Commit Graph

90552 Commits

Author SHA1 Message Date
John Thacker 7dc0f853c6 prefs: Fix null defererences, remove obsolete function
Null dereference check to fix Coverity CIDs 1399640 and 1399641.
Remove a function that has been unused for a decade.
2024-02-27 20:25:05 -05:00
John Thacker 7583014fb0 MEGACO: Remove some long obsolete code
Remove some long obsolete code that dates back to before the
binary H.248 protocol was separated into an ASN.1 dissector
2024-02-27 19:03:21 -05:00
John Thacker d62cc2b175 MEGACO: Dissect statisticsDescriptor inside mediaDescriptor
Versions 2 and 3 of MEGACO (H.248 text) added statisticsDescriptor
to one of the options for a streamParm that can appear inside a
mediaDescriptor. Dissect it.

Part of #11080
2024-02-27 18:04:28 -05:00
Anders Broman 3d8e72fdf9 macos-setup-brew: Use LUA 5.4 2024-02-27 22:55:56 +00:00
Pau Espin fdcc57302f gsup: Add PCO IE
This IE is present in the ePDG Tunnel Request/Result messages to forward
protocol configs between the UE (IKEv2) and the PGW (GTPv2C), with ePDG in the middle.

https://gerrit.osmocom.org/c/osmo-gsm-manuals/+/36023
https://gerrit.osmocom.org/c/libosmocore/+/36024
2024-02-27 21:47:12 +00:00
Pau Espin 46123c430a gsup: Add ePDG Tunnel Request/Error/Result messages
These messages are used in the GSUP-based CEAI interface between
strongswan IPsec and osmo-epdg, which acts basically as a forwarding
protocol between IKEv2 on the UE side and GTPv2C S2b towards PGW + Diameter
SWm towards AAA Server.

Those fields are already present in libosmocore, GSUP reference
implementation [1].

[1] https://gitea.osmocom.org/osmocom/libosmocore/src/branch/master/include/osmocom/gsm/gsup.h#L205
2024-02-27 21:47:12 +00:00
Pascal Quantin 611ed98634 Diameter: add 3GPP Third-Context-Identifier AVP definition 2024-02-27 15:46:16 +01:00
John Thacker 84ffa648ea ENRP: Check for invalid parameter & error cause lengths
The value in the length field in ENRP parameters and error causes
include the length and types, and must be at least 4. In particular,
not erring on zero can cause an infinite loop.

https://datatracker.ietf.org/doc/html/rfc5354

Fix #19674
2024-02-27 09:05:03 -05:00
Jie Han 49d15ea4e8 Wifi(NAN): Minor fix for NAN dissector
Fix typos and bugs in NAN dissector.
Separate NDP and NDPE control field
2024-02-27 13:20:39 +00:00
Patrik Thunström 96ab1b9571 ptp: Improve display of rateRatio allowing more decimals. 2024-02-27 11:21:08 +00:00
Martin Mathieson 2b9dcdc346 Protobuf: Add a UAT table to map URI -> message_type 2024-02-27 10:00:14 +00:00
Jie Han bce195d8e0 Update existing NAN attributes to NAN R4
NAN Availability Attribute, Device Capability Attribute, Cipher Suite
Info Attribute.
2024-02-27 08:56:56 +00:00
John Thacker b517471bc4 Qt: Show tooltip in sequence diagram for elided comments
If the comment (i.e. Info column) text is elided, show the
full text as a tooltip. We already show it down in the status
hint text, but it's nice not to have to look all the way at
the bottom of the window.

Somewhat related to #4972
(I think, for that one, we will probably need to make the
column width controlled by a different widget rather than a
QSplitter, because making it a QSplitter would make the comments
no longer an axis, and then they wouldn't be printed.)
2024-02-27 08:48:59 +00:00
John Thacker 4fcb4b5364 Remove PREF_DECODE_AS_UINT
PREF_DECODE_AS_UINT has been unused since all auto port preferences
were made ranges by  8604d03a98

Remove it.

Ping #14319
2024-02-27 08:47:03 +00:00
Triton Circonflexe 9840e6247f Thrift: Align the endianness for double
Compact protocol uses little endian doubles instead of big endian like compact.
This issue is documented as an accident that became the de-facto standard.

