For each ZCL cluster there is the possibility to implement manufacturer specific attributes and commands.
This is done by setting a flag (Manufacturer specific = true/false) in the Frame Control Field of the ZCL frame.
If this flag is set then also the Manufacturer Code is added to the ZCL frame.
Example: Manufacturer Code = 0x100b = Philips.
So basically this means that the meaning of an attribute/command is dependent on the manufacturer code.
Currently the ZCL frame is parsed and the manufacturer code is also dissected and displayed correctly.
However, the dissection of manufacturer specific attributes and commands is not done properly.
Their is no distinction between a global attribute/command and a manufacturer specific attribute/command.
This results in the incorrect dissection of these manufacturer specific attributes/commands.
This patch fixes this issue.
The registration of a cluster is now done with a cluster Id AND the manufacturer specific code.
Change-Id: I5d4aeb5473fd56f2a570d2a1f83d1090d42423ab
Reviewed-on: https://code.wireshark.org/review/26440
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Set CREATE_BREAKAWAY_FROM_JOB only on Windows 7 and earlier. It's not
needed otherwise and might fail in some cases.
Change-Id: I15843b5c1ae3c352fa267228b94b6933074a07f3
Reviewed-on: https://code.wireshark.org/review/26465
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Set our initial geographic coordinates to DBL_MAX, otherwise we might
give people the wrong impression about the PIRATA weather buoy at 0°0'0"
N 0°0'0" E.
Change-Id: I34683883ef02c4fe40d5d93a7695d0cca277345c
Reviewed-on: https://code.wireshark.org/review/26463
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Get rid of CMake's TestBigEndian and Autotools' AC_C_BIGENDIAN checks in
favor of G_BYTE_ORDER. We use G_BYTE_ORDER elsewhere and TestBigEndian
is noticeably slow on Windows.
Change-Id: Idc1326294db9cbee8f6b6b11c2028fc4d19acbf0
Reviewed-on: https://code.wireshark.org/review/26462
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Remove our popcount implementation in favor of ws_count_ones, which
is our other popcount implementation. This required updating and
running process-x11-xcb.pl.
Change-Id: I8634c55242113b338c5b0173837c35f98b148b4f
Reviewed-on: https://code.wireshark.org/review/26454
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The on-air time for a packet was calculated wrong because it was
using the wrong number of on-air bytes. This has been corrected.
Calculating delta time start-to-start for BLE 4.2 requires support
for on-air packet size up to 255 bytes (LE Data Length Extensions).
For this the payload length size in the header has changed to two
bytes.
Calculating delta time start-to-start for BLE 5.0 needs physical
layer data rate (LE 1M PHY or LE 2M PHY). For this the flags was
extended with PHY values.
Removed superfluous min and max length checks.
Change-Id: I40bef14f0c19ee77a402efc76e5d01826e63e603
Reviewed-on: https://code.wireshark.org/review/26457
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix two compile time warnings while at it.
Change-Id: I4e1539bec9a5b5092acde221e1d434dbd325ab42
Reviewed-on: https://code.wireshark.org/review/26453
Petri-Dish: Jörg Mayer <jmayer@loplof.de>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Add dissection of more tokens in the TDS5 tokenized request packet. These include RPC calls and parameterized language calls. The majority of the remaining tokens are associated with cursors. Cursors are a large enough problem to merit a separate patch.
Change-Id: I5bdf33cd167178c2bc6027a5434740d70ef50744
Reviewed-on: https://code.wireshark.org/review/26455
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Skip some header checks on Windows when we're sure they will always
be true.
Change-Id: I4ff7c867b9268a53692085553055dcbc0f90ae1d
Reviewed-on: https://code.wireshark.org/review/26452
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Exclude wmem_test from the default Wireshark.sln build similar to our
other test programs.
Change-Id: If9a16944823bb3a928260c5e1307870253f1da8f
Reviewed-on: https://code.wireshark.org/review/26456
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Extract code for reuse with early data decryption. No functional change.
