Done for performance improvements.
This could probably be done in checkAPIs.pl, but this was just
a quick manual check with grepping.
Change-Id: I91ff102cb528bb00fa2f65489de53890e7e46f2d
Reviewed-on: https://code.wireshark.org/review/15751
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Use it for OPT_COMMENT in the SHB, as there may be ore than one instance
of OPT_COMMENT in an SHB.
Also, use wtap_optionblock_get_option_string for OPT_SHB_HARDWARE,
OPT_SHB_OS, and OPT_SHB_USERAPPL; they're specified as "only one
instance allowed".
Change-Id: I23ad87e41e40b7ae1155e96c0523a6f8caad5204
Reviewed-on: https://code.wireshark.org/review/15750
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't put them in the summary structure; the summary routines should
calculate summary statistics, not dig up every bit of information that
*could* appear in a summary.
Instead, have the GUI code call wtap_file_get_shb() to get the SHB
information and call wtap_optionblock_get_option_string() to fetch the
option values.
Move the option code definitions into wtap_opttypes.h, as they're used
by the API.
Change-Id: Icef11f5fb30fdc3df1bb0208aae9ed0aebaf0182
Reviewed-on: https://code.wireshark.org/review/15748
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Bug: 11788
Change-Id: I3f4df884d98903222de8a340de6a08e680687b0a
Reviewed-on: https://code.wireshark.org/review/15727
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add an option to display the "follow" data as UTF-16.
Bug: 237
Change-Id: Id95ffc014b8ef718f3b6e9f3415806ada309c3a2
Reviewed-on: https://code.wireshark.org/review/15702
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add the Firewall ACL Rules dialog. Try showing all valid rules for a
given product instead of making the user select from a combobox. We can
add the combo back easily enough if that's desired.
Add a rule hint field and use it in the Qt and GTK+ UIs.
Bug: 12469
Change-Id: I39dd840e9838f96d7c5e2b4c34662811c21d0386
Reviewed-on: https://code.wireshark.org/review/15689
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This doesn't try to use any data from multiple Section Header blocks, it
just converts single Section Header block usage into a GArray, so the
potential is there to then use/support multiple Section Header blocks
within a file format (like pcapng)
Change-Id: I6ad1f7b8daf4b1ad7ba0eb1ecf2e170421505486
Reviewed-on: https://code.wireshark.org/review/15636
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Ping-Bug: 10203
Change-Id: Ifa24870d711449b87e9839dd46af614e4aa28fde
Reviewed-on: https://code.wireshark.org/review/15608
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Also add a length parameter to wtap_optionblock_set_option_string
Change-Id: I8c7bbc48aa96b5c2a91ab9a17980928d6894f1ee
Reviewed-on: https://code.wireshark.org/review/15505
Reviewed-by: Anthony Coddington <anthony.coddington@endace.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Added "Ctrl+Alt+C" as shortcut for packet comment.
Added "Ctrl+Alt+Shift+C" as shortcut for capture comment (GTK)
resp. for Capture File Properties (QT)
Bug: 12410
Change-Id: I1ba61a38829c35f3bb166a94cda4bec3901c7ef1
Reviewed-on: https://code.wireshark.org/review/15300
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Previous patches converted all fvalue_to_string_repr calls to expect
an allocated buffer (and not a passed in one). Now changing signature
to force an allocated buffer. Added wmem in case that can be taken
advantage of within epan (and since the function signature was changing
anyway).
Change-Id: Ica1ac4a9a182ce0e73303856329e198d9d525b7b
Reviewed-on: https://code.wireshark.org/review/15343
Reviewed-by: Michael Mann <mmann78@netscape.net>
This patch introduces the "-U tap_name[,filter]" tshark option and
is similar to the "Export PDUs as file" option in Wireshark.
Wireshark implements this feature by reopening a capture file, applying
a tap and finally opening the temporary file. Since tshark knows
in advance that a PDU export is needed, it can optimize by not creating
the temporary file and perform the export at the first opportunity.
This patch splits the opening/tapping functionality from error reporting
since tshark does not need a temp file and has no dialogs.
The capture file comment is now specified explicitly as there is no
"current file" anymore if the tap is running without active file.
TODO:
- Review whether it is acceptable to overwrite save_file in tshark.
- Add documentation (tshark manpage).
Bug: 3444
Change-Id: Ie159495d42c32c2ba7400f2991b7b8185b3fda09
Reviewed-on: https://code.wireshark.org/review/5890
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This generates a top level target, checkAPI, that is
excluded from the ALL build target, so must be run separately.
On Windows using a Visual Studio generator, call
msbuild /p:Configuration=RelWithDebInfo checkAPI.vcxproj
Change-Id: I44a57c564dcfc75499463b942436f4b920a82478
Reviewed-on: https://code.wireshark.org/review/14873
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
This allows keeping the code-sharing with the static linking.
This "fixes" a hypothetical ABI mismatch with wsutil and avoids pulling more
external dependencies to wsutil than strictly necessary.
A nice side-effect is that libwsutil no longer depends on version.h.
Follow up to f95976eefc.
Change-Id: I8f0d6a557ab3f7ce6f0e2c269124c89f29d6ad23
Reviewed-on: https://code.wireshark.org/review/15002
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
does not exist.
Change-Id: Ic6bc15d282f016965ef0da4e7574ef3a6080a6f8
Reviewed-on: https://code.wireshark.org/review/15013
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove HTML_VIEWER compile-time setting.
If xdg-open doesn't exist use user web browser preference as fallback.
Change-Id: I3b4a4a1a36b0192d75f2c97595f37d0d88a0941e
Reviewed-on: https://code.wireshark.org/review/14805
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
Make FollowStreamText a subclass of QPlainTextEdit instead of QTextEdit.