For consistency, the sub-tvbuff_t given to delegated sub-dissectors is aligned
with binary protocol to allow a sub-dissector to work with both binary and compact.
2024-02-27 08:45:02 +00:00
Triton Circonflexe 4eaf10bc4e Thrift: Fix recursion check
Previous recursion check only worked with generic dissector.
The introduced changes cover the sub-dissectors as well.

Remove the existing check as it counted basic types as well.
Add a check at every place where a sub-tree is created:
- containers (list, set, map)
- structures
2024-02-27 08:45:02 +00:00
Niels Widger 8989c732fc sharkd: Increase JSON buffer size from 2048 to 8192 bytes
This commit increases the maximum size for the JSON commands processed
by `sharkd` from 2048 to 8192 bytes.  The primary reason for this
change is to allow larger filters in `filter0`...`filter9` arguments
which, combined with the outer JSON boilerplate, can cause a command
to quickly hit the existing 2048-byte limit.
2024-02-27 08:42:53 +00:00
John Thacker d22842f662 Qt: Add case sensitive find to Follow Stream and Show Packet Bytes
Add a check box for case sensitivity when finding in follow stream
and show packet bytes.

Note that QPlainTextEdit::find() has a bit unexpected behavior with
QRegularExpression (https://bugreports.qt.io/browse/QTBUG-88721).
Searches are case-insensitive by default there too, respecting
the default options. This is a change from the older QRegExp, where
the option to find was ignored, and only the regex option was used,
so for the last few releases regexp searches have been case-insensitive
as well by default. (?-i) has been available to mode switch.

We might want to move the various keyboard handling from
FollowStreamDialog and ShowPacketBytesDialog and instead have
FindLineEdit install shortcuts on the parents when constructed.
That would be a little cleaner separation.

We might also want to move the buttons and label to a separate
composite widget class, that signals the parent to start a
find.

Fix #3784
2024-02-26 22:16:41 +00:00
John Thacker 3540bbc969 GSSAPI: Avoid dissecting checksum in signed-only KRB_TOKEN_CFX_WRAP
In KRB_TOKEN_CFX_WRAP (RFC 4121), for signed-only Wrap tokens
("Wrap tokens without confidentiality"), the plaintext is followed
by the checksum, unlike in other implementations where the all
the GSSAPI bits, including the checksum, precede the plaintext.

For those cases, the calling dissector cannot simply dissect
the entire original tvb after the returned offset, as it's not
all plaintext. Instead, place the plaintext without checksum
subset in gssapi_decrypted_tvb and return it to the caller.
In these cases, gssapi_data_encrypted will be set to FALSE, to
allow dissectors that wish to distinguished signed-and-sealed
from signed-only. For dissectors that do not care to distinguish
the cases, this requires no change.

Update the documentation in the GSSAPI header to describe this.

Fix #9398.
2024-02-26 16:58:09 +00:00
John Thacker 09f6a3aaa6 Qt: copy correct hidden state to device
The IFTREE_COL_HIDDEN is in fact a "Show" column (should the
names be changed?) so when saving the data the hidden state
is the opposite of the checked status.

We were doing the inverted logic when writing to the preferences,
but not when changing the device interface_t struct directly.
However, before 6e12e504b9
we always re-read the hidden state from the preferences after
changing it in the Manage Interfaces Dialog, so this bug wasn't
exposed until we stopped doing that and used the current status.

Fix #19672
2024-02-26 16:27:15 +00:00
Stefan Metzmacher 4d6941caa6 hipercontracer: don't consume LDAP/SASL/KRB_TOKEN_CFX_WRAP messages
See the capture in #9398 for an example.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2024-02-26 13:40:42 +00:00
Zoran Bošnjak 33c9657365 asterix: adjust to upstream change
Structure change in asterix-specs, revision 3ab3bb3.
Rule type is generalized and it now also includes a default value.
2024-02-26 09:22:51 +01:00
Martin Mathieson e0300eaed8 Fix lots of spellings 2024-02-25 22:46:47 +00:00
Gerald Combs eb706e9b84 [Automatic update for 2024-02-25]
Update manuf, services enterprise numbers, translations, and other items.
2024-02-25 17:08:05 +00:00
Eugène Adell 2744c7e7d0 doc: remove redundant section 2024-02-25 16:38:38 +00:00
Patrik Thunström 30c0ab964f CSV Export: Last column no longer exported when hidden.
Prior to fix the last column no matter if hidden or not was
always included when exporting packet dissections to CSV.

