Split ws_regex_matches() into two functions with better semantics
and remove the WS_REGEX_ZERO_TERMINATED symbol.
ws_regex_matches() matches zero terminated strings.
ws_regex_matches_length() matches a string length in code units.
Replace:
g_snprintf() -> snprintf()
g_vsnprintf() -> vsnprintf()
g_strdup_printf() -> ws_strdup_printf()
g_strdup_vprintf() -> ws_strdup_vprintf()
This is more portable, user-friendly and faster on platforms
where GLib does not like the native I/O.
Adjust the format string to use macros from intypes.h.
The type ssize_t is not available on Windows. Because this is
used in the public API we must provide a definition for it.
To avoid having to add a header to fix this use a size_t in
the API instead, and assign SIZE_MAX to represent a null
terminated string.
Move epan_memmem() and epan_strcasestr() to wsutil/str_util.
Rename to ws_memmem() and ws_strcasestr(). Add compile time
check for a system implementation and use that if available.
We invoke those functions using a wrapper to avoid exposing
_GNU_SOURCE outside of the implementation.
Invalid character constants should be handled in the lexical scanner.
Todo: See if some code could be shared to parse double quoted strings.
It also fixes some unintuitive type coercions to string. Character
constants should be treated as characters, or maybe integers, or
maybe even throw an invalid comparison error, but coverting to a
literal string or byte array is surprising and not particularly
useful:
'\xFF' -> "'\xFF'" (equals)
'\xFF' -> "FF" (contains)
Before:
Filter: http.request.method contains "\x63"
Constants:
00000 PUT_FVALUE "c" <FT_STRING> -> reg#1
(...)
Filter: http.request.method contains '\x63'
Constants:
00000 PUT_FVALUE "63" <FT_STRING> -> reg#1
(...)
Filter: http.request.method == "\x63"
Constants:
00000 PUT_FVALUE "c" <FT_STRING> -> reg#1
(...)
Filter: http.request.method == '\x63'
Constants:
00000 PUT_FVALUE "'\\x63'" <FT_STRING> -> reg#1
(...)
After:
Filter: http.request.method contains '\x63'
Constants:
00000 PUT_FVALUE "c" <FT_STRING> -> reg#1
(...)
Filter: http.request.method == '\x63'
Constants:
00000 PUT_FVALUE "c" <FT_STRING> -> reg#1
(...)
This reverts commit d635ff4933.
A charconst cannot be a value string, for that reason it is not
redundant with unparsed.
Maybe character constants should be parsed in the lexical scanner
instead.
Before:
Filter: ip.proto == '\g'
dftest: "'\g'" cannot be found among the possible values for ip.proto.
After:
Filter: ip.proto == '\g'
dftest: "'\g'" isn't a valid character constant.
For double quoted strings. This is consistent with single quote
character constants and the C standard. It also avoids common
mistakes where the superfluous backslash is silently suppressed.
PCRE2 is mature, widely used and widely available. Supporting two
different RE implementations, one of which is unmaintained, is
unnecessary and counter-productive.
PCRE2 is the future of PCRE. The only advantage of GRegex is that
it comes bundled with GLib, which is not an advantage at all.
PCRE2 is widely available, the GRegex abstractions layer are not a
good fit and abstract things that don't need abstracting or that we
could handle better ourselves, there are open bugs (#12997) and
maintenance is spotty at best.
GRegex comes with many of the problems of bundled code, aggravated by
the fact that it completely falls outside of our control.
The header ftypes-int.h should not be used outside of epan/ftypes
because it is a private header.
The functions fvalue_free() and fvalue_cleanup() need not and should
not be macros either.
The implementation is pre-computing the length and using that
to allocate a buffer. This doesn't have any practical advantage
and is inefficient because the code is mostly doing the same work
twice. Remove the unnecessary length pre-computation step.
If an ftype can participate in equala assume it can also participate in
not equals. Use fvalue_can_eq() instead of fvalue_can_ne().
If it can participate in one order comparison it can participate in all.
Replace any comparison with fvalue_can_cmp().
A charconst uses the same semantic rules as unparsed so just
use the latter to avoid redundancies.
We keep the use of TOKEN_CHARCONST as an optimization to avoid
an unnecessary name resolution (lookup for a registered field with
the same name as the charconst).
It won't work with embedded null bytes so don't try. This is
not an additional restriction, it just removes a hidden failure
mode. To support matching embedded NUL bytes we would have
to use an internal string representation other than
null-terminated C strings (which doesn't seem very onerous with
GString).
