We're defining it now based on whether there's an st_blksize member of
struct stat. We're currently testing _STATBUF_ST_BLKSIZE, but that's
not guaranteed to be defined on platforms that have an st_blksize member
of struct stat (it's not defined on macOS, for example).
Change-Id: I4e6011a7668da94cf1ca6328e29c50924dd1d8b0
Reviewed-on: https://code.wireshark.org/review/32381
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Set a bigger IO buffer to avoid syscall overhead.
See https://github.com/the-tcpdump-group/libpcap/issues/792
Change-Id: If370da5ab2b70a9d0c925dd7c4c5c135c675c3f6
Reviewed-on: https://code.wireshark.org/review/31326
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Id84adc85c1fbdef8e39240f55128cdec4ee9ca2f
Reviewed-on: https://code.wireshark.org/review/31324
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1) They're both required, for both strftime() and strptime(), by the
Single UNIX Specification.
2) They're both supported by MSVC's strftime(), at least as of VS 2015.
3) With MSVC, we use our own strptime(), which is based on the GNU libc
one and which supports both of them.
So we don't have to worry about them not working and either giving a
bogus value or throwing an exception or anything such as that.
Bug: 15565
Change-Id: I72b7798f35c4461855298cfcfa84732c1297d5fe
Reviewed-on: https://code.wireshark.org/review/32370
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The NL80211_ATTR_HT_CAPABILITY and NL80211_ATTR_VHT_CAPABILITY
attributes does not contain the full information element tlv
making the dissector fail to parse the attribute values.
Add a tag dissector function that dissects a numbered tag using
the 802.11 tag dissector table and use it to dissect HT/VHT
capability attributes properly.
The HE capabily tag is among the extended tags so must be handled
in some other way. For now leave the attribute undissected.
Change-Id: Ie85918634bafc2b39000a34b01e7a7dbaf6bd80d
Reviewed-on: https://code.wireshark.org/review/32365
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The NL80211_ATTR_FRAME attribute value contains a full 802.11
frame with header. Let the 802.11 dissector dissect this.
Change-Id: I2e97644d142b510deaf75a1c922dcac4a12e0a27
Reviewed-on: https://code.wireshark.org/review/32364
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Quite many nl80211 attributes are declared u64 so let the
generic attibute parser treat data of 8 bytes length as 64 bit
values.
Change-Id: I511fe8467fe950e019457a1552de280528272b70
Reviewed-on: https://code.wireshark.org/review/32362
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Warning:
** (process:13685): WARNING **: 23:48:34.135: Extended value string 'pixel_format_names' forced to fall back to linear search:
entry 114, value 35520758 [0x21e00f6] < previous entry, value 36700405 [0x23000f5]
This is causing test failures due to clopts testsuite getting
unexpected data in stderr.
Change-Id: I6fcc7315f0b99530da4f6dceda60e2da803972f5
Reviewed-on: https://code.wireshark.org/review/32367
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use format_text() on strings when used in the TLV header.
Bug: 15572
Change-Id: Ia9dc585deff3d21782e552a018c80e63c700c73d
Reviewed-on: https://code.wireshark.org/review/32355
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
and a couple of pixel formats that where not properly decoded before
Change-Id: I43008e6f498f9f67dcd103486fb32c8885034ddf
Reviewed-on: https://code.wireshark.org/review/32086
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Fixed re-assembly of two PDU in single frame (was optimized out in last commit)
- Improved COL_INFO for C-FIND
- Improved COL_INFO for multiple PDUs in one frame
Change-Id: Ie4ba5023594f3ce65f55584631731ee9f9d0506b
Reviewed-on: https://code.wireshark.org/review/32087
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The wireless toolbar retrieves the full list of network interfaces
every 1.5 seconds to keep its list of interfaces updated. This
not only adds unnecessary load on the system it also generates
plenty of netlink traffic. When capturing packets on nlmon
interfaces they are flooded with packets generated by Wireshark
itself making it hard to understand the traffic that's really present
on the system.
Remove the periodic interface update and instead listen to network
interface change events and update only when something has changed.
The wireless toolbar need to know all when wireless interfaces are
added/removed, not only whether an interface is 'up' or not so
iface_monitor changes were also necessary.
Bug: 15576
Change-Id: I8fb19fd919dfef1b6b35bf48790b105ecd2b60a8
Reviewed-on: https://code.wireshark.org/review/32350
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Generic fixes
- subfields with small number of bits that belong to large
bit fields are not being decoded correctly (they all become zero).
