Altough the dissection consumes 4 bytes each time it is called, it can
trigger a stack overflow for big packets. Let's limmit the number of
allowed VLAN tags for a given packet.
Bug: 14469
Change-Id: Ieb6834ab3350dc7e8c301e6479577855a253897e
Reviewed-on: https://code.wireshark.org/review/26270
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I81ca1665913f54333fe638208c99c4eef4ed2cc7
Reviewed-on: https://code.wireshark.org/review/26139
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The following commands are added:
0x40 - Enhanced add scene
0x41 - Enhanced view scene
0x42 - Copy scene
Change-Id: If7f921f7ede7518ecbb88395d6200f600a47bd85
Reviewed-on: https://code.wireshark.org/review/26202
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
When using 2 passes, L2TP dissector can set a session info for previous
packets, breaking the assumption that IEEE 802.15.4 dissector will
always be called on first pass.
Let's always allocate the protocol data if missing, even if this is not
the first pass.
Bug: 14468
Change-Id: I4cb7ea2e54c1b763a48b99c0d64f542552789d18
Reviewed-on: https://code.wireshark.org/review/26260
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Otherwise it can create an infinite loop, leading to a buffer overflow.
Also add explicit cheks on the buffer usage and set its maximum size to
128 instead of 32 per ASN.1 description.
Bug: 14471
Change-Id: I805f4ce09347bc35143b010b4a558a0d090c0159
Reviewed-on: https://code.wireshark.org/review/26259
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
When there is multiple RTSP messages in one packet, info column shows its headers right next to each other. It is ugly:
Reply: RTSP/1.0 200 OKReply: RTSP/1.0 200 OK
Patch adds ', ' between messages:
Reply: RTSP/1.0 200 OK, Reply: RTSP/1.0 200 OK
Ping-Bug: 14450
Change-Id: I151dbc72b669002ed02d91af43d683c5fc4fe4ba
Reviewed-on: https://code.wireshark.org/review/26222
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
View / Coloring Rules...
shows this warning
12:02:26.401 Main Warn QObject::connect: No such signal ColoringRulesModel::dragDropComplete() in ../ui/qt/coloring_rules_dialog.cpp:61
12:02:26.401 Main Warn QObject::connect: (receiver name: 'ColoringRulesDialog')
Remove the unused signal.
Change-Id: Id42c249ac9252269eb31e4971e62e927a28c88ed
Reviewed-on: https://code.wireshark.org/review/26239
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Cleanup the support for older versions of Visual Studio
Change-Id: Ieb97d56e9bff6a5902433e8d99b27276bc7034f7
Reviewed-on: https://code.wireshark.org/review/26247
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The full EPON preamble is 55 55 D5 55, sometimes some bits are getting
lost so this dissector supports multiple parts of this preamble. Add
also the full preamble to detect also such packets correctly.
Change-Id: I6d74694601bf2a430e24f8c9c004f3558aa056c5
Reviewed-on: https://code.wireshark.org/review/26240
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When we copy an address from pinfo into connInfo->O2T.ipaddress, a
shallow copy is not sufficient. connInfo->O2T.ipaddress is kept across
packets whereas pinfo is valid only for the current packet.
Use wmem with file scope for the copied address. This fixes a
use-after-free error when we access the address in a subsequent packet.
Bug: 14470
Change-Id: I8b74037020189485485a506af6510cb45828e3c4
Reviewed-on: https://code.wireshark.org/review/26248
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Keep the "global" check where the entire processing was under if (tree).
Move this check in front of the while loop and exit if we have no tree.
Remove the subsequent (duplicate) checks for indivial
proto_tre_add_...() calls.
Change-Id: I6b978b438b9f1c84c8927ae4eb9c53a8eaadb4ef
Reviewed-on: https://code.wireshark.org/review/26246
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Wrap long lines.
Use a do-while loop. We know up-front that we'll go into the loop at
least once. Remove the cont variable, use the exit condition directly.
Set *octetCount = 0 if we return 0 because of an error. In that case, we
did not process any bytes and should inform the caller about this.
Change-Id: I222270939e42e0096b6f5a25b197bd4bae12235e
Reviewed-on: https://code.wireshark.org/review/26245
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Otherwise, fprintf() is not defined and the debug prints don't work.
Change-Id: I9bc791dfc829cf9e7b1b6e61b0090d2fb94bebb2
Reviewed-on: https://code.wireshark.org/review/26244
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We always start with counter=0, guint *octetCount is used only as a
return value.
Change-Id: I3c080c59ef7620c5007f6dc3139a78a72cff2a21
Reviewed-on: https://code.wireshark.org/review/26243
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
tvb_get_guintvar() returns a guint. If we haven't seen the final byte
after sizeof(guint) bytes, something is wrong. Abort and return 0.
This is the minimum fix for
Bug: 14473
Change-Id: Ibe8a1239c1cbbeec0591c66710416bb56f9f60dc
Reviewed-on: https://code.wireshark.org/review/26242
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Enhanced peekremote dissector to take into account the new extended
flags written by Cisco APs in sniffer mode after WLC version 8.5.
