That way, we don't rely on the ws_ip pointer being non-null.
Based on changes from Ib73410fd8575ad6c836311bbda87a0580e5640ac.
Change-Id: If8c437572c725481ac4148c8095a1a479b4fb0f8
Reviewed-on: https://code.wireshark.org/review/16617
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That way, we don't rely on the ws_ip pointer being non-null.
Based on changes from Ib73410fd8575ad6c836311bbda87a0580e5640ac.
Bug: 12645
Change-Id: I8c74ba57637b6a125593c4711d7c21b9693c2c85
Reviewed-on: https://code.wireshark.org/review/16616
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Taken from Ib73410fd8575ad6c836311bbda87a0580e5640ac.
Bug: 12645
Change-Id: Ie08c113b6193da40ce0e438faefd78ad36b4d475
Reviewed-on: https://code.wireshark.org/review/16615
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There is no guarantee of that.
Bug: 12645
Change-Id: Icb3310e5df37acfd113a9e2b1fee34e59ef28962
Reviewed-on: https://code.wireshark.org/review/16614
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Currently, cf_can_save() really means "*there's something to save* and
we can write it out"; "Save As..." should be enabled even if there are
no changes to save, in case the user just wants to write the existing
file contents out to a new file and have the new file be the current
file. That matches the behavior of the GTK+ version.
(We might want to enable "Save" even if there are no changes to save;
some other programs do that, such as the TextEdit, WordPad, KWrite, and
gedit simple text editors. If so, however, we should make "Save" write
stuff out even if there are no changes to save.
Note, however, that we're a bit different from most "editors", in that
we don't read the entire file into memory - we keep the file open and
read packet data from it, because we want to be able to read files that
won't fit into memory. That *might* change what we ultimately want to
do with "Save".)
Bug: 12630
Change-Id: I8a2327b5d6ddab7c4f0367f132460b507da38577
Reviewed-on: https://code.wireshark.org/review/16612
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The Ericsson HDLC format inside L2TP is not publicly documented, so when
I originally wrote the code, I was basically just looking at hex-dumps
of protocol traces and trying to ge an initial understanding. By now,
that understanding has significantly matured, so let's update the
dissector accordingly.
The major changes are regarding the understanding that there is not a
message type, but in fact a compressed SAPI and compressed TEI field.
Based on this, we can discriminate on whether there will be a HDLC/LAPD
header to follow, or whether there's actual user data (TRAU frame
replacement) following.
Change-Id: Ic29d2d295678c4dc5f93cd8404b2e832f4532daf
Reviewed-on: https://code.wireshark.org/review/16508
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add Hub Class Feature Selectors (defined in USB3.1 spec, table 10-9) to USBHUB dissector.
Change-Id: I53f73b5d689b8921907514e0fcd74a152abc2b49
Signed-off-by: Sean O. Stalley <sean.stalley@intel.com>
Reviewed-on: https://code.wireshark.org/review/16593
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This allows GTK Decode As to function properly if CAN subdissector
has a dissector table.
Change-Id: I5eb3642c34642302939d27e844fe93f626ba039c
Reviewed-on: https://code.wireshark.org/review/16606
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Implement dissector for User Descriptor Response.
Fix Number OfChild foield or Parent_Annce.
Fix name of User Descriptor Response cluster.
Change-Id: Ia48277a76bc7742021a407a45ca18e2c51a35046
Reviewed-on: https://code.wireshark.org/review/16570
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
... Otherwise the user will see an empty stream after the Save-As operation.
Change-Id: Ibafcb4e4b670807702a8d8a5756544471f2eccc3
Reviewed-on: https://code.wireshark.org/review/16521
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change field ip_v_hl to version.
Change-Id: Ic7ce8d6d083f6413284a7b9ba91a2387b11b29fb
Reviewed-on: https://code.wireshark.org/review/16555
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: I1936ec4ca6003d3268674079b79da0b009a62f10
Reviewed-on: https://code.wireshark.org/review/16597
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
ws_close just calls _close(); that doesn't close sockets. closesocket()
is the API to close a socket on Windows, and is defined as close()
on UN*X, so using closesocket() will close sockets on Windows and UN*X.
This way, we close the pipe socket correctly on Windows.
Change-Id: I6d50e26bfabac5618c74a180cbe94d444b591bd4
Reviewed-on: https://code.wireshark.org/review/16582
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove a call to update() in order to force a repaint for large capture
files. Doing so incurs a small-but-nonzero delay on Windows and it should
no longer be needed since we switched to timer-based updates in gb5a585c.
