Broken since 4ac2441d7c ("Coalesce "-G
fields2" and "-G fields3" into "-G fields").
This patch fixes Python3 compatibility, fixes handling of the changed
output and option and prints the faulting line on assertion error. It
also updates two dissectors which had tabs in their description,
breaking the output.
Tested with Python 2.5.6, 2.6.6, 2.7.9, 3.2.6, 3.4.3.
Change-Id: Ifcd0d0eb092b357eca357cd53f2e1348ebf8885c
Reviewed-on: https://code.wireshark.org/review/7791
Reviewed-by: Gilbert Ramirez <gram@alumni.rice.edu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
data: the invalid frame number will crash Wireshark.
Bug: 10885
Change-Id: I3ae278b77a9449136fbaaac52f2bbaa8a510bf76
Reviewed-on: https://code.wireshark.org/review/7651
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Most of our sites are now HTTPS-only. Update URLs accordingly. Update
other URLs while we're at it. Remove or comment out dead links.
Change-Id: I7c4f323e6585d22760bb90bf28fc0faa6b893a33
Reviewed-on: https://code.wireshark.org/review/7621
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Remove a dead increment while we are at it
Change-Id: I4a453bbd959e71ff6e85be06d079176abdc33a95
Reviewed-on: https://code.wireshark.org/review/7622
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
We need to use rrc, as the checksum is likely to be
rotated before the plaintext payload.
For now we only handle the two common cases
rrc == 0 and rrc == ec...
Ping-Bug: 9398
Change-Id: I548f2f0650716294b6aeb361021be6e44ae8f1b3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/7271
Reviewed-by: Michael Mann <mmann78@netscape.net>
Ping-Bug: 9398
Change-Id: I163d3dc99562b3388470c58d05e2d4d2e2f6d00c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/7477
Reviewed-by: Michael Mann <mmann78@netscape.net>
That eliminates a redundant and confusing data type, and avoids issues
with one piece of code using e_uuid_t but wanting to use routines
expecting an e_guid_t.
Change-Id: I95e172d46d342ab40f6254300ecbd2a0530cde60
Reviewed-on: https://code.wireshark.org/review/7506
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Just reduces the overall tvb_get_ptr usage count in the dissector directory.
Change-Id: I455dc4cc9b082ecccdd254a2e5121f3353b5a812
Reviewed-on: https://code.wireshark.org/review/7491
Reviewed-by: Anders Broman <a.broman58@gmail.com>
My understanding of RFC 3015 is that the encoding of this field was not different in version 1 compared to newer releases
Bug: 10879
Change-Id: Iaa81679388860c0df4adc673ca6e56aff6f4591c
Reviewed-on: https://code.wireshark.org/review/7195
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
I guess the signature mismatch must just be a warning with Clang; it's
not with MSVC.
Change-Id: Ic1f4cb88471f7e13019e891f111978310dfada73
Reviewed-on: https://code.wireshark.org/review/7225
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have them return TRUE on success and FALSE on failure. Check the return
value rather than whether the error string pointer is null or not.
Change-Id: I800a03bcd70a6bbb7b217cf7c4800e9cdcf2189c
Reviewed-on: https://code.wireshark.org/review/7222
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a CF_FUNC macro to match VALS, TFS, etc. This should help us to avoid
the following warning:
warning: ISO C forbids initialization between function pointer and 'void *' [-Wpedantic]
We could start adding DIAG_OFF+DIAG_ON everywhere but this seems to be
more consistent with the other macros in proto.h. Update each instance
of BASE_CUSTOM to use CF_FUNC.
Adjust a dummy variable name generated by asn2wrs.py that was triggering
an invalid error in checkhf.pl.
Fix an encoding arguement in packet-elasticsearch.c found by
fix-encoding-args.pl.
