The second argument is the file type/subtype, and the third argument is
the file descriptor, according to the function declaration and all the
calls to it. Make it so in the function definition.
Fixes Coverity CIDs 1473314 and 1473312.
Register the pcap and pcapng file types/subtypes rather than hardwiring
them into the table.
Call the registration routines for them directly, rather than through a
generated table; they're always supposed to be there, as some code in
Wireshark either writes only one of those formats or defaults to writing
one of those formats. Don't run their source code through the
registration-routine-finder script.
Have the file type/subtype codes for them be directly exported to the
libwiretap core, and provide routines to return each of them, to be used
by the aforementioned code.
When reporting errors with cfile_write_failure_message(), use
wtap_dump_file_type_subtype() to get the file type/subtype value for the
wtap_dumper to which we're writing, rather than hardcoding it.
Have the "export PDU" code capable of supporting arbitrary file
types/subtypes, although we currently only use pcapng.
Get rid of declarations of now-static can_write_encap and
dump_open routines in various headers.
This pull request includes:
* The "Follow DCCP stream" feature.
* Updated docbook documentation for the "Follow DCCP stream" feature.
* Test for the feature.
* Corresponding packet trace for the test.
Instead of a "supports name resolution" Boolean and bitflags for types of
comments supported, provide a list of block types that the file
type/subtype supports, with each block type having a list of options
supported. Indicate whether "supported" means "one instance" or
"multiple instances".
"Supports" doesn't just mean "can be written", it also means "could be
read".
Rename WTAP_BLOCK_IF_DESCRIPTION to WTAP_BLOCK_IF_ID_AND_INFO, to
indicate that it provides, in addition to information about the
interface, an ID (implicitly, in pcapng files, by its ordinal number)
that is associated with every packet in the file. Emphasize that in
comments - just because your capture file format can list the interfaces
on which a capture was done, that doesn't mean it supports this; it
doesn't do so if the file doesn't indicate, for every packet, on which
of those interfaces it was captured (I'm looking at *you*, Microsoft
Network Monitor...).
Use APIs to query that information to do what the "does this file
type/subtype support name resolution information", "does this file
type/subtype support all of these comment types", and "does this file
type/subtype support - and require - interface IDs" APIs did.
Provide backwards compatibility for Lua.
This allows us to eliminate the WTAP_FILE_TYPE_SUBTYPE_ values for IBM's
iptrace; do so.
We allocate a QMimeData object at the beginning of PacketList::mouseMoveEvent.
Usually, this object is passed to a QDrag object by calling drag->setMimeData.
In this case, the QDrag object owns the mime data object and frees it when
it's no longer required.
If the mime data object contains no data that can be dragged and dropped, we
reach the end of PacketList::mouseMoveEvent without anyone taking care of
the mime object. We have to free it ourselves in this case.
The problem can be reproduced if you add a custom column for an element that
does not exist in your capture file. Left-click onto the empty column and
drag the empty column entry somewhere. An asan build will then show the
memory leak
Indirect leak of 240 byte(s) in 2 object(s) allocated from:
#0 0x7f351e153d30 in operator new(unsigned long) (...)
#1 0x7f3500b79802 in QMimeData::QMimeData() (...)
Indirect leak of 32 byte(s) in 2 object(s) allocated from:
#0 0x7f351e153d30 in operator new(unsigned long) (...)
#1 0x5635156dfbc7 in PacketList::mouseMoveEvent(QMouseEvent*) ...
#2 0x7f3502eb94d7 in QWidget::event(QEvent*) (...)
For QT >5.11, stringWidth() uses horizontalAdvance, which gives different
(longer) widths than the old boundingRect().width() method.
Other locations use the boundRect().width() method directly, resulting
in underestimating line widths and clipping the last characters in
the byte view window.
Fix by forcing all width calculations to use stringWidth().
Closes#17087.
Eliminate WTAP_FILE_TYPE_SUBTYPE_ERF and
WTAP_FILE_TYPE_SUBTYPE_SYSTEMD_JOURNAL - instead, fetch the values by
name, using wtap_name_to_file_type_subtype().
This requires that wtap_init() be called before epan_init(); that's
currently the case, but put in comments to indicate why it must continue
to be the case.
Increase the minimum required version of Qt from 5.3 to 5.6. The various
Linux distribution versions that shipped with earlier Qt versions (RHEL
6, Fedora 23, openSUSE 13.2, Debian jessie, Ubuntu 16.04) have either
reached end of support or will do so soon.
The official Qt 5.6 releases for macOS require 10.8, so make that the
minimum macOS version.
Remove a bunch of no-longer-needed version checks.
The include_directories documentation at
https://cmake.org/cmake/help/latest/command/include_directories.html
says:
"Note: Prefer the target_include_directories() command to add include
directories to individual targets and optionally propagate/export them
to dependents."
Switch from include_directories to target_include_directories in a bunch
of places.
Add "SYSTEM" to the remaining external include_directories calls in
order to minimize our compiler warning blast radius.
Provide a wiretap routine to get an array of all savable file
type/subtypes, sorted with pcap and pcapng at the top, followed by the
other types, sorted either by the name or the description.
Use that routine to list options for the -F flag for various commands
Rename wtap_get_savable_file_types_subtypes() to
wtap_get_savable_file_types_subtypes_for_file(), to indicate that it
provides an array of all file type/subtypes in which a given file can be
saved. Have it sort all types, other than the default type/subtype and,
if there is one, the "other" type (both of which are put at the top), by
the name or the description.
Don't allow wtap_register_file_type_subtypes() to override any existing
registrations; have them always register a new type. In that routine,
if there are any emply slots in the table, due to an entry being
unregistered, use it rather than allocating a new slot.
Don't allow unregistration of built-in types.
Rename the "dump open table" to the "file type/subtype table", as it has
entries for all types/subtypes, even if we can't write them.
Initialize that table in a routine that pre-allocates the GArray before
filling it with built-in types/subtypes, so it doesn't keep getting
reallocated.
Get rid of wtap_num_file_types_subtypes - it's just a copy of the size
of the GArray.
Don't have wtap_file_type_subtype_description() crash if handed an
file type/subtype that isn't a valid array index - just return NULL, as
we do with wtap_file_type_subtype_name().
In wtap_name_to_file_type_subtype(), don't use WTAP_FILE_TYPE_SUBTYPE_
names for the backwards-compatibility names - map those names to the
current names, and then look them up. This reduces the number of
uses of hardwired WTAP_FILE_TYPE_SUBTYPE_ values.
Clean up the type of wtap_module_count - it has no need to be a gulong.
Have built-in wiretap file handlers register names to be used for their
file type/subtypes, rather than building the table in init.lua.
Add a new Lua C function get_wtap_filetypes() to construct the
wtap_filetypes table, based on the registered names, and use it in
init.lua.
Add a #define WSLUA_INTERNAL_FUNCTION to register functions intended
only for internal use in init.lua, so they can be made available from
Lua without being documented.
