"tvb_get_nstringz0()", as it means there's no room even for the
terminating NUL; abort if "_tvb_get_nstringz()" is passed a bufsize of
0.
Don't throw an exception in "tvb_get_nstringz0()" if
"_tvb_get_nstringz()" returns 0 - that just means we have an empty
string.
svn path=/trunk/; revision=8150
not to include DEL as printable ASCII.
Also change the check in strutil.c to do it by redefining "isprint()",
as is done in "gtk/gtkglobals.h", rather than by #ifdeffing the point at
which the test is done.
svn path=/trunk/; revision=8118
"dissector_get_port_handle()", "dissector_handle_get_short_name()",
"dissector_handle_get_protocol_index()", "new_register_dissector()", and
"new_create_dissector_handle()" to the list of APIs available to
plugins on platforms where plugins have to call core Ethereal routines
through pointers.
"extern"alize the remaining routines in "epan/packet.h".
svn path=/trunk/; revision=8116
use them when generating display filters to match field values. Use
"%{FLT_DIG}g" rather than "%{FLT_DIG}f" for FT_FLOAT.
svn path=/trunk/; revision=8109
Besides "STRING", there is now "UNPARSED_STRING", where the distinction
is that "STRING" was a double-quoted string and "UNPARSED_STRING" is just
a sequence of characters that the scanner didn't know how to scan/parse,
so it's up to the Ftype to parse it.
This gives us more flexibility and prepares the dfilter parsing engine
for the upcoming addition of the "contains" operator.
In the process of doing this, I also re-did the double-quoted string
support in the scanner, so that instead of the naively-simple support we
used to have, double-quoted strings now can have embedded dobule-quotes,
embedded octal sequences, and embedded hexadecimal sequences:
"\"" embedded double-quote
"\110" embedded octal
"\x48" embedded hex
Enhance the dfilter unit test script to be able to run a single collection
of tests instead of having to run all of them all the time.
svn path=/trunk/; revision=8083
have plugin support. (Don't do so if we *do* have it, because if
"proto_init()" ever changes so that it doesn't use the argument even if
we have plugin support, we want a warning so we know that we should get
rid of that argument.)
svn path=/trunk/; revision=7972
Make it have the usual collection of 3 static buffers, just in case
somebody decides to call it more than once in the same
printf-like-routine call.
svn path=/trunk/; revision=7940
removed two hf fields that are now redundant since F_CTL is decoded
placed most interesting header fields in a struct
added request response matching and measurement of delta time between the first and the last frame of an exchange.
todo:
1, finish restructure of decoding of fc header so that
it will populate the tree as it reads more data fields from the tvb
so that we can get useful info in the tree even for short frames.
2, add TAP to fc and pass the header struct and the time delta struct to
tap listeners
3, add ServiceResponseTime tap listener for FC
svn path=/trunk/; revision=7923
variables the user configures - the user isn't expected to change
GLIB_LIBS or GTK_LIBS, and there's a comment nothing that users
shouldn't have to do so), which contain the appropriate libraries for
building stuff that requires only GLib, and stuff that required GTK+ and
GLib, respectively, and use those macros in the Makefile.nmake files.
svn path=/trunk/; revision=7885
variables the user configures - the user isn't expected to change
GLIB_CFLAGS or GTK_CFLAGS, and there's a comment nothing that users
shouldn't have to do so), which contain the appropriate "/I" flags for
building stuff that requires only GLib, and stuff that required GTK+ and
GLib, respectively, and use those macros in the Makefile.nmake files.
svn path=/trunk/; revision=7884
GNU ADNS or not - set it based on whether ADNS_DIR is defined by
"config.nmake", and make "config.h.win32" files that specify whether we
have GNU ADNS dependent on "config.nmake".
Note in "config.nmake" that:
if you have GNU ADNS, ADNS_DIR should be defined as the
directory in which the ADNS .lib file resides;
if you don't have GNU ADNS, ADNS_DIR shouldn't be defined.
svn path=/trunk/; revision=7860
tvb_get_string() - takes a tvbuff, an offset, and a length as
arguments, allocates a buffer big enough to hold a string with
the specified number of bytes plus an added null terminator
(i.e., length+1), copies the specified number of bytes from the
tvbuff, at the specified offset, to that buffer and puts in a
null terminator, and returns a pointer to that buffer (or throws
an exception before allocating the buffer if that many bytes
aren't available in the tvbuff);
tvb_get_stringz() - takes a tvbuff, an offset, and a pointer to
a "gint" as arguments, gets the size of the null-terminated
string starting at the specified offset in the tvbuff (throwing
an exception if the null terminator isn't found), allocates a
buffer big enough to hold that string, copies the string to that
buffer, and returns a pointer to that buffer and stores the
length of the string (including the terminating null) in the
variable pointed to by the "gint" pointer.
