Change-Id: I4a74120ad1424f2b5aab0a4ef734ff52e5ac1a14
Reviewed-on: https://code.wireshark.org/review/21586
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
1. Fix some typos (in hf_ field names and value_string values)
2. Fix an off-by-on error in blob calculation
3. Bugfix a few field lengths
4. Bugfix offset handling when adding ACN address
Change-Id: Id9e3d205b848ce3767b27ef1fcf02f7faae0be15
Reviewed-on: https://code.wireshark.org/review/20953
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit includes logic used to store pairs of C-RNTIs and U-RNTIs based on allocations in RRC and logic to retrive those when encountering C-RNTIs in the MAC header for DCCH over FACH/RACH.
Change-Id: I629ab061b7a73416e5730a980480b81a1aaade11
Reviewed-on: https://code.wireshark.org/review/21607
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Removes a bunch of duplication set up because commands were all in
different files.
Change-Id: I950bc70da0edcdef7aaf21a43328cf69267f79af
Reviewed-on: https://code.wireshark.org/review/21613
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Display the details for the NodeClassMask and ResultMask values in a
BrowseRequest's BrowseDescription.
As described in OPC UA 1.03 Specification, the value 0 for the
NodeClassMask and the value 63 (0x003F) for ResultMask should results in
returning all the fields in the BrowseResponse.
Display 'All' when those fields have those values
Display a detailled bit tree mask when values are different
Code Change:
Added parseNodeClass and parseResultMask
Use them in parseBrowseDescription instead of parseUInt32
Removed not needed anymore hf_opcua_NodeClassMask, hf_opcua_ResultMask
and their related entries in registerFieldTypes
Change-Id: Ic3ed8630825b5456f91156f06b2203ebfa422155
Reviewed-on: https://code.wireshark.org/review/21446
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The length byte is now highlighted along with the actual data.
Change-Id: I93ce25ad2cd7c790cc23668d354e32c4f5e195c6
Reviewed-on: https://code.wireshark.org/review/21610
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It declares what's defined here, so always include it.
Change-Id: I1d7d5ed071e6f2d53af9ff147ede18b05b98ecd1
Reviewed-on: https://code.wireshark.org/review/21616
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I3a9cddd9c6e47a5c5c48e2e02a32a71413bcf799
Reviewed-on: https://code.wireshark.org/review/13590
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It should be allowed to have an FT_UINT_BYTES hf entry with
BASE_NONE|BASE_ALLOW_ZERO. At the moment, this triggers an assert:
Err Field 'Data block' (image-gif.data_block) is an FT_UINT_BYTES
but is being displayed as (Bit count: 2048) instead of BASE_NONE
For FT_UINT_BYTES entries, we should make the same checks as for
FT_BYTES. Don't fall through to the default case.
Change-Id: I986a9b779d130919d17595f08b3b63306b3956f2
Reviewed-on: https://code.wireshark.org/review/21606
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
GSM Osmux recently got support to bring RTP Marker (M) bit. It should be
mostly backwards compatible as the first bit was reserved and not used
before for the FieldType.
Support was added in libosmo-netif commit e98afe5808176efb60298a2f764e8e11efaf580b
This bit is documented in the protocol documentation recently available: http://ftp.osmocom.org/docs/latest/osmux-reference.pdf
Change-Id: Ia0508971519b3df9499d963404bb8a0e3c4b9c33
Reviewed-on: https://code.wireshark.org/review/21599
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Don't try to compile code that uses pcap if you don't have it.
Change-Id: Ifa98b4ff47783f5347cb6e1129bbf4e5cac35aab
Reviewed-on: https://code.wireshark.org/review/21611
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have a header file that defines HAVE_REMOTE if HAVE_PCAP_REMOTE is
defined, and then includes pcap.h. Replace all other includes of
pcap.h, and the definition of HAVE_REMOTE, with includes of that file.
Check for anything other than wspcap.h including pcap.h in checkAPIs.pl.
Change-Id: I3cbee8208944ad6f006f568b3fe3134e10b2a883
Reviewed-on: https://code.wireshark.org/review/21605
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit 8cd1fd0c99.
Making HAVE_REMOTE a config.h #define is a really horrible idea. It's *NOT* a configuration option.
