-use g_snprintf instead of sprintf and snprintf
-use g_strdup_printf where appropriate
-remove #include "snprintf.h" (as only g_snprintf should be used)
-replace some more alloc/realloc/calloc/free with their glib pendants
svn path=/trunk/; revision=15264
Unfortunately, this is *very* safe now as it will mark a lot of DCE/RPC packets as malformed, thus the reassembling code won't work with most packets :-(
I've replaced this with the correct check and used THROW(ReportedBoundsError) instead which is hopefully the right error in this case.
BTW: could someone please add a description of the ReportedBoundsError vs. BoundsError to the code as I still don't get it.
In addition: Use a toplevel tree item to display the DCE/RPC defragmentation just as it's done in the TCP desegmentation code.
svn path=/trunk/; revision=15188
(presumably-)harmless-but-otherwise-unremovable const-to-nonconst
warnings.
In the TACACS dissector, clean up the variables used in option parsing
to avoid some const-to-nonconst warnings.
Clean up some white space.
svn path=/trunk/; revision=15043
make dissect_dcerpc_uuid_t() accept eitehr FT_STRING (old style) and FT_GUID (new style) hf fields. once all dissectors are modified to use FT_GUID we can remove the FT_STRING support here.
regenerate the DRSUAPI interface with the new FT_GUID support.
svn path=/trunk/; revision=14912
This is extremely useful, to keep track of the corresponding request/response packets of a DCE/RPC call (which can be quite a lot packets if fragmentation is used).
svn path=/trunk/; revision=14826
in a simple approach, I've replaced all g_assert() and g_assert_not_reached() calls by their exception throwing counterparts DISSECTOR_ASSERT() and DISSECTOR_ASSERT_NOT_REACHED()
this will replace application crash by showing a dissector bug, which is the desired behaviour
there were some g_assert calls in the protocol registering functions, which might not be acting as expected now, but to be able to simply search for g_assert in the future I've replaced that calls too
one g_assert remained, the one when someone throws an unknown exception "into" packet_frame.c, but IMHO this one should remain.
svn path=/trunk/; revision=14608
set "n*DCERPC" in the proto column if more than one RPC call in a TCP PDU, overwriting the interface name, as there's probably more than one interface involved
add some more RPC info to the toplevel RPC proto_item
add a comment, if some bytes are not dissected but might be in the next TCP PDU
svn path=/trunk/; revision=14490
cerlare it as a parameter that is a struct/union and not a ref pointer to one.
this is ok since toplevel ref pointers are invisible in the wire encoding anyway.
unfortunatelky ethereal dce runtime needed to see that pointer to keep track of whisch one was a toplevel and which one wasnt.
implement a new api to call pointers which explicitely specifies whether the pointer is toplevel or embedded.
eventually all dce dissectors will use this new interface and the generic dissect_ndr_pointer() can be retired.
svn path=/trunk/; revision=13755
(cifs: dc's talking to eachother and when longhorn comes out: anyone wanting to talk dce to a dc!)
((this is an incredibly advanced feature well worthy of mentioning in NEWS))
svn path=/trunk/; revision=13690
1) Added a setup_frame parameter to conversation_t
2) Used the conversation_t next to maintain a list of conversations with the
same src/dest tuple but different setup_frame number.
3) Changed the signature of find_conversation() and conversation_new() to pass
in the frame number.
4) Adjusted packet-sdp to select RTP conversation if both m=audio and m=image
are present, and T.38 conversation if only m=image is present. I expect that
RTP/T.38 dissecting to be better, but I don't have a way to generate T.38
packets.
svn path=/trunk/; revision=13243
another part of the PROFINET dissectors (PN-CBA, including a lot of generic DCOM dissection) still some work to be done ...
svn path=/trunk/; revision=12776
NTLMSSP, the state of the RC4 stream is dependent on the stub being
decrypted before the verifier.
Correctly set the length and reported length of the tvb for the stub
(the reported length of that tvb should be set based on the *reported*
length of the parent tvbuff, not the captured length).
svn path=/trunk/; revision=11938
I (hopefully) didn't changed any protocol fields or preference file names, but only the GUI labels appearing in the protocol display and the protocol preferences.
Also added a note to the protocol preferences (where appropriate), that you have to enable "Allow subdissectors to reassemble TCP streams" at the corresponding protocol settings for TCP reassembling to take effect.
If you encounter any mistakes I've made here, please let me know...
svn path=/trunk/; revision=11784
Also move ncp222.py, x11-fields, process-x11-fields.pl,
make-reg-dotc, and make-reg-dotc.py.
Adjust #include lines in files that include packet-*.h
files.
svn path=/trunk/; revision=11410
Ulf Lamping