It ends up dragging in libwireshark headers, which programs not linking
with libwireshark shouldn't do. In particular, including
<epan/address.h> causes some functions that refer to libwireshark
functions to be defined if the compiler doesn't handle "static inline"
the way GCC does, and you end up requiring libwireshark even though you
shouldn't require it.
Move plurality() to wsutil/str_util.h, so that non-libwireshark code can
get it without include epan/packet.h. Fix includes as necessary.
Change-Id: Ie4819719da4c2b349f61445112aa419e99b977d3
Reviewed-on: https://code.wireshark.org/review/11545
Reviewed-by: Guy Harris <guy@alum.mit.edu>
While IPv4 subnet masks are obviously related and similar to IPv4
addresses, they are distinct enough that they need to be treated
seperately in some aspects. For instance, there is no value in
attempting to resolve a subnet mask.
This change creates a new display type: BASE_NETMASK, which allows distinction from FT_IPv4
(and possible name resolution) where appropriate.
Change-Id: I99e19c9a58eb613f8e58d481af84c30e2e5e14d7
Reviewed-on: https://code.wireshark.org/review/10438
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Those lengths had better fit in an int if they're added to packet offsets.
(BTW, gsize is the spawn of Satan; it should never be used except when
you're dealing with GLib. It *should* have just been another name for
size_t, but it's 32 bits on 64-bit Windows, which means it's narrower
than size_t, which causes us some pain with g_snprintf().)
Change-Id: Icd8f0632242303dbea0d80e0dad45b317097daaa
Reviewed-on: https://code.wireshark.org/review/10516
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Only make one pass through the parameter list, adding fields as we go. Use a
wmem_strbuf to simplify string construction. Extract the "add a param" switch
into its own function so it can be called from two different places.
Should be far easier to reason about, and much more efficient.
Change-Id: I0818e0b98cbc6d2025c776bce82e56fb72e8753a
Reviewed-on: https://code.wireshark.org/review/10505
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Uli Heilmeier <openid@heilmeier.eu>
Reviewed-by: Evan Huus <eapache@gmail.com>
This commit adds handling for option 242 to bootp.
The value of the Avaya option 242 is a string containing a list of
several suboptions seperated by a ",".
However some suboptions may have multiple values also seperated by
a comma. The values may be enclosed in quotes.
A real-life string e.g. looks like:
MCIPADD=10.1.1.2,10.1.1.3,TLSSRVR=10.1.1.5,VLANTEST=60,L2Q=1,L2QVLAN=77
Documentation can be found here:
https://downloads.avaya.com/elmodocs2/one-X_Deskphone_Edition/R1.5/output/16_300698_4/admn054.html and
http://downloads.avaya.com/css/P8/documents/100068659
A set of crafted packets is attached to the bug.
Bug: 11021
Change-Id: I99b557a952fd34c0fcab6d0a5311440969316973
Reviewed-on: https://code.wireshark.org/review/7443
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
The check for Alcatel extensions in bootp/dhcp packets is very weak,
resulting in some false positives. Then when trying to parse the
suboptions, the result is an error on the packet.
This change eliminates some false positives by adding a test that the
vendor-specific option contents match the encapsulated format described
in section 8.4 of RFC2132.
Change-Id: Ie4188ff900426c2d80a5694fbba5c88385625a61
Reviewed-on: https://code.wireshark.org/review/10267
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I0aedefbb77899ebceac7fb08249faf47964d785b
Reviewed-on: https://code.wireshark.org/review/10163
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I0edc3909516452e6497a050b4617f9aafcea2688
Reviewed-on: https://code.wireshark.org/review/9112
Reviewed-by: Michael Mann <mmann78@netscape.net>
abort the dissection in this case
Change-Id: Ic65f7535422d1c0a6e395a15fbc4a8ae550c0976
Reviewed-on: https://code.wireshark.org/review/9144
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
it replace tvb_length() with tvb_reported_length().
Change-Id: Ic2a0c99c20320ddd15d2f4ec173d73229dcf41f6
Reviewed-on: https://code.wireshark.org/review/7733
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I651211cbe7365409e6c42ef1840122a03460aa42
Reviewed-on: https://code.wireshark.org/review/7731
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I51035034397aa9bc42ed5b4aadc6c7fca52b2d5d
Reviewed-on: https://code.wireshark.org/review/7638
Reviewed-by: Michael Mann <mmann78@netscape.net>
This is mostly to reduce tvb_get_ptr calls that were used to pass into get_ether_name.
Some optimizations were made to packet-ieee80211.c in the process of conversion.
Change-Id: I81d3c65d4c09a15237fc287c2e989eb6e6936b1f
Reviewed-on: https://code.wireshark.org/review/7492
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Have them return TRUE on success and FALSE on failure. Check the return
value rather than whether the error string pointer is null or not.