Before:
Filter: http.user_agent == 41:42:00:43
Constants:
00000 PUT_FVALUE "AB" <FT_STRING> -> reg#1
Instructions:
00000 READ_TREE http.user_agent -> reg#0
00001 IF-FALSE-GOTO 3
00002 ANY_EQ reg#0 == reg#1
00003 RETURN
After:
Filter: http.user_agent == 41:42:00:43
Constants:
00000 PUT_FVALUE "41:42:00:43" <FT_STRING> -> reg#1
Instructions:
00000 READ_TREE http.user_agent -> reg#0
00001 IF-FALSE-GOTO 3
00002 ANY_EQ reg#0 == reg#1
00003 RETURN
FT_PROTOCOL and FT_BYTES are the same semantic type, but one is
backed by a GByteArray and the other by a TVBuff. Use the same
semantic rules to parse both. In particular unparsed strings
are not converted to literal strings for protocols.
Before:
Filter: frame contains 0x0000
Constants:
00000 PUT_FVALUE 30:78:30:30:30:30 <FT_PROTOCOL> -> reg#1
Instructions:
00000 READ_TREE frame -> reg#0
00001 IF-FALSE-GOTO 3
00002 ANY_CONTAINS reg#0 contains reg#1
00003 RETURN
Filter: frame[5:] contains 0x0000
dftest: "0x0000" is not a valid byte string.
After:
Filter: frame contains 0x0000
dftest: "0x0000" is not a valid byte string.
Filter: frame[5:] contains 0x0000
dftest: "0x0000" is not a valid byte string.
Related to #17634.
For efficiency do the comparison in a single function call
instead of trying to preserving exactly the previous semantics.
Still I tried not to deviate much.
All the order operators can be defined in terms of 'lt'
and 'eq' so use that to reduce the number of required
methods from 6 to 2.
Further reduce to one by combining those two into a single
function that has memcmp semantics: negative return is
"less than", positive is "greater than" and zero is equal.
Octal escape sequences \NNN can have between 1 and 3 digits. If
the sequence had less than 3 digits the parser got out of sync
with an incorrect double increment of the pointer and errors out
parsing sequences like \0, \2 or \33.
Before:
Filter: ip.proto == '\33'
dftest: "'\33'" is too long to be a valid character constant.
After:
Filter: ip.proto == '\33'
Constants:
00000 PUT_FVALUE 27 <FT_UINT8> -> reg#1
Instructions:
00000 READ_TREE ip.proto -> reg#0
00001 IF-FALSE-GOTO 3
00002 ANY_EQ reg#0 == reg#1
00003 RETURN
Fixes#16525.
absolute_val_from_string() doesn't allow a time zone and always
assumes that time strings are in local time zone, so
absolute_val_to_repr() needs to produce that output for FTREPR_DFILTER
so that construct_match_selected_string() produces the correct filter
string for FT_ABSOLUTE_TIME fields that are not ABSOLUTE_TIME_LOCAL.
Fix#17617
This utility function is useful outside of epan. Move it to wsutil
and export the interface.
The move isn't completely clean as it requires duplicating two small
inline functions but that was necessary to avoiding moving too much at
once.
This header was installed incorrectly to epan/wmem_scopes.h.
Instead of creating additional installation rules for a single
header in a subfolder (kept for backward compatibility) just
rename the standard "epan/wmem/wmem.h" include to
"epan/wmem_scopes.h" and fix the documentation.
Now the header is installed *correctly* to epan/wmem_scopes.h.
The ftype-protocol has two components to its value - a tvb, which is
allowed to be be NULL (most notably in _ws.expert), and a string
description. They can also be created from string literals, such as
in display filters. It's possible to compare protocols with a NULL
tvb with protocol terms created from literals, e.g. entering the
display filter "_ws_expert < 1".
Partially revert 69e2603c48 so that
this doesn't crash, by assigning proto_string to the empty string
instead of null when creating from a literal. Fixes#17316
Most of the time, the return value tells us nothing useful, as we've
already decided that we're perfectly willing to live with string
truncation. Hopefully this keeps Coverity from whining that those
routines could return an error code (NARRATOR: They don't) and thus that
we're ignoring the possibility of failure (as indicated, we've already
decided that we can live with string truncation, so truncation is *NOT*
a failure).
Now that FT_PCRE is gone, a GRegex is not a valid value for a field. (A
field can be a *string* field whose value is supposed to be a PCRE, but
that's just FT_STRING/FT_STRINGZ/FT_STRINGZPAD/FT_STRINGZTRUNC, and the
value is the string text.)
It's not a valid field type, it's only a hack to support regular
expression matching in packet-matching expressions.