Change-Id: Id0e75076c2d71736639d486f47b87bab84e07d22
Reviewed-on: https://code.wireshark.org/review/7150
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Fixes an ASAN failure reported by Alexis
Note that some global variables remain as I do not know enough on this protocol to safely remove them
Change-Id: If392a8f09ef2fc2f2d46871a71149e29fe5e292c
Reviewed-on: https://code.wireshark.org/review/7099
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
1988 called, they want their lack of a C standard back. We don't need
to check whether we have stdarg.h, stddef.h, stdlib.h, or string.h, as
they're specified by C89 and I don't think there are any platforms we
care about that don't have a C89 environment in which we could be built.
Change-Id: I447551181284fab7722354b62774625ed8ee94bc
Reviewed-on: https://code.wireshark.org/review/7110
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: If7a6f2697be732ae4f94ed8b845fd293c32510f7
Also: tabs-stops should be 8
Reviewed-on: https://code.wireshark.org/review/7100
Reviewed-by: Bill Meier <wmeier@newsguy.com>
RFC 2830 describes the Start TLS operation as follows:
1. ExtendedRequest is sent by client with the requestName OID set to
"1.3.6.1.4.1.1466.20037".
2. Server responds with an ExtendedResponse having a resultCode and
optionally a responseName (OID).
The text mentions that the field *must* be set but the definition allows
it to be optional. The previous code then made assumption that once (1)
was seen, then any ExtendedResponse signals an acknowledgement.
That is not entirely correct, a server could reject the request. This
patch corrects that by checking the ExtendedResponse_resultCode for
success, and then uses the new ssl_starttls_ack() helper to kick off
SSL. This simplifies the code a bit.
Tested against ldap-ssl.pcapng (which has no responseName) from
http://wiki.wireshark.org/SampleCaptures#SSL_with_decryption_keys
The result is the same as before, except that "Protocols in frame"
changed from "...:ldap:ssl:ldap" to "...:ssl:ldap".
Change-Id: Id7e40c5a50a217c4d3d46f08241d704f19d195dd
Reviewed-on: https://code.wireshark.org/review/6982
Reviewed-by: Michael Mann <mmann78@netscape.net>
Now address types are setup just like field types and must be registered with a structure that provides its string representation (and more things in the future). Address types that are limited to a single dissector are registered by the dissector. More "common" ones are globally registered. There are still a few that really belong in a dissector, but have other dependencies currently not accounted for in the address type support.
Many of the "address to string" conversions that involved g_sprintf have be changed to use more "performance friendly" methods (some at the cost of needing to_str-int.h)
Leaving all comments regarding this "solution" in address_to_str.c in until all have been implemented
Change-Id: I494f413e016b22859c44675def11135f228796e0
Reviewed-on: https://code.wireshark.org/review/7019
Reviewed-by: Michael Mann <mmann78@netscape.net>
They've been deprecated for a very long time. Replace them with
getaddrinfo. Note that we might not want to do synchronous name
resolution at all.
Add HAVE_GETADDRINFO to the KfW win-mac.h collision list.
Change-Id: If59ce8a038776eadd6cd1794ed0e2dad8bf8a22c
Reviewed-on: https://code.wireshark.org/review/6958
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Resolve mixed space/tab issue in the RTSE and BER dissectors and included modelines in both templates.
Change-Id: I4b75bad94ed111d0faee205e026b2322b7dafbd1
Reviewed-on: https://code.wireshark.org/review/6932
Reviewed-by: Michael Mann <mmann78@netscape.net>
Handling bands > 64 would require to store the mapping in file scope and current code is broken for the Carrier Aggregation band combination list
Change-Id: I9f10022a50520ca9bc16a33f2c16361729f1b01b
Reviewed-on: https://code.wireshark.org/review/6917
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
col..._() and/or expert...() should not be called under 'if(tree)'
Change-Id: I57efe44794977d3f93e4764642b091044a125c0c
Reviewed-on: https://code.wireshark.org/review/6826
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
Change-Id: I19b2a1b19e1e77a6456e2310daf64ddff572b0d2
Reviewed-on: https://code.wireshark.org/review/6788
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
TCAP permits the changing of the originating address on the first
backwards continue (i.e. the establishment of the dialogue).
