Don't loop trying to read a full buffer from the input file.
If you're reading from a file, on UN*X or Windows, you should get the
entire read count unless you're fewer than buffer-size bytes from the
end of the file, in which case you should get what remains in the file.
If you're reading from a pipe, however, that could cause you to block
longer than necessary waiting for a full buffer rather than just for the
next chunk of data from the pipe - which might not be a bufferful, if
the program writing to the file is itself writing less-than-bufferful
chunks, as may be the case in, for example, a pipeline coming from a
live capture and with the intent that TShark display the packets as they
arrive.
While we're at it, if we're trying to do a seek and the seek takes place
within the buffer of uncompressed data, just adjust the position within
that buffer for forward seeks as well as backward seeks; this
substantially reduces the number of ws_lseek64() calls when making a
sequential pass through the file in Wireshark (e.g., running a tap or
filtering the display) and, as we purge the buffer after the
ws_lseek64(), substantically reduces the number of ws_read() calls in
that situation as well.
Have a data structure for a file data buffer, and use it for both the
"input" (compressed data) and "output" (uncompressed data) buffers.
Rename raw_read() to buf_read(), as it reads into a buffer.
Change-Id: I7982b3499a7613a993913a6db887054730764160
Ping-Bug: 14345
Reviewed-on: https://code.wireshark.org/review/25358
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When the byte view is set to "Show bytes as bits" make sure we highlight
all eight bits instead of just two.
Change-Id: I1ece65032fa32f7274f4e7383e538b92e8fa4f65
Reviewed-on: https://code.wireshark.org/review/25354
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use Qt::DecorationRole when setting and getting a color and
Qt::CheckStateRole when setting and getting the check state of UatModel
items.
Add a default role for UatModel::data.
Convert between value strings and their respective values where needed.
Bug: 14317
Change-Id: Idd3eb773dc9944f982f6dbd7d49f73f4a60dd5a2
Reviewed-on: https://code.wireshark.org/review/25355
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jim Young <jim.young.ws@gmail.com>
This field is generated so mark it so. It may also be usable so
make it visible.
Change-Id: I10d951f234f1fba240059bc791b40d25dede07a9
Reviewed-on: https://code.wireshark.org/review/25350
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add back field highlighting during hover.
Instead of marking hovered bytes using an underline+overline, draw a
border rect.
Change-Id: I574dd074cfa021ac0dec3cdea6c5f9b0b4da6d0e
Reviewed-on: https://code.wireshark.org/review/25348
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Found via CID 1427615.
Change-Id: I519b3905d33b0b2aa3ce164810b9e6358f6df1bd
Reviewed-on: https://code.wireshark.org/review/25347
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
With the change in paths of the dissector plugins in the repository some
other paths require adjustment. These are the obvious changes remaining.
Change-Id: Id49ac6aaf1a29d9eb37f4c32226a4597d5e32edd
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/25343
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add FieldInformation::isLink and use it to style link items.
Add back a related frame information.
Get rid of rowsInserted() and just visit each tree node starting from
the root.
Change-Id: I0e7ef6b2e11d25465705adffbb77d6f6cfb2a435
Reviewed-on: https://code.wireshark.org/review/25342
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This commit adds the missing mailbox type to the EthercatFrameTypes
array.
Change-Id: I0710b723cdfa6cff28b6655729dafb68678518cb
Reviewed-on: https://code.wireshark.org/review/25338
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
This allows the user to override the EAPOL Key MIC length for those
crypto suites where the Key MIC length is greater than 16 bytes.
This works in the DPP case where the Key MIC length is supposed to be the
same as the Nonce length.
Change-Id: I8ef6bc978e0a44ece0e95d76b231a02c7f15c89b
Reviewed-on: https://code.wireshark.org/review/25332
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Padding frame can be anywhere on QUIC payload
Add loop check if it is always padding frame (0x00)
Bug: 13881
Change-Id: I3d50e5347aeca9738aeac3287ddba7fd30fc72b1
Reviewed-on: https://code.wireshark.org/review/25324
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
I'm not sure how this tap_base_to_id() works but this seems to fix the
problem.
