Use enum values instead of manual constants in value_strings. This was
introduced by r47218, which was designed to fix r47209, which would have been
correct in the first place if the value_strings hadn't been full of hacks.
I think everything is correct now. Perhaps it may be worth using extended
value_strings though, since most of the tables seem to be consecutive in order?
svn path=/trunk/; revision=48345
Needed to convert use of old IEEE802.11 preference strings to UAT. Since UAT is self-contained within its own file, the entire preference file doesn't need to be rewritten/saved when UAT values are changed.
svn path=/trunk/; revision=48308
I have just finished slightly refactoring part of the PN532 dissector's
with InListPassiveTarget Response handler, to resolve some issues where
ISO 14443-A UIDs of various lengths in the aforementioned packet types
are incorrectly dissected.
The patch also introduces basic support for identifying, and dissecting
InListPassiveTarget Responses from cards/tokens with variable-length
Answer To Select (ATS) payloads, such as contactless EMV payment smartcards.
svn path=/trunk/; revision=48306
According to the latest TS29.274 -- adding 4 IE support: H(e)NB Information Reporting[165]; IPv4 Configuration Parameters (IP4CP)[166]; Change to Report Flags[167]; Action Indication[168]
-- cause values of IE(Cause)
svn path=/trunk/; revision=48301
patch to remove C++ incompatibilities from packet-lmp.c
renamed class to lmp_class
remove C++ incompatibilities from packet-rcpap.c
renamed class to inst_class (instruction class).
remove C++ incompatibilities from emem.c and oids.c
remove C++ incompatibilities from packet-radius.c
remove C++ incompatibilities from packet-enip.c
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8416
svn path=/trunk/; revision=48299
Also:
- remove some unneeded initializers;
- remove several unneeded 'col_clear()' calls;
- guint8 --> guint to prevent a possible overflow;
- reformat for style in some cases.
svn path=/trunk/; revision=48297
Need to add support for WAPI parameter set IE in management frames.
We already have WAI frames dissection support in place.
From me:
Small changes...
- Add links to WAPI specs
- Replace tabs by space
- Remove whitespaces
svn path=/trunk/; revision=48276
length.
While SPC-2 only has one byte for allocation length
Change this to treat allocation length as a 16 bit quantity starting one byte prior to the current single byte that wireshark dissects.
This makes it correct for SPC-3 and later and still works for SPC-2 since that first byte is reserverd, == must be 0, in SPC-2 and prior.
svn path=/trunk/; revision=48258
tipc: update link header according to spec
The bcastsequence gap have been removed, and the sequence field is now 13 bits.
svn path=/trunk/; revision=48238
Added functionality:
- SMB2 support for Export->Objects->SMB
- support for SMB_COM_CREATE, SMB_COM_OPEN, SMB_COM_READ and SMB_COM_WRITE commands
- Ability to choose between File Id and full file name as identifier for file re-building. Implemented as an option under Edit->Preferences->Protocols->SMB and Edit->Preferences->Protocols->SMB2.
Other minor changes and fixes:
- Full filename in file
- Inclusion of IP of SMB server when treeid name (i.e. hostname) is not known
- UTF-8 filenames encoding before passing them to Export Object Window
- Re-written insert_chunk function of export_object_smb.c to make it easier to debug
- Fixed of an error in insert_chunk function of export_object_smb.c (the verification of next free_chunk was always skipped after deleting one free_chunk).
- Removed duplicated code by inserting the function feed_eo_smb in packet-smb.c and packet-smb2.c
- Changed the label of Export->Objects->SMB menu into Export->Objects->SMB/SMB2
svn path=/trunk/; revision=48210
1. Convert more proto_tree_add_text to proto_tree_add_<something else>/expert_info. checkAPIs.pl is happy (for packet-rtps.c), but the raw number is a bit deceiving because of macros and wrappers.
2. Fixed the offending "uses snprintf + strlen to assemble strings" in packet-rtps.c. The exact same code is used in packet-rtps2.c, so just proper refactoring will fix it. There is still too much unnecessary use of g_snprintf/g_strlcpy/strlen, but that's for a later date.
3. Removed most of the "useless" wrapper functions. Again, the number of proto_tree_add_text is deceiving, so the number of hfs that really need to be created is much larger.
4. Whitespace cleanup. Removed a lot of whitespace so I could see more code on the screen, to help determine duplication between packet-rtps.c and packet-rtps2.c Comments/descriptions of fields remain untouched.
The more I trim, the more I think this should all be in a single dissector file, which will be the goal of the next update. Trying to patch this in somewhat manageable chunks.
Also need to submit sample traces generated for (fuzz)testing.
svn path=/trunk/; revision=48206
adding the fields to the protocol tree as we fetch them, rather than
fetching a bunch of them up front. That way, if the packet was cut
short by a snapshot length, we'll dissect what we have.
Create the top-level tree item at the beginning, with an unknown length,
and set the length when we're done. If we're putting details into that
item, update the item as we process each field; also update the Info
column as we process each field.
Don't use tvb_bytes_exist() to do our own tvbuff bounds-checking; let
the tvbuffs themselves do that. Do not use it to do header-length
checking; check the actual header length value instead.
Do not fail if the *captured* data in the tvbuff is too short; we're
selected by an IP protocol number, which we can expect to definitively
identify us, not by a transport-layer port number, which is often an
unreliable identifier.
Do header length checks as we go along, and bail as soon as we identify
the header length as wrong. (We do the first check once we get the X
bit, so we know whether the generic header is 12 or 16 bytes long.)
Treat a too-*large* header as a protocol violation, not a malformed
packet indication.
Use tvb_get_ntoh24() and tvb_get_ntoh48() to fetch the sequence number,
rather than fetching it in pieces and putting them together ourselves.
Correctly pluralize "byte".
Don't use tvb_length_remaining() to check whether we have a payload, use
tvb_reported_length_remaining(), so we base it on whether the packet
actually had the data, not on whether we actually captured it.
svn path=/trunk/; revision=48201
If we don't decode a tag, just say "Undecoded" on the top-level item;
the tag name or number is already on that item, and the length is
underneath it.
svn path=/trunk/; revision=48180
reject packets that don't look enough like GTP/GTP' packets. This fixes
bug 1706, and fixes some other cases where non-GTP/GTP' packets are
being dissected as GTP/GTP'.
svn path=/trunk/; revision=48118
packet-bssgp.c: In function 'de_bssgp_unconfim_send_state_var':
packet-bssgp.c:3318:13: error: variable 'state_var' set but not used [-Werror=unused-but-set-variable]
svn path=/trunk/; revision=48095
Fix indentation.
Fix a proto_tree_add_uint_format_value() call not to include the name of
the field - proto_tree_add_uint_format_value() will add that for you.
Have dte_address_util() take the offset of the address as an argument;
it's not always at the same offset from the beginning of the facility.
Have it return the pointer to the generated string directly, rather than
through a pointer argument.
Create only one subtree for each facility, and give it a text description
of the facility code rather than the numerical value of the facility
code. Make the top-level item for the facility cover all the bytes of
the facility, including code, length if present, and parameters.
Dissect the end-to-end transit delay and priorities facilities
completely. Also, fix an incorrect use of "transmit delay" to say
"transit delay".
Get rid of the last of the spaces preceding colons in "Field: value"
descriptions and in a "default:" case label.
Do the data vs. non-data packet thing ith
if (PACKET_IS_DATA(pkt_type)) {
...
} else {
...
}
rather than, in effect, doing the "else" with a break; that makes the
code a bit clearer.
Put the logical channel number into the protocol tree in common code for
the default case, rather than doing it separately for data and non-data
packets. Clean up the dissection of non-data packets to add entries
before updating the columns, so that we don't throw an exception
updating the columns before we get to add items that wouldn't throw
exceptions. Clear the Info column early in the dissection, in case we
throw an exception before getting to set it and thus leave behind the
column information for the protocol atop which we're running.
svn path=/trunk/; revision=48093
1. Cleanup COL_INFO processing
2. Add expert_info for "octet_to_next_header" ranges
3. Check "RTPS" all at once
4. Remove some unnecessary function declaration.
Next is probably consolidating packet-rtps.c and packet-rtps2.c as there seems to be a lot of duplicative functionality.
svn path=/trunk/; revision=48082
hf_gtp_next.
Don't do "dummy" dissection of extension headers that we don't actually
dissect - we label them by next extension header type, and dissect them
in the default case, which should suffice (until somebody adds
dissection for those types).
svn path=/trunk/; revision=48075
Extend RTP dissector with ED-137 extension
From me: Don't try to dissect a non-existent payload (see comment #9
on the bug).
svn path=/trunk/; revision=48069
Give URLs for the 3gpp.org pages for all those specs.
Add #defines for all the GTP v1 extension header types we handle.
"gtp_prime" is a Boolean; make it a gboolean.
Dissect the first 4 octets of the header one field at a time, so that if
the packet is cut short by a snapshot length we at least dissect what's
there.
32.295 isn't entirely clear on what the 20-byte header for GTP' v0 is;
assume it's the same as the header for GTP v0.
