When rel_id is larger then 6 don't test for this again.
Change-Id: I20c6747b31758eadadfd746bdee2cc168c771799
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/28051
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
c99 is probably a better standard to check against.
Also try to cut down on ASN.1 template and config file testing,
since these fail anyway, not being full source files yet.
Change-Id: I289c35498cf9eba757e46601b4610f085ec4ba77
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/28019
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Looks like this has been broken since Ie46d56aff91694a3b8c4c62b4b03e38d3fb1e68a
Change-Id: Idd6cfc3e8d7f66160157eed393e8528ada7786d4
Reviewed-on: https://code.wireshark.org/review/28040
Reviewed-by: Gerald Combs <gerald@wireshark.org>
... rather than hiding it below the VXLAN tree.
This makes the separation between the VXLAN header and the data clear.
Change-Id: Ifd5a3e4750b68455108f1e282e34a7b2e31f4efd
Reviewed-on: https://code.wireshark.org/review/28041
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The first byte of a Transfer Data request/response is the
block sequence counter. This change will show that counter.
Change-Id: I87c240bd12f1f897e298d2fcfae8f75058aa4392
Reviewed-on: https://code.wireshark.org/review/27956
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Try to make our libgnutls28-dev / libgnutls-dev dependency work across
different OS versions.
Change-Id: I673619ae81b15df5bdbe386b4354e5c01f7bba29
Reviewed-on: https://code.wireshark.org/review/28042
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Once as CRC + EOF and once as payload. Don't pass the bytes to payload
dissection any more.
Change-Id: I21eb95a4f42dbd40ccf5910934c00f58f5564454
Reviewed-on: https://code.wireshark.org/review/28023
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
GTP tunnel endpoints (MMEs, GSNs...) will eventually reuse sequence number
values. When handling long capture files this may lead to wrong request/reply
pairs: a message may be considered as a reply to an old request
sharing the same reused seq number
Add an heuristic to the matching algorithm that involves timestamps:
request/reply pair matches only if their timestamps are closer than a
configurable threshold. If such value is 0 (default), timestamps are not
used and only seq number values are evaluated (i.e. fall-back to old behavior)
Note that a wrong match might lead to wrong (gtp-)association/session
While at it, extend messagge list explicitly used by the algorithm
Change-Id: I021e6e1ce1651a64d24b0664d6e27c9ba39c735c
Reviewed-on: https://code.wireshark.org/review/27500
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
the new dissected commands are:
manufacturer specific attribute reporting
multicluster reporting
manufacturer specific multicluster reporting
read attribute and request attribute (have same format)
read attribute response
write attribute
Change-Id: I3125f6acbfb35a72771186f933b0db0798e409f2
Reviewed-on: https://code.wireshark.org/review/27892
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The timestamp and timestamp fraction are processed in one step,
since this creates a proper timestamp interpretation. There are
two fixes to this code to deal with erroneous packets.
One is that when taking into account the timestamp fragment the
available data must be 8 bytes in total, not just 4.
The other is that when the mask indicates that there's only a
timestamp fraction, nothing was shown.
Change-Id: I4a0a65229f322ad56673a26ff6b3e769e994062d
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/28007
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If you're reporting an error, use an expert info item.
If you're putting a structure into the protocol tree, use FT_NONE for
the structure as a whole.
Change-Id: Ie89b552576b15195acb0a9108d33430115d99f00
Reviewed-on: https://code.wireshark.org/review/28024
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Switch Build-Depends from libgnutls-dev to libgnutls28-dev. I'm
upgrading the Ubuntu builder to 18.04 and this appears to be required in
order to fix the Debian package step.
Change-Id: Ib3ab2a1a5dcfbd9ad0c088b22fcac63d81a2a765
Reviewed-on: https://code.wireshark.org/review/28022
Reviewed-by: Gerald Combs <gerald@wireshark.org>
"redefined" to handle the same way as before.
In dissectors using the new API, add all currently used proto_tree_add_xxx
functions to the list of functions that take care of NEW_PROTO_TREE_API changes.