Instead, HAVE_REMOTE should be defined by other mechanisms, as was done in 79eab8ca07.
Change-Id: I4632b63bd73a25a27c5f4686d2baf3e0beddecb3
Reviewed-on: https://code.wireshark.org/review/21604
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit d13b8ea13c.
This will only work with git HEAD of libpcap, but not with any release versions of libpcap or winpcap (the *pcap includes require the define, not Wireshark).
Change-Id: I08e5ec66e3642dc02f793c83ffc4363bb348202c
Reviewed-on: https://code.wireshark.org/review/21603
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Previously the number of allowed pointers within a message is equal to
the data in a tvb (16575 in one example). This is still expensive, so
implement an alternative detection mechanism that looks for a direct
self-loop and limits the total pointers to about 256.
Bug: 13633
Change-Id: I803873e24ab170c7ef0b881d3bdc9dfd4014de97
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1206
Reviewed-on: https://code.wireshark.org/review/21507
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
WinPcap made the mistake of having stuff in its public header fines
depend on a configuration #define, HAVE_REMOTE; this means that we need
to forcibly define it when building with remote capture support.
The tip of the libpcap master branch does not have that botch; hopefully
future versions of libpcap-for-Windows will be based on that libpcap and
thus lack that botch as well.
Defining HAVE_REMOTE in config.h is not the right fix, as it makes it
look like a *Wireshark* configuration option that code in Wireshark
should test, rather than a *WinPcap* configuration option that the
pcap.h that ships with the WinPcap SDK should have been changed, as part
of the build process, to correctly define or not, so that users of
WinPcap don't have to define it themselves.
Change-Id: I62d1eca6d3c900d0dcc9fbc011db77f595a86313
Reviewed-on: https://code.wireshark.org/review/21593
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The dissector only dissected Write Multiple Parameter by Index requests
correctly.
Now it is possible to dissect the response to the request and
Read Multiple Parameter by Index request and responses.
Bug: 13677
Change-Id: I13aae241690cd3ac9dfbe8129ef56d0fc9016301
Reviewed-on: https://code.wireshark.org/review/21034
Reviewed-by: Christoph Schlosser <christoph@schlosser.xyz>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
After a M_NEXT_EXIST(), you should always have another variable (like
M_UINT, M_TYPE, ...) and not immediately end the structure with
CSN_DESCR_END.
Note that this is a workaround as the current description does not allow
a proper parsing anyway (as the structure is reentrant). But at least it
solves the buffer overflow.
Bug: 13692
Change-Id: I8e607aadcced2d8cc636dc10f9690c5c679ad581
Reviewed-on: https://code.wireshark.org/review/21585
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We never test for it - we test for HAVE_PCAP_REMOTE - so there's no need
to set it in config.h.
While we're at it, note that "PCAP" in "HAVE_PCAP_REMOTE" can refer to
libpcap as well as WinPcap, given that, at least in the tip of the
master branch, you can configure remote support in libpcap, although
it's not enabled by default (it needs to be vetted for security, as it
increases the attack surface of a machine running the server *and* of an
application using libpcap with remote support).
Change-Id: I3c96cf16bbda19ec7c085f74cffc6f125198d45b
Reviewed-on: https://code.wireshark.org/review/21589
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Define it, so the generated parser knows what argument type the function
passed to MateParserAlloc() takes. Use it when declaring
MateParserAlloc().
Change-Id: Ice18fd6b5fdbdb31f527e5d6eb06e78594d4565b
Reviewed-on: https://code.wireshark.org/review/21588
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove the declarations from mate_parser.l, and have mate_parser.h
include mate.h at the beginning of the file, instead.
Move the #if'ed version of the declaration of MateParserAlloc() to
mate.h.
Change-Id: I03ffdd5f093b179ffc0cb0e43eac093f7e4af65c
Reviewed-on: https://code.wireshark.org/review/21587
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Note that, and give a URL for the spec.
Change-Id: I60953ddf2e7934ac273ba808ae4aa662f562917e
Reviewed-on: https://code.wireshark.org/review/21583
Reviewed-by: Guy Harris <guy@alum.mit.edu>
commit d4e9cc75313f05678d0f2ac41962f46c99751e1f
Author: Alan T. DeKok <aland@freeradius.org>
Date: Sun May 7 12:56:57 2017 -0400
added one more attribute
Change-Id: I5821076c2d4f02d82c393a768edd0c77da582a2d
Reviewed-on: https://code.wireshark.org/review/21576
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ib75f637c36be575a85e75fee6282d1a16455bfd6
Reviewed-on: https://code.wireshark.org/review/21572
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Charlie Lenahan <clenahan@sonicbison.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I2e7cecad96390f709c6a135b6059c01712971dfe
Reviewed-on: https://code.wireshark.org/review/21571
Reviewed-by: Charlie Lenahan <clenahan@sonicbison.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I87ff11b7c04cb3b6963d4c8c16df2c3d60a0aec8
Reviewed-on: https://code.wireshark.org/review/21574
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
For an inter-frame gap that couldn't be determined, just add it with
proto_tree_add_uint_format_value() and "Cannot be determined" as the way
the value is displayed.
(But why add it *at all* if it couldn't be determined?)
Change-Id: I491f9a6fe430141a15568e9a7dec3253a1c78cf5
Reviewed-on: https://code.wireshark.org/review/21582
Reviewed-by: Guy Harris <guy@alum.mit.edu>
".bitN" names 1) don't indicate what the bit actually *means* and 2) run
the risk of collisions if the bit in question has a different meaning in
different bitsets.
Combine the "receive case" and "transmit case" bitsets in some cases
where the only difference between the two sets is that some bits are
present only in one set, but if a bit is present in both sets, it has
the same meaning.
Change-Id: Ie1cb9d076e431b30b64ef05acab39efe38193d33
Reviewed-on: https://code.wireshark.org/review/21581
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make some names used for multiple fields more stylistically consistent.
If a bitfield has more than one bit, it's not Boolean - the extra bits
mean it has more values than "true" or "false".
If a bitfield has only one bit, and indicates that something is
true/false, or enabled/disabled, or present/absent, or on/off, or
something else obviously Boolean, it's Boolean.
Change-Id: I89d5e214eb5c4e7f72eb59a78757f0f49fec3dbf
Reviewed-on: https://code.wireshark.org/review/21579
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Libgcrypt is mandatory to build. Do not mark as optional.
Change-Id: Iafbe1cd93f4185e2a9492bb0a21c30a26d8883ce
Reviewed-on: https://code.wireshark.org/review/21575
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
For HT mixed, set it the same way it's set for HT greenfield.
For pre-HT, set it to 0.
Also, for the "unknown" case, set rate_mcs_index to 0.
This should obviate the need to initialize either of those variables,
don't initialize them, so that failing to set them in an arm of the
switch statement shows up as an error if the compiler's dataflow
analysis actually bothers to check this.
Change-Id: I92703770dd5000a579b53609fb93a2085fd9fca3
Reviewed-on: https://code.wireshark.org/review/21573
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Field 'Audio Env.' (ua3g.ip.set_param_req.parameter.audio_env) has a conflicting entry in its value_string: 2 is at indices 2 (Open Space) and 3 (Meeting Room))
Field 'Audio Env.' (ua3g.ip.set_param_req.parameter.audio_env) has a conflicting entry in its value_string: 2 is at indices 2 (Open Space) and 4 (Noisy))
Field 'Audio Env.' (ua3g.ip.set_param_req.parameter.audio_env) has a conflicting entry in its value_string: 2 is at indices 3 (Meeting Room) and 4 (Noisy))
Change-Id: I495f183dd52e59ec64e6eea0df15a5b243d8b87c
Reviewed-on: https://code.wireshark.org/review/21568
Reviewed-by: Nicolas BERTIN <nicolas.bertin@al-enterprise.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I40724306d5facd0f4a5a9ca2354330577857d27f
Reviewed-on: https://code.wireshark.org/review/21563
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It manipulates the epan_dissect_t structure passed into it and then
returns that.
Callers can (and have been) just using the passed in epan_dissect_t
structure anyway.
Change-Id: Ia19d360a7347ff473654eeb553756f59a38f95bd
Reviewed-on: https://code.wireshark.org/review/21570
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
false positive
Change-Id: I8aa2537328a04a64b06142a04ee76705d0df5443
Reviewed-on: https://code.wireshark.org/review/21566
Reviewed-by: Michael Mann <mmann78@netscape.net>