Also ensured some files have their correct names at the top so they are more easily grepped
Change-Id: Ib0f5ddf14eb1616a93dee496107dc0eb09048825
Reviewed-on: https://code.wireshark.org/review/2452
Reviewed-by: Michael Mann <mmann78@netscape.net>
Essentially:
When more data is needed to continue dissecting a PDU, use
DESEGMENT_ONE_MORE_SEGMENT instead of repeatedly requesting
additional bytes (for one or a few more fields).
- Improves the efficiency of the dissection;
- Prevents 'one-pass' tshark dissection from redissecting
the PDU repeatedly many, many times with each time dissecting
the PDU with one or a few more additional fields.
This generated *lots* of (repeated) output since a reassembled
VNC PDU can contain many fields (each of short length).
- (A comment in packet-tcp.c states, in effect, that repeatedly
requesting a specific amount of more bytes to dissect a PDU
will "break reassembly" although I note that the reassembly did
seem to work (in-efficiently)).
Note: Although this patch improves the handling of reassembly, the
dissector has significant issues. For example. see Bug #5366.
I expect this fixes the Bug #10134 issue: "Cannot allocate memory";
Before the fix, 'tshark -nVxr' for the input file generated trees with
multiple hundreds of thousands of entries and generated reassembled
PDUs consisting of many, many small fragments.
Change-Id: I970037c346fbaa4bffa5726fd5bee5f69396eabf
Reviewed-on: https://code.wireshark.org/review/2471
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Also rename base protocol filter name to match prefix of all other fields
Change-Id: Iff234c1443252b9f8e6d87fd7a76925746b5e513
Reviewed-on: https://code.wireshark.org/review/2449
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Cleaned up filter names that were shared, but had different types (which can cause problems in a display filter compare)
Also cleaned up many [FIELDDESCR] that effectively mimicked the field name. Even more could probably be done (and/or rename field name to be more descriptive), but I was being conservative.
Change-Id: I2e072b4f411c390b9430a0a0d903133d6decae5e
Reviewed-on: https://code.wireshark.org/review/2448
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't manually fetch each character to find ',' use tvb_find_guint8()
Change-Id: I29711421469e868a86bf2edd7adf8dcc85ed26eb
Reviewed-on: https://code.wireshark.org/review/2446
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I59ad726c16d4a85dd065f4a21bdf5d86e47c82cd
Reviewed-on: https://code.wireshark.org/review/2451
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(unknown length)
this fixes bug 9527
Change-Id: I255ae9662dfeea06e61e4b0891e0ea8eaa254d0f
Reviewed-on: https://code.wireshark.org/review/2462
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ie1a71046b791bcbbf3cf02ddd1c4ddc88b388302
Reviewed-on: https://code.wireshark.org/review/2461
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Check for all the different AF_INET6 values that are on various OSes.
If Totem is, and will forever be, used *ONLY* on one particular OS, feel
free to remove the uses of other _AF_INET6 values (but do *not* change
back to using the OS's AF_INET6; this should dissect the protocol
correctly on *all* OSes).
Add a common AF_INET definition to epan/aftypes.h while we're at it, and
use that; as most OSes picked up 4.2BSD's AF_INET value, most if not all
of them use 2, but IPv6 came out after 4.2BSD, and various OSes all
picked their own values for AF_INET6.
Change-Id: Iae15dfdd15203ed3ecd078a6499821dc09139a98
Reviewed-on: https://code.wireshark.org/review/2458
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ieb231d9f551f3e157197f56378088fb0069388d3
Reviewed-on: https://code.wireshark.org/review/2455
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ib3a1ddc4342a7a8648d6ed8bfcb35aa229c56a27
Reviewed-on: https://code.wireshark.org/review/2445
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I487a3451344796447f0d5621b993cc89c29e93b5
Reviewed-on: https://code.wireshark.org/review/2383
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
At least now it does. (So does ep_address_to_str().)
Change-Id: I5fdf15ca42faac802fd21b4b6f5b750ed402bd05
Reviewed-on: https://code.wireshark.org/review/2442
Reviewed-by: Guy Harris <guy@alum.mit.edu>
ep_address_to_str() doesn't crash if called outside packet scope, but
it's still not correct to use outside packet scope. Use
address_to_str(NULL, ...) to allocate those strings, and then explicitly
free them when we're done; exceptions don't get thrown between the
allocate and free, so there's no risk of a leak.
