Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
Avoid using sort for string_value_ext. The string value are now
sorted at definition
Change-Id: I08452b0423289d04e55ed7e3573e74bfcc329865
Reviewed-on: https://code.wireshark.org/review/6488
Reviewed-by: Robert Grange <robionekenobi@bluewin.ch>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
You *CANNOT* defer it until dissection time, otherwise "tshark -G
values" will fail.
Change-Id: I4edf9abda271baaf916f020a211b9add5543ecc7
Reviewed-on: https://code.wireshark.org/review/6481
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Some value_string_ext are sorted only in the dissector,
and only once.
Adapted as said in comments.
Added test for sort in dissect_mq_spx
Change-Id: If72159fe96ab28a3ed540778d67996e152b4f110
Reviewed-on: https://code.wireshark.org/review/6444
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Otherwise it could trigger an exception
Change-Id: I280e3c5d9e5554e4be49035c03e0170ae4495e6e
Reviewed-on: https://code.wireshark.org/review/6463
Reviewed-by: Robert Grange <robionekenobi@bluewin.ch>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
the array given to qsort algorithm must be alterable
Change-Id: I811cade161b7635e9bc9e070c1ec37d2cce50d1f
Reviewed-on: https://code.wireshark.org/review/6420
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add missing definition, add new definition, Reformat some lines
Re-order the value_string used with ext_value_string definition
so they are in asc ASCII order as the ext_value_string is now
sorted before first use
renamed own tvb_get... funct to new tvb_get_guintxx funct
and deleted own tvb_get... funct
use ptvcursor_ funct instead of own macro to increment offset
removed <epan/tvbuff.h> in *.c files
correct [-Wunused-const-variable]
Change-Id: Iaee26289e098cde0e5787ca1c98de64b6b733fa2
Reviewed-on: https://code.wireshark.org/review/6079
Reviewed-by: Robert Grange <robionekenobi@bluewin.ch>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fourth batch (packet-mac-lte.c -> packet-rtp.c).
Will look at cleaning up and committing script afterwards.
Change-Id: Id921f07f4b274f0cfb77ce81abe4a285fdb8b644
Reviewed-on: https://code.wireshark.org/review/6023
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
This allows dissector lists to be looked up by name, so they can be
shared by multiple dissectors.
(This means that there's no "udplite" heuristic dissector list, but
there shouldn't be one - protocols can run atop UDP or UDPLite equally
well, and they share a port namespace and uint dissector table, so they
should share a heuristic dissector table as well.)
Change-Id: Ifb2d2c294938c06d348a159adea7a57db8d770a7
Reviewed-on: https://code.wireshark.org/review/5936
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Eliminate proto_tree_add_text for Expert Info
Improve PCF Parameters numeric value display
Change-Id: Ibc259ba05d0591d434e7638d91d6943101d45305
Reviewed-on: https://code.wireshark.org/review/5080
Reviewed-by: Robert Grange <robionekenobi@bluewin.ch>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use of value_string_ext for big value_strign array, sort them, to force use the btree search
parse more integer value with value_string
Bug: 9367
Change-Id: I49625cf2d46e0974cddde2c7b1767cb7d06ec47d
Reviewed-on: https://code.wireshark.org/review/5037
Petri-Dish: Bill Meier <wmeier@newsguy.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
reported by Jean-Marc Lamond
Bug: 10597
Change-Id: I481fad9cd0b8d55e3dd3af00cde2897105547f13
Reviewed-on: https://code.wireshark.org/review/4898
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
The pStr argument to dissect_mq_charv() isn't modified (and always
points to a character string), so make it a "const char *", and
eliminate the casts to "guint8 *" in calls to it.
Change-Id: I21dad38c41324528be297a8ddc1854beff2276db
Reviewed-on: https://code.wireshark.org/review/2877
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I621f2e2cad9403449cb78f45302388f0c874d3bc
Reviewed-on: https://code.wireshark.org/review/2852
Reviewed-by: Michael Mann <mmann78@netscape.net>
Hopefully that name makes it clear what the routiner's purpose is, and
will encourage people to use it rather than using dissector_add_uint()
with a bogus integer value.
