WARNING **: Field 'Request type' (nas_5gs.mm.req_typ) has a conflicting entry
in its value_string: 5 is at indices 4 (Modification request) and 5
(MA PDU request)
Also modified eCPRI dissector to call it for payloads. This dissector will
claim the "IQ Data" and "Real-Time Control Data" message types - others
are still handled by eCPRI.
fragment_add_work() should flag duplicate packets and overlapping packets
that are subsets of the existing reassembly as overlaps (and flag them if
there are conflicts), instead of silently adding them to the reassembly.
Currently the checks are only performed when the new segment is adding
additional bytes to the reassembly.
This is particularly useful for identifying when an earlier reassembly isn't
fully contained in the capture, and the identification / offset number has
wrapped around so that segments during two different reassemblies are being
mixed together. Closes#16872 and #15569.
Instead of using a single memcpy which relies
upon struct members being in contiguous
memory, use three separate calls to memcpy.
This fixes Coverity 1460754.
Remove the last package installation instances from .gitlab-ci.yml. Add
a comment at the top noting that dependencies should be added to our
Dockerfiles instead.
The wireshark/wireshark-ubuntu-dev image was recently upgraded to Ubuntu
20.04. Since then the following tests have been failing:
---- FAILED
test/suite_capture.py::case_wireshark_capture::test_wireshark_capture_from_fifo
FAILED
test/suite_capture.py::case_wireshark_capture::test_wireshark_capture_from_stdin
FAILED
test/suite_capture.py::case_tshark_capture::test_tshark_capture_from_fifo
FAILED
test/suite_capture.py::case_tshark_capture::test_tshark_capture_from_stdin
FAILED
test/suite_capture.py::case_dumpcap_capture::test_dumpcap_capture_from_fifo
FAILED
test/suite_capture.py::case_dumpcap_capture::test_dumpcap_capture_from_stdin
FAILED
test/suite_capture.py::case_dumpcap_autostop::test_dumpcap_autostop_filesize
FAILED
test/suite_capture.py::case_dumpcap_autostop::test_dumpcap_autostop_packets
FAILED
test/suite_capture.py::case_dumpcap_ringbuffer::test_dumpcap_ringbuffer_filesize
FAILED
test/suite_capture.py::case_dumpcap_ringbuffer::test_dumpcap_ringbuffer_packets
FAILED
test/suite_capture.py::case_dumpcap_pcapng_sections::test_dumpcap_pcapng_multi_in_multi_out
FAILED
test/suite_capture.py::case_dumpcap_pcapng_sections::test_dumpcap_pcapng_multi_in_single_out
FAILED
test/suite_capture.py::case_dumpcap_pcapng_sections::test_dumpcap_pcapng_single_in_multi_out
FAILED
test/suite_capture.py::case_dumpcap_pcapng_sections::test_dumpcap_pcapng_single_in_single_out
FAILED
test/suite_clopts.py::case_dumpcap_options::test_dumpcap_interface_chars
FAILED
test/suite_clopts.py::case_dumpcap_options::test_dumpcap_invalid_chars
FAILED
test/suite_clopts.py::case_dumpcap_options::test_dumpcap_valid_chars
----
This is because dumpcap can't load our local libraries after setting cap_net_raw+cap_net_admin:
----
-- Begin stderr for command ('/builds/wireshark/wireshark/build/run/dumpcap', '-D') --
/builds/wireshark/wireshark/build/run/dumpcap: error while loading shared libraries: libwsutil.so.0: cannot open shared object file: No such file or directory
-- End stderr for command ('/builds/wireshark/wireshark/build/run/dumpcap', '-D') --
----
Add $(pwd)/run to our rpath.
format_text uses the wrong bitmask when checking for two byte UTF-8
characters, resulting in rejecting half the possible two bytes characters,
including all of Arabic and Greek, and substituting REPLACEMENT CHARACTER
for them. Fixes#17070, and add some comments about the current behavior
that doesn't match existing comments.
Current CSV/YAML export from RTP stream exports just pure/unformated items. Therefore e.g. SSRC looks different way than shown in dialog. This patch adds additional columns with formated values.
In addition, export uses same method how to get values from a record as dialog uses.
It's possible for memcpy's source and destination
to be the same address, and so therefore
'overlap'. Use memmove instead, which
is safe for overlapping regions.
This fixes Coverity 1450802.
Selecting Edit / Preferences on my asan+ubsan build brings up the
following warning from ubsan:
/media/sf_wireshark.git/ui/qt/models/column_list_model.cpp:273:9:
runtime error: load of value 25, which is not a valid value for type 'bool'
The problem is in ColumnListModel::populate(), where a ListElement is
populated from fmt_data. The ListElement's "changed" component is not
initialized, though.
It looks like "changed" is not used anywhere. This patch removes it from
the ListElement struct.
For Qt 5.11 and newer use horizontalAdvance() instead of boundingRect().width()
to calculate the width of a QString to position the hover rectangle position,
and to select which byte(s) to highlight.
Closes#17033.
Instead of successively calling gcry_md_copy()
and gcry_md_close(), call gcry_md_reset(),
to avoid creating and releasing contexts.
Besides the minor performance improvement,
this should also fix Coverity 1450263
and 1450848, which detect
two resource leaks.
This bug affects Lua plugin dissectors for encapsulation protocols like
GRE. Typically the dissector creates a range for the payload packet, then
calls the next dissector with a tvb derived from the range, using
TvbRange_tvb(). The original version calls
tvb_new_subset_length_caplen() using the remaining capture length for the
reported_len argument. The fix passes -1 as the reported length, and
tvb_new_subset_length_caplen() calculates the new reported_len as required.
The bug only affects large packets captured with a snaplen and
truncated, then decoded with a Lua plugin for the encapsulation header.
Here's the typical bug symptom, gleaned from tshark decode of
an encapsulated IP payload:
[Expert Info (Error/Protocol): IPv4 total length exceeds packet length (114 bytes)]
[IPv4 total length exceeds packet length (114 bytes)]
Closes#15655.
Remember all the IDBs we've seen from the input file so far and, if
we're writing multiple files (splitting an input file into multiple
output files), add all those IDBs to each of the output files.
Fixes issue #17060.
Moshe Kaplan