For large amounts of text, the former should be less unbearably slow
than the latter. Increase the maximum stream size to 500MB. This isn't
perfect but it's much more usable than 2MB and much easier than the next
step, which is to write our own text display widget.
Process UI events while we fill in the stream data. This gives us
behavior similar to the GTK+ UI and is similar to what we do in other
dialogs.
Switch from g_memdup+g_free to a QByteArray in the Qt UI and GByteArray
in the GTK+ UI.
Don't call readStream twice.
Make sure we free all of our stream data in the Qt UI. This fixes a
serious memory leak.
Ping-Bug: 11777
Change-Id: Ibad9bde86692ae07a80660566d1e661ab8b64601
Reviewed-on: https://code.wireshark.org/review/14271
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
master-branch libpcap now generates a reentrant Flex scanner and
Bison/Berkeley YACC parser for capture filter expressions, so it
requires versions of Flex and Bison/Berkeley YACC that support that.
We might as well do the same. For libwiretap, it means we could
actually have multiple K12 text or Ascend/Lucent text files open at the
same time. For libwireshark, it might not be as useful, as we only read
configuration files at startup (which should only happen once, in one
thread) or on demand (in which case, if we ever support multiple threads
running libwireshark, we'd need a mutex to ensure that only one file
reads it), but it's still the right thing to do.
We also require a version of Flex that can write out a header file, so
we change the runlex script to generate the header file ourselves. This
means we require a version of Flex new enough to support --header-file.
Clean up some other stuff encountered in the process.
Change-Id: Id23078c6acea549a52fc687779bb55d715b55c16
Reviewed-on: https://code.wireshark.org/review/14719
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I0950f61e90af5bb21c0017204de0c0b509616e5c
Reviewed-on: https://code.wireshark.org/review/14747
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I4c7c5aeaa1fa452605cf02a5c86dfe161c451f65
Reviewed-on: https://code.wireshark.org/review/14654
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Instead of text_import_setup() and text_import_cleanup() routines, and
the actual scanner invocation being done in the dialog box, have a
text_import() routine that does all the work.
Change-Id: Ifd8a999618dbb411d613e6596484e4c2e013431d
Reviewed-on: https://code.wireshark.org/review/14647
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have it be printf-like, and have vfailure_alert_box() be vprintf-like.
Rename a few variables to make it clearer what pointers point to
vprintf-like functions.
Change-Id: I960e2138a18edcc742c450d68a0c6f7248f50c3f
Reviewed-on: https://code.wireshark.org/review/14646
Reviewed-by: Guy Harris <guy@alum.mit.edu>
RTP stream structs have been consolidated (see
I2b3f8f2051394a6a98a5c7bc49c117f07161d031), but gtk versions
< 2.22.0 seem to have been forgotten.
Bug: 12277
Change-Id: Iab2d2d0eab52ad0586581abe4df9f97d451ad454
Reviewed-on: https://code.wireshark.org/review/14588
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Using cmake -DENABLE_EXTCAP=no or ./configure --without-extcap.
Some documentation fixes too.
Change-Id: Iebf9c843d67e10a32de1a62904de8f88b872ec99
Reviewed-on: https://code.wireshark.org/review/14522
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
A vlans file in the personal preference directory add an option to resolve
VLAN IDs to a describing name.
Format of vlan file is
123\tName of VLAN
To enable the resolving the preference nameres.vlan_name must be set
to TRUE.
Bug: 11209
Change-Id: I3f00b4897aace89c03c57b68b6c4b6c8b7d4685a
Reviewed-on: https://code.wireshark.org/review/14471
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Don't distribute gresource, it's redundant binary data, make the distribution
more similar to Qt instead.
We may want to check that glib-compile-resources is in the PATH during
configure.
Change-Id: I82c57f8169be0cbcac14d4ca79df8dece6c4d7ff
Reviewed-on: https://code.wireshark.org/review/14455
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Whatever do_file_close returns is oke, so explicitly ignore it.
Change-Id: Ie241cd204361e10e91bda747530d399ad8587be1
Reviewed-on: https://code.wireshark.org/review/14294
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add dumpcap support for configuring 80MHz, 80+80MHz, 160MHz monitor
modes via nl80211.
Change-Id: I2ae8955670c2a9b5051e2223d45ce522459f2c5f
Reviewed-on: https://code.wireshark.org/review/13964
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We don't do much work to do that - we don't print anything before the
first selected page, and once we're finished generating that page, we
terminate the printing process - so it shouldn't need a progress bar.
(If it needs a progress bar, We Have A Problem, as that slows down the
drawing of the dialog box.)
This should prevent the problem seen in bug 12040.
Bug: 12040
Change-Id: I129191e06fff3e1eb59a9631c7395b9e7f650809
Reviewed-on: https://code.wireshark.org/review/14255
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Try to improve address API and also fix some constness warnings
by not overloading the 'data' pointer to store malloc'ed buffers
(use private pointer for that instead).
Second try, now passing test suite.
Change-Id: Idc101cd866b6d4f13500c9d59da5c7a38847fb7f
Reviewed-on: https://code.wireshark.org/review/13946
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
HT tab stops are set every 8 spaces on UN*X; UN*X tools that treat an HT
character as tabbing to 4-space tab stops, or that even are configurable
but *default* to 4-space tab stops (I'm looking at *you*, Xcode!) are
broken. tab-width: 4, tabstop=4, and tabSize=4 are errors if you ever
expect anybody to look at your file with a UN*X tool, and every text
file will probably be looked at by a UN*X tool at some point, so Don't
Do That.
Adjust indentation to reflect the mode lines.
