This commit adds tvb_get_string_bytes and proto_tree_add_bytes_item routines for
getting GByteArrays fields from the tvb when they are encoded in ASCII hex string form.
The proto_tree_add_bytes_item routine is also usable for normal
binary encoded byte arrays, and has the advantage of retrieving
the array values even if there's no proto tree.
It also exposes the routines to Lua, both so that a Lua script can take
advantage of this, but also so I can write a testsuite to test the functions.
Change-Id: I112a038653df6482a5d0ebe7c95708f207319e20
Reviewed-on: https://code.wireshark.org/review/1158
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Records are always unencrypted before the ChangeCipherSpec message. This
patch assumes that conversations without a SSL decoder (i.e. before
calling ssl_change_cipher) are unencrypted. If it turns out that the
contents were encrypted anyway, then there is about 0.8% probability
that the heartbeat message gets recognized wrong
(dissect_ssl3_heartbeat checks if the first byte equals 1 (request) or 2
(response)). Not a big deal, and the advantage that the heartbleed
expert information is triggered overweights that possible mistake.
(Note that ssl_set_master_secret as called by external code will also
invoke ssl_change_cipher, but that should be caught by the if
condition in the line before this hunk.)
An example capture is available at:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9988
Change-Id: I5b14d9e7e8e0c1cd358f3b05c9b84fca1daf1d69
Reviewed-on: https://code.wireshark.org/review/1102
Reviewed-by: Evan Huus <eapache@gmail.com>
Preferences for the MRCPv2 protocol, TCP port is converted from a single port to a port range field.
Change-Id: Ieb7a7a9beb8474fe89531742d39d5ed6f6862637
Reviewed-on: https://code.wireshark.org/review/1182
Reviewed-by: Anders Broman <a.broman58@gmail.com>
[Apparently (at least) the Ubuntu buildbot gcc (presumably < 4.9) needs two vars
to be marked volatile even though gcc.4.9 (Fedora) doesn't.
Change-Id: Icf95511d08a31547196874aecb60d85cab975cfb
Reviewed-on: https://code.wireshark.org/review/1179
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
Change-Id: I99f777b3058e1cef3e1a077ffde259f0d2f51c98
Also: rename some vars to catch any incorrect usage.
Reviewed-on: https://code.wireshark.org/review/1178
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
Rework code related to TRY_SCSI_CDB_ALLOC_LEN macro to simplify and clarify same.
Rename some vars to catch any incorrect usage.
Change-Id: Ibf9465c5ce7670aa1147e0c311c37e582ece427a
Reviewed-on: https://code.wireshark.org/review/1177
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
Move some stuff out of dissect_nbss_packet() to dissect_nbss(), to make
its main loop look a bit more like tcp_dissect_pdus()' main loop, and
then pick up some changes from tcp_dissect_pdus().
Also, have the "Length" field cover not only the field nominally
designated as a length field, but also the low-order bit of the flags
field, because that bit is really the 17th bit of a 17-bit length field
(RFC 1002 even speaks of it in those terms).
Change-Id: Ia95912163c23d482bfca6c026d92aadbd0ca8ac4
Reviewed-on: https://code.wireshark.org/review/1175
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For S1AP PDUs that contain a cause, show that cause in the Info column.
Change-Id: Icecb8da278c16e0d47395b17b54dee6ebd7be646
Reviewed-on: https://code.wireshark.org/review/1170
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That way, we don't throw an exception until we actually try to fetch a
field that's not present, so that fields we *do* successfully fetch show
up in the protocol tree.
While we're at it, convert some proto_tree_add_text() fields to named
fields.
Change-Id: I22877dfaa0fe53c44f66e8f150a9f31ccd5aba37
Reviewed-on: https://code.wireshark.org/review/1168
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The dictionary_id member of a spdy_conv_t is only used if we have libz;
put it inside the #ifdef. That also lets us give it a type of uLong,
from libz, which avoids it being 32 bits when the type returned by
adler32() is 64 bits. (The *value returned by adler32()* might always
fit in 32 bits, but this is arguably cleaner than throwing a cast at the
problem.)
The third argument to adler32() is a uInt; cast sizeof to uInt to avoid
other 32-bit-vs-64-bit warnings. (It should have been size_t, but maybe
libz antedated size_t's availability in all the compilers that were used
to compile it.)
The buffer size in spdy_decompress_header_block() is always 16K; just
make it a #define that is *not* size_t, so that we avoid other
32-bit-vs-64-bit warnings.
Use DISSECTOR_ASSERT_NOT_REACHED() for "this can't happen" - it's marked
as "doesn't return", so we don't get "variable is unassigned" warnings
(at least not from the Clang I'm using), and also means we wouldn't get
a crash if it *does* happen (we just get a warning on the console and in
the protocol tree).