Replace many pieces of code allocating a buffer and copying a string
with calls to "tvb_get_string()" (for one thing, "tvb_get_string()"
doesn't require you to remember that the argument to
"tvb_get_nstringz0()" is the size of the buffer into which you're
copying the string, which might be the length of the string to be copied
*plus 1*).
Don't use fixed-length buffers for null-terminated strings (even if the
code that generates those packets has a #define to limit the length of
the string). Use "tvb_get_stringz()", instead.
In some cases where a value is fetched but is only used to pass an
argument to a "proto_tree_add_XXX" routine, use "proto_tree_add_item()"
instead.
svn path=/trunk/; revision=7859
Add a new routine to iterate through all dissector tables, calling a
routine for each table, to support having the "-d" code list all
dissector tables.
Get rid of "dissector_handle_get_dissector_name()"; it was put in there
for "-d", but turns out not to be necessary for that.
Clean up the usage message a bit (using the convention, adhered to by at
least some UNIX utilities, of listing all the flags with no arguments in
a single lump, and then listing the ones with arguments individually,
and also putting "-v" and "-h" in a separate lump, as Ethereal does).
svn path=/trunk/; revision=7788
value, just copy the specified number of bytes and stick a '\0' at the
end, don't use "tvb_get_nstringz0()" - yes, you end up copying more
bytes, but you don't have to bother looking for a '\0' that might not
even be present (if the string is null-padded rather than
null-terminated).
Also, set the length of the item to the specified length, rather than to
the length up to the terminating '\0' - if the string is null-padded,
the field should include all the padding bytes.
svn path=/trunk/; revision=7785
length (rather than being given -1), the length is, in most cases, the
maximum length of a null-*padded* string, rather than the actual length
of a null-*terminated* string. Treat it as such - allocate a buffer one
larger than the length (to leave room for a terminating '\0'), and pass
the size of that buffer to "tvb_get_nstringz0()". (Otherwise, in those
cases, the last character of the string is chopped off.)
Allow "proto_tree_add_string()" to add FT_STRINGZ items to the protocol
tree, as well as FT_STRING items.
In "alloc_field_info()", if we're passed a length of -1 and the field is
an FT_STRINGZ, don't make the length be the length remaining in the
tvbuff; that way, you *can* use a length of -1 in
"proto_tree_add_item()" for an FT_STRINGZ item, and have it get the
actual length by looking for the terminating '\0'.
(We might want to distinguish between null-terminated and null-padded
strings, e.g. with an FT_STRINGZPAD type. Null-terminated strings
rarely, if ever, have a specified length; the length is found by
scanning for the terminating '\0'. Null-padded strings presumably
always have a specified length, which is the length to which the string
is padded.)
svn path=/trunk/; revision=7784
Things can happen if we pass a zero buffer length to tvb_get_nstringz0().
Throw an exception if this happens.
In various dissectors make sure the tvb_get_nstringz0()'s buffer length
is greater than zero.
svn path=/trunk/; revision=7688
add support for a system-wide color filter file;
fix a bug where "read_filters()" didn't close the file handle.
Use the "get_datafile_path()" routine he added to construct the pathname
of the Diameter directory, the global preferences file, and the manuf
file.
svn path=/trunk/; revision=7677
is defined (as it's defined, and called, regardless of whether
HAVE_GNU_ADNS is defined), and get rid of the extra declarations of the
ADNS support routines.
svn path=/trunk/; revision=7644
"host_name_lookup_process()", and "host_name_lookup_cleanup()" if we
don't have GNU ADNS, so that Ethereal compiles without GNU ADNS.
Declare the argument lists of "host_name_lookup_init()" and
"host_name_lookup_cleanup()" as empty, C89-style, rather than as
unknown.
svn path=/trunk/; revision=7641
Support can be enabled at configure time by using "--with-adns=DIR".
If support is enabled, async queries happen whenever host name resolution
is enabled. Do we need a separate preference for async queries?
Currently, only IPv4 reverse queries are supported. I can add IPv4 forward
lookup support, but I don't have any way to test IPv6 queries.
svn path=/trunk/; revision=7640
"proto_construct_dfilter_string()", to more accurately reflect what it
does.
Give it, and "proto_can_match_selected()", an "epan_dissect_t *"
argument, which replaces the raw data pointer argument to
"proto_construct_dfilter_string()".