Get rid of WTAP_NUM_FILE_TYPES_SUBTYPES - most code has no need to use
it, as it can just request arrays of types, and the space of
type/subtype codes can be sparse due to registration in any case, so
code has to be careful using it.
wtap_get_num_file_types_subtypes() is no longer used, so remove it. It
returns the number of elements in the file type/subtype array, which is
not necessarily the name of known file type/subtypes, as there may have
been some deregistered types, and those types do *not* get removed from
the array, they just get cleared so that they're available for future
allocation (we don't want the indices of any registered types to changes
if another type is deregistered, as those indicates are the type/subtype
values, so we can't shrink the array).
Clean up white space and remove some comments that shouldn't have been
added.
QDateTime to/from Time_t functions are deprecated in favor of 64-bit
to/from seconds since epoch introduced in Qt 5.8.
QLayout::setMargin() is deprecated in favor of setContentsMargin().
In the proto tree, copy URLs instead of opening them.
In the export dialog, enable previews only if the advertised MIME type
*and* the contents of the file are plain text, GIF, JPEG, or PNG.
Add warnings to the wslua browser_open_url and browser_open_data_file
documentation.
Fixes#17232.
Use target_include_directories instead of include_directories in a few
places as recommended at
https://cmake.org/cmake/help/latest/command/include_directories.html
Doing so lets us mark a bunch of dependency includes SYSTEM PRIVATE, in
particular LIBXML2_INCLUDE_DIRS. On macOS this keeps us from triggering
the nullability warnings described at
https://www.wireshark.org/lists/wireshark-dev/202004/msg00056.html
(This might also keep the Visual Studio code analyzer from complaining
about various Qt headers, but I haven't tested this.)
The "short name" is really just the name, used to look it up. The
"name" is really a description intended solely for human consumption.
Rename the fields, and the functions that access them, to match.
The "description" maintained by Lua for file type handlers is used
*only* for one debugging message; we should probably just eliminate it.
Call it an "internal description" for now.
Remove NG from the names - it adds nothing.
Don't use the abbreviations for pcapng block names, spell out what the
block does (e.g. "WTAP_BLOCK_DECRYPTION_SECRETS" rather than
"WTAP_BLOCK_DSB"), to make it more obvious what the block does.
Spell out some other abbreviations.
Add WTAP_BLOCK_PACKET for future use for packet blocks; there's no need
to distinguish between the Enhanced Packet Block, the Simple Packet
Block, and the deprecated Packet Block here.
When recap is initated, list in RTP Stream dialog is cleared and new list
is read from capture so previously selected rows are deselected.
Patch solves it.
Functional changes:
Audio routing information is now stored in audio stream and not in table. It
is handled by separate utils/rtp_audio_routing.cpp class which is able to
convert it between mono/stereo etc.
There is new utils/rtp_audio_routing_filter.cpp class which is able to
route mono audio stream to any audio channel.
Sample file separated from audio stream file - sample file is generated only
during recap. So when we need new waveform, we just use existing sample file
and no recap required - it is much faster.
Audio stream exports just mono audio. Mono audio is then expanded to stereo
and correct channel by AudioRoutingFilter during play as required. So when
audio routing is changed, no recap and no audio export is required.
When audio stream is muted, no audio is produced nor played.
Most of signals between RtpPlayerDialog and RtpAudioStream were removed.
Start/Pause/Stop is processed in RtpPlayDialog (just for non muted streams).
Play possition is not received from every playing stream but from independent
silence stream.
Added Mute/Unmute function.
Optimalization:
When audio routing is changed, just graphs are updated. No retap nor audio
decoding is required.
When TOD is changed, just graphs are updated. No retap nor audio decoding is
required.
Currently, only pcapng has one, and it does nothing, but this mechanism
will be used more in the future.
Update comments in epan/dissectors/CMakeLists.txt and ui/taps.h while
we're at it.
When many streams are analyzed, some streams can be found as useless during
replay. Patch adds option to remove it from list in RTP player.
Once stream is removed, it can't be returned except close/reopen RTP player
with new selection.
When there is many waveforms, it is not clear which one is selected in list.
It is important for selecting packets from graph.
Patch emphasis selected waveform. In addition, it allows to select waveform
by clicking on it.
Change the data structure for that option to have a type field,
indicating that it's either a pcap filter string or a BPF program,
followed by a union with a string-pointer member for pcap filter strings
and an instruction-count-and-pointer-to-instructions structure for BPF
programs.
Have routines to add, set, and fetch that option that handle that
structure; discard the "generic structured option" routines. That means
there's more type checking possible at compile time.
Add more code to handle BPF programs.
When writing pcapng files, check, both for that option and for string
options, whether the option length is too big for the data to fit in a
pcapng option, and don't write it if it is. (XXX - truncate the data?
Report an error?)
Patch solves issue for case when QT plays audio faster than reads it from file.
The change looks strange because there is no way how to get buffer size before
starting the play. So code start the play, reads buffer and stop it. Then
increases buffer size and start play again.
Note: You still can receive ALSA notifications like:
ALSA lib pcm.c:8545:(snd_pcm_recover) underrun occurred
but it do not stop audio replay.
Pull the code to register plugin taps, and the loop to register built-in
taps, into a single register_all_tap_listeners() routine.
This leaves it up to libwireshark, not to the programs using it, to know
how to register them.
If, for example, you run out of file descriptors, dup() can fail, and
ws_dup() is a wrapper around it on UN*X. Don't just pass the result of
ws_dup() to ws_fdopen(); instead, save its result, check against -1 and,
if it's -1, give up, otherwise pass it to ws_fdopen().
This addresses Coverity CID 1471708.
Also, if ws_fdopen() fails, close the descriptor we got from ws_dup();
this closes a possible FD leak.
Fix various warnings with the following changes:
Pass a list of include directories to lupdate. Fixes:
ui/qt/proto_tree.cpp:57: Qualifying with unknown namespace/class ::ProtoTree
and similar warnings.
Use QT_TRANSLATE_NOOP instead of QT_TR_NOOP. Fixes:
ui/qt/lte_rlc_statistics_dialog.cpp:993: tr() cannot be called without context
ui/qt/lte_mac_statistics_dialog.cpp:911: tr() cannot be called without context
ui/qt/font_color_preferences_frame.cpp:28: tr() cannot be called without context
ui/qt/font_color_preferences_frame.cpp:29: tr() cannot be called without context
ui/qt/font_color_preferences_frame.cpp:30: Discarding unconsumed meta data
Add Q_OBJECT to the class definition. Fixes:
ui/qt/models/filter_list_model.cpp:120: Class 'FilterListModel' lacks Q_OBJECT macro
The following warnings were not fixed. This might require moving IOGraph
to its own file:
ui/qt/io_graph_dialog.cpp:320: Qualifying with unknown namespace/class ::IOGraphDialog
ui/qt/io_graph_dialog.cpp:555: Qualifying with unknown namespace/class ::IOGraphDialog
ui/qt/io_graph_dialog.cpp:1059: Qualifying with unknown namespace/class ::IOGraphDialog
ui/qt/io_graph_dialog.cpp:1485: Qualifying with unknown namespace/class ::IOGraphDialog
Displaying statistics with tshark results in a memory leak.
tshark -r <any pcap file> -z dhcp,stat -q
==26971==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 24 byte(s) in 1 object(s) allocated from:
#0 0x7f89a4bae518 in calloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe9518)
#1 0x7f8989af2918 in g_malloc0 (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x53918)
init_stat_table allocates a table_stat_t. This is used as private data while
the tap listener is running but it's not freed afterwards.
