Fix indentation while we're at it.
Change-Id: If8acaa944fd4c1aae848faa3a99f7566e003e801
Reviewed-on: https://code.wireshark.org/review/24707
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Found by scan-build.
Change-Id: I89b56bac951ccb7054d494592928306a860f9e5e
Reviewed-on: https://code.wireshark.org/review/24697
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't make sure we have the full server entry before trying to dissect
it; that way, a malformed frame that was really too short on the network
(as opposed to being cut short by a snapshot length) will get reported
as such.
Change-Id: Ib7f0d909645a698162ebcd9b3fe8dd2d520983b7
Reviewed-on: https://code.wireshark.org/review/24696
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The split isn't necessary now that epan no longer uses the capture_file
structure.
Change-Id: Ia232712a2fb5db511865805518e8d03509b2167f
Reviewed-on: https://code.wireshark.org/review/24693
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Embed one of those structures in a capture_file, and have a struct
epan_session point to that structure rather than to a capture_file.
Pass that structure to the routines that fetch data that libwireshark
uses when dissecting.
That separates the stuff that libwireshark expects from the stuff that
it doesn't look at.
Change-Id: Ia3cd28efb9622476437a2ce32204597fae720877
Reviewed-on: https://code.wireshark.org/review/24692
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Those fields weren't being used in TShark/TFShark/rawshark/sharkd, so we
can use them, instead of defining our own static variables.
This makes the non-Wireshark code paths a bit more like the Wireshark
code paths.
Change-Id: I55da4cf525e37598f314efca22f20d3e80cb547c
Reviewed-on: https://code.wireshark.org/review/24691
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have the top-level protocol tree item for a server entry cover the
entire entry, rather than just the server name. Have the server name be
just another entry under that top-level item.
Change-Id: I8089f3e132a0f388c87ba04caa3d15f5146c2303
Reviewed-on: https://code.wireshark.org/review/24688
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have cfile-int.h declare the structure, and use it in files that
directly access the structure.
Have cfile.h just incompletely declare the structure and include it
rather than explicitly declaring it in source files or other header
files.
Never directly refer to struct _capture_file except when typedeffing
capture_file.
Add #includes as necessary, now that cfile.h doesn't drag in a ton of
Change-Id: I7931c8039d75ff7c980b0f2a6e221f20e602a556
Reviewed-on: https://code.wireshark.org/review/24686
Reviewed-by: Guy Harris <guy@alum.mit.edu>
In autotools, if we find pcap_open(), define HAVE_PCAP_REMOTE, so we
build the remote capture support.
In both autotools and CMake, only check for pcap_setsampling() if we
have pcap_open(), as the compile fails if we have pcap_setsampling() but
don't have remote capture.
Change-Id: I0e7b78a2d372ea658a19ed2f6493532928c36872
Reviewed-on: https://code.wireshark.org/review/24680
Reviewed-by: Guy Harris <guy@alum.mit.edu>
As stated in https://tools.ietf.org/html/rfc6388#section-3.2
MP2MP uses the same structure as the P2MP FEC element.
Bug: 13171
Change-Id: Ia619deac6075f5eb27dff2144edbbb60b440cc46
Reviewed-on: https://code.wireshark.org/review/24677
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
According to specification, AdjustDCPBoundary is
a sub block for adjusting the DCP boundary.
Change-Id: I2515e2b3592ff0e5e67487b1785db41015964b21
Reviewed-on: https://code.wireshark.org/review/24673
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Fix detection of TDS7 Prelogin responses to have fewer false positives.
This was causing regular responses to be recognized as Prelogin responses if they
happened to begin with a DONEINPROC token.
- Define symbolic constents for the Prelogin options.
- Apply the version_convert processing to the relevant prelogin options as well as
to the loginack_progversion.
- Correct the display of the program version in version_convert.
- Factor out the setting of tds7_version so it can be called from the dissect_tds7_login
as well as dissect_tds_login_ack_token. This is needed to correctly handle tokens
which come before the loginack token in the login response.
- Fix the wording of a comment in my last commit.
Change-Id: I57615bbb1e780db37cda25d8d5d7f964f68b337e
Reviewed-on: https://code.wireshark.org/review/24664
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: I1007fdff01b370c06a8ccfb1145fd162ffde9a94
Reviewed-on: https://code.wireshark.org/review/24674
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reads pcapng blocks from a pipe. Section header blocks are parsed for
endianess. All other blocks only have the general block header parsed
for type and length, and then endianess converted if necessary.
Outputs all blocks using the original endianess format so none of the
other block types or options require parsing.