Instead, in the packet-matching code, have a separate syntax tree type
for Perl-compatible regular expressions, and a separate instruction to
load one into a register, and have the "matching" operator for field
types take a GRegex * as the second argument.
It's a fake "field" type, used only for "field" values in
packet-matching expressions to do regular-expression matching. There is
*no* reason to allow fields of that type.
Don't bother checking the representation type when generating the string
representation of a field value. If a developer manages to get past all
the tests for FT_PCRE to register and add an instance of that field to
the protocol tree, either 1) the one and only string representation of
an FT_PCRE value is what they want, in which case, whatever, or 2) it's
*not* what they want, in which case, if they file a bug, ask a question
on a mailing list, or ask a question on the Q&A site, we can explain to
them that what they're doing is bogus.
I believe this was the original intention, to use these API restricitons
with dissectors only (not that I necessarily agree with that policy either),
and through copy-paste and lack of clear guidelines it spread to other
parts of the build.
Rename the checkAPI groups to make it very clear that this is dissector-only.
This doesn't mean, of course, that good programming practices shouldn't be
followed everywhere. In particular assertions need to be used properly.
Don't use them to catch runtime errors or validate input data.
This commit will be followed by another removing the various ugly hacks
people have been using to get around the checkAPI hammer.
The include_directories documentation at
https://cmake.org/cmake/help/latest/command/include_directories.html
says:
"Note: Prefer the target_include_directories() command to add include
directories to individual targets and optionally propagate/export them
to dependents."
Switch from include_directories to target_include_directories in a bunch
of places.
Add "SYSTEM" to the remaining external include_directories calls in
order to minimize our compiler warning blast radius.
FT_STRINGZPAD is for null-*padded* strings, where the field is in an
area of specified length, and, if the string is shorter than that
length, all bytes past the end of the string are NULs.
FT_STRINGZTRUNC is for null-*truncated* strings, where the field is in
an area of specified length and, if the string is shorter than that
length, there's a null character (which might be more than one byte, for
UCS-2, UTF-16, or UTF-32), and anything after that is not guaranteed to
have any particular value.
Use IS_FT_STRING() in some places rather than enumerating all the string
types, so that those places get automatically changed if the set of
string types changes.
Remove the --check-addtext and --build flags. They were used for
checkAddTextCalls, which was removed in e2735ecfdd.
Add the sources in ui/qt except for qcustomplot.{cpp,h}. Fix issues in
main.cpp, rtp_audio_stream.cpp, and wireshark_zip_helper.cpp.
Rename "index"es in packet-usb-hid.c.
Fall back on the Wayback Machine for some links.
Change-Id: I6a44a2caaeb4fa521c2f08196e7c36069e3bb842
Reviewed-on: https://code.wireshark.org/review/34103
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add header files lists to add_library() so that Visual Studio can pick them
up and include them in a "Header Files" folder for easier navigation within
Visual Studio.
Change-Id: I7cd8e39550f4db67eed8205593060ae8b4a5b1b9
Reviewed-on: https://code.wireshark.org/review/31289
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
GRegex is a thin wrapper around PCRE. Inputs (patterns and subjects) are
assumed to be UTF-8 by default (unless G_REGEX_RAW is set). If the
subject is not valid UTF-8, normally pcre_exec will immediately return a
failure. However, as GLib sets PCRE_NO_UTF8_CHECK when G_REGEX_RAW is
given, pcre_exec() will skip the safety check and crash instead.
Fix this by always assuming raw byte patterns. Regression risk: patterns
such as `ö.ï` will no longer match `öñï` since `ñ` is a multi-byte
sequence. Patterns such as `(GET|POST) /` remain functional though.
Bug: 14905
Change-Id: I6450bb83f565d377f82a5dbb01690c5f49acd96f
Reviewed-on: https://code.wireshark.org/review/31935
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use a locale-independent glib routine to format floating point numbers.
This avoids displaying floating point numbers as "86399,9921875" with
LC_ALL=nl_NL.UTF-8.
This output is consistent with val_from_unparsed which is used for
parsing display filter values and is already locale-independent. Note
that the displayed node labels in the dissection tree is still
locale-dependent (see proto_item_fill_label for FT_DOUBLE).
Bug: 15437
Change-Id: I64dd2b7dbb453022edf88b3052e2f67066189427
Reviewed-on: https://code.wireshark.org/review/31869
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
User guides are installed to doc/Wireshark. Use doc/wireshark instead.
Remove leftover variable CPACK_PACKAGE_NAME.