Change-Id: I01ff2eed165d15dd1d3218550baa664f43dd442a
Reviewed-on: https://code.wireshark.org/review/16589
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
It went away a long time ago; use create_dissector_handle().
Change-Id: I28e90821033621bc7a5572243ff5871b4e67d60d
Reviewed-on: https://code.wireshark.org/review/16592
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Allows marking/unmarking a single byte in the bytes view pane.
Ping-Bug: 11547
Change-Id: I574ad7c6218eb08018094ea92ba79b69dbe4b45d
Reviewed-on: https://code.wireshark.org/review/16563
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Try to minimize the number of times we allocate memory for Buffers and
Buffer data.
Change-Id: I738fdc64e571772ef4ba6335d49087277dd7b430
Reviewed-on: https://code.wireshark.org/review/16577
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For ERSPAN type II (version == 1), the offset is shifted by 4 at the
end. As a result, the 'offset+=2' at the end of ERSPAN type III should
be in its own 'else' scope.
Change-Id: I64a55d5722e3f4f5672ca2a4228583b3b51559e1
Reviewed-on: https://code.wireshark.org/review/16568
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Copy wsutil/wsprintf.h from change 16537. Update it to use functions
appropriate to Visual C++ >= 2015, < 2015, and everything else. Add
notes about specific API issues.
Update epan/expert.c to use ws_snprintf, since the VS profiler shows it
as a minor hot spot. This reduces load time for a large-ish capture from
~14s to ~12s here.
Migrate a previous column-utils change.
Change-Id: Id4064b7c06c35fd447b63c73f731afee181df4f9
Reviewed-on: https://code.wireshark.org/review/16483
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
We call fillLabel repeatedly while loading a capture. Try to avoid
applying a style sheet when we do since it can affect performance.
Change-Id: I9ee188cb79f7cad340ba35b12011b82004ed8262
Reviewed-on: https://code.wireshark.org/review/16571
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This is an attempt to standardize display/handling of checksum fields for all dissectors.
The main target is for dissectors that do validation, but dissectors that just report the
checksum were also included just to make them easier to find in the future.
Bug: 10620
Bug: 12058
Ping-Bug: 8859
Change-Id: Ia8abd86e42eaf8ed50de6b173409e914b17993bf
Reviewed-on: https://code.wireshark.org/review/16380
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
To remove OPT_SHB_HARDWARE, use wtap_block_remove_option().
To get the string value from a GString, use g_string_free(string,
FALSE), not g_string_free(string, TRUE) - the latter will free the
string value and return NULL.
Change-Id: I0c5a9f818543f6752f455f04fb3c024208e23954
Reviewed-on: https://code.wireshark.org/review/16567
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also, rename routines that write out an option write_wtap_XXb_option()
from write_wtap_XXb_block().
Change-Id: I4884a2f5275a5e2e32137b47255fac6995f311ef
Reviewed-on: https://code.wireshark.org/review/16566
Reviewed-by: Guy Harris <guy@alum.mit.edu>
A string option, if present, always has a value; it might be a null
*string*, but you won't get a null pointer (if the option isn't present,
it simply isn't present).
Fix some comments while we're at it.
Change-Id: I9c1420f56998a7d04de5c5cc2e92631b181f303a
Reviewed-on: https://code.wireshark.org/review/16564
Reviewed-by: Guy Harris <guy@alum.mit.edu>
As requested by Alexis.
Change-Id: I33e91aa0234e7c07869d69b5da6d0df8f94254ba
Reviewed-on: https://code.wireshark.org/review/16559
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
It was passing the wrong offset for an FT_UINT_STRING type.
Change-Id: I739eb5bbf86768f6bf953662d407270cc8e27f2b
Reviewed-on: https://code.wireshark.org/review/16547
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
In accordance with the IANA registry. This option was never used.
Change-Id: I2fc16579b084a0d537f16b9104b025d97a0afd8d
Reviewed-on: https://code.wireshark.org/review/16552
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: I41bd5c66a51088cedeae993c15c520d4075c5620
Reviewed-on: https://code.wireshark.org/review/16549
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This mostly reverts SVN rev 43412 (3fa645481f)
with the addition of documenting that FT_*INT*'s with BASE_NONE and a
FIELDCONVERT tells the Wireshark core that the field's numeric value is
meaningless and should not be shown to the user.
Use BASE_NONE again with the expert info group and severity fields. This
(finally) resolves the complaint from:
https://www.wireshark.org/lists/wireshark-dev/201206/msg00188.html
(yes, this mail's been sitting in my "todo" pile since then! <sigh>)
Change-Id: I1c6dd2864e7a2e959c97c409f277853af74a8d93
Reviewed-on: https://code.wireshark.org/review/16518
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>