I accidentally assumed that libnl2 works fine with just libnl.so, but
apparently the other libraries are also necessary.
Change-Id: I1636710ea3f41ed10a5ccb37106cae9e688abec9
Reviewed-on: https://code.wireshark.org/review/17654
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The preferences static text may be too long for the preferences
dialog width, so set word wrap for this label.
Change-Id: I0828601b39a5e189de707087e317c598576fc3db
Reviewed-on: https://code.wireshark.org/review/17656
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The structured id handling is not in use by anyone.
Change-Id: I643fb03f642a5c1900aaec7d41e2b66dba5a2b05
Reviewed-on: https://code.wireshark.org/review/17655
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
length of the PDU is not known(length is exluding escape bytes).
Change-Id: I762419f12ca80f6597163e232c4b853819927b65
Reviewed-on: https://code.wireshark.org/review/17302
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
While we are at it, let's reorder them in the .cnf file to match their
definition in S1AP-PDU-Contents.asn and ease review
Change-Id: I4c433fa862d83053d8b01cc951e756379356fa57
Reviewed-on: https://code.wireshark.org/review/17649
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tried to poke various fields (including the capture filter field), this
revealed some memleaks.
Change-Id: I1eca431a09839906a4b3c902ad85e55bffc71ca8
Reviewed-on: https://code.wireshark.org/review/17648
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fixes a memleak that occurs on (re)loading a pcap. While at it, remove
some unnecessary variables.
Change-Id: Ibb662e5c608881bc7dfde9d12cdb77f699ff6542
Reviewed-on: https://code.wireshark.org/review/17639
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use the get.*guint32 routines to get unsigned values.
Change-Id: I75e83b2d21bdf08c7c995e36e4deb3b1c6d6959d
Reviewed-on: https://code.wireshark.org/review/17651
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It doesn't have to be non-zero.
Change-Id: If578906855abd9eb9fa07e97ee5508c139b6f61b
Reviewed-on: https://code.wireshark.org/review/17646
Reviewed-by: Guy Harris <guy@alum.mit.edu>
You can't run ASan-built programs with a ulimit, as ASan allocates a
huge amount of shadow memory.
Change-Id: Ic4d3c2fae77719f65d4594774bc8aa92d2a3a035
Ping-Bug: 12797
Reviewed-on: https://code.wireshark.org/review/17645
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Added version 3.1.1 CONNACK session present flag and SUBACK failure
indication. Adjusted SUBSCRIBE and SUBACK QoS values.
Added string length values. Removed the message type subtree as it
had no purpose. Put the message type in the top tree mqtt node instead.
Removed unused code and fixed code layout.
Change-Id: I8a9ae26ac9a2af04dc6f8d08ac46aa305c225c4f
Reviewed-on: https://code.wireshark.org/review/17590
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There is a v4 (and v5) with some change (patches coming !)
Change-Id: I3107727e2b86f7f6c0019ba6f2638bb40b41c0fb
Reviewed-on: https://code.wireshark.org/review/17626
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Invocation of tshark -D (dumpcap -D -Z none) under ASAN fails with:
tshark: Child dumpcap process died: Abort - core dumped
Change-Id: Ida363089066205d579e841b019b32c2e33516f12
Reviewed-on: https://code.wireshark.org/review/17633
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
In commit v2.3.0rc0-117-g485bc45 (backported to v2.2.0rc0-44-g66721ca),
extcap_prefs_dynamic_vals and extcap_cleanup were added in an attempt to
address dangling pointers.
Unfortunately it is not sufficient:
- A pointer to the preference value is stored in extcap_arg and passed
to the prefs API, but this extcap_arg structure can become invalid
which result in use-after-free whenever the preference is accessed.
- On exit, a use-after-free occurs in prefs_cleanup when the preference
value is being checked.
As the preference subsystem actually manages the memory for the string
value and consumers should only provide a pointer where the value can be
stored, convert the char* field in extcap to char**. This has as
additional benefit that values are not limited to 256 bytes anymore.
extcap_cleanup is moved after epan_cleanup to ensure that prefs_cleanup
does not operate on dangling pointers.
Crash is reproducible under ASAN with: tshark -i randpkt
Ping-Bug: 12183
Change-Id: Ibf1ba1102a5633aa085dc278a12ffc05a4f4a34b
Reviewed-on: https://code.wireshark.org/review/17631
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Note that you should probably uninstall the NSIS package first if it's
installed. Set the compression level to "high".
Change-Id: I10de8df580f8410fd13cdf414db1b1812a9fcf02
Reviewed-on: https://code.wireshark.org/review/17566
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Append the length to the extension and display the contents of
unknown extensions as bytes.
Change-Id: Iba1204a1d5e187f28cb41c4369b10eeb86e6b43a
Reviewed-on: https://code.wireshark.org/review/17265
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
mkcap.c is not used in any place.
