and also fix warning found by fix-encodings-args
Change-Id: I20193d9f2700e8ede439dcc848390ff7672239b3
Reviewed-on: https://code.wireshark.org/review/1318
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Also, remove some more proto_tree_add_text() occurrences.
Change-Id: Ie46e16308b95f190229c22d06c5235ea3464394a
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1317
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Otherwise we end up doing reassembly of long messages one painful byte at a time
even when all of those bytes are in the same TCP payload. This results in
ridiculous memory usage.
Change-Id: Ie28d5ade1fec54e6ebc225341582270651d7371c
Closes-Bug: 10018
Reviewed-on: https://code.wireshark.org/review/1312
Reviewed-by: Evan Huus <eapache@gmail.com>
it no longer has any warnings
This reverts commit 30c9f421c0.
Change-Id: I5cc71f905ffa4f00ffb44ad7d03b2684c2e44e38
Reviewed-on: https://code.wireshark.org/review/1316
Reviewed-by: Evan Huus <eapache@gmail.com>
it no longer has any warnings
This reverts commit 3ff57c86ad.
Change-Id: I655f4cf682eb6784340799c54d2f9a6cc5321812
Reviewed-on: https://code.wireshark.org/review/1315
Reviewed-by: Evan Huus <eapache@gmail.com>
Avoid printf warnings when loading a capture with kerberos packets
when not having configured a keytab file.
Change-Id: I0950daa18c42f4687d29101fac74f6f6bd6071b1
Reviewed-on: https://code.wireshark.org/review/1300
Reviewed-by: Evan Huus <eapache@gmail.com>
As pointed out by David Ameiss, I only did automake the first time round.
Change-Id: Ie72ab5014d8f21d194d15af430c6c0a8a612f5f7
Reviewed-on: https://code.wireshark.org/review/1309
Reviewed-by: Evan Huus <eapache@gmail.com>
It currently generates some unused functions.
Change-Id: I59e2ffefbf66975d35f2a89c2c49c3ab61f41a84
Reviewed-on: https://code.wireshark.org/review/1306
Reviewed-by: Evan Huus <eapache@gmail.com>
- Create/use an extended value string;
- Use ...add_text() instead of ..._add_string() for a packet details "header" line
(Removes a filter named "mqtt" (not the 'protocol' filter));
- Fix what is (IMO) a slightly misleading display of "Connect Flags";
- Remove two lines of duplicate code;
- Localize some variables;
- Remove some unneeded initializers;
- Set tab-stops, etc in editor mode-lines to 8;
- 'offset++' ==> 'offset += 1';
- Do some minor whitespace changes.
Change-Id: Ia891c6893643790dbb26510f060c4fb6dfe1fe3a
Reviewed-on: https://code.wireshark.org/review/1304
Reviewed-by: Bill Meier <wmeier@newsguy.com>
g867a1827e7dc88896ee27a107eb35c4b3973d270 introduced a change to cleanup/fix
handling of bounds checks for -1 length fields, but it ended up guaranteeing a
throw for 0-length tvbs, which isn't good; we ought to be able to add 0-length
FT_PROTOCOL items at the very least.
Better names for the function than _cheat are welcome, but I want to shut up the
buildbot.
Change-Id: I24610f947d03dac32766e2a0ffa0ff7bcc74c3e8
Reviewed-on: https://code.wireshark.org/review/1303
Reviewed-by: Evan Huus <eapache@gmail.com>
Ie4d1edfd67a8e6f02834573f29f07baf79058534 created a several duplicate hf_ registrations. That led to the exposure of some other potential problems with generating sequences.
Still not quite complete, but want to pacify the buildbots, so there is a small amount of manual editing to comment out a few duplicated hfs in packet-parlay.c.
Change-Id: I0ff8a9795e213ab966db8d6333b9477bad06250b
Reviewed-on: https://code.wireshark.org/review/1302
Reviewed-by: Michael Mann <mmann78@netscape.net>
It causes the DTLS decryption test suite to fail for some reason, and I don't have time/energy to investigate further, so we should probably revert it until that gets resolved.
This reverts commit fc5d8db74d.
Change-Id: Iac9a7592047d2e080e380a70752efa076303e442
Reviewed-on: https://code.wireshark.org/review/1297
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
This has two expected uses:
- Many current users of wmem_tree don't actually need the predecessor lookup
it provides (the lookup_le function family). A hash map provides straight
insertion and lookup much more efficiently than a wmem_tree when predecessor
lookup isn't needed.
- Many current users of glib's hash table and hash functions use untrusted data
for keys, making them vulnerable to algorithmic complexity attacks. Care has
been taken to make this implementation secure against such attacks, so it
should be used whenever data is untrusted.
In my benchmarks it is measurably slower than GHashTable, but not excessively
so. Given the additional security it provides this seems like a reasonable
trade-off (and it is still faster than a wmem_tree).
Change-Id: I2d67a0d06029f14c153eaa42d5cfc774aefd9918
Reviewed-on: https://code.wireshark.org/review/1272
Reviewed-by: Evan Huus <eapache@gmail.com>
- If a user adds a pipe via "Capture Options"->"Manage Interfaces"
->"Pipes" the device.if_type.type is either not filled out (in
the case if no other interfaces exist), or will be set to the
last set if_type of the device queried by the iteration in line
3537.
