Both are only applicable for unicast transmissions, and the latter is
only meaningful for UL-SCH
Change-Id: If8a512b02964ec1be63a3901bd8c84082325659e
Reviewed-on: https://code.wireshark.org/review/30342
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
id_list and ofs_list contain offsets read directly from the packet.
While the field type is FT_UINT32, it is somehow interpreted as signed
number. This means that ofs_table->offset_list[id_list[idx]]=... could
in fact result in an arbitrary write before "ofs_table->offset_list" due
to id_list[idx] being negative.
Another way for id_list[idx] to remain negative (-1) is for the loop to
terminate before all "field_count" elements are set. Thus, remove the
"datalen_remaining >= L_LBMPDM_OFFSET_ENTRY_T" check, if the offset is
invalid the proto_tree_add_item accessors will throw an exception.
Fixes the crash in the linked bug. Regression tested against the 8
capture files from bug 9718, its dissection results are still the same.
Bug: 15132
Change-Id: If5d2f11ee47578acb80bc43ba7ed16adb27e0c02
Fixes: v1.11.3-rc1-2270-g2f4ca9c8d9 ("Initial checkin of LBM aka 29West dissectors. See Bug 9718.")
Reviewed-on: https://code.wireshark.org/review/30300
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This change adds a python (3) script that generates the file packet-dcm.h from
the DocBook sources of the DICOM standard. They can either be present in the
current directory where the script is run, otherwise the current version is
downloaded from the DICOM standard official website.
Change-Id: Ibc0d88e52a5960b48624f729a67a0effbb7c1005
Reviewed-on: https://code.wireshark.org/review/30338
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This is in preparation for generating the tables automatically from the DocBook version
of the DICOM standard. In this commit, there are no changes to the actual contents
of the tables, to facilitate reviewing the actual changes that results from the update.
Change-Id: I3b11597277537901e5804bb246d5f3777bb463d9
Reviewed-on: https://code.wireshark.org/review/30337
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Previously installed as transitive dependency of libgtk2.0-dev.
Installed as transitive dependency of libjson-glib-dev since
v2.9.0rc0-201-g511c2e166a, but this is an optional package.
Change-Id: Id4b8523b2d614d273fdb71e91878d4d1a4518572
Fixes: v2.9.0rc0-310-gf23a934492 ("Don't install autotools or GTK+, but do install CMake.")
Reviewed-on: https://code.wireshark.org/review/30336
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The chmods seem to be working.
Change-Id: I0f85a1428de511497597a3fd304c700ea1a1f846
Reviewed-on: https://code.wireshark.org/review/30331
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For some reason it's *not* taking away write permission; make it verbose
to try to debug that.
Change-Id: I180309953d36798d2da3a74959cdd934adc5a4a3
Reviewed-on: https://code.wireshark.org/review/30325
Reviewed-by: Guy Harris <guy@alum.mit.edu>
But *do* get rid of the pre-launchd XQuartzFixer startup item; it's
probably not there, but we might as well leave things as clean as we
can.
Change-Id: Icfdbe6c0d022cde8cf30bd3c79fbf77896e6fe98
Reviewed-on: https://code.wireshark.org/review/30322
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I1f828df1735bd10ef8849d208e10ea1339ba37e2
Reviewed-on: https://code.wireshark.org/review/26403
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a preference (enabled by default) that can enable/disable the ability for Wireshark to autocomplete display and capture filter controls.
Bug: 14368
Change-Id: Ib2b688bb75c4465dab14a6a635a870d7e5c4fe80
Reviewed-on: https://code.wireshark.org/review/30320
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
dfilter/group_double tests have been removed and need to be replaced by leveraging
another protocol.
Bug: 15049
Change-Id: I354a27a5217336ee5c9b1d021a2d3226e3532eec
Reviewed-on: https://code.wireshark.org/review/29035
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Take away group write permission for stuff under
/Library/Application Support/Wireshark. For some reason, it's getting
set; it's not necessary.
Change-Id: I4280a635e0c171cf5ad17cb91fe20d746c2daf79
Reviewed-on: https://code.wireshark.org/review/30317
Reviewed-by: Guy Harris <guy@alum.mit.edu>
WNSRP packets are the same as SRP packets, just with a different Command Code.