Change-Id: Icf0831717de10fc615971fa1cf75af2f1ea2d03d
Reviewed-on: https://code.wireshark.org/review/14150
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use more descriptive naming while at it.
Change-Id: Ic89562cb9fa2cd5e315992f12ad9e46f2361da0b
Reviewed-on: https://code.wireshark.org/review/14057
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This was inspired by https://code.wireshark.org/review/9729/, but takes it in a different direction where all options are put into an array, regardless of whether they are "standard" or "custom". It should be easier to add "custom" options in this design. Some, but not all blocks have been converted.
Descriptions of some of the block options have been moved from wtap.h to pcapng.h as it seems to be the one that implements the description of the blocks.
Also what could be added/refactored is registering block behavior.
Change-Id: I3dffa38f0bb088f98749a4f97a3b7655baa4aa6a
Reviewed-on: https://code.wireshark.org/review/13667
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
With Wireshark 2.0, some dissector preferences were removed in favor of 'Decode As' functionality.
But the settings saved in the GUI are not loaded in tshark, preventing their use without an explicit call to '-d' option.
Let's load decode_as_entries file by default and have it overridden by the '-d' option if required.
Ping-Bug: 12124
Change-Id: I134a424cb6cf8fc89b7096a659ef1605314a70a2
Reviewed-on: https://code.wireshark.org/review/13956
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Remove mostly obsolete aclocal macros. Make GTK build flags a strict superset
of GLib flags. Use GTK build variables for GTK GUI and GLib elsewhere. Add
dependency flags explicitly instead of using WS_CPPFLAGS.
Some minor improvements and fixes for missing/unnecessary variables (no impact
on our test builds).
Change-Id: I3e1f067a875f79d6516c1fa7af986f17a7a6b671
Reviewed-on: https://code.wireshark.org/review/14005
Reviewed-by: João Valverde <j@v6e.pt>
If you include something from the wiretap directory, always precede it
with wiretap/.
Fix some includes of files in the top-level directory to use a path
relative to the current directory, not relative to the wiretap
directory.
This makes it a bit clearer what's being included.
Change-Id: Ib99655a13c6006cf6c3112e9d4db6f47df9aff54
Reviewed-on: https://code.wireshark.org/review/13990
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add support for using regular expressions in the Search Frame
when searching in packet list, packet details and packet bytes.
This search is in many cases faster than plain string search.
Change-Id: I2d8a709046f90d7b278fb39547fc4e2e420623bc
Reviewed-on: https://code.wireshark.org/review/13981
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
'const gpointer' is the same as 'void *const'. Replace with gconstpointer
where straightforward (assuming that was the intent) and use gpointer everywhere
else for clarity (that does not change *API* constness contract; it just means
a variable is not declared immutable inside the called funtion).
Change-Id: Iad2ef13205bfb4ff0056b2bce056353b58942267
Reviewed-on: https://code.wireshark.org/review/13945
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This reverts commit 13ec77a9fc.
This commit introduces a segmentation fault for Lua code (uncovered by the test suite).
Change-Id: Ibc273d1915cda9632697b9f138f0ae104d3fb65e
Reviewed-on: https://code.wireshark.org/review/13813
Reviewed-by: João Valverde <j@v6e.pt>
Try to improve 'address' API (to be easier/safer) and also avoid
some constness warnings by not overloading the 'data' pointer to
store malloc'ed buffers (use private pointer for that instead).
Change-Id: I7456516b12c67620ceadac447907c12f5905bd49
Reviewed-on: https://code.wireshark.org/review/13463
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
get_dirname may return NULL instead of the original string, so avoid
patterns like get_dirname(strdup(x)). Writing to
cf_path.toUtf8().data() is fine btw, toUtf8() returns new memory.
This fixes two memleak reported by LeakSanitizer via fileset_add_dir and
MainWindow::captureFileReadFinished (both via cf_callback_invoke).
Change-Id: I0f1528763e77e1f55b54b6674c890a9d02302ee8
Reviewed-on: https://code.wireshark.org/review/13691
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This patch creates the functionality of saving all parameters
for extcap devices in the general preference section.
For now, multiselect and fileselect do not save their values
but patches for this will be provided in the future
Also, all preferences are stored as strings to make handling
easier. This might change in the future, but for the first version
it will stick.
Restore to Defaults is not implemented as of yet, and will be
in a future version, once the preference storing is finalized
Bug: 11666
Change-Id: I178346405146d2e43f4f3481c05c92c0b3595af5
Reviewed-on: https://code.wireshark.org/review/13451
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
From the comments in qlibrary_win.cpp:
// We make the following attempts at locating the library:
[ ... ]
// Windows
// if (absolute)
// fileName
// fileName + ".dll"
// else
// fileName + ".dll"
// fileName
We were passing "riched20.dll" to QLibrary, which meant that it searched
for "riched20.dll.dll" first.
Switch to ws_load_library, which we use elsewhere and which has much
safer default behavior.
Change-Id: Ic8f0cf5686c9b1856d37e76be4404d6236c076e5
Reviewed-on: https://code.wireshark.org/review/13607
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
GNU coding standards recommend against it and automake is designed
around it.
This allows overriding the global build flags using AM_CFLAGS, etc.,
or per object flags, something that is difficult or impossible currently
because of automake precedence rules.
Change-Id: I3f1ea12e560af5a46b2f04b342b1882bbf123f12
Reviewed-on: https://code.wireshark.org/review/13455
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Move ui/filters.[ch] to filter_files.[ch] because dumpcap is using functionality.
Bug: 8091
Change-Id: I195c82fc023f97d6f331b8718c45a2d83d30faea
Reviewed-on: https://code.wireshark.org/review/5925
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It's not tied to the frame_data structure any more, so it belongs by
itself.
