Fixes loading of plugins by detecting the build output directory of
cmake. This requires a "CMakeCache.txt" file to be present in the parent
directory (above run/).
Change-Id: I297432cdcd0981646058410f3eadf5f73b5248c8
Reviewed-on: https://code.wireshark.org/review/7453
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Should we call it the intelligenter scroll bar?
Change-Id: I67e76c1aabeb4b2e87e38815fe4ab120f0869b25
Reviewed-on: https://code.wireshark.org/review/15936
Reviewed-by: Anders Broman <a.broman58@gmail.com>
abort if it is -1
Change-Id: Ie14c18679ff74529731558d6742f63ebfb9fe97b
Reviewed-on: https://code.wireshark.org/review/15958
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In most cases this means prepending the application- or vendor-name to force
uniqueness. A few vendors have duplicates within their namespace--append the
AVP code to these.
Also fix a few other invalid names (with spaces or parentheses in the names).
Change-Id: I5bb78d31526122dd5782055638af410cc497e49d
Reviewed-on: https://code.wireshark.org/review/15960
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Without this change large file support was detected as available
even when it was not without additional flags on 32 architectures.
As a result mergecap and other programs are built without large
file support causing mergecap not being able to write files
bigger than 2GB on i386 systems. This used to work properly
with autotools builds, but not with CMake ones.
Change-Id: Ibfd043342b2a48310d2ac9d760e6404a701c5808
Reviewed-on: https://code.wireshark.org/review/15937
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Add a reference count to stat_tap_table_ui to prevent bad deallocations.
Bug: 12437
Change-Id: Ib9b1f929d08a574c306dc755ec416ab94a3fd6d3
Reviewed-on: https://code.wireshark.org/review/15920
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The stream is not just shown, but also saved in ASCII, EBDIC, Raw, etc.
Change-Id: Ic29e3273ebb9a3eca0fe791bdd48606c4be3b828
Reviewed-on: https://code.wireshark.org/review/15957
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Randpktdump requires the init the wtap opttypes.
Fixed making the init function public and calling it.
Bug: 12539
Change-Id: I02585c41012deacff1526b51ed09ab555cbfc8ce
Reviewed-on: https://code.wireshark.org/review/15951
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
These were presumably there to allow indexed search of the AVP list but it
wasn't working anyway (binary search was used). And the expert info for
"unknown" (to Wireshark) AVPs is a good thing.
Change-Id: Id6b9e5c90b8a2a6e3cf4415cd1b6114308c74440
Reviewed-on: https://code.wireshark.org/review/15956
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Description entry was missing in the list.
Change-Id: Ia8f8bd4608ee6800a352f4979752b5c45c4a5086
Reviewed-on: https://code.wireshark.org/review/15947
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It can be useful for wiretap plugins
Change-Id: Ic56e4357ba3bfcef30d13615efc1361399c3133e
Reviewed-on: https://code.wireshark.org/review/15955
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
ws_load_library() is not used to load packet.dll or wpcap.dll (we use ws_module_open() for this).
Let's not lose time checking the folder content.
Change-Id: Ibd4a71b8b0c5ffc0c4c146eca51ad9f20964515b
Reviewed-on: https://code.wireshark.org/review/15938
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
even if the document length is 0, we consumed at least 4 bytes for the
length field
bug: 12534
Change-Id: I2f1612bf575b558c1bcc0afe8202b202747846e3
Reviewed-on: https://code.wireshark.org/review/15934
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In some cases this means using the correct (updated?) name from the
specification. In others it means prepending the application- or vendor-name
to force uniqueness.
Remove a few more "Unassigned" AVPs from the XML files.
Change-Id: I61d55ef97ff8efc3317c91bf79e73031735f740a
Reviewed-on: https://code.wireshark.org/review/15949
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fixes a regression from v1.99.9rc0-470-g87f2bd4 which truncated function
names to 26 characters.
Test:
cd epan/dissectors/dcerpc/budb
make IDL2WRS=/tmp/wsbuild/run/idl2wrs
diff packet-dcerpc-budb.c ../../packet-dcerpc-budb.c
While at it, replace all g_strndup(X, strlen(X)) occurrences with
g_strdup(X) since that is the same thing and less redundant.
Change-Id: Id8da45792c830e2287cf8f14ff6245149751afd2
Reviewed-on: https://code.wireshark.org/review/15939
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is required for the flags from packet-frame.c
Bug: 12536
Change-Id: I60bfe671687bcd3a9b5c997ba62bed563e890548
Reviewed-on: https://code.wireshark.org/review/15945
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add padding on the left side of the search frame in order to reduce the
amount of mousing required on large screens.
Change-Id: I1dcd8c4a103f4a462f4ab60a22a93b8c0f28b055
Reviewed-on: https://code.wireshark.org/review/15928
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
In some cases this means using the correct (updated?) name from the
specification. In others it means prepending the application name to force
uniqueness.
Change-Id: I8301c769af2b2279c0be7c1bc65e99fe25c1cc80
Reviewed-on: https://code.wireshark.org/review/15935
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If decoded ZBOSS traffic dump, sure this is ZigBee, so bypass heuristic.
If decoding air sniffer dump, try to go thru heuristic by checking for ext address src mode required for interpan.