Change-Id: Ic5be456d0ad40b176aab01712ab7b13aed5de2a8
Reviewed-on: https://code.wireshark.org/review/2483
Reviewed-by: Guy Harris <guy@alum.mit.edu>
which can be used to call the found heuristic dissector on the next pass.
Introduce call_heur_dissector_direct() to be used to call a heuristic
dissector which accepted the frame on the first pass.
Change-Id: I524edd717b7d92b510bd60acfeea686d5f2b4582
Reviewed-on: https://code.wireshark.org/review/1697
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The majority of the fixes are for calls to uat_new(). Instead of
having each caller cast its private data to (void**), we use void*
in the uat_new() API itself. Inside uat_new(), we cast the void*
to void**.
Some dissectors use val64_string arrays, so a VALS64() macro was
added for those, to avoid using VALS(), which is useful only for
value_string arrays.
packet-mq.c was changed because dissect_nt_sid() requires
a char**, not a guint**. All other callers of dissect_nt_sid() use
char*'s (and take the address of it) for their local storage. So,
this was changed to follow the other practices.
A confusion between gint and absolute_time_display_e in packet-time.c
was cleared up.
The ugliest fix is the addition of ip6_guint8_to_str(), for exactly
one caller. The caller uses one type of ip6 address byte array,
while ip6_to_str() expects another. This new function is in place
until the various address implementations can be consolidated.
Add VALS64() to the developer documentation.
Change-Id: If93ff5c6c8c7cc3c9510d7fb78fa9108e4552805
Reviewed-on: https://code.wireshark.org/review/48
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add new Structure dissection
Fix some small issues
Reformat some part of code
use spaces instead of tabs for indentation
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9603
From me:
Remove some trailing whitespace;
Change a few tabs to spaces;
Change editor-modelines tab-width, etc to 8 (altho
not really relevant since tabs not being used).
svn path=/trunk/; revision=54489
Now that "bytes consumed" can be determined, should tcp_dissect_pdus() take advantage of that?
Should tcp_dissect_pdus return length (bytes consumed)? There are many dissectors that just call tcp_dissect_pdus() then return tvb_length(tvb). Seems like that could all be rolled into one.
svn path=/trunk/; revision=53198
Add more detail for SPI Open LPOO Structure
Add more int_to_vals for INQ_Q_MGR reply
Add more display detail for encoding value
Some fix and display correction
Note: The patch used was the *original* patch submitted (plus some fixes by me).
That is: (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=11962)
plus my fixes
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9367 and comments for
details.
From me:
- Fix bug which resulted in a macro expansion fail on GCC
- Fix a -Wshadow error in packet-mq-pcf.c
svn path=/trunk/; revision=53078
(No time right now to figure the problem out).
CC libdissectors_la-packet-mq-base.lo
In file included from packet-mq-base.c:32:0:
packet-mq.h:42:54: error: expected '=', ',', ';', 'asm' or '__attribute__' before '_ext'
#define DEF_VALSEXT(A) value_string_ext GET_VALSV(A)_ext = VALUE_STRING_EXT_INIT(GET_VALSV(A))
^
packet-mq-base.c:1301:1: note: in expansion of macro 'DEF_VALSEXT'
DEF_VALSEXT(selector);
^
packet-mq.h:42:54: error: expected '=', ',', ';', 'asm' or '__attribute__' before '_ext'
#define DEF_VALSEXT(A) value_string_ext GET_VALSV(A)_ext = VALUE_STRING_EXT_INIT(GET_VALSV(A))
^
packet-mq-base.c:1495:1: note: in expansion of macro 'DEF_VALSEXT'
DEF_VALSEXT(mqcmd);
^
svn path=/trunk/; revision=53033
Add more detail for SPI Open LPOO Structure
Add more int_to_vals for INQ_Q_MGR reply
Add more display detail for encoding value
Some fix and display correction
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9367
svn path=/trunk/; revision=53027
This enhancement add the missing structure CAUT, some missing integer
converted to Strings and some field that were unknown to a better explanation.
Sorted alphabetically the MQCFINT_Parse VALS structure to better find what is
missing in this VALS structure
svn path=/trunk/; revision=52198
Substantial enhancements to MQ protocol: all Structure, MSG_REQUEST/ASYNC_RESP,
MQ Multi Segment are decoded until version 7.1/7.5
svn path=/trunk/; revision=52085