Change-Id: I98663a9560a38de03c130181dfa43b43befc612f
Reviewed-on: https://code.wireshark.org/review/25327
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Sync our expansion state for every node since we might have mixed
expanded/collapsed hierarchies.
Move the prefs.gui_auto_scroll_on_expand code from expand() to its own
function (autoScrollTo()).
Rename expand() and collapse() to syncExpanded() and syncCollapsed().
We can update tree_is_expanded without overriding our base class.
Ping-Bug: 14340
Change-Id: Ibf758809ea26dcc3f79bd0201168fae35d7cce8d
Reviewed-on: https://code.wireshark.org/review/25328
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ib3a5830a4ae07ebb9bd2657599d668af03c896c8
Reviewed-on: https://code.wireshark.org/review/25275
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I0a4eb85abd75ed706ea519371f2c62b172c05297
Reviewed-on: https://code.wireshark.org/review/25326
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I767b06c0e316347cdb28b769f1032e6d44cba45b
Reviewed-on: https://code.wireshark.org/review/25321
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
voip's special tap unregistering should be happening when
WiresharkDialog unregisters its taps.
Change-Id: I8f28b1ed31617b47870cb7a429d43f52fb8c4a86
Reviewed-on: https://code.wireshark.org/review/25294
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ProtoTree::rowsInserted was expanding top-level items properly but not
subtrees. Make sure we do so.
Bug: 14340
Change-Id: I6c73fd09643b52d43014352816d0dd4838dbcb1d
Reviewed-on: https://code.wireshark.org/review/25316
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
commit 671cf8c3956c137ee089b7647cd81c182e201ef5
Author: Alan T. DeKok <aland@freeradius.org>
Date: Fri Jan 12 10:34:11 2018 -0500
these attributes are "string". Fixes#2130
Change-Id: I0656f699958f583215551b3be2b2ab3dfdea6cfb
Reviewed-on: https://code.wireshark.org/review/25313
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That makes it clearer what's being tested, and makes the tests more
consistent, so we're always, not just sometimes, testing that way.
Change-Id: Ifac4a86d16d0652d04db3dec572c11e1335c945d
Reviewed-on: https://code.wireshark.org/review/25318
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I6d41ba89006abb8f8e703f6d703370169062f7e9
Reviewed-on: https://code.wireshark.org/review/25285
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If we aren't built with libz, report a new "decompression not supported"
error if the file is gzipped; the problem isn't that it's a new capture
file format we don't support, it's that a *compressed* capture file, in
some format, but we don't support the *compression* format used.
This can be extended if we add support for other compression formats.
Change-Id: I19239525d4e02357e3ca7189996556839af8fce2
Reviewed-on: https://code.wireshark.org/review/25315
Reviewed-by: Guy Harris <guy@alum.mit.edu>
A capture with a Server Hello failed to be dissected because the record
was split in TCP segments of one byte each. This resulted in a
"Malformed Packet" exception because ssl_looks_like_sslv2 looks at the
third byte which. To fix this, ensure that at least the size of a TLS
record is available.
Change-Id: I8558028a28169020bc6549fdac29e07ecedf6ce2
Reviewed-on: https://code.wireshark.org/review/25310
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Renumber key_share extension, display the old codepoint as "Reserved
(key_share)" in case an older draft version is loaded. The old codepoint
(40) was apparently used for different purposes:
https://www.ietf.org/mail-archive/web/tls/current/msg25168.html
Add a new "signature_algorithms_cert" extension which is similar to
"signature_algorithms", except that it advertises the supported
algorithms in certificates rather than handshake messages.
Change-Id: Ibbb09100e2540deea8f652ba0685feadb68f33e7
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/25309
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Make HTTP2 headers filterable.
Change-Id: I1a1a42ccdb41461f048e9ae462421ecad79da61b
Reviewed-on: https://code.wireshark.org/review/24475
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I8b69922c2bbb7905480277e7b28d9894453e785b
Signed-off-by: Anton Glukhov <anton.a.glukhov@gmail.com>
Reviewed-on: https://code.wireshark.org/review/25284
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>