Fixes about 5kB leaks in 500+ allocations.
There are still some other remaining (and not fixed in this patch
because it is hard to track them):
- The g_strdup'ed memory via MATE_PARSE for some types (cannot simply
g_free after use, it is still needed in some cases).
- cfg->transforms and cfg->transport_ranges as used in pdu_decl
(mate_grammar.lemon).
Tested on a http capture with: tshark -o mate.config:tcp.mate -r ...
where tcp.mate is from
https://wiki.wireshark.org/Mate/GettingStarted?action=AttachFile&do=get&target=tcp.mate
Change-Id: I4c06f948136fc30dfcdb56f7ac8a32a2326ae30d
Reviewed-on: https://code.wireshark.org/review/9221
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Fixes a crash / heisenbug in wireshark-qt on startup:
==26808==ERROR: AddressSanitizer: attempting free on address which was not malloc()-ed: 0x7fff8cf3bf70 in thread T0
#0 0x7f42ce3b66da in __interceptor_free /build/gcc-multilib/src/gcc-5-20150519/libsanitizer/asan/asan_malloc_linux.cc:28
#1 0x842847 in WirelessFrame::setChannel() ui/qt/wireless_frame.cpp:257
#2 0x842bf5 in WirelessFrame::on_channelComboBox_activated(int) ui/qt/wireless_frame.cpp:282
#3 0x84407d in WirelessFrame::timerEvent(QTimerEvent*) ui/qt/wireless_frame.cpp:134
#4 0x7f42ba94ea92 in QObject::event(QEvent*) (/usr/lib/libQt5Core.so.5+0x2b0a92)
#5 0x7f42bb6218ea in QWidget::event(QEvent*) (/usr/lib/libQt5Widgets.so.5+0x1948ea)
#6 0x7f42bb71c16d in QFrame::event(QEvent*) (/usr/lib/libQt5Widgets.so.5+0x28f16d)
#7 0x7f42bb5df62b in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/usr/lib/libQt5Widgets.so.5+0x15262b)
#8 0x7f42bb5e4d0f in QApplication::notify(QObject*, QEvent*) (/usr/lib/libQt5Widgets.so.5+0x157d0f)
#9 0x7f42ba91d57a in QCoreApplication::notifyInternal(QObject*, QEvent*) (/usr/lib/libQt5Core.so.5+0x27f57a)
#10 0x7f42ba973b1c in QTimerInfoList::activateTimers() (/usr/lib/libQt5Core.so.5+0x2d5b1c)
#11 0x7f42ba974020 (/usr/lib/libQt5Core.so.5+0x2d6020)
#12 0x7f42cdde7a16 in g_main_context_dispatch (/usr/lib/libglib-2.0.so.0+0x49a16)
#13 0x7f42cdde7c6f (/usr/lib/libglib-2.0.so.0+0x49c6f)
#14 0x7f42cdde7d1b in g_main_context_iteration (/usr/lib/libglib-2.0.so.0+0x49d1b)
#15 0x7f42ba974cfe in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt5Core.so.5+0x2d6cfe)
#16 0x56c8ba in main_window_update wireshark-qt.cpp:128
#17 0xe4b612 in sync_pipe_open_command capchild/capture_sync.c:972
#18 0xe4b823 in sync_pipe_run_command_actual capchild/capture_sync.c:1034
#19 0xe4c590 in sync_pipe_run_command capchild/capture_sync.c:1211
#20 0xe4e9a5 in sync_if_capabilities_open capchild/capture_sync.c:1356
#21 0xe48b7a in capture_get_if_capabilities capchild/capture_ifinfo.c:249
#22 0xdf539a in scan_local_interfaces ui/iface_lists.c:186
#23 0xdf6a65 in fill_in_local_interfaces ui/iface_lists.c:405
#24 0x56e49d in main wireshark-qt.cpp:1154
#25 0x7f42b81c178f in __libc_start_main (/usr/lib/libