This removes any knowledge of plugin types from
cmake/modules/WiresharkPlugin.cmake, so that it doesn't have to be
changed if we add a new plugin type. Revert to the second argument to
add_plugin_library() and install_plugin() being the subfolder.
Change-Id: I668ab90b28c73a8b12ca8e3e906b8de2f9395ca5
Reviewed-on: https://code.wireshark.org/review/25585
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This wiretap plugin serves a dual purpose. One is to add usbdump file
reading capability to wiretap and therefore Wireshark and Tshark.
Second it is an illustration of a basic wiretap plugin module.
Change-Id: Iefbb156ea1bc5d90dabc1753942cdb9e393714ad
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/25487
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The plugin.c generation in an autotools build comes in from an included
Makefile.am file. The various types of plugins need different parameters
for the generation script. Put the plugin.c production rule is a seperate
include file so each plugin type build can include its own variant.
Also amend the README.plugins file with regards to the new directory
structure and the fact that there are multiple types of plugins, not just
dissector plugins.
Change-Id: I3a815d0d767baa555356cf428861b18697401355
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/25398
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Icc79994ace4e32def3f03cf62b49f3c7dd3011df
Reviewed-on: https://code.wireshark.org/review/25384
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This commit adds the missing mailbox type to the EthercatFrameTypes
array.
Change-Id: I0710b723cdfa6cff28b6655729dafb68678518cb
Reviewed-on: https://code.wireshark.org/review/25338
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Some routines are registered by the standard plugin mechanism, others
are registered internally. If a first-stage ("register") routine is
registered internally, we must register the second-stage ("reg_handoff")
routine internally as well, otherwise the second-stage routine isn't
recognized by tools/make-plugin-reg.py and is never called.
Bug: 14322
Change-Id: I6eb94c0b74b6fb4d60eb57113d4ada73f4240150
Reviewed-on: https://code.wireshark.org/review/25256
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I4acd9d57866c0832241973d349c84b6346a293f5
Reviewed-on: https://code.wireshark.org/review/25046
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
found by lintian
Change-Id: I8a15c7ba236024448e2ad328b200872b0c622988
Reviewed-on: https://code.wireshark.org/review/25085
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
This commit fixes the order of register 0x0012 in ecat_esc_registers array
after the changes in 24949
Change-Id: If63921a5e3eb845e470b608161946f0477ff6e21
Reviewed-on: https://code.wireshark.org/review/24953
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This commit fixes the following
-- changes the order of registers in ecat_esc_register array
because they cannot be reached by the dissect_esc_register function.
-- typos in registers' information
Change-Id: Ia73823412abba26377f57fa59ad637879b5b9da1
Reviewed-on: https://code.wireshark.org/review/24949
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
plugin_ldadd was removed in 262a84c384.
Change-Id: I516aa1be3466433bf8db83ab3d1773bf88082e8c
Reviewed-on: https://code.wireshark.org/review/24850
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Micro version bump for mate to homogenize it between CMake and autotools.
The cmake macro doesn't handle the "a" suffix and it doesn't seem worth
implementing.
Change-Id: Ib022c6aa170623b83a9700e4fa098c60a9cddfab
Reviewed-on: https://code.wireshark.org/review/24847
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Also add comment noting that MSVC_VARIANT is not the same thing as
CMAKE_GENERATOR.
Change-Id: Icc0f4a491786e4045c650509957655ef41352b29
Reviewed-on: https://code.wireshark.org/review/24846
Reviewed-by: João Valverde <j@v6e.pt>
plugin.rc is Windows specific, also add condition to reflect that.
Change-Id: Ibbb7dab77dd1f277e2302c8f931218ca433f8c72
Reviewed-on: https://code.wireshark.org/review/24833
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Put different types of plugins (libwiretap, libwireshark) in different
subdirectories, give libwiretap and libwireshark init routines that
load the plugins, and have them scan the appropriate subdirectories
so that we don't even *try* to, for example, load libwireshark plugins
in programs that only use libwiretap.
Compiled plugins are stored in subfolders of the plugin folders, with
the subfolder name being the Wireshark minor version number (X.Y). There is
another hierarchical level for each Wireshark library (libwireshark, libwscodecs
and libwiretap).
The folder names are respectively plugins/X.Y/{epan,codecs,wiretap}.
Currently we only distribute "epan" (libwireshark) plugins.
Change-Id: I3438787a6f45820d64ba4ca91cbe3c8864708acb
Reviewed-on: https://code.wireshark.org/review/23983
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
disections are added.
According to specification,
AdjustMAUTypeExtension is a subblock for adjusting MAUTypeExtension.
CheckMAUTypeExtension is a subblock for checking MAUTypeExtension.
Change-Id: Ia90f204887a2e9871bc71e24978ab0095cc0fe1f
Reviewed-on: https://code.wireshark.org/review/24718
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Birol Capa <birol.capa@siemens.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
According to specification, AdjustPeerToPeerBoundary is
a subblock for adjusting the peer to peer boundary.
Change-Id: I4036aa08509300e0b8533c94b991c9a21077f634
Reviewed-on: https://code.wireshark.org/review/24710
Reviewed-by: Birol Capa <birol.capa@siemens.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
According to specification, AdjustDCPBoundary is
a sub block for adjusting the DCP boundary.
Change-Id: I2515e2b3592ff0e5e67487b1785db41015964b21
Reviewed-on: https://code.wireshark.org/review/24673
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
These changes significantly improve the speed and accuracy of TRANSUM.
I have removed the concept of rrpd status as it wasn't being used in any
significant way and created unnecessary code.
The find_latest_rrpd(...) function was becoming very complex which made it
difficult to optimise performance for certain protocols. To overcome
this, I have introduced an equivalent function for each protocol e.g.
find_latest_rrpd_smb2(...). each of these new functions has a loop that
steps through the rrpd_list. I could have placed this loop one level up
in the nested call and so had one loop in the code that calls the new
function. However, I have found that this area is the prime cause of
delays in TRANSUM execution and so I want to avoid calling these new
functions with each step through the rrpd_list.
Finally, I have added code to improve the handling of retransmissions.
Bug: 14210
Change-Id: I038097f22a45ee74173aad1ae5732347f769b9bd
Reviewed-on: https://code.wireshark.org/review/24506
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The output compares equal to make-dissector-reg.py and the regex
should be more robust (multiline, complete start of function definition).
The primary motivation is to clean up the python script. This small
binary results in much cleaner code. The python script is used only
to generate plugin code, therefore it is renamed.
Also in my casual measurements the C code is much faster (without cache)
than the python script with the cache.
Change-Id: Id4e8cac3c836d56775aba4819357a95ef19bcb85
Reviewed-on: https://code.wireshark.org/review/24497
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This sets the scope of the static build option to Wireshark support
libraries only.
Before the patch:
Static plugins don't work with CMake and autotools.
autotools static build is broken, and most likely will always be, as
building Wireshark all-static is difficult and time-consuming.
After the patch:
For CMake Wireshark will be built with static or shared libraries and
dynamic plugins. Everything just works. CMake apparently doesn't want
you building static and shared libraries at the same time.
For autotools Wireshark will be built with shared libraries by default.
--disable-shared and --enable-static options work as usual. Dlopened
plugins are not built if --disable-shared is given to configure (to
disable shared libraries). This is a limitations imposed by libtool.
Tested on Linux. This removes broken support for building plugins
statically.
Change-Id: Ib8e8176976f136eea93a2ce8f9857b6cf9bec64c
Reviewed-on: https://code.wireshark.org/review/24241
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: I6745bee84b096a7008d258a39d99370b1fea29a0
Reviewed-on: https://code.wireshark.org/review/24217
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I9f7df2f62197c574087dbcce2c7b0ba7e6c8c56b
Reviewed-on: https://code.wireshark.org/review/24197
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
For the moment this mirrors the port_type enumeration (PT_XXX), but the
intent is to move away from using "port types", eliminating most (if not
all)
Added conversation_pt_to_endpoint_type() so that conversations deal with the
correct enumeration. This is for dissector that use pinfo->ptype as input
to conversation APIs. Explicit use of port types are converted to using
ENDPOINT_XXX type.