Change-Id: I9a1d6bdc7d8f0b48c61e43679285d5ba83904a63
Reviewed-on: https://code.wireshark.org/review/31851
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Do not rely on strptime("%b") to parse the month, it does not correctly
recognize English month abbreviations on non-English systems. While at
it, do not try to parse milliseconds if seconds are missing.
Change-Id: Ia049bf362195eef1eba2f04ff7217049fa6a7d9d
Reviewed-on: https://code.wireshark.org/review/31707
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Found by scan-build.
Change-Id: I07e8bf2099e08f3f544dd846572717044aa95f7c
Reviewed-on: https://code.wireshark.org/review/31487
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Install headers to support plugins development on Windows.
Change-Id: I3161bd2f730edf62ab44fee6ce4fedbb9aee0d31
Reviewed-on: https://code.wireshark.org/review/30776
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
SEP_SPACE and BASE_NONE both default to colon (:). Fix SEP_SPACE and add SEP_NONE
Bug: 15253
Change-Id: Ib5db997714414370b08ffb9458c73d4aeef6aacf
Reviewed-on: https://code.wireshark.org/review/30447
Reviewed-by: Jeremy Martin <boardermartin@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
TRY/CATCH are macros, before returning the ENDTRY block must be executed
or the weirdest crashes can occur.
Change-Id: Ic56871322f8567263e2b8a81cce5a3c7042301b7
Fixes: v2.1.0rc0-2939-g5493fe0167 ("Convert ftype-tvbuff.c to ftype-protocol.c")
Reviewed-on: https://code.wireshark.org/review/30095
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The value of a string in single quotes in dfilter must fit into one
byte. The parser correctly parsed the beginning of the string,
however it didn't check whether there are more characters to parse.
Bug: 14084
Change-Id: Ifa2d7a31052b2c1020d84c42637b9b7afc57d8c0
Reviewed-on: https://code.wireshark.org/review/28298
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When converting byte array strings to a FT_PROTOCOL value (for example,
when using a display filter such as `eth contains aa:bb`), the converted
memory in GByteArray was not freed. If an error occurred (the value
cannot be parsed as hex string), then an error message was leaked.
Fix the above issues and avoid an unnecessary g_memdup.
Change-Id: I3a076b3a2384b1a0e15ea8518f2e0f66a7b6ea49
Reviewed-on: https://code.wireshark.org/review/27130
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It has been replaced by cmake.
Change-Id: I83a5eddb8645dbbf6bca9f026066d2e995d8e87a
Reviewed-on: https://code.wireshark.org/review/26969
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Missed out some that would probably result in too many links.
Added FT_FRAMENUM_RETRANS_PREV and FT_FRAMENUM_RETRANS_NEXT to enum,
these display as arrows like REQUEST and RESPONSE do.
Change-Id: I6e8d222955f2ba59a713e8a389837b55a1c7f262
Reviewed-on: https://code.wireshark.org/review/24600
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Match closer the behavior of autotools which does not include epan in
its include paths by default.
Change-Id: I885bc7942490a5674c6ac75f9a8ea221555e3784
Reviewed-on: https://code.wireshark.org/review/24639
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Fix a tpyo while we're at it.
Change-Id: I1bde763ec2bd188c0f8afd1069db5a9f23963e8e
Reviewed-on: https://code.wireshark.org/review/24186
Reviewed-by: Guy Harris <guy@alum.mit.edu>
FT_IPv6 doesn't expose the prefix, which is used only for values in
filter expressions, not values in protocol fields; do the same for
FT_IPv4, hiding the netmask, and using fvalue_get_integer() to get the
value, having it return a network-byte-order value for the address.
(This also makes it opaque whether the address and netmask are stored in
host or network byte order.)
Change-Id: I4285a87f6ccef2c0ccec040490ddcd15d787326e
Reviewed-on: https://code.wireshark.org/review/24177
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Just directly use the addr field, converting from host to network byte
order if necessary.
Change-Id: Ie1cd9ea5527b7824014dc315225ad2a6adb61c38
Reviewed-on: https://code.wireshark.org/review/24176
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We have WS_INET_ADDRSTRLEN and WS_INET6_ADDRSTRLEN; use them.
Change-Id: Idade0da9fae70d891901acd787b06d21e2ddbc5f
Reviewed-on: https://code.wireshark.org/review/24156
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Most of it doesn't need to be public; pull it into epan/ipv4.c. Pull
the two routines that *are* used outside epan/ftypes/ftype-ipv4.c into
epan/ipv4.h as static inline functions.
This allows some optimization, and makes epan/ipv4.h more like epan/ipv6.h.