See ITU-T Q.771 (06/97) clause 3.1.2.2.2.2 Confirmation of the dialogue.
In practice, a BEGIN replied to with an END can also exhibit this behaviour.
For example, a BEGIN from GT A TID TA -> GT B,
and the reply CONTINUE from GT B2 TID TB -> GT A TID TA.
To support this, only support a single address hash in
tcaphash_begin_info_key_t and tcaphash_end_info_key_t.
The match of the first CONTINUE should find the appropriate
tcaphash_begin and create the appropriate tcaphash_end entries.
Also fix compile warning with DEBUG_TCAPSRT.
Bug: 10841
Change-Id: Ibe75e3940e757727357b20be10f9c195c5888fdd
Reviewed-on: https://code.wireshark.org/review/6446
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
There are a few oid functions that are only called in oids_test.c. I'll presume the APIs are used in proprietary dissectors rather than just remove them.
Change-Id: I4595e00f93bf9ab8cf2493fe0432b91960f55a3f
Reviewed-on: https://code.wireshark.org/review/6592
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It does not work with defines, but is already a great step forward
Change-Id: I346d4124690ec46a2299d4eae8031bbb19a3db8e
Reviewed-on: https://code.wireshark.org/review/6617
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Bug: 10862
Change-Id: Ie315298dd090b3b689f6a9bfff6f6f5bf7cc715a
Reviewed-on: https://code.wireshark.org/review/6594
Reviewed-by: Michael Mann <mmann78@netscape.net>
Copy addresses with wmem-scope instead of (forced) seasonal scope. All existing instances were converted to wmem_file_scope, but the flexibility is there for other scopes.
Change-Id: I8e58837b9ef574ec7dd87e278470d7063ae8c1c2
Reviewed-on: https://code.wireshark.org/review/6564
Reviewed-by: Michael Mann <mmann78@netscape.net>
This includes circuits, conversations and streams as well as camel and h225 dissectors.
Change-Id: Ia5ee70a5e5c6bcb420f0f19df126595246a3c042
Reviewed-on: https://code.wireshark.org/review/6566
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ANSI MAP is currently the only user of ANSI TCAP.
Bug: 6112
Change-Id: I49f89c862ddc8351091a9a939415e4ba6e7603f5
Reviewed-on: https://code.wireshark.org/review/6546
Reviewed-by: Anders Broman <a.broman58@gmail.com>
argument. While at it remove deprecated APIs
Change-Id: Ib1a7e9d7aeba6379fb4492816a0ac602e67493c6
Reviewed-on: https://code.wireshark.org/review/6534
Reviewed-by: Anders Broman <a.broman58@gmail.com>
UAT error strings are usually allocated by g_strdup() or
g_strdup_printf(), and must ultimately be freed by the caller.
Make the pointer-to-error-string-pointer arguments to various functions
be "char **", not "const char **".
Fix cases that finds where a raw string was being used, as that won't
work if you try to free it; g_strdup() it instead.
Add a missing free of an error string.
Remove some no-longer-necessary casts.
Remove some unnecessary g_strdup()s (the string being handed to it was
already g_malloc()ated).
Change some variable declarations to match.
Put in XXX comments for some cases where the error string is just freed,
without being shown to the user.
Change-Id: I40297746a2ef729c56763baeddbb0842386fa0d0
Reviewed-on: https://code.wireshark.org/review/6525
Reviewed-by: Guy Harris <guy@alum.mit.edu>
These were removed when the kerberos dissector was switched to being a pure ASN.1 dissector (see dea68bf00f).
