Previously a sequence of "native" types (int, float, etc) generated a proto_tree_add_uint (for the loop over the sequence) and a proto_tree_add_XXX (for the "native" type), but only 1 hf variable was created for the "loop" field, so DISSECTOR_ASSERT_NOT_REACHED would be generated if "native" type != uint. Now a separate hf_ variable is generated for the "loop" and "native" type.
Also update existing IDL dissectors with new generator logic.
Change-Id: Ie4d1edfd67a8e6f02834573f29f07baf79058534
Reviewed-on: https://code.wireshark.org/review/1274
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(not sure why, but regeneration also "moved" some hf_ variables from previous version)
Change-Id: I197eacbb3f892dbdca6e6bc354fc88240c1bfb34
Reviewed-on: https://code.wireshark.org/review/1291
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Treat FT_BYTES and a few others the same as FT_PROTOCOL: allow a zero length
but throw an exception if the offset is already beyond the end of the TVB
(prior to this change it would assert out). This (when manually applied to
master-1.10) fixes https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9999 .
While we're at it: tvb_captured_length_remaining() no longer returns -1 (see
r52571) so don't expect it to. Instead just use
tvb_ensure_captured_length_remaining() to throw an exception if the offset is
bad.
Change-Id: I686722a4fed46b86139466afcf64ff02f319c702
Reviewed-on: https://code.wireshark.org/review/1289
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ei_array is supposed to be an array of expert_entry items. However, it
was initialized of an array of expert_info_t items which is much larger.
This caused an ASAN error when running `tshark -z expert` because
expert_stat_packet wants to read past the stack.
Fix this by correcting the type. While at it, reduce the size of
expert_entry for 64-bit systems (reduces initial memory usage by 8
kilobytes) and avoid a redundant g_array_index call.
Change-Id: I2e08676a5e242743ed502dd2836806604ea75cc0
Reviewed-on: https://code.wireshark.org/review/1275
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- Remove unneeded #includes;
- Move proto_reg_handoff...(() to the end of the file as per convention;
- Use dissector_add_handle() instead of using dissector_add_uint(..., 0, ...);
- #if 0 an unused global function (which caused a [-Wmissing-prototypes] warning);
- Remove an empty proto_reg-handoff...();
- 'if (already_registered)' not required in one case.
Change-Id: I74f267c2721df13eb4d52d7f19a6ded423218a39
Reviewed-on: https://code.wireshark.org/review/1277
Reviewed-by: Bill Meier <wmeier@newsguy.com>
This is more reliable than doing "tree math" and corrects the intention of 5470356154 which made the incorrect assumption that tcp_dissect_pdus will be called with the tree that is passed into a protocol's main dissection function (directly from TCP).
Change-Id: I6ffc2188420ab74784c7bc2c69aa79ff071c90b6
Reviewed-on: https://code.wireshark.org/review/1214
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rather than using a hash table, which is overkill and slow, embed a
doubly-linked-list in the prefix structure.
On my tests with some random capture file and tshark -nxVr:
- normal block allocator: ~2.1 seconds
- old (slow) strict allocator: ~4.2 seconds
- new (fast) strict allocator: ~2.8 seconds
The buildbot will thank me :)
Change-Id: I2fb42229c4ee4c40bbe45ba04b7848792998eaa9
Reviewed-on: https://code.wireshark.org/review/1251
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Modern hosts typically open many more TCP and UDP connections than in
years past. For an example opening a popular news site in a web browser
can easily trigger dozens of separate connections. At the same time our
services file has accumulated a lot of cruft over time. As a result
transport name resolution is a bunch of lies.
Change-Id: Ibbca5b1c7ea1e800fc46dad63b9270128dacd721
Reviewed-on: https://code.wireshark.org/review/1240
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ib4cfdd8261e53caef695d54a2991223b1f296448
Reviewed-on: https://code.wireshark.org/review/1247
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I474c03a1a40586a14cdec2196ee3ebc89eedd8ab
Reviewed-on: https://code.wireshark.org/review/1236
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I9b0cb7c8602f813fd06f1b3ea6107ed6fe8d72ed
Reviewed-on: https://code.wireshark.org/review/1244
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I5e0e44019ddee4d39fbf2d6204c40c02d3e97c6f
Reviewed-on: https://code.wireshark.org/review/1243
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I5e0e44018eaee4da9fbf2d6204c40c0ad3ea7a6f
Reviewed-on: https://code.wireshark.org/review/1242
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Bugs fixed:
- DISSECTOR_BUG (reported by proto.c) when displaying "Parameters"
(Apparently introduced in I8de7a19 (gc538b44))
- Incorrect byte pane highlighting for ARG_ARRAY container type
(In dissector code as originally committed)
- "uint32uint32" should be "uint32" in packet details.
(In dissector code as originally committed)
Cleanup:
- Remove unneeded #includes;
- Simplify some code;
- Remove unneeded initializers;
- Fix: "warning: no previous prototype...[-Wmissing-prototypes]"
- Reformat hf[] array entries;
- Fix some spelling;
- Do indentation, whitespace & formatting style changes.
Change-Id: If1f488f10ba83b27f75a1f71cf4bce7d5279e87c
Reviewed-on: https://code.wireshark.org/review/1238
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
This is substantially more memory-efficient, shaving another ~1.5MB off our base
usage. It also lets us remove the annoying extra "last_field" pointer and
simplify proto_register_field_common(). It also accidentally fixed what may
have been a memory leak in proto_unregister_field().
It unfortunately complicates proto_get_next_protocol_field() to require
refetching the protocol each time, but that is itself just an array-lookup under
the covers (and isn't much used), so I don't expect the performance hit to be
noticable.