Fixes #19666.
2024-02-25 00:07:45 +01:00
John Thacker c0288ca829 Qt: Only set Packet List style sheet when relevant prefs change
Add a colorsChanged signal/slot, more precise than the generic
preferencesChanged signal, and only call it when one of the
color related preferences have changed. Connect it to the
packetList::colorsChanged() function, instead of calling that
whenever preferencesChanged() is called. We could eventually
move the signals and slots some of the other GUI widgets to this.

Send that signal before handling preferences that change
dissection and freeze the packet list, so that when we
restore the column widths due to Qt bug 122109 it takes effect.

The packet_list_hover_style preference affects colors, not
the layout, despite its presence in the GUI layout module.
2024-02-24 11:59:05 -05:00
John Thacker ea38f142e8 Qt: Work around QTBUG-122109 when applying packet list style sheet
https://bugreports.qt.io/browse/QTBUG-122109

A bug introduced by the fix for https://bugreports.qt.io/browse/QTBUG-116013
causes all visible sections to reset to the default section size whenever a
style sheet is applied (even if defaultSectionSize didn't change.)

Make sure that before applying a style sheet we prevent our recent
column widths from being updated, and then restore column widths
from the recent values afterwards.

This affects versions 6.5.4 (commercial only, 6.5.3 is the last free
release) and 6.6.1 and 6.6.2.
2024-02-24 09:59:25 -05:00
John Thacker e5e0797bd5 Qt: If no preferences have changed, don't signal
Enforce the requirement, already mentioned in the headers,
that preference and preference module effect flags must be
nonzero so that the application knows that a preference has changed.
(Lua, for example, needs this.)

Use this and avoid sending the PreferencesChanged signal when
preferences have not changed.
2024-02-24 08:37:08 -05:00
Martin Mathieson 63d6edbd3e thrift: make some functions static 2024-02-23 22:44:16 +00:00
John Thacker 92573aad71 RNSAP: Dissect IMSI 2024-02-23 20:08:41 +00:00
John Thacker 62e8882701 SCCP: Use register_dissector_preference
Switch SCCP's default payload preference from a string to validated
dissector name preference, added in 2f1392169a
2024-02-23 14:50:50 +00:00
John Thacker e5168435b5 dfilter: Add functions to override field base
Add field expression functions to convert unsigned integer
and char fields to hex or decimal. (BASE_OCT is handled
somewhat different currently now, presumably because it
can't be used in filters, so leave that commented until
it is handled as a display representation.)

Currently string() always converts unsigned integers to their
decimal representation so it is the same as dec(), but possibly in
the future string() might use the native base.

These can be used in columns thanks to the fix for #15990

Fix #5308
2024-02-23 13:31:44 +00:00
John Thacker ac90d8c834 Inject TLS Secrets: Check for NULL used secrets map
The GUI menu item should probably be disabled without a capture file
too.

Fix #19667
2024-02-23 07:56:18 -05:00
Martin Mathieson 5239b6bc8d Look into some items where VALS doesn't fit in mask 2024-02-23 11:52:11 +00:00
Uli Heilmeier 54b52063c5 falcodump: add missing AWS regions 2024-02-23 09:48:43 +00:00
hidd3ncod3s Sec a5dee645cf DNSCrypt: Add support to parse DNSCrypt Initial DNS request 2024-02-23 09:00:32 +00:00
John Thacker a65cce3c70 extcap: Use extcap.cfg as extcap config file name
"extcap" by itself can be the name of a directory that stores
extcap programs, especially if the default profile is being
used. Add an extension to the default file name so it doesn't clash.