This patch adds a finish callback for the tap listener where the
table_stat_t is freed.
qt-5.12.2/include/QtCore/qstring.h:291:31: note: candidate 1: QString
QString::arg(double, int, char, int, QChar) const
Q_REQUIRED_RESULT QString arg(double a, int fieldWidth = 0, char
fmt = 'g', int prec = -1,
qt-5.12.2/include/QtCore/qstring.h:975:16:
note: candidate 2: QString QString::arg(int, int, int, QChar) const
inline QString QString::arg(int a, int fieldWidth, int base, QChar
fillChar) const
wireshark/ui/qt/rtp_analysis_dialog.cpp:926:77:
error: ISO C++ says that these are ambiguous, even though the worst
conversion for the first is better than the worst conversion for the
second: [-Werror]
.arg(abs(r_calc.start_time_ms - f_calc.start_time_ms), 0,
'f', 6)
Change-Id: I6a27adff3b03bcfeac8fb56ceb0833d2707000b5
As running pd_ui_->advancedView->expandAll() takes a noticeable amount
of time and so would introduce significant lag while typing a string
into the Search box, we instead debounce the call to
updateSearchLineEdit(), so that it doesn't run until a set amount of
time has elapsed with no updates to the Search field.
If the user types something before the timer elapses, the timer restarts
the countdown.
Fixes#17107
Set the parent of the QMessageBox in the constructor instead of calling
QMessageBox::setParent(). The latter inherits from QDialog, and it
"clear[s] the window flags specifying the window-system properties for
the widget (in particular it will reset the Qt::Dialog flag)."
(See https://doc.qt.io/qt-5/qdialog.html#details )
This makes the dialog properly appear instead of attempting to save a file
with comments to a file type that does not support comments silently failing.
Fixes#17146.
The patch reintroduces WiresharkDialog::captureFileClosed() method and
calls captureFileClosing() and captureFileClosed() in right order.
Both methods call updateWidgets() at its end.
All dialogs were reviewed and captureFileClosing/Closed methods updated
when appropriate.
captureEvent() method in multiple dialogs changed to captureFileClosing/Closed
as it does same actions - looks like old style of detecting of capture
file closing.
Set the Packet List scrollbar page step to be equal to the height
of the scrollbar.
This makes page stepping using the packet list slider more natural.
In OverlayScrollBar return the real ScrollBar sliderPosition to ensure
the correct value is used when handling the actionTriggered signal in
vScrollBarActionTriggered().
This improves turning on and off auto scroll during capture when page
stepping using the packet list slider, because the value is propagated
after this signal.
The patch changes:
- Removed first_packet_mac_addr staff. It was commented out many years ago...
- Removed delta_timestamp item. Not used.
- Sequence verification takes into account timestamp therefore it is able to detect delayed packets more clearly. As consequence of it, #16330 is solved.
- If packet is delayed, it is not used in calculation of diff/jitter/skew. It just mess output. As consequence of it, #16330 is solved.
I checked output with many RTP streams and looks well. But I have no
sample with wrapped timestamp and I have just a few samples with
missing/reordered packets. Nevertheless all are calculated same way as
before and #16330 is solved too.
When waveform start much later than at time 0s, centering of waveform
was incorrect. The reason was that range was taken before rescalingAxes.
Patch solves the issue.
Reason for #16452 is that RTP Player dialog is destroyed before tap
finishes when Escape key pressed. The only solution I found is to check
whether dialog does exists when tap finishes. If so, data are processed
and shown. If dialog was destroyed in meanwhile, no data processing is done.
Start of call column is shown as seconds from start of capture nowadays.
This patch add option to show it as Time of Day. It adds symetry to
other voice processing dialogs
VoIP Calls dialog and RTP Streams dialog has now option to apply display
filter dialog during processing packets.
Filter checkbox is activated during dialog open when display filter is active.
New field apply_display_filter had to be added to voip_calls_tapinfo_t and
_rtpstream_tapinfo/rtpstream_tapinfo_t structures.
Preferences are extended with advanced settings:
gui.decimal_places1 - 2
gui.decimal_places2 - 4
gui.decimal_places3 - 6
rtp_analysis_dialog, rtp_player_dialog and rtp_stream_dialog uses new settings
for formating numbers. Same information in all dialogs uses same settings.
It solves request #15481.
Note: Other UI dialogs can be adapted later.
!1257 solved issue with duplication of information, but removed all
calls from VoIP Calls dialog. This patch solves the issue.
It was tested with many samples and provides same output as 3.4 branch.
We should not prevent a user from using a valid though perhaps enigmatic display
filter just because dfilter_deprecated_tokens() returns true.
Commit 3a53b8643b added ColoringRulesDialog::isValidFilter()
which would return false when dfilter_deprecated_tokens() returned true. Remove
the dfilter_deprecated_tokens() test.
Also fix memory leak for valid display filters.
Closes#17092
The fix solves issue #16952. It reverts commit 88813716 which introduced memory leak which causes the issue. The original issue with duplicating entries is solved too.
Because commit was cherry picked to 3.4.0 (might be in more branches), this patch should be cherry picked too.
The fix solves issue #16952. It reverts commit 88813716 which introduced memory leak which causes the issue. The original issue with duplicating entries is solved too.
Because commit was cherry picked to 3.4.0 (might be in more branches), this patch should be cherry picked too.
When capture contains just RTP streams without signalizations, there
is no way how to play many streams in one player (Analyze button plays
just two streams). This patch adds Play Streams button to dialog and
allows a user to select as many streams they wish.
Adds a pre-commit hook for detecting and replacing
occurrences of `g_malloc()` and `wmem_alloc()` with
`g_new()` and `wmem_new()`, to improve the
readability of Wireshark's code, and
occurrences of
`g_malloc(sizeof(struct myobj) * foo)`
with
`g_new(struct myobj, foo)`
to prevent integer overflows
Also fixes all existing occurrences across
the codebase.
If we're not on Windows, use clock_gettime(CLOCK_REALTIME) *if* we have
it; otherwise, fall back on gettimeofday().
(Note: neither Linux, nor macOS, nor Windows necessarily "have"
particular APIs; particular *versions* of Linux distributions
(kernel+libc) have them, particular *versions* of macOS have them, and
particular *versions* of Windows+MSVC have them.
And Linux, Windows and macOS aren't the only platforms on which we run.)
Fixes#17101.
We can't determine the version number, as there's nothing in the header
to indicate the version with which we were compiled, nor is there an API
to determine the version with which we're running.
Make sure NSView.wantsLayer is true by setting QT_MAC_WANTS_LAYER=1 at
startup if we're running on Big Sur and we were built with a version of
Qt susceptible to QTBUG-87014. Fixes#17075?
Every press of Play Stream or Prepare Filter caused incorrect increasing
of Packets count and added Comments.