Modify the dissectors that worked around the missing change.
Change-Id: Ib6d6ec2c225d96c98c2a8f507648d7ad4bfb6c68
Reviewed-on: https://code.wireshark.org/review/28002
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Using an environment variable the user can override the config
directory. Keep the previous Windows-specific variable ("WIRESHARK_APPDATA")
alive for backward compatibility.
Change-Id: I2350b815e60e7dbb19f9c193d7aaaa68f94576b2
Reviewed-on: https://code.wireshark.org/review/27946
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Send it to same output file that gets the output ofthetest command, so
that it shows upin the output.
(I spent entirely too much time trying to figure out why 14738 was
happening on the buildbot but not on my machine - it turns out that the
test where it was failing was the one where -V *wasn't* specified, so
the protocol tree *wasn't* being generated, so proto_tree_add_string()
*wasn't* doing some tests that should have thrown an exception. The
output didn't make it clear that the test that was failing was the one
where the arguments to tshark were -nr, not -nVxr.)
Change-Id: I54e4450029ac56b9ac3d6eff9baf8acc849a5e4c
Reviewed-on: https://code.wireshark.org/review/28003
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The RSL RELEASE MODE IE is two bytes long, so we cannot call
proto_tree_add_subtree() with a length of 4.
Change-Id: I7ee3cfd7a7d64d14704b1f6b11ab7631ff9b0939
Reviewed-on: https://code.wireshark.org/review/27993
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Put routine to free all dynamically registered header fields in the
UAT reset callback to avoid ASAN report for memory leaks on exit.
Handle duplicated entries without leaking memory.
Call proto_free_deregistered_fields() in proto_cleanup() and move
this after prefs_cleanup() to free the memory used in UATs.
Change-Id: I96545177b5b23b9c20ad8e7751a0d5621c9ca10f
Reviewed-on: https://code.wireshark.org/review/27907
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
1) A value that fits in a 32-bit unsigned integer may take more than 4
octets - the uppermost bit of the octet is a "more octets follows" flag,
so 4 octets contain only 7*4 - 28 bits of value, so a fifth octet
preceding that with the upper 3 bits zero could result in a value that
fits in 32 bits, and further octets of 0x80 just add further leading
zeroes.
We should, instead, check for *overflow*, meaning that if we add more
bits at the bottom, the result is *less* than the previous value.
2) When the result overflows, we should clamp it a UINT_MAX, rather than
setting it to zero, and should keep accumulating octets, so that we
return the correct octet count. That prevents infinite loops where the
item's length, and the item itself, are considered zero-length.
This should fix bug 14738.
Bug: 14738
Change-Id: I1d1b60e22f169959c1573b1fcb7e010e027b5132
Reviewed-on: https://code.wireshark.org/review/27986
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There was an extra level of indentation in the tree structure that didn't
add any value.
This tree node just displayed the same text that it's parent tree did.
Just remove this to make things easier to navigate.
See feature_cip_all_segments.pcap from
Bug: 12049
Change-Id: Ia51f0f66b1ea0aefaa4d016335c0d5e8515a2c30
Reviewed-on: https://code.wireshark.org/review/27958
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
With the name change from Ethereal to Wireshark, asn2eth was renamed
asn2wrs.
Change-Id: I5bdfa2362ca7de81b0bda6ec9faa78cdb0ba10b4
Reviewed-on: https://code.wireshark.org/review/27968
Reviewed-by: Guy Harris <guy@alum.mit.edu>
../epan/dissectors/packet-scte35.c: In function ‘dissect_scte35_splice_insert’:
../epan/dissectors/packet-scte35.c:487:12: error: ‘tsf’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
if (tsf) {
^
../epan/dissectors/packet-scte35.c:451:27: note: ‘tsf’ was declared here
guint8 component_tag, tsf;
^
cc1: all warnings being treated as errors
Change-Id: I9445c76bd1d3447ce5d9ce3df5970840a1605175
Reviewed-on: https://code.wireshark.org/review/27957
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>