Change-Id: I41e0ab4cbe90497fd7fb4142b119edb79c1477df
Reviewed-on: https://code.wireshark.org/review/30205
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Opening the Follow TCP Stream dialog triggers redissection and ended up
triggering a "first <= rowCount(parent)" assertion failure. Fix the
first and end arguments to reflect the actual number of displayed rows.
Bug: 15014
Change-Id: Ic07834948a133bea752e45751ebe8be2da98a35e
Reviewed-on: https://code.wireshark.org/review/30302
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix the build with newer gcc versions:
./epan/dissectors/packet-ldap.c
./asn1/ldap/ldap.cnf: In function ‘dissect_ldap_AttributeValue’:
./asn1/ldap/ldap.cnf:453:11: error: variable ‘len’ set but not used [-Werror=unused-but-set-variable]
cc1: all warnings being treated as errors
ninja: build stopped: subcommand failed.
Change-Id: Id3a5369b4ca29f6989ab7b0bd652d72c239164a5
Reviewed-on: https://code.wireshark.org/review/30313
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Nest testing was added in I5f6da3a3e269f6db1b690b77470ddf60045bcedd as
a reaction to CVE-2018-12086. In this changed there was only nest
increment without decrement.
Bug: 15226
Change-Id: I178fad4be1106c8da23351220c95c85274bddc30
Reviewed-on: https://code.wireshark.org/review/30285
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
They don't need it; read permission suffices.
While we're at it, rename a variable to indicate that it's the path to
the plist for ChmodBPF, not the path to the executable for ChmodBPF.
Change-Id: Ib7537e26ae3f4477c4110759049a8cd7d2f09cf6
Reviewed-on: https://code.wireshark.org/review/30303
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Instead of trying to byte swap all of pcapng's block types, refuse
to handle pcapng sources that have a different byte order.
Rename cap_pipe_adjust_header to cap_pipe_adjust_pcap_header.
Change-Id: I2615da57ba9d3fc365c631dc191f7767a284d460
Reviewed-on: https://code.wireshark.org/review/30235
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: James Ko <jim.list@hotmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If no dissector is defined, the macro should not be defined either.
Change-Id: If9c24d2b223e93f1d42f8a7444fd019aad4c5c1d
Fixes: v2.9.0rc0-2266-g7e88bb5e53 ("fuzzshark: integrate oss-fuzz targets in CMake")
Reviewed-on: https://code.wireshark.org/review/30299
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The COMPILE_OPTIONS source file property was introduced with CMake 3.11,
disable warnings via a target property instead (available since 2.8.12).
Disable some VS Code Analysis warnings. These flags seem to be accepted
since VS2015, so they can be added unconditionally.
Change-Id: Idfbf154caf8c1168f1f871a640a25b816a2cfab8
Fixes: v2.9.0rc0-2274-g7ce9081fdc ("lemon: sync with upstream (2018-09-08)")
Reviewed-on: https://code.wireshark.org/review/30298
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Register the follow_free as a finish callback.
Call the tap's finish callback in free_tap_listener which is called from
both remove_tap_listener and tap_cleanup.
Describe the finish callback in README.tapping
Change-Id: Ie79ce8f39b0ca6d84810d2e3307dcff38b18d3ac
Reviewed-on: https://code.wireshark.org/review/29309
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This allows dissectors to check if a portion of the tvb is an ascii string while hiding the use of tvb_get_ptr.
Change-Id: Iaec7559dcfdefb8a5ae23e099ced45e90e611f8f
Reviewed-on: https://code.wireshark.org/review/30291
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Changes:
- Drop the old basename modification that was present in the Wireshark
version of lemon.c. Use a new option available since 2018-04-20
("Add the -dDIRECTORY command-line option to LEMON.")
- Redo the static analyzer warning fixes, identifying the root causes
and adding assertions instead of hiding code with __clang_analyzer__.
- Ignore compiler warnings instead of adding config.h, _U_, extra const
keywords, unsigned/signed changes, etc.
- Remove lemon.html, it is out-of-date and external links are available.
In order to make future updates easier, document the exact steps that
were followed to create the lemon.c and lempar.c files. Future changes
SHOULD follow the same process.
My process to reach this updated lemon version:
1. Identify previous sync. Found v2.5.2rc0-147-g653af0f6d0 ("lemon: Sync
with latest trunk.") which seems based on sqlite commit 2b3d584ffe.
2. Check successive Wireshark patches. Identified many non-functional
changes to silence compiler warnings and static analyzer issues.