Change-Id: Ia0bf553a3943b702c921f185407e03ce93ebf0ef
Reviewed-on: https://code.wireshark.org/review/24166
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The intention is to make it more transparent when making a switch
to an "endpoint" over address/port combination.
Change-Id: Ic424c32095ecb103bcb4f7f4079c549de2c8d9c4
Reviewed-on: https://code.wireshark.org/review/24148
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I5d99692d897f17e6e14952db8e4736ca65aa1373
Reviewed-on: https://code.wireshark.org/review/24106
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This change improves performance through better handling of SYN -
SYN/ACK pairs.
Bug: 14094
Change-Id: Ie479f1b69fa48f85a2ed9f8f173533db25582bbd
Reviewed-on: https://code.wireshark.org/review/24090
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ieef2cbf34e32f0730af03acc65ebe3499e1fe1f3
Reviewed-on: https://code.wireshark.org/review/24076
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
That allows a parallel typedef of ws_in4_addr for guint32.
Change-Id: I03b230247065e0e3840eb87635315a8e523ef562
Reviewed-on: https://code.wireshark.org/review/24073
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ibfc8310e1a150fb2e04f7dad9a68d08e8d0364b7
Reviewed-on: https://code.wireshark.org/review/24032
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I3b6a7c6dabfe017eb6c223ab2491e0a3cda8c56c
Reviewed-on: https://code.wireshark.org/review/23970
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ie74dec4d854f65835a4e7e68dac609290a84d791
Reviewed-on: https://code.wireshark.org/review/23957
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We don't need to be this strict for bundled plugins about following
the GNU Coding Standards.
Change-Id: I18ed1b81d428eea15ea387102823f588287daf81
Reviewed-on: https://code.wireshark.org/review/23918
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
'docsis_vsif.gex.extended_cmts_mic_hmac_type' exists multiple times with NOT compatible types: FT_BYTES and FT_UINT8
Change-Id: Ic3a0f7f6edf5a28ffde6703276d4747d138081c7
Reviewed-on: https://code.wireshark.org/review/23896
Reviewed-by: Michael Mann <mmann78@netscape.net>
Replace some g_new()s, g_strdup()s and GArrays used in prefix
registration with their epan_scoped wmem equivalents. This reduces
the amount of memory we leak so that we come in below the Valgrind
fuzzer's current threshold (102400).
Bug: 14106
Change-Id: I7308ac89465316c06773552253dabc876b6c2425
Reviewed-on: https://code.wireshark.org/review/23891
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Only plugins built for the same feature release (X.Y) are assured binary
compatibility. Make sure we don't try to run unsuitable code and, if so,
warn the user. This might happen for example if the user manually copies
a binary plugin to the wrong folder, intentionally or by accident.
I'm using "release version" to loosely mean not a patch release
(i.e: a feature release).
Change-Id: I896e9cbbd2d3843623fff6af8ef51002ec06f1f8
Reviewed-on: https://code.wireshark.org/review/23807
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
According to specification, when suboption is CONTROL,
signal value is FLASH_ONCE.
Change-Id: I942579cdf3d642e636d02b778ffaad99022678e3
Reviewed-on: https://code.wireshark.org/review/23812
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
... not to be confused with "machine-to-machine".
M2M seems to be a simple Wimax encapsulation protocol developed by Intel.
It's not documented publicly anywhere that I can find. The boilerplate to
code ratio is huge and it even includes a complete source file from the Wimax
dissector (yuck). Put it in the Wimax plugin instead.
Minor version number bump for wimax plugin.
Change-Id: I2694339dfe89be334093b257a5b34d1577f4dc20
Reviewed-on: https://code.wireshark.org/review/23790
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
proto_register_wimax() cannot be assumed to run before all other dissectors
that depend on the global proto_wimax variable. It happens to work now but
registration order is never guaranteed and cannot be relied upon. Wireshark
will crash with a null pointer dereference if proto_register_wimax() is not
run first.
Have proto_register_wimax() call the registration routine for the other dissectors
that depend on proto_wimax to impose the hard-coded order.
Change-Id: I3e9a9ea742f3feeb5b802ad79cfc9ed916264d2f
Reviewed-on: https://code.wireshark.org/review/23788
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
It doesn't build with autotools and CMake.
Under-documented and unmaintained. Seems to be a work-in-progress
that stalled.
Introduces spurious CMake dependency on yapp.
Change-Id: I0dca1ccbdfd683586c05765437d4b7804ab5cc70
Reviewed-on: https://code.wireshark.org/review/23758
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's dead, unmaintained and unfinished.
Not in a good enough state to live in the tree.
Change-Id: I6a5c391503b5237638f8362fb9f0492c4cf36223
Reviewed-on: https://code.wireshark.org/review/23745
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: I626b8a1d85e3062c58f9e3bd7bd6c6123c4b8272
Reviewed-on: https://code.wireshark.org/review/23749
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add missing decrement of concatlen based on master-2.2 version.
Bug: 14080
Change-Id: I00f7e34f8e599718316a4ce8916d91b780ec7c14
Reviewed-on: https://code.wireshark.org/review/23663
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The correct way is to not name the variable.
Change-Id: Ic016f1b9161db6b4cc3f6534c853a1f50e31aa2b
Reviewed-on: https://code.wireshark.org/review/23569
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Bug: 13826
Change-Id: I01674d5a31281508686bc06e222d6a87926d1c83
Reviewed-on: https://code.wireshark.org/review/23436
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Previous functionality presumed cat = 0, so initialize cat to it.
Change-Id: Ic0fdccc8222dfb435178416911d35bac105c6c03
Reviewed-on: https://code.wireshark.org/review/23434
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Bug: 14038
Change-Id: I36fbaa591a7ebf5da7d2e7be837e8fcca30c7f98
Reviewed-on: https://code.wireshark.org/review/23432
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Icc43fdc341a8f263af5d7b9e1bc14e13b5361dd0
Reviewed-on: https://code.wireshark.org/review/23392
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Remove unnecessary null-check before free as well.
Change-Id: Ic54459149b40fd8c8f58c643bbd6cfc81ee8b923
Reviewed-on: https://code.wireshark.org/review/23398
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Be sure to disable the wanted hfids list when the transum dissector is
cleaned up, otherwise it will leak memory when reloading a file while
the transum dissector is enabled.
Change-Id: I2af8edab89da8b3cfb65e19726e1d2546a1dc8d4
Reviewed-on: https://code.wireshark.org/review/23261
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 13847
Change-Id: I3a706db25204fe4c1fd1b7be3b17b8c55365dccf
Reviewed-on: https://code.wireshark.org/review/23169
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
TRANSUM fails to calculate RTE figures for DCE-RPC where request Packet
Type is zero
Bug: 13988
Change-Id: I1dd7aee0283042703530a6d72fff063279e6147e
Reviewed-on: https://code.wireshark.org/review/23115
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It will end up eventually crashing column buffers because memory
behind the address is trounced.
Change-Id: Id6b5a42effc503e4b8bf5e1deb2135241e2893f3
Reviewed-on: https://code.wireshark.org/review/22563
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Id26c1c0d1678613a90ff7707265ec062cd30cf83
Reviewed-on: https://code.wireshark.org/review/22501
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
"enterprise-numbers" is converted to tab-separated values and renamed
"enterprises". Unused fields are stripped.
PENs are stored in a hash table loaded at run-time.
User "enterprises" file is loaded from the personal config dir.
Misc make-sminmpec.pl improvements and fixes.
Note: names of type "Entity (formerly ...)" have the formerly part commented out for a cleaner output.
Change-Id: I60c533afbe3e399077fbf432088064471ad3e1e2
Reviewed-on: https://code.wireshark.org/review/22246
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
concatlen was not updated if FCParm was unknown, leading to an infinite loop.
Bug: 13797
Change-Id: I1b64d757a369183a711f01b0b5cd1ba7aa0787bc
Reviewed-on: https://code.wireshark.org/review/22120
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Profinet defined functions to add 32bit integers to the tree and get their
value. This is equivalent to proto_tree_add_item_ret_(u)int. Call those
functions directly and remove the now obsolete Profinet functions.
In some cases, the returned 32bit value is discarded. Use
proto_tree_add_item then.
Change-Id: I7744fab2f27b8ae8e681a36e4e96eb2f8be87bd6
Reviewed-on: https://code.wireshark.org/review/21989
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
profinet has a number of internal functions that add an item to the tree
and read its value. For 32bit integers, this is exactly what
proto_tree_add_item_ret_(u)int do. Just call those functions.
(We could do the same for 8 and 16bit values. We'd need a temporary
value then and the code wouldn't be much easier than it is now.)
Change-Id: I98fc70ced2dc5a552235a476d40a4275f3b3bd38
Reviewed-on: https://code.wireshark.org/review/21965
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
There's not much point in having a switch-case block with only a default
statement ;-)
Change-Id: Iaacd87bb2995783b98e5395b3654a1c8f32c473a
Reviewed-on: https://code.wireshark.org/review/21938
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michael Mann <mmann78@netscape.net>
In this case, we can simply replace the exception with an expert info
and exit the loop.
Change-Id: I232e554af299140d7123b5e21d78372a35a7923b
Reviewed-on: https://code.wireshark.org/review/21936
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I0c4346386846c03a67b83bebfce6da6323379180
Reviewed-on: https://code.wireshark.org/review/21937
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If57183bcea978b766fc53f691a35c4ddf98ca2dd
Reviewed-on: https://code.wireshark.org/review/21849
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Don't use random on-the-stack data as a UUID.
Change-Id: I77961e1404ad73a484a7fc865bc54219dc239b4d
Reviewed-on: https://code.wireshark.org/review/21721
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Removes a bunch of duplication set up because commands were all in
different files.
Change-Id: I950bc70da0edcdef7aaf21a43328cf69267f79af
Reviewed-on: https://code.wireshark.org/review/21613
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Display the details for the NodeClassMask and ResultMask values in a
BrowseRequest's BrowseDescription.
As described in OPC UA 1.03 Specification, the value 0 for the
NodeClassMask and the value 63 (0x003F) for ResultMask should results in
returning all the fields in the BrowseResponse.
Display 'All' when those fields have those values
Display a detailled bit tree mask when values are different
Code Change:
Added parseNodeClass and parseResultMask
Use them in parseBrowseDescription instead of parseUInt32
Removed not needed anymore hf_opcua_NodeClassMask, hf_opcua_ResultMask
and their related entries in registerFieldTypes
Change-Id: Ic3ed8630825b5456f91156f06b2203ebfa422155
Reviewed-on: https://code.wireshark.org/review/21446
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Define it, so the generated parser knows what argument type the function
passed to MateParserAlloc() takes. Use it when declaring
MateParserAlloc().
Change-Id: Ice18fd6b5fdbdb31f527e5d6eb06e78594d4565b
Reviewed-on: https://code.wireshark.org/review/21588
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove the declarations from mate_parser.l, and have mate_parser.h
include mate.h at the beginning of the file, instead.
Move the #if'ed version of the declaration of MateParserAlloc() to
mate.h.
Change-Id: I03ffdd5f093b179ffc0cb0e43eac093f7e4af65c
Reviewed-on: https://code.wireshark.org/review/21587
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I87ff11b7c04cb3b6963d4c8c16df2c3d60a0aec8
Reviewed-on: https://code.wireshark.org/review/21574
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I40724306d5facd0f4a5a9ca2354330577857d27f
Reviewed-on: https://code.wireshark.org/review/21563
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Use proto_tree_add_item_ret_uint to remove separate "gets"
2. Remove if (tree)s that prevented expert_info
3. Apply consistent whitespace
4. Apply consistent TLV behavior, making T and L always filterable
5. Remove T name (of TLV) from field name itself (where applicable)
6. Use BASE_UNIT_STRING and BASE_NO_DISPLAY_VALUE
Tested with capture generated from https://github.com/AdrianSimionov/docsis-generator
Change-Id: I9987397ccb3248b2a26d850af468740f94b28a63
Reviewed-on: https://code.wireshark.org/review/21561
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Field 'Index' (pn_io.index) has a conflicting entry in its value_string: 45057 is at indices 82 (Sync-Log / RTA SyncID 1 (GSY)) and 114 (reserved for profiles))
Change-Id: Ic3e6f6db0631a9337861cd697b4d7bf17fba0c36
Reviewed-on: https://code.wireshark.org/review/21513
Reviewed-by: Michael Mann <mmann78@netscape.net>
Field 'BlockQualifier: ResettoFactory' (pn_dcp.block_qualifier_reset) has a conflicting entry in its value_string: 9 is at indices 7 (Resets all stored data) and 12 (Reserved))
Change-Id: I9d43fc44899d47eaafb50a76511dda69560a75da
Reviewed-on: https://code.wireshark.org/review/21512
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I1f863eea427529537df004e9782311d5c69ed4bd
Reviewed-on: https://code.wireshark.org/review/21505
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also adjust whitespace for a few places where if (tree) would mess up
expert_info use.
Change-Id: I79b8f7105515fb9ce220a46f3e875be466ee1044
Reviewed-on: https://code.wireshark.org/review/21474
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I72bec5bcbe7e2139ae36bf704e7ebda9207331fd
Reviewed-on: https://code.wireshark.org/review/21424
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I23830283c1a3323cfb3b72da1e329c72817119ab
Reviewed-on: https://code.wireshark.org/review/21362
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: If9156b4a73e7db006daf4ab4e278379f0e39905f
Reviewed-on: https://code.wireshark.org/review/21313
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It makes it a bit clearer what its purpose is - to allow a value_string
to be used for numeric rather than enumerated fields, giving certain
values of the field a special meaning.
Change the explanation in the documentation to match as well.
Change-Id: Id07b22eee996b79ea5f3473928d29adcabe09bf3
Reviewed-on: https://code.wireshark.org/review/21209
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When building RelWithDebInfo target with MSVC, NDEBUG is automatically defined.
Avoid redefining the macro by checking if it already exists.
Change-Id: I1720f47cce0df210c2b2dff3b20c218dc2ae7b02
Reviewed-on: https://code.wireshark.org/review/21200
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is a breaking change.
prefs_register_filename_preference hasn't been differentiating
between files to be saved and ones to be opened.
On GTK, a neutral dialog is used, so no problems there.
On Qt, a save dialog has been always used, even in dissectors that
were reading configuration files without modification.
prefs_register_filename_preference now takes an argument to indicate
whether UI could be a save dialog with a warning on overwriting
a file, or whether it's a general purpose open file dialog.
Qt now does this. Previously no warning was shown on overwriting a file,
so it may be used for opening files too without irritating the user.
This has been changed, as non-destructive reads should now use
the open dialog.
Dissectors were changed accordingly.
Change-Id: I9087fefa5ee7ca58de0775d4fe2c0fdcfa3a3018
Reviewed-on: https://code.wireshark.org/review/21086
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The tap was just a trick to get fields and protocols registered as being
of interest. Now that we have mechanisms by which postdissectors can
explicitly register fields and protocols as being of interest, and are
using that, the trick is no longer needed.
