trying to handle reassembly of packets with *differing* handshake length
values a bit better.
Make coding style a little more consistent.
svn path=/trunk/; revision=48916
data stream", only the first FIN segment is reported with the
reassembled packet.
Show the TCP fragment tree *before* processing the payload, so it's
shown even if processing the payload throws an exception.
svn path=/trunk/; revision=48915
data stream", only the first FIN segment is reported with the
reassembled packet.
Show the TCP fragment tree *before* processing the payload, so it's
shown even if processing the payload throws an exception.
svn path=/trunk/; revision=48914
we thrown an exception if the lengths are too long.
For UCS-2/UTF-16 strings, do an extra length check to avoid overflows,
but throw ReportedBoundsError if the check fails, so we report them the
same way we report other too-large length errors.
Just use proto_tree_add_item() to put UCS-2/UTF-16 strings (assumed to
be UTF-16, not UCS-2; is that correct?) into the protocol tree.
svn path=/trunk/; revision=48913
From Uli Heilmeier
The current version of the SMTP dissector expects a 'AUTH LOGIN' mechanism without checking the mechanism.
When some other mechanism (like NTLM or PLAIN) is in use the decoding is wrong. Furthermore it is expected that the username is in a seperate packet. When the username is in the AUTH line the password is shown as smtp.auth.username and the username is not decoded.
svn path=/trunk/; revision=48910
created by taking packet-dvb-eit.c, doing a global search and replace of
"ei" with the new name, and then doing further editing).
svn path=/trunk/; revision=48891
Cleanup included:
1. converting proto_tree_add_text to proto_tree_add_item.
2. Converting state machines to use frame data instead of a large hash structure.
3. Apply consistent whitespace, add modelines
4. Remove global variable used for recursion, replaced with frame data.
5. Update protocol spec links
6. Add some "manual" fragmentation support. The goal was to fix bug 2157, but it appears some TCP SEQ/ACK inconsistencies may be getting in the way.
svn path=/trunk/; revision=48874
what these are). It gets freed slightly before we need to access it in order to
correctly free other glib memory.
Discovered accidentally while valgrinding the capture from
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8584
svn path=/trunk/; revision=48870
When the remote client sended a node set, it contains nodes info
The node info it shows like (1 3cad1f360cc51870d3e68d61ed604078bc608ee2 60.173.31.54:43365), but this node's true ip and port is 99.192.73.131:26025. When we expand these items, the ips and ports in detailed information are right.
From me :
It is a problem of encoding (LITTLE ENDIAN => BIG ENDIAN) and wrong offset
Some issue with Peers info
svn path=/trunk/; revision=48850
Add ACE4_INHERITED_ACE flag and NFS4ERR_DELEG_REVOKED error code.
Replace NFS4ERR_NODEV error code by NFS4ERR_DQUOT error code.
See RFC 5661 for details.
svn path=/trunk/; revision=48825
Numerous improvements and fixes for the OpenSafety dissector (too many to
usefully list here; see the bug).
As noted by Pascal, also fix a copy-paste error in the preferences registration.
svn path=/trunk/; revision=48817
that directory since 2001 and reading from that directory was only left in for
backwards compatibility with versions prior to r4702. I think it's now safe
to remove that backwards compatibility.
This eliminates the last argument of get_persconffile_path().
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8437
svn path=/trunk/; revision=48797
Bail out of the item length we get (which we use to increment the offset) is 0.
Otherwise the offset does not advance and we loop forever.
While we're in there: get the item length just once (there's no need to call
tvb_get_guint8() a half dozen times when one will do).
svn path=/trunk/; revision=48796
New dissector for PULSE protocol for Linux Virtual Server redundancy
very small dissector for PULSE protocol for Linux Virtual Server redundancy.
About pulse, see http://sourceware.org/piranha.
From me :
Add Modelines info
Replace tab by space
svn path=/trunk/; revision=48775
New dissector for PULSE protocol for Linux Virtual Server redundancy
very small dissector for PULSE protocol for Linux Virtual Server redundancy.
About pulse, see http://sourceware.org/piranha.
From me :
Add Modelines info
Replace tab by space
svn path=/trunk/; revision=48773
This patch adds support in the LISP dissector for the following:
* dissect Map-Referral packet subtype
* dissect individual fields in mapping records, which are now filterable
* some code cleanup
The NAT traversal draft added another field to go together with the xTR-ID, the site-ID field.