Change-Id: I8e1006b2326d6563fc3b710b827cc99b54440df1
Reviewed-on: https://code.wireshark.org/review/1225
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Shaves ~1.5MB off our base memory usage, and provides O(1) operations instead of
O(log n). We don't need the additional operations a tree provides.
Change-Id: I6159d09ee380a2bca0de3bb2d031a874d8eb79d2
Reviewed-on: https://code.wireshark.org/review/1224
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: Ia0779c6055f6e2864d2099fd607d9763e4040380
Reviewed-on: https://code.wireshark.org/review/1233
Reviewed-by: Michael Mann <mmann78@netscape.net>
This matches the current name of the --enable-extra-compiler-warnings
option in autotools.
Fix the documentation of the option to match.
(Note that "compiler" won't necessarily always be GCC or Clang, and
won't necessarily always use -W for warning options, so speaking of them
as "-W checks" isn't future-proof.)
Change-Id: I2e142532e78be3c8051f1e738b3109a83e7d10dc
Reviewed-on: https://code.wireshark.org/review/1231
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Rename --enable-extra-warnings to --enable-extra-compiler-warnings, and
have the message talking about "extra warnings" talk about "extra
compiler warnings", to make it more uniform (the documentation for the
--enable flag speaks of "additional compiler warnings") and to clarify
that these are warnings from the compiler, not from *shark.
Change-Id: Ic1a045670144f8d9eda2e3427142027e2a339156
Reviewed-on: https://code.wireshark.org/review/1230
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This matches with the change made to CMakeLists.txt.
Change the description as well - the name was changed because those
extra checks don't just apply to GCC.
Change-Id: Id81c081574c42e11144d119c8af45875248578b5
Reviewed-on: https://code.wireshark.org/review/1229
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It no longer does anything, and it refers to variables that no longer
exist, as we're not distinguishing between extra GCC warning flags and
extra CLang warning flags any more.
Change-Id: If0b346f669f2573e46261e6da4dc78e96ef79a8f
Reviewed-on: https://code.wireshark.org/review/1228
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That makes it clearer that what we're enabling are extra warnings, and
fits better with the description for --enable-warnings-as-errors, which
says the default is "yes, unless extra warnings are enabled".
Change-Id: If21f778df0dfdb98acbe02cb6a763ed27f2a7f91
Reviewed-on: https://code.wireshark.org/review/1227
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We test whether a given compiler supports a given -W flag, so we don't
need to separate them and check them only for particular compilers.
To make that even clearer, rename the --enable option from
--enable-extra-gcc-checks to --enable-extra-compiler-checks, and
document it as just "do additional -W checks", and rename the
WIRESHARK_EXTRA_GCC_ CMake variables to WIRESHARK_EXTRA_COMPILER_.
Sync up the lists of warning flags in CMake with the lists in autoconf.
Uncomment -Wdocumentation while we're at it. If it doesn't work *at
all*, comment it out until it's fixed, or, better yet, fix it; if it
still produces warnings, we just leave it among the "extra" flags.
Change-Id: I4042affdade612e4025e2881d08f1ca69d759626
Reviewed-on: https://code.wireshark.org/review/1226
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ic315ed9b7d65fe70401945cb0cceda4af863d140
Reviewed-on: https://code.wireshark.org/review/1215
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add ep_ to routines that may return ephemeral strings.
Change "get_XXX" to "XXX_to_display" if the routine returns a formatted
string if it can't get a name.
Change-Id: Ia0e82784349752cf4285bf82788316c9588fdd88
Reviewed-on: https://code.wireshark.org/review/1217
Reviewed-by: Guy Harris <guy@alum.mit.edu>
"get_addr_name()" -> "ep_address_to_display()", to 1) indicate that it
returns a string with ephemeral scope and 2) indicate that it maps an
address to a "displayable" form - a name if possible, an address string
if not.
"se_get_addr_name()" -> "get_addr_name()", to indicate that its strings
have the same scope as "get_ether_name()", "get_hostname()", and
"get_hostname6()".
Change-Id: If2ab776395c7a4a163fef031d92b7757b5d23838
Reviewed-on: https://code.wireshark.org/review/1216
Reviewed-by: Guy Harris <guy@alum.mit.edu>
According to RFC 5846 (https://tools.ietf.org/html/rfc5846#section-5.2), there are 3 bits in the Binding Revocation Acknowledgement Message, which come in the following order:
1. Proxy Binding (P)
2. IPv4 HoA Binding Only (V)
3. Global (G)
Found by Boaz Brickner
From Alexis: MIP6 dissector is based on old draft...
Closed-bug: 10007
Change-Id: I570381171e1455cc03fa7b40bf682d6ed7bd0a92
Reviewed-on: https://code.wireshark.org/review/1203
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
When IPv6 has a Mobility Header that is followed by an Authentication Header, the Authentication Header is not parsed.
Found by Boaz Brickner
Change-Id: Ib6ad759c9f08c94650d72d8dfcc95856e628d2e6
Close-Bug: 10005
Reviewed-on: https://code.wireshark.org/review/1205
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This should significantly reduce memory usage, without increasing the
CPU time required to process a capture file in TShark or Wireshark.
As a result, se_address_to_str() is no longer used; eliminate it.
Fixes bug #9949.
Change-Id: I65a112a426c82cc73a957b81384c765c3d14f2c3
Reviewed-on: https://code.wireshark.org/review/1213
Reviewed-by: Evan Huus <eapache@gmail.com>
Also do a quick scan for other similar issues and fix them too; this type of
underflow has popped up three times now in the openflow dissector in separate
bugs. Hopefully this squashes the last of them.
Change-Id: Id404433333016f64cdd83d7e0f9e60a3028d2d0b
Reviewed-on: https://code.wireshark.org/review/1207
Reviewed-by: Evan Huus <eapache@gmail.com>
Michael Mann