In CMake we only used PROJECT_RELEASE_VERSION to construct our plugin
path, so rename it to PLUGIN_PATH_ID. Use a dash to separate version
numbers on macOS in order to allow code signing and a period elsewhere.
In the C code we only used VERSION_RELEASE to construct our plugin path,
so rename it to PLUGIN_PATH_ID.
Change-Id: I02abc591d7857269e8d47b414b61df4b28a25f2d
Reviewed-on: https://code.wireshark.org/review/32013
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Set the output_file_name variable for -w regardless of whether we were
built with libpcap or not. If we were built with libpcap, also pass the
flag and its argument to capture_opts_add_opt().
In the reading-a-file code (rather than the doing-a-live-capture code),
use output_file_name as the name of the output file, regardless of
whether we were built with libpcap or not.
This takes a few twists out of the maze of #ifdefs, all different.
Change-Id: I828f1b04dacbf0ea4f3aff36f26cb9a3ffcbc480
Reviewed-on: https://code.wireshark.org/review/32011
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add macros to extract the direction, reception type, and FCS length
fields of the pack_flags field, and add definitions for different
directions and reception types.
Add a macro to construct a pack_flags field value from subfields; this
is for use by non-pcapng file readers (the pack_flags field is just a
copy of the EPB flags option, so that's not needed for pcapng).
Move some #defines for that field from packet-frame.c to wtap.h, and
rename them to match the new macros.
Use the macros rather than rolling our own code.
Fix a variable name in text2pcap.c that apparently had the wrong name,
given the value that was being tested.
Change-Id: Ia788ca4e9f5fabd8d24e6ead5ff1817509f54827
Reviewed-on: https://code.wireshark.org/review/32010
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When underlying dissectors exceed MAX_TREE_ITEMS, the frame dissector
will fail when adding more items. We make room for the following items
by decrementing the count for the current tree before adding them.
This change will fix all errors where underlying dissectors add MAX_TREE_ITEMS
items to the tree.
Bug: 15448
Change-Id: I03f3191cf1b737ac9ab569fbe5bf77f3a30e2401
Reviewed-on: https://code.wireshark.org/review/31975
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
dumpcap with capabilities/setuid currently does not start due to missing
libwsutil when installed to a non-standard prefix such as /usr/local.
Bug: 15490
Change-Id: If7427ba9625d3702ab8aac2deeaf37b6d3fda2a0
Reviewed-on: https://code.wireshark.org/review/31995
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
They weren't getting put in the version-number subdirectory, so the
plugin loader wasn't finding them.
If that causes problems with codesign, then we need to either
1) figure out how to make it work with codesign
or
2) for macOS, not put plugins in a version-number subdirectory
***AND*** change the plugin loading process not to look for
compiled in a version-number subdirectory.
Change-Id: I58d344b728d05369d35edef4e4e530f10034e930
Reviewed-on: https://code.wireshark.org/review/32000
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Update the code signing portions of the packaging scripts to match newer
versions of macOS.
Change-Id: I5e03611d8db61416955e797edcadfcff1404cc38
Reviewed-on: https://code.wireshark.org/review/31996
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Fix offset for reading protocol version
Bug: 15495
Change-Id: I050ee4db23dbafb9cd4c32ed24fcaff0ace4c752
Reviewed-on: https://code.wireshark.org/review/31987
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If the JSON output is written in a script tag for a HTML page, be sure
to not to break it.
Change-Id: I1b9ba6a39faf266e8a7bf9befa2899978beb130c
Reviewed-on: https://code.wireshark.org/review/31953
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
On the second pass, the reserved bits and packet number length were
always displayed as zero. Be sure to use results from the initial pass.
Bug: 15492
Change-Id: I21a34d618a9933bd3ad26b691e043a62e5fcfb41
Reviewed-on: https://code.wireshark.org/review/31976
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Avoid crashed in context menu in Bluetooth windows when there is no any items.
Also add missing last column in "Copy All" in HCI Summary (fix console warning).
Change-Id: I28af0208c3b1c813d43305f3c0a4bf19f66d3e31
Reviewed-on: https://code.wireshark.org/review/31977
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Manually configuring the artifacts at the configuration page does not
work, so let's make artifact uploads automatic again. It was previously
disabled because Dario triggers a lot of builds due to mirroring master.
That issue is now resolved by limiting uploads to other branches.
Change-Id: Id7522c1890ec749b73f9ee16ddbe76a363235663
Reviewed-on: https://code.wireshark.org/review/31962
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Both functions accept an address in network byte order, but
maxmind_db_lookup_ipv4 does not accept a pointer. Add an indirection and
remove unnecessary memcpy calls. This removes some confusion for me.