Change-Id: I80229acde559d810aecec2acd5c995076440c181
Reviewed-on: https://code.wireshark.org/review/24071
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Autotools has the very useful feature by design of allowing the user
to override the default build flags (you break it you keep it).
Apparently CMake applies COMPILE_OPTIONS target property after
CMAKE_{C,CXX}_FLAGS so that doesn't work here. Prepend our flags to those
variables instead to make it work then.
Specific target flag overrides can still be added with COMPILER_OPTIONS
(e.g: generated files with -Wno-warning) but this is less effective and
then we're back at the point where this overrides user flags. It's less
of a concern though.
Change-Id: I44761a79be4289238e02d4e781fef0099628817b
Reviewed-on: https://code.wireshark.org/review/23675
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
To be continued incrementally to fix gaps and omissions.
If we are willing to reorganize the source tree to have one or two header
include folders this could be simplified considerably.
It would also force developers to give more consideration to API issues,
which is a good thing.
See also e7ef19efc0.
Bug: 14062
Change-Id: I0759da2f9793cfb5cf92c9e231457bba43df4353
Reviewed-on: https://code.wireshark.org/review/23548
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Install public headers required to build plugins for libwireshark (taps and
dissectors).
The source tree is organized to serve the CLI/GUI parts of wireshark.
Plugins are built in tree. This change is intende to allow plugins to be built
out-of-tree but we want to avoid dumping all headers into /usr/include.
To be continued incrementally to fix errors and omissions.
Change-Id: Iaa0def0ba3de4b456a29114c315544d2d64fa748
Reviewed-on: https://code.wireshark.org/review/23374
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
IS_FT_UINT includes both 32 and 64 bit unsigned integers, but fvalue_get_uinteger
only allows 32-bit values, so add IS_FT_UINT32 macro for distinguishing between
using fvalue_get_uinteger and fvalue_get_uinteger64.
All other cases that use fvalue_get_uinteger vs fvalue_get_uinteger64 are done
first with switch statements and don't rely on IS_FT_UINT to distinguish
between 32 and 64 bit values
Bug: 14063
Change-Id: I9d1400259e7c2661c2b5ebf96aaa0e9d773651fe
Reviewed-on: https://code.wireshark.org/review/23528
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Removed get_ipxnet_addr(), get_ether_addr(). If this feature is desired at
a minimum it should use an efficent data structure (and no disk-based
lookups mid-dissection).
Change-Id: Ie72449c631f21f4a3d82ec435bb5e1d7892f122c
Reviewed-on: https://code.wireshark.org/review/22729
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Make the "matches" operator case-insensitive by default. Case
sensitivity can be switched back on using "(?-i)".
It might be nice to make "contains" case-insensitive as well, but we'd
need a caseless version of epan_memmem.
Change-Id: I5e39a52c148477c30c808152bcace08348df815a
Reviewed-on: https://code.wireshark.org/review/22330
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Removed 'len' from IPv4, not needed
Added more test coverage for IPv6 in dftestlib
Change-Id: I1ca80e2525f32f6095ad73352baba733f4694ced
Reviewed-on: https://code.wireshark.org/review/22260
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I3bdca418801305d71b33fa07396497d82ad06e33
Reviewed-on: https://code.wireshark.org/review/22212
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- when having a special value, leave function once buffer is written
- give the right buffer length to g_snprintf() function
Bug: 13590
Change-Id: Iecf1456686b6e92a7cfcf8ed6d8619541ad50ace
Reviewed-on: https://code.wireshark.org/review/21260
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It's sufficient to include <epan/proto.h>...
...as long as <epan/proto.h> includes <epan/tfs.h>, just as it includes
<epan/value_string.h>.
And, since it's already including <epan/value_string.h>, it doesn't need
to have a definition of struct _value_string as an incomplete type,
given that <epan/value_string.h> gives a definition of it as a complete
type.
Change-Id: Ic296bc0b0d68277ba7e0569412b780fd847ecca2
Reviewed-on: https://code.wireshark.org/review/21033
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Delete get_value_ptr from struct _ftype_t, make it
part of the get_value union.
Change-Id: I947331069662a7043bd838e622d286629cc7be9a
Reviewed-on: https://code.wireshark.org/review/20647
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Delete get_value_uinteger from struct _ftype_t, make it
part of the get_value union.
Change-Id: I4a6c8341676c442e2bf8ae3b8f771b72161d133c
Reviewed-on: https://code.wireshark.org/review/20640
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Delete get_value_sinteger from struct _ftype_t, make it
part of the get_value union.
Change-Id: I3127252cafc62389ce426639992f1d59f7ac9731
Reviewed-on: https://code.wireshark.org/review/20637
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>