Clean up some #includes while we're at it; in particular, frame_data.h
doesn't use anything related to tvbuffs, so don't have it gratuitiously
include tvbuff.h.
Change-Id: Ic32922d4a3840bac47007c5d4c546b8842245e0c
Reviewed-on: https://code.wireshark.org/review/13518
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fixed code layout to use common style in the file.
Mostly whitespace changes.
Change-Id: Id37b57717a9e26248fad07322dff09b1d1f45ac2
Reviewed-on: https://code.wireshark.org/review/13504
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This allows an option to be masked (like a password), by using
the argument-type password.
Change-Id: I2eae1be2e6672bff28ba5f749d7a3f687ebd4631
Reviewed-on: https://code.wireshark.org/review/13385
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Found building with GCC 5.3.0 and CFLAGS="-g -Og".
Change-Id: I5bc29b6e91cc98332a513c9d03b02d2f6906608d
Reviewed-on: https://code.wireshark.org/review/13362
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This is an enhancement to allow a plugin to obtain capture file
and other status information via a simple plugin_if call
Added GTK port to this revision
Bug: 11968
Change-Id: Ibcf4e8b43c6f3b48e971fa4020a07cc273234fb8
Reviewed-on: https://code.wireshark.org/review/13103
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Introduce a frame_data flag "need_colorize" to indicate that coloring
rules need to be evaluated and set it for the GUI (not tshark). This
restores the original performance characteristics.
It additionally fixes a regression where the color filter name and
filter is not shown anymore in the tree (I guess it is related to the
edt->tree being NULL when re-selected, resulting in empty color_filter).
Remaining problems:
- Display filter cannot contain frame.coloring_rule.* fields. Code is
present to enable this, but then a method is needed to avoid an
expensive second calculation (which is why it is disabled).
- The columns are still not updated after coloring rule change.
- The two frame.coloring_rule fields in the tree are not updated when
the coloring rule is changed (e.g. Ctrl-1).
The last two issues were supposed to be fixed by the previous patch, but
there is probably some missing code... Tested with GTK and Qt.
Bug: 11980
Change-Id: I3ef7713b28db242e178d20f6a5f333374718b52e
Reviewed-on: https://code.wireshark.org/review/13170
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Create a "registration" system for Follow functionality so most of the work can be abstracted into a dissector and GUI can just be responsible for "display".
This also removes the global variables in follow.c to open up multithreading possibilities.
TCP, UDP and HTTP all have the same "tap interface" for Follow functionality (passing a tvb with byte data to "follow"). SSL still has it's own behavior, so Follow structures have to take that into account.
TShark through the Follow registration now has support for HTTP.
The only thing possibly missing is dynamic menu generation to further reduce explicit knowledge of Follow "type" (and rely on registration)
Bug: 11988
Change-Id: I559d9ee1312406ad0986d4dce9fa67ea2103b339
Reviewed-on: https://code.wireshark.org/review/13161
Reviewed-by: Michael Mann <mmann78@netscape.net>
This makes it possible to trigger reloading Lua plugins from
within a Lua plugin. This can be used when having a plugin to
update local plugins from a external source.
Renamed reload() to reload_packets() to clarify what's reloaded,
and added a alias (marked as obsoleted) from reload().
Change-Id: I4e529992af5f651613950329e73718dbda317d2e
Reviewed-on: https://code.wireshark.org/review/13024
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add the tap timer after validating all preferences, otherwise a zero
timeout will result in an infinite loop, visible by a splash screen that
never goes away.
Change-Id: I180a123ac2cc7774356e17f1f1d4dcaf38f252b4
Reviewed-on: https://code.wireshark.org/review/13156
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We don't need it.
Change-Id: Idca29cbd7208c388a1f5d4e2b0131f5cfddc7896
Reviewed-on: https://code.wireshark.org/review/13096
Reviewed-by: Guy Harris <guy@alum.mit.edu>
No need for the GTK dependency on dissectors/packet-ipv6.h.
Add the stream_addr typedef in follow.h to make some code simpler.
Change-Id: I1cf906f58734a90263141362f2da33a140f93533
Reviewed-on: https://code.wireshark.org/review/13063
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
[KISS - Keep It Simple, Stupid]
Convert the Follow TCP functionality to use a tap from the TCP dissector that passes the tvb of the payload. This makes things A LOT simpler, but relies on the TCP dissector to make all decisions.
The "tap" logic passes tvb data
1. Before calls to process_tcp_payload
2. Before hf_tcp_segment_data fields (that aren't retransmissions or otherwise handled)
Follow up patches will be necessary to clean up all of the supporting "follow" functionality that is now useless.
Bug: 6925
Bug: 9780
Change-Id: I4e7f5d453519be839de39a109bafa899b9987139
Reviewed-on: https://code.wireshark.org/review/13038
Reviewed-by: Michael Mann <mmann78@netscape.net>
If we ever need to look at the value of any field in the packet, we
should do it the way we do in the RTP analysis code, rather than walking
the entire protocol tree.
Get rid of an unnecessary extra level of indirection for the filter
string.
Change-Id: Ie95c0171da79e7f24019a3f67396f6a533959881
Reviewed-on: https://code.wireshark.org/review/13046
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Instead, prime the epan_dissect_t's tree to look for rtp.ssrc, and
extract that value with proto_get_finfo_ptr_array().
Also, have the filter used to check whether the packet is a candidate
for RTP analysis to check for RTPv2 (and add a check for IPv4 or IPv6
back to the Qt version), and get rid of an unnecessary extra level of
indirection for that string.
In the Qt version, if findStreams() set the error string, don't
overwrite it with a "No streams found." indication, and fix error
handling for the "filter didn't compile" case.
