Gerald Combs
b05a149acd
[Automatic update for 2022-03-27]
...
Update manuf, services enterprise numbers, translations, and other items.
2022-03-27 16:53:18 +00:00
Gerald Combs
4597cf3b08
AC DR: Fix a couple of shadow variable warnings.
2022-03-27 16:19:10 +00:00
Gerald Combs
e9a7f8c9e0
Qt: Fix some QCustomPlot Qt 6 warnings.
2022-03-27 14:35:55 +00:00
Gerald Combs
629fc46ea1
GitLab CI: Add a Windows Qt5 MR job.
...
Add a "Windows Qt5 Build" job that builds the qtui target with Qt 5.
2022-03-27 14:19:53 +00:00
Richard Sharpe
f0e4a9960c
ieee80211: Handle the case where a Vendor Specific response is not DPP!
2022-03-27 07:22:52 +00:00
Nardi Ivan
4bed80187e
QUIC: update the name of a field used in version negotiation (draft-06)
2022-03-26 21:53:58 +00:00
Jaap Keuter
118e45d853
netflow: handle zero length varlen fields
...
Closes #18010
2022-03-26 19:45:54 +00:00
Richard Sharpe
7680335a5b
ieee80211: Handle fragmented DPP Configuration in GAS Comebacks.
...
These were not being handled properly.
2022-03-26 11:42:01 -07:00
João Valverde
80eff54e83
Plugins.example: Fix typo and more rewording
2022-03-26 00:57:42 +00:00
João Valverde
18a2a6827f
wslog: Refactor ws_log_set_fatal() for consistency
2022-03-26 00:15:50 +00:00
John Thacker
d7f3612613
proto: Fix comment on NTP Era 1 Epoch
...
NTP Era 1 begins on 7 February 2036, 06:28:16 UTC, exactly when
the 64 bit fixed point timestamp rolls over. See RFC 4330/5905 (and
the correct comments later in get_time_value). Fix the comment where
the constant is defined (the value is already correct, however.)
2022-03-25 17:16:54 -04:00
Gerald Combs
1d65574fc8
GitLab CI: Switch the 64-bit Windows builds to Qt 6.
2022-03-25 13:50:18 -07:00
Gerald Combs
067b3805b7
Qt: Add float suffixes.
...
Fix
ui\qt\packet_list.cpp(2101,33): warning C4305: 'argument': truncation from 'double' to 'float' [c:\Users\gerald\Development\wireshark\build\ui\qt\qtui.vcxproj]
ui\qt\packet_list.cpp(2101,33): warning C4305: tick_color.setAlphaF(0.3); [c:\Users\gerald\Development\wireshark\build\ui\qt\qtui.vcxproj]
ui\qt\packet_list.cpp(2101,33): warning C4305: ^ [c:\Users\gerald\Development\wireshark\build\ui\qt\qtui.vcxproj]
2022-03-25 13:36:07 -07:00
Gerald Combs
bcd3d05a3e
Qt: Fix more Qt6-related warnings.
2022-03-25 12:48:01 -07:00
João Valverde
a3b76138f0
dfilter: Fix memory leak
...
Filter: tcp.srcport == udp.port
Instructions:
00000 READ_TREE tcp.srcport -> reg#0
00001 IF_FALSE_GOTO 5
00002 READ_TREE udp.port -> reg#1
00003 IF_FALSE_GOTO 5
00004 ANY_EQ reg#0 == reg#1
00005 RETURN
=================================================================
==180444==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 34 byte(s) in 1 object(s) allocated from:
#0 0x55f21e4a9ff9 (/home/jpv/projects/wireshark/wireshark/build-asan/run/dftest+0xcdff9)
#1 0x7f95ea661338 (/usr/lib/libc.so.6+0x82338)
SUMMARY: AddressSanitizer: 34 byte(s) leaked in 1 allocation(s).
Fixes a68b408a9f
.
2022-03-25 18:38:11 +00:00
Roland Knall
f0e4cedd69
Qt: Fix most of Qt6 compile warnings and issues
2022-03-25 11:16:18 -07:00
Gerald Combs
f8d3ebe0e2
Qt: Handle qsizetype.
...
Qt 5.10 added qsizetype, aka an ssize_t and Qt 6 makes extensive use of
it. Add a compatibility typedef and use it where we can. Cast it away
where we can't.
2022-03-25 16:51:55 +00:00
easonweii
bdccea7692
CMakeLists: Fix the error reported when Wireshark code is recompiled
...
