packet-per.c:959:6: warning: Access to field 'aligned' results in a dereference of a null pointer (loaded from variable 'actx')
packet-ber.c:1606:29: warning: Access to field 'pinfo' results in a dereference of a null pointer (loaded from variable 'actx')
packet-ber.c:1612:24: warning: Access to field 'created_item' results in a dereference of a null pointer (loaded from variable 'actx')
packet-ber.c:3156:41: warning: Access to field 'pinfo' results in a dereference of a null pointer (loaded from variable 'actx')
packet-ber.c:3182:24: warning: Access to field 'created_item' results in a dereference of a null pointer (loaded from variable 'actx')
Change-Id: Ibae00dc29a869701fe903a5b0c9944279aaa3df7
Reviewed-on: https://code.wireshark.org/review/13936
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
DLM3 minor version 1, introduced in mainline kernel commit 757a4271 from
October 2011, added some fields and a Need Slots flag to Recovery
Command Status packets.
Change-Id: Ib994223afeae6b8d6ddb75404ab2031c5a63185b
Reviewed-on: https://code.wireshark.org/review/13983
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- Use QPushButton for buttons and set the "Find" button as default
in SearchFrame.
- Use QPushButton for buttons, added a "Packet:" label, and set
the "Go to packet" button as default in GoToFrame.
- Set Qt::WA_MacSmallSize in OS X for FilterExpressionFrame and
PreferenceEditorFrame.
- Removed QFrame::StyledPanel and QFrame::Raised from ColumnEditorFrame.
- Update ui files to reflect that AccordionFrame is used for
AddressEditorFrame, FilterExpressionFrame and PreferenceEditorFrame.
Change-Id: Icfbfff973535317997109a1020dfe24ba932e098
Reviewed-on: https://code.wireshark.org/review/13995
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
It works the same regardless of what flavor of USB metadata there is,
and there's no good reason for any Bluetooth code to know, or care,
about particular flavors of USB metadata.
Add some comments while we're at it.
Change-Id: I6ea2063a015e424fc84a407231e80ef3e2a79c98
Reviewed-on: https://code.wireshark.org/review/14001
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Do not use the client-supplied session ticket for decryption when the
session is not resumed as the cached key (associated with that ticket)
is invalid for this new session. SSL Session IDs are unaffected by this
issue as only the server-issued Session ID is considered.
This fixes decryption of a SSL capture which uses the keylog file for
decryption, but where the session tickets are invalid because the server
was restarted.
Additionally, the session and session tickets stores are split to avoid
exporting session tickets via File -> Export SSL Session keys. Session
tickets should only be used internally, the CLIENT_RANDOM identifier is
shorter and is the preferred method to link secrets.
Change-Id: If96d7a4e89389825478e67e9a65401ce0607aa66
Reviewed-on: https://code.wireshark.org/review/13994
Reviewed-by: Michael Mann <mmann78@netscape.net>
Coverity rightfully complains about inproper use of negative value.
maxlength special value '-1' should be handled appropriately.
Change-Id: Ie1818121e39fa668094d012980016444ca868e6e
Reviewed-on: https://code.wireshark.org/review/13978
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Idf98bcf617d4d6343aa233e42898cf5f26b08e33
Reviewed-on: https://code.wireshark.org/review/13974
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
IEEE has run out of Payload IE IDs so ZigBee and
future IEs must use Vendor OUIs.
Change-Id: I6eed4382d099364605649eb7577a5e2691e97dd3
Reviewed-on: https://code.wireshark.org/review/13971
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
wtap_read() and wtap_seek_read() now do so before calling the read or
seek-read routine, so there's no need to do so in those routines.
Rename hcidump_process_packet() to hcidump_read_packet() while we're at
it, as it doesn't just process an already-read packet, it does the
reading as well as the processing.