Change-Id: I09d0ea37ccd4806d99e3b6394f2a8a376e974705
Reviewed-on: https://code.wireshark.org/review/13045
Reviewed-by: Guy Harris <guy@alum.mit.edu>
They're not just addresses, they also include a mask length for IPv4 and
a prefix length for IPv6. Rename them appropriately.
Rename the old ipv4_addr_and_mask() and ipv6_addr_and_mask() to reflect
that 1) they fetch data from a tvbuff and 2) *don't* fetch the mask
length or prefix length, those lengths are passed as arguments to
indicate how many bytes worth of address to fetch.
Change-Id: I4cad5a186ad7bfcb60022a91dbe8bc8479e6471f
Reviewed-on: https://code.wireshark.org/review/13035
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I3817d12e473b67e26159e1562a08169e91f51d46
Reviewed-on: https://code.wireshark.org/review/13019
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Adding Follow HTTP Stream justified some refactoring and code removal.
Change-Id: I9b7ace83f8517e880e78193bb97ac32e3fc91114
Reviewed-on: https://code.wireshark.org/review/13015
Reviewed-by: Michael Mann <mmann78@netscape.net>
This automatically detects and decompresses HTTP along a TCP stream through the use of taps.
Bug: 3528
Change-Id: I8ab832d509700d0da8eabf3c3e514d8511c598d3
Reviewed-on: https://code.wireshark.org/review/13009
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Color filters can be seen as a function that takes a tree and display
filters as input and a (possibly empty) coloring rule as output.
This coloring rule is then added to the frame tree and used by the GUI
for coloring the packets list.
From an architectural POV, "coloring" is part of the UI component, but
since it influences the tree, it is something for the dissection
component.
Bug: 5703
Bug: 6099
Change-Id: I73d132ec1dca7262bcb1b55c8481ca564c6161d1
Reviewed-on: https://code.wireshark.org/review/12507
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We're not allocating colors ourselves in GTK+ (and haven't been doing so
since at least 1.12), and all color_t values are valid colors, so
we don't need any toolkit-specific processing to fill in a color_t.
While we're at it, catch read errors when reading color filter files.
Change-Id: Ieb520d141cf15e371a31a01459d466c95ba2209b
Reviewed-on: https://code.wireshark.org/review/12985
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Now that we're letting GTK+/GDK allocate colors behind the scenes, if it
allocates them at all, there's no reason to save the allocated color in
the toolkit-independent color value.
Change-Id: I99df32bd6b07924f41f3d855d2ddecb3dc8d5201
Reviewed-on: https://code.wireshark.org/review/12983
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That code's been unused since at least 1.12, so apparently it's not
needed. To the extent that it needs to be allocated at all - which is
the case only if a colormap is being used - it's apparently all done
under the covers.
Change-Id: Ib25bfba618b0af4a60ce991a974de1e3f2f89158
Reviewed-on: https://code.wireshark.org/review/12981
Reviewed-by: Guy Harris <guy@alum.mit.edu>
uat_fld_tostr_cb_t callback *out_ptr argument is g_mallocated and
is to be freed by the caller so drop constness requirement to fix
the corresponding g_free warnings.
Change-Id: I1be25fa3e2f54fb32058ac0b5c1631b193b07701
Reviewed-on: https://code.wireshark.org/review/12943
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That way, we don't have to pass a "free this" indication separately.
While we're at it, don't just free the error message, *display* it in
all cases where rlc_graph_segment_list_get() fails.
(I wish more programming languages had a proper string type, including
some whose names consist solely of the third letter of the alphabet, but
I digress....)
Change-Id: I99f8b088aa19bc8fbb178bdb36d85ba5b89c06e0
Reviewed-on: https://code.wireshark.org/review/12902
Reviewed-by: Guy Harris <guy@alum.mit.edu>
A "new" statistics tap UI is a statistics tap UI where the statistics
are maintained as tables and common code handles the tables; what
matters is the tables, not that it's "new".
Change-Id: I7a0e63cfac98c24cd5e7dce973b9a0cc5b6a03ba
Reviewed-on: https://code.wireshark.org/review/12897
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This also moved color.h into color_filters.h
Change-Id: Ic19e27aa1b3ec67e764aa7ee8bbef7b1187bb12e
Reviewed-on: https://code.wireshark.org/review/12831
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
GTK and TShark should already have structure initialized to 0 because they are global variables.
Change-Id: I43a38c58f32967d201ddf78e450b2483f28f8bd6
Reviewed-on: https://code.wireshark.org/review/12847
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The info_data struct is only when HAVE_LIBPCAP.
Change-Id: I30a3f974cbe3c1474bfe288b222f5871d674bada
Reviewed-on: https://code.wireshark.org/review/12846
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
g_hash_table_destroy will crash, if it is called on
non-initialized memory. For some reason, this does not happen
with other glib lists (e.g. GList seems to guard cleanly).
This change initializes at the earliest possible time the
packet counter hash with NULL
Change-Id: Ice66652fc9639d10b49d006ecbe80efe3f41e2ff
Reviewed-on: https://code.wireshark.org/review/12841
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The strings passed to decode_build_reset_list() is not freed, so
ensure we cleanup in decode_clear_all().
Change-Id: Ib68bde71403e260199482831272beb161fe033f9
Reviewed-on: https://code.wireshark.org/review/12836
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Kept backwards compatibility with GTK+ capture info dialog by keeping the protocols tracked hardcoded, but Qt should have more freedom.
Change-Id: I497be71ec761d53f312e14858daa7152d01b8c72
Reviewed-on: https://code.wireshark.org/review/12724
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use this as a common regex to split multi-field custom columns.