Change-Id: I04177046250d039a750f4e4e4dd956d8beab23bc
Reviewed-on: https://code.wireshark.org/review/6476
Reviewed-by: Michael Mann <mmann78@netscape.net>
These cases were pretty easy to identify. Also replaced some comments that referenced ep_alloced memory, when it's now in fact wmem_alloced.
Change-Id: I07d2f390a9c0b34aa2956880476755d1acf5db0a
Reviewed-on: https://code.wireshark.org/review/6392
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I79c613cbdd8dc939dd4c29ebc477fb6eefd5bfc4
Reviewed-on: https://code.wireshark.org/review/6371
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
None of HAVE_KERBEROS, HAVE_MIT_KERBEROS or HAVE_HEIMDAL_KERBEROS or
HAVE_LIBNETTLE defined when it's compiled. So how is HAVE_KERBEROS
getting defined when wireshark-qt.cpp is compiled?
Change-Id: If238ff54aa4f0cda662c7a52d76e33363a77240d
Reviewed-on: https://code.wireshark.org/review/6262
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Let's try to figure out why, on the 64-bit Windows build,
wireshark-qt.cpp is being compiled to call read_keytab_file() but
packet-kerberos.c is not being compiled to define it.
Change-Id: I782406e2189819d9400b84b6632fe0fb62c5996d
Reviewed-on: https://code.wireshark.org/review/6261
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I045368a0a91586231fc4b1e2700c2275088b76af
Reviewed-on: https://code.wireshark.org/review/6244
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We don't declare it, so all the DLL export stuff won't work, and we
shouldn't need it, as we shouldn't be calling it if we don't have
Kerberos (we shouldn't support the -K option if we don't have Kerberos,
for example).
Change-Id: I7e7b12aa93c4f31953300ef513fc09a1f55f8aef
Reviewed-on: https://code.wireshark.org/review/6255
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't throw its declaration in file.h, as it's not defined in file.c.
Instead, include it in epan/dissectors/packet-kerberos.h and include
that wherever read_keytab_file() is called.
Yes, that means you also have to include <epan/asn1.h> and, therefore,
you have to include <epan/packet.h>. Yes, that should be cleaned up,
perhaps by splitting the Kerberos support code into "stuff that handles
encryption keys without any reference to dissection" and "stuff that
does dissection-related work".
Change-Id: Ide5c31e6d85e6011d57202f728dbc656e36138ef
Reviewed-on: https://code.wireshark.org/review/6210
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Wrap its declarations in the usual "extern "C"" stuff.
Change-Id: I353ab334bc08a69fdacaaab5672edf758b14766a
Reviewed-on: https://code.wireshark.org/review/6201
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I86e6c9103990bedf93c323e1360394a7c0a39db4
Reviewed-on: https://code.wireshark.org/review/6173
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ib93cac8a4b186114f50ef4a26bdace2d72219644
Reviewed-on: https://code.wireshark.org/review/6022
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
warnings on NetBSD.
Change-Id: Id1ab5020fa53656065b0b2438071342eae4f7adb
Reviewed-on: https://code.wireshark.org/review/5987
Petri-Dish: Stephen Fisher <sfisher@sdf.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stephen Fisher <sfisher@sdf.org>
This allows dissector lists to be looked up by name, so they can be
shared by multiple dissectors.
(This means that there's no "udplite" heuristic dissector list, but
there shouldn't be one - protocols can run atop UDP or UDPLite equally
well, and they share a port namespace and uint dissector table, so they
should share a heuristic dissector table as well.)
Change-Id: Ifb2d2c294938c06d348a159adea7a57db8d770a7
Reviewed-on: https://code.wireshark.org/review/5936
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That appears to be a name supplied both by MIT and Heimdal Kerberos.
Using it makes it a bit clearer what the code is doing, and might avoid
type clash warnings if it's the right type (e.g., if it's a member of an
enum, as it is in Heimdal, and the corresponding argument to
krb5_crypto_init() is of the same type, the types will match).
