Improved operation_code map to resolve RSVD v2 codes.
Changed GET_FILE_INFO -> GET_INITIAL_INFO for spec conformance.
See https://msdn.microsoft.com/en-us/library/dn392322.aspx
SMB2 IOCTL FSCTL_SVHDX_ASYNC_TUNNEL_REQUEST must be handled in the same way as FSCTL_SVHDX_SYNC_TUNNEL_REQUEST:
RSVD dissector must be used (new async flow used by RSVDv2).
See https://msdn.microsoft.com/en-us/library/dn366375.aspx
Ping-Bug: 11232
Change-Id: Ie51773fc2199a7674538101b87cec398354bd97a
Reviewed-on: https://code.wireshark.org/review/19657
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If7c790c25ed24da1b1442ee86e3a2f75bd3f8856
Reviewed-on: https://code.wireshark.org/review/19658
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
For running through the postseq cleanup and final registration lists, we
can use the same dummy function call_routine() that is used for the init
and the cleanup lists. We don't need our own copies.
Change-Id: Ia1ea647d5831adda26dab86eceba8fcf704ce122
Reviewed-on: https://code.wireshark.org/review/19668
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Create pinos for all of the PPP protocols options and a dissector table to store
them all. Adapt a new version of dissect_ip_tcp_options, (now ppp_dissect_options)
that uses the dissector tables for name of options and dissection function.
Also standardize the dissectors for all protocols so that all include type and
length in the dissection.
Change-Id: I0033574e2831789040a1ce2857bf0e825d791cbe
Reviewed-on: https://code.wireshark.org/review/19656
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ic1972399b706407ce8f15a3e554f1304a36d1009
Reviewed-on: https://code.wireshark.org/review/19663
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Call to plugin_if_get_ws_info when no packets are being displayed
causes an Access Violation in plugin_if_mainwindow_get_ws_info
as the pointer in cf->current_frame is NULL.
Bug: 12973
Change-Id: I33e8fe6f3894963a6f1f1ec9aa9169f85e1e3b18
Reviewed-on: https://code.wireshark.org/review/19659
Reviewed-by: Roland Knall <rknall@gmail.com>
Like for OpenFlow (v4/1.3) (g4b7c2781fb)
Change-Id: I61cfea015e548e5eaa37856df86e96bd0ba21795
Ping-Bug: 13221
Reviewed-on: https://code.wireshark.org/review/19644
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I0275a6e0d5d151f086d96c6388b9fa647ea0085c
Reviewed-on: https://code.wireshark.org/review/19654
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Now all unimplemented commands are in /* TODO */
Change-Id: I53c8dd0a660b62403214a3c75297e627337ed5fb
Reviewed-on: https://code.wireshark.org/review/19645
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ia28ceef189f8fe16105da88c01e1a159d5029c0a
Reviewed-on: https://code.wireshark.org/review/19655
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If4c35d18db1dc982e981004838e0eabbf4479e78
Reviewed-on: https://code.wireshark.org/review/19653
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Iafc9f1c4b2a0210d8098b37eefc095e740182258
Reviewed-on: https://code.wireshark.org/review/19648
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Length of CDBBuffer must be always 16 bytes
If CDBLength is less than 16, add padding bytes
Change-Id: I241a10325ebe17b32469eaf7dc530fc7fe2105de
Reviewed-on: https://code.wireshark.org/review/19628
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This patch adds support to dissect data of the connect command which
comes along with the cmd in same packet.
It also removed unwanted tvb addition for rdma fabric commands,
completion and nvme commands.
Bug: 13201
Change-Id: I33062f67a69cdca4b909ed8c08201dea5e0aa095
Tested-by: paravpandit@yahoo.com
Reviewed-on: https://code.wireshark.org/review/19632
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
I've tested with pcaps from SampleCaptures (wiki).
Change-Id: Ifa1b628fbc675843c54dfd4b993809fd072dc69c
Reviewed-on: https://code.wireshark.org/review/19636
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
use same indent like packet-xml.c
Change-Id: I687b0306ba1d3559ce4a299a0e66c55e3f04fdfd
Reviewed-on: https://code.wireshark.org/review/19641
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I1a4b50873a183c0f6051dc0db3fecf5e62c92cbb
Reviewed-on: https://code.wireshark.org/review/19633
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Avoid leaking memory for the stringified UAT field values (tostr) and
for copies of rows.
Change-Id: I1bf20035fabe92da8216c820bc47ebce7dd73951
Reviewed-on: https://code.wireshark.org/review/19604
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
GSE Padding is outside of any GSE Packet and continues to the end of the
Baseband Frame, per 4.2.1 of ETSI TS 102 606-1.
Added dvb-s2_gse.padding as an integer representing the length in bytes
of the padding field.
Change-Id: I9ed22c37a1969059a09ba44d9e3473cb9d0a1880
Reviewed-on: https://code.wireshark.org/review/19579
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Hex digits 0xa through 0xe are '*', '#', 'a', 'b', and 'c',
respectively.
Constify the dgt_set_t argument to tvb_bcd_dig_to_wmem_packet_str(),
while we're at it.