Change-Id: I40f76743284c5981c95d2e47d6d1d2a7f357d2ea
Reviewed-on: https://code.wireshark.org/review/12753
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
GTK already has it, but Qt forgot about it, so multi-field custom column
works ok if previously saved in GTK-shark. Invalid validation prevent from
modifying and saving multi-field custom column in Qt version.
While at it, rename "custom field" to "custom fields" to ensure
we think about multi-field custom column.
Change-Id: I99588150ccb38be11b75f5dd5b0f6443e7055ebb
Reviewed-on: https://code.wireshark.org/review/12685
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Qt already has a menu item for this in Statistics -> Capture File Properties
Bug: 9628
Change-Id: I85dd6f85d43fbfb60c2f4db82d9a02d91866127c
Reviewed-on: https://code.wireshark.org/review/12725
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
min_secs is always set to 0
Change-Id: I62e3a5b71b423ae9ae15be1206bd1deeb9962760
Reviewed-on: https://code.wireshark.org/review/12400
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It was buried as a static variable in capture_info.c, and functions were refactored to allow a pointer to the info_data_t structure to be passed in. TShark and GTK will have their own single (global) copy of the structure, while it opens up Qt to have multiple instances.
Change-Id: Ic2d7a2ad574de43f457cb18b194d6bc3fffb6120
Reviewed-on: https://code.wireshark.org/review/12691
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The offsetof() macro is an ANSI C library feature.
Change-Id: I2ac91b0b4c94c6f6baf14133b076fdc5ed2e182b
Reviewed-on: https://code.wireshark.org/review/12707
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That gets rid of some duplicate code.
Change-Id: I4b65c6c73929d18602f6b0425e4f3dbbabbf0127
Reviewed-on: https://code.wireshark.org/review/12713
Reviewed-by: Guy Harris <guy@alum.mit.edu>
MIN_PACKET_SIZE is define on caputils/capture-pcap-util.h to 1
Change-Id: Ib6486608cf3e0eac898ba859cf46e9d403d493d0
Reviewed-on: https://code.wireshark.org/review/12364
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The "-Wwrite-strings" flag produces nuisance warnings. These warnings are
not useful, they're impossible to fix in a sane way and therefore are being
handled with casts of static strings to (char *).
This just moves the warning to [-Wcast-qual] and a compiler pragma is
in turn required (and used) to squelch that warning.
Remove the Wwrite-strings warning. Let that responsibility fall on the
programmer (as is done by casting).
Change-Id: I5a44dfd9decd6d80797a521a3373593074962fb5
Reviewed-on: https://code.wireshark.org/review/12162
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Those are obviously wrong.
Also, clean up some stuff left over from the GTK+ 1.x days; GTK+ 2.x
doesn't expose raw XLFD font names, it lets you specify a font by name
and size, and font_zoom() doesn't determine whether the font is
resizeable - it just constructs a new font name/size pair and leaves it
up to its callers to try to load the font, so "there's no such font as
Wingdings Gothic" and "you can't blow up Fraktur to 10 million points"
both show up as errors loading the font by name.
Bug: 8854
Change-Id: I6af142c75c9ebabd1a95308c203f8cb1f36dd82f
Reviewed-on: https://code.wireshark.org/review/12549
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Valgrind report leaks of several allocations like these:
590 bytes in 50 blocks are possibly lost in loss record 29,818 of 31,670
at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0xCB9C8A7: __vasprintf_chk (vasprintf_chk.c:82)
by 0xA3D8DCA: g_vasprintf (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0xA3B846C: g_strdup_vprintf (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0xA3B850B: g_strdup_printf (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.4)
by 0x6F4B51: scan_local_interfaces (iface_lists.c:254)
by 0x6EF3D8: iface_mon_handler2 (iface_monitor.c:113)
by 0xBE56F1D: ??? (in /lib/libnl-3.so.200.3.0)
by 0xBA16F19: ??? (in /usr/lib/libnl-route-3.so.200.3.0)
by 0xBE54E5E: nl_cache_parse (in /lib/libnl-3.so.200.3.0)
by 0xBE585CA: nl_msg_parse (in /lib/libnl-3.so.200.3.0)
by 0x6EF372: iface_mon_handler (iface_monitor.c:123)
When the list of network interfaces is updated allocations done
for global_capture_opts.all_ifaces elements leak memory. Fixed by
introducing a helper function to be used for removing an interface_t
element from all_ifaces array. While at it also fixed misc leaks when
updating individual allocated records of all_ifaces elements.
Change-Id: I035e6936a44edeef2ebe4780931c14cde99e93a4
Reviewed-on: https://code.wireshark.org/review/12209
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
- Flush any remaining tapped packets before emitting captureFileRetapFinished().
This ensures that all packets have been treated before returning from retapPackets().
- Remove VoIP tap listeners when captureFileRetapFinished() is emitted.
This avoid summing stats each time the RTP player is opened, leading to wrong
information in VoIP calls window
- Change voip_calls_tapinfo_t redraw member from a boolean to bitmap so as to identify
which tap should call the tapinfo->tap_draw() callback. This allows fixing a race condition
where the RTP player can be empty in Qt UI
- Reset some more statistics in voip_calls_reset_all_taps()
Change-Id: Ie7681702c81d338185c1813f2d340a437edf3a04
Reviewed-on: https://code.wireshark.org/review/12474
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We actually have to *use* the return value of the method, which the macro did
for us.
Change-Id: I240ca7e526a18054fe39c6c4ded902998dc2fef0
Reviewed-on: https://code.wireshark.org/review/12389
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
The interfaces preferences are different for each profile so ensure
we update the interface settings when changing profile.
This bug was introduced in version 1.8.0.