Generic update
- removed ett_[X] entries that were never being used
asterix bugfixes
- asterix.SAC bitmask not aligned
- asterix.SIC bitmask not aligned
I019 bugfixes
- I019/552 bitmask not aligned
I020 bugfixes
- I020/042 incorrect filter
- I020/170 too many spare bits
- I020/170 incorrect filter
- I020/230 incorrect filter
- I020/500#01.DOPy incorrect filter
- I020/500#03 incorrect filter
- I020/RE sub field names not in line with other CATs
- I020/RE.GVV.TA is signed (should be unsigned)
- I020/RE.GVA.TASD is signed (should be unsigned)
- I020/RE.PA#02 incorrect filter
- I020/RE.DA#04 incorrect filter
I021 bugfixes
- I021/110#01 is not a FIXED size field (it is an FX field)
- I021/260 bitmask not aligned
- I021/RE.MES#02 bitmask not aligned
- I021/RE.MES#03 bitmask not aligned
- I021/RE.MES#06 bitmask not aligned
I034 bugfixes
- I034/050 subfield indexes are missing
- I034/050#04 bitmask not aligned
- I034/060 subfield indexes are missing
I048 bugfixes
- I048/050 bitmask not aligned
- I048/060 bitmask not aligned
- I048/070 bitmask not aligned
- I048/080 bitmask not aligned
- I048/100 bitmask not aligned
- I048/120 bitmask not aligned
- I048/230 bitmask not aligned
- I048/RE.MD5 subfield indexes are followed by a comma
- I048/RE.MD5#02 bitmask not aligned
- I048/RE.MD5#05 bitmask not aligned
- I048/RE.M5N subfield indexes are followed by a comma
- I048/RE.M5N#02 bitmask not aligned
- I048/RE.M5N#05 bitmask not aligned
- I048/RE.RPC subfield indexes are followed by a comma
I062 bugfixes
- I062/060 bitmask not aligned
- I062/080.DUPF incorrect filter
- I062/110#02 bitmask not aligned
- I062/340#05 bitmask not aligned
- I062/380#10 bitmask not aligned
- I062/380#11 bitmask not aligned
- I062/390#03 bitmask not aligned
- I062/390#09.RWY is now a string instead of 3 different fields
- I062/390#12 bitmask not aligned
- I062/390#17 bitmask not aligned
- I062/510 bitmask not aligned
- I062/RE.CST bitmask not aligned
Change-Id: Ieefb53a10728205f2cefac718ac8668df29f1f8a
Reviewed-on: https://code.wireshark.org/review/32300
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a new subtree with Header fields Version, Reserved and Length.
Include padding length in the TLV entry.
Change-Id: I7c39253f4d2f5f3b2d5721d10af3f8b563ea0d04
Reviewed-on: https://code.wireshark.org/review/32346
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
In uclibc, _header is already in sigcontext.h:
packet-gtp.c:2361:16: error: redefinition of 'struct _header'
typedef struct _header {
^~~~~~~
In file included from /home/dawncrow/buildroot-test/scripts/instance-0/output/host/i686-buildroot-linux-uclibc/sysroot/usr/include/bits/sigcontext.h:30:0,
from /home/dawncrow/buildroot-test/scripts/instance-0/output/host/i686-buildroot-linux-uclibc/sysroot/usr/include/signal.h:311,
from /home/dawncrow/buildroot-test/scripts/instance-0/output/host/i686-buildroot-linux-uclibc/sysroot/usr/include/glib-2.0/glib/gbacktrace.h:36,
from /home/dawncrow/buildroot-test/scripts/instance-0/output/host/i686-buildroot-linux-uclibc/sysroot/usr/include/glib-2.0/glib.h:34,
from ../../epan/proto.h:28,
from ../../epan/packet.h:14,
from packet-gtp.c:43:
/home/dawncrow/buildroot-test/scripts/instance-0/output/host/i686-buildroot-linux-uclibc/sysroot/usr/include/asm/sigcontext.h:173:8: note: originally defined here
struct _header {
To fix this issue, transform _header and other named structures (with
the exception of gtp_conv_info_t) into unnamed structures
Fixes:
- http://autobuild.buildroot.org/results/c41d42fe3489bc63c42e7ce7a9eccb1b4ca7b9b2
Change-Id: I78116233c2a8dd7c54723b7cb558254bd5143bd2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-on: https://code.wireshark.org/review/32335
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If we go over 31, we get an invalid shift. It's due to malformed
packets. Add an expert info and exit the loop.
