Previous detection was based on DCH ID 31 or 24 and specific TB Size.
New method checks if the 'Transport Format' looks like the commonly used format for DCCH over DCH or DCH ID 24 and specific TB size (To not break that special case which I'm not familiar with personally)
Change-Id: I59fe7772ec05f7cc15351ef78276085e25570461
Reviewed-on: https://code.wireshark.org/review/21304
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: If006c36a21556a8fb690401677e9ca62a594d82b
Reviewed-on: https://code.wireshark.org/review/21307
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This allows for much easier addition or overriding of options and use of Decode As.
This includes adding heuristic dissector tables for vendor specific options.
Change-Id: If52c00bbc23d89386ba3e777600f665609856de0
Reviewed-on: https://code.wireshark.org/review/21297
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(oss-fuzz part https://github.com/google/oss-fuzz/pull/544)
Change-Id: I54cf7a7b1aaa49582b5fff8bd034187aa6a9bdec
Reviewed-on: https://code.wireshark.org/review/21302
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Change-Id: If9156b4a73e7db006daf4ab4e278379f0e39905f
Reviewed-on: https://code.wireshark.org/review/21313
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This reverts commit 96c72df2df.
Generated a lot of warning (-Wmissing-prototypes)
and i try to kept a sync branch on https://github.com/alagoutte/sqlite/tree/wireshark
Change-Id: I42252a6e736f96783a9fa9805b84e525fe11726e
Reviewed-on: https://code.wireshark.org/review/21182
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Without setting the success variable as volatile my build fails
with warning "error: variable success might be clobbered by 'longjmp' or 'vfork'"
Change-Id: Ic7d4a9b8be4bf9211127dcf5a6bb4bef8bbcd7a9
Reviewed-on: https://code.wireshark.org/review/21310
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Packet ranges are used only in the UI; move the packet range stuff into
libui.
Don't pass a print_args_t structure to libwireshark packet-printing
routines, just pass the few parameters they need. Move the declaration
of print_args_t into file.h.
Change-Id: Icff5991eea7d7d56f33b4716105895263d275bcf
Reviewed-on: https://code.wireshark.org/review/21308
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That way, they don't, for example, get lost as a result of being
scrolled off the screen by output from the second pass.
Also, do the post-processing of output regardless of whether we got read
errors or not, and fix a code error hidden by a call to tshark_debug().
Change-Id: I389c7c794f4dd5fda6e4c50ce480802c92701866
Reviewed-on: https://code.wireshark.org/review/21305
Reviewed-by: Guy Harris <guy@alum.mit.edu>
/home/wireshark/builders/ubuntu-x86-64-petri-dish/ubuntu-x86-64-petri-dish/build/tshark.c: In function ‘main’:
/home/wireshark/builders/ubuntu-x86-64-petri-dish/ubuntu-x86-64-petri-dish/build/tshark.c:653:12:
error: variable ‘success’ might be clobbered by ‘longjmp’ or ‘vfork’ [-Werror=clobbered]
Change-Id: I793962c71b0ebfafc7c09b1d865cfa774456bb3a
Reviewed-on: https://code.wireshark.org/review/21303
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The code was not allowing UDP port types, should ONLY allowed UDP ports.
Change-Id: Ida5467313cbc24fcbac7cd432fb4a018cc00bdef
Reviewed-on: https://code.wireshark.org/review/21301
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
They might read the file once or twice, but the key is that they (and
what they call) are doing the work of processing the file's contents.
Change-Id: I2df6257c55ff5ace944f1a1db5e2aec456ed2038
Reviewed-on: https://code.wireshark.org/review/21293
Reviewed-by: Guy Harris <guy@alum.mit.edu>
No need to report the precise error code - it's already reported the
error.
Change-Id: Ib52daf094253deac2a10d16793ebf0f42581afd6
Reviewed-on: https://code.wireshark.org/review/21292
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This commit adds the IANA status code description to the tree.
Furthermore it updates the registered status codes
s. https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml
Change-Id: I6ec57569b784a137b57532a092c8781dec545039
Reviewed-on: https://code.wireshark.org/review/21162
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If check_slsk_format reports that the buffer does not contain the
expected data, do not try to find more items (break out of the loop).
In one case, an infinite loop would occur because the index variable was
not incremented when the check fails. In all other cases, it would
perform up to 2^32 calls to check_slsk_format per loop (with the same
offset parameter, so no exception is triggered).
Change-Id: I4b7fa10a36fee2551fa46831bcecd6bcd9f342d1
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1200
Bug: 13631
Reviewed-on: https://code.wireshark.org/review/21284
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In TShark, rename load_cap_file() to read_cap_file(); this is TShark,
not Wireshark, so you're not "loading" a file to be manipulated through
the GUI.
In TFShark, rename it to "read_file()"; not only are we not loading it,
it's not even necessarily a capture file.