Change-Id: I55945b69b7485a02f3f623b21f671ed2915d453d
Reviewed-on: https://code.wireshark.org/review/1162
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I332bd690be67c908067c12e570f993565de98aed
Reviewed-on: https://code.wireshark.org/review/1159
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Icd39b32aa61fd9fc39c7a15d22134350582b9de6
Reviewed-on: https://code.wireshark.org/review/1160
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I8de7a196ad068506f8e7312021879d20be4063d2
Reviewed-on: https://code.wireshark.org/review/1156
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Joe Huffman <jhuffman@codeaurora.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The third parameter to g_strsplit is the maximum number of elements, you
cannot just assume that a vector with exactly that number of elements
is available. This will crash for example: `SSH_CONNECTION= wireshark`.
This patch takes care of that and also fixes a memleak due to missing
g_strfreev. To reduce code bloat, return the filter at last so that
g_strfreev does not have to be repeated before returning.
Note that it still possible for the filter to contain absolute junk
since the port and host number is not validated...
Change-Id: I4414d2a748f83ded59775fb1e733ce1250cfc553
Reviewed-on: https://code.wireshark.org/review/1100
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I11059ec313aba7d289ce06e38b4992429f2fd999
Reviewed-on: https://code.wireshark.org/review/1123
Reviewed-by: Michael Mann <mmann78@netscape.net>
Return values from g_strsplit must be always be freed. Also remove a
useless return statement and set a saner maximum split.
Change-Id: I680e20d40fe86103b0dcba210ef41aa5769f4f86
Reviewed-on: https://code.wireshark.org/review/1155
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Id0526cd9b6b724a8f125574507f9ce6302db540d
Reviewed-on: https://code.wireshark.org/review/1129
Reviewed-by: Michael Mann <mmann78@netscape.net>
epan/wmem/wmem_strutl.h:85:63: error: parameter 'str' is already documented [-Werror,-Wdocumentation]
epan/wmem/wmem_strutl.h:85:27: note: previous documentation
epan/wmem/wmem_strutl.h:90:39: error: parameter 'str' is already documented [-Werror,-Wdocumentation]
epan/wmem/wmem_strutl.h:85:57: note: previous documentation
epan/wmem/wmem_strutl.h:83:11: error: parameter 'allocator:' not found in the function declaration
epan/wmem/wmem_strutl.h:83:11: note: did you mean 'allocator'?
epan/wmem/wmem_strutl.h:84:11: error: parameter 'str:' not found in the function declaration [-Werror,-Wdocumentation]
epan/wmem/wmem_strutl.h:85:11: error: parameter 'len:' not found in the function declaration [-Werror,-Wdocumentation]
epan/wmem/wmem_strutl.h:85:11: note: did you mean 'len'?
Change-Id: Id2888c5967c94c48f9b53957c8be361bbebd3488
Reviewed-on: https://code.wireshark.org/review/1151
Reviewed-by: Evan Huus <eapache@gmail.com>
Add a tvb_print_system_id() routine, and use that in various ISIS
dissectors, while we're at it.
Change-Id: I31b6b9ea8faf2b4849f974ec7ed27fbdd14b91ef
Reviewed-on: https://code.wireshark.org/review/1145
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This makes it a bit more like the (un-extended) Reachability CLVs.
Also, just make the top-level items just a text field, just like the
top-level items for neighbors in the (un-extended) Reachability CLVs.
Rename the system IDs to be "... neighbor ID", not just "neighbor"; the
top-level items hold all the information for the neighbor, and the
system ID for the neighbor is just one of those pieces of information.
Change-Id: I72182dea496f8cfa6048cff3b0d2474df8f31282
Reviewed-on: https://code.wireshark.org/review/1144
Reviewed-by: Guy Harris <guy@alum.mit.edu>
You also shouldn't use an item for one *element* of a structure to
represent the entire structure.
Fix both of those.
Change-Id: Id1711238ebec02f135c404ac001aa51d783b3c69
Reviewed-on: https://code.wireshark.org/review/1142
Reviewed-by: Guy Harris <guy@alum.mit.edu>
With doxygen -u doxygen_global.cfg
Fix warning
Warning: Tag `SYMBOL_CACHE_SIZE' at line 290 of file doxygen_global.cfg has become obsolete.
To avoid this warning please remove this line from your configuration file or upgrade it using "doxygen -u"
Warning: Tag `SHOW_DIRECTORIES' at line 490 of file doxygen_global.cfg has become obsolete.
To avoid this warning please remove this line from your configuration file or upgrade it using "doxygen -u"
Warning: Tag `HTML_ALIGN_MEMBERS' at line 847 of file doxygen_global.cfg has become obsolete.
To avoid this warning please remove this line from your configuration file or upgrade it using "doxygen -u"
Warning: Tag `USE_INLINE_TREES' at line 1032 of file doxygen_global.cfg has become obsolete.
To avoid this warning please remove this line from your configuration file or upgrade it using "doxygen -u"
Change-Id: Ic0b5dda7f4bcaa17b7bf915928a938e614d54f30
Reviewed-on: https://code.wireshark.org/review/1139
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ui/decode_as_utils.h:42: Warning: The following parameters of decode_build_reset_list(const gchar *table_name, ftenum_t selector_type, gpointer key, gpointer value, gpointer user_data) are not documented:
parameter 'selector_type'
Change-Id: I8353dae120e87c9651c6611924c1fc652436146d
Reviewed-on: https://code.wireshark.org/review/1138
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Hadriel Kaplan