and when called from TCP this pointer would be uninitialized and thus dump core when dereferenced.
at the same time remove the rotating buffers
this fixes bugs 498 and 501
svn path=/trunk/; revision=16117
instead of calling the tcp analysis (and prepend colingo) eitehr after the subdissector returned normally or if an exception caused by a subdissector was rised.
this as a sideffect caused tcp analysis data to be overwritten if the subdissector caused any output to the info column. (and made tcp analysis suboptimal)
this change adds a new function col_prepend_fence_fstr() that will prepend
the info column with the string and also, if there was no fence already defined, create a fence and set it after the prepended col info text.
This way, even if the subdissectors generate and rewrite col info, the tcp analysis data will still be displayed on the info column.
svn path=/trunk/; revision=16116
"dissect_nt_sec_desc()". Add a Boolean argument to
"dissect_nt_sec_desc()" to indicate whether a length was passed to it
(so we don't treat -1 as a special value; we want to stop treating -1 as
a special length value, and, in fact, want to stop treating *any*
negative length values specially, so that we don't have to worry about
passing arbitrary 32-bit values from packets as lengths), and have
"dissect_nt_sec_desc()" initially create the protocol tree item for the
security descriptor with a length of "go to the end of the tvbuff", and
set the length once we're done dissecting it - and, if the length was
specified, check at *that* point, *after* we've dissected the security
descriptor, whether we have the entire security descriptor in the
tvbuff.
That means that we don't have to worry about overflows after
"dissect_nt_sec_desc()" returns - if the length was so large that we
would have gotten an overflow, we'd have thrown an exception in the
"tvb_ensure_bytes_exist()" call at the end of "dissect_nt_sec_desc()".
Do sanity checks on offsets within the security descriptor, so we know
the item referred to by the offset is after the fixed-length portion of
the descriptor.
svn path=/trunk/; revision=16113
BER identifier and length information; calling
"dissect_ber_identifier()" and "dissect_ber_length()" with a null tree
argument doesn't have any advantages over that.
Don't put an octet string into the protocol tree twice, once with
"dissect_ber_octet_string()" and once with the real value; once is enough.
svn path=/trunk/; revision=16112
Ethernet packets with a length field as LANE packets, and doesn't do so
for packets that appear to be LANE-encapsulated Ethernet packets with a
type field, is too weak. Back out that part of the heuristics added in
the previous checkin.
svn path=/trunk/; revision=16111
problems, and use the first routine in it in multiple places.
Get rid of DISSECTOR_SUPPORT_INCLUDES - just add its contents to
ETHEREAL_COMMON_INCLUDES.
svn path=/trunk/; revision=16109
Due to the fact that 3G Signaling appears at an undefined VPI/VCI I added a heuristics (very simple) which should take care of this fact.
svn path=/trunk/; revision=16108
The current ethereal eDonkey dissector fails to handle a number of valid packet types - in particular the normal server<->client communication between current eserver and eMule versions (from both
sides) produces packets which ethereal incorrectly claims to be malformed.
This patch fills in these holes.
svn path=/trunk/; revision=16107
1) Fixes context-tagged BACnet errors.
2) Fixes indeterminate tag data. If the tag length/value/type variable
was 6 or 7 you could not tell whether it was an open/close tag or had
length 6/7.
3) Don't make assumptions about property types for proprietary BACnet
object types.
svn path=/trunk/; revision=16104
bug 497 (as well as a crash on an *unfuzzed* IAX2 capture!).
Set "pinfo->can_desegment" before calling dissectors; that's expected
for dissectors that do TCP-style desegmentation.
svn path=/trunk/; revision=16099
fact, in GLib 1.2, it *can't* have one. As the value destroy function
for this hash table does nothing, don't bother with it - and create the
hash table with "g_hash_table_new(), rather than
"g_hash_table_new_full()", so it works with GLib 1.2[.x].
svn path=/trunk/; revision=16096
Now the timer callback function will call the pipe read function up to 5 times to avoid this, but won't do this more often to prevent "endless blocking".
svn path=/trunk/; revision=16091
04-stream.diff
A simplified packet reassembly API built on top of fragment_add_seq_next for
reassembling fragments that are delivered in-order, where fragments are
identified by a framenum and an offset into that frame. Streams are attached
to a conversation or a circuit and are unidirectional.
svn path=/trunk/; revision=16082
New "Fax T38 Analysis" added to the "Statistics" menu to:
- Reassemble the HDLC t30 frames and dissect the header.
- Analyze the UPDTLPacket seq num for packet lost
- Stats of V.x Data:
- Count the Data bytes
- Duration
- Wrong seq num
- Max Burst of packet lost
svn path=/trunk/; revision=16073
X420 - incorrect ExtendedBodyPart handling
ACSE - support for implicitly tagged EXTERNALs and dissection based upon direct-reference RTSE - same change for RTSE EXTERNAL handling as above CMS - support for ContentType, MessageDigest, SigningTime and CounterSignature attributes ESS - support for ESSSecurityLabel and EquivalentLabels attributes
svn path=/trunk/; revision=16072
X420 - incorrect ExtendedBodyPart handling
ACSE - support for implicitly tagged EXTERNALs and dissection based upon direct-reference RTSE - same change for RTSE EXTERNAL handling as above CMS - support for ContentType, MessageDigest, SigningTime and CounterSignature attributes ESS - support for ESSSecurityLabel and EquivalentLabels attributes
svn path=/trunk/; revision=16071
X420 - incorrect ExtendedBodyPart handling
ACSE - support for implicitly tagged EXTERNALs and dissection based upon direct-reference RTSE - same change for RTSE EXTERNAL handling as above CMS - support for ContentType, MessageDigest, SigningTime and CounterSignature attributes ESS - support for ESSSecurityLabel and EquivalentLabels attributes
svn path=/trunk/; revision=16070
allows the dissection of ContentInfo based upon it's OID - something that is used for a secure X.400 messages (Protecting Content Type (PCT)).
svn path=/trunk/; revision=16069
00-iax.diff
Modifications to the IAX2 dissector so that it offers desegmentation to
subdissectors using the same API as TCP offers (pinfo->desegment_len etc)
01-amr.diff
Modifications to the AMR dissector to allow AMR IF2 data to be dissected via
call_dissector() from packet-h223.c. This patch also causes the AMR dissector
to append the frame type string to the info column, so that the info column
shows what protocols an H.223 frame contains.
02-h263-data.diff
Modifications to packet-h263.c to separate the dissection of h.263 RTP
encpasulation from the dissection of the actual h.263 data. The data
dissection functions are added as a second dissector. This data-only
dissector is used to dissect the video channel in our h.223 streams. As with
the AMR modification, this makes the H.263 dissector append to the info
column.
svn path=/trunk/; revision=16068