Change-Id: I46d0822b2939793990b7e0ef6a34bd421335c919
Reviewed-on: https://code.wireshark.org/review/33337
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This way if we try to decode non IP data as IP (due to preference
setting), this does not prevent the end of the packet from being
dissected.
While we are at it, let's improve the heuristics.
Change-Id: Ic5b76cd84554fcbd10c3cf59294783933196163a
Reviewed-on: https://code.wireshark.org/review/33331
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
With the addition of handling the rtcp and rtpc-mux media attributes
(see cde023c3c5) the default behaviour
of presenting the media attribute value itself was lost. This change
adds this back.
Bug: 15791
Change-Id: Ib0084b99961bfadf1d89c70b54bd4a0805f9b9f6
Reviewed-on: https://code.wireshark.org/review/33314
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The DPNSS specification for the Service Indicator Code
Synch/Asynchronous Information field states that the lower three bits of
this field define the Data Type. This requires a filter of three bits,
in this case 0x7, instead of 0x3 which is two bits.
CID 1159107
Change-Id: I38eec252c771adf085f98c3be077c9de102a37d2
Reviewed-on: https://code.wireshark.org/review/33317
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Current development builds and next official release of USBPcap will
feature generic unknown URB Function capture. When USBPcap notices URB
Function code that it does not understand, it'll write the USBPcap
pseudoheader with transfer type 0xFF (URB_UNKNOWN). The pseudoheader
will contain the IRP ID, status code, URB Function code, bus id, device
address and PDO->FDO or FDO->PDO flag. Other fields in the pseudoheader
will be 0.
Capturing such packets serves multiple purposes:
* Makes it clear that the USBPcap capture is incomplete
* Combined with expert info, makes casual users able to report device
whose driver does issue IRPs with unhandled URB Function codes
* Shows that USBPcap can be improved to capture such data
Bug: 15792
Change-Id: Ib44c6bf05dd9f025617368e44b7dc80b5910aacd
Reviewed-on: https://code.wireshark.org/review/33307
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
The _open_osfhandle() does take ownership of the handle and thus the
underlying handle gets closed at the same time as the file-descriptor.
As we want to preserve the underlying pipe handle, create a duplicate
handle and use the duplicate handle with _open_osfhandle().
Change-Id: Iaa52fbae8e72b1ba74ab8ea9a44def8dc2ab4570
Reviewed-on: https://code.wireshark.org/review/33251
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: Ic9f9e323420bf6add83c7a8f7b56a6206eeb2c67
Reviewed-on: https://code.wireshark.org/review/33295
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The content of the list returned by g_hash_table_get_values() is owned by
GHashTable and should not be modified or freed. However, the list itself
should be freed using g_list_free().
Change-Id: Ie4a1da290f25dbd6dc2f3a01f051bfca13bb01d3
Reviewed-on: https://code.wireshark.org/review/33281
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
As for debian/rpm/bsd add a script that helps the user to setup
a development environment for alpine.
Tested on s390x alpine.
Change-Id: Ib4e002385ce748b764ae7ff51f39a9cfce61590c
Reviewed-on: https://code.wireshark.org/review/33268
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It was using the same index into the input and output strings, which
means that if it escaped any character, it would skip the next two
characters in the input sring.
It was also not clearing is_reserved before testing whether a character
was reserved, so once it saw a character that neede dto be escaped, it
would escape all subsequent characters.
It was only used in get_key_string(), which was never used, so it was
dead code, but let's at least fix it, even if we end up removing that
code, so that if we bring it back, we bring back a non-broken version,
and so that if anybody *else* uses it, it's not broken.
Change-Id: I36588efad36908e012023bcfbd813c749a6a254f
Reviewed-on: https://code.wireshark.org/review/33287
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make a configurable preference to show the publish message as text
to bring back the old behavior.
Ping-Bug: 15738
Change-Id: I90ff4ab4c8fe857fa7ea585f67aef516d84c22c1
Reviewed-on: https://code.wireshark.org/review/33284
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
There may need to be more of these.
Bug: 15740
Change-Id: I5d3a97ed50d66dfcb85df0ab7053e8a44c531134
Reviewed-on: https://code.wireshark.org/review/33280
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This value is used when checking if the file was generated on a
machine with different endianess. The error message changes from
"Unrecognized pcapng format or not pcapng data."
to
"dumpcap: Interface 0 is big endian but we're little endian."
Fix dumpcap.c and pcapio.c.
Ping-Bug: 15754
Change-Id: I3a31f873f01bcb3f1324410e70f29f285e56c715
Reviewed-on: https://code.wireshark.org/review/33274
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Found by clang with -Wextra-semi
Change-Id: I259f168759caab239c0e67526afbfa62c032b8b6
Reviewed-on: https://code.wireshark.org/review/33283
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Since the "quic " label was dropped in draft -17 (which happens to be
our minimum supported QUIC draft version as well), the QUIC and TLS 1.3
base secrets are the same again. Temporarily accept both the QUIC_xyz
and xyz labels, hopefully we can drop the "QUIC_" label soon.
