RAKNET_OFFLINE_MESSAGE_DATA_ID starts with 0x0, which means NULL
character. this give a string of length 0 and RakNet heuristic was
wrongly catching all UDP packets.
Let's do a memcmp instead of a strncmp.
Change-Id: I38e98838b114037bf37a218003bade88261a2dd8
Reviewed-on: https://code.wireshark.org/review/18167
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Icb3e924f48b8fa00d7a39fcbdc4400ad2c4c2b89
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/18163
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
packet-raknet.c now correctly dissects the following offline messages:
* ID_UNCONNECTED_PING
* ID_UNCONNECTED_PING_OPEN_CONNECTIONS
* ID_OPEN_CONNECTION_REQUEST_1
* ID_OPEN_CONNECTION_REPLY_1
* ID_OPEN_CONNECTION_REQUEST_2
* ID_OPEN_CONNECTION_REPLY_2
* ID_OUT_OF_BAND_INTERNAL
* ID_CONNECTION_ATTEMPT_FAILED
* ID_ALREADY_CONNECTED
* ID_NO_FREE_INCOMING_CONNECTIONS
* ID_CONNECTION_BANNED
* ID_INCOMPATIBLE_PROTOCOL_VERSION
* ID_IP_RECENTLY_CONNECTED
* ID_UNCONNECTED_PONG
packet-raknet.c now correctly dissects the following system messages:
* ID_CONNECTED_PING
* ID_CONNECTED_PONG
* ID_CONNECTION_REQUEST
* ID_CONNECTION_REQUEST_ACCEPTED
* ID_NEW_INCOMING_CONNECTION
packet-raknet.h exports the following functions:
* raknet_add_udp_dissector()
* raknet_delete_udp_dissector()
* raknet_conversation_set_dissector()
packet-raknet.c now dissects message flags, reliability, reliable message number and so on. It now reassembles fragmented packets, supports heuristics, supports dissecting combined packets, and gives up dissecting messages when they are encrypted.
packet-raknet.c now calls subdissectors with a tvbuff buffer only having a message ID and payload. It first tries to locate a subdissector based on the port, and then tries heuristic dissectors if any.
packet-mcpe.c is updated so that it uses the new raknet interface, and it now correctly dissects the following game packets:
* 0x01 Login
* 0x03 Server to Client Handshake
* 0x06 Batch
packet-mcpe.c now supports heuristics, and gives up dissecting packets in a conversation once it sees a "Server to Client Handshake" packet because everything, including packet ID, are encrypted after that.
Change-Id: I92c0b3ff0f18d22d4513bb014aeb4ea6475fb06c
Reviewed-on: https://code.wireshark.org/review/18044
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fixes:
- Fix crash (heap-use-after-free) on removing a record while editing.
- Mark a record as invalid if any of the fields fail the validation.
(Fixes crash in at least the ISAKMP dissector.)
- Prevent saving of invalid UAT entries (e.g. empty UATs).
- Do not close the dialog on pressing Enter/Escape while editing,
close the editor instead.
- Fix HTML injection in the error messages.
Improvements:
- Tab-navigation now works between fields.
- The field editor is now closed once the focus is lost.
- Fields that fail validation are marked (currently with a pink color).
- The error hint selection has become smarter (see comments in
UatDialog::checkForErrorHint).
- Properly recognizes PT_TXTMOD_HEXBYTES formats like "aa:bb"
(previously it would not expect the ":" and report a bad length).
A validator prevents invalid strings from being entered.
- The OK button is disabled when new/edited records are bad. Notably,
existing (possibly invalid) records are skipped. (Bug 7471).
Live validation (while typing in the editor) was dropped during
conversion, but it can be added later if desired.
Drag and drop reordering still needs to be implemented.
Bug: 11714
Bug: 7471
Change-Id: Ic0b6a177f90503fbd65b5001d8a87a10e38f4d64
Reviewed-on: https://code.wireshark.org/review/17994
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
According to specification:
Value(UUID): 00000000-0000-0000-0000-000000000000
Meaning: Reserved
Use: The value NIL indicates the usage of the implicit AR.
Change-Id: Iea807f14bf6da36700b778a1383ebd970aa105a5
Reviewed-on: https://code.wireshark.org/review/17951
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Fix bug caught by scan build (module not read)
2. Remove range preference call that should have been part of original patch.
Change-Id: I24b1fb253548bffddc4c8ebfc3ede666d8fd9dcd
Reviewed-on: https://code.wireshark.org/review/18143
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make sure the paths we pass to "cat" and "abi-compliance-checker
-log-path" match.