- One could argue, that this is just a fixup, as still the issue
remains, that the device structure will not be resetted, after
the search for an already existing pipe element. Maybe a separate
variable should be used for searching as it is used for adding
the pipe
Change-Id: Ia727bf3ce270a62d065e8c524a13768af389c346
Reviewed-on: https://code.wireshark.org/review/1296
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This patch fixes dissection of some fields and restores some of the
output before the dissector was updated not to use proto_tree_add_text()
calls.
While at it improve the consistency in the code.
Change-Id: Ic30e60de1382f4325bd75e814444205f2fc5a359
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/1283
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Previously a sequence of "native" types (int, float, etc) generated a proto_tree_add_uint (for the loop over the sequence) and a proto_tree_add_XXX (for the "native" type), but only 1 hf variable was created for the "loop" field, so DISSECTOR_ASSERT_NOT_REACHED would be generated if "native" type != uint. Now a separate hf_ variable is generated for the "loop" and "native" type.
Also update existing IDL dissectors with new generator logic.
Change-Id: Ie4d1edfd67a8e6f02834573f29f07baf79058534
Reviewed-on: https://code.wireshark.org/review/1274
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(not sure why, but regeneration also "moved" some hf_ variables from previous version)
Change-Id: I197eacbb3f892dbdca6e6bc354fc88240c1bfb34
Reviewed-on: https://code.wireshark.org/review/1291
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Treat FT_BYTES and a few others the same as FT_PROTOCOL: allow a zero length
but throw an exception if the offset is already beyond the end of the TVB
(prior to this change it would assert out). This (when manually applied to
master-1.10) fixes https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9999 .
While we're at it: tvb_captured_length_remaining() no longer returns -1 (see
r52571) so don't expect it to. Instead just use
tvb_ensure_captured_length_remaining() to throw an exception if the offset is
bad.
Change-Id: I686722a4fed46b86139466afcf64ff02f319c702
Reviewed-on: https://code.wireshark.org/review/1289
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ei_array is supposed to be an array of expert_entry items. However, it
was initialized of an array of expert_info_t items which is much larger.
This caused an ASAN error when running `tshark -z expert` because
expert_stat_packet wants to read past the stack.
Fix this by correcting the type. While at it, reduce the size of
expert_entry for 64-bit systems (reduces initial memory usage by 8
kilobytes) and avoid a redundant g_array_index call.
Change-Id: I2e08676a5e242743ed502dd2836806604ea75cc0
Reviewed-on: https://code.wireshark.org/review/1275
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- Remove unneeded #includes;
- Move proto_reg_handoff...(() to the end of the file as per convention;
- Use dissector_add_handle() instead of using dissector_add_uint(..., 0, ...);
- #if 0 an unused global function (which caused a [-Wmissing-prototypes] warning);
- Remove an empty proto_reg-handoff...();
- 'if (already_registered)' not required in one case.
Change-Id: I74f267c2721df13eb4d52d7f19a6ded423218a39
Reviewed-on: https://code.wireshark.org/review/1277
Reviewed-by: Bill Meier <wmeier@newsguy.com>
This is more reliable than doing "tree math" and corrects the intention of 5470356154 which made the incorrect assumption that tcp_dissect_pdus will be called with the tree that is passed into a protocol's main dissection function (directly from TCP).
Change-Id: I6ffc2188420ab74784c7bc2c69aa79ff071c90b6
Reviewed-on: https://code.wireshark.org/review/1214
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rather than using a hash table, which is overkill and slow, embed a
doubly-linked-list in the prefix structure.
On my tests with some random capture file and tshark -nxVr:
- normal block allocator: ~2.1 seconds
- old (slow) strict allocator: ~4.2 seconds
- new (fast) strict allocator: ~2.8 seconds
The buildbot will thank me :)
Change-Id: I2fb42229c4ee4c40bbe45ba04b7848792998eaa9
Reviewed-on: https://code.wireshark.org/review/1251
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Modern hosts typically open many more TCP and UDP connections than in
years past. For an example opening a popular news site in a web browser
can easily trigger dozens of separate connections. At the same time our
services file has accumulated a lot of cruft over time. As a result
transport name resolution is a bunch of lies.
Change-Id: Ibbca5b1c7ea1e800fc46dad63b9270128dacd721
Reviewed-on: https://code.wireshark.org/review/1240
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ib4cfdd8261e53caef695d54a2991223b1f296448
Reviewed-on: https://code.wireshark.org/review/1247
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I474c03a1a40586a14cdec2196ee3ebc89eedd8ab
Reviewed-on: https://code.wireshark.org/review/1236
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I9b0cb7c8602f813fd06f1b3ea6107ed6fe8d72ed
Reviewed-on: https://code.wireshark.org/review/1244
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I5e0e44019ddee4d39fbf2d6204c40c02d3e97c6f
Reviewed-on: https://code.wireshark.org/review/1243
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I5e0e44018eaee4da9fbf2d6204c40c0ad3ea7a6f
Reviewed-on: https://code.wireshark.org/review/1242
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>