Change-Id: Icf22670875e01bab6204c300ddc7fb8aeb3dcecf
Reviewed-on: https://code.wireshark.org/review/12363
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Change-Id: I7088dfcc0c5873732d972435638f951d5b1921f0
Reviewed-on: https://code.wireshark.org/review/12305
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Don't return allocated memory as a const pointer.
Fixes multiple [-Wcast-qual] warnings.
Change-Id: Ie9ceac27fa2a5eba41a5392ac983ff28c3939239
Reviewed-on: https://code.wireshark.org/review/12267
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Autotools only warning.
Change-Id: I30f33d2f8611d662dbc62326862707bf05ad3f60
Reviewed-on: https://code.wireshark.org/review/12150
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Attempting to open the UDP Multicast Streams dialog in the GTK UI
triggers an instant crash (heap-buffer-overflow).
Déjà vu. This is the same problem that plagued the RTP Streams dialog.
This patch is based on the fix in v1.99.3rc0-33-g2c65b33
(mcaststream_dlg_update confused GList vs. mcaststream_tapinfo_t).
After fixing that, the dialog crashed shortly after setting parameters
(heap-use-after-free). That fix is based on v1.99.10rc0-292-gb02a0ee
(after a retap, the old items were still present in the list).
Just that change was not enough as clearing the list still triggered a
signal, possibly because of the "changed" signal (while the RTP player
uses a selection setter function). Apply the patch based on
v1.99.10rc0-270-g01bd832 (disable selection while clearing).
Change-Id: I152bac6f954d8d1c5c20d6c7d56a196c3e20c681
Reviewed-on: https://code.wireshark.org/review/12227
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
MSVC compiler does not support properly setting an enum being part of a bit field.
For example the following code:
pinfo->fd->flags.encoding = PACKET_CHAR_ENC_CHAR_EBCDIC;
changes pinfo->fd->flags.encoding from 0x0 to 0xfffffffe instead of 0x1
Let's put back an unsigned int definition (like it is in master-1.12 branch) and add explicit casts where required
Bug: 11787
Change-Id: Idae0140fb6c172f1b3dbf10baefc8cfb00128f4c
Reviewed-on: https://code.wireshark.org/review/12220
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Valgrind report leaks like these:
6 bytes in 6 blocks are definitely lost in loss record 2,197 of 46,703
at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0xA5C1610: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA5D8B0E: g_strdup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0x69A211: ManageInterfacesDialog::localAccepted() (manage_interfaces_dialog.cpp:454)
by 0x69A500: ManageInterfacesDialog::on_buttonBox_accepted() (manage_interfaces_dialog.cpp:211)
by 0x71DB32: ManageInterfacesDialog::qt_metacall(QMetaObject::Call, int, void**) (manage_interfaces_dialog.moc.cpp:245)
by 0xBEBE36C: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.2.1)
by 0xBEBE2A5: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.2.1)
by 0xAF87E41: QAbstractButton::clicked(bool) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.2.1)
by 0xAD11095: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.2.1)
by 0xAD11BAD: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.2.1)
by 0xAD11D23: QAbstractButton::mouseReleaseEvent(QMouseEvent*) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.2.1)
96 bytes in 4 blocks are definitely lost in loss record 42,458 of 52,779
at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0xA5C1610: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA5D722D: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0xA5B84F3: g_list_append (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
by 0x731F9A: hide_interface (iface_lists.c:426)
by 0x69A211: ManageInterfacesDialog::localAccepted() (manage_interfaces_dialog.cpp:454)
by 0x69A4F0: ManageInterfacesDialog::on_buttonBox_accepted() (manage_interfaces_dialog.cpp:211)
by 0x71DB22: ManageInterfacesDialog::qt_metacall(QMetaObject::Call, int, void**) (manage_interfaces_dialog.moc.cpp:245)
by 0xBEBE36C: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.2.1)
by 0xBEBE2A5: QMetaObject::activate(QObject*, int, int, void**) (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.2.1)
by 0xAF87E41: QAbstractButton::clicked(bool) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.2.1)
by 0xAD11095: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.2.1)
These are caused by leaks inside hide_interface function and among
its users. Fixed by letting hide_interface function free its
resources properly and making sure the users follow the pattern.
Change-Id: I91527b83d36dc38b402d0f4a1db4b7db40fd83f9
Reviewed-on: https://code.wireshark.org/review/12113
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
* Don’t add a global profile if having a personal copy.
* Fetch profiles from _current_ profiles list.
* Separate personal and global profiles.
* Use bold and checked for the the current profile.
* Fixed selection of the current profile in the manage profiles dialog.
* Aligned GTK version with Qt version, removed the “New from Global” sub menu.
Change-Id: I2326b39f7d04411000b3c014e3775284392c48c7
Ping-Bug: 11704
Reviewed-on: https://code.wireshark.org/review/12034
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Added get_column_tooltip() to use common code in GTK and Qt.
Change-Id: I2f6ce95e2e129752bbb958a28aec6f42aa81be3d
Reviewed-on: https://code.wireshark.org/review/12047
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update the logic in ui/qt/main_window.cpp:mergeCaptureFile to match
ui/gtk/capture_file_dlg.c:file_merge_cmd. This ensures that we don't try
to use a stale (and freed) read filter.
Call cf_set_rfcode in both.
Bug: 11718
Change-Id: I6da65e428bff39e907f45992bac7337880c02ce9
Reviewed-on: https://code.wireshark.org/review/11895
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Increment the reference counter each time a flow sequence window is opened.
Free seq_analysis_info_t structure once the last flow sequence / VoIP calls / SIP flow window is closed.
Bug: 11712
Change-Id: I20fcb922b0516417d4bd74cdf75475dcb31f8b90
Reviewed-on: https://code.wireshark.org/review/11851
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Use GResource instead, if available. Add autotools and cmake compile time
checks for build requirements (GIO >= 2.32 and GDK-Pixbuf >= 2.26).
