A common pattern is to build the source artifacts within a *build* dir.
For example, the wiki instructions for [building `wireshark` on `macOS` specify to
create a `./build`
directory](https://gitlab.com/wireshark/wireshark/-/wikis/BuildingAndInstalling#macos):
```
mkdir build && cd build && cmake ../ && make
```
So this commit adds this directory to `.gitignore` to prevent
accidentally committing build artifacts.
The specific format `/*build*/` protects against the following:
1. The leading slash makes sure only top-level directories that match
this pattern are ignored.
2. The trailing slash makes sure that only directories (and not files)
are ignored.
3. The wildcards catch all the various variations on `build` folder name
that are used...
These were detected by running check_typed_item_calls.py
with --consecutive, which flags items that have different
labels but the same filter string. Usually this is because
of copy/paste.
Quite a few similar bugs still exist, will address in a future commit.
QGraphicsScene::clear() doesn't reset the scene's the size and scroll
position. This is useful when we switch between packets, but we should
do a hard reset when switching between captures.
Fix some issues discovered by common python linters including:
* switch `None` comparisons to use `is` rather than `==`. Identity !=
equality, and I've spent 40+ hours before tracking down a subtle bug
caused by exactly this issue. Note that this may introduce a problem if
one of the scripts is depending on this behavior, in which case the
comparison should be changed to `True`/`False` rather than `None`.
* Use `except Exception:` as bare `except:` statements have been
discouraged for years. Ideally for some of these we'd examine if there
were specific exceptions that should be caught, but for now I simply
caught all. Again, this could introduce very subtle behavioral changes
under Python 2, but IIUC, that was all fixed in Python 3, so safe to
move to `except Exception:`.
* Use more idiomatic `if not x in y`--> `if x not in y`
* Use more idiomatic 2 blank lines. I only did this at the beginning,
until I realized how overwhelming this was going to be to apply, then I
stopped.
* Add a TODO where an undefined function name is called, so will fail
whenever that code is run.
* Add more idiomatic spacing around `:`. This is also only partially
cleaned up, as I gave up when I saw how `asn2wrs.py` was clearly
infatuated with the construct.
* Various other small cleanups, removed some trailing whitespace and
improper indentation that wasn't a multiple of 4, etc.
There is still _much_ to do, but I haven't been heavily involved with
this project before, so thought this was a sufficient amount to put up
and see what the feedback is.
Linters that I have enabled which highlighted some of these issues
include:
* `pylint`
* `flake8`
* `pycodestyle`
Simple decompression algorithm that encodes a single byte and the
number of times it is repeated.
This algorithm can only be used in chained compression packets.
The compression header "reserved" field is now a flags field.
If the flags have the CHAINED bit, the meaning of the offset field
changes and becomes a length field.
"old" compressed method:
[COMPRESS_TRANSFORM_HEADER with Flags=0]
[OPTIONAL UNCOMPRESSED DATA]
[COMPRESSED DATA]
new "chained" compressed method:
[fist 8 bytes of COMPRESS_TRANSFORM_HEADER with Flags=CHAINED]
[ sequence of
[ COMPRESSION_PAYLOAD_HEADER ]
[ COMPRESSED PAYLOAD ]
Implements [1]. Some code was intentionally simplified from the previous draft
implementation, pending some real-world motivation.
[1]https://datatracker.ietf.org/doc/rfc8754/
Until now, mistakenly, the buffer for decompressing compressed BLIP messages
has been statically allocated as 16 Kb, but that is not valid behavior.
16 Kb is the maximum size of a _compressed_ frame. In theory, due to the
ability to zipbomb, there is virtually no upper bound on what the maximum
size of an uncompressed frame could be. However, to keep sanity, it has
been made into a preference with a reasonable default that is not likely to
be exceeded (64 Kb). The behavior before for this was that wireshark would
crash because the dissector would return NULL for a decompressed buffer due
to error and then try to deference it later. A null check has been added,
so that the behavior is now that the packet will show
'<Error decompressing message>' instead, and log why it couldn't handle the
compressed message. Closes#16866.
In requests:
There appear to be 2 bytes of unknown data (typically 0) after the
2-byte Request Flags field (are they just 2 bytes of additional flags?).
Skip past them before dissecting the iterator.
If there are no bytes remaining in the packet after the parent ID, stop
dissecting; some packets seem to stop there. For those requests, assume
that the response will contain :
entry ID;
entry flags;
subordinate count;
modification time;
base class;
relative distinguished name;
although the last of those might be something else (it appears to be of
the form "CN={name}").
In replies:
For each returned entry, if the requested field flags in the request had
the DSI_OUTPUT_FIELDS bit set, fetch the returned field flags and use
that to determine what fields are present; otherwise, use the requested
field flags.
In dissect_nds_request():
Fill in fieds of the ncp_record structure only on the first pass; once
the first pass is complete, the structure's fully filled in.
That fixes cases where NDS replies aren't fully dissected because the
NDS verb isn't added to the ncp_record structure when the request is
dissected.
Fill in elements as soon as we have the value needed to fill it in, so
that it's filled in even if we throw an exception later, and so that
it's filled in only if we have the value in the packet, so that a valid
value isn't overwritten by a later packet that doesn't have the value.
This fixes cases where, in the second pass, NDS replies aren't fully
dissected because the NDS verb is overwritten in the ncp_record
structure when a continuation of the request is dissected.
Note that we should perhaps make the object_name field a pointer to a
wmem-allocated string, so that NULL can indicate "not set, hence not
known".
Following changes in the file:
1. Explain usbll_address_t and usbll_data_t.
2. Grouping header fields belonging to the same type of packets.
3. Removed unnecessary condition check for usbll_data pointer
in dissect_usbll_data function.
4. Brief comments on the Macros.
5. Correct code indentation at a few places.
Signed-off-by: Ameya Deshpande <ameyanrd@outlook.com>
Use the DSI_ defines, rather than the raw hex values for bits, to make
it clearer what's being tested.
Make all of the DSI_ #defines, rather than just some of them, unsigned.
when a new AR is established between devices which already
has another AR, same station_info was used and it caused wrong
dissection problem of IOCS and IOData objects of related AR.
In order to fix problem, new struct is added in order to match
station_info and corresponding ARs. New struct is used for
keeping ARUUID, related inputCR and outputCR frame IDs and
setup/release frame numbers of ARs. ARUUID's are used for
adding station_info data to their corresponding conversations.
If matching ARUUID and Frame IDs are found in RTC frame
dissection, then corresponding IOCS and IOData objects are
dissected.
Playing with the sample capture from bugzilla bug 10562, dissection of
packet 491 (ecmp file_info request) brought up an expert info about a
malformed packet.
The request contains a list of requested attributes. For each attribute,
only the attribute ID is part of the request. The current code tries to
dissect each attribute, this fails when we only have a list of
attribute IDs...
Add a subtree for the list of IDs (and the length of that list).
While at it, remove some unnecessary variable initializers.