Once we've fetched the length field from the fixed-length portion of the
header, set the length of the tvbuff to the sum of the offset past the
fixed-length portion and the length field, to catch running past that
value.
Use GTP_E_MASK|GTP_S_MASK|GTP_PN_MASK as the mask for testing for the
presence of those fields, to make it a bit clearer what's being checked
for.
Don't actually add those fields to the protocol tree unless the flag for
the field is set.
We only need one chunk of code to handle extension headers.
Make that chunk a loop, and put the header in as an FT_NONE item, with
the length, header data, and next header under it. Put the initial next
header field in as well. (We treat this like IPv6 extension headers,
with the next header field being part of the previous header, rather
than like a set of TLVs, with the next header field being the type value
of its header.)
Fail if the extension header length is zero.
Use the reported length when processing IEs or T-PDU payload.
svn path=/trunk/; revision=48068
In the array of WME AC names, the name for tid 3 is wrongly named as "Video" it should be "Best Effort" instead.
#BACKPORT(1.8,1.6)
svn path=/trunk/; revision=48062
(Only display the value in decimal don't yet display the Average Access Delay , See 8.4.2.41 BSS Average Access Delay element )
svn path=/trunk/; revision=48057
human-friendly version of the value followed by the raw value, is to put
the human-friendly name first, with the raw value after it in
parentheses. Follow that convention for the command code.
svn path=/trunk/; revision=48029
representation for you; the format string should not include the field
name.
Add protocol items to the SliMP3 tree, not to the top-level tree.
If we're fetching a 16-bit value from the protocol tree and multiplying
it by 2, it won't necessarily fit in a guint16; make the variables used
for that guints.
The sequence field of the MP3 data ack packet isn't being fetched from
the packet, so just use proto_tree_add_item() for it (rather than using
a value fetched for a previous field).
Use %u to format unsigned values.
svn path=/trunk/; revision=48028
before the point at which it's added to the protocol tree.
Put the ATM channel in the ATM tree rather than the top-level tree.
Fix the name for the CPI field (copy-and-pasteo).
svn path=/trunk/; revision=48015
1. Convert proto_tree_add_text to proto_tree_add_item/expert info
2. Change to "new style" dissector
3. Use standard malformed packet interface
Reviewed by Francesco Fondelli
svn path=/trunk/; revision=48009
Centralize logic related to per-interface conversations, and expose it for use
by class-specific dissectors.
Class-specific descriptor dissectors also need to know the interface in whose
context they are called to work.
This is a prerequisite for a USB Video Class dissector, which needs to decode
many class-specific descriptors.
svn path=/trunk/; revision=47990
New dissector for the honeypot-feeds protocol.
From me: Misc. tweaks to expert info layout and remove a few unneeded initializers.
svn path=/trunk/; revision=47962
commented-out/#if-ed-out "Data1" field, as it's the same field.
Give the flags in that field names including "flags".
Shuffle the fields around to put "Flags" (a/k/a Data1) where Data1 was,
and put the bits in that field after it.
Update the URL for the spec at IBM.
Reformat the entries in hf_netb[] to use the same style.
svn path=/trunk/; revision=47933
A detailed diagnostic information contains either a SMS-SUBMIT-REPORT or a SMS-DELIVERY-REPORT. Set P2P direction accordingly.
svn path=/trunk/; revision=47927
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
put the length, identifier, and value as visible sub-items underneath
it. If the length is bad, add an expert info indication under the item
for the length, rather than using proto_malformed. Add checks for the
lengths of each type of subvector.
Add some more subvector types from IEEE 802.5-1998, and use the names
from that spec.
svn path=/trunk/; revision=47923
the compressed data, put the entries for particular parts of that data
under that entry, and, when we have a problem decompressing, add an
expert info item to that entry, rather than just adding text or using
proto_malformed. Do so for *all* decompression problems; in particular,
check for decompressed_entry() returning NULL, which it can do.
tvb_new_child_real_data() won't throw an exception, so don't bother
checking for that.
If, after the first pass, we can't find the uncompressed data for a
frame, report it as a dissector bug.
Check whether we have room for a byte in the uncompressed data buffer
*before* copying it.
Other cleanups.
svn path=/trunk/; revision=47922
way we don't keep two copies of the fragments in memory until the file is
closed.
wmem is probably a better alternative to this.
svn path=/trunk/; revision=47897
Support AES-GCM ipsec encryption using CTR (since libgcrypt doesn't support
GCM). Using CTR instead gets us decryption, but does not verify authentication.
svn path=/trunk/; revision=47886