The reference variable is incorrect. As a result, the file in this directory(/resources/protocols/protobuf/sparkplug_b.proto) are deleted during recompilation. so compilation errors occur.
Related to #18013
2022-03-25 16:25:08 +00:00
Nan Xiao
47f72e2366
EVS: Support decoding Primary 64.0 kbps packets
2022-03-25 15:15:42 +00:00
Chuck Craft
14bf5bbdf1
wslua: Lua Console - add Clear button; restore print()
2022-03-25 09:47:05 +00:00
Sake Blok
2d8607e7e0
epan: fix a segfault, introduced in !6329
2022-03-25 09:46:47 +00:00
João Valverde
3ac17381a6
ftypes: Fix IPv6 bitwise_and buffer overrun
...
*** CID 1503219: Memory - illegal accesses (OVERRUN)
/builds/wireshark/wireshark/epan/ftypes/ftype-ipv6.c: 142 in bitwise_and()
136
137 prefix = MIN(a->prefix, b->prefix); /* MIN() like in IPv4 */
138 prefix = MIN(prefix, 128); /* sanitize, max prefix is 128 */
139
140 dst->value.ipv6 = fv_a->value.ipv6;
141 while (prefix >= 8) {
>>> CID 1503219: Memory - illegal accesses (OVERRUN)
>>> Overrunning array "bitmasks" of 9 bytes at byte offset 127 using index "prefix" (which evaluates to 127).
142 dst->value.ipv6.addr.bytes[pos] &= b->addr.bytes[pos] & bitmasks[prefix];
143
144 prefix -= 8;
145 pos++;
146 }
147
2022-03-25 09:13:47 +00:00
Vadim Yanitskiy
4ed32de2ee
E212: update and add new MCC/MNC entries for Kazakhstan
...
References (mostly in Russian):
* https://ru.wikipedia.org/wiki/MNC
* https://htmlweb.ru/geo/oper.php?country=KZ
* http://www.mcc-mnc.com/
2022-03-24 20:42:38 +00:00
Vahap Emin Agaogullari
7f2e996193
PROFINET: TimeAware Dissection and RSI FREQ block fix
...
TimeAware bit dissected for ARProperties
and cyclic frames updated accordingly.
Also small length problem fixed in RSI FREQ block dissection.
2022-03-24 18:06:06 +00:00
Gerald Combs
2724806e50
Docbook: Update the code signing parts of the User's Guide.
...
We recently updated our Windows certificate. Update the User's Guide to
match.
2022-03-23 18:49:37 -07:00
Ryan Doyle
78656fe00f
Redis RESP: REdis Serialization Protocol v2 dissector
...
This adds support for RESP v2.
2022-03-23 13:30:10 +00:00
Nan Xiao
33e97e6130
EVS: Support decoding Primary 32.0 kbps packets
2022-03-23 12:46:44 +00:00
João Valverde
2fc8c0e36b
dfilter: Handle a bitwise expr on the RHS
2022-03-23 11:04:41 +00:00
João Valverde
0335ebdc3a
dfilter: ftype_is_true -> ftype_is_zero
2022-03-23 11:04:41 +00:00
Gerald Combs
de0db2ad0a
Qt: QVariant::type() is deprecated in Qt6.
...
Fix
ui/qt/rtp_stream_dialog.cpp:708:26: error: 'type' is deprecated: Use typeId() or metaType(). [-Werror,-Wdeprecated-declarations]
} else if (v.type() == QVariant::String) {
^
and similar errors. Although the warnings recommend typeId() or
metaType(), userType() exists in both Qt 5 and 6 so use it instead.
2022-03-23 09:30:49 +00:00
Gerald Combs
ea11891f21
Qt: QMouseEvent::globalPos() is deprecated in Qt6.
...
Fix
ui/qt/tcp_stream_dialog.cpp:1669:31: error: 'globalPos' is deprecated: Use globalPosition() [-Werror,-Wdeprecated-declarations]
ctx_menu_.exec(event->globalPos());
^
and similar warnings.
2022-03-23 09:16:00 +00:00
Chuck Craft
8c2fdcb80b
wsug: add Packet Diagram documentation
...
Release (uncomment) text added in 9b074122
Add popup menu text
Add screen shots and pngcrush per 9ed7568f
Update View menu screenshot to include Packet Diagram
2022-03-23 01:09:23 +00:00
Gerald Combs
829fb032e4
CMake: Add support for WIRESHARK_QT6_PREFIX_PATH.