The reason was that callinfo statistics were not clear before recap
therefore all new values were added to exiting ones.
Patch solves it.
Current CSV/YAML export from RTP stream exports just pure/unformated items. Therefore e.g. SSRC looks different way than shown in dialog. This patch adds additional columns with formated values.
In addition, export uses same method how to get values from a record as dialog uses.
Selecting Edit / Preferences on my asan+ubsan build brings up the
following warning from ubsan:
/media/sf_wireshark.git/ui/qt/models/column_list_model.cpp:273:9:
runtime error: load of value 25, which is not a valid value for type 'bool'
The problem is in ColumnListModel::populate(), where a ListElement is
populated from fmt_data. The ListElement's "changed" component is not
initialized, though.
It looks like "changed" is not used anywhere. This patch removes it from
the ListElement struct.
For Qt 5.11 and newer use horizontalAdvance() instead of boundingRect().width()
to calculate the width of a QString to position the hover rectangle position,
and to select which byte(s) to highlight.
Closes#17033.
Notes:
1. Wireshark internal max limit for ring buffer files is 100,000
2. Wireshark internal limit before warning the user is 65,535
3. GTK: The old GUI did not limit the value for this parameter
4. Qt: This value was limited to 1,000
Change:
Set the GUI limit to match the warning limit (65,535)
Closes#15968#17059
- set width of pull down list so items are visible
- allow user to resize columns in UAT editor
- resize columns on open and changing data
- if a UAT file does not exist, display the UAT name in lower right
where pathname is displayed for files
- pad pathname on right to account for right tilt of italic fonts
Note: a future change may be to not resize columns where user has
changed width.
The Export Objects Content-Type filter combobox should not sort the
header of "All Content-Types" in with the list of content types, but
should ensure that it is always the first item, especially as the first
item position is used to show all content. This is particularly an issue
in some localizations; e.g., すべてのコンテントタイプ alphabetizes
after actual content types. Fixes bug #17048
QFont::ForceIntegerMetrics is deprecated, and the floating-point
variant of QFontMetrics is no longer used anyway since 96eec0beb9.
Change the font_width_ member to int, as should have been done in
that commit.
CaptureOptionsDialog allocates a SparkLineDelegate in its constructor.
It should set itself as parent of the SparkLineDelegate.
Without a parent, the SparkLineDelegate is never freed and each
invocation of Capture / Options leaks memory.
Don't call the columnString() and discard the result in order to force
colorization; instead, add a separate method to force colorization and
use that.
This avoids the need to choose a column; we were using 1 as the column
number, but column numbers are zero-origin, so that's column 2, which
isn't guaranteed to exist (a crash ensued if it didn't).
Improves the resolution of interval steps that can be selected in IO Graph.
Selectable interval steps follow a scheme of 1 -> 2 -> 5 -> 10.
Having a broad choice of different intervals is important for visualizing.
Pull the value-formatting code in proto_custom_set into
proto_item_fill_display_label. Use that in FieldInformation::toString
instead of fvalue_to_string_repr. Fixes#16911.
Add ByteViewText::updateLayoutMetrics, which fetches the character width
and line height. Call it whenever our font changes and when we're about
to paint. Blind attempt at fixing #15819.
Systemd journal entries aren't file-type-specific; they're found in both
systemd journal entry blocks in pcapng files and in systemd journal
export files. Give it a record type, for use with both file types.
This fixes#16955.
It also means that you can open a systemd journal export file and save
it as a pcapng file.
Start the limit at 2^32-1, as we use a guint32 to store the frame
number.
With Qt prior to Qt 6, lower the limit to 53 million packets; this
should fix issue #16908.
This reverts commit 5df2925434.
The problem only showed up in tfshark.c, and was caused by tfshark.c
using stuff from ui/urls.h but not *including* ui/urls.h.
If you use it, GCC 9.3.0 seems to think there's a missing parenthesis
somewhere, just as the version of clang++ in my version of Xcode does,
even though other versions of GCC don't. I'm clearly missing something
obscure about C here; I give up.
The macOS installer works differently from the way it did when that
message was written (it's now a drag-install for Wireshark, with
separate installers for ChmodBPF and for files to add the Wireshark
binary directory to the default $PATH), and the macOS main screen now
offers a "click this to install" link, running the ChmodBPF installer,
if the user doesn't have permissions to capture. Update the message
to reflect that (although that's wrong if you directly run dumpcap or
run it via TShark - this needs to be cleaned up in some fashion).
Fix a capitalization error while we're at it.
In the code that generates the main screen message to which the dumpcap
message refers, add a comment saying that, if the main screen message
changes, dumpcap's message should also be updated.
Fix Qt 5.15 deprecation warnings in QCustomPlot, similar to 76d92ba7e7.
Use default flags constructors instead of 0.
Use QWheelEvent::angleDelta() instead of QWheelEvent::angle().
Use QWheelEvent::position() instead of QWheelEvent::pos().
Use date::startOfDay() instead of QDateTime(date).
Use QMultiMap instead of QMap where needed.
The private members save_action_ and remove_action_ in class FieldFilterEdit
are not used. Remove them.
(It looks as if FieldFilterEdit was copied from DisplayFilterEdit, where
those two actions are present and linked to slots...)
cfile_dump_open_failure_message() opens a file for output, not input, so
use output_file_description(), not input_file_description() (i.e., "-"
means "standard output", not "standard input").
Add ColorUtils::contrastingTextColor, which chooses an appropriate text
color from the current application palette for a given background.
Use it in SyntaxLineEdit and FontColorPreferencesFrame for each state
background color.
Fixes#15840.
For all cases in topic_action_url(), set url and break out of the switch
statement.
For the default case, set the URL to WS_HOME_PAGE_URL - we should never
get there, as here's a g_assert_not_reached() call before that, but this
should squelch Coverity's complaint.
Should fix Coverity CID 1467697.
Add ui/urls.h to define some URLs on various of our websites. Use the
GitLab URL for the wiki. Add a macro to generate wiki URLs.
Update wiki URLs in comments etc.
Use the #defined URL for the docs page in
WelcomePage::on_helpLabel_clicked; that removes the last user of
topic_online_url(), so get rid of it and swallow it up into
topic_action_url().
Run
$ gsed -i -e 's/\(tr *(.*".*\)" *UTF8_HORIZONTAL_ELLIPSIS/\1…"/' $( ag -l 'tr *\(.*" *UTF8_HORIZONTAL_ELLIPSIS' )
$ gsed -i -e 's/\(tr *( *\)UTF8_HORIZONTAL_ELLIPSIS *"/\1"…/' $( ag -l 'tr *\( *UTF8_HORIZONTAL_ELLIPSIS *"' )
in ui/qt. As discussed in #16812, the UTF8_ macros were required at one
time because we only allowed ASCII in our source code. However, that
requirement has since been relaxed and Qt's translation framework
doesn't handle concatenating strings and macros very well.
QGraphicsScene::clear() doesn't reset the scene's the size and scroll
position. This is useful when we switch between packets, but we should
do a hard reset when switching between captures.
Gap items have a null field_info pointer, so set "Unknown" as the
default representation string and fill it in after we've established
that field_info is valid. Closes#16851.