Change-Id: Iddf799400a4cf0fd73714f06b99e3d11c8cb2e60
Reviewed-on: https://code.wireshark.org/review/15921
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Many projects (Qt[1] and GNOME[2] in particular) either recommend, use,
or at least allow for UTF-8 in source and header files. Pass /utf-8 to
Visual C++ 2015 so that it will behave itself around UTF-8 and be more
like that nice compiler down the street.
[1] https://wiki.qt.io/Strings_and_encodings_in_Qt
[2] https://bugzilla.gnome.org/show_bug.cgi?id=767218
Change-Id: Ibc90d235742134cb42dd796ba529699bcbbe3ad0
Reviewed-on: https://code.wireshark.org/review/15821
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Added dissection of inter-pan nwk and aps stub to be used to decode ZLL commissioning cluster.
Change-Id: I871016a93854f1caf2f14f2f84e5397de5f1e2ff
Reviewed-on: https://code.wireshark.org/review/15918
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
And revert to the previous behavior of map_phdr_interface_id(); that
change broke the mergecap tests when it was merging pcap files into a
pcapng file.
Change-Id: I2e079b0e87dce06e98faa9ab7615f9b9b2701b77
Reviewed-on: https://code.wireshark.org/review/15932
Reviewed-by: Guy Harris <guy@alum.mit.edu>
we already have an expert info, so we can just return the number of
bytes in the tvb
Change-Id: I6199760316d7ef141877bc8f65012d36e4dd357b
Reviewed-on: https://code.wireshark.org/review/15925
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Address of stack memory associated with local variable 'default_filter'
is still referred to by the global variable 'filter_option' upon returning
to the caller. This will be a dangling reference.
Change-Id: I6160a37f05b8aea245b723ec50803e4062886738
Reviewed-on: https://code.wireshark.org/review/14427
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
extcap_base_register_interface duplicates the memory, so there is no
need to keep it around.
Change-Id: I2bac8be519b659504c512d4eb29be8f7ef6dbd59
Reviewed-on: https://code.wireshark.org/review/15919
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ic644042d238b5f2abcd874bca92c6dea55804ba9
Reviewed-on: https://code.wireshark.org/review/15913
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add REC_TYPE_SYSCALL to wiretap and use it for Sysdig events. Call the
Sysdig event dissector from the frame dissector. Create a "syscall"
protocol for system calls, but add "frame" items to it for now.
Add the ability to write Sysdig events. This lets us merge packet
capture and syscall capture files.
Change-Id: I12774ec69c89d8e329b6130c67f29aade4e3d778
Reviewed-on: https://code.wireshark.org/review/15078
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Even though TCP window scale shift is only 8 bits, the scale
calculated from it is max 16384. therefor a 16 bit value.
Let the tree item map to the single byte in the TVB, while
allowing the value to be 16 bit.
Bug: 12525
Change-Id: I41cebc62f6b8b09e13efa5f3b7432001e8d994e1
Reviewed-on: https://code.wireshark.org/review/15914
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Most protocols just want to limit COL_INFO or COL_PROTOCOL
so give that level of granularity.
Bug: 12144
Bug: 5117
Bug: 11144
Change-Id: I8de9b7d2c69e90d3fbfc0a52c2bd78c3de58e2f8
Reviewed-on: https://code.wireshark.org/review/15894
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Do not add -fsanitize=undefined when ASAN is requested, UBSAN is a
different feature (which could be added later as desired). This makes
the -DENABLE_ASAN=1 option match the autotools --enable-asan option.
Fail hard if ASAN support is requested but not supported, this avoids
surprises when something is wrong. Fix ASAN detection by setting the
linker option too.
Note: if you have previously set ENABLE_ASAN=1 with the broken ASAN
detection, you have to clear your CMakeCache.txt file to redo the
detection.
Change-Id: Iba6ca0da0336eccedd0cf31a251baad9d1aff5b4
Reviewed-on: https://code.wireshark.org/review/15908
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
assertion.
If a dissector forces registration of fields during dissection it needs to do
so in a way that clears the prefix registration. Otherwise epan will call the
registration routine a 2nd time (which will cause us to assert out) if a user
types a display filter (with the dissector's prefix) that doesn't exist.
Update the proto_register_prefix() comments to reflect this.
Change-Id: I3ce29243395fb55192bb5dfd950baa88410ac136
Reviewed-on: https://code.wireshark.org/review/15881
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
don't copy the wmem-buffer from address_to_str() into a g_malloc()ed one
that is never freed
instead, realloc the wmem-buffer and add the nfs path to it
(nfs_name_snoop_add_name() will make a copy internally)
Change-Id: I4274a4a413c09f3f1d78beba65d94748ce185413
Reviewed-on: https://code.wireshark.org/review/15902
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We're checking for more than just a 64-bit off_t; we're checking for the
ability to do 64-bit seeks in files, even if, as on Windows, the APIs
are different.
Remove trailing white space and clean up some comments while we're at
it.
Change-Id: I6122b6d6b44ff5dd3a4d8268f9793193e65817ce
Reviewed-on: https://code.wireshark.org/review/15912
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The stats for mDNS and llmnr are pending. The change just resolves a bug
in the stats that are wrongly generated when the traffic is mDNS or LLMR.
Bug: 12492
Change-Id: Ie772e204d0ddea997dd8cbf609725605c8a507c8
Reviewed-on: https://code.wireshark.org/review/15897
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>