Change-Id: Ib3919997db75c2e9652239a5d6400876df745fdb
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/33275
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Use the standard TLS 1.3 Key Update variant (broken since draft -13).
Fix key_phase change detection (gboolean is signed, and 1 != -1, so it
would always trigger a key update when KP1).
Fix typo that breaks Key Update for the client (server_pp -> pp_state).
Tested with attachment 17132 from the linked bug.
Bug: 13881
Change-Id: I0246816e99d2e3ed509aa3ebb8a57b753399dde4
Reviewed-on: https://code.wireshark.org/review/33279
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This patch adjusts the inconsistent usage of the is_mandatory flag
passed to the dissect_* functions for optional IEs, which fixes the
issue of incorrectly parsed RSL ERR REP optional IEs and the equally
broken BCCH INFORMATION optional IE parsing.
Bug: 15789
Change-Id: I94ea8fe110d8d6aa6ebd0cec5013d3cc8fd55311
Reviewed-on: https://code.wireshark.org/review/33269
Reviewed-by: Harald Welte <laforge@gnumonks.org>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove duplicate defition of extcap_free_toolbar_control() and
extcap_free_toolbar_value().
Change-Id: Ia4c8ca6160017d769616579db158419426e664b7
Reviewed-on: https://code.wireshark.org/review/33224
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Filter repeated messages. Once a message box is closed, if there were
any duplicates, log warning message with the number of duplicates that
were supressed.
Ping-Bug: 4811
Change-Id: I0ce09d39a640a425f3288e0ab9d3f4ba7bf44bfa
Reviewed-on: https://code.wireshark.org/review/33241
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The name does not suggest that variables are freed in any way. Free the
mutex and cond where they are initialized, ie. in extcap_run_all().
Change-Id: I4e2ffacd32a8ba74831682438baed52e714433bb
Reviewed-on: https://code.wireshark.org/review/33223
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The content of the list returned by g_hash_table_get_keys() is owned by
GHashTable and should not be modified or freed. However, the list itself
should be freed using g_list_free().
Change-Id: I272616924bfd9178a925878a0458a173aff403ba
Reviewed-on: https://code.wireshark.org/review/33222
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Decode received payload as utf-8 string, replacing any invalid
characters with U+FFFD.
Change-Id: If80fbbec5c369f1098dbc1e46e092928aa0b0eb9
Reviewed-on: https://code.wireshark.org/review/33252
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The content of the list returned by g_hash_table_get_values() is owned by
GHashTable and should not be modified or freed. However, the list itself
should be freed using g_list_free().
Use g_strcmp0() to compare keys instead of strcmp() as it handles NULL
gracefully.
Change-Id: I8f5d70ffc2cd6eb5001b5086e4e31256b65431c7
Reviewed-on: https://code.wireshark.org/review/33246
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
When extcap fails before connecting to pipes, ws_write() in
InterfaceToolbar::controlSend() fails and error message is displayed to
the user.
Before this change, the message box would block until the user closes
the message. As the controlSend() was called inside "capture prepared"
context the remaining capture preparation code would wait for the user
action. However, the pipeTimeout() would get called before user confirms
the message as Qt would be processing all events in the main event
queue. This led to "capture failed" executing before "capture prepared"
finished. Such interruption caused multiple issues including freeing
buffer that was not yet allocated.
Bug: 15743
Change-Id: I6bc2734126292cdc5b560418069caf98747be68e
Reviewed-on: https://code.wireshark.org/review/33208
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The content of the list returned by g_hash_table_get_keys() is owned by
GHashTable and should not be modified or freed. However, the list itself
should be freed using g_list_free().
This fixes memory leak that happened on every selector option reload.
Change-Id: Id91055264fed9f7b8ab8dba9292d5f35389ca235
Reviewed-on: https://code.wireshark.org/review/33244
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The section "Writing a Good Commit Message" from the wiki has been
incorporated in the wsdg.
Missing parenthesis fix, while here.
Bug: 15752
Change-Id: I93f2a6956d366b3e1db0deab6d884f67748d3c54
Reviewed-on: https://code.wireshark.org/review/33254
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Some packages are missing, others are in the wrong place.
Change-Id: I396716e85e2106f527b7ff7ad5ee7a519061cbdd
Reviewed-on: https://code.wireshark.org/review/33264
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That way, if it's cut short by a snapshot length (or its length is
otherwise too large), we don't throw an exception before dissecting the
items that are present.
Change-Id: Id2521efdcf97f63f6826d62b4361722c7eef78c9
Reviewed-on: https://code.wireshark.org/review/33253
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Graham Bloice
Eric Wild