It was buried as a static variable in capture_info.c, and functions were refactored to allow a pointer to the info_data_t structure to be passed in. TShark and GTK will have their own single (global) copy of the structure, while it opens up Qt to have multiple instances.
Change-Id: Ic2d7a2ad574de43f457cb18b194d6bc3fffb6120
Reviewed-on: https://code.wireshark.org/review/12691
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Valgrind reports memory leaks like these:
154 bytes in 10 blocks are possibly lost in loss record 8,660 of 11,855
at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0xBD9EA38: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0xBDB3358: g_strndup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0xBDB49AD: g_strsplit (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0x502291: capture_get_if_capabilities (capture_ifinfo.c:269)
by 0x50A4CC: scan_local_interfaces (iface_lists.c:186)
by 0x4C4BBD: refresh_local_interface_lists (capture_dlg.c:6117)
by 0x504EC8: iface_mon_handler2 (iface_monitor.c:113)
by 0xC9ADF1D: ??? (in /lib/libnl-3.so.200.3.0)
by 0xC56DF19: ??? (in /usr/lib/libnl-route-3.so.200.3.0)
by 0xC9ABE5E: nl_cache_parse (in /lib/libnl-3.so.200.3.0)
by 0xC9AF5CA: nl_msg_parse (in /lib/libnl-3.so.200.3.0)
Under certain conditions raw_list variable was not freed properly.
Change-Id: Ibbaf0d67d983ee6912cfc9dc1a3169bc773b03c9
Reviewed-on: https://code.wireshark.org/review/12112
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Id218dec9e5a721d6c63fd34962ffe50b6ab8dd56
Reviewed-on: https://code.wireshark.org/review/11946
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Diederik de Groot <dkgroot@talon.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That makes the logic a bit clearer (and puts the "unexpected other
error" case at the end, where it should be).
Put all the errno checks inside an else clause, making it clearer that
it runs only if waitpid() returned -1.
Add comments, including comments explaining why just driving on after
getting EINTR should be OK.
Change-Id: Iaa1b151393fcec8b4f5bd560ef913a224400932b
Reviewed-on: https://code.wireshark.org/review/11951
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If CreateProcess succeeds, close our child's primary thread handle. As
the PROCESS_INFORMATION page at
https://msdn.microsoft.com/en-us/library/windows/desktop/ms684873.aspx
says,
If the function succeeds, be sure to call the CloseHandle function
to close the hProcess and hThread handles when you are finished with
them. Otherwise, when the child process exits, the system cannot
clean up the process structures for the child process because the
parent process still has open handles to the child process.
Closing the handle immediately doesn't seem to do any harm here, but
add a note that we might want to store it and close it later.
In sync_interface_stats_open, close our message and data descriptors
after calling sync_pipe_wait_for_child.
Ping-Bug: 11702
Change-Id: I56e0625fdceb66fba822c2dc83e07d40844329a7
Reviewed-on: https://code.wireshark.org/review/11882
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If the C handles can't be created, there's no point in running dumpcap.
Catch some more possible _open_osfhandle() failures while we're at it.
Change-Id: I2b955378705fc932f8d383804e908e95a957be44
Ping-Bug: 11702
Reviewed-on: https://code.wireshark.org/review/11890
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This may at least prevent the crash in bug 11702, by not returning
"success" with bogus file handles of -1, if the opens fail due to
leaks chewing up all the available slots. More investigation needs to
be done to see why we're leaking.
Change-Id: I89ecff4b03bca140f05c838e1e2604a03409f803
Ping-Bug: 11702
Reviewed-on: https://code.wireshark.org/review/11881
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have wsutil/file_util.h include them on UN*X, just as it includes io.h
on Windows, so we can have a rule of "if you do file operations, include
<wsutil/file_util.h> and use the routines in it".
Remove includes of unistd.h, fcntl.h, and sys/stat.h that aren't
necessary (whether because of the addition of them to wsutil/file_util.h
or because they weren't needed in the first place).