Found one feature (basename) that can be replaced with upstream -d.
3. Write minimal patches and document changes.
Upstream typos and coding style issues (other than trailing whitespace)
were deliberately not fixed to remain as close as possible to upstream.
Change-Id: I606f46dede86e34520f962a9e7163912392aad57
Reviewed-on: https://code.wireshark.org/review/30290
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Building without -DENABLE_ASAN=1 but with -fsanitize=address (as is done
by oss-fuzz) still triggers a memleak report. Closer inspection revealed
that two other members were leaked.
Change-Id: I3d022ac50c554891a73b9380b7879c1a60c3c798
Reviewed-on: https://code.wireshark.org/review/30289
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Using unregistered etts leads to an abort so check for them in checkAPIs.
This does slow down checkAPIs by about 15% but it seems a reasonable cost
for the benefit.
Note that finding ett registration blocks was fairly inaccurate so we
just check for whether ett variable addresses are used - on the assumption
that if someone's using the address they're probably using it to register
the ett.
Change-Id: Ifbac75c4a8a0fdb27d9c9d1584a2de791bfbc118
Reviewed-on: https://code.wireshark.org/review/30293
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This makes it easier to find (and check) them programatically.
Change-Id: I8eb99116fa582eddc534659589b361edd91c085a
Reviewed-on: https://code.wireshark.org/review/30292
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Most of them are unsigned; do the appropriate fetching, checking, and
writing-to-UAT-file for them. Have separate macros and routines for the
one signed one, which is the drbid in the LTE MAC dissector.
Use the Wireshark string-to-number routines; they do the appropriate
bounds checking, and make sure unsigned numbers don't start with a -.
Change-Id: I4f137aa31d631c5b5622b2c320574b8ab3333f31
Reviewed-on: https://code.wireshark.org/review/30288
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I55bd26abde59442280833973f6a6b52ba1d7b337
Reviewed-on: https://code.wireshark.org/review/30262
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
We need to get the fields corresponding to those protocols, so we know
the range within the packet that those protocols cover.
Improve a debugging message while we're at it.
Bug: 15208
Change-Id: Idc329079584e8d035622b148503a2ec1a295ccaa
Reviewed-on: https://code.wireshark.org/review/30280
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The current fuzzshark target built by CMake is not usable for fuzzing.
Address this by adding a new ENABLE_FUZZER option that enables mandatory
instrumentation and libFuzzer linking options for the fuzzshark binary.
Create more CMake targets for specific fuzzing targets such as
fuzzshark_ip and fuzzshark_ip_proto-udp. These targets are not built by
default, either build individual targets or use the all-fuzzers target.
Now these binaries are not specific to oss-fuzz, so move them to a new
directory (perhaps the corpora can be added here in the future).
oss-fuzz build.sh is simplified and reuses the CMake targets.
When OSS_FUZZ is set, it will force static linking with external
libraries and limit parallel linker jobs (maybe not necessary for
Google's oss-fuzz builders, but my 8G/6c VM ran out of memory).
Change-Id: If3ba8f60ea1f5c3bd2131223050a81f9acbce05d
Reviewed-on: https://code.wireshark.org/review/30228
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
MIC length is determined automatically for OWE and multiple MIC lengths per session are supported.
Bug: 15215
Change-Id: Ie655fbd3fdc8555df430d4dc8a0081e169150c28
Reviewed-on: https://code.wireshark.org/review/30246
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The new pattern is from the Perl FAQ; it works better for me than the
old code. Of note is that it works with C++/C99-style comments
following a statement (as opposed to at the start of a line).
The new regex is only slightly slower than the old one: `make checkAPI`
goes from 3m30s of user time to 3m35s.
The big functional difference can be seen by looking at the
post-removal contents of packet-hl7.c.
Before:
struct msh { // typical/default values
char field_separator; //
char component_separator; //
char repetition_separator; //
char escape_character; // &\0\0MSH\0\0';
if (tree) {
(With the old regex we lost a lot of code!)
After:
struct msh {
char field_separator;
char component_separator;
char repetition_separator;
char escape_character;
char subcomponent_separator;
char message_type[4];
char trigger_event[4];
};
Change-Id: Iac35413d480cc7b05b820cb3b292f87ed30e6801
Reviewed-on: https://code.wireshark.org/review/30265
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Jeffrey Forhan