Change-Id: I0bccc88a1e4ee4c9fc84b90d968820375594c5c1
Reviewed-on: https://code.wireshark.org/review/21157
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The tap was just a trick to get fields and protocols registered as being
of interest. Now that we have mechanisms by which postdissectors can
explicitly register fields and protocols as being of interest, and are
using that, the trick is no longer needed.
Change-Id: Ib2620ff32c41ffa050203c1d4481c63535fb3f4b
Reviewed-on: https://code.wireshark.org/review/21156
Reviewed-by: Guy Harris <guy@alum.mit.edu>
They deal with sets of hfids, which can belong to protocols as well as
fields (I guess you could argue that a protocol is a field, but...).
Change-Id: Ibd103cfa26427ead4ef54be89f1251908004cfae
Reviewed-on: https://code.wireshark.org/review/21154
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That's currently required to get the fields we want.
Bug: 12161
Change-Id: Ic1066334358c58fa915ef886b2658902393172c7
Reviewed-on: https://code.wireshark.org/review/21153
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Some routines had "matecfg", some had "mc"; be a bit more consistent.
Change-Id: I3406488315483fb281ebc3fb8a23e9e1b2104a14
Reviewed-on: https://code.wireshark.org/review/21152
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Pass it as an argument to everything else, so only packet-mate.c has the
notion of there being *a* configuration, and everything else takes the
configuration as an argument.
Change-Id: Ia92c1539586d3e71580fd822cf07bd3d79a6f093
Reviewed-on: https://code.wireshark.org/review/21151
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make it local to mate_tree(), and pass it to mate_pdu_tree().
Change-Id: I489683614b4d65aec3ddd94ce2c9077180e769ca
Reviewed-on: https://code.wireshark.org/review/21149
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There's a Lemon bug where this grammar produces a parser that fails
assertions; to work around it, we disable assert() failures.
(A bug report has been sent to sqlite-users about this.)
Change-Id: I6812b20fafe318425b37755a15009b0baf2d68a2
Reviewed-on: https://code.wireshark.org/review/21148
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Flagged during value_string duplication check
Change-Id: Ia6b657b6e0d8e60cf69ea0e40199b78e96837ecc
Reviewed-on: https://code.wireshark.org/review/21133
Reviewed-by: Michael Mann <mmann78@netscape.net>
This reverts commit c63c5c8c42.
This is probably easier than just abandoning it and trying to remove it from my repository.
https://xkcd.com/1597/
Change-Id: Ibba2107cfa9c60c86862b16a4cac31689670e137
Reviewed-on: https://code.wireshark.org/review/21127
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Builds on my machines, physical and virtual, crash with an assertion
failure in the MATE Lemon grammar when parsing the MATE configuration
file in bug 12161 - on Mac OS X Lion with llvm-gcc, Ubuntu 15.10 with
GCC, and on macOS Sierra with clang.
Builds on the macOS buildbot do *not* fail.
So put the result of Lemon in the MATE plugin into the release tarball,
so I can compare it with what Lemon generates on my machine.
Change-Id: I2d5ecee68535a8b4803de0bd7f02d448ab629083
Reviewed-on: https://code.wireshark.org/review/21126
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
register.c, and the plugin.c for various plugins, are generated by tools
that must be available to do a build, and aren't distributed as part of
the source tarball. That means "make distclean" should remove them. Do
so.
Change-Id: I9e37abdafb50234cf1ebb5fb828446e45e605d78
Reviewed-on: https://code.wireshark.org/review/21125
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Field 'Stream Based Volume ID' (unistim.stream.volume.id) has a conflicting entry in its value_string: 111 is at indices 0 (C1=0xFF00 C2=0x00 C3=0x00 c4=0x00 Steady on. -13 dBmO per frequency.) and 1 (C1=0x0505 C2=0x0505 C3=0x0505 c4=0xFF00 3 burst(0.1 sec on,0.1 sec off),Then steady on.-13 dBmO per frequency.))
Change-Id: I49f50688b9e68d597190d891b114eea1ff3e4858
Reviewed-on: https://code.wireshark.org/review/21059
Reviewed-by: Michael Mann <mmann78@netscape.net>
As the comments say, proto_find_finfo() is slower than
proto_get_finfo_ptr_array(), as it has to scan the entire tree, and,
given that we're priming the tree with the fields we need (which we
*have* to do to *guarantee* that we'll get the fields we want;
requesting that a protocol tree be constructed isn't sufficient, and
asking for a "visible" protocol tree is overkill),
proto_get_finfo_ptr_array() will work.
Change-Id: Ic1e21105a0a89003a3cdd3d7a2e55ac287ddad5e
Reviewed-on: https://code.wireshark.org/review/21068
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This makes sure that postdissectors that indicate that they need certain
fields in the first pass will get them.
While we're at it:
Fix the field-fetching code in TRANSUM not to assume it got any
instances of the field being fetched.
Rename process_packet_first_pass() in sharkd to process_packet(), as
it's the only routine in sharkd that processes packets.
Rename process_packet() in tshark and tfshark to
process_packet_single_pass(), as it's what's used if we're only doing
one-pass analysis.
Clean up comments and whitespace.
Change-Id: I3769af952c66f5ca4b68002ad6213858ab9cab9b
Reviewed-on: https://code.wireshark.org/review/21063
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Currently, this is only used to determine whether a protocol tree needs
to be built on the first pass or not - if there are postdissectors that
need fields, it does - but eventually we should be able to use it to
prime the dissection to deliver those fields in cases where we don't
need the *entire* protocol tree (rather than using a hack such as
cooking up a fake tap with a fake filter to do that).
Update MATE and TRANSUM to use it.
Clean up code to check whether we need a protocol tree, and add comments
before that code indicating, in each case, what the criteria are.
The array of postdissectors includes a length, so we don't need to
separately keep track of the number of postdissectors.
Clean up indentation while we're at it.
Change-Id: I71d4025848206d144bc54cc82941089a50e80ab7
Reviewed-on: https://code.wireshark.org/review/21029
Reviewed-by: Guy Harris <guy@alum.mit.edu>
BASE_VALS_NO_UNKNOWN is a special value_string value for only a single
(maybe 2) numerical value(s). If a field has the numerical value
that doesn't match anything in the value_string, just the number
is supplied for the field (no "Unknown")
Dissectors that had this use case have been converted in the patch.
Change-Id: Ie63a36cceec2fe4436938ec7e3d7f9e690d2b8d9
Reviewed-on: https://code.wireshark.org/review/20736
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add a "report a warning message" routine to the "report_err" code in
libwsutil, and rename files and routines appropriately, as they don't
only handle errors any more.
Have a routine read_enabled_and_disabled_protos() that reads all the
files that enable or disable protocols or heuristic dissectors, enables
and disables them based on the contents of those files, and reports
errors itself (as warnings) using the new "report a warning message"
routine. Fix that error reporting to report separately on the disabled
protocols, enabled protocols, and heuristic dissectors files.
Have a routine to set up the enabled and disabled protocols and
heuristic dissectors from the command-line arguments, so it's done the
same way in all programs.
If we try to enable or disable an unknown heuristic dissector via a
command-line argument, report an error.
Update a bunch of comments.
Update the name of disabled_protos_cleanup(), as it cleans up
information for disabled *and* enabled protocols and for heuristic
dissectors.
Support the command-line flags to enable and disable protocols and
heuristic dissectors in tfshark.
Change-Id: I9b8bd29947cccdf6dc34a0540b5509ef941391df
Reviewed-on: https://code.wireshark.org/review/20966
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We don't allow that. Use proto_tree_add_boolean() instead.