Add support for this field as well.
svn path=/trunk/; revision=48772
Use "offset +" in the calls to fill in the Info column, as presumably
the values being put into that column are the same as the values being
put into the protocol tree, and those have offsets based on the offset
variable.
svn path=/trunk/; revision=48755
Patch 45480 introduced the following check:
"tvb_ensure_bytes_exist(tvb, offset, neo ? neo : *bcp - ((unsigned)offset + 1));:
When the last entry in the directory listing is processed, 'neo' the next entry offset is zero so bcp is checked. The 'bcp' variable is set to the remaining reported bytes in the tvb. Subtracting the current offset +1 from *bcp usually produces a negative result and causes the error.
Removed "- ((unsigned)offset + 1)" and added "CHECK_BYTE_COUNT_SUBR(4);"
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8549
svn path=/trunk/; revision=48744
makes the TDMoE dissector call the LAPD bitstream dissector on the D-Channel. As a result, LAPD calls Q.931, and you can actually see call setup and tear down, instead of just a hex dump.
It adds a preference for which channel the D-Channel is.
It patches the LAPD code to fix a few bugs, not pass the checksum to Q.931 (who isn't expecting it), to register the lapd-bitstream dissector, and to mark packets with aborts or resets.
also storing more data on the lapd_byte_state_t.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8374
svn path=/trunk/; revision=48743
Merged packet-rtps.c and packet-rtps2.c into a single dissector. It appears packet-rtps2.[ch] "API" needs to be externally available, otherwise I would have rolled (the newly merged) packet-rtps.h into packet-rtps.c as well.
Converted many of the remaining proto_tree_add_text to proto_tree_add_item/expert_info and cleaned up the manual string manipulation so checkAPIs.pl is happy.
Added a "cooked" capture file to the SampleCaptures page on the wiki for future fuzztesting/regression.
svn path=/trunk/; revision=48727
Allow the IRC command and response dissection functions to be called with
subsets of the original (full) message line. Therefore we need to calculate
with real lengths and offsets, not mixed with lengths of the subset itself.
svn path=/trunk/; revision=48684
It complains that service_info may be used uninitialized, but my manual analysis
agrees with GCC 4.7 that it can't, so just defaulting it to NULL will be fine.
svn path=/trunk/; revision=48663
Add basic support for Bluetooth GNSS profile. It uses NMEA-0183, but that is not
free, so all we can do is add filtering and displaying for ASCII content.
Also add colors for DUN, GNSS to show them in contrast to RFCOMM.
svn path=/trunk/; revision=48662
The attached patch adds support for dissection of SAMConfiguration request packets,
and updates the opcode table to identify their corresponding (null/empty) responses.
svn path=/trunk/; revision=48656
Round 2 of Bluetooth SDP updates:
- replace a lot of proto_tree_add_text with named fields
- dissect more of the protocol
- misc fixes
svn path=/trunk/; revision=48655
First round of fixes for Bluetooth SDP.
From me:
- rename one call of match_strval to try_val_to_str instead
- remove a few hf entries that really belong with the second patch (they
weren't used in this one)
svn path=/trunk/; revision=48640
Effectively inline the only remain call (and replace a static buffer with ep
memory). Much of the NFS dissector needs to be converted to use named fields
at which point this code can go away, but that's a much bigger job.
Also, add modelines to packet-nfs.c and mark some internal value_string
functions as WS_DLL_LOCAL.
svn path=/trunk/; revision=48635
was done using textual search+replace, not anything syntax-aware, so presumably
it got most comments as well (except where there were typos).
Use a consistent coding style, and make proper use of the WS_DLL_* defines.
Group the functions appropriately in the header.
I ended up getting rid of most of the explanatory comments since many of them
duplicated what was in the value_string.c file (and were out of sync with the
recent updates I made to those in r48633). Presumably most of the comments
should be in the .h file not the .c file, but there's enough churn ahead that
it's not worth fixing yet.
Part of https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8467
svn path=/trunk/; revision=48634
Fix Coverity CID 702381: Missing break in switch.
Add an "XXX" note regarding the framing_rtp assignment, since something appears to be missing.
#BACKPORT(1.8)
svn path=/trunk/; revision=48620