Change-Id: Id710ab10093227b27ef5f18b0d2960e31d0b95a9
Reviewed-on: https://code.wireshark.org/review/10200
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I6505ce34de84bfe46d5bc7b4d6a3c6044f3fb4b5
Reviewed-on: https://code.wireshark.org/review/10041
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This changeset is a forward port of Gregors ms-wsp branch from his
repo http://repo.or.cz/w/wireshark-wip.git. Most of the messages of
the MS-WSP protocol are implemented here and as such consists of the
majority of the changes for the dissector.
In addition to the forward porting Gregors work I added some extra bits
1) cater for SMB2 Read Response and Write Request msgs that can also
contain MSWSP messages
2) update property specifications with info extracted from MS-WSP protocol
doc
3) store some basic data about previously seen messages that are needed
for dissecting CPMGetRows request
4) expand/update dissect_CPMSetBindings & parse_CTableColumn routines
5) parse and store CTableColumn & CPMSetBindingsIn structures in conversation
related data for use later.
6) fully dissect/parse SeekDesciption of CPMGetRowsOut
7) dissect CPMGetRows out message specifically the Rows & Columns
8) flesh out the boolean properties of uBooleanOptions field
9) flesh out various other dissectors:
CPMRatioFinished
CPMRestartPosition
CPMCompareBmkIn/CPMCompareBmkOut
CPMGetApproximatePosition
CPMGetSendNotifyOut
FindIndicesIn/Out
FetchValue
Bug: 11321
Change-Id: I68b5c2f3e63874c1dbb271feab89b2b8aa65ac39
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/9440
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The preferences are still supported for backwards compatibility, but the heuristic_protos file has final say on the "preference" to enable/disable a heuristic dissector.
Also add parameter to heur_dissector_add() for the "default" enable/disable of a heuristic dissector. With this parameter, a few more (presumably weak) heuristic dissectors have been "registered" but of course default to being disabled.
Change-Id: I51bebb2146ef3fbb8418d4f5c7f2cb2b58003a22
Reviewed-on: https://code.wireshark.org/review/9610
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This allows better presentation of heuristic dissectors to the end user.
Change-Id: I2ff3985ab914e83c2989880cc0c7b9904045b3f6
Reviewed-on: https://code.wireshark.org/review/9602
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Convert remaining dissectors to use cleanup routines when possible.
(Single-)linked lists require NULL, so do reset their pointers to NULL.
Generated with
https://git.lekensteyn.nl/peter/wireshark-notes/diff/one-off/cleanup-rewrite.py?id=69af86e6c2cf965ba3d7f9636b647b195f0b7d57
(with AUDIT = ALWAYS_EMIT_CLEANUP_CODE = True)
Remaining dissectors which did not need further changes:
epan/dissectors/packet-aeron.c
epan/dissectors/packet-bootp.c
epan/dissectors/packet-brdwlk.c
epan/dissectors/packet-drda.c
epan/dissectors/packet-etch.c
epan/dissectors/packet-fix.c
epan/dissectors/packet-fw1.c
epan/dissectors/packet-lbm.c
epan/dissectors/packet-ldss.c
epan/dissectors/packet-simulcrypt.c
epan/dissectors/packet-spdy.c
epan/dissectors/packet-starteam.c
epan/dissectors/packet-udp.c
Change-Id: Idcacfea6a5de38d40e67db4cdcd0452ad9f9a6a9
Reviewed-on: https://code.wireshark.org/review/9228
Reviewed-by: Michael Mann <mmann78@netscape.net>
Create "common" SRT tap data collection intended for all GUIs. Refactor/merge functionality of existing dissectors that have SRT support (AFP, DCERPC, Diameter, FC, GTP, LDAP, NCP, RPC, SCIS, SMB, and SMB2) for both TShark and GTK.
SMB and DCERPC "tap packet filtering" were different between TShark and GTK, so I went with GTK filter logic.
CAMEL "tap packet filtering" was different between TShark and GTK, so GTK filtering logic was pushed to the dissector and the TShark tap was left alone.
Change-Id: I7d6eaad0673fe628ef337f9165d7ed94f4a5e1cc
Reviewed-on: https://code.wireshark.org/review/8894
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The 'si' pointer was utilized before it was verified against nullptr.
Change-Id: I92faf43160698a548531dceb557cf4153d15d03f
Reviewed-on: https://code.wireshark.org/review/8845
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Final part.
While there change deprecated tvb_length-xxx() calls
Change-Id: I8b0cf823c2d37a92c58fcb653f7fe1e8fdad5a79
Reviewed-on: https://code.wireshark.org/review/8642
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I1d258923a7a63539ec8456d3e306bca5016a1e4b
Reviewed-on: https://code.wireshark.org/review/6060
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I40d0c8253743183aecef252040b7dd6742ae5c71
Reviewed-on: https://code.wireshark.org/review/5934
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fifth batch (packet-rtp.c -> end).
Will look at cleaning up and committing script afterwards.