Change-Id: I800a03bcd70a6bbb7b217cf7c4800e9cdcf2189c
Reviewed-on: https://code.wireshark.org/review/7222
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Only display dissect of Modem Capabilites when sub option = 5
Actually, it is always display when ftype == special (like sub option = 0)
Change-Id: I5b75654b750bae5ae5022adcb5e8dd055ce6b291
Reviewed-on: https://code.wireshark.org/review/6519
Reviewed-by: Anders Broman <a.broman58@gmail.com>
UAT error strings are usually allocated by g_strdup() or
g_strdup_printf(), and must ultimately be freed by the caller.
Make the pointer-to-error-string-pointer arguments to various functions
be "char **", not "const char **".
Fix cases that finds where a raw string was being used, as that won't
work if you try to free it; g_strdup() it instead.
Add a missing free of an error string.
Remove some no-longer-necessary casts.
Remove some unnecessary g_strdup()s (the string being handed to it was
already g_malloc()ated).
Change some variable declarations to match.
Put in XXX comments for some cases where the error string is just freed,
without being shown to the user.
Change-Id: I40297746a2ef729c56763baeddbb0842386fa0d0
Reviewed-on: https://code.wireshark.org/review/6525
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I79c613cbdd8dc939dd4c29ebc477fb6eefd5bfc4
Reviewed-on: https://code.wireshark.org/review/6371
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I40d0c8253743183aecef252040b7dd6742ae5c71
Reviewed-on: https://code.wireshark.org/review/5934
Reviewed-by: Michael Mann <mmann78@netscape.net>
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Part 1 of many
Change-Id: I77a5789ac23388e6a5f8098dc398592f39638124
Reviewed-on: https://code.wireshark.org/review/5532
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ic4e4d9142a9b05ef3b628fac2e8766014c5fccec
Reviewed-on: https://code.wireshark.org/review/4073
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
As Anders correctly pointed out in I7d8f84b2e, constantly resetting state will
turn init_dissection into a bit of a hot path. Especially as we will already
bear the overhead of switching files, we don't want to fall any further behind
than we have to.
This change includes three unrelated optimizations that reduce the cost of
init_dissection by about 40% as measured by callgrind:
- only initialize ares/ADNS if that preference is enabled (this of course only
applies if you specify -n to tshark or otherwise disable the preference)
- use memcpy instead of a loop in sigcomp UDVM init
- use memcpy instead of a loop in bootp dissector
The only remaining obvious hot spot in this path is reassembly_table_init since
it is called by so many dissectors. Suggestions (perhaps to get rid of the
GPtrArray) welcome.
Oh, and one other change to use g_strerror instead of strerror as insisted
upon by the API pre-commit hook.
Change-Id: I18a74f2b64b25498116079bd4e7fc2b335c7703a
Reviewed-on: https://code.wireshark.org/review/2738
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ib60ca75b7da8cfa21cfe2999c9b9448a02c332df
Reviewed-on: https://code.wireshark.org/review/2560
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I24fe3cc4a3589dadc4528a77fe7ff13d06b1a983
Reviewed-on: https://code.wireshark.org/review/2245
Reviewed-by: Michael Mann <mmann78@netscape.net>
tvb_new_subset -> tvb_new_subset_remaining it appears that's what the intention is.
Change-Id: I2334bbf3f10475b3c22391392fc8b6864454de2d
Reviewed-on: https://code.wireshark.org/review/1999
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
function
Change-Id: I15f32e7b5c9ce23e1ddc00792b2d5c37945ae081
Reviewed-on: https://code.wireshark.org/review/920
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Show the message type name in option 53, as well as in the bootp protocol root.
Change-Id: I5864a2024d3e64fa8eeee40b465dcd3459b8472e
Reviewed-on: https://code.wireshark.org/review/910
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The majority of the fixes are for calls to uat_new(). Instead of
having each caller cast its private data to (void**), we use void*
in the uat_new() API itself. Inside uat_new(), we cast the void*
to void**.
Some dissectors use val64_string arrays, so a VALS64() macro was
added for those, to avoid using VALS(), which is useful only for
value_string arrays.
packet-mq.c was changed because dissect_nt_sid() requires
a char**, not a guint**. All other callers of dissect_nt_sid() use
char*'s (and take the address of it) for their local storage. So,
this was changed to follow the other practices.
A confusion between gint and absolute_time_display_e in packet-time.c
was cleared up.
The ugliest fix is the addition of ip6_guint8_to_str(), for exactly
one caller. The caller uses one type of ip6 address byte array,
while ip6_to_str() expects another. This new function is in place
until the various address implementations can be consolidated.
Add VALS64() to the developer documentation.
Change-Id: If93ff5c6c8c7cc3c9510d7fb78fa9108e4552805
Reviewed-on: https://code.wireshark.org/review/48
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>