Change-Id: I81b79223f789b8d1ec47180b7636ac1d83e03681
Reviewed-on: https://code.wireshark.org/review/5898
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I7db4e67ffe99a9f3b41d0b507d9837e0237d4547
Reviewed-on: https://code.wireshark.org/review/5558
Reviewed-by: Michael Mann <mmann78@netscape.net>
Part 3 of many, but this concludes the strict conversion to proto_tree_add_bitmask. Patches to follow with use proto_tree_add_bitmask_xxx (some functions still need to be written)
Change-Id: Ic2435667c6a7f1d40602124e5044954d2a296180
Reviewed-on: https://code.wireshark.org/review/5553
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
sccp_msg_info_t* is now passed from SCCP dissector to its subdissectors through dissector data parameter.
Change-Id: Iab4aae58f8995e844f72e02e9f2de36e83589fc0
Reviewed-on: https://code.wireshark.org/review/5442
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ibb47fd1a0d498cc9791ca31ee625395905a7e999
Reviewed-on: https://code.wireshark.org/review/5464
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also fix some indent issue
Change-Id: I262bdddd031fec6a0f91b7172bb2d67be3c33000
Reviewed-on: https://code.wireshark.org/review/5370
Reviewed-by: Michael Mann <mmann78@netscape.net>
All situations can be handled with "shimmed" dissector functions.
Change-Id: Ic85483b32d99d3270b193c9f6b29574d8fad46a8
Reviewed-on: https://code.wireshark.org/review/5327
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
s1ap.cnf:547:14: error: variable 'subtree' set but not used
Change-Id: I84a345709b1ef9688f3f1a4e876a75dd575c1c2e
Reviewed-on: https://code.wireshark.org/review/5299
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This improvement avoids use of deallocated memory (crash) if using a
deregistered field in display filter, color filter, custom column and
other cases when the field is used as "interesting field".
This functionality is currently used in http, imf and ldap preferences.
Also removed unused proto_registrar_n() as this does not work correctly
after deregistering fields.
Change-Id: I043e3bf7a98bd773c9801e712a012d1eab8a7f94
Reviewed-on: https://code.wireshark.org/review/5161
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Stig Bjørlykke <stig@bjorlykke.org>
Remove deprecated APIs while at it.
Change-Id: I002ed4a696782caaeeb70a3e4ced4ae81f3d5372
Reviewed-on: https://code.wireshark.org/review/4983
Reviewed-by: Anders Broman <a.broman58@gmail.com>
message type an IE was sent in. Needed to dissect proprietarry data.
Change-Id: Ie75a2f6a544cb33e22c42457b0edd83e6456bfe5
Reviewed-on: https://code.wireshark.org/review/4910
Reviewed-by: Anders Broman <a.broman58@gmail.com>
for the private OID.
Change-Id: Ibb86d8523f1aee14ba1a843ec3ad4becc7729013
Reviewed-on: https://code.wireshark.org/review/4893
Reviewed-by: Anders Broman <a.broman58@gmail.com>
I'm not sure why the check is only for alphabetical characters; if
that's correct, change this to use g_ascii_isalpha, and change
is_printable_ascii to is_ascii_alpha or something such as that.
Don't use ctype.h routines, as they are locale-dependent.
Change-Id: I61d0672350d35ad918e95d7e96ed5dd263102da9
Reviewed-on: https://code.wireshark.org/review/4805
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I57a01eacaa02e45c23bb4827ae982c897fb308ee
Reviewed-on: https://code.wireshark.org/review/4592
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 10547
Change-Id: I4708fd9977e635c66ef1350ce5098520e4c2ce1e
Reviewed-on: https://code.wireshark.org/review/4579
Reviewed-by: Michael Mann <mmann78@netscape.net>
the mpeg-pes dissector replaced source or destination address with
decoding timestamp, presentation timestamp or pack data rate
these values don't belong into address columns and erase the IP
addresses when mpeg-pes is transmitted over IP
the timestamps etc can be displayed in a user-defined column if required
this patch is part of
Bug: 10505
Change-Id: I1bf561648f848eb18818862edd138724abfc8e88
Reviewed-on: https://code.wireshark.org/review/4472
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
- Create/use extended value-strings;
- Move proto-register...() to (near) the end of the file;
- Add editor modelines and adjust whitespace as needed.
