The majority of the fixes are for calls to uat_new(). Instead of
having each caller cast its private data to (void**), we use void*
in the uat_new() API itself. Inside uat_new(), we cast the void*
to void**.
Some dissectors use val64_string arrays, so a VALS64() macro was
added for those, to avoid using VALS(), which is useful only for
value_string arrays.
packet-mq.c was changed because dissect_nt_sid() requires
a char**, not a guint**. All other callers of dissect_nt_sid() use
char*'s (and take the address of it) for their local storage. So,
this was changed to follow the other practices.
A confusion between gint and absolute_time_display_e in packet-time.c
was cleared up.
The ugliest fix is the addition of ip6_guint8_to_str(), for exactly
one caller. The caller uses one type of ip6 address byte array,
while ip6_to_str() expects another. This new function is in place
until the various address implementations can be consolidated.
Add VALS64() to the developer documentation.
Change-Id: If93ff5c6c8c7cc3c9510d7fb78fa9108e4552805
Reviewed-on: https://code.wireshark.org/review/48
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Changed “GUID” to “CID” (Connection Identifier), as the original term carried common meaning and baggage that was not intended
Change-Id: I04986331aee33be237dab6963c0ff39accf507cd
Reviewed-on: https://code.wireshark.org/review/81
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
When the GUID (CID or Connection Identifier in a more recent spec) field in Public Flags is 0, a zero-length item would be added.
This trivial patch prevents a dissector exception by checking the length first.
Change-Id: Idf6d970bc1b0b3f1a8e47618a8759f6a0cd54c65
Reviewed-on: https://code.wireshark.org/review/78
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
messages on the Data Display Channel (DDC)
this dissector is available as an option for I2C messages
it handles EDID messages (Extended Display Identification Data)
and passes HDCP messages on to the HDCP dissector
Change-Id: Ia8d8e73c36e2a1ad560b911dd4c1c9f34997b5c2
Reviewed-on: https://code.wireshark.org/review/63
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Try to dissect even it the size is not as expected.
Windows doesn't use alignment for smb-direct.
Change-Id: I66c465d331aaab5caf28385a6dd3a43b63af2208
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/56
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
Change-Id: Ie1b684327a77c265188d916c1242d335c55aa8cb
Reviewed-on: https://code.wireshark.org/review/65
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
add editor modelines
Change-Id: I5433e0d41a30043264a0f60c2166de471c80745c
Reviewed-on: https://code.wireshark.org/review/64
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
This is wrong it breaks all sort of things. The "Volume label field"
is a special case, which can be fixed by using nopad=TRUE.
Change-Id: I3cd3f30ff0076d5e31a735391b175fd68e5fa142
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/26
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
* Update to the last IANA icmpv6-parameters (2014-01-30)
* Update to final draft (for RFC 6743 and RFC 6775)
* Add RFC 7112 (Implications of Oversized IPv6 Header Chains) support (Add new Parameter Problem code)
* Fix a encoding arg
Change-Id: I90f65dfc54e5c0aff21a0e7ec2c937304aced02d
Reviewed-on: https://code.wireshark.org/review/62
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The OP asked 9169 to be reopened because the capture was spewing ~40GB of output
when dissected with tshark. Investigation showed this was because the HTTP
dissector was requesting ONE_MORE_PACKET reassembly a lot, and TCP was adding
each step as a data-source which was being printed by tshark's hex dump. This
was leading to O(n^2) of output.
To fix, introduce function remove_last_data_source which removes the most recent
data source from the list. If the subdissector in TCP reassembly asks for
ONE_MORE_PACKET, assume it hasn't added any tree items (since it shouldn't have)
and remove the data source since it is unnecessary.
This may break dissectors which add tree items and *then* return
ONE_MORE_PACKET, since they will have their data source removed out from under
them. I believe those cases should be fixed to not add tree items until they're
sure they have enough data.
Change-Id: Iff07f959b8b8bd1acda9bff03f7c8684901ba8aa
Reviewed-on: https://code.wireshark.org/review/38
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
- SNMT messages where presented in a way, where the value of the
field was not pointing to the correct bytes where it came from
- Sender / Receiver where renamed to be better understandable
- SN send to (Receiver) now comes first as it does in the byte
stream
Change-Id: I364cb248bed9489c0cf9c7bf9fbd37b0225dbd78
Load system init.lua from build-directory/epan/wslua
Set Lua datafile_path to source-directory/epan/wslua
Made dofile() search in source-directory/epan/wslua
Change-Id: I009234eb8193c1ed3260455b245c256c9747930f
Changeset 1d8a895fa4 introduced the use of UTF-8 righ arrow to indicate the direction in TCP dissector.
While it displays nicely in Wireshark GUI or in a text export of packets, an export to CSV results in an escaped string.
This patch is a naive attempt to display the right arrow in a more friendly way when exporting to CSV.
Any smarter fix is welcome.
Change-Id: Ife787268696fa69dafc24a5cf9706af4c4832831
This function can be used to check for files before calling dofile(),
which will fail for non-existing files.
Change-Id: Iae7b7ef6d8eb6e0e18f98fee7c740d2a5705eef3
(Found by checkhf).
Note: There's quite a large amount of hf[] entries which are
commented out. I wonder if there are "top-level" entries
missing from the "parse-tree" arrays ?
svn path=/trunk/; revision=54990
to add missing BASE_RANGE_STRING and to use RVALS instead of VALS.
Fixes crashes in 'tshark -G values' and presumably also fixes
crashes when used in a dissection.
Introduced in SVN #54449.
(I suspect that ' convert_proto_tree_add_text.pl' may need some work
to handle range_strings).
svn path=/trunk/; revision=54984
an hf[] entry but defined as a 'value_string' intead of
as a 'val64_string'.
Caused 'tshark -G values' to crash
(and presumably would also cause a crash when the value-string
is referenced in a dissection):
Introduced in svn #54728
(Note: There's still another 'tshark -G values' crash to to found & fixed)
svn path=/trunk/; revision=54983
Gilbert Ramirez