Change-Id: Ie241dd74deff284e39a5f690a297dbb6e1dc485f
Reviewed-on: https://code.wireshark.org/review/11619
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add "/WX" to the Visual C++ compiler flags if DISABLE_WERROR is off,
similar to config.nmake.
We haven't compiled C++ code with -Wshorten-64-to-32 for quite
some time so there's no need to add -Wno-shorten-64-to-32 in
ui/qt/CMakeLists.txt.
Additionally, squelch
----
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3050) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data (.\rpc_service_response_time_dialog.cpp)
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3065) : see reference to function template instantiation 'void std::_Median<_RanIt,bool(__cdecl *)(const QString &,const QString &)>(_RanIt,_RanIt,_RanIt,_Pr)' being compiled
with
[
_RanIt=QList<QString>::iterator
, _Pr=bool (__cdecl *)(const QString &,const QString &)
]
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3127) : see reference to function template instantiation 'std::pair<_RanIt,_RanIt> std::_Unguarded_partition<_RanIt,bool(__cdecl *)(const QString &,const QString &)>(_RanIt,_RanIt,_Pr)' being compiled
with
[
_RanIt=QList<QString>::iterator
, _Pr=bool (__cdecl *)(const QString &,const QString &)
]
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3157) : see reference to function template instantiation 'void std::_Sort<_Iter,int,bool(__cdecl *)(const QString &,const QString &)>(_RanIt,_RanIt,_Diff,_Pr)' being compiled
with
[
_Iter=QList<QString>::iterator
, _RanIt=QList<QString>::iterator
, _Diff=int
, _Pr=bool (__cdecl *)(const QString &,const QString &)
]
.\rpc_service_response_time_dialog.cpp(130) : see reference to function template instantiation 'void std::sort<QList<QString>::iterator,bool(__cdecl *)(const QString &,const QString &)>(_RanIt,_RanIt,_Pr)' being compiled
with
[
_RanIt=QList<QString>::iterator
, _Pr=bool (__cdecl *)(const QString &,const QString &)
]
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3051) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data (.\rpc_service_response_time_dialog.cpp)
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3052) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data (.\rpc_service_response_time_dialog.cpp)
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3053) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data (.\rpc_service_response_time_dialog.cpp)
----
in both rpc_service_response_time_dialog.cpp and wireshark_application.cpp
so that we'll compile successfully.
Change-Id: I457bcede99dcb1f3c1001f1f559c4901bb000357
Reviewed-on: https://code.wireshark.org/review/10533
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Found by starting Wireshark within an empty profile, opening
Preferences, search for Protocol "IEEE 802.11" (because it has radio
buttons), then close everything again.
Many fixes are trivial, but the various recent_read_* functions in
recent.c were changed to return a boolean such that the result can
always be checked even if errno==0.
QButtonGroup leak was hinted by Clang Static Analyzer, all other
memleaks were found using ASAN/LSan.
Change-Id: Ia73f5d4c09d92f22e72377be59e23342f8ad7211
Reviewed-on: https://code.wireshark.org/review/10776
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Make use of -A parameter when querying data link types supported by a given interface with dumpcap.