Change-Id: I7ebe6dfd62b3fb190aa1cefc9b35d40f156f11ea
Reviewed-on: https://code.wireshark.org/review/4390
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Change-Id: I138859ce735a9ff6541d6852dec29a13c1034c36
Reviewed-on: https://code.wireshark.org/review/4114
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
If the user turns on the "show internal BER encapsulation tokens"
preference, show them the tokens inside SNMP variable bindings.
Change-Id: Ief9040f422cb214bbff8e4cfd45a2e05c7106480
Reviewed-on: https://code.wireshark.org/review/4105
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The captured length reflects the way the capture was done; it should not
affect actual lengths used in the dissection.
Don't fetch the version until we need it; that lets us dissect more of
the packet if the previous change caused us to throw an exception trying
to fetch the version from the correct location rather than not throwing
an exception by fetching it from an incorrect location that happens to
be within the captured data.
Change-Id: I9f63afd4ef51f46c19b3afd2a651a5bb768fecaf
Reviewed-on: https://code.wireshark.org/review/4101
Reviewed-by: Guy Harris <guy@alum.mit.edu>
So wrap the entire function in USES_APPLE_DEPRECATED_API/USES_APPLE_RST.
Change-Id: I6ae3e8ecc40bc407e6f7156ccc5d9dd8c51d650d
Reviewed-on: https://code.wireshark.org/review/3885
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Only turn them off in the vicinity of those nasty cross-platform APIs.
(This also checks in the generated Kerberos dissector, which we forgot
to do in the last checkin.)
Change-Id: I5dc9162ff64afe764e37866706590ed2ed965acb
Reviewed-on: https://code.wireshark.org/review/3882
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Apple would really rather that you use their Shiny Happy Frameworks
rather than those crufty old cross-platform APIs. We are a
cross-platform program, and will use platform-specific APIs only if
there's enough benefit to doing so - and, in this case, that means
"using the platform-specific APIs on OS X and the other APIs on other
platforms", so that's two code paths to maintain, so "enough benefit"
has to outweigh the issues with that.
Change-Id: I370ba469a6f5892143d72179d15c9fe22d664fdf
Reviewed-on: https://code.wireshark.org/review/3881
Reviewed-by: Guy Harris <guy@alum.mit.edu>
in the Diameter dissector.
This new API adds a filter for the MSISDN as well as a subtree and filter for
the Country Code.
Change-Id: Ibcbf4b5f72178b7e4af63efa7496188d608a9de7
Reviewed-on: https://code.wireshark.org/review/3760
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Change-Id: I7965332ee474d10c90dfb2ef63a66f610cd6fc71
Reviewed-on: https://code.wireshark.org/review/3655
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also put back initial text indentation
Change-Id: I6fe207086018a806a258b1de2888ac0b9310aac6
Reviewed-on: https://code.wireshark.org/review/3524
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
This mostly involved adding expert info capabilities to many of the dissectors so that they could correctly flag error conditions.
Only remaining proto_tree_add_text calls are in H248.cnf, which has a convoluted way of using hf_ data to make its tree.
Change-Id: I6412150c2ec1977d7fa38f3f0ed416680bdfb141
Reviewed-on: https://code.wireshark.org/review/3500
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If it's checked into asn1 or a subdirectory thereof, put it into the
distribution. (If it's not useful, why is it in Git?)