FT_NONE items all have the name "Text Item" which makes it look
poor in the packet diagram.
For these fields, switch to use ->representation insead of ->name
to make these fields look more meaningful.
SMB2 is a protocol that consists of two FT_NONE expansions,
one for the Header and a second for the actual Command.
This makes packet diagram show this much nicer.
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
FieldInformationGraphicsItem's constructor allocates a FieldInformation
which is never freed.
Opening MTP3 statistics for any capture file causes memory leaks.
Indirect leak of 1120 byte(s) in 10 object(s) allocated from:
#0 0x55e32cf19a42 in operator new(unsigned long)
#1 0x7f4cca598661 in QObject::QObject(QObject*)
#2 0x55e32d5f397f in PacketDiagram::addDiagram(_proto_node*)
...
Indirect leak of 400 byte(s) in 10 object(s) allocated from:
#0 0x55e32cf19a42 in operator new(unsigned long) ...
#1 0x55e32d5fce04 in FieldInformationGraphicsItem::FieldInformationGraphicsItem(...)
#2 0x55e32d5f397f in PacketDiagram::addDiagram(_proto_node*)
...
Add a FieldInformationGraphicsItem destructor and delete FieldInformation there.
FT_STRINGZPAD is for null-*padded* strings, where the field is in an
area of specified length, and, if the string is shorter than that
length, all bytes past the end of the string are NULs.
FT_STRINGZTRUNC is for null-*truncated* strings, where the field is in
an area of specified length and, if the string is shorter than that
length, there's a null character (which might be more than one byte, for
UCS-2, UTF-16, or UTF-32), and anything after that is not guaranteed to
have any particular value.
Use IS_FT_STRING() in some places rather than enumerating all the string
types, so that those places get automatically changed if the set of
string types changes.
Remove the --check-addtext and --build flags. They were used for
checkAddTextCalls, which was removed in e2735ecfdd.
Add the sources in ui/qt except for qcustomplot.{cpp,h}. Fix issues in
main.cpp, rtp_audio_stream.cpp, and wireshark_zip_helper.cpp.
Rename "index"es in packet-usb-hid.c.
Use UTF8 middle dot for non-printable characters in ShowPacketBytes to
clearly show the difference between a non-printable character and '.',
and to align with the PacketBytes view.
Make sure that pending protocol preference changes caused by Decode
As have been fully applied before redissection. Prevents referencing
already freed memory Closes#16787. Also close#10305
The PacketDiagram widget prints debugging information about items that
it skips and resizes. Make this conditional, similar to what we do
elsewhere.
Bug: 16769
Change-Id: Id7fbedbdac6096cbca8d997688d489eac4729f52
Reviewed-on: https://code.wireshark.org/review/38121
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's used in a number of source files; don't force each of them to test
GCRYPT_VERSION_NUMBER independently.
Make sure every file that uses HAVE_LIBGCRYPT_AEAD includes
wsutil/wsgcrypt.h.
Also do some other definitions that are based on the libgcrypt version
there as well.
This requires that the Qt UI code be given the include directory for
libgcrypt, as the follow stream code includes
epan/dissectors/packet-quic.h, which includes wsutil/wsgcrypt.h to get
HAVE_LIBGCRYPT_AEAD defined, and wsutil/wsgcrypt.h includes <gcrypt.h>.
Change-Id: I9cb50f411f5b2b6b9e28a38bfd901f4a66d9cc8f
Reviewed-on: https://code.wireshark.org/review/38116
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Add a new top-level view that shows each packet as a series of diagrams
similar to what you'd find in a networking textook or an RFC.
Add proto_item_set_bits_offset_len so that we can display some diagram
fields correctly.
Bugs / to do:
- Make this a separate dialog instead of a main window view?
- Handle bitfields / flags
Change-Id: Iba4897a5bf1dcd73929dde6210d5483cf07f54df
Reviewed-on: https://code.wireshark.org/review/37497
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"Save as" in Follow Stream saves whatever is displayed (except for
Raw), and has long always saved in UTF-8 encoding. (A few things are always
ASCII, which is still valid UTF-8.) The older description of "Show data as"
makes more sense here, as otherwise it implies data will be saved in the
original encoding instead of UTF-8. A checkbox or similar to save in the
original encoding instead of UTF-8 is a possible future enhancement.
Change-Id: I2d5016e9a974d5d614ff93eab0301ea0ce96108e
Reviewed-on: https://code.wireshark.org/review/37771
Reviewed-by: Guy Harris <gharris@sonic.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
When checking a filter the status message should always be pop'ed when
having an empty filter, regardless of having the clear button or not.
This will ensure the status message is removed when removing a display
filter using DisplayFilterEdit in other dialogs than Main.
Change-Id: I3c9a4933cd0c60ab624ea1939ffafecb58b3ffd5
Reviewed-on: https://code.wireshark.org/review/38052
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Fix some status message and tooltip issues introduced when enabling
autocomplete on find packet search in g0162ba73.
1. Enable or disable completion only when search type is changed.
This setting is used in checkDisplayFilter(), which used to be
called *before* changing allowCompletion in updateWidgets(), and
this was causing issues with wrong status messages.
2. Check filter (usually triggered by changes in the search line)
or reset filter syntax (added by DisplayFilterEdit) when search
type is changed. This will trigger an update of the status message
and the tooltip.
3. Stop checking display filter if not doing completion (not display
filter search). This will avoid setting a status message from a
previous illegal display filter.
Ping-Bug: 16638
Change-Id: I1534d9494cc4d7b7a0583cb845c091ae709458ae
Reviewed-on: https://code.wireshark.org/review/38061
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Pop the filter syntax message in search frame when changing search type
and when hiding the widget to avoid having outdated status messages.
Change-Id: I87c63c070621cff0d5ecebc2fcd41f9d7c02adec
Reviewed-on: https://code.wireshark.org/review/38051
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The ByteViewText widget has been refactored a few times. At one point it
was based on QHexView by Evan Teran, and had a comment saying so. A
later refactor removed the comment but didn't completely rewrite all of
the code. Put the comment back (and spell Evan's name correctly this
time around).
Change-Id: I2fe7779e1b6773a5e8b38d317ebfd26b07900272
Reviewed-on: https://code.wireshark.org/review/37989
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a tsprec value to the wtap_dump_params structure, giving the
per-file time stamp precision.
In wtap_dump_init_dumper(), when constructing a dummy IDB for files that
don't have one, fill in the tsprecision and time_units_per_second values
based on the tsprec value in the wtap_dump_params structure.
Change-Id: I3708b144d4d0ac0dfbe32bd1c16768a75c942141
Reviewed-on: https://code.wireshark.org/review/37979
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use pushStatus() in C++ code, improve translation support and end
each message with a dot.
Change-Id: I3f673da4736c3fe49203048da282afa1abf92337
Reviewed-on: https://code.wireshark.org/review/37887
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
QString is no longer allowed to be append()ed to QByteArray.
