In some cases these malformed frames trigger a DISSECTOR_ASSERT() in proto.c's proto_item_set_len(). This happens when packet-ieee80211.c's dissect_ieee80211_mgt() calls packet-ieee80211.c's get_tagged_parameter_tree() with a "size" parameter value of -1.
From me:
Replace by proto_tree_add_item with -1 length (and use FT_NONE ftype)
svn path=/trunk/; revision=47795
The problem is when Wireshark dissect CAPWAP packets from Cisco without preference "Cisco Wireless Controller Support"
In this case the whole packet decoded wrong, not only Wireless Specific Information field in CAPWAP header
I suggest following patch to dissect_capwap_header function to always return correct length of CAPWAP header based on HLEN header field
From me:
Add expert info to display a warning about Calculate length and Header length are different (and suggest to activate Cisco Wireless Controller Support Preference)
svn path=/trunk/; revision=47793
1) hf_reload_dmflags is 8 bytes, not 64 bytes.
2) Swap dissection order of dmflags and length.
3) Register ett_reload_self_tuning_data and ett_reload_diagnosticrequest.
#BACKPORT(1.8)
svn path=/trunk/; revision=47789
Fix the Lua tostring() method on FieldInfo objects such that it always returns
a string, although the string might be '(unknown)', '(none)', or '(n/a)'. This
is more conformant to Lua's API style.
Also create a new 'FieldInfo.display' accessor table member, which Lua
scripts can use instead of tostring() to get what the GUI displays.
From me:
Misc indentation fixes, remove redundant 'return' statement.
svn path=/trunk/; revision=47783
tvbuff, and a length from that offset, and returns a subset tvbuff
referring to that data (or throws an exception). This does what most if
not all calls to tvb_new_subset() (other than the ones that really
should be calls to tvb_new_subset_remaining()) should be doing, i.e.
setting the reported length of the tvbuff to the specified length and
calculating the appropriate value of the captured length based on that.
We aren't using it yet, but we will....
svn path=/trunk/; revision=47768
In fixing this bug, also fix another: Be sure to use tvb_length() and not tvb_reported_length() in get_utp_version(), since this is essentially where the heuristics are being applied to decide whether to accept the packet or not.
svn path=/trunk/; revision=47761
tvb_set_subset(); code should use tvb_new_real_data() and various
tvb_new_subset routines. (Neither tvb_new() nor tvb_set_real_data() nor
tvb_set_subset() were exported in libwireshark.def, nor were they used
outside tvbuff.c; tvb_set_real_data() and tvb_set_subset() weren't even
being used *inside* tvbuff.c.)
svn path=/trunk/; revision=47753
routines to create new tvbuffs that do what dissectors need to do, and
those are the only routines that should be used.
svn path=/trunk/; revision=47752
tvbuff and runs to the end of the tvbuff? Let me count the ways....
Replace a bunch of different ways of doing that (some incorrect, in that
they're not properly handling tvbuffs where the captured and reported
lengths are different) with tvb_new_subset_remaining().
svn path=/trunk/; revision=47751
preferences (currently hidden) to disable updates, set the update
frequency, and set the update "channel" (stable vs development). Add a
"Help" menu item to manually check for updates.
svn path=/trunk/; revision=47748
checksummed, which is the length of the TPDU, not that length + 1.
Calculate the TPDU length correctly - use
tvb_reported_length_remaining(), not tvb_length_remaining() (we want the
*actual* length, not the amount of captured data we have), and take the
offset handed to the dissector routine into account. Don't take the
length indicator into account for TPDUs with user data, as they run to
the end of the lower-level packet containing the TPDU(s). The CLTP UD
TPDU contains user data.
Note that this dissects both COTP *and* CLTP (that's why it's
"packet-ositp.c", not "packet-cotp.c").
Separate some groups of #includes with blank lines.
svn path=/trunk/; revision=47745
it's been used in an rtp_set_address() or srtp_set_address() call and,
if that Boolean is set, don't free the hash table; this fixes a case
where the hash table was freed while it was in use.
svn path=/trunk/; revision=47740
an int, so don't use enums for special values of the PLP length field.
In addition, use G_GINT64_CONSTANT() to tag them as appropriate for a
guint64.
svn path=/trunk/; revision=47737
Misc. fixes to the SML dissector:
- one more define added
- removed data_handle (unused)
- removed "check = tvb_get_guint8(tvb, temp_offset);" (value hasn't changed)
- added PI_NOTE
- CRC fixed, calculation now correct if CRC is transmitted as UINT8
From me:
- clean up indentation
- change modelines to actually match the indentation most commonly used
svn path=/trunk/; revision=47736
Feed the tap before trying to dissect the payload. This prevents a malformed
payload from blocking the tap, resulting in incorrect RTP statistics.
svn path=/trunk/; revision=47729
Additionally:
1) Remove check_col()'s
2) Don't call expert_add_info_format() from within an if (tree) {} block.
3) tvb_reported_length_remaining() can return -1; be sure to handle it.
4) Misc. whitespace changes.
svn path=/trunk/; revision=47722
With small additional changes by me
Make many of the length and offset fields in the websocket dissector unsigned.
This fixes a case where we could attempt to malloc (unsigned)-1 bytes of memory.
Also fix one small copy-paste string typo.
svn path=/trunk/; revision=47700
This patch adds a check for a zero count to the existing sanity check code.
From me:
In addition drop superfluous sanity check.
svn path=/trunk/; revision=47692
Improve handling of truncated USB Configuration descriptors.
In contrast to other descriptor types, configuration descriptors have varying
lengths and may be quite long. This makes them much more prone to truncation
by a host that is cautious about reading large descriptors.
A real-world case has arisen where a host requests a partial configuration
descriptor of a USB webcam, and wireshark improperly reports that the response
is malformed.
Change configuration descriptor dissection to distinguish between truncation
induced by the host, which is not an error, and descriptor truncation or
reporting of invalid descriptor lengths by the device, which are.
This patch also relieves class-specific dissectors of the burden of checking
that the descriptor length and type fields are available, and that all the
bytes claimed by the descriptor length are also available.
svn path=/trunk/; revision=47676
Make length field unsigned so that negative values fail the bounds check and
throw a regular exception before getting passed to glib (where they cause a
program-ending assert failure instead).
svn path=/trunk/; revision=47672
function name isn't the same as the method name; this is used if we're
providing compatibility aliases for method names.
Use WSLUA_CLASS_FNREG() and WSLUA_CLASS_FNREG_ALIAS() for all method
registrations.
Fix the spelling of "prepend", but leave a compatibility alias in place.
svn path=/trunk/; revision=47667
The issue was that hash tables were being accessed after they were freed from a "rejected answer".
The code was also too generous in considering many SIP status codes as "rejected answers", so now less SIP status codes are treated as "rejected answers" and are ignored by the transport API.
svn path=/trunk/; revision=47652
- Fix various message handler message dissection bugs;
- Change all loops with a potentially large loop count
to be done only when 'tree' is non-null;
- Simplify code somewhat;
- Do some whitespace and formatting style changes.
svn path=/trunk/; revision=47647
Without this patch I get a crash on Linux and lots of
STATUS_ACCESS_VIOLATION and a single STATUS_INTEGER_DIVIDE_BY_ZERO on windows.
svn path=/trunk/; revision=47639
Without this patch I get a crash on Linux and lots of
STATUS_ACCESS_VIOLATION and a single STATUS_INTEGER_DIVIDE_BY_ZERO on windows.
svn path=/trunk/; revision=47638
Bluetooth: Improve support of MAP, PBAP, BPP and BIP in OBEX
Add support for recognize profiles using OBEX (by "Target"), then add
all Application Parameters specific for MAP, PBAP, BPP, BIP.
Also fix one FIXME, so now dissecting by OBEX does not cause malformed
frames while jumping over dissected packets.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8304
svn path=/trunk/; revision=47632
- Call conversation_set_dissector();
- Fix encoding args related to use of FT_ABSOLUTE_TIME;
- Remove unneeded #include;
- Cleanup some whitespace.
svn path=/trunk/; revision=47631
since without a tree the proto_tree_add_item calls won't throw an exception
when we run past the end of our TVB which means we could end up doing MAX_INT64
iterations.
Fixes https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8312
svn path=/trunk/; revision=47629
Restore an else clause that appears to have been accidentally removed in r44542
which was causing TCP reassembly for SMB2 messages to fail.
svn path=/trunk/; revision=47620
input() routine and thus don't need to have it generated - and as it
produces warnings of a routine defined but not used, we don't want to
have it generated.
Squelch a casting-const-away warning.
svn path=/trunk/; revision=47613
Pull in a change from that Makefile.nmake to keep us from trying to hand
a header file to the compiler as if it were a C source file.
svn path=/trunk/; revision=47600
routine (prefs_register_directory_preference). Add PREF_FILENAME and
PREF_DIRNAME support to the Qt module preferences. Change a couple of
preferences to directory names.