Change-Id: I8ed61dc941d98d3f7259a9d1f74e214eb7b4bfa2
Reviewed-on: https://code.wireshark.org/review/6052
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Part 3 of many, but this concludes the strict conversion to proto_tree_add_bitmask. Patches to follow with use proto_tree_add_bitmask_xxx (some functions still need to be written)
Change-Id: Ic2435667c6a7f1d40602124e5044954d2a296180
Reviewed-on: https://code.wireshark.org/review/5553
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
All of the calls removed are followed by proto_tree_add_xxx calls of the same offset/length of the tvb_ensure_bytes_exist call. The proto_tree_add_xxx calls should throw the exception, so we don't need the "double check".
There are probably more calls that can be removed, these were just obvious as first glance, spurred mostly by noticing the (ab)use in packet-wsp.c
Change-Id: I37cee347c8cf8ab0559e21562c802d3b37f4871e
Reviewed-on: https://code.wireshark.org/review/4833
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
For:
- FT_BYTES: Always use just ENC_NA
- integral/floating (other than FT_[U]INT8): Do ENC_NA --> ENC_BIG_ENDIAN
Also:
- FT_UINT... --> FT_UINT8 in a few cases (to match proto_tree_add_item...)
- Change one case of incorrect '||' to '|'
Change-Id: I427e0e61618ff8faf55691c8a695930f67d455b0
Reviewed-on: https://code.wireshark.org/review/4184
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Change-Id: I8d66b1bc7dbdfee3d4bf6fd3b3c21c6323b66f44
Reviewed-on: https://code.wireshark.org/review/2946
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I24fe3cc4a3589dadc4528a77fe7ff13d06b1a983
Reviewed-on: https://code.wireshark.org/review/2245
Reviewed-by: Michael Mann <mmann78@netscape.net>
tvb_new_subset -> tvb_new_subset_remaining it appears that's what the intention is.
Change-Id: I2334bbf3f10475b3c22391392fc8b6864454de2d
Reviewed-on: https://code.wireshark.org/review/1999
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
I coincidentally found a few files with errors, so I thought it might be time to run it on the whole directory again.
Change-Id: Ia32e54b3b1b94e5a418ed758ea79807c8bc7e798
Reviewed-on: https://code.wireshark.org/review/978
Reviewed-by: Michael Mann <mmann78@netscape.net>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This will have to wait until the SMB Direct dissector is actually
committed. There's no point in getting a bunch of "OOPS: dissector
table "smb_direct" doesn't exist" messages every time you run Wireshark
or TShark.
Change-Id: I9772eb3f119822fbeaa78876570798d49bb4cab9
Reviewed-on: https://code.wireshark.org/review/382
Reviewed-by: Guy Harris <guy@alum.mit.edu>
adding it with proto_tree_add_string(). Use tvb_get_string_enc() rather
than tvb_get_unicode_string() to fetch strings.
We assume a UTF-16 encoding for all "Unicode" strings.
Use tvb_strsize() and tvb_unicode_strsize() to get the lengths of
null-terminated strings.
Get rid of unused ett_nt_unicode_string variable.
svn path=/trunk/; revision=54158
(sort associated value_string arrays as needed);
- Use new VALUE_STRING_LIST mechanism/macros to
create enums and value_string arrays for:
WERR_errors, DOS_errors, SRV_errors, and HRD_errors;
- Declare certain global value_string arrays as static (local)
and use global extended value_strings to reference same;
(e.g., ms_coiuntry_codes value_string_array)
- Rename SMBE_... defs used in several different value_string arrays
to prevent potential name collisions:
( e.g., for SRV_errors: SMBE_... ==> SMBE_SRV_...)
Done for value_string arrays: DOS_errors, SRV_errors, HRD_errors;
- WERR_errors value_string array:
Note that WERR associated defs no longer exist in the latest samba doserr.h.
(The WERR_errors defs were originally generated from the samba doserr.h).
For now: WERR_errors kept as is.
- ToDo: Fix PIDL-generated dcerpc dissectors to use NT_errors_ext
and WERR_errors_ext extended value_strings.
- Add editor modelines to a few files.
- Make whitespace changes.
svn path=/trunk/; revision=53614
Add QUERY_FS_INFO info level SMB_QUERY_POSIX_WHOAMI
from me
remove unnecessary if(tree) checks
add one check before guint16 *bcp is decremented
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9475
svn path=/trunk/; revision=53598
These consist of the following bitmask fields:
[packet-smb.c] 'Create Flags', 'Access Mask', 'File Attributes', 'Share Access', 'Create Options',
'Security Flags', 'Optional Support'(in TreeConnect AndX responses), and "Quota Flags"
[packet-smb2.c] 'Flags', 'Session Flags', 'Security mode', and 'Interface Capabilities'.
[packet-smb.c] Made the tfs_file_attribute_xxx true_false_string values less verbose and more compact.
[packet-smb2.c] Changed all references to "RMDA" to RDMA".
[packet_smb.c] In dissect_qfi_SMB_FILE_NETWORK_OPEN_INFO() (GetInfo response) changed "Unknown Field"
to "Reserved" (See capture 'DMtrace2.cap' frame 20023).
svn path=/trunk/; revision=52623
Michael Mann