Change-Id: I177e271d01c51d190b57f679f38d11b31b1f96c4
Reviewed-on: https://code.wireshark.org/review/37879
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Use the existing (possible hidden) column when doing "Apply as Column"
on a field which is already used as a custom column. This will help
prevent having multiple equal custom columns, where all will be hidden
at startup and profile change when only one of them are configured as
hidden.
Multiple equal columns can always be manually configured using
"Preferences -> Appearance -> Columns" if this is intended.
Change-Id: Ib03893facfa3f194f3b3303645fb3f9313ec9e91
Reviewed-on: https://code.wireshark.org/review/37861
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When loading a capture file in the GUI, this change causes the list of
available file types to be sorted alphabetically. "Automatically detect
file type", pcap, and pcapng remain at the top of the list.
Unlike my prior crack at this in change #36862, this is done directly in
the file open dialogs (open_file_hook_proc() for Windows,
CaptureFileDialog::addFormatTypeSelector() and CaptureFileDialog::open()
for Qt). No changes to wiretap.
It's not a huge deal if you folks decide this isn't necessary, I just
think this gives a bit of extra polish to the load-file dialog. It also
makes it easier for the user to spot the format they want if they aren't
aware that the file-format dropdown accepts keyboard input.
Change-Id: Ie81c6d99e83fe862f20b413318ac8ce76463a766
Reviewed-on: https://code.wireshark.org/review/37749
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
We aren't using them now; stick to libpcap APIs (including Windows-only
libpcap APIs).
Change-Id: I812eaa31ba1e6e611418853105d3e00c9130a420
Reviewed-on: https://code.wireshark.org/review/37852
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Change from master_split_.show() to packet_list_->show() in layoutPanes()
to avoid an issue where the pane sizes was stored with wrong values when
quit just after startup without loading a file.
This fixes a regression issue from g5ce52f74 and g7ebd5405.
Change-Id: I7ba1b5f8c9440d41d58dfd729013a0fd1e16be07
Reviewed-on: https://code.wireshark.org/review/37839
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
We no longer support Qt 5.2 or earlier.
Change-Id: I94ba6df2120956dadfce407fd999d39250485bc6
Reviewed-on: https://code.wireshark.org/review/37821
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: John Thacker <johnthacker@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Introduced QT 5.7 calls in my recent change (also C+11, which is
required for QT >= 5.7). Providing an alternate code path for QT < 5.7
Change-Id: I866af35138d4691a659aee756ce9c3ce4ffb933f
Reviewed-on: https://code.wireshark.org/review/37779
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
In each of our executables we were calling "setlocale(LC_ALL, "")" at
startup. This told Windows that output was encoded using the current
system code page. Unless the code page was 65001 (UTF-8), this was a lie.
We write UTF-8 to stdout and stderr, so call "setlocale(LC_ALL, ".UTF-8)"
at startup on Windows. This lets the CRT translate our output correctly
in more cases.
Clarify and expand the OUTPUT section in the tshark man page.
Bug: 16649
Change-Id: If93231fe5b332c292946c7f8e5e813e2f543e799
Reviewed-on: https://code.wireshark.org/review/37560
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Use the QT text codec support to add charset conversions for all character
encodings supported by QT to Show Packet Bytes and Follow Stream (Save As
will convert to UTF-8.) Note that this is dynamic and the exact list will
depend on the version of QT and if libicu support is enabled. This does
make the list of codecs pretty long, so hopefully it shows up well on all
the different QT styles.
This does not yet support when multibyte characters span more than one packet
in Follow Stream, though the current code doesn't do that for UTF-8 or UTF-16
already. This is probably most useful for HTTP captures.
Bug: 16137
Change-Id: I6d5cd761a5d9d914b7a787fe8eb02b07b19642e6
Ping-Bug: 16630
Reviewed-on: https://code.wireshark.org/review/37707
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add support for handling PREF_SAVE_FILENAME, PREF_OPEN_FILENAME and
PREF_DIRNAME in a preference editor frame.
Change-Id: Ie9d1cc08bc79a0adefff344fd0d117405f86475c
Reviewed-on: https://code.wireshark.org/review/37669
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Show all protocols which has preferences in the packet list context
menu "Protocol Preferences".
Change-Id: I72e2ed95db36cc6d817ca44db214782f075d55d6
Reviewed-on: https://code.wireshark.org/review/37666
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The ByteView recent settings are common for all tabs. Ensure all
tabs are updated when display format or character encoding is changed.
This fixes an issue where the row_width is wrong and the menu action
checkmarks are out of sync after switching ByteView tab.
Change-Id: Ied25ac41467143f37327ccadcb821262eb86ef0a
Reviewed-on: https://code.wireshark.org/review/37655
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The protocol preferences menu item for disabling the protocol does
not bring up a new dialog, so remove the ellipsis.
Change-Id: I210bd6d5f76ce240f1d2a2d1a852e176a48ea1f0
Reviewed-on: https://code.wireshark.org/review/37667
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a new button to the Decode As dialog to copy entries from
another profile.
Change-Id: Ia04edd063bd2eba14b2b14acfd53b03111646f7e
Reviewed-on: https://code.wireshark.org/review/37616
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The heading in Apply as Filter and Prepare as Filter may be very
wide for byte arrays. Use ElideRight with an appropriate length
to limit the menu width.
Change-Id: I2b8f5c805d8fd180c23a211fb7a88d16591175d0
Reviewed-on: https://code.wireshark.org/review/37641
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also simplify some boolean logic in packet-dcerpc.c.
All reported by cppcheck.
Change-Id: I2075f2ec10dc777ad7635da4ef056d17fc5b0be0
Reviewed-on: https://code.wireshark.org/review/37609
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Accept changes in the Decode As dialog on Save and Ok even when the
Field or Current combox box still has focus.
Change-Id: I9d6277ff57714679b574756cbc6d4c4dcb06f8e2
Reviewed-on: https://code.wireshark.org/review/37580
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
The LUA API provides the "set_color_filter_slot" function, but without
a corresponding "get_" function, it's very hard for two LUA dissectors
to co-exist without one overwriting any color filters set by the other.
It also looks like the documentation comment for
"set_color_filter_slot" had an off-by-one error, which I've corrected
as I was adding almost identical documentation for the new API.
Change-Id: Ic54d23be555ec12e1830bbe6f84a1b04d04fd4f0
Reviewed-on: https://code.wireshark.org/review/37511
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change the separator from && to // due to popular support for
that separator instead.
Bug: 16498
Change-Id: I0ee934f3f8a7b9ff1c062b533046980e3feb3d99
Reviewed-on: https://code.wireshark.org/review/37465
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This feature introduced in V15.5.0 allows to have up to 15 DRBs by
adding LCID 32 to 38
Change-Id: I4442e26d115efe484eda4f2d8921483cf4278b99
Reviewed-on: https://code.wireshark.org/review/37462
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
On Windows, cleaning up the filename inside the zip
failed due to the backslash not properly being recognized.
This lead to profiles, which could not be imported on another
machine, if the filename contained a path not existing there.
Bug: 16608
Change-Id: Ib30b2370e30c30ac60f283edf6376c07258c25b6
Reviewed-on: https://code.wireshark.org/review/37437
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
- Some redundant assignments or tests.
