Change-Id: I79c613cbdd8dc939dd4c29ebc477fb6eefd5bfc4
Reviewed-on: https://code.wireshark.org/review/6371
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also change bytestring_to_str to match bytes_to_ep_str_punct functionality (limiting byte string size)
Change-Id: Idb958c7f0c203d103629469302b81fa922714f7e
Reviewed-on: https://code.wireshark.org/review/6369
Reviewed-by: Michael Mann <mmann78@netscape.net>
Changed all remaining code in wslua that was using emem, to use wmem or
simpler methods.
Bug: 9927
Change-Id: I3d19a770e0fd77d996bdb6b61a76a722cc2bcd55
Reviewed-on: https://code.wireshark.org/review/6109
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
e.g. tvb_get_guint16(tvb, offset, ENC_LITTLE_ENDIAN)
Change-Id: Iea02fd59b13678aca741d028fb1f66f334447498
Reviewed-on: https://code.wireshark.org/review/6191
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
no ethertype 0x8203-0x8205 support in trunk.
0x8204 is QNX OS VER 6's qnet ethernet protocol number.
Bug:3934
Change-Id: I5f3e910876bb7fb86de2111f856d026fdf220917
Reviewed-on: https://code.wireshark.org/review/2954
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
string, not an EP-allocated one.
Change-Id: I3918ed66429c588d4503d98e10dc460b099e550e
Reviewed-on: https://code.wireshark.org/review/3795
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
This lets us blow up with oversized 64-bit length values, before casting
them to the 31-bit lengths we can actually handle in Wireshark, rather
than blindly casting them with weird results.
Use that in the MySQL dissector, and, if we get past the test, cast the
lengths to int to squelch warnings.
Change-Id: I3a5e9bd0027fa4ddcb9622f77952dba8f6b23c27
Reviewed-on: https://code.wireshark.org/review/3362
Reviewed-by: Guy Harris <guy@alum.mit.edu>
g867a1827e7dc88896ee27a107eb35c4b3973d270 introduced a change to cleanup/fix
handling of bounds checks for -1 length fields, but it ended up guaranteeing a
throw for 0-length tvbs, which isn't good; we ought to be able to add 0-length
FT_PROTOCOL items at the very least.
Better names for the function than _cheat are welcome, but I want to shut up the
buildbot.
Change-Id: I24610f947d03dac32766e2a0ffa0ff7bcc74c3e8
Reviewed-on: https://code.wireshark.org/review/1303
Reviewed-by: Evan Huus <eapache@gmail.com>
This commit adds tvb_get_string_bytes and proto_tree_add_bytes_item routines for
getting GByteArrays fields from the tvb when they are encoded in ASCII hex string form.
The proto_tree_add_bytes_item routine is also usable for normal
binary encoded byte arrays, and has the advantage of retrieving
the array values even if there's no proto tree.
It also exposes the routines to Lua, both so that a Lua script can take
advantage of this, but also so I can write a testsuite to test the functions.
Change-Id: I112a038653df6482a5d0ebe7c95708f207319e20
Reviewed-on: https://code.wireshark.org/review/1158
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit adds tvb_get_string_time and proto_tree_add_time_item routines for
getting nstime fields from the tvb when they are encoded in ASCII string form.
The proto_tree_add_time_item routine is also usable for normal
big/little-endian encoded time_t, and has the advantage of retrieving
the value even if there's no proto tree.
It also exposes the routines to Lua, both so that a Lua script can take
advantage of this, but also so I can write a testsuite to test the functions.
Change-Id: I955da10f68f2680e3da3a5be5ad8fdce7ed6808c
Reviewed-on: https://code.wireshark.org/review/1084
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add an FT_STRINGZPAD type, for null-padded strings (typically
fixed-length fields, where the string can be up to the length of the
field, and is null-padded if it's shorter than that), and use it. Use
IS_FT_STRING() in more cases, so that less code needs to know what types
are string types.
Add a tvb_get_stringzpad() routine, which gets null-padded strings.
Currently, it does the same thing that tvb_get_string_enc() does, but
that might change if we don't store string values as null-terminated
strings.