...
If USE_qt6 is enabled, set CMAKE_PREFIX_PATH to WIRESHARK_QT6_PREFIX_PATH
if it's defined. This lets you more easily switch between Qt 5 and
6 builds. Note that we have experimental support for Qt 6 in the
Developer's Guide.
2022-03-22 22:01:33 +00:00
Gerald Combs
0a351fb6ba
Falco Bridge: Update the README.
...
Update the Licensing section of the README.
2022-03-22 17:51:32 +00:00
Gerald Combs
e06864e777
Falco Bridge: Miscellaneous fixes.
...
Fix some issues found by the pre-commit script. Add a missing Debian
symbol. Update the README.
2022-03-22 17:51:32 +00:00
Gerald Combs
34cb45c743
Falco Bridge: Remove some unused code.
2022-03-22 17:51:32 +00:00
Gerald Combs
110dbffbe9
Rename Sysdig Bridge to Falco Bridge.
...
The Sysdig Bridge plugin loads Falco plugins, so rename it to Falco
Bridge.
Make it optional and dependent on libsinsp+libscap, similar to our codec
plugins.
Remove some unused code.
2022-03-22 17:51:32 +00:00
Gerald Combs
be03aa1a4d
CMake+Sysdig Bridge: Add a FindSinsp module.
...
Add a FindSinsp CMake module, and use it in the Sysdig Bridge plugin
CMakeLists.txt. It still needs work, but should at least be usable on
more machines.
Conflicts:
plugins/epan/sysdig_bridge/CMakeLists.txt
2022-03-22 17:51:32 +00:00
Gerald Combs
90bd33e4e2
Sysdig Bridge: Make sure we fetch the correct field info.
...
Fetch the current field number's type and format instead of the first
field's.
2022-03-22 17:51:32 +00:00
Gerald Combs
3ae5ccbe52
Remove some debugging code.
2022-03-22 17:51:32 +00:00
Gerald Combs
b9946577d6
Sysdig Bridge: Remove old code.
...
Remove commented & ifdef0'd code that loaded plugins directly. Destroy
our libsinsp instance on exit.
2022-03-22 17:51:32 +00:00
Gerald Combs
349c067414
Sysdig Bridge: Handle info and conversation fields.
...
Fix our field length display as well.
2022-03-22 17:51:32 +00:00
Gerald Combs
bee0393a94
Sysdig Bridge: Switch to libsinsp/libscap.
...
Switch from loading the cloudtrail plugin directly to doing so
indirectly via libsinsp. This should let us start leveraging the rich
functionality offered by libsinsp.
2022-03-22 17:51:32 +00:00
Gerald Combs
9b106b500c
Sysdig Bridge: Update the Sysdig Plugin fields.
...
Update the Sysdig Plugin fields to match falcosecurity/libs scap.c.
2022-03-22 17:51:32 +00:00
Gerald Combs
72b1e028a8
Sysdig Event: Find the sdplugin dissector once.
...
We only need to search for dissectors at startup while registering
handoffs.
2022-03-22 17:51:32 +00:00
Gerald Combs
a075ce1be7
Sysdig bridge: Update a struct.
...
Update ss_plugin_extract_field to match
https://github.com/falcosecurity/plugin-sdk-go/blob/main/pkg/sdk/plugin_info.h
2022-03-22 17:51:32 +00:00
Gerald Combs
24aa07281a
Sysdig bridge: Fix a couple of offsets.
...
It looks like the source ID and event data are 4 bytes further into each
block. Quick fix pending more details about the block format.
2022-03-22 17:51:32 +00:00
Gerald Combs
9a889e9546
Sysdig bridge: Set our plugin API version to 0.2.0.
2022-03-22 17:51:32 +00:00
Gerald Combs
70aed62c86
Sysdig bridge: Fix compilation.
...
Fix
logshark/plugins/epan/sysdig_bridge/packet-sysdig-bridge.c:86:39: error: this old-style function definition is not preceded by a prototype [-Werror,-Wstrict-prototypes]
register_conversation_filters_mappings()
^
1 error generated.
2022-03-22 17:51:32 +00:00
Mark Stemm
58e3976910
Use the plugin name as the protocol short name
...
Prior versions had a dedicated plugin API function for this, but we
removed it from the plugin API, so just use the plugin name.
Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
2022-03-22 17:51:32 +00:00