- Some declarations were changed to match definitions in terms of
including _U_ for the same parameters
- Some parenthesis added/changed to made precedence more obvious
epan/color_filters.c:533: style: Variable 'name' is reassigned a value before the old one has been used.
epan/color_filters.c:534: style: Variable 'filter_exp' is reassigned a value before the old one has been used.
asn1/tcap/packet-tcap-template.c:2199: warning: Function 'dissect_tcap_ITU_ComponentPDU' argument order different: declaration '_U_, tvb, offset, _U_, tree, _U_' definition '_U_, tvb, offset, actx, tree, _U_'
epan/dissectors/packet-aim.c:2546: warning: Function 'dissect_aim_tlv_value_icq' argument order different: declaration 'ti, subtype, tvb, _U_' definition 'ti, _U_, tvb, pinfo'
epan/dissectors/packet-arp.c:1133: style: Clarify calculation precedence for '&' and '?'.
epan/dissectors/packet-arp.c:1143: style: Clarify calculation precedence for '&' and '?'.
epan/dissectors/packet-arp.c:1158: style: Clarify calculation precedence for '&' and '?'.
epan/dissectors/packet-arp.c:1168: style: Clarify calculation precedence for '&' and '?'.
epan/dissectors/packet-gtpv2.c:5997: warning: Function 'dissect_gtpv2_mbms_service_area' argument order different: declaration 'tvb, _U_, tree, _U_, _U_, _U_, _U_, _U_' definition 'tvb, _U_, tree, item, _U_, _U_, _U_, _U_'
epan/dissectors/packet-gtpv2.c:6291: warning: Function 'dissect_gtpv2_mbms_time_to_data_xfer' argument order different: declaration 'tvb, _U_, tree, _U_, _U_, _U_, _U_, _U_' definition 'tvb, _U_, tree, item, _U_, _U_, _U_, _U_'
epan/dissectors/packet-gtpv2.c:6369: warning: Function 'dissect_gtpv2_epc_timer' argument order different: declaration 'tvb, _U_, tree, _U_, _U_, _U_, _U_, _U_' definition 'tvb, _U_, tree, item, _U_, message_type, _U_, _U_'
epan/dissectors/packet-knxip.c:2939: style: Condition 'mac_error' is always false (just added comment)
epan/dissectors/packet-mac-lte.c:4386: style: Clarify calculation precedence for '&' and '?'.
epan/dissectors/packet-nas_5gs.c:1828: style: Variable 'nas5gs_data->payload_container_type' is reassigned a value before the old one has been used. (noted confusing recursion)
epan/dissectors/packet-rpcrdma.c:587: warning: Identical condition 'offset>max_offset', second condition is always false
epan/dissectors/packet-rsl.c:2098: style: Assignment of function parameter has no effect outside the function.
Change-Id: Ib5c9a04cfb6e6233972bc041434601c8ef09c969
Reviewed-on: https://code.wireshark.org/review/37343
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Use Qt::ItemFlags() instead of 0.
Use QFileDialog::Options() instead of 0.
Use QComboBox::textActivated instead of QComboBox::activated.
Switch to just using Qt::WindowFlags() in GeometryStateDialog. This
*should* work for Qt 5.5 and earlier, but if it doesn't we can switch
back.
Change-Id: Iaf4e7efa1a11fc7f3325b449eef1be308cd21b45
Reviewed-on: https://code.wireshark.org/review/37349
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use proper functions to lookup/iterate elements in QHash
Avoid useless lookup
Change-Id: I7a115ae5ed35b31599f33050e36bf68007167a96
Reviewed-on: https://code.wireshark.org/review/37304
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Make sure we set QIODevice::Text on our QTextStreams when saving and
exporting text so that we get native line endings on Windows.
Change-Id: I4602157d2d170eb9a2c79032254ea5be236c7589
Reviewed-on: https://code.wireshark.org/review/37336
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix the following deprecation issues for Qt 5.15:
Use Qt::WindowFlags() instead of 0 in Qt >= 5.6.
Pass Qt::SkipEmptyParts instead of QString::SkipEmptyParts to QString::split() in Qt >= 5.15.
Use QMultiMap instead of QMap where we were using QMap::uniqeKeys().
Use QCP::Interactions() instead of 0.
Use '\n' instead of QTextStream::endl.
Use QWheelEvent::angleDelta() instead of QWheelEvent::angle().
Change-Id: Ie2d69d3a396c0821c2c34f506ddad6f8e22f7049
Reviewed-on: https://code.wireshark.org/review/37334
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
/opt/SourceCode/wireshark/epan/dissectors/packet-frame.c 818 warn V547 Expression 'fi' is always true.
/opt/SourceCode/wireshark/epan/dissectors/packet-gsm_sms.c 2692 warn V547 Expression 'length <= (offset - saved_offset)' is always false.
/opt/SourceCode/wireshark/epan/dissectors/packet-isup.c 4688 warn V1037 Two or more case-branches perform the same actions. Check lines: 4688, 4697
/opt/SourceCode/wireshark/extcap/androiddump.c 1237 warn V560 A part of conditional expression is always true: data_str.
/opt/SourceCode/wireshark/extcap/androiddump.c 1603 warn V547 Expression is always true.
/opt/SourceCode/wireshark/ui/qt/models/packet_list_model.cpp 497 warn V560 A part of conditional expression is always true: ok_r1.
For the voip_calls.c change, I preferred to initailize along with every other field, rather than set to actual value it gets set to later.
For the isobus-vt change, I could not find a spec but followed the pattern from other error bit fields.
Bug: 16335
Change-Id: Ie55082222b582f6fff4e8c7a992d863acee6cf15
Reviewed-on: https://code.wireshark.org/review/37160
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Instead of hiding whole packet list widget when freezing, hide only the
header. This prevents unwanted column resizes while keeping the widget
on screen while capture file is loading.
Prevent flickering by showing master_split_ only after all widgets are
in correct place.
Ping-Bug: 16063
Ping-Bug: 16491
Change-Id: I3bb0763c44b23b1e4118003502d4bf3903591f34
Reviewed-on: https://code.wireshark.org/review/37159
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When the user opens the conversation dialog, selects a tcp conversation and
presses the Graph button, the ConversationDialog kicks off these two actions
1.) apply a display filter "tcp.stream eq X" (where X is the number of the stream)
2.) open the tcp stream graph
Both actions are asynchronous and, at least on my machines, the graph is opened
before the filter is applied. The graph requires that the current packet be
part of the selected tcp conversation. If it's not (because the filter isn't
applied yet), we get the "Selected packet isn't a TCP segment or is truncated"
error message and the graph is not shown.
Fix this by enforcing the correct order for the two actions. MainWindow sends
the displayFilterSuccess signal when a display filter was applied. Listen to this
signal in ConversationDialog and launch the tcp graph when the filter was
applied successfully.
Change-Id: I63debe2125ba8f0a737ff4882a9fca0a7bcdb0f5
Reviewed-on: https://code.wireshark.org/review/37130
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Programatically show the master split widget before elements are added
to prevent pending resize events from resizing packet columns to insane
widths (in my case orders of magnitude higher than display resolution)
Such resize was occuring when loading capture file if configuration file
included hidden columns (e.g. 55 defined columns, 8 visible). The resize
was not directly visible to user. Resize event call chain included calls
to recent_set_column_width() that changed width stored in configuration.