Support for 80mhz channel flag (bit 9), short preamble (bit 8), amount
of spatial streams (bit 14-16)
dot11_ht_vht_flags=0x00000551 <--short preamble encoded to 10th bit of
dot11_ht_vht_flags.
dot11_ht_vht_flags=0x00008bc8 <--80MHz info encoded to 9th bit of
dot11_ht_vht_flags.
The spatial streams information is already encoded to 16:15:14 bits of
dot11_ht_vht_flags. The following are the bit pattern representation,
000 - 1 spatial stream
001 - 2 spatial streams
010 - 3 spatial streams
Bug: 14452
Change-Id: If0539e356b32a791901d213a653f7a98521667ee
Reviewed-on: https://code.wireshark.org/review/26178
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The WiX toolset configuration files have to be extended to handle the
new plugin directory structure as well. Apart from the EPAN plugins
the wiretap and codec plugins have to be included as well.
Change-Id: I173e6b87a88e4ef8aa3283a308e2b5207f0d6ba2
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/26176
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We might not yet have allocated the manually-resolved address lists;
only free the if we have.
Change-Id: Iff9864e397a04cdcb613268603c073ecd1fa77fb
Reviewed-on: https://code.wireshark.org/review/26236
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The routine was removed in Id302e88bed4da8b9b457049fb78b0bc7d7ffabe3.
Change-Id: I1874be1cb666d42011cc9b4ab9360dc885d3622c
Reviewed-on: https://code.wireshark.org/review/26231
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove the endpoint map and its button from the Qt and GTK+ UIs. It
depends on GeoIP Legacy for coordinate information and those databases
are being deprecated in favor of MaxMind DB. We *could* upgrade the code
to use mmdbresolve, but according to
https://dev.maxmind.com/geoip/geoip2/geolite2/ they're also going to
remove coordinate information from GeoLite2:
"In addition, in 2019, latitude and longitude coordinates in the
GeoLite2 databases will be removed.* Latitude and longitude coordinates
will continue to be provided in GeoIP2 databases. Please check back for
updates."
Change-Id: I43e1593d282a0f1aae897b1f4724117d1496b21e
Reviewed-on: https://code.wireshark.org/review/26229
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Otherwise dialogs could be opened multiple times
Change-Id: I19f9c11395b5f5ba41c00ff78ab9794064562d29
Reviewed-on: https://code.wireshark.org/review/26221
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Document ws_pipe.h. Define invalid PIDs in one place.
Extcap didn't use stdin before 1a0987904f. Make sure we close it.
Change-Id: I7a69cd9b5137ae82435e64628a22e4d812d58f89
Reviewed-on: https://code.wireshark.org/review/26226
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Trap ABRT and try to pass it on to our runners.
Change-Id: I6e5a9fd63822c9bc84e116b3574abc4ccca448f5
Reviewed-on: https://code.wireshark.org/review/26227
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Set the API target level to Win7, along with installer changes
to match.
Change-Id: Icd93964eadf93018c56218e3efdfed10b9f8959a
Reviewed-on: https://code.wireshark.org/review/26218
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
If we've found "interleaved=" in the buffer *and*, if so, know where
we've found it, we don't need to find it again; we can just use the
result of the first strstr() call.
That should also keep Visual Studio Code Analyzer from bogusly saying
"hey, we might not have found it, maybe we're handing a bad pointer to
sscanf()".
Change-Id: I9d8f5c0b38038a3f05b8e5343f965f1676105875
Reviewed-on: https://code.wireshark.org/review/26219
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This adds some _U_ to prevent build failures when the build platform
does not have certain libraries or more recent versions of those libraries.
Change-Id: I82a1c14dd250181af189bd8564afc47180385e60
Reviewed-on: https://code.wireshark.org/review/26211
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
When rlc sequence number wrapped around, duplicate frames wouldn't be
marked because they were compared to the sqn from the first round.
Change-Id: Ia57aac9b86b4cc84dd8ec411fe0a94972acb9526
Reviewed-on: https://code.wireshark.org/review/26208
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The ett_btavrcp_features and ett_btavrcp_featuers_not_used fields were
not initialzed causing an abort when dissecting.
Change-Id: I3ee2f557ace1643dfba5a978add66c3c7ba7d895
Reviewed-on: https://code.wireshark.org/review/26217
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
N.B. In normal traffic status PDUs do not appear very often, but if
the config of RLC/PDCP are wrong, every PDU can appear to be a status
PDU and it can take a long time to print out the list of missing
sequence numbers.
Change-Id: I9514b505639fa58d86bf5ebb3fb2bcf1f8e65aa8
Reviewed-on: https://code.wireshark.org/review/26197
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move the contents of extcap_spawn to ws_pipe. Rename various extcap_*
prefixes to ws_pipe_*. Open stdin when we spawn processes.
Change-Id: I9286295443ee955bb6328b0ed6f945ee0bb2a798
Reviewed-on: https://code.wireshark.org/review/26216
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove all the existing LoadDLL\GetProcAddress combinations
that allowed conditional Win32 API usage if supported on the
running OS version.
All the required functions are present in the versions we support.
Change-Id: Ibc43e51cefcd1c7562d4e251784362509f224ed6
Reviewed-on: https://code.wireshark.org/review/26215
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Pascal Quantin