Ensure to pass the authentication parameters configured for a remote interface when calling capture_get_if_capabilities()
Bug: 11366
Change-Id: I4efea615084a82108e4a12a64e8c46817f30a5c6
Reviewed-on: https://code.wireshark.org/review/9690
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fixes a crash / heisenbug in wireshark-qt on startup:
==26808==ERROR: AddressSanitizer: attempting free on address which was not malloc()-ed: 0x7fff8cf3bf70 in thread T0
#0 0x7f42ce3b66da in __interceptor_free /build/gcc-multilib/src/gcc-5-20150519/libsanitizer/asan/asan_malloc_linux.cc:28
#1 0x842847 in WirelessFrame::setChannel() ui/qt/wireless_frame.cpp:257
#2 0x842bf5 in WirelessFrame::on_channelComboBox_activated(int) ui/qt/wireless_frame.cpp:282
#3 0x84407d in WirelessFrame::timerEvent(QTimerEvent*) ui/qt/wireless_frame.cpp:134
#4 0x7f42ba94ea92 in QObject::event(QEvent*) (/usr/lib/libQt5Core.so.5+0x2b0a92)
#5 0x7f42bb6218ea in QWidget::event(QEvent*) (/usr/lib/libQt5Widgets.so.5+0x1948ea)
#6 0x7f42bb71c16d in QFrame::event(QEvent*) (/usr/lib/libQt5Widgets.so.5+0x28f16d)
#7 0x7f42bb5df62b in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/usr/lib/libQt5Widgets.so.5+0x15262b)
#8 0x7f42bb5e4d0f in QApplication::notify(QObject*, QEvent*) (/usr/lib/libQt5Widgets.so.5+0x157d0f)
#9 0x7f42ba91d57a in QCoreApplication::notifyInternal(QObject*, QEvent*) (/usr/lib/libQt5Core.so.5+0x27f57a)
#10 0x7f42ba973b1c in QTimerInfoList::activateTimers() (/usr/lib/libQt5Core.so.5+0x2d5b1c)
#11 0x7f42ba974020 (/usr/lib/libQt5Core.so.5+0x2d6020)
#12 0x7f42cdde7a16 in g_main_context_dispatch (/usr/lib/libglib-2.0.so.0+0x49a16)
#13 0x7f42cdde7c6f (/usr/lib/libglib-2.0.so.0+0x49c6f)
#14 0x7f42cdde7d1b in g_main_context_iteration (/usr/lib/libglib-2.0.so.0+0x49d1b)
#15 0x7f42ba974cfe in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt5Core.so.5+0x2d6cfe)
#16 0x56c8ba in main_window_update wireshark-qt.cpp:128
#17 0xe4b612 in sync_pipe_open_command capchild/capture_sync.c:972
#18 0xe4b823 in sync_pipe_run_command_actual capchild/capture_sync.c:1034
#19 0xe4c590 in sync_pipe_run_command capchild/capture_sync.c:1211
#20 0xe4e9a5 in sync_if_capabilities_open capchild/capture_sync.c:1356
#21 0xe48b7a in capture_get_if_capabilities capchild/capture_ifinfo.c:249
#22 0xdf539a in scan_local_interfaces ui/iface_lists.c:186
#23 0xdf6a65 in fill_in_local_interfaces ui/iface_lists.c:405
#24 0x56e49d in main wireshark-qt.cpp:1154
#25 0x7f42b81c178f in __libc_start_main (/usr/lib/libc.so.6+0x2078f)
#26 0x56ba58 in _start (wireshark+0x56ba58)
AddressSanitizer can not describe address in more detail (wild memory access suspected).
SUMMARY: AddressSanitizer: bad-free /build/gcc-multilib/src/gcc-5-20150519/libsanitizer/asan/asan_malloc_linux.cc:28 __interceptor_free
Change-Id: I63744261096b3cfd0eddcf75bcf85103a3f0788d
Reviewed-on: https://code.wireshark.org/review/9220
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add the wireless toolbar to the Qt UI.
Start adding AirPcap support to ui/80211_utils. Add FCS validation
routines to ws80211_utils.
Move a bunch of AirPcap routines that require epan from caputils to
ui/gtk. They were required for driver key management, which we'll
leave to the AirPcap Control Panel in the Qt UI.
Move frequency-utils to wsutil.
Change-Id: I44446758046621d183f5c2ba9f6526bf01e084f1
Reviewed-on: https://code.wireshark.org/review/8910
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Define WS_INVALID_PID to be the appropriate "there is no process" value.
