extcap_register_preferences is only called with the -G option
(to dump information) and extcap preferences are not loading,
loading it unconditionally avoids this, as it is done in the
GUI startup.
./tools/check_typed_item_calls.py --commits 1 | tee item_calls_check.txt
Examining:
epan/dissectors/packet-vnc.c
epan/dissectors/packet-vnc.c:1289 proto_tree_add_item called for hf_vnc_tight_tunnel_type - item type is FT_UINT8 but call has len 16
epan/dissectors/packet-vnc.c:1532 proto_tree_add_item called for hf_vnc_vencrypt_auth_type - item type is FT_UINT8 but call has len 4
epan/dissectors/packet-vnc.c:1545 proto_tree_add_item called for hf_vnc_vencrypt_auth_type - item type is FT_UINT8 but call has len 4
3 issues found
As explained here:
https://github.com/rfbproto/rfbproto/blob/master/rfbproto.rst#tight-security-type
The capability consists of a code, a 4 byte vendor string and an 8 byte signature string
Try to fix
run/libwireshark.so.0.0.0: undefined reference to `dot11decrypt_derive_pmk_r1'
run/libwireshark.so.0.0.0: undefined reference to `dot11decrypt_kdf'
run/libwireshark.so.0.0.0: undefined reference to `dot11decrypt_prf'
run/libwireshark.so.0.0.0: undefined reference to `dot11decrypt_derive_pmk_r0'
run/libwireshark.so.0.0.0: undefined reference to `dot11decrypt_derive_ft_ptk'
This patch allows each configured parameter to be filtered and
therefore to be used in io graphs as well.
Fixes#17122
Be aware that this patch changes the format of:
- SOMEIP_parameter_list
- SOMEIP_parameter_arrays
- SOMEIP_parameter_structs
- SOMEIP_parameter_unions
Specification:
https://github.com/rfbproto/rfbproto/blob/master/rfbproto.rst#vencrypt
Has been tested with tigervncserver / xtigervncviewer
with several security types and combinations:
/usr/bin/tigervncserver -SecurityTypes VncAuth
/usr/bin/tigervncserver -SecurityTypes TLSVnc
/usr/bin/tigervncserver -SecurityTypes X509Plain
/usr/bin/tigervncserver -SecurityTypes TLSVnc,VncAuth
IEEE 1733 uses a 32bit 802.1AS (gPTP) timestamp in RTCP. In order
to correlate these timestamps to the timestamps in 802.1AS the
following translation is needed:
ts_32 = (ts_s * 10^9 + ts_ns ) mod 2^32
This patch adds suport for this 32bit timestamp in order to allow
analysis of AVB with IEEE 1733 (RTP/RTCP).
Add event counter and event counter valid variables to the btle context.
This information has to come from the capture context, and the information
is useful to provide context information around LL control procedures with
instant.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
They're not used outside a block, so move them inside the block. Also,
they're set before they're used, so don't initialize them when they're
declared.
This should squelch some unreadVariable warnings from cppcheck.
No version of ISO C I can find (from C90 to C18) says anything more
about __LINE__ than that it's an "integer constant", with no indication
whether it's signed or unsigned (or whether it's int or long or long
long), so we just cast it to "unsigned int" and print it with %u, as it
would make Absolutely No Sense if it were negative.
This should squelch some invalidPrintfArgType_uint warnings from
cppcheck.
They're not used outside a block, so move them inside the block. Also,
they're set before they're used, so don't initialize them when they're
declared.
This should squelch some unreadVariable warnings from cppcheck.
The Dot11DecryptRsna4WHandshake has grown unreasonably large. Refactor
the function and break out some functionality into smaller utility
functions to make it easier to understand.
Add partial support for decrypting captures with connections
established using FT-EAP. To support deriving keys for FT-EAP
the MSK is needed. This change adds MSK as a valid IEEE 802.11
protocol input key type preference as well.
Note that FT-EAP support comes with the following imitations:
- Keys can only be derived from the FT 4-way handshake messages.
- Roaming is not supported.
To increase readability of IEs used with Fast BSS Transition
dissect FTE and MDE fields with flags and subtrees.
- FT element count is part of MIC control element.
- FT over DS is part of FT capability and Policy field.
- Resource Request Protocol Capability is part of FT
capability and Policy field.
- Dissect FT subelements with a separate subtree.
Change-Id: Id9bea07234c3314991a75781c59321faa600a0f6
Add partial support for decrypting captures with connections
established using FT BSS Transition (IEEE 802.11r).
FT BSS Transition decryption comes with the following limitations:
- Only FT-PSK is supported.
- Keys can only be derived from the FT 4-way handshake messages.
- Roaming is not supported.
Break out the PRF and KDF functionality from the PMK to PTK
derivation functions and make them separate utility functions
implemented as defined in the IEEE 802.11 standard.
This change is done in preparation for supporting additional
AKMS where the key derivation functions can be reused to derive
other type of keys.
Do not use FT_IPV6 as an interface identifier could be wrongly identified
as an IPv4-Compatible IPv6 Address format by inet_ntop() and displayed
as such.
Do not use FT_IPV6 as an interface identifier could be wrongly identified
as an IPv4-Compatible IPv6 Address format by inet_ntop() and displayed
as such.
They're not used outside a block, so move them inside the block. Also,
they're set before they're used, so don't initialize them when they're
declared.
This should squelch some unreadVariable warnings from cppcheck.
In dump_dfilter_macro_t(), if the dfilter_macro_t pointer is null, just
give up after printing the message that indicates that.
This should squelch several nullPointerRedundantCheck warnings from
cppcheck.
They're not used outside a block, so move them inside the block. Also,
they're set before they're used, so don't initialize them when they're
declared.
This should squelch some unreadVariable warnings from cppcheck.
Fix indentation of a line of code while we're at it.
They're not used outside a block, so move them inside the block. Also,
they're set before they're used, so don't initialize them when they're
declared.
This should squelch some unreadVariable warnings from cppcheck.
I guess we used to just have a g_assert() here to check that there was a
subdissector table to which to add the capture dissector, but we now
have a test for a null subdissector table pointer that attempts to
produce a more detailed and more useful error (and to fail only if we've
set the "crash on some otherwise-ignored errors" environment variable).
Remove the assertion, as we've already ensured that, at that point, the
subdissector table pointer is not null.
This should squelch a constArgument warning from cppcheck.
It never returns a null pointer.
(At least some compilers support decorating function declarations with
indications that they never return a null pointer; hopefully at least
some of them attempt to validate that claim, and report at least a
warning, if not an error, if they can't. We should look at decorating
functions in that fashion.)
This should squelch a nullPointerRedundantCheck warning from cppcheck.
Make some packet size variables unsigned.
Leave some others signed, because they're read with sscanf(), and
sscanf() handles string-to-unsigned conversions in the same crazy way
strtouX() routines do, wherein a leading sign is *not* an error.
Instead, cast them to unsigned after we make sure they're not negative.
If, for example, you run out of file descriptors, dup() can fail, and
ws_dup() is a wrapper around it on UN*X. Don't just pass the result of
ws_dup() to ws_fdopen(); instead, save its result, check against -1 and,
if it's -1, give up, otherwise pass it to ws_fdopen().
This addresses Coverity CID 1471708.
Also, if ws_fdopen() fails, close the descriptor we got from ws_dup();
this closes a possible FD leak.
Enrique Giraldo
Vadim Yanitskiy