Change-Id: Ie29b2ed66bc304a5b6a19fc9128ead2958f8062a
Reviewed-on: https://code.wireshark.org/review/17610
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
wtap_get_all_file_extensions_list was renamed in v2.3.0rc0-621-g4a6dde1
ws_strtou* functions were introduced in v2.3.0rc0-544-gba981ac
get_guint32 and get_nonzero_guint32 were added in v2.3.0rc0-595-ge09b03e
Change-Id: I9aea9c48f2da03590952b995fd21cddb17532af0
Reviewed-on: https://code.wireshark.org/review/17629
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The bytes that are not part of the address are not dissected.
Added them to the tree as "unused", to have a complete dissection
of the packet.
Found by incomplete dissector check.
Change-Id: Iafffebe8bc0f8254ac0b451d007e0a99aab91924
Reviewed-on: https://code.wireshark.org/review/17608
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 12687
Change-Id: Ib489b4c6aff1e0611e9b8a086054e56284f24b84
Reviewed-on: https://code.wireshark.org/review/16787
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
These programs resulted on a memleak report on exit.
Change-Id: I630618f50d723b7af4cb00ba29671d4e7c6fcdc2
Reviewed-on: https://code.wireshark.org/review/17623
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The version string stuff mirrors an earlier tshark change. Move some
cleanup calls (in case no packets are selected) and add wtap_close.
Change-Id: I6f282e89279a732c226824e10857be04b40841e8
Reviewed-on: https://code.wireshark.org/review/17621
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Mirrors the behavior of wtap_close.
Change-Id: I1a04878fdd0409fa74931737332f9b8a1ae77fb1
Reviewed-on: https://code.wireshark.org/review/17620
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
We support reading some types of files that aren't capture files, in
case we have a dissector for that file format (because, for example,
it's often transported over HTTP). Don't include them in the set of
files "All Capture Files" matches; you can still look for them as they
have individual entries in the drop-down menu of file type patterns.
Ultimately, there should be Fileshark/TFileshark programs to read those
files - and other file types, and even capture files if the goal is to
look at the file structure rather than at the packets - and *that's* the
program that should offer the ability to load JPEGs and so on.
(No, this does not reduce the "All Capture Files" list down to a level
that makes the problem in bug 12837 go away. The right way to fix
*that* is to arrange, somehow, that the "All Capture Files" entry not
actually list all the suffixes it matches.)
Change-Id: I705bff5fcd0694c6c6a11892621a195aa7cd0264
Reviewed-on: https://code.wireshark.org/review/17619
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The documentation for the [Launch]SingleAppInstance key doesn't seem
to match its behavior in that its default value (true) keeps multiple
portable instances from running, at least for us. Set it to false since
we're happy with users running as many concurrent instances as they can
stand. Set the related SinglePortableAppInstance key to false while
we're here in case its default value ever changes.
Change-Id: Iea1a6a80d5b204814b7569776734e0b0e254d657
Reviewed-on: https://code.wireshark.org/review/17616
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
A single name resolution checkbox was added to the file dialog way back
in 2000 in g0f7cf64. At that time it was needed because resolution was
synchronous and could drastically affect your load time. Since then
we've added asynchronous name resolution and more recently made it
mandatory (ge005bc8). We've also added more name resolution checkboxes
and other controls.
Remove the name resolution checkboxes. You can just as easily change
resolution options before or after opening a file and they take up
valuable real estate.
Combine the size and packets in the Qt and Win32 dialogs and
pretty-print the size. Combine the start and elapsed times in the Qt,
Win32, and GTK+ dialogs. This lets us shrink the custom areas of the
file dialogs even further. Make the default file type combo item more
descriptive.
Change-Id: Id770adc0f284a4c7f08ee5a7db84f8435f4bf907
Reviewed-on: https://code.wireshark.org/review/17597
Tested-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
It was just a wrapper over regular HTTP dissector, which can already
pick its own ports to use.
Also some other minor cleanup related to removal.
Change-Id: I20dd37670c676551a06aaeb69fd657684af9685d
Reviewed-on: https://code.wireshark.org/review/17567
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
-Manufacturer error field has 5 bytes (not 4)
-corrected two descriptions
Change-Id: Ic6f3e8fdf08c52f1d4f987410e1e0597a9f6aaed
Reviewed-on: https://code.wireshark.org/review/17575
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The protocol version from a SSL/TLS record contains the minimum
supported SSL/TLS version and is the best guess for Client Hello
handshake messages if no authorative version is available.
By considering the version from the conversation for the initial
col_set_str call, we can also remove some other calls down the road.
Change-Id: I4be25f5c9057ffd0abcea7280d826867c135fed7
Reviewed-on: https://code.wireshark.org/review/17490
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Have xml_get_int() handle the setting of the two error reporting values
and give a better error message. Have it check to make sure that there
isn't cruft after the digits.
Change-Id: Id590430eb52668ef76de8aa7096a27d8fc094208
Reviewed-on: https://code.wireshark.org/review/17601
Reviewed-by: Guy Harris <guy@alum.mit.edu>