Change-Id: I59ed0f0dc731b1ce4b5d921cd4e85b1c101cb2a8
Reviewed-on: https://code.wireshark.org/review/20821
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I5c74a34619ea66c3ac2a77d10b31a3f1256c6595
Reviewed-on: https://code.wireshark.org/review/20707
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
PDPortStatistic with BlockVersionLow = 1 has 2 bytes CounterStatus while
PDPortStatistic with BlockVersionLow = 0 has 2 bytes Padding.
Change-Id: I39783ad29993501249bfa7875760b505ded6a8e9
Reviewed-on: https://code.wireshark.org/review/20563
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Since AMFilterData block is removed from PROFINET specification,
related parts are removed from dissector.
Change-Id: I0f9f346fd409fc0cb78f4d7a8ca5869229d68bed
Reviewed-on: https://code.wireshark.org/review/20546
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dissecting AMR doesn't work properly when AM_Location.Structure don't equal to 2.
Bug: 13480
Change-Id: Ie116e10f6e88e240b2f1ae4e1eab27b24350e55a
Reviewed-on: https://code.wireshark.org/review/20529
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Birol Capa <birol.capa@siemens.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A special ARType for System redundancy IOCARSR (0x0020) used to indicate
SR during the IODConnectReq for Advanced Startup ARs (StartupMode:=1).
With this change, the ARUUID is subdivided into several parts.
APDUStatus dissection is affected by Primary/Backup switchover.
Bug: 13456
Change-Id: I0504ad2f4d15c491b0142c6d24bb8b849a929ba2
Reviewed-on: https://code.wireshark.org/review/20422
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Allow the enable/disable of an element
Change-Id: I9652e8d74b261ba259cebfba53e7bc7ef560d347
Reviewed-on: https://code.wireshark.org/review/20370
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Allow to add and remove single items from a selector list and also
fixing the selection of items in a selector list
Change-Id: I0c69ea97db6ca1a6932939f0df9049c6fb720f77
Reviewed-on: https://code.wireshark.org/review/20363
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Small improvement in the title texts.
Change-Id: Ia413577386dab11f78fd141d6333944beefb5b33
Reviewed-on: https://code.wireshark.org/review/20295
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Creates an interface for plugins and other parts of the code, to
add a new toolbar to the system and have various widget types interact
with this toolbar.
All toolbars added via this interface, will be added to an additional
submenu called "Additional Toolbars" within Wireshark.
Also a demo plugin is being provided, demonstrating various features
of the toolbar, including updating the gui elements. It also demonstrates
how to update toolbar items.
Change-Id: I8d0351224b3d7f4b90220d58970b51695551d7e3
Reviewed-on: https://code.wireshark.org/review/19803
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
proto_find_finfo doesn't have NULL tree protection, so protect it from
transum dissector.
Bug: 13395
Change-Id: I1037c675cf10b959f116b20b12cc7b388c175cd3
Reviewed-on: https://code.wireshark.org/review/20077
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I795fc3a3cf4ca93483f870d229668d7f747bb799
Reviewed-on: https://code.wireshark.org/review/20147
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.
Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This function will free the resources allocated by the caller.
Change-Id: Ib486c14e4fd3c321662fb71f7fd06733ce9a64a4
Reviewed-on: https://code.wireshark.org/review/19375
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This emphasizes that there is no such thing as *the* routine to
construct a subset tvbuff; you need to choose one of
tvb_new_subset_remaining() (if you want a new tvbuff that contains
everything past a certain point in an existing tvbuff),
tvb_new_subset_length() (if you want a subset that contains everything
past a certain point, for some number of bytes, in an existing tvbuff),
and tvb_new_subset_length_caplen() (for all other cases).
Many of the calls to tvb_new_subset_length_caplen() should really be
calling one of the other routines; that's the next step. (This also
makes it easier to find the calls that need fixing.)
Change-Id: Ieb3d676d8cda535451c119487d7cd3b559221f2b
Reviewed-on: https://code.wireshark.org/review/19597
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is mostly to address memory leaks in range preferences (the biggest
user of range functionality) on shutdown.
Now range preferences must use epan scoped memory when referencing
internal preference structures to keep consistency.
Change-Id: Idc644f59b5b42fa1d46891542b53ff13ea754157
Reviewed-on: https://code.wireshark.org/review/19387
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
grepping for "Decode As" comments reveals exactly was pinos were
created for - distinguishing multiple dissection functions in a
single dissection table.
Change-Id: Iaa9294045e9d0633563e7d763cb585c0e6dc598f
Reviewed-on: https://code.wireshark.org/review/19490
Reviewed-by: Michael Mann <mmann78@netscape.net>
They already know who they are when they register themselves. Saving the
handle then to avoid finding it later.
Not sure if this will increase unnecessary register_dissector functions
(instead of using create_dissector_handle in proto_reg_handoff function)
when other dissectors copy/paste, but it should make startup time
a few microseconds better.
Change-Id: I3839be791b32b84887ac51a6a65fb5733e9f1f43
Reviewed-on: https://code.wireshark.org/review/19481
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This prevents MATE from (falsely) being included in the list of
protocols for any given frame.
Change-Id: I9ffdfb52cf31dfda89b674a41bcc0992e17de5e8
Reviewed-on: https://code.wireshark.org/review/19432
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Enable/disable preference not needed - just use Enabled Protocol
dialog interface. Added support for backwards compatibility of preference.
2. Add value_string for calculation values
3. Create an structured array of "hfs of interest" so they can more easily
be extended.
4. Convert a bunch of arrays into hash tables and lists. For the amount
of wasted space they were taking up, we can live with the very slight
performance degrade. Also puts less limits on number of things to process.
Change-Id: I7399789d62432b507062ed9cdc20ad974b9dde1b
Reviewed-on: https://code.wireshark.org/review/19406
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Per bug 12915, SMB2 message ID should be treated as a unsigned 64bit value.
Have transum logic match that as it was assuming SMB2 message ID was a
signed 64bit value
Change-Id: Ide0c12b505d1eef2aeb89d165a3ea59058e6be34
Reviewed-on: https://code.wireshark.org/review/19407
Reviewed-by: Michael Mann <mmann78@netscape.net>
Set a variable that we were supposed to be setting.
Also, note some items that should probably be expert info items instead
of, or in addition to, additional text at the end of protocol tree items.
Addresses CID 1397702.
Change-Id: I2ff0c2549f229546035964efa6af19b77646f7d2
Reviewed-on: https://code.wireshark.org/review/19397
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I70ccf182160086a4c04467eec214857a461a2869
Reviewed-on: https://code.wireshark.org/review/19373
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
the last one
Change-Id: I8b279d11b61645a19b0b356d52cf66eed0180700
Reviewed-on: https://code.wireshark.org/review/19372
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Part 2...
Change-Id: Id219bd2b04de2003b5bfa4a33893d0310856275d
Reviewed-on: https://code.wireshark.org/review/19368
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I9d9ffdb7d32a940dbe155e82946d59f649cafe09
Reviewed-on: https://code.wireshark.org/review/19345
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I93b24285443d99799f83c40f61f413c2d106c85f
Reviewed-on: https://code.wireshark.org/review/19338
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Burst 4 and Burst 5 values are now properly decoded.
Change-Id: I6232a19eb849a419825be69435069e4be721cbc1
Reviewed-on: https://code.wireshark.org/review/19327
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 13251
Change-Id: I56a01e779f7f0eadc8a078f88543269a91148f00
Reviewed-on: https://code.wireshark.org/review/19293
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Many proto_item_append_text calls were just adding a unit string to a field.
There's a better way to do that now.
Change-Id: Id18d5ac1ea4d8ecdc4cbe7ebaec07fbd2eab6e78
Reviewed-on: https://code.wireshark.org/review/19289
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Several calls to proto_tree_add_uint_format_value could be better served
using BASE_UNIT_STRING with a "unit string" in hf_ field. There also
a few cases where proto_tree_add_uint_format_value could just be
proto_tree_add_uint.
