Allocate the exp_pdu_data using the wmem_packet_scope allocator so the
epan_dissect_run_with_taps will free it after calling all registered tap
listeners.
valgrind --tool=memcheck --leak-check=full ./run/tshark -r sctp.pcap -U "OSI layer 3" -w exported.pcap
32 bytes in 1 blocks are definitely lost in loss record 48 of 76
at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
by 0xB3FC3C5: g_malloc (gmem.c:99)
by 0x68C2BE1: export_pdu_create_tags (exported_pdu.c:251)
by 0x68C2D5E: export_pdu_create_common_tags (exported_pdu.c:231)
by 0x70AA54E: create_exp_pdu_proto_name (packet-sctp.c:3240)
by 0x70AA54E: export_sctp_data_chunk.part.23 (packet-sctp.c:3268)
by 0x70AB76B: export_sctp_data_chunk (packet-sctp.c:3256)
by 0x70AB76B: dissect_data_chunk (packet-sctp.c:3509)
Change-Id: I6e247ab2861bbb053f0958faf253913b28dbcbeb
Reviewed-on: https://code.wireshark.org/review/29126
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
capture_opts_add_iface_opt(), when called in a program acting as a
capture child, will fetch the description for the interface, and will
also generate a "display name" for the interface.
In the process, we clean up capture_opts_add_iface_opt() a bit,
combining duplicate code.
We rename console_display_name to just display_name, as it may also be
used in the title bar of Wireshark when capturing.
Change-Id: Ifd18955bb3cb41df4c0ed4362d4854068c825b96
Reviewed-on: https://code.wireshark.org/review/29117
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's only used there, so move it there.
Change-Id: I68472150e020ba94166782e3e4c08cba94c0f9ee
Reviewed-on: https://code.wireshark.org/review/29114
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Rename some of the columns - IFTREE_COL_NAME is the interface name,
IFTREE_COL_DESCRIPTION is the description/friendly name, and a new
IFTREE_COL_DISPLAY_NAME column is the display name (which may include
both the description and the interface name). Rename
IFTREE_COL_INTERFACE_COMMENT to just IFTREE_COL_COMMENT - there's no
*other* type of comment, and "IF" is short for "interface".
In the interface frame, use IFTREE_COL_DISPLAY_NAME, as that's the only
column that shows both and thus has something for all interfaces.
In the "Manage interfaces" dialog, put the description before the
interface name, as it was in earlier versions.
Change-Id: If0d959dcd4ca99913c941df00621da3c478233f6
Reviewed-on: https://code.wireshark.org/review/29090
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't show the display name, as that may include either the interface
name, which is already in another column, or the column comment, which
is also already in another column.
Change-Id: I12f81d9e4579b82267062bb5e4e745925ed382b7
Reviewed-on: https://code.wireshark.org/review/29087
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Windows is not the only OS with "friendly" names for interfaces; macOS
has them as well, and some *BSDs let you tag interfaces with names as
well.
The column headings for the "Interface Name" and the "Friendly Name"
were backwards.
Change-Id: I72543505cec9d479d8ab8aab3850daab3667805f
Reviewed-on: https://code.wireshark.org/review/29082
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's not a set of command-line options, it's information that's used
when showing summary information about the interface.
Change-Id: Ie1c3d998a3cc7cd8b54945186098ebae726cef11
Reviewed-on: https://code.wireshark.org/review/29070
Reviewed-by: Guy Harris <guy@alum.mit.edu>
253 (8 direct, 245 indirect) bytes in 1 blocks are definitely lost in loss record 87 of 93
at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
by 0xBC4B3C5: g_malloc (gmem.c:99)
by 0x13E225: exp_pdu_open (tap_export_pdu.c:128)
372 (40 direct, 332 indirect) bytes in 1 blocks are definitely lost in loss record 88 of 93
at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
by 0xBC4B3C5: g_malloc (gmem.c:99)
by 0xBC62FF6: g_slice_alloc (gslice.c:1025)
by 0xBC16984: g_array_sized_new (garray.c:194)
by 0x13E143: exp_pdu_open (tap_export_pdu.c:93)
Change-Id: I24a3cec1dc4491032232c282b01fea04a23872b3
Reviewed-on: https://code.wireshark.org/review/28934
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When the SCTP association contains a single DATA/SACK chunk in direction
the max and min TSN values are equal and as a result the Y axis range is
(maxTSN, maxTSN) or (0, 0) and the dots for the TSN are not visible
To fix this always set the Y axis maximum to maxTSN + 1 similar to the X
axis maximum of max_secs + 1
Also removed one unused local variable
Change-Id: Id38eb4dbd13a8ebbba98d4df00f3707331bd1464
Reviewed-on: https://code.wireshark.org/review/28862
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When the capture does not contains SCTP INIT and INAT_ACK packets the
startArwnd value is 0 (not set) and as a result the Y axis range is
(0,0) and the dots are not visible
Change-Id: Iafb1981e62f28fe09b106138836c866d0dbebb27
Reviewed-on: https://code.wireshark.org/review/28861
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Explain some of the magic numbers and other parts of the sparkline code.