On UN*X, -1 works; the "pid" is actually a HANDLE for the process on
Windows, so INVALID_HANDLE is appropriate.
Cast HANDLE to intptr_t in the _cwait() call.
Change-Id: Ica2d2319f5c95ba41f590776a745fe040fe494d2
Reviewed-on: https://code.wireshark.org/review/8871
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The MSVC rules for searching for headers are a huge barrel of fun; it
appears that, for some files that need the MSVC <process.h> to declare
getpid(), they're getting our <wsutil/process.h> instead, as that's in
the current directory. Rename it to avoid the collision.
Change-Id: I88eb70237062fa7957e38d7ff8132524390a6a5c
Reviewed-on: https://code.wireshark.org/review/8870
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This avoids type punning; at least with Xcode 7 beta on El Capitan beta,
that produces warnings that get turned into errors.
Change-Id: I57f47455b9630f359828c07c92a190b5cb33816f
Reviewed-on: https://code.wireshark.org/review/8862
Reviewed-by: Guy Harris <guy@alum.mit.edu>
On Windows, 1) pass the path of the executable as the first argument to
CreateProcess(), which requires that we 2) have that path end with
".exe.
Maybe it'll fix the searching-for-dumpcap that showed up in bug 11196.
Change-Id: I9d06c07c3513fd42b98d3f8d9a1d2d545f651fe2
Reviewed-on: https://code.wireshark.org/review/8534
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have the count in a cfile_t structure always reflect the actual number
of packets that have been read from the file, rather than, when doing a
non-update-list-of-packets-in-real-time capture, falsely increasing the
count in the cfile_t to reflect the number of packets captured but not
yet read.
Have the status bar base its captured-packet count on the count in the
capture_session structure, and base the "sorry, no packets were
captured" message on the count in the capture_session structure, as
we're no longer using the count in the cfile_t structure to count
anything in the process of a non-update-list-of-packets-in-real-time
capture.
That way, we preserve the invariant that the "frames" member of a
cfile_t will be non-null if the "count" member is non-zero, fixing bug
6217.
It also means we can get rid of cf_set_packet_count(), as we only set
the count in the capture-file-reading code.
Bug: 6217
Change-Id: I72c0e2c07c30782bad777995370b7c19e1460cc2
Reviewed-on: https://code.wireshark.org/review/7950
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It can be set if either 1) this is Windows (where we're assumed to be
using WinPcap, which includes calls to set the buffer size) or 2) we
have pcap_create() (in which case we also have pcap_set_buffer_size(),
at least in a normal libpcap release).
Use that rather than testing "defined(_WIN32) ||
defined(HAVE_PCAP_CREATE)"; that makes it a bit more obvious what's
being tested.
Change-Id: Id9f8455019d19206b04dd6820a748cb97ae5ad12
Reviewed-on: https://code.wireshark.org/review/7816
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The return of EINTR is not exactly a failure of child process but may be because of any number of reasons. Adding logic to retry to get status of child process.
Bug: 10889
Change-Id: Ic2de7248cb7bd9c801b917c841ce911fb7c17dcc
Reviewed-on: https://code.wireshark.org/review/7669
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
g_string_free(str, FALSE) frees the GString container but not the
underlying g_malloc()ed string; instead, it returns a pointer to the
g_malloc()ed string.
Fix those places that didn't already get the string pointer from
g_string_free() to do so rather than manually extracting the string
themselves.
And fix one place that didn't even need to use a string - it was just
scanning a C string without even modifying it.
Change-Id: Ibbf4872bf5b9935b9907f539b6edb1013f3053a5
Reviewed-on: https://code.wireshark.org/review/6532
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Move capchild, caputils, codecs and wsutil into a Libs group
Move gtkui into UI group
Move update-sminmpec into tools group
Change-Id: Iaf2bfe4697265af2c3ed9c9d7de2d5d1ef3cafee
Reviewed-on: https://code.wireshark.org/review/6332
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Graham Bloice <graham.bloice@trihedral.com>
Wrap the capture_file struct in a QObject which translates cf_cb_* and
capture_cb_* events into signals. Move the global cfile to
capture_file.cpp.