Added a few more "common" unit string values to unit_strings.[ch]
Change-Id: Iaedff82c515269c9c31ab9100dff19f5563c932d
Reviewed-on: https://code.wireshark.org/review/19242
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add plugin to autofoo and CMake build systems and fix errors found
Add plugin to Windows installer (optional component activated by default)
Change-Id: Id1b777bdee04e53076b3291f6fb68d5abad6985d
Reviewed-on: https://code.wireshark.org/review/19228
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
A plugin to calculate response, service and spread time values based on
the RTE model.
Bug: 12892
Change-Id: I47d7e5354fc269916851a318fef10b826897eaf8
Reviewed-on: https://code.wireshark.org/review/17750
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That way, if we #define anything for large file support, that's done
before we include any system header files that either depend on that
definition or that define it themselves if it's not already defined.
Change-Id: I9b07344151103be337899dead44d6960715d6813
Reviewed-on: https://code.wireshark.org/review/19035
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When LineDelay is decoded, the FormatIndicator is not evaluted.
Sample LineDelay: 2147483658 (0x80 00 00 0a)
This value should be 10,
since FormatIndicator (Bit 31) = 0x01 states that this is a CableDelay.
Change-Id: I08ae8e6de8b6f8c493122109e29e91dc47096734
Reviewed-on: https://code.wireshark.org/review/18950
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
DOCSIS update with basic defragmentation
Bug: 13106
Change-Id: Idbb42c80b87c0c3189da087b523733cf0b19967c
Reviewed-on: https://code.wireshark.org/review/18676
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I5b7d97b6238c26dd8fa748aaa59a84eb4a03274c
Reviewed-on: https://code.wireshark.org/review/18814
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Identification and Maintenance (I&M) and AssetManagement (AM) functions
are to collect information about the assets of an automation plant
to cover the use cases such as
identification, configuration, commissioning, diagnosis etc..
PROFINET plugin should support the Asset Management Record (AMR).
Bug: 13112
Change-Id: I9c557b5f7f4f633fdd475c2c9e8900a8e6c2ba47
Reviewed-on: https://code.wireshark.org/review/18719
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The MRP PDU dissection is updated with respect to MRP standard IEC62439-2 Ed.2.
0x88e3 is added for MRP Ether Type
String definions of MRP block and sub block types are updated.
dissect_pn_ManuData function is removed since it is not used anymore.
Change-Id: Iec6666abc75bcba4189f2c38851407abc23267f9
Reviewed-on: https://code.wireshark.org/review/18730
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Timestamp decoding is added.
Name of "Stop Observer" is changed as "Observer Status Observer".
TimeStatusObserver padding bytes location is changed.
Text of RS_ReasonCode for value "0" is changed from "Reserved" to "No Detail".
Change-Id: I2c231d75001a89a1e41f2518f5c6ca1fdf49a2f0
Reviewed-on: https://code.wireshark.org/review/18662
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The main reason fclose() could fail is if the file is open for writing,
not all the buffered data has been written out at the time fclose() was
called, and the attempt to write it out fails. In any case, the file
handle is no longer valid after fclose() completes, whether the close
succeeds or not, so there's no reason to keep it around.
There's no reason to check whether it's null in a loop called in code
where it's not null to start with and where it's not set to null in the
loop.
This should fix CID 1374111.
Change-Id: Ib8067a17731b41d6b184a5a415addc2ecaa7c00c
Reviewed-on: https://code.wireshark.org/review/18359
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Similar to the "tcp.port" changes in I99604f95d426ad345f4b494598d94178b886eb67,
convert dissectors that use "udp.port".
More cleanup done on dissectors that use both TCP and UDP dissector
tables, so that less preference callbacks exist.
Change-Id: If07be9b9e850c244336a7069599cd554ce312dd3
Reviewed-on: https://code.wireshark.org/review/18120
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
According to specification:
Value(UUID): 00000000-0000-0000-0000-000000000000
Meaning: Reserved
Use: The value NIL indicates the usage of the implicit AR.
Change-Id: Iea807f14bf6da36700b778a1383ebd970aa105a5
Reviewed-on: https://code.wireshark.org/review/17951
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Can prevent really long loops from fuzz testing.
Bug: 12851
Change-Id: I85e00af2c4753ce4c5bcb650a7df188d7f679c9a
Reviewed-on: https://code.wireshark.org/review/18136
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This patch introduces new APIs to allow dissectors to have a preference for
a (TCP) port, but the underlying data is actually part of Decode As functionality.
For now the APIs are intentionally separate from the regular APIs that register a
dissector within a dissector table. It may be possible to eventually combine the
two so that all dissectors that register with a dissector table have an opportunity
to "automatically" have a preference to adjust the "table value" through the
preferences dialog.
The tcp.port dissector table was used as the guinea pig. This will eventually be
expanded to other dissector tables as well (most notably UDP ports). Some
dissectors that "shared" a TCP/UDP port preference were also converted. It also
removed the need for some preference callback functions (mostly when the callback
function was the proto_reg_handoff function) so there is cleanup around that.
Dissectors that has a port preference whose default was 0 were switched to using
the dissector_add_for_decode_as_with_preference API rather than dissector_add_uint_with_preference
Also added comments for TCP ports used that aren't IANA registered.
Change-Id: I99604f95d426ad345f4b494598d94178b886eb67
Reviewed-on: https://code.wireshark.org/review/17724
Reviewed-by: Michael Mann <mmann78@netscape.net>
The Reporting System (RS) ASE is composed of Observers and Event buffer queues.
Bug: 12959
Change-Id: Ibce2d607bffe9c04b24e8ccd5ef502307fbba7c6
Reviewed-on: https://code.wireshark.org/review/17965
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Instead of checking for the boolean "FALSE", just set an empty string.
This avoids the need to check for WERROR_COMMON_FLAGS before using it.
The transformation is the same for all files, remove
"if (WERROR_COMMON_FLAGS)" and "endif()", reindent and add quotes (since
we have a string here and not a list).
Modelines have been added where missing.
Change-Id: I0ab05ae507c51fa77336d49a99a226399cc81b92
Reviewed-on: https://code.wireshark.org/review/17997
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
The variable may not have been initialized.
To make code more readable and to avoid possible future mistakes
initialize the variables.
Change-Id: I0c5e78b6d625c87252a4c47e263a3d5c701f2674
Reviewed-on: https://code.wireshark.org/review/17962
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A switch statement has no section labeled default.
To make the code more readable add the default statement with a good comment.
Change-Id: Iacd9b1520628e229baedc89277d07ffac2caf1b6
Reviewed-on: https://code.wireshark.org/review/17960
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
'fp' pointer variable was freed or deleted in an earlier statement.
To make code more readable and to avoid possible future mistakes
make sure that developer sees this situation.
Change-Id: Ib5b9c4c32000adf05a30e094ebc98fe4bc4cfa52
Reviewed-on: https://code.wireshark.org/review/17961
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A NULL pointer is possibly being passed to a function identified.
Change-Id: I87afb4fcd669451d94fecbcb827e7ff82d3e6740
Reviewed-on: https://code.wireshark.org/review/17950
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Use strcmp to sort AVPs in an AVPL and for matching instead of comparing
pointer addresses. Pointers can only be used for (in)equality, there is
no ordering in them. Matching of attributes however requires a better
ordering to know whether the operator (condition) or whether the operand
(data) can be skipped. Otherwise it is possible that condition (b)
randomly fails to match data (a,b).
User-visible changes (mainly edge cases):
- Loose (a=1, a?) on data (a=0, a=1) would previously fail to return
(a=0,a=1) because the a? condition is not tried for data a=0. Now it
tries all compatible conditions for a data AVP.