Change-Id: Idfad30e773bd852ac021326467cf03ada91f6efc
Reviewed-on: https://code.wireshark.org/review/28874
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Those two members are leftovers from the gtk interface where a single
button was used. Current Qt interface uses three buttons so those two
members are no longer needed.
Change-Id: I10e8c6aa887582e21ceec87bc3021a49abcc34dd
Reviewed-on: https://code.wireshark.org/review/28834
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Every time the graph is redrawn new items are added to the vectors but
these items are never removed and the used memory increase over time
which for larger captures could be problematic.
Change-Id: I5f029d5f48e215aacf4a69fb7aef348d16df9846
Reviewed-on: https://code.wireshark.org/review/28782
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Remove MainWindow::createByteViewDialog, which was called once and
contained one line.
Change-Id: Ibe03db2c527b0a817d8b99df87d161405805bac3
Reviewed-on: https://code.wireshark.org/review/28733
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
QCustomPlot 1.3.1 includes a fix for a crash ("Fixed potential crash in
QCPGraph::pointDistance if getScatterPlotData returns empty list").
Full changelog: http://www.qcustomplot.com/release/1.3.2/changelog.txt
The new files are based on QCustomPlot-source.tar.gz (1.3.2) with
Alexis' typo and license header changes from v1.99.2rc0-479-gc411029a3c
("Update to QCustomPlot 1.3.0") applied. All successive Wireshark
patches up to v2.5.0rc0-854-g6f28f1a59e ("Fix MacOS build") were
applied. The Retina patches ("Fix QCustmPlot retina problems." and "QCP:
Fix retina label calculations.") gave conflicts due contextual changes
which I resolved by renaming newCachedLabel to cachedLabel (following
the change in upstream commit baaad24706187f5be0a68011c780b51c4de11558).
Bug: 14971
Change-Id: I5012cb5a867891b466cbf1898fe4c28cbd11ba20
Reviewed-on: https://code.wireshark.org/review/28732
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Construct MainWindow::df_combo_box_ in our initializer list, otherwise
anything that triggers a resizeEvent early on might result in an NPE.
Wait until everything is in place before calling setMinimumWidth.
Bug: 14979
Change-Id: I78b349f9c3ea53d8b1399a77169bbbd0a4a69191
Reviewed-on: https://code.wireshark.org/review/28728
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Ensure that columns with numbers are sorted according to their numeric
value instead of their alphabetical order.
Bug: 11460
Change-Id: I6ccfb9d3699c7e95de4ed31eb9424c5687661593
Reviewed-on: https://code.wireshark.org/review/28652
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For formats other than "Raw" and "UTF-8", the written file does not
match the actual stream data. It would be duplicated in strange ways.
Executing the "Save As" action twice while the dialog is open would also
write two different files (huh?).
As a quick fix, just replace the strange save logic by writing the text
field contents. A functional difference is that previously it would
write data while parsing the "follow data" list, now it uses the text
field contents. That data will now be truncated after 500 MB.
Bug: 14933
Change-Id: I498676389d0da3ac070346d6903bd2e6b0fc7674
Fixes: v1.11.0-rc1-2538-g80f9326b2f ("Add TCP/UDP/SSL Follow feature to QtShark")
Reviewed-on: https://code.wireshark.org/review/28663
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It strips off all suffixes, which is not useful behavior; it assumes
that nobody uses "." for any purpose other than separating a file name
from an extension - 1994 called, they want their version of Windows
back (and UN*X called, too...).
For the "Saving XXX" status bar message, just use the entire last
component of the file name.
Change-Id: Ib34fde3e49cd791c7baf333eebb71a8dbd672c19
Reviewed-on: https://code.wireshark.org/review/28638
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Strip off only extensions that correspond to file types we know about;
QFileInfo::baseName() strips off *all* extensions, where "extension" is
"anything preceded by a .", so it turns foo.bar.pcap.gz into foo, not
foo.bar. We don't want that; instead, we strip off only those
extensions that correspond to file types we know how to read, so we'd
strip off .pcap.gz in foo.bar.pcap.gz, and strip off .pcap in
foo.bar.pcap, leaving foo.bar in both cases.
Change-Id: I5385921ad2f0fef815d52e9902fef15735fd9dae
Reviewed-on: https://code.wireshark.org/review/28636
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When switching from ASCII to other modes (such as Hex), the previous
text to packet number mapping was not cleared. This resulted in
using the wrong packet number when hovering over the packet data.
Change-Id: I29ba1786925490c33fc9181373a31d51f5091642
Reviewed-on: https://code.wireshark.org/review/28614
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reverse the payload chunks list to achieve a running time of O(n) rather
than O(n²) for insertion of all chunks. Executing a RelWithDebInfo+ASAN
build with `tshark -r chargen-session.pcapng.gz -qz follow,tcp,hex,0`
previously took 11m5s to complete, but now finishes in 16 seconds.
Tested using a capture file with 152k TCP packets (from bug 11777).