Modified configuration column width value would become effective after
user added or removed columns.
Hide PacketList when freezing and show it when thawing. Do not call
setUpdatesEnabled(false) as it leads to widget/preferences columns
missynchronization.
Clear packet list before freeing frame data. This prevents accessing
freed memory in ProtoTree on file close if packet list was in focus and
the next widget to get focus is packet details.
Ping-Bug: 16063
Bug: 16491
Change-Id: I2c21d928348681af1793b3263815c81ee73d41b0
Reviewed-on: https://code.wireshark.org/review/37029
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
/opt/SourceCode/wireshark/epan/dissectors/packet-flip.c 155 warn V547 Expression 'chksum_hdr_chksum == computed_chksum' is always false.
/opt/SourceCode/wireshark/epan/dissectors/packet-zbee-zcl-meas-sensing.c 1295 err V590 Consider inspecting the '(value > 0x0000) || (value > 0xfffd)' expression. The expression is excessive or contains a misprint.
/opt/SourceCode/wireshark/ui/qt/lte_rlc_statistics_dialog.cpp 504 warn V668 There is no sense in testing the 'channel_item' pointer against null, as the memory was allocated using the 'new' operator. The exception will be generated in the case of memory allocation error.
Bug: 16335
Change-Id: Ief19a82e84bd16df33c453d6cc30db37f1c589ea
Reviewed-on: https://code.wireshark.org/review/37150
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
ui/capture.h has a function prototype using capture_file struct
without it being defined yet. This fails to compile with recent
GCC (9.3.1)
Bug: 16547
Change-Id: I84f932de2e7ed70f14aa157b9c3b1d1f80b0016f
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-on: https://code.wireshark.org/review/37024
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Just have a display name and description of "(Unknown)" if we have no
display name, no description, *and* no interface name.
Change-Id: I8403779c17c1e6d96d5ba29941081f560ad5339c
Reviewed-on: https://code.wireshark.org/review/37086
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Remove an assignment of NULL to a variable when it's in a branch of code
where the variable's already known to be NULL. Found by PVS-Studio.
Pull get_display_name_for_interface() into the one place it's used.
That:
allows us to eliminate a test as, inside the loop where it's called,
the loop index is what's passed to it, and the loop tests whether
it's in range, so the test will never fail;
means we just set interface_opts once, for both of the places it's
used.
Then we fix that code so that it sets interface_opts->descr to a
generated descriptive name if it *is* null, rather than if it's *not*
null.
That should clean up some issues found by 1) PVS-Studio and 2) me.
Change-Id: I4188ca8f5c7306477ef11117016691d1c9f0267f
Reviewed-on: https://code.wireshark.org/review/37082
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
/opt/SourceCode/wireshark/ui/voip_calls.c 3786 err V773 The function was exited without releasing the 'g_tmp' pointer. A memory leak is possible.
Tested with unistim_call.pcap from SampleCaptures.
Bug: 16335
Change-Id: I8518a3e277e8acec15e09ca5f36672b5bdd181fe
Reviewed-on: https://code.wireshark.org/review/37028
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
/opt/SourceCode/wireshark/epan/dissectors/packet-osc.c 367 err V562 It's odd to compare 0 or 1 with a value of 0.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 960 note V576 Incorrect format. Consider checking the eighth actual argument of the 'proto_tree_add_subtree_format' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 980 note V576 Incorrect format. Consider checking the third actual argument of the 'proto_item_append_text' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 2473 note V576 Incorrect format. Consider checking the fourth actual argument of the 'col_prepend_fstr' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 2482 note V576 Incorrect format. Consider checking the fourth actual argument of the 'col_append_fstr' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 2633 note V576 Incorrect format. Consider checking the fourth actual argument of the 'col_append_fstr' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-rpc.c 2650 note V576 Incorrect format. Consider checking the fourth actual argument of the 'col_prepend_fstr' function. The SIGNED integer type argument is expected.
/opt/SourceCode/wireshark/epan/dissectors/packet-stun.c 565 warn V1051 Consider checking for misprints. It's possible that the 'reported_length' should be checked here.
/opt/SourceCode/wireshark/epan/dissectors/packet-umts_fp.c 4126 warn V1051 Consider checking for misprints. It's possible that the 'reported_length' should be checked here.
/opt/SourceCode/wireshark/epan/dissectors/packet-umts_fp.c 4942 warn V1051 Consider checking for misprints. It's possible that the 'reported_length' should be checked here.
/opt/SourceCode/wireshark/ui/voip_calls.c 1444 err V773 The 'comment' pointer was assigned values twice without releasing the memory. A memory leak is possible.
/opt/SourceCode/wireshark/wsutil/filesystem.c 1531 err V773 The function was exited without releasing the 'files' pointer. A memory leak is possible.
/opt/SourceCode/wireshark/wsutil/filesystem.c 1717 err V773 The function was exited without releasing the 'files' pointer. A memory leak is possible.
Bug: 16335
Change-Id: I8df3ba6d070823dcb43c4152d9156358f701e8dc
Reviewed-on: https://code.wireshark.org/review/37069
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Make wtap_file_get_shb() take a section number argument, and update code
that called it. In most cases, we convert the code to iterate over
sections; in cases where a big code change would be required, we
temporarily pass it 0 and mark the code as "needs to be updated for
multiple sections".
Eliminate cf_read_section_comment(); in calls outside file.c, other code
directly calls the libwiretap routines it calls and, inside file.c, we
just transplant the code and then fix it not to assume a single SHB.
Change-Id: I85e94d0a4fc878e9d937088759be04cb004e019b
Reviewed-on: https://code.wireshark.org/review/37000
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
If a personal profile has the same name as a global profile (which
is usually the case if it has been copied without changing the name
afterwards), there was a bug where renaming the profile was no longer
possible.
Bug: 16423
Change-Id: Idafd216d007179a4c6221eafc2ff296d277d5b1d
Reviewed-on: https://code.wireshark.org/review/36902
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Remember the delegates that we use and free them explicitly
in the destructor.
Change-Id: Iba07c3e9952dc152d94468b6b7c7e2c2a74c1f65
Reviewed-on: https://code.wireshark.org/review/36965
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remember the delegates that we use and free them explicitly
in the destructor.
Change-Id: I79698eb6ee4f565efcb3f02ac6239914c6acf3f5
Reviewed-on: https://code.wireshark.org/review/36964
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
MSVC falsely reports a '*/' found outside of comment warning
Change-Id: I41366c9760f6b698a1c6a4309cdfa2f9828bb0c2
Reviewed-on: https://code.wireshark.org/review/36961
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Exporting dissected bytes did not consider the
selection of packets on Windows, if multiple
packets had been selected
Bug: 16516
Change-Id: I9d914fe1fed22f842d73caea397a3f37ffc0d523
Reviewed-on: https://code.wireshark.org/review/36958
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Guy Harris