Change-Id: I291c54c8c55bc8048ca011b84918c8a5d3ed1398
Reviewed-on: https://code.wireshark.org/review/31951
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Ensure that country, city, etc. are reset when processing new responses.
Otherwise if the new response lacks a City, then it would use the result
of the last query. Harden against bad addresses and print debug messages
if a bad address is detected.
Miscellaneous cleanups: improve debug messages (strip whitespace
earlier, etc.), use g_string_assign when possible.
Change-Id: I2acad5fcc02c5a8bf684e8fb01ee2d688d926990
Reviewed-on: https://code.wireshark.org/review/31950
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The "current address" must remain valid until the end of response is
processed, otherwise a bogus entry will be inserted. Move "cur_addr"
outside the block to avoid undefined behavior.
Change-Id: Icc2c64280ffeabd632b51d36d6be2020eb83a6a9
Fixes: v2.9.1rc0-125-g2d9a6c2583 ("maxmind_db: force buffer contain an empty string (CID: 1441961).")
Reviewed-on: https://code.wireshark.org/review/31949
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add locale-independent version that replaces json_dumper_value_anyf for
floating-point numbers. NaN and -/+Infinity are mapped to null.
Change-Id: I8e7856de480b7bcafe77ddd015239e1257768ced
Reviewed-on: https://code.wireshark.org/review/31948
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <jbwzawadzki@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
GRegex is a thin wrapper around PCRE. Inputs (patterns and subjects) are
assumed to be UTF-8 by default (unless G_REGEX_RAW is set). If the
subject is not valid UTF-8, normally pcre_exec will immediately return a
failure. However, as GLib sets PCRE_NO_UTF8_CHECK when G_REGEX_RAW is
given, pcre_exec() will skip the safety check and crash instead.
Fix this by always assuming raw byte patterns. Regression risk: patterns
such as `ö.ï` will no longer match `öñï` since `ñ` is a multi-byte
sequence. Patterns such as `(GET|POST) /` remain functional though.
Bug: 14905
Change-Id: I6450bb83f565d377f82a5dbb01690c5f49acd96f
Reviewed-on: https://code.wireshark.org/review/31935
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Some buffer size checking was off by 1.
Change-Id: Ib99da61f476b6f20abe40311fd2112a8693a7878
Reviewed-on: https://code.wireshark.org/review/31946
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
On Windows, whenever win-setup.ps1 installs new libraries, the old
paths become invalid. As a workaround the user can remove CMakeCache.txt
completely or manually delete entries. Removing the whole file might
lose custom options and clearing individual entries is tedious. Let's
handle this automatically.
Some HAVE_xxx variables from check_function_exists calls in PCAP and
ZLIB, and one from check_symbol_exists in KERBEROS are not cleared.
Those special cases would require too much work, the user should
manually clear their cache in this case if needed.
Fixes my local build since CARES, KERBEROS and LibXml2 were updated.
Special care was necessary for LibXml2 as it will not set cache variable
LIBXML2_LIBRARY when LIBXML2_LIBRARIES is already set.
Change-Id: Ic793bdb67161504aadadf221bd7740a0ca31db63
Link: https://www.wireshark.org/lists/wireshark-dev/201902/msg00028.html
Reviewed-on: https://code.wireshark.org/review/31960
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This was added in v1.99.0-rc1-578-gdbd409d041, but was never used.
Change-Id: Ieb202693d555ff62ff13aca46b0f289f0d4c6cfb
Reviewed-on: https://code.wireshark.org/review/31959
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The platform is retrieved as ENC_ASCII which signifies that the subject
is not expected to contain UTF-8. Set G_REGEX_RAW accordingly.
Does not fix any crashes, it is just a cleanup.
Change-Id: I61edd0204978d5b1e057b4f1cf8cdf8fb43c2a63
Ping-Bug: 14905
Reviewed-on: https://code.wireshark.org/review/31941
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Neither the pattern nor the intended subject (a custom fields filter)
contain UTF-8, so set G_REGEX_RAW accordingly. While a filter such as
`tcp matches "foo\xff"` (with `\xff` being a single byte) was accepted,
it did not trigger a crash though even if the precondition was violated.
Change-Id: I45d76b9abbd942d186dcf70f581121769bbd2d0a
Ping-Bug: 14905
Reviewed-on: https://code.wireshark.org/review/31940
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
None of the patterns try to match UTF-8 text. Treat the inputs as bytes
to avoid potential crashes on invalid subjects (e.g. malformed data from
an extcap binary, ADB or SSH server).