Backport note: must update ui/gtk/follow_stream.c too.
Change-Id: Icf70d45f33d4399e53209fb6199d3809608c8d99
Reviewed-on: https://code.wireshark.org/review/28595
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For example, if the file is foo.pcap, make the default name for a saved
PDF of some graph be foo.pdf, as it was prior to 2.6, not foo.pcap.pdf.
Change-Id: Ide99c9c7fa1f3d16f829e731f968a209fbb52b8d
Reviewed-on: https://code.wireshark.org/review/28624
Reviewed-by: Guy Harris <guy@alum.mit.edu>
While we're at it, sort some method declarations and definitions, to
group the top-level summary/details/bytes yes/no options together, with
two groups of suboptions for summary and details below.
Bug: 14945
Change-Id: Id06dd64e44b18b13e2131482edef46aee3efbd63
Reviewed-on: https://code.wireshark.org/review/28620
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For filePath() and fileName(), just return a null string if we can't
convert from the native encoding to UTF-8 - those aren't used for
displaying, those are used for setting the main window's file name and
for generating names of files to save based on the capture file name.
Have fileDisplayName() just return the display name, without
"[closing]"/"[closed]" decoration or a special case for no file being
open (just return a null string if there's no file open), and have
fileTitle() return the decorated display name.
Change-Id: I244f318d5444dcf58527e5d38c4d073c28b73810
Reviewed-on: https://code.wireshark.org/review/28594
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That more closely matches the name of the file.h routine that it uses.
Change-Id: Ia206fb8331f4f3ad8035da9f6137ad2428d53a49
Reviewed-on: https://code.wireshark.org/review/28589
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That's needed to support the "proxy icon", so it can be dragged.
Change-Id: I1ad209cd43a2a6df9c52d076f6513780b0ac51be
Reviewed-on: https://code.wireshark.org/review/28587
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It now does the heavy lifting, so MainWindow::setTitlebarForCaptureFile()
doesn't have to duplicate it.
Change-Id: I97ded85306e625b2c67c3fde62a636ec6818a6f5
Reviewed-on: https://code.wireshark.org/review/28586
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't use CaptureFile.fileTitle() if you're constructing a pathname; use
it only if you're constructing a window title.
Change-Id: I40f225ddb07be2f7dc3ae03108dae816846f20c7
Reviewed-on: https://code.wireshark.org/review/28582
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For dialogs and auxiliary windows, if we have a live capture that hasn't
yet been saved to a permanent location, there's no good reason to show
the temporary file name in the title bar, as:
it's a random string that doesn't indicate where the capture was done
and that could confuse people (see, for example, the confusion in bug
14929, in which somebody referred to the "Follow TCP Stream" window as
the ".pcap dialog" because its title had ".pcap" at the end, due to
the capture file being a temporary file and its name showing up in the
title bar of that window);
it differs from what the main window title bar shows.
While we're at it, don't assume that the file name in the capture_file
structure is a UTF-8 string - some UN*Xes might not use UTF-8 for file
names.
Change-Id: I0d3dfd5d7f896ea37533daf7089b688710dbabf0
Reviewed-on: https://code.wireshark.org/review/28581
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Closing a capture file while it is being loaded will result in a crash.
As a workaround, disallow closing the capture file. The requested action
(e.g. MainWindow::openCaptureFile) will be silently ignored.
While at it, protect process_specified_records (called when saving
files) similarly to cf_read and fix a crash that occurs when a capture
from the Capture Dialog is started while a file is being loaded:
file.c:360:cf_close: assertion failed: (cf->state != FILE_READ_IN_PROGRESS)
Bug: 10870 # moving rapidly between large files in a file set
Bug: 13594 # start capture while loading/saving file
Bug: 14351 # open another file while loading file
Change-Id: I6ce8f3163c3fa4869f0299e49909a32594326ce4
Reviewed-on: https://code.wireshark.org/review/28541
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That makes it clearer that it's not a string, and avoids some type
complaints from change Ida7b98af8c44a52ddac2c4ab0702db2519a0c4af.
Update a comment while we're at it.
Change-Id: I6737bb2a7ff3b4d461700c641cb580194f7809e7
Reviewed-on: https://code.wireshark.org/review/28572
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That makes it clearer that it's not a string, and avoids some type
complaints from change Ida7b98af8c44a52ddac2c4ab0702db2519a0c4af.
Update a comment while we're at it.
Change-Id: Idba56f38d58d87f73aee41a11195371021a1328d
Reviewed-on: https://code.wireshark.org/review/28571
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove -DBUILD_WINDOWS and sections of code that we no longer use.
Bug: 14715
Change-Id: Iae1a950e2f52f4ce45fcf0ae5dea06c1172c3a28
Reviewed-on: https://code.wireshark.org/review/28466
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
When dragging on the wrong position in the toolbar, wireshark
crashes
Change-Id: I756e9caebc844d32e99e9fd3e338a872986b9e96
Reviewed-on: https://code.wireshark.org/review/28458
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Vasil Velichkov