Fix dissection of the NTLMSSP v2 Challenge Response. The old code would loop
over the Attributes until the end of the Response, however in reality the last
values of a Response are four 0 bytes and maybe padding. Also change the names
of the values to match those from the Microsoft specification. Also change the
name of one flags bit from unknown to "Anonymous", again according to the
Microsoft spec.
svn path=/trunk/; revision=49258
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
tvbuff and runs to the end of the tvbuff? Let me count the ways....
Replace a bunch of different ways of doing that (some incorrect, in that
they're not properly handling tvbuffs where the captured and reported
lengths are different) with tvb_new_subset_remaining().
svn path=/trunk/; revision=47751
Cast away some implicit 64-bit-to-32-bit conversion errors due to use of
sizeof.
Cast away some implicit 64-bit-to-32-bit conversion errors due to use of
strtol() and strtoul().
Change some data types to avoid those implicit conversion warnings.
When assigning a constant to a float, make sure the constant isn't a
double, by appending "f" to the constant.
Constify a bunch of variables, parameters, and return values to
eliminate warnings due to strings being given const qualifiers. Cast
away those warnings in some cases where an API we don't control forces
us to do so.
Enable a bunch of additional warnings by default. Note why at least
some of the other warnings aren't enabled.
randpkt.c and text2pcap.c are used to build programs, so they don't need
to be in EXTRA_DIST.
If the user specifies --enable-warnings-as-errors, add -Werror *even if
the user specified --enable-extra-gcc-flags; assume they know what
they're doing and are willing to have the compile fail due to the extra
GCC warnings being treated as errors.
svn path=/trunk/; revision=46748
General cleanup:
- use expert...() instead of a 'printf()';
- #include <stdio.h> only if debug enabled;
- remove unneeded variable initializations;
- localize some variables;
- reformat hf[] entries;
- use consistent whitespace formatting.
svn path=/trunk/; revision=44545
This patches add some missing things for SMB2/3 and support for decryption
of SMB3 traffic
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7645
From me: Change an initializer from C99 to C89 style (since the
Microsoft compiler doesn't support C99).
svn path=/trunk/; revision=44542
Also (for a few files):
- create/use some extended value strings;
- remove unneeded #include files;
- remove unneeded variable initialization;
- re-order fcns slightly so prefs_reg_handoff...() at end, etc
svn path=/trunk/; revision=44438
1. If there's no character encoding (ENC_ASCII, ...) specified
then use ENC_ASCII.
2. For all but FT_UINT_STRING, always use ENC_NA
(replacing any existing True/1/FALSE/0
/ENC_BIG_ENDIAN/ENC_LITTLE_ENDIAN).
svn path=/trunk/; revision=39426
Specifically: Replace FALSE|0 and TRUE|1 by ENC_BIG_ENDIAN|ENC_LITTLE_ENDIAN as
the encoding parameter for proto_tree_add_item() calls which directly reference
an item in hf[] which has a type of:
FT_UINT8
FT_UINT16
FT_UINT24
FT_UINT32
FT_UINT64
FT_INT8
FT_INT16
FT_INT24
FT_INT32
FT_INT64
FT_FLOAT
FT_DOUBLE
svn path=/trunk/; revision=39288
FT_NONE
FT_BYTES
FT_IPV6
FT_IPXNET
FT_OID
Note: Encoding field set to ENC_NA only if the field was previously TRUE|FALSE|ENC_LITTLE_ENDIAN|ENC_BIG_ENDIAN
svn path=/trunk/; revision=39260
present only if the NTLMSSP_NEGOTIATE_VERSION flag is set in the flags
field, and that appears to be true in at least one capture I've seen.
svn path=/trunk/; revision=37197
This is necessary in case a subdissector had changed it but was unable to
restore it (due to the exception).
Remove check_col().
svn path=/trunk/; revision=34436
Rename two g_... functions so as to not be in GLib namespace;
Move proto_register... to just before proto_reg_handoff...
Reformat some lines;
More Whitespace cleanup.
svn path=/trunk/; revision=34354
- decode all attributes as specified in MS-NLMP;
- use common code for target-info and ntlmv2 attribute dissection;
Add filter for the "version" field;
Remove some obsolete #if 0'd code.
svn path=/trunk/; revision=34350
Anders Broman