Don't use a void pointer for the capture file struct.
Change-Id: Ic5d5efb4bb1db64aa0247245890e5669b1da723a
Reviewed-on: https://code.wireshark.org/review/5885
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Fill in the capture-related mise en place so that -k and -i work. Get
rid of global_capture_session in ui/qt and make it a member of
MainWindow.
Copy over privilege checking from GTK+.
Move the global capture session struct to MainWindow.
Change-Id: Iab5ec683860a40255a7e1d82e3872ced24fd55cb
Reviewed-on: https://code.wireshark.org/review/4382
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Extcap is a plugin interface, which allows for the usage
of external capture interfaces via pipes using a predefined
configuration language which results in a graphical gui.
This implementation seeks for a generic implementation,
which results in a seamless integration with the current
system, and does add all external interfaces as simple
interfaces.
Windows Note: Due to limitations with GTK and Windows,
a gspawn-winXX-helper.exe, respective gspawn-winXX-helper-console.exe
is needed, which is part of any GTK windows installation.
The default installation directory from the build is an extcap
subdirectory underneath the run directory. The folder used by
extcap may be viewed in the folders tab of the about dialog.
The default installation directory for extcap plugins with
a pre-build or installer version of wireshark is the extcap
subdirectory underneath the main wireshark directory.
For more information see:
http://youtu.be/Nn84T506SwU
bug #9009
Also take a look in doc/extcap_example.py for a Python-example
and in extcap.pod for the arguments grammer.
Todo:
- Integrate with Qt - currently no GUI is generated, but
the interfaces are still usable
Change-Id: I4f1239b2f1ebd8b2969f73af137915f5be1ce50f
Signed-off-by: Mike Ryan <mikeryan+wireshark@lacklustre.net>
Signed-off-by: Mike Kershaw <dragorn@kismetwireless.net>
Signed-off-by: Roland Knall <rknall@gmail.com>
Reviewed-on: https://code.wireshark.org/review/359
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It just means "pcap didn't give me any interfaces, and didn't report an
error". Hopefully, in the future, there will be pcap APIs that
distinguish between the (admittedly unlikely, these days) case of "there
really *are* no interfaces on which *anybody* can capture" and "you
don't have sufficient permission to capture", and we can report the
latter as an error. (Given that pcap supports more than just "regular
interfaces", though, there are cases where you don't have permission to
capture on those but you have permission to capture raw USB traffic, for
example, so perhaps what's really needed is per-interface indications of
permissions.)
Change-Id: I7b8abb0829e8502f5259c95e8af31655f79d36a1
Reviewed-on: https://code.wireshark.org/review/3169
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Most callers of capture_interface_list() don't expect an error string
for NO_INTERFACES_FOUND, because that's not really an error, it's just a
statement of face (and perhaps an error of 0 should be returned), so
they don't bother freeing the error string, causing a leak.
Instead, have the one place that *did* expect it to return an error
string just put "No interfaces found" itself.
Also, have that place not check for an error string if interfaces *were*
found, as no error code or string is returned in that case.
Change-Id: I9cb8ed7ad22810b23e2251d2833d9b7ab02eec03
Reviewed-on: https://code.wireshark.org/review/3165
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Some of those routines are used only in dumpcap; others are used in
TShark and Wireshark as well.
Change-Id: I9d92483f2fcff57a7d8b6bf6bdf2870505d19fb7
Reviewed-on: https://code.wireshark.org/review/2841
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This pulls some stuff out of the top-level directory, and means we don't
have to build them once for every program using them.
Change-Id: I37b31fed20f2d5c3563ecd2bae9fd86af70afff5
Reviewed-on: https://code.wireshark.org/review/2591
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Michael Mann