Change-Id: I4dac8a0d19a770db1513729cf71069a37f1d83fc
Reviewed-on: https://code.wireshark.org/review/3276
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Include CMakeLists.txt files and the gnm subdirectory, along with the
top-level Makefile.inc and Makefile.preinc files. Don't explicitly
include Custom.make, as automake does that automatically given that it's
included by asn1/Makefile.am.
Add some files to EXTRA_DIST lists.
Move some .asn files to EXTRA_DIST; they don't need to be in SRC_FILES,
as SRC_FILES always includes EXTRA_DIST, and they *do* need to be in
EXTRA_DIST so that they're in the distribution.
Change-Id: Id91df577260fa57028d40fe098be1d79c59398e6
Reviewed-on: https://code.wireshark.org/review/3273
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Without it, dual-band DF-3C feature does not work
Change-Id: I95d4a7320b77c6093f5d51efdbb2b21af0deab11
Reviewed-on: https://code.wireshark.org/review/2942
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The WRETH dissector showed up some garbage in the column display. Upon
further inspection, it turns out that the format string had a trailing
percent sign which caused (unsigned)-1 to be returned by
g_printf_string_upper_bound (in emem_strdup_vprintf). Then ep_alloc is
called with (unsigned)-1 + 1 = 0 memory, no wonder that garbage shows
up. ASAN could not even catch this error because EP is in charge of
this.
So, start adding G_GNUC_PRINTF annotations in each header that uses
the "fmt" or "format" paramters (grepped + awk). This revealed some
other errors. The NCP2222 dissector was missing a format string (not
a security vuln though).
Many dissectors used val_to_str with a constant (but empty) string,
these have been replaced by val_to_str_const. ASN.1 dissectors
were regenerated for this.
Minor: the mate plugin used "%X" instead of "%p" for a pointer type.
The ncp2222 dissector and wimax plugin gained modelines.
Change-Id: I7f3f6a3136116f9b251719830a39a7b21646f622
Reviewed-on: https://code.wireshark.org/review/2881
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: I753ca95e2e1b38bad2c09955317e648c525e40ef
Reviewed-on: https://code.wireshark.org/review/2509
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Hopefully that name makes it clear what the routiner's purpose is, and
will encourage people to use it rather than using dissector_add_uint()
with a bogus integer value.
Change-Id: Ic5be456d0ad40b176aab01712ab7b13aed5de2a8
Reviewed-on: https://code.wireshark.org/review/2483
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ib3a1ddc4342a7a8648d6ed8bfcb35aa229c56a27
Reviewed-on: https://code.wireshark.org/review/2445
Reviewed-by: Michael Mann <mmann78@netscape.net>
As far as I can tell these calls were just missed in the first initial pass,
they're not in a weird scope.
Close review from somebody else please to verify that!
Change-Id: Ic3188879124dcb8fdf42e79d200d4f244200aa7b
Reviewed-on: https://code.wireshark.org/review/2266
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I24fe3cc4a3589dadc4528a77fe7ff13d06b1a983
Reviewed-on: https://code.wireshark.org/review/2245
Reviewed-by: Michael Mann <mmann78@netscape.net>
tvb_new_subset -> tvb_new_subset_remaining it appears that's what the intention is.
Change-Id: I2334bbf3f10475b3c22391392fc8b6864454de2d
Reviewed-on: https://code.wireshark.org/review/1999
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
in that we now properly indicate the checksum and provide the wrapped token to
the LDAP dissector to dissect.
There is still a problem in that the wrong parts of the SASL packet can be
indicated when users click on some parts.
I am committing it for review and because it is much better than the current
code.
Bug:9398
Change-Id: I552fc249db26835b79abfc8793438a95f221663a
Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-on: https://code.wireshark.org/review/1905
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
as remove redundant stuff from the spnego.cnf file.
Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com>
Change-Id: I90a962a39dc4da0f13055c9b3893c26044f1fc97
Reviewed-on: https://code.wireshark.org/review/1809
Reviewed-by: Tomáš Kukosa <tomas.kukosa@unify.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>