Follow up to 4fb2ef8af8
2024-02-23 08:18:20 +00:00
Gerald Combs 0eb0d6fdb4 ICMPv6: Add a recursion check
Fix

```
wireshark/epan/dissectors/packet-icmpv6.c:1709:1: warning: function 'dissect_icmpv6_nd_opt' is within a recursive call chain [misc-no-recursion]
 1709 | dissect_icmpv6_nd_opt(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree)
      | ^
wireshark/epan/dissectors/packet-icmpv6.c:1709:1: note: example recursive call chain, starting from function 'dissect_icmpv6_nd_opt'
wireshark/epan/dissectors/packet-icmpv6.c:2247:30: note: Frame #1: function 'dissect_icmpv6_nd_opt' calls function 'dissect_icmpv6_nd_opt' here:
 2247 |                 opt_offset = dissect_icmpv6_nd_opt(tvb, opt_offset, pinfo, icmp6opt_tree);
      |                              ^
wireshark/epan/dissectors/packet-icmpv6.c:2247:30: note: ... which was the starting point of the recursive call chain; there may be other cycles
```
2024-02-23 03:36:20 +00:00
Gerald Combs 5a04c4ecee DHCPv6: Add a recursion check
Fix

```
wireshark/epan/dissectors/packet-dhcpv6.c:1846:1: warning: function 'dhcpv6_option' is within a recursive call chain [misc-no-recursion]
 1846 | dhcpv6_option(tvbuff_t *tvb, packet_info *pinfo, proto_tree *bp_tree,
      | ^
wireshark/epan/dissectors/packet-dhcpv6.c:1846:1: note: example recursive call chain, starting from function 'dhcpv6_option'
wireshark/epan/dissectors/packet-dhcpv6.c:2052:28: note: Frame #1: function 'dhcpv6_option' calls function 'dhcpv6_option' here:
 2052 |             temp_optlen += dhcpv6_option(tvb, pinfo, subtree,
      |                            ^
wireshark/epan/dissectors/packet-dhcpv6.c:2052:28: note: ... which was the starting point of the recursive call chain; there may be other cycles
wireshark/epan/dissectors/packet-dhcpv6.c:2958:1: warning: function 'dissect_dhcpv6' is within a recursive call chain [misc-no-recursion]
 2958 | dissect_dhcpv6(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
      | ^
```
2024-02-23 03:26:34 +00:00
Gerald Combs 1515b211e2 SMB2: Add recursion checks 2024-02-22 18:50:24 -08:00
Brian Sipos 40b210e1d6 cose: Peek ahead for map principal value before dissecting map items
This change updates references to obsoleted RFCs and I-Ds,
provides human-readable interpretation of kid values, and fixes
the text encoding type in proto_tree_add_cbor_tstr().

Fixes #19659
2024-02-23 00:12:00 +00:00
Patrik Thunström 8f49a831cf ptp: Corrected data type for cumulativeScaledRateOffset.
Aligning the data type with the 802.1AS specs the data type is
now INT32 instead of UINT32.
Also added a generated field where the scale and offset is removed
to easier interpret the actual accumulated rate ratio.
2024-02-22 23:19:59 +00:00
Martin Mathieson c72fc5b163 Fix some spelling errors 2024-02-22 20:28:19 +00:00
John Thacker b5ffe3deac QUIC: Handle early 1-RTT data from server
For our test in check_dcid_on_coalesced_packet, check the *last*
QUIC packet in the frame so far, not the first packet in the
frame.

Only create the quic_packet structure after checking for a coalesced
packet, so that the last QUIC packet in the frame is the previous
one, not the current one.

What happens if 0-RTT packets are lost and resent?  There's an
alternative suggestion featuring checking if the ciphers are
initialized on the first pass that might work too, but if we
did that, what happens if the server Handshake is fragmented,
reassembled, and the server sent some "0.5-RTT" data after the
last fragment but then had to resend a different Handshake fragment
later? We'd still get some 1-RTT data before the handshake was done.

Fix #19665 while still not upsetting #19503.
2024-02-22 19:20:28 +00:00
John Thacker 00c938b7a9 OSITP: Pass ED-TPDU to subdissectors
Fix #7393
2024-02-22 09:49:55 -05:00
Jaap Keuter ff23d579de SNMP: Add support for RFC 5343
Add identification of the 'local engine' format.
2024-02-22 04:54:44 +00:00
marmonier_c 25487eceef feat(#19647): decode Datum enum and Ver field
Use RFC 6225 (obsoletes RFC 3825)
2024-02-22 04:52:56 +00:00
marmonier_c 1703eea653 feat(#19647): decode resolution fields 2024-02-22 04:52:56 +00:00
marmonier_c f501c57fc3 feat(#19647): check longitude and latitude max value 2024-02-22 04:52:56 +00:00