Change-Id: I6f3113cfd9da04ae3fa2b0ece7b0a3a94312830e
Ping-Bug: 14905
Reviewed-on: https://code.wireshark.org/review/31939
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
No UTF-8 patterns are in use. To avoid potential crashes on invalid
input, treat all lines as binary data in the dissector to match wiretap.
Change-Id: I10735c2246536fb4b2fdb9236cdbf7917d2e816c
Ping-Bug: 14905
Reviewed-on: https://code.wireshark.org/review/31938
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
No UTF-8 patterns are in use. To avoid potential crashes on invalid
input, let's treat the key log file contents as binary.
Change-Id: Iab257df2d0863b32961df2199dc755417d28a946
Ping-Bug: 14905
Reviewed-on: https://code.wireshark.org/review/31937
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
"%bcond_without" enables a feature by default. Be sure to explicitly
disable features to match the requested configuration.
Change-Id: I90687f35bcd953670e147be9e70af03aaeaef5dc
Ping-Bug: 14606
Reviewed-on: https://code.wireshark.org/review/31933
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Convert WinPcap references and URLs in error messages and the FAQ
to their Npcap equivalents. Remove some obsolete FAQ entries.
Change-Id: I695d358a2c9cff0939f4ea84ba02d4c62ad7dd01
Reviewed-on: https://code.wireshark.org/review/31943
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Update some items in the toolchain section.
Change-Id: I3c2035873d4ee311b639dd3b5c94e3530abad8bc
Reviewed-on: https://code.wireshark.org/review/31944
Reviewed-by: Gerald Combs <gerald@wireshark.org>
If someone changes this in the future and the data is no longer valid
UTF-8, then crashes can occur.
Change-Id: I2b153d48ee1ef7093a5141001a391dd440c30e58
Ping-Bug: 14905
Reviewed-on: https://code.wireshark.org/review/31942
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Fixing some "implicit conversion loses integer precision" warnings
reported by clang with -Wshorten-64-to-32 option
Change-Id: Icd641d5f4fd8ff129f03f1b9e1da0fc86329f096
Reviewed-on: https://code.wireshark.org/review/31901
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
added new fields (vpn & encryption status and wlan status)
modified display of hook status and bluetooth support
added reserved bytes
Change-Id: I74298a636f60c09d593288fecc16dd8c0373c65d
Reviewed-on: https://code.wireshark.org/review/31892
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Users should not be starting Wireshark as root user (sudo or root
login). If they do, then they can already execute arbitrary code via C
plugins, or read and write arbitrary files. Limiting the Lua API will
not really help these users to prevent breaking their system further.
Therefore remove all artificial restrictions and allow users to run
user-supplied scripts by default. If for whatever policy reason this
flag is set to false, then only Lua dissectors from the global system
directory are executed. It is their responsibility not to provide a free
root shell to the user.
Note that "running_superuser" will also be true if setuid root while the
effective and real user is no longer root. This happens due to
relinquish_special_privs_perm(). In this case, disabling the Lua API is
just annoying with no benefits.
Change-Id: Ie8a38e6160d861f02cbb70dcd1d90462153f4665
Link: https://www.wireshark.org/lists/wireshark-dev/201902/msg00004.html
Reviewed-on: https://code.wireshark.org/review/31913
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
dofile is currently disabled whenever Wireshark or tshark was started as
root, calling it will result in Lua errors on startup.
Even if dofile were not disabled, the Lua Evaluate menu option enables
arbitrary Lua code execution. The other options (Console, help links)
are not that important either, so just disable it when run as root.
Change-Id: I0785fe9b3d4678d71ae1e0178811dada471c3525
Link: https://www.wireshark.org/lists/wireshark-dev/201902/msg00004.html
Reviewed-on: https://code.wireshark.org/review/31912
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
1. Add support for 64-bit Actual Position
2. Add Time Data Set attribute
3. Add warning when format revision in data packet does not match the
connection point from the original forward open.
4. Sync Status enum updates
5. Minor comment cleanup
Change-Id: I100a6f1576e80d706a028e2f742fdaa3f49fd2b6
Reviewed-on: https://code.wireshark.org/review/31922
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pass "--pdb" to windeployqt 5.6 and later.
Add a note about installing the "Qt Debug Information Files" component
to the Developer's Guide.
Change-Id: I81329bc9f9131050b1076fe275445b6325c24794
Reviewed-on: https://code.wireshark.org/review/31921
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Recent versions of Kerberos are much easier to compile on Windows. Switch
to version 1.17, compiled with Visual Studio 2017 and linked with the
Universal CRT.
Change-Id: I393d51666cd13255ee1419f2164d7fa59fe1c5cb
Reviewed-on: https://code.wireshark.org/review/31919
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
