could be more than 255 (even if that "shouldn't happen").
Don't use "frags != 0" as an indication that the message was fragmented
- that can't handle bogus packets with a zero fragment count. Have an
explicit variable for that.
Check that "sm_data_len" isn't 0 before attempting dissection or
reassembly.
Check that "frag" and "frags" aren't zero before attempting reassembly
(arguably, we should report both of those as errors).
Use "process_reassembled_data()" to do the bulk of the work for
reassembly - it handles the case where a "fragmented" packet has only
one fragment. This fixes a crash that occurred when only the last
fragment was seen, although there's an underlying problem there, namely
that the hack tha "fragment_add_seq_check()" does to handle some
problems with some 802.11 captures causes it to consider a packet where
the first fragment seen is also the last fragment as a one-fragment
packet; we probably need to do that *only* for 802.11.
svn path=/trunk/; revision=9361
it would make sense to add PCRE support for byte arrays containing an integer
or an IP address.
Avoid lengthy pointer constructs in cmp_matches().
svn path=/trunk/; revision=9343
except that the 0x80 bit is turned on in the file version number field.
Turn that bit off before processing that field.
svn path=/trunk/; revision=9342
libpcap than in tcpdump.org libpcap; it's been deprecated for that
reason. "pcap_open_dead()" has been in libpcap since 0.6, so only for
0.5[.x] will you have "pcap_compile_nopcap()" but not "pcap_open_dead()"
- for now, we use "pcap_open_dead()" rather than
"pcap_compile_nopcap()", and don't do the check for capture filters in
systems with libpcaps that lack "pcap_open_dead()".
svn path=/trunk/; revision=9341
Put in some sanity checking to make sure we don't go completely crazy if
an offset goes past the length (we should check as the offset is
advanced, but...).
svn path=/trunk/; revision=9338
always contain an SMB command code (SMB requests and responses both have
command codes, so there's no "unknown" out-of-band value); make it a
"guint8".
Make the argument to "decode_smb_name()" a "guint8" as an SMB command
code is passed to it ("guint8" and "unsigned char" are the same types on
all platforms we're likely to deal with, so it's a cosmetic change, not
a semantic one).
Put in an extra "GPOINTER_TO_UINT()" call before casting
"si->sip->extra_info" to "guint16", to squelch compiler warnings.
svn path=/trunk/; revision=9335
check that there *is* a content type string before using it;
get rid of some incomplete code for multipart/mixed (it set some
variables but didn't use them);
add some incomplete code for handling parameters to Content-Type.
svn path=/trunk/; revision=9321
"rd_value_to_str()".
Handle a null return from "find_radius_attr_info()".
We don't have to reserve a value type of 0 for "not found in the table"
- a null return from "find_radius_attr_info()" indicates that.
Hoist the code to make the top-level item for an AVP above the check for
an EAP message.
svn path=/trunk/; revision=9313