Change-Id: I2f4f0175013d8fc2cda42a63e7deacad537951e3
Bug: 11370
Reviewed-on: https://code.wireshark.org/review/24536
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Now also trying to resolve C-RNTIs in FACH from the global RNTIs map
Change-Id: If9ce5b73d6855271c15001fd73d8acaaaf9d1864
Reviewed-on: https://code.wireshark.org/review/24665
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
RXLEV and RXQUAL fields in RSL "Uplink Measurements" use same scale
format (0-63, 0-7) as RXLEV and RXQUAL in RR. RXQUAL value-string is
moved to packet-gsm_a_common.c in order to use it in both protocols.
Change-Id: Idadd9505225353fec76b9605e2045a5222669475
Reviewed-on: https://code.wireshark.org/review/24663
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
While we are at it, let's add a partial dissection of
PLMN-IdentityWithOptionalMCC-r6 IE.
Bug: 14248
Change-Id: I20b76bc74c248914db21629f8ce77799fccb1612
Reviewed-on: https://code.wireshark.org/review/24661
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The "Decompressed header" tab contains some human-readable text, but no
field was associated with it. Instead, the fields were attached to raw
compressed headers which, all with the same offset and length.
Ensure that each byte in the decompressed header tab is accounted for.
The only fields that are still pointing to the raw compressed buffer is
the http2.header field (covering a full raw header), the representation
type (a few bits, at most 1 octet) and the index length (guessed length,
an exact value is probably not worth the cpu cycles).
Change-Id: Ic0118e9ed583841a2d353f8b8c28dcafea3401f2
Reviewed-on: https://code.wireshark.org/review/24660
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The HTTP2 decompressed headers tab is composed from multiple TVBs, these
have a null "real_data" pointer. Do not access it directly but use an
accessor which Does The Right Thing™.
Change-Id: Ib974fed9782d60aa2b91e3e712ba737000b79b4b
Fixes: v2.5.0rc0-1627-g8a6ea0e454 ("Qt: Further cleanup ByteView")
Reviewed-on: https://code.wireshark.org/review/24658
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexander Gryanko <xpahos@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Slight adjustment to I394fa91a5cfa1700fb12441d4884c0367b39df8b
Change-Id: Id097a39265f49a79f3d39855ef6b5c95ffe8c4f1
Reviewed-on: https://code.wireshark.org/review/24654
Reviewed-by: Michael Mann <mmann78@netscape.net>
Added a link inside the Topic Information feature so users can
quickly go to the discovery data associated with the writer sending
this submessage.
Change-Id: I3a89630a275e5d857e8bbf86dc5171c9f0921d5b
Reviewed-on: https://code.wireshark.org/review/24646
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ia827c43b161a2b64804b0eac220b428eb853d255
Reviewed-on: https://code.wireshark.org/review/24647
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Instead of calling wmem_strbuf_finalize, which frees the strbuf
structure and makes it unsuitable for reuse, call wmem_strdup +
wmem_strbuf_truncate. This fixes a heap-use-after-free.
Bug: 14248
Change-Id: I498e10ed9f9afa7fa72b607eb43f68c710de777e
Reviewed-on: https://code.wireshark.org/review/24650
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make sure each ui/*.[ch] file uses identical (4-space) indentation.
Remove ui/.editorconfig. Fix up other formatting where needed.
SPDX-abbreviate the license blurb in the files we modify.
Change-Id: I5faa1c1eae9a4b6220422ad8e4ba7a341c7deb1f
Reviewed-on: https://code.wireshark.org/review/24632
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make sure process_netbios_name doesn't write past the beginning of its
buffer.
Bug: 14249
Change-Id: Idb294ba2362e48b879bc4c0c0ddaf64fcf1b5d72
Reviewed-on: https://code.wireshark.org/review/24651
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Missed out some that would probably result in too many links.
Added FT_FRAMENUM_RETRANS_PREV and FT_FRAMENUM_RETRANS_NEXT to enum,
these display as arrows like REQUEST and RESPONSE do.
Change-Id: I6e8d222955f2ba59a713e8a389837b55a1c7f262
Reviewed-on: https://code.wireshark.org/review/24600
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
"file(GENERATE ...)" is only supported since 2.8.12, since the list of
sources is fixed at cmake time, just use "file(WRITE ...)".
Change-Id: If4a547803ab536cf8d131045692d3e58301b0cd2
Fixes: v2.5.0rc0-1763-gfe0c2b0485 ("Rewrite make-dissector-reg.py in C")
Reviewed-on: https://code.wireshark.org/review/24638
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Since v2.1.0rc0-2202-g6b54fbf3bf, wslua is also not necessary in the
include path, so remove that too.
Change-Id: Ib227b71b08da9fc397d6618b60100ab819570b86
Reviewed-on: https://code.wireshark.org/review/24640
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Match closer the behavior of autotools which does not include epan in
its include paths by default.
Change-Id: I885bc7942490a5674c6ac75f9a8ea221555e3784
Reviewed-on: https://code.wireshark.org/review/24639
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>