Pass the wmem_map of format parameters. Use this to decide whether
we have octet-aligned or bandwidth-efficient AMR, and decode
accordingly.
If we don't have a map of format parameters, because the conversation
wasn't set up by SDP but by Decode As, use the default preferences
from the dissector
Fix#17608
RTP static registered payload types fully describe the codec,
including clock rate and channels. For the payload formats that
use dynamic payload type number assignment, while some formats
have a fixed (or normal) clock rate and number of audio channels,
there are some codecs that can accept several possible values.
Change the codec plugin interface to accept these parameters,
and move the codec-specific state to a member of a new struct.
As an example, use this to implement the L16 media type for other
clock rates and number of audio channels, both the standard PT=10
stereo type as well as other clock rates negotiated via a dynamic
type. (See sip-rtp-l16.pcap on the SampleCaptures wiki page for
an example.)
Note that RTP Player doesn't support codecs returning output with
more than one channel currently, so downmix to mono.
The next step is adding the format parameters from fmtp to this.
(See #17608)
https://datatracker.ietf.org/doc/html/rfc7587#section-4.2
"Further, an arbitrary number of frames can be combined into a packet,
up to a maximum packet duration representing 120 ms of speech or audio
data. The grouping of one or more Opus frames into a single Opus packet
is defined in Section 3 of [RFC6716]."
Handle opus packets with more than one frame in the packet by asking
the Opus decoder for the number of samples in the packet.
The bcg729 library interface supports decoding SID frames, so do
so.
rtp_audio_stream would have to be reworked a bit to allow processing
of missing frames by a decoder (which bcg729 supports, but not all
decoders do) instead of generating our own silence, but this change
reduces the number of silence samples we generate.
Fix#14343
OpenCORE-AMR doesn't really support RTP payloads with multiple
frames (the F bit set), so this is a bit of a chore.
Test the payload to see if there are multiple frames contained in
it. If there are, then we have to copy things around so that
the corresponding TOC byte is adjacent to the speech bytes for
passing to the decoder. (Just wait until bandwidth-efficient mode.)
See the pcap attached to #9477 for an example with multiple AMR
speech frames in one RTP payload.
errno.h was removed from some common headers. A few files use
errno and need to include it. On at least some Linux distributions
(Rocky 8), it doesn't get pulled in by other headers.
Change hf_dcd_h_arq_ack_delay to hf_dcd_h_arq_ack_delay_dl and
hf_dcd_h_arq_ack_delay_ul to show the difference. Removed some
unused and duplicate hf entries to avoid duplicate warning from
the check tool.
Adds new CIMSNMPAdjust block to Read/Write IO request dissection according to 2.43 pnio version.
CIMSNMPAdjust block is made of BlockHeader, SNMPControl, SNMPReadOnlyCommunityName, SNMPReadWriteCommunityName, Padding.
SNMPReadOnlyCommunityName and SNMPReadWriteOnlyCommunityName is made of 1 byte of length and length bytes of community name.
Within `plugins/epan/`, change calls of `create_dissector_handle()` to
instead call `register_dissector()` with a name for the dissector.
This change allows affected dissectors to be findable by calls to
`find_dissector()`. In turn, this opens up more command-line use for
these protocols, including fuzzshark and rawshark, as well as lua use
via `Dissector.get()`.
Most changes are to sub-dissectors of the wimax plugin. For these I kept
the naming convention for dissector names used by e.g.
`wimax/msg_aas_beam.c` even though it's unwieldy.
Some of the plugins did use `register_dissector()` but with `-1` as the
protocol ID argument. I changed those to pass the actual protocol ID.
Partially addresses #5612
Exposing the fvalue_t implementation is exposing internal
details of the implementation. Fix that by making the fvalue_t
internal to the ftypes implementation and using setters/getters
where necessary.
As requested [here][1] by @eapache, help with removing calls to
`wmem_packet_scope()` in favour of references to `pinfo->pool`.
* Plugins chosen semi-randomly.
* When a calling function already has a `pinfo` argument, use that.
* Remove `_U_` from its signature if it was there.
* If a function seems narrowly focused on getting and (possibly)
returning memory, change the function signature to take a
`wmem_allocator_t *`.
* If it seems more focused on packet-based operations, pass in a
`packet_info *` instead and use `pinfo->pool` within.
* If there are several functions defined with the same call
signature, add `pinfo _U_` to the argument list of similar
functions in order to maintain clarity/symmetry.
[1]: https://www.wireshark.org/lists/wireshark-dev/202107/msg00052.html
It's not in the response message, it's taken from the request message,
so display it with a zero offset and length, so it doesn't match any
bytes in the packet.
It's a 32-bit field, so make it an FT_UINT32.
Add strings with proto_tree_add_item instead of tvb_memcpy,
appending a null, and a proto_tree_add_string so that the
strings are validated for encoding, trailing nulls, etc.
Fix#18847
When retrieving a string, don't just use tvb_memcpy, even if
expected to be ASCII (because it might have errors.)
This doesn't get truncated, even if all replacement characters,
because the eventual returned buffer is 200 octets long and the
max filename is 49.
Fix#18800
Falco plugins don't yet have a standard installation location, and even
when they do we might not want to install all of them. Remove plugin
detection from FindSinsp.cmake and note that you should just pass the
paths to your plugins in SINSP_PLUGINS.
Rename flex macros using parenthesis (mostly a style issue):
DIAG_OFF_FLEX -> DIAG_OFF_FLEX()
DIAG_ON_FLEX -> DIAG_ON_FLEX()
Use the same kind of construct with lemon generated code using
DIAG_OFF_LEMON() and DIAG_ON_LEMON(). Use %include and %code
directives to enforce the desired order with generated code
in the middle in between pragmas.
Fix a clang-specific pragma to use DIAG_OFF_CLANG().
DIAG_OFF(unreachable-code) -> DIAG_OFF_CLANG(unreachable-code).
Apparently GCC is ignoring the -Wunreachable flag, that's why
it did not trigger an unknown pragma warning. From [1}:
The -Wunreachable-code has been removed, because it was unstable: it
relied on the optimizer, and so different versions of gcc would warn
about different code. The compiler still accepts and ignores the
command line option so that existing Makefiles are not broken. In some
future release the option will be removed entirely. - Ian
[1] https://gcc.gnu.org/legacy-ml/gcc-help/2011-05/msg00360.html
Separate fragment_head and fragment_item into two
different types of structs.
Remove "offset" from fragment_head, which was unused,
making fragment heads 4 bytes smaller.
Remove fragment_nr_offset, datalen, reassembled_in,
reas_in_layer_num, and error from fragment_item,
making them 24 bytes smaller.
Change a few dissectors which were using fragment_head
and fragment_item indistinguishably.
Ping #17311
It looks like there was a cut&paste error a long time ago resulting
in the wimaxasncp.message_type field being incorrectly detected as
unused and commented out. Closes#18424.
They're of type FT_NONE, meaning that they do not have values, they're
just present or not.
Handle the TCP analysis fields "tcp.analysis.retransmission" and
"tcp.analysis.keep_alive", both of which are expert infos, by just
seeing if they're present or not.
Fixes a problem mentioned in a comment in merge request !8412.