Change-Id: Ie68b445b9d92d85c0ed1eb508a78c0bcc960d061
Reviewed-on: https://code.wireshark.org/review/18156
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Bug: 12985
Change-Id: Iceacd3d122337091380d56bd7fa9875bf7cb4d47
Reviewed-on: https://code.wireshark.org/review/18134
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If18d4797a8ace9f93546cac0d2d6f09bf7086cc3
Reviewed-on: https://code.wireshark.org/review/18145
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 12998
Change-Id: I3e9739dd9863e615c2ca0fc91f043c8562e4203e
Reviewed-on: https://code.wireshark.org/review/18142
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 12906
Change-Id: I0dafdd74b21b27189d0a532c679e449c536f76f0
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/17725
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It's broken for recent GLib versions and there is no time frame for
a fix.
Ping-Bug: 12997
Change-Id: Ia687af9b0df8fc37121179ba20761c878bf57057
Reviewed-on: https://code.wireshark.org/review/18140
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Make sure we check the exit status of the Valgrind process, not the most
recently executed command.
Change-Id: I3b6bd427383e4271b9ed38a10da6db506a511dc1
Reviewed-on: https://code.wireshark.org/review/18138
Reviewed-by: Gerald Combs <gerald@wireshark.org>
1. Combine various Attribute ID filters into a single one "cip.attribute", so that it's easier to find a certain attribute in any part of the packet. This makes sense because Attributes refer to the same property, but various types of messages can have that field in different locations. This applies to Get/Set Attribute Single, Get/Set Attribute List, Get Attributes All.
2. Connection Manager: Dissect more attributes
3. Port: Display the Port Type name
4. Get/Set Attribute Single: Show unparsed data as raw bytes. Previously, if there were extra bytes they were not displayed.
5. Get/Set Attribute List: Show remaining data for unknown attributes under the main Attribute List tree, instead of under the unknown Attribute ID tree.
6. Display Attribute ID as DEC, since the specification tables are in decimal.
7. Update Class list
8. Minor: Remove some unused variables, typos
Change-Id: I1a65da5f827484a3cd0e49ec944572ea5a166db1
Reviewed-on: https://code.wireshark.org/review/18118
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Can prevent really long loops from fuzz testing.
Bug: 12851
Change-Id: I85e00af2c4753ce4c5bcb650a7df188d7f679c9a
Reviewed-on: https://code.wireshark.org/review/18136
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 12967
Change-Id: Ic7a52d4ee5dea896044c1c97b7b48f13e21f2762
Reviewed-on: https://code.wireshark.org/review/18135
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
In tshark the UTF8 arrow overlaps the ports.
When pcap file has more than 999 packets the output is
no more aligned.
Bug: 12502
Change-Id: I07f90bbc0d2f065458bc07b7fde8f6a651951b60
Reviewed-on: https://code.wireshark.org/review/18109
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Change-Id: I75c0165948325c2e50918706d8a821411761727b
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/17734
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This patch introduces new APIs to allow dissectors to have a preference for
a (TCP) port, but the underlying data is actually part of Decode As functionality.
For now the APIs are intentionally separate from the regular APIs that register a
dissector within a dissector table. It may be possible to eventually combine the
two so that all dissectors that register with a dissector table have an opportunity
to "automatically" have a preference to adjust the "table value" through the
preferences dialog.
The tcp.port dissector table was used as the guinea pig. This will eventually be
expanded to other dissector tables as well (most notably UDP ports). Some
dissectors that "shared" a TCP/UDP port preference were also converted. It also
removed the need for some preference callback functions (mostly when the callback
function was the proto_reg_handoff function) so there is cleanup around that.
Dissectors that has a port preference whose default was 0 were switched to using
the dissector_add_for_decode_as_with_preference API rather than dissector_add_uint_with_preference
Also added comments for TCP ports used that aren't IANA registered.
Change-Id: I99604f95d426ad345f4b494598d94178b886eb67
Reviewed-on: https://code.wireshark.org/review/17724
Reviewed-by: Michael Mann <mmann78@netscape.net>
The text on the left hand side of the RTP Stream Analtsis window is
a (HTML) table of table headers followed by table data. For some reason
the table data is center aligned in the cells of the table. This does not
line up with the text in the table header cells.
See http://imgur.com/a/QIQFd
Also the HTML document is not compliant. Closing tags are missing, for
td and html itself.
Change-Id: I1cd58e8702db12433c863757141a6b68c1e2550c
Reviewed-on: https://code.wireshark.org/review/18074
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>