- Any Match condition like (a=1, a^1) would previously be treated the
same as (a=1) while (a^1, a=1) would still be seen as (a^1, a=1). The
first case is now fixed to match (a=1, a^1). (Via a fix in insert_avp
to ensure that (a=1) is not considered the same as (a^1).)
- Every (a=1, a=2) on data (a=1, b=1) previously failed, but the
comment "it will not create a list if there is not a match for every
attribute in op" suggests that it should return (a=1).
- Every (a=1) on data (a=2) previously succeeded (bug) while it would
fail on (a=2, b=1). This is fixed now by checking whether any of the
conditions really have matching data for the attribute.
Other changes: optimize merge_avpl and new_avpl_*_match to insert in
linear time instead of quadratic, rewrite and add comments in an attempt
to make it easier to understand. Merge the new_avpl_every_match and
new_avpl_exact_match functions and rename it to new_avpl_pairs_match to
reflects its actual implemented functionality.
Not addressed in this patch is the quasi-randomness of the returned
data AVPL. AVPLs are unordered, so the condition Strict (a?) on data
(a=1, a=2) could in theory return either (a=1) or (a=2). In practice
this returns (a=1) because of alphabetical ordering, but this cannot
really be relied on. It gets worse for conditions like Strict (a?, a>1),
these are considered undefined behavior (without warnings for now).
Ping-Bug: 12184
Change-Id: I0008448ffcb96183f106cb937c4f488e26a82f92
Reviewed-on: https://code.wireshark.org/review/17777
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The translation of all RPCInterfaceUUID for PNIO evaluates to "PNIO".
However, UUID allows distinction of
- UUID_IO_DeviceInterface (IOD-IF)
- UUID_IO_ControllerInterface (IOC-IF)
- UUID_IO_SupervisorInterface (IOS-IF)
- UUID_IO_ParameterServerInterface (PServ-IF)
Bug: 12938
Change-Id: I97c27808f61abd96728421488bb0ee5fdbace566
Reviewed-on: https://code.wireshark.org/review/17865
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add an FT_CHAR type, which is like FT_UINT8 except that the value is
displayed as a C-style character constant.
Allow use of C-style character constants in filter expressions; they can
be used in comparisons with all integral types, and in "contains"
operators.
Use that type for some fields that appear (based on the way they're
displayed, or on the use of C-style character constants in their
value_string tables) to be 1-byte characters rather than 8-bit numbers.
Change-Id: I39a9f0dda0bd7f4fa02a9ca8373216206f4d7135
Reviewed-on: https://code.wireshark.org/review/17787
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The fields have names beginning with "ecatf.", the dissector is called
"ecatf", and it's only the frame layer of EtherCAT anyway, so just call
it "ecatf".
Change-Id: I2f127363fd115c307f0525f612fe184a30d46c55
Reviewed-on: https://code.wireshark.org/review/17406
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have all dissector tables have a "supports Decode As" flag, which
defaults to FALSE, and which is set to TRUE if a register_decode_as()
refers to it.
When adding a dissector to a dissector table with a given key, only add
it for Decode As if the dissector table supports it.
For non-FT_STRING dissector tables, always check for multiple entries
for the same protocol with different dissectors, and report an error if
we found them.
This means there's no need for the creator of a dissector table to
specify whether duplicates of that sort should be allowed - we always do
the check when registering something for "Decode As" (in a non-FT_STRING
dissector table), and just don't bother registering anything for "Decode
As" if the dissector table doesn't support "Decode As", so there's no
check done for those dissector tables.
Change-Id: I4a1fdea3bddc2af27a65cfbca23edc99b26c0eed
Reviewed-on: https://code.wireshark.org/review/17402
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I7606ee55be4428909e255496c0344fffe5847f02
Reviewed-on: https://code.wireshark.org/review/16804
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fill in the "gaps" so that all dissectors that verify checksums have both a
status and expert info field.
Also address comments from original proto_tree_add_checksum patch that didn't make it.
Ping-Bug: 8859
Change-Id: I2e6640108fd6bb218cb959fe9e4ba98a13e43a2f
Reviewed-on: https://code.wireshark.org/review/16590
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Create ws_g_warning for legitimate uses of g_warning
2. Use proto_tree_add_debug_text
3. Comment some out
Change-Id: Ida044bf40286b955fdd529c4f9907c8e09b3d7c5
Reviewed-on: https://code.wireshark.org/review/16678
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Many of the complaints from checkAPI.pl for use of printf are when its embedded
in an #ifdef and checkAPI isn't smart enough to figure that out.
The other (non-ifdef) use is dumping internal structures (which is a type of
debug functionality)
Add a "ws_debug_printf" macro for printf to pacify the warnings.
Change-Id: I63610e1adbbaf2feffb4ec9d4f817247d833f7fd
Reviewed-on: https://code.wireshark.org/review/16623
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I1e6bd722b3f04f171b462fc680ca080bb7ec03c7
Reviewed-on: https://code.wireshark.org/review/16625
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This is an attempt to standardize display/handling of checksum fields for all dissectors.
The main target is for dissectors that do validation, but dissectors that just report the
checksum were also included just to make them easier to find in the future.
Bug: 10620
Bug: 12058
Ping-Bug: 8859
Change-Id: Ia8abd86e42eaf8ed50de6b173409e914b17993bf
Reviewed-on: https://code.wireshark.org/review/16380
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Some needed to check return value, others were converted to use strtoul.
Change-Id: I55aae216f95362b67e006f6e682abbd5ae2c8dcc
Reviewed-on: https://code.wireshark.org/review/16502
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Perhaps they cannot ever have values > 65535, but there's really no
benefit to restricting them to 16 bits on the 32-bit and 64-bit
platforms on which we run, and this might address what CID 1364088 is
*really* complaining about.
Change-Id: I5238261d04783401873de89469f8e2906554add4
Reviewed-on: https://code.wireshark.org/review/16454
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Some UN*Xes declare an index() function, that being the name strchr()
originally had in V7 UNIX. This causes warnings from compilers if you
have a variable named "index", so rename the variable.
Change-Id: Ibb046005d1ef911ce0739ce70a0a55c13310cdf0
Reviewed-on: https://code.wireshark.org/review/16372
Reviewed-by: Guy Harris <guy@alum.mit.edu>
change filePosRecord's data type to long, this is what ftell() and
fseek() expect
limit filePosRecord's scope to the block where it's actually used
if ftell() returns < 0, don't move the file pointer and don't call
fseek() with the negative offset
Change-Id: If5a43099c32e476a691f4d6cd26ed7fb73490fcf
Reviewed-on: https://code.wireshark.org/review/16258
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
without the space, checkhf complains about an ei entry
martin@reykholt:~/src/wireshark.git$ ./tools/checkhf.pl plugins/profinet/packet-dcerpc-pn-io.c
ERROR: NO ARRAY: plugins/profinet/packet-dcerpc-pn-io.c, ei_pn_io_unsupported
Change-Id: Ie72efcec644225bc4f554117ae10672694823cad
Reviewed-on: https://code.wireshark.org/review/16257
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Now that nmake build system has been removed they are not needed anymore.
Change-Id: I88075f955bb4349185859c1af4be22e53de5850f
Reviewed-on: https://code.wireshark.org/review/16050
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Also some other tricks to remove unnecessary tvb_get_string_enc calls.
Change-Id: I2f40d9175b6c0bb0b1364b4089bfaa287edf0914
Reviewed-on: https://code.wireshark.org/review/16158
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
This will copy an address's "byte format" into a buffer. The original
intended design is for export_pdu functionality, which tries to do
this "manually" for many address types (and creates undesired dependencies)
The default functionality if a "byte format function" isn't provided
(currently the case for all address types) is a memcpy of the address
data. Providing "address to byte" functions to aid export PDU
functionality will be provided later.