Change-Id: I46f56e130de8f419a19b56ded914e24cc7518a66
Reviewed-on: https://code.wireshark.org/review/1082
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: If043683f366fedd849688ca3c512707954221a3b
Reviewed-on: https://code.wireshark.org/review/984
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When capturing, they'll be in host byte order. The top of the libpcap
trunk and 1.5 branch, when reading a file, will, if necessary, byte-swap
the type and length values so that they're in the byte order of the host
reading the file (rather than the host that wrote the file).
Do the same when we read a file, and have the NFLOG dissector assume
host byte order for those fields.
Change-Id: I493aed1e07b626af1157d75f3bc293b0a694ad07
Reviewed-on: https://code.wireshark.org/review/148
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Do with tvb_get_stringz() what was done with tvb_get_string().
Redo the comments for the string get routines to try to give more detail
in a fashion that's a bit less hard to read.
Warn, in comments, of the problems with using
tvb_get_string()/tvb_get_stringz() (i.e., if your strings are non-ASCII,
all bytes with the 8th bit set are going be replaced by the Unicode
REPLACEMENT CHARACTER, and displayed as such).
Warn, in a comment, of the problems with tvb_get_const_stringz() (i.e.,
it gives you raw bytes, rather than guaranteed-to-be-valid UTF-8).
Update documentation and release notes appropriately.
Change-Id: Ibd3efb92a203861f507ce71bc8d04d19d9d38a93
Reviewed-on: https://code.wireshark.org/review/327
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- rename tvb_length and similar to tvb_captured_length and similar; leave
#defines in place for backwards-compat, but mark them clearly as deprecated in
code comments and in checkAPI
- remove tvb_get_string as C code and just leave a #define in place for
backwards-compat; mark it clearly as deprecated in code comment and checkAPI
- update READMEs and sample dissector for all of the above
- while in the neighbourhood, make checkAPI skip (and warn) for missing files
instead of bailing on the whole check, so subsequent files still get checked
Change-Id: I32fc437896ca86ca73e9b49d5f50400adf8ec5ad
Reviewed-on: https://code.wireshark.org/review/311
Reviewed-by: Evan Huus <eapache@gmail.com>
better.
We don't need eventlog_get_unicode_string_length() in the eventlog
dissector, either - tvb_unicode_strsize() does the job just as well.
svn path=/trunk/; revision=54874
UTF-8 strings.
Add that mapping for null-terminated ASCII strings.
Factor out some common parts of comments about string routines, and
clean up some other comments.
svn path=/trunk/; revision=54868
instead, have static routines to get UCS-2 (no surrogate pairs) and
UTF-16 (with surrogate pairs) strings, with the routines to handle
UTF-16 actually handling surrogate pairs.
Update some out-of-date comments while we're at it.
svn path=/trunk/; revision=54318
obvious that the returned string is ephemeral, and opens up the original names
in the API for versions that take a wmem pool (and thus can work in any scope).
svn path=/trunk/; revision=54249
proto_tree_add_item was valid *before* we short-circuited based on a NULL tree.
This was good in that it removed a common source of really-long-loop bugs. It
was less good in that it cost us about 8% in speed when doing a tree-less
dissection, but we decided the tradeoff was worth it.
After Anders' recent mail to -dev about performance, I started thinking about
how to optimize this. It occurred to me that the vast majority of the logic
involved in the check was dealing with the length value - fetching the actual
length if it was a counted string, calculating the length if it was -1, adding
the length to the offset in a way that was free from overflows, etc.
All of this is (theoretically) unnecessary - simply checking the offset without
worrying about the length will still catch the very-long-loops, since it is the
offset that increases in each iteration, not the length.
All that to justify:
- implement tvb_ensure_offset_exists which throws an exception if the offset is
not within the tvb
- use it instead of all the complicated other logic in the pre-short-circuit
step of proto_tree_add_item and friends
This gives us back about 3/4 of the performance we lost in the original patch.
We're still ~2% slower than without any check, but this is the best I can think
of right now.
svn path=/trunk/; revision=52578
explicit, and frees up the "generic" names (like tvb_memdup) for new signatures
that take the appropriate wmem pool.
Majority of the conversion done with sed.
svn path=/trunk/; revision=52164