Change-Id: I0df1a12a9780a8cfba951e9944ce9665a4b70f7a
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/26444
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I34f610a19a972db1c08d7896453e5ed671ec4dc6
Reviewed-on: https://code.wireshark.org/review/26394
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
At the moment, Lua dissectors always pass a NULL data parameter, so
dissectors like eth should gracefully handle that.
Bug: 14293
Change-Id: Ida4d0530a9c417db5960475274315d4acc3704a8
Fixes: v2.1.0rc0-1575-g8ec153f938 ("Have the "maybe an FCS" version of the Ethernet dissector take a data argument.")
Reviewed-on: https://code.wireshark.org/review/26431
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The dissector had been a plugin since at least 1.3 (based on comments in the
dissector). Not all of the most current APIs were used for functionality
and there was some cruft left over.
Also disable F5ETHTRAILER by default since it doesn't have a discriminating
heuristic.
Change-Id: I8c977167a906eafd6fbb663d2fe6c44f080f2209
Reviewed-on: https://code.wireshark.org/review/26428
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
All current uses of ws_find_media_type_parameter need wmem_packet_scope(), but there
is no sense in limiting what other dissectors may want to do.
Change-Id: I35b0dd2a024a0ae0a8345577dd92a1a21ddd2cc4
Reviewed-on: https://code.wireshark.org/review/26427
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
- show the MIC of the received packet
- show only payload (without) MIC as data when decryption failed
- show key number (UAT row index) used for decryption
- small cleanups
Change-Id: I7815349e99b178c219a0e649d3d65f0b6eaa7201
Reviewed-on: https://code.wireshark.org/review/26362
Reviewed-by: Ed Beroset <beroset@ieee.org>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ie56e3546fc1bc5da61f95456e15544a2880c819d
Reviewed-on: https://code.wireshark.org/review/26418
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The length check in dissect_enip_tcp() was previously removed but
it's necessary to filter out one byte messages that are mostly likely
TCP keep alives.
Bug: 14434
Change-Id: I44c10aaf0a2e06870ad82f87aab9d72548b77f9f
Reviewed-on: https://code.wireshark.org/review/25807
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add and dissect country ISO codes. Prefer them when printing summary
information.
Change-Id: I3ce2bde88fa5ca2604c8bb745c42f239660252ff
Reviewed-on: https://code.wireshark.org/review/26415
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
C prior to C99 and C++ prior to C++11 don't allow a comma there; we
require C99, at least on UN*X, but don't require C++11.
Change-Id: Ia652de44315d4d87e75f583317b7b1069c8804e7
Reviewed-on: https://code.wireshark.org/review/26411
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's not just worrying about the lack of a check for a null return, it's
worried about the leak. Assign the result to a different variable and,
if the result is null, free the old data before exiting, and if it's not
null, assign the new variable to the one we're using as a pointer to the
array.
Change-Id: Ia1d5d271293e13708c35a7562a1f40671304c417
Reviewed-on: https://code.wireshark.org/review/26410
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add ws_pipe_kill_child_on_exit, which associates a child process handle
with a job object that has the JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE
flag set.
Call it when we create a process in ws_pipe_spawn_sync and
ws_pipe_spawn_async. Note that we might want to use it elsewhere.
Change-Id: Ia0f6863ea4df0ab8623bb923a49da7776d83bd33
Reviewed-on: https://code.wireshark.org/review/26398
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This should squelch a warning from VS Code Analyzer.
Change-Id: I69e528c3dfd851d287b1faebc1469cd700fa9ef5
Reviewed-on: https://code.wireshark.org/review/26402
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Unlikely, but not impossible, and should squelch a VS Code Analyzer
warning.
Change-Id: I399c08896a3f08962ca46483d47ba5f6cbe4f28e
Reviewed-on: https://code.wireshark.org/review/26400
Reviewed-by: Guy Harris <guy@alum.mit.edu>