Change-Id: I122b46ecd8cb7de9c1e1c249ba6c08fdeb93f7e2
Reviewed-on: https://code.wireshark.org/review/21291
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I4772c9c46b7a79a7139229bcb43ee6c84109a26b
Reviewed-on: https://code.wireshark.org/review/21289
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Perform sanity check on buffer length parsed from data. Check buffer
size before reading value.
Change-Id: I8beaf8860b39426d79867b0dd2221e57e32da8e0
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1151
Bug: 13608
Reviewed-on: https://code.wireshark.org/review/21287
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Field 'Destination Port' (papi.hdr.dest.port) has a conflicting entry in its value_string: 8999 is at indices 143 (LAST_SERVICE) and 144 (MESSAGE_HANDLER))
Field 'Source Port' (papi.hdr.src.port) has a conflicting entry in its value_string: 8999 is at indices 143 (LAST_SERVICE) and 144 (MESSAGE_HANDLER))
Check from Services.pm and same value for both...
Change-Id: I8ff56bfbee525e894235a9aea62e0f1d2a9b0ebc
Reviewed-on: https://code.wireshark.org/review/21191
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Changes done to the FP, MAC and RLC dissectors
Change-Id: I7ccf229a7a1d9a8c04d8ac04e74f03253eb3bff0
Reviewed-on: https://code.wireshark.org/review/21281
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Overflow can occur while writing to a buffer.
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1179
Bug: 13624
Change-Id: I7511c43ed67f81d246e3eb66e092353e2ab4924c
Reviewed-on: https://code.wireshark.org/review/21235
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I8c500d6e049e9243c2c4b283731674bf3fc0a521
Reviewed-on: https://code.wireshark.org/review/21282
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make sure that on a OID search an actual OID is available to search for.
Bug: 13637
Change-Id: I36f84cce5506f003d2a30a17f8671d5e22070612
Reviewed-on: https://code.wireshark.org/review/21280
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Don't scatter them amongst various other headers.
Change-Id: I243954222cd4ad3e6bbe8b4d1dd25ee4952f87d6
Reviewed-on: https://code.wireshark.org/review/21277
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Field 'Cisco Element ID' (capwap.control.cisco.element_id) has a conflicting entry in its value_string: 125 is at indices 31 (SPAM AP Led State) and 34 (AP Led State Config))
Rename also some variable name...
Change-Id: I4e3c1fa925492a570dad47a3d274d1f3e950c483
Reviewed-on: https://code.wireshark.org/review/21271
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Field 'AudioCodec' (cast.audio) has a conflicting entry in its value_string: 1 is at indices 0 (G711) and 1 (G729))
Change-Id: I094a85a84ca1e79d4cf817bd5222e902a34f3741
Reviewed-on: https://code.wireshark.org/review/21272
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I31bd53c49906db24b64fa3f1e3078b0658db3158
Reviewed-on: https://code.wireshark.org/review/21269
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Field 'Status Code' (nstrace.mep.errcode) has a conflicting entry in its value_string: 341 is at indices 7 (LARGE DATA) and 8 (SMALL DATA))
Field 'Status Code' (nstrace.rpc.errcode) has a conflicting entry in its value_string: 341 is at indices 7 (LARGE DATA) and 8 (SMALL DATA))
Change-Id: I75aba4140cbbcd412087e951bd35543f14ec1281
Reviewed-on: https://code.wireshark.org/review/21193
Reviewed-by: Michael Mann <mmann78@netscape.net>
Show which parameter sets are present in the info column, and some more
relevant info. Prepare all parameter set handler function interfaces to
be able to add relevant info.
Change-Id: Idd206eebc4d7196511e118fbf9e30919fb38328e
Reviewed-on: https://code.wireshark.org/review/21218
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- when having a special value, leave function once buffer is written
- give the right buffer length to g_snprintf() function
Bug: 13590
Change-Id: Iecf1456686b6e92a7cfcf8ed6d8619541ad50ace
Reviewed-on: https://code.wireshark.org/review/21260
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Have them just return the information needed for the caller to produce
an error message, and have the callers use the new cfile_ routines for
reporting errors.
This requires that the "write failure alert box" routine take the
*input* file name as an argument, so that, on a merge, if the problem is
that a record from a given input file can't be written out to the type
of output file we're generating, the input file name can be given, along
with the record number in that file.
Change-Id: If5a5e00539e7e652008a523dec92c0b359a48e71
Reviewed-on: https://code.wireshark.org/review/21257
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The goal is to figure out the U-RNTI for UEs in DCH to
preserve a single continous RLC session when the UE moves to FACH
(Since the UE ID in FACH is derived from the identity found in the
MAC layer, which is sometimes the U-RNTI)
UMTS RRC dissector now defines a single 'umts rrc private data'
structure as the way to access the actx->private_data field
Change-Id: Id0ffcbcdf0a8babe533915855909e250852e46cf
Reviewed-on: https://code.wireshark.org/review/21087
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
S. Shapira