Change-Id: Ic13da6a2096e68550d80f2eff31f03d0edb58147
Reviewed-on: https://code.wireshark.org/review/13998
Reviewed-by: Guy Harris <guy@alum.mit.edu>
As discussed in https://www.wireshark.org/lists/wireshark-dev/201309/msg00182.html
VJ decompressor was removed from Wireshark 1.12 due to license incompatibility
Let's mark the corresponding preference as obsolete so that people do not think
it is still supported
Change-Id: I7030ef5f402a0c7e242e77a52baf18f450a95024
Ping-Bug: 12138
Reviewed-on: https://code.wireshark.org/review/13993
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This the result of updated 'PAN ID Compression field value for frame
version 0b10' table in IEEE spec which clarifies the interpretaion
of the PAN ID Compression bits for different combinations of Src
and Dst Addresses.
Change-Id: Ia70836b8571beae80a3f507be4f39736e13eb110
Reviewed-on: https://code.wireshark.org/review/13984
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
They should not be necessary.
Change-Id: I9246d86862392c65839c18d13d8634bcf510d55e
Reviewed-on: https://code.wireshark.org/review/13992
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If you include something from the wiretap directory, always precede it
with wiretap/.
Fix some includes of files in the top-level directory to use a path
relative to the current directory, not relative to the wiretap
directory.
This makes it a bit clearer what's being included.
Change-Id: Ib99655a13c6006cf6c3112e9d4db6f47df9aff54
Reviewed-on: https://code.wireshark.org/review/13990
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
According to the EIGRP draft RFC (https://tools.ietf.org/html/draft-savage-eigrp-04#section-6.8.1), 2nd bit (0x2) in EIGRP classic bit field should be interpreted as Candidate Default (CD)
Reported by Garri
Bug:12136
Change-Id: I56dcbbc7db480e67962e2edfbd8d9c6b117f30ef
Reviewed-on: https://code.wireshark.org/review/13987
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for using regular expressions in the Search Frame
when searching in packet list, packet details and packet bytes.
This search is in many cases faster than plain string search.
Change-Id: I2d8a709046f90d7b278fb39547fc4e2e420623bc
Reviewed-on: https://code.wireshark.org/review/13981
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Change g_list into wmem_list to solve the leak. Leak found by valgrind.
==14755== 3,384 (504 direct, 2,880 indirect) bytes in 21 blocks are definitely lost in loss record 3,380 of 3,418
==14755== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14755== by 0xA806610: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==14755== by 0xA81C22D: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==14755== by 0xA7FD4F3: g_list_append (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==14755== by 0x67CD825: build_get_attr_all_table (packet-cip.c:5402)
==14755== by 0x67CD825: proto_register_cip (packet-cip.c:8067)
==14755== by 0x71C83F9: register_all_protocols (register.c:229)
==14755== by 0x65F14D7: proto_init (proto.c:521)
==14755== by 0x65CF961: epan_init (epan.c:126)
==14755== by 0x1153F0: main (tshark.c:1220)
Change-Id: I9c25ee5b5bf04b9afb8b0bf22bb6f3d7022bf4d3
Reviewed-on: https://code.wireshark.org/review/13969
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The current code which dissects the idProduct (and to some extend the
idVendor) item for USB devices is overly complicated. A better method
to format the product string in the right way is using:
proto_tree_add_uint_format_value.
This gets rid of the additinal string and item manipulation altogether.
Change-Id: Iadd69b7dc284e62039402de53418f41460d88a5d
Reviewed-on: https://code.wireshark.org/review/13973
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The argument to the resize method for QByteArray is an int, not a
size_t.
Change-Id: Id30bc03daec6d6ead8669794b5cb0247718be66b
Reviewed-on: https://code.wireshark.org/review/13977
Reviewed-by: Guy Harris <guy@alum.mit.edu>
if the bit is set, it's an R(NAK) block
Change-Id: I0e44bd72d1c2a69a582792d08bf450e6ef2d163b
Reviewed-on: https://code.wireshark.org/review/13976
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Add an option to decode the packet bytes from base64 or zlib compressed.
Also add configurable start byte and end byte to make it possible to
decode a subset of bytes. It's also possible to select a range in ASCII
view and select "Show selected" from the context menu to make a subset.
In ASCII view a null terminator is replaced by UTF8 symbol for NULL,
and a CR is replaced by UTF8 symbol for carriage return. This is done
to make it possible to "Show selected" from the context menu.
Change-Id: Ie03c9912c304c121af6ca9e998a6e8445b5382c5
Reviewed-on: https://code.wireshark.org/review/13958
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
File had both whitespaces and tabs for indentation. Replace
whitespace indentation with tabs. This is the same indentation
mode as ws80211.c file uses.
