It's possible for memcpy's source and destination
to be the same address, and so therefore
'overlap'. Use memmove instead, which
is safe for overlapping regions.
This fixes Coverity 1450802.
Selecting Edit / Preferences on my asan+ubsan build brings up the
following warning from ubsan:
/media/sf_wireshark.git/ui/qt/models/column_list_model.cpp:273:9:
runtime error: load of value 25, which is not a valid value for type 'bool'
The problem is in ColumnListModel::populate(), where a ListElement is
populated from fmt_data. The ListElement's "changed" component is not
initialized, though.
It looks like "changed" is not used anywhere. This patch removes it from
the ListElement struct.
For Qt 5.11 and newer use horizontalAdvance() instead of boundingRect().width()
to calculate the width of a QString to position the hover rectangle position,
and to select which byte(s) to highlight.
Closes#17033.
Instead of successively calling gcry_md_copy()
and gcry_md_close(), call gcry_md_reset(),
to avoid creating and releasing contexts.
Besides the minor performance improvement,
this should also fix Coverity 1450263
and 1450848, which detect
two resource leaks.
This bug affects Lua plugin dissectors for encapsulation protocols like
GRE. Typically the dissector creates a range for the payload packet, then
calls the next dissector with a tvb derived from the range, using
TvbRange_tvb(). The original version calls
tvb_new_subset_length_caplen() using the remaining capture length for the
reported_len argument. The fix passes -1 as the reported length, and
tvb_new_subset_length_caplen() calculates the new reported_len as required.
The bug only affects large packets captured with a snaplen and
truncated, then decoded with a Lua plugin for the encapsulation header.
Here's the typical bug symptom, gleaned from tshark decode of
an encapsulated IP payload:
[Expert Info (Error/Protocol): IPv4 total length exceeds packet length (114 bytes)]
[IPv4 total length exceeds packet length (114 bytes)]
Closes#15655.
Remember all the IDBs we've seen from the input file so far and, if
we're writing multiple files (splitting an input file into multiple
output files), add all those IDBs to each of the output files.
Fixes issue #17060.
We don't necessarily know why that stuff is there; is it some stuff used
in OLPC mesh networks (mesh control header), is it something added by
Ruckus wireless devices, is it something added by Atheros used by the
Ruckus devices, or something else? Sometimes the Ruckus devices seem to
add an OLPC-like 0x00 0x00, and sometimes they seem to add a copy of the
sequence number.
So just call it "Mysterious extra OLPC/Ruckus/Atheros/??? stuff".
Replace the special-purpose hack in the 802.2 LLC dissector for WSMP,
Ethertype 0x88DC, with a general mechanism in the 802.11 dissector to
attempt to determine whether the frame uses Ethertype protocol
discrimination (EPD) or LLC protocol discrimination (LPD) at the LLC
sublayer, as defined in IEEE Std 802-2014.
Fix l2cap reassembly resuming reassembly on old fragment that has
failed when a new packet arrives that matches the remaining
segmentation length of the failed reassembly.
Update the l2cap_index and set segmentation started to false so
that this does not happen anymore.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix error handlers in Listener draw() and reset() to avoid getting
LUA_ERRERR from lua_pcall(). Added error handler for Listener draw()
callback.
Handle LUA_ERRERR from lua_pcall() to avoid assert on this.
Changed some capitalized words in various error message.
Closes#16974.
Notes:
1. Wireshark internal max limit for ring buffer files is 100,000
2. Wireshark internal limit before warning the user is 65,535
3. GTK: The old GUI did not limit the value for this parameter
4. Qt: This value was limited to 1,000
Change:
Set the GUI limit to match the warning limit (65,535)
Closes#15968#17059
- set width of pull down list so items are visible
- allow user to resize columns in UAT editor
- resize columns on open and changing data
- if a UAT file does not exist, display the UAT name in lower right
where pathname is displayed for files
- pad pathname on right to account for right tilt of italic fonts
Note: a future change may be to not resize columns where user has
changed width.
At least one ns-3 capture has DMG frames (as indicated by the channel
number being in the 60 GHz band - radiotap currently has no DMG metadata
field) that have the +HTC/Order flag subfield set but have no HT Control
field, causing them to be misdissected.
802.11-2016 says that DMG frames should never have +HTC/Order set; if it
*is* set in a QoS frame known to be a DMG frame, flag it with an expert
info item and don't treat it as having an HT Control field.
Update a bunch of comments to give more information, put comments in the
appropriate places, and speak of 802.11-2016 rather than older standards.
While we're at it, update the title and description of the +HTC/Order
flag to reflect its name as of 802.11-2016.
Improve the display of MQINQ Segment, by adding dec/hex/Name
of selector in MQINQ/MQINQ_REPLY and trying to display
dec/hex/Name value of Integer Value when possible in MQINQ_REPLY
We cannot use tvb_new_octet_aligned() for this GSM 7bits packed buffer.
Moreover tvb_free() call not removed was leading to a double free
attempt.
Closes#17055
The Export Objects Content-Type filter combobox should not sort the
header of "All Content-Types" in with the list of content types, but
should ensure that it is always the first item, especially as the first
item position is used to show all content. This is particularly an issue
in some localizations; e.g., すべてのコンテントタイプ alphabetizes
after actual content types. Fixes bug #17048