For fields that don't have a type we can directly filter on, we don't
support filtering on the field as raw data if:
the "epan_dissect_t *" argument is null;
the data source tvbuff for the field isn't the tvbuff for the
"epan_dissect_t" in question (i.e., it's in the result of a
reassembly, and "frame[N:M]" can't get at it).
Trim the length the raw data in the case of such a field to the length
of the tvbuff for the "epan_dissect_t" in question, so we don't go past
it. Fetch the raw data bytes to match from that tvbuff.
Have "proto_construct_dfilter_string()" return a null pointer if it
can't construct the filter string, and have "protocolinfo_packet()" in
the tap-protocolinfo tap ignore a field if
"proto_construct_dfilter_string()" can't construct a filter string for
it - and have it pass NULL as the "epan_dissect_t *", for now. If
somebody decides it makes sense to dump out a "frame[N:M] =" value for
non-registered fields, it can be changed to pass "edt".
svn path=/trunk/; revision=7635
given a tvbuff/offset pair referring to the byte past the end of the
item. Use it in one place in the SMB dissector (there are plenty of
other places where it could be used as well).
svn path=/trunk/; revision=7603
tvbuff.c:
Lots of existing code assumes that you can safely do the following:
#define MAX_BUF 64
guint8 *buf[MAX_BUF];
...
tvb_get_nstringz0 (tvb, offset, MAX_BUF, buf, &bytes_copied);
In reality, tvb_get_nstringz*() can potentially write one byte past
"buf". Modify _tvb_get_nstringz() not to do that.
packet-ppp.c:
Check for a valid BAP suboption length.
packet-mount.c:
Fix a possible integer overflow in dissect_group().
svn path=/trunk/; revision=7590
ONCRPC dissector updated to provide hint to TCP where the next RPCoverTCP
PDU starts as example.
Trivial updates to the other TCP based protocols required to amke them handle
this as well. See the updates to packet-rpc.c as an example.
This is enabled by activating tcp analysis and provides hints to TCP to know where PDUs starts when not aligned to the start of the segment.
svn path=/trunk/; revision=7543
to "protect" what's currently in the column, so that attempts to clear
the column will only clear stuff after the fence and attempts to
overwrite the column will append stuff after the fence. This, for
example, allows a dissector to arrange that the Info column contain
information for its protocol and for protocols running atop it.
svn path=/trunk/; revision=7466
in the configure script for the all-variables-expanded version of the
data file directory.
Don't AC_SUBST "DATAFILE_DIR", as it's not used.
Define DATAFILE_DIR in config.h as the all-variables-expanded version of
$datadir/ethereal, as that's where the global configuration files such
as manuf and the Diameter files are actually installed.
svn path=/trunk/; revision=7368
1. On Solaris, inet_ntop and inet_pton need to be linked against
-lnsl. AC_CHECK_FUNC() isn't good enough unless LIBS already
has -lnsl.
2. On IRIX, the blanket redefinition of the inet_ntop function
prototype is incorrect (compiling with MIPSpro 7.4):
cc-1143 cc: ERROR File = inet_v6defs.h, Line = 32
Declaration is incompatible with
"const char *inet_ntop(int, const void *, char *, socklen_t)"
(declared at line 89 of "/usr/include/arpa/inet.h").
extern const char *inet_ntop(int af, const void *src, char *dst,
^
1 error detected in the compilation of "inet_pton.c".
gmake[4]: *** [inet_pton.o] Error 2
On IRIX, the correct prototype is:
extern const char *inet_ntop(int, const void *, char *, socklen_t);
Rather than blindly replacing the prototype we detect if a
prototype exists and define it only if one does not exist.
svn path=/trunk/; revision=7218
Get rid of acconfig.h, as it's an archaism; put descriptions
into AC_DEFINE instead. That squelches some warnings from
later versions of autoconf.
Fix an unquoted call to AC_MSG_ERROR.
Move the stuff to define HAVE_SOME_SNMP into configure.in.
svn path=/trunk/; revision=7203
give it a byte-order argument, and move it to "epan/tvbuff.c".
Use it to handle UCS-2 strings in version 1 of the Service Location
Protocol. In SRVLOC V1, use registered fields that are already there
for SRVLOC V2, and add some as needed. Fix some field names.
svn path=/trunk/; revision=7186
epoch-in-seconds value and converts it to a string.
Use that routine in the RADIUS dissector, rather than using "ctime()"
and "tzname[]" - "tzname[]" strings might contain non-ASCII characters,
which currently give the GTK+ 1.3[.x] used on Windows, and also, I
think, GTK+ 2.x, heartburn, as they expect UTF-8, not, for example, ISO
8859/1.