Change-Id: I46bbd675f5089eb502b489fdfd70f30510bc95ef
Reviewed-on: https://code.wireshark.org/review/13963
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The standard says that UDPv6 is the index 2. However, the dissector
contained the old implementation of RTI DDS (which had SHMEM = 2
and UDPv6 = 5). I have updated the dissector to be compliant with
the standard and indirectly be compliant with the new version of
RTI DDS which now implements the standard in this aspect.
Change-Id: Iaade0e457fda35362c04a7658d62242cf8868127
Reviewed-on: https://code.wireshark.org/review/13922
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. More Identity attributes
2. Port attributes
3. Set Attribute List request highlighted too much attribute data
4. TCP/IP object, Attr 5 needs padding
5. Switch most attributes to use wrappers instead of dissect_epath() directly.
6. Change new Volume 8 attributes to treat path size as words instead of bytes, when parsing size+EPATH formats.
Change-Id: I1b8c476475c6fbb9c7cdb99ec4a6c28934631a19
Reviewed-on: https://code.wireshark.org/review/13898
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
'const gpointer' is the same as 'void *const'. Replace with gconstpointer
where straightforward (assuming that was the intent) and use gpointer everywhere
else for clarity (that does not change *API* constness contract; it just means
a variable is not declared immutable inside the called funtion).
Change-Id: Iad2ef13205bfb4ff0056b2bce056353b58942267
Reviewed-on: https://code.wireshark.org/review/13945
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
TL and T0 are followed by TA(1), TB(1) and TC(1), in this order
Change-Id: I356da8bb475d55f36e5b9ff02d35fcf35c457223
Reviewed-on: https://code.wireshark.org/review/13961
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
use the same hf as for ATQB's FWI
Change-Id: I2c1db117688e16e91fc4072d9b6f4bba46f64fd6
Reviewed-on: https://code.wireshark.org/review/13960
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
We cannot easily predict what will happen, given the configuration of
the OS, the permissions on files, the availability of extcap devices,
the version of libpcap/WinPcap/NPcap (present or future), etc., etc.,
etc.. Allow those tests to succeed (as would be the case if you have
the necessary permissions) or fail with a non-command-line-syntax error
(as would be the case if you don't have the necessary permissions), but
not to fail with a command-line syntax error.
Change-Id: I76af898d5f146fcf3507c06f101acb578085e6fa
Reviewed-on: https://code.wireshark.org/review/13957
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add settings to the QLineEdit context menu to use textual or regular
expression search. Use this in Follow Stream and Show Packet Bytes.
Change-Id: I3a9f5a923f616629aa40a334921871f98b518f30
Reviewed-on: https://code.wireshark.org/review/13942
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Change-Id: If33cf41f46f2be9c66fc4a626af6a2c010fba7d3
Reviewed-on: https://code.wireshark.org/review/13931
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
For 802.11n, if the GI length is present in the MCS field and is "short
GI", "gi_length" is equal to 1, not to 0, so set the "short GI" flag in
the generic radio information to "gi_length".
Bug: 12123
Change-Id: Ica2c5794698a643a6393f0468cdbfe025aa90074
Reviewed-on: https://code.wireshark.org/review/13950
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also, add it to the list of dependencies.
Change-Id: I424c0657c87ab97d704b86a3b0722fb7f33b9f49
Reviewed-on: https://code.wireshark.org/review/13949
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also, get rid of the stuff for the extcap programs, as that's now
handled by extcap/Makefile.nmake.
Change-Id: Ide94c1cfc97d50e5d9fabbb923d9c52cccb62fa0
Reviewed-on: https://code.wireshark.org/review/13947
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That lets the version of Wireshark built with autotools find the extcap
programs.
Don't install the extcap programs under ${datadir} - that puts it under
a share directory, and share directories are for platform-independent
files, which executable images aren't (they're instruction-set
dependent, hence platform-dependent).
Change-Id: I992eeb984bdbe6b3476777f7114628c83df6080f
Reviewed-on: https://code.wireshark.org/review/13943
Reviewed-by: Guy Harris <guy@alum.mit.edu>