Change-Id: Iea2af93b0757e648d399e2ba64249224eb7e9e3c
Reviewed-on: https://code.wireshark.org/review/2438
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Most (all?) of these functions are being called within GUI, so they can't have packet_scope, which is why they weren't already converted (I made this mistake once already)
This reverts commit 7fea55a054.
Change-Id: I4bf29b206e5e1f5daefcec131309a8f6e78e1eb1
Reviewed-on: https://code.wireshark.org/review/2428
Reviewed-by: Michael Mann <mmann78@netscape.net>
They aren't built with the same warning flags as normal, but if you add those
flags a bunch of warnings show up.
Change-Id: If3776fbd98cc45e473f055e07c86ea8f6a5034f7
Reviewed-on: https://code.wireshark.org/review/2432
Reviewed-by: Evan Huus <eapache@gmail.com>
From Masatake YAMATO
changes in patch3 (Masatake YAMATO):
* Fix a typo(s/Sequnce/Sequence/)
* Use variable len instead of a number literal
* Put _U_ marker to length parameter of dissect_corosync_totemsrp_ip_address
* Use tvb_report_length instread of tvb_length
changes in patch5 (Masatake YAMATO):
* packet-corosync-totemsrp.c: Adapt to new dissector_try_heuristic interface
+ pass hdtbl_entry argument to dissector_try_heuristic.
* packet-corosync-totemnet.c: Initialize corosync_totemnet_port to 5405
changes in patch6 (Masatake YAMATO):
* packet-corosync-totemsrp.c: Use tvb_reported_length instead of tvb_length.
* packet-corosync-totemsrp.c: Remove unnecessary trailing space in string literals.
* packet-corosync-totemnet.c: Remove SVN Id tag in a comment.
changes in patch8 (Masatake YAMATO):
* packet-corosync-totemnet.c: Remove SVN Id tag in comment(again).
* packet-corosync-totemsrp.c: Use val_to_str_const instead of val_to_str.
changes in patch9 (Masatake YAMATO):
* wsutil/sober128.[ch]: New files derived from packet-corosync-totemnet.c.
Decryption code is moved here.
* packet-corosync-totemnet.c: Remove all decryption code from this file.
Change-Id: Id832d9c5ce1be1668c857c9bbf39e8a84c31880c
Reviewed-on: https://code.wireshark.org/review/725
Reviewed-by: Evan Huus <eapache@gmail.com>
I've avoided using any mathematical checks even though tlv type vals increase linearly just in case they change in the future.
Change-Id: I0ec7021df5b91543e12edf9ba8d9c4ac44ecb11c
Signed-off-by: Anish Bhatt <anish@chelsio.com>
Reviewed-on: https://code.wireshark.org/review/2193
Reviewed-by: Evan Huus <eapache@gmail.com>
No need to use dissector_add_uint() with a bogus value.
Change-Id: Ia5e51d199487ba14cd671c7df44231a0d407c50b
Reviewed-on: https://code.wireshark.org/review/2431
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- Combine tvb_find_guint8() for comma, semicolon into one tvb_pbrk_guint8()
- Instead of fetching each character use tvb_pbrk_guint8() to fast
forward.
- Remove not needed tvb_find_guint8() call, as the result is discarded.
Change-Id: I38d6775b187146656d47cea9b64f8e0ccad18d36
Reviewed-on: https://code.wireshark.org/review/2384
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Separating the "try to guess whether there's a control word" type from
the "yes, there's a control word" and "no, there's not a control word"
types is just a huge UI botch.
Make it clearer that the default is "Ethernet pseudo-wire, try to guess
whether there's a control word".
Change-Id: I91cc526fc709ad102b22ca67f5a9d7c98fffa0cc
Reviewed-on: https://code.wireshark.org/review/2414
Reviewed-by: Guy Harris <guy@alum.mit.edu>
and will be verified by Jasper next week
Change-Id: I3cda397285e8174abb9c05b7aaf7c1bfabdfc71a
Reviewed-on: https://code.wireshark.org/review/2408
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Instead, explicitly allocate and free the address string.
Using packet scope was causing test failures.
Change-Id: Ie18d2da44d2eec8a92a6a86b0ba883a5525f49cd
Reviewed-on: https://code.wireshark.org/review/2387
Reviewed-by: Guy Harris <guy@alum.mit.edu>