Fix the string length in "abs_time_to_str()".
svn path=/trunk/; revision=7124
of their value. Provide such a method for FT_BYTES, FT_UINT_BYTES,
and FT_ETHER. Have proto_alloc_dfilter_string() use the new methods.
This is part of a movement of ftype-related code out of proto.c and
into the ftype code. The immediate effect is that generated display
filters for long byte sequences don't incorrectly have trailing periods
("...") to indicate continuation.
svn path=/trunk/; revision=7100
to be using it for stuff that should be hex, and for stuff that should
be Boolean. Use BASE_DEC if it should be decimal, BASE_HEX if it should
be hex, and make it Boolean if it should be Boolean.
svn path=/trunk/; revision=7053
configure option is given on the command line. The value of the arguement
is passwd in the enableval variable. The 4th argument tells what to do in
case no command line argument was given.
This causes --disable-gtk2 (which is the default) to behave differently
from the case when no option is given.
I do not really understand where the difference in the behaviour of the
generated codes comes from, but I definitely see a difference.
Fixed all occurrences where the 3rd arguement was empty.
svn path=/trunk/; revision=7044
multi-byte integral quantities and blithely dereference them, lest thou
enrage those of us who work on machines that trap on unaligned
references.
svn path=/trunk/; revision=7021
- A new decoder called MDSHDR which decodes the internal header of the
Cisco MDS switch (this is different from the Boardwalk header).
- Support for some more new columns as part of FC support.
- Fixed the decoding of the Special Frame in FCIP.
- Fixed the decoding of credit management type field in FLOGI/PLOGI frame
in FC-ELS.
svn path=/trunk/; revision=6974
error packets, the copy of the packet that got the error, rather than
doing it in the CLNP dissector and the ICMP dissector and the ICMPv6
dissector and the PPP dissector for various control protocols; have it
do that work iff "pinfo->in_error_pkt" is set.
svn path=/trunk/; revision=6942
script for the plugin directory; in most Makefile.am files it's set with
plugindir = @plugindir@
(along the lines of what's done with other variables with pathnames -
the variable name is all lower case), so the variable needs to be named
"plugindir".
Fix the DOCSIS plugins' Makefile.am to use "plugindir".
Don't bother doing "AC_SUBST(PLUGIN_DIR)", as no Makefiles use
PLUGIN_DIR as an autoconf variable.
svn path=/trunk/; revision=6887
we also call the proper DCERPC subdissector.
With this change ethereal will call the SAMR dissector and dissect the
decrypted SAMR packets in devins capture.
svn path=/trunk/; revision=6855
characters that aren't printable ASCII, as GTK+ for Windows thinks
strings are UTF-8 but the strings we give it wouldn't be UTF-8.
svn path=/trunk/; revision=6832
"epan/proto.c" to properly handle string truncation (by checking both
for -1 and a value larger than the buffer size as an indication of
truncation, as some older versions of those routines return -1, and, if
the string was truncated, putting in a trailing '\0', as "snprintf()" on
some platforms might not put the trailing '\0' in).
svn path=/trunk/; revision=6830
frame number, which is always decimal. If you select an FT_FRAMENUM
field, there are menu items that let you go to the frame whose frame
number appears in that field.
Add FT_FRAMENUM fields for the ONC RPC "matching request is in this
frame" and "matching reply is in this frame" protocol tree items.
svn path=/trunk/; revision=6802
changes to the actual argument lists in the calls (putting the byte
string length after the byte string pointer).
Make the byte string length actually be the length, not the length - 1.
Use a #define for the longest byte string it can handle, and put in a
"g_assert()" to check the sanity of that length.
svn path=/trunk/; revision=6774
channel number, X.25 logical channel number).
Clean up white space and the like, and get rid of unnecessary arguments
to "col_set_port()".
svn path=/trunk/; revision=6772
"ether_to_str_punct()" no longer deals only with Ethernet-style
addresses, as it now takes a length argument, rename it
"bytestring_to_str()" - and make it static, as it's not used outside
"to_str.c".
Get rid of unused "fc_to_str_buf()" routine.
svn path=/trunk/; revision=6770
be installed - don't explicitly search
"/usr/lib/ethereal/plugins/{version}" or
"/usr/local/lib/ethereal/plugins/{version}", so that if there's more
than one version of Ethereal installed, we don't end up picking up
plugins from the wrong version.
svn path=/trunk/; revision=6766
Guy Harris