Change-Id: I3703f9e617a8cef09165ad53a0f98c6372676b9b
Reviewed-on: https://code.wireshark.org/review/16070
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Most protocols just want to limit COL_INFO or COL_PROTOCOL
so give that level of granularity.
Bug: 12144
Bug: 5117
Bug: 11144
Change-Id: I8de9b7d2c69e90d3fbfc0a52c2bd78c3de58e2f8
Reviewed-on: https://code.wireshark.org/review/15894
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
assertion.
If a dissector forces registration of fields during dissection it needs to do
so in a way that clears the prefix registration. Otherwise epan will call the
registration routine a 2nd time (which will cause us to assert out) if a user
types a display filter (with the dissector's prefix) that doesn't exist.
Update the proto_register_prefix() comments to reflect this.
Change-Id: I3ce29243395fb55192bb5dfd950baa88410ac136
Reviewed-on: https://code.wireshark.org/review/15881
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
The tree item needed to test and append to isn't being stored,
so the items are never amended with notes, resulting in dead code.
Change-Id: Ib1a9b7994ad12a9a9013d1bc1e1e4c165f34f20f
Reviewed-on: https://code.wireshark.org/review/15826
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
+ TLV 15 has value decoded as on off
+ TLV 16 shows text parameters instead of decimal value
Change-Id: I6f0baa410f12e20825379a3ff0cd6174aa2bc576
Reviewed-on: https://code.wireshark.org/review/15678
Reviewed-by: Michael Mann <mmann78@netscape.net>
Next steps would be to add expert and add missing TLVs.
Change-Id: Ia05d81c380d412ab02e55bbfc08363d9153ff1c3
Reviewed-on: https://code.wireshark.org/review/15617
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I5083346cb03de522d76632eba5ec9cbbf17666ea
Reviewed-on: https://code.wireshark.org/review/15603
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"if (boolean)" suffices to test for true, and "if (!boolean)" suffices
to test for false.
Most of the time, explicitly comparing against TRUE or FALSE is
harmless, although possibly slightly less efficient, as you're
explicitly testing against 1 rather than testing for "not zero".
*However*, if you want to test whether a given bit is set in a flags
field, "if ((flags & flagbit) == TRUE)" *DOES NOT WORK* unless "flagbit"
is equal to 1, because TRUE is equal to 1, and if "flagbit" is not equal
to 1, "flags & flagbit" will *NEVER* be equal to 1.
So comparing "== TRUE" is a bad habit to get into, as it might lead to
its use when doing bit testing.
While we're at it, clean up some other tests:
"if (!(x == FALSE))" really means "x is true", so write it as
such, i.e. "if (x)";
if (a && b)
do this;
if (a && !b)
do that;
reads better as
if (a) {
if (b)
do this
else
do that
}
when doing bit testing, there's no need to shift the bit, just
test it (and, no, that doesn't conflict with the bit about TRUE
being 1 - *just test the bit*, it's the standard C idiom).
Fixes CID 1362119.
Change-Id: I011154caae45307796ffd270d265c05a2533b1db
Reviewed-on: https://code.wireshark.org/review/15585
Reviewed-by: Guy Harris <guy@alum.mit.edu>
New implemented functions for profinet plug-in to read cyclic RTC1 data
frames more detailed and further to dissect PROFIsafe on PROFINET frames.
New functions include:
- Reading the PROFINET "Ident OK" Frame for detailed module information,
as ModuleIdentNr., SubModuleIdentNr., etc. total dynamically
- Improved the existing dissection of fParameter with usage of GSDML-files,
as the indexnumber for those parameters can change
- Reading a GSDML-file for further module-information, such as PROFIsafe
Module, etc.
- Aded new pnio protocol preferences, in which the user can define its own
network path to his GSDML-files, so that Wireshark is able to read those
files for detailed information output.
- Added new filter functions for PROFINET and PROFIsafe
- All gained and saved information will be used to dissect the cyclic
PROFINET frames
Bug: 12216
Change-Id: I379da1d349fa099047953042f1aa30450bee5b30
Reviewed-on: https://code.wireshark.org/review/14119
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Birol Capa <birol.capa@siemens.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Previous patches converted all fvalue_to_string_repr calls to expect
an allocated buffer (and not a passed in one). Now changing signature
to force an allocated buffer. Added wmem in case that can be taken
advantage of within epan (and since the function signature was changing
anyway).
Change-Id: Ica1ac4a9a182ce0e73303856329e198d9d525b7b
Reviewed-on: https://code.wireshark.org/review/15343
Reviewed-by: Michael Mann <mmann78@netscape.net>
This generates a top level target, checkAPI, that is
excluded from the ALL build target, so must be run separately.
On Windows using a Visual Studio generator, call
msbuild /p:Configuration=RelWithDebInfo checkAPI.vcxproj
Change-Id: I44a57c564dcfc75499463b942436f4b920a82478
Reviewed-on: https://code.wireshark.org/review/14873
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Wireshark was failing to parse DOCSIS 3.1 BPKM Response (Auth Reply)
messages with a key length of 256 bytes, which is in the DOCSIS 3.1
specification located here:
http://www.cablelabs.com/specification/docsis-3-1-security-specification/
See Appendix I.4 "Authorization Reply"
Change-Id: Ic50eb4a2d637a7bc47385b7c0a96c830f7a920be
Reviewed-on: https://code.wireshark.org/review/15149
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
master-branch libpcap now generates a reentrant Flex scanner and
Bison/Berkeley YACC parser for capture filter expressions, so it
requires versions of Flex and Bison/Berkeley YACC that support that.
We might as well do the same. For libwiretap, it means we could
actually have multiple K12 text or Ascend/Lucent text files open at the
same time. For libwireshark, it might not be as useful, as we only read
configuration files at startup (which should only happen once, in one
thread) or on demand (in which case, if we ever support multiple threads
running libwireshark, we'd need a mutex to ensure that only one file
reads it), but it's still the right thing to do.
We also require a version of Flex that can write out a header file, so
we change the runlex script to generate the header file ourselves. This
means we require a version of Flex new enough to support --header-file.
Clean up some other stuff encountered in the process.
Change-Id: Id23078c6acea549a52fc687779bb55d715b55c16
Reviewed-on: https://code.wireshark.org/review/14719
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I9e67ccee06c93c25c766fae8bdd8a9890416655f
Reviewed-on: https://code.wireshark.org/review/14648
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: Idee70e6eaa926efb74cd4ff0bb529a601edbb67e
Reviewed-on: https://code.wireshark.org/review/13729
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This saves many dissectors the need to find the data dissector and store a handle to it.
There were also some that were finding it, but not using it.
For others this was the only reason for their handoff function, so it could be eliminated.
Change-Id: I5d3f951ee1daa3d30c060d21bd12bbc881a8027b
Reviewed-on: https://code.wireshark.org/review/14530
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Started by grepping call_dissector_with_data, call_dissector_only and call_dissector and traced the handles passed into them to a find_dissector within the dissector. Then replaced find_dissector with find_dissector_add_dependency and added the protocol id from the dissector.
"data" dissector was not considered to be a dependency.
Change-Id: I15d0d77301306587ef8e7af5876e74231816890d
Reviewed-on: https://code.wireshark.org/review/14509
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I5c7529bc630ad7312011b04ce101ba3608041d35
Reviewed-on: https://code.wireshark.org/review/14435
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Was using AT_NONE as "unknown address type" instead of "no address".
Ping-Bug: 12205
Change-Id: Ic1d7022f8eaa3dfab9bb7b607eed264cc527c87c
Reviewed-on: https://code.wireshark.org/review/14242
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ia2ef8c4211ca717d6e99f596cd7f2de92d5aa7ca
Reviewed-on: https://code.wireshark.org/review/14202
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>