, but
there shouldn't be one - protocols can run atop UDP or UDPLite equally
well, and they share a port namespace and uint dissector table, so they
should share a heuristic dissector table as well.)
Change-Id: Ifb2d2c294938c06d348a159adea7a57db8d770a7
Reviewed-on: https://code.wireshark.org/review/5936
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I396e9af7971ee8be6fc9548162ff37fe704f0289
Reviewed-on: https://code.wireshark.org/review/5651
Reviewed-by: Michael Mann <mmann78@netscape.net>
The fact that the vtag matches the initiate tag doesn't mean much if both are 0
(uninitialized).
Also leave in some (commented-out) debug to make debugging this stuff easier
in the future.
Change-Id: Id007de8bf9d2d4e0bb18309ed3e2572fedda45f1
Reviewed-on: https://code.wireshark.org/review/5571
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Change-Id: I13197cc48068bb35ee12a7023cfe5f76bbc4e264
Reviewed-on: https://code.wireshark.org/review/5486
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add support for PAD chunks as defined in RFC 4820.
Change-Id: I66a83d5d133429154fe40ccef26687c8350463cf
Reviewed-on: https://code.wireshark.org/review/5393
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
The length reported as value length for unknown chunks
was actually the chunk length. Therefore it was off by 4.
Change-Id: Ieea79d2c51b4729fc139395174625d1f362d1ee5
Reviewed-on: https://code.wireshark.org/review/5392
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
Follow TCP's lead by putting the filter in a subtree under the checksum.
Change-Id: I9351ee865011cd04bc3d3e88c51e8dbb3dc23f07
Reviewed-on: https://code.wireshark.org/review/4082
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
The warning coming after change in g018b84de8
Change-Id: Ia96cdb2993a6283d8de2647c6723ec6b2b0977eb
Reviewed-on: https://code.wireshark.org/review/3752
Reviewed-by: Evan Huus <eapache@gmail.com>
This is very similar in architecture to the changes made to the Conversation table functionality. Since all conversations have endpoints/hostlists, the "registered" list is shared for both.
Change-Id: Ie8c6910a68a1b3f27c5b18c4494f49b9404a7b31
Reviewed-on: https://code.wireshark.org/review/3214
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That doesn't eliminate them, but at least it encapsulates them.
Change-Id: I78f0202cb7d2eb86e2dce220b2b97acc256d1e42
Reviewed-on: https://code.wireshark.org/review/3489
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- remove unneeded initializers;
- replace tabs in files with editor mode line 'expandtabs';
- col_set_str() --> col_add_str() (in one case);
- tvb_length() -- > tvb_reported_length() (in one case);
- do some whitespace & indentation fixes/changes.
Change-Id: Ib8ffbbcdb6e4a74c0df6021a75430ae1ef9ae089
Reviewed-on: https://code.wireshark.org/review/3435
Reviewed-by: Bill Meier <wmeier@newsguy.com>
I intentionally left the fields displayed alone (so they don't exactly match Wireshark GUI), because as Guy points out in bug 6310, not sure its A Bug or A Feature. But at least all types of conversations allowed are in sync with Wireshark GUI.
Bug:6310
Change-Id: I722837df510a39dadc1f9a07a99275509516698c
Reviewed-on: https://code.wireshark.org/review/3212
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Refactor (non-GUI) conversation table functionality from gtk/Qt to epan. Also refactor "common GUI" conversation table functionality.
The idea is to not have to modify the GUI when a dissector adds a new "conversation type"
Change-Id: I11f08d0d7edd631218663ba4b902c4a4c849acda
Reviewed-on: https://code.wireshark.org/review/3113
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This patch escapes some characters like \n when showing text
contained in a packet by appending it to a protocol item.
Change-Id: Ice0040040ec7ab573dd9a412f8c0c197a566a031
Reviewed-on: https://code.wireshark.org/review/3095
Petri-Dish: Michael Tüxen <tuexen@wireshark.org>
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
Change-Id: I8d66b1bc7dbdfee3d4bf6fd3b3c21c6323b66f44
Reviewed-on: https://code.wireshark.org/review/2946
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also ensured some files have their correct names at the top so they are more easily grepped
Change-Id: Ib0f5ddf14eb1616a93dee496107dc0eb09048825
Reviewed-on: https://code.wireshark.org/review/2452
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also remove the reference to the original ID.
Change-Id: I51357fc04699a40af2d34ec2bd36518d09d3b180
Reviewed-on: https://code.wireshark.org/review/1848
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
which can be used to call the found heuristic dissector on the next pass.
Introduce call_heur_dissector_direct() to be used to call a heuristic
dissector which accepted the frame on the first pass.
Change-Id: I524edd717b7d92b510bd60acfeea686d5f2b4582
Reviewed-on: https://code.wireshark.org/review/1697
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add ep_ to routines that may return ephemeral strings.
Change "get_XXX" to "XXX_to_display" if the routine returns a formatted
string if it can't get a name.
Change-Id: Ia0e82784349752cf4285bf82788316c9588fdd88
Reviewed-on: https://code.wireshark.org/review/1217
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't attempt reassembly and squash an expert info when we're in an error
packet.
Change-Id: I7d19e4ab7add78829bf1e28ad92dce3a7431c37d
Reviewed-on: https://code.wireshark.org/review/964
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Add a comment indicating what we should be doing when the PKTDROP chunk contains
a truncated data chunk.
Change-Id: Icbba4c6dafc5c2656fc337734a1a570ef4a055d2
Reviewed-on: https://code.wireshark.org/review/950
Reviewed-by: Anders Broman <a.broman58@gmail.com>
João Valverde