Clean up some names and default settings.
svn path=/trunk/; revision=47573
setup_sdp_transport_resend() should be unnecessary once all higher layers use setup_sdp_transport() and the "registration" code within dissect_sdp() is removed.
svn path=/trunk/; revision=47572
Added setup_sdp_transport() to allow higher layer protocols to call SDP with context to correctly setup an OFFER/ANSWER within SDP (which doesn't have its own transport layer). I attempted to keep backwards compatibility until all higher layer protocols set up OFFER/ANSWER context. If OFFER/ANSWER (request/response) can't be found (which would be the case for higher layer protocols without context), Wireshark should resort to the old behavior of applying SDP information as it sees packets.
This patch includes integration with SIP as it appears to have the most bug reports. Other higher layer protocols will be done later. Most are mentioned in bug 2368.
Fixes bug 2368 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2368) and all its duplicates
Fixes bug 2992 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2992) and all its duplicates
svn path=/trunk/; revision=47564
multiple adjacent free chunks. When splitting a used chunk, the resulting
extra unused chunk may need to be merged to its right.
svn path=/trunk/; revision=47552
Some interesting algorithmic stuff going on in here for those who are
interested.
This completes the allocator rewrites for the API additions, so those can be
exposed now.
svn path=/trunk/; revision=47547
for a preferences module. Use it to fill in the remaining preferences.
Don't show the printing preferences since they're not used here.
Change the titles and tooltips for some of the name resolution
preferences.
Disable the capture preferences if we can't capture. This is different
from the GTK+ version which hides it completely.
Thus concludes the preferences dialog (for the time being).
svn path=/trunk/; revision=47545
The code is slightly cleaner and the use of proto_registrar_get_id_byname()
enables an additional checkhf test to reduce false positives.
Also: comment out 2 unused hf_... vars in packet-smb-sidsnooping.c
(found by checkhf)
svn path=/trunk/; revision=47541
- In two cases, add missing entries to hf[];
- Other cases: 'if 0' the packages referring to
the missing entries.
See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4842
ERROR: NO ARRAY: packet-h248_annex_e.c:
Fixed:
hf_h248_pkg_ct
hf_h248_pkg_nt
Packages 'if 0'd out:
hf_h248_pkg_dd
hf_h248_pkg_root
svn path=/trunk/; revision=47524
Add comments noting that
- We might want to do something different when the bookmark button is
pressed.
- The display filters (dfilters file) and gui.filter_expressions
preferences should be merged.
- Many buttons on Qt4 + OS X + unifiedTitleAndToolBarOnMac makes the
main window really wide.
Add a qstring_strdup convenience routine. Add "disabled" display filter
edit icons. Fix up whitespace and descriptions in a couple of places.
svn path=/trunk/; revision=47522
in keeping with the usual convention for naming the
variable used to store the return value from
proto_register_protocol().
(Fixes checkhf false positive).
svn path=/trunk/; revision=47505
transport connection, so it's not a good choice for a circuit id
use (session number|transport connection id) as circuit id
svn path=/trunk/; revision=47499
dtd_parse.obj by handing dtd_parse.c *and* dtd_grammar.h to the C
compiler - dtd_grammar.h gets included by dtd_parse.c.
svn path=/trunk/; revision=47488
ourselves.
Clean up various bits of "distribute" vs. "don't distribute" stuff in
the process - use similar names, and make the "distribute vs. don't
distribute" distinction the same as the "don't clean with "make
distclean" vs. clean with "make distclean"" distinction.
svn path=/trunk/; revision=47485
Support all PDU Type (IPv4/6 Prefix, Serial Notify/Query...)
Not supported the packet with a lot of PDU (fragmentation)
svn path=/trunk/; revision=47470
Note: All (or almost all) unused hf[] entries
in non-generated Wireshark dissectors
have been #if 0'd (or commented) out.
(This applies only to 'static hf_...' vars).
A number of (non-generated) dissector
files with *missing* hf[] entries
still need to be fixed.
svn path=/trunk/; revision=47459
-> Delete some unused header fields found with checkhf.pl
-> Fix a couple of typos.
-> Minor whitespace changes.
-> Add a TODO about replacing strstr with either g_strrstr or g_str_has_suffix
svn path=/trunk/; revision=47420
Negative integer values are displayed positive in hmi: -1 = 65535
(Change the variable to signed and add some casts to avoid this problem.)
svn path=/trunk/; revision=47418
Alexis La Goutte