Merge all the various static pixbuf csource header files into
a single pixbuf-csource.h header with external linkage through use of the
tools/make-pixbuf-csource.pl script.
Fix inline pixbuf build target for some image paths (broken for GTK
in gb4a4de7).
Add missing 'expert_ok.png' file to distribution (GTK only).
Minor improvements to style/structure of ui/gtk/Makefile.am.
Bug: 10750
Change-Id: I031296b666ee8b92730400dfa6f71f9ee4304863
Reviewed-on: https://code.wireshark.org/review/10992
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It includes the temporary-file generation, so you don't have to do it
yourself.
Change-Id: I0798df95a5c5646224ec49612f50b423ed78547a
Reviewed-on: https://code.wireshark.org/review/11751
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Be more consistent about using the ws_ routines, as we suggest in
README.developer.
In C++ on UN*X, define ws_close as ::close rather than close, so that it
works even in classes with methods or members named "close".
Change-Id: Ide2652229e6b6b4624cbddae0e909a4ea1efa591
Reviewed-on: https://code.wireshark.org/review/11637
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have wsutil/file_util.h include them on UN*X, just as it includes io.h
on Windows, so we can have a rule of "if you do file operations, include
<wsutil/file_util.h> and use the routines in it".
Remove includes of unistd.h, fcntl.h, and sys/stat.h that aren't
necessary (whether because of the addition of them to wsutil/file_util.h
or because they weren't needed in the first place).
Change-Id: Ie241dd74deff284e39a5f690a297dbb6e1dc485f
Reviewed-on: https://code.wireshark.org/review/11619
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I1e4700b505746c49ea518dc401be590740720a57
Reviewed-on: https://code.wireshark.org/review/11600
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This is hopefully just the first step in getting DCE/RPC dissection to use "standard" APIs instead of homegrown ones.
For starters, it allows Decode As functionality to be less hacky (although incomplete in Qt)
Change-Id: Ia0923a3d8d514ab7acce32e26ee7e08f6e24feca
Reviewed-on: https://code.wireshark.org/review/11468
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It ends up dragging in libwireshark headers, which programs not linking
with libwireshark shouldn't do. In particular, including
<epan/address.h> causes some functions that refer to libwireshark
functions to be defined if the compiler doesn't handle "static inline"
the way GCC does, and you end up requiring libwireshark even though you
shouldn't require it.
Move plurality() to wsutil/str_util.h, so that non-libwireshark code can
get it without include epan/packet.h. Fix includes as necessary.
Change-Id: Ie4819719da4c2b349f61445112aa419e99b977d3
Reviewed-on: https://code.wireshark.org/review/11545
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's only used by the GTK+ main menubar code, so put it there. I guess
the Qt UI either doesn't have such a limit or defines it itself.
Change-Id: I221be506ac40eee33514301db737ef7e22deb7a6
Reviewed-on: https://code.wireshark.org/review/11385
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Rename the color_dissector_filters.[ch] files to just
dissector_filters.[ch], and rename the routines not to include the
string "color_", as those filters can be used as color filters *or*
display filters.
Remove "color_" from other places where we're not doing colorization.
In the GTK+ code, combine the two loops that add menu items for filters
in the dissector-provided filters list into one.
Change-Id: I08ecccc6b1b1be675e4129a0589f36c9f240407c
Reviewed-on: https://code.wireshark.org/review/11379
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have epan_init() return a success/failure Boolean indication. Catch
exceptions when calling the dissector registration routines and, if we
get one, report the error and return a failure indication.
If epan_init() fails, quit, but first make sure the reported error is
displayed.
Change-Id: I0300cbb1f66a5644f857a205235124909d684c50
Reviewed-on: https://code.wireshark.org/review/11340
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It looks like this one fell through the cracks because it dynamically
registered itself via register_tap_listener_gtksipstat and wasn't listed
in the "/Telephony/" path in main_menubar.c.
Ping-Bug: 11638
Change-Id: I4c82b36d204207c81e82a19efce98b6a091351ca
Reviewed-on: https://code.wireshark.org/review/11293
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
In the GTK, there was "colorize" (via context menu using color_dissector_filter.{c,h}) or "not colorize" (via main menu using dissector_filters.{c,h}). In Qt, you have the option to colorize (via context menu using color_dissector_filter.{c,h}) or not colorize (via main menu using color_dissector_filter.{c,h}).
Combine all into "colorize" and convert GTK to use color_dissector_filter.{c,h} in the "not colorize" main menu like Qt.
Change-Id: Ib3ca1c822f5f66ab5b812632d808f7905b328483
Reviewed-on: https://code.wireshark.org/review/11263
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Qt GUI allows to keep windows open after closing the capture file. Let's not access to freed memory.
Bug: 11573
Change-Id: I9e70d818a4b228af319961ec512b6b9725792477
Reviewed-on: https://code.wireshark.org/review/11270
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Replace remaining calls to SET_ADDRESS, CMP_ADDRESS, ADDRESSES_EQUAL,
COPY_ADDRESS, and COPY_ADDRESS_SHALLOW with their lower-case
equivalents.
Replace all ADD_ADDRESS_TO_HASH calls with add_address_to_hash.
Change-Id: I4cff857d7a84085abe0bccd52d2605d2a468bf6f
Reviewed-on: https://code.wireshark.org/review/11229
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Replace CMP_ADDRESS, COPY_ADDRESS, et al with their lower-case
equivalents in the ui directory.
Change-Id: I10e95e66c8da5b880133452ebc484c53046e87ba
Reviewed-on: https://code.wireshark.org/review/11199
Reviewed-by: Michael Mann <mmann78@netscape.net>