Bug: 14770
Change-Id: Icc17831ee23395ed2b0d414af09d86d1d1a6444c
Reviewed-on: https://code.wireshark.org/review/32316
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
hdr_ethernet is a flag indicating whether we should add a fake Ethernet
header or not; make it a Boolean.
Move number_of_padding_bytes() closer to where it is in
ui/text_import.c, and make it more like the version there.
Shift the direction flag to put it in the right bit position - or, at
least, throw in the shift constant to clarify that we're trying to put
it there, even if it's already in the right position (i.e., the shift
constant happens to be 0, as it happens to be in the low-order bits).
Fix a comment.
Change-Id: Ia643d9ab2188951a682bf773239d0175c0d578c2
Reviewed-on: https://code.wireshark.org/review/32337
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The elements in the tables listing UTF-8 and Boolean properties are
guints, which are *not* the same size as guint16's. (This isn't a
PDP-11 or a 68k-based machine with a compiler that has 16-bit ints or a
machine running 16-bit x86 code or....)
Bug: 15556
Change-Id: I14076584fea74c9c04e2d6b647212e7a2603c275
Reviewed-on: https://code.wireshark.org/review/32336
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This change adds dissectors for all error responses types up to
SMB3.1.1.
It also fixes "Malformed Packet" errors when dissecting error response
within compounded packet responses.
SMB2 Error responses are a bit convoluted. Error data can be a list
of error contexts which themselves can hold an error data field.
See [MS-SMB2] 2.2.2.1.
Pseudo-grammar summary:
ERROR_RESP := ERROR_DATA
ERROR_DATA := ( ERROR_CONTEXT + )
| ERROR_STATUS_STOPPED_ON_SYMLINK
| ERROR_SHARE_ID_SHARE_REDIRECT
| ERROR_BUFFER_TOO_SMALL
ERROR_CONTEXT := ... + ERROR_DATA
| ERROR_SHARE_ID_SHARE_REDIRECT
Change-Id: Ic601bfe53e0495e73736d6b00a5b8ce4d2517edc
Reviewed-on: https://code.wireshark.org/review/32314
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fixing some "implicit conversion loses integer precision" warnings
reported by clang with -Wshorten-64-to-32 option
Change-Id: Ica92971e689c28c6d1ea995e821d648a19186c09
Reviewed-on: https://code.wireshark.org/review/32331
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
in the case of compounded packets, there might be more packets after
the reparse data.
Change-Id: Ife820271be3f7443b352b4c0f75f10d1a0624699
Reviewed-on: https://code.wireshark.org/review/32312
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
* make the following return post-dissect offset:
- dissect_windows_sockaddr_in
- dissect_windows_sockaddr_in6
- dissect_windows_sockaddr_storage
* expose 'len' optional argument to dissect padded data
Change-Id: I83f0981b5aeb6a6f1f08df63fd1513d4b1dcbcef
Reviewed-on: https://code.wireshark.org/review/32313
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
g_async_queue_timeout_pop can return immediately on macOS and possibly
other OSes when using older versions of GLib. Replace it with
g_async_queue_pop and a "stop" sentinel value.
Bug: 15545
Change-Id: Id0bfacd4a94ec9645d2d27ba92d3a2f48e7d5f37
Reviewed-on: https://code.wireshark.org/review/32289
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
display True/False if a property is of type "bool"
display string if a property is of type "utf-8"
Change-Id: I3655b401298fc4cca9bcf5388707c90c4c1540bb
Reviewed-on: https://code.wireshark.org/review/31934
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Libpcap's done that for a while; we should do so as well.
(Ideally, we should use those bits, but there's an issue with pcapng,
where the FCS length in the IDB is described as being in units of bits,
but where we're treating it as being in units of bytes, that I'd like to
resolve first.)
Change-Id: Ibcb82f1dcaa8baae5bba55636cea8852a6af814e
Reviewed-on: https://code.wireshark.org/review/32303
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The spec is now accepted, so bringing these up to date.
Change-Id: I9489cd8c0b9255446c829f8202410d2d94272607
Reviewed-on: https://code.wireshark.org/review/31723
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Guy Harris