Bug: 13316
Change-Id: I7586f35d23fd262453779d99946e7ccad4b6ffab
Reviewed-on: https://code.wireshark.org/review/19620
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This patch passes RDMA read request packets to ULP dissectors similar to
other RDMA packets so that ULP dissector can have opportunity to show as
upper layer protocol instead of IB or RRoCE.
Change-Id: I594d8eada858b7f77fc94be44e3639526789779e
Tested-by: paravpandit@yahoo.com
Reviewed-on: https://code.wireshark.org/review/19619
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I00fea4d2e8c4d7fc8fc54627ced21796d40b854a
Reviewed-on: https://code.wireshark.org/review/19616
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The current mechanism that reads the first 20 blocks looking for a headerd
oesn't work in all cases. I was given sample files that consist of
data blocks only and have no header.
Use a new approach to detect a .camins file by searching for pairs of
size high + size low blocks, either read or write. Go through the
entire file. If we have significantly more pairs than single, non-matching
blocks, this is a camins file.
Change-Id: Ic91e7db7149b105e26896d1a89cad4a2a73d0f13
Reviewed-on: https://code.wireshark.org/review/19603
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Remove unnecessary Q_DECLARE_METATYPE macros and replace calls
to QVariant conversions with VariantPointer where necessary
Change-Id: Ia4690590095f930bf94644197de7fa30b00ee7ec
Reviewed-on: https://code.wireshark.org/review/19611
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
The list of points (for interface traffic statistics) is part of the
interface tree model/view. Remove the pointer indirection to simplify
cleanup and avoid leaking a PointList.
Note that the SparkLineDelegate is used in two different places
(CaptureInterfacesDialog and InterfaceTreeModel).
Change-Id: I5fef7dadd44fdf58c07844fee269f509c712a36f
Reviewed-on: https://code.wireshark.org/review/19606
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: Ie68a5c6c193f362e78d4f4b1f20edf7747e2313f
Reviewed-on: https://code.wireshark.org/review/19614
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
This function will free the resources allocated by the caller.
Change-Id: Ib486c14e4fd3c321662fb71f7fd06733ce9a64a4
Reviewed-on: https://code.wireshark.org/review/19375
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Instead of using a dissector function placed in a dissector table, just use the
protocol information registered with the dissector table to create the desired
dissector tree.
Change-Id: Ic32b15e3c05d73df6e8f69890c47172e991bda6f
Reviewed-on: https://code.wireshark.org/review/19509
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Like OpenFlow (v5/1.4) dissector
and include dissect_openflow_header_v4
Ping-Bug: 13221
Change-Id: I123fad871bcb1c9d54946500505525d55a81f8f3
Reviewed-on: https://code.wireshark.org/review/19602
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
libtoolize installs files in m4/ which aclocal is going to include.
Prior to this change this sequence:
1) ./autogen.sh
2) ./configure
3) make
Results in aclocal (and subsequently ./configure) being rerun in step 3
(because there are files in m4/ that are are newer than aclocal.m4).
Change-Id: I70589ab3cede6b7cd48e089c8be4d4c98dab3b6a
Reviewed-on: https://code.wireshark.org/review/19609
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
replace our own function for dissecting the CRC with
the generic proto_tree_add_checksum()
Change-Id: I569c877836a7b771b01a37b57b6c50fc0183e9a7
Reviewed-on: https://code.wireshark.org/review/19601
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move the NULL check before the assignment with the dereference.
Change-Id: Ifcd4fb89c059ad2f4b6606fc1e83dc67a7d7373d
Reviewed-on: https://code.wireshark.org/review/19605
Reviewed-by: Michael Mann <mmann78@netscape.net>
Color filters were somehow not loaded. It turns out that the
BUILD_TIME_DATAFILE_DIR macro (for filesystem.c) was empty because
DATAFILE_DIR was defined after adding the wsutil directory. Fix it by
defining the variable before wsutil (but after epan).
Change-Id: I0d002b79499c80a90d8fcc14b06ced26c30b0453
Fixes: v2.3.0rc0-1830-gd5fdbef7f4 ("cmake,wslua,wsutil: load files from run/ instead of source tree")
Reviewed-on: https://code.wireshark.org/review/19600
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Any call of the form tvb_new_subset_length_caplen(tvb, offset, -1, -1)
should instead be tvb_new_subset_remaining(tvb, offset).
Change-Id: I4bc95b028103ea4fc82453ef3460c147d7ccabd6
Reviewed-on: https://code.wireshark.org/review/19598
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This emphasizes that there is no such thing as *the* routine to
construct a subset tvbuff; you need to choose one of
tvb_new_subset_remaining() (if you want a new tvbuff that contains
everything past a certain point in an existing tvbuff),
tvb_new_subset_length() (if you want a subset that contains everything
past a certain point, for some number of bytes, in an existing tvbuff),
and tvb_new_subset_length_caplen() (for all other cases).
Many of the calls to tvb_new_subset_length_caplen() should really be
calling one of the other routines; that's the next step. (This also
makes it easier to find the calls that need fixing.)
Change-Id: Ieb3d676d8cda535451c119487d7cd3b559221f2b
Reviewed-on: https://code.wireshark.org/review/19597
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Only decode subtype 1 : AP Name with unknown data (7 bytes)
Change-Id: I4fc0c6fff1a931075ab333a8527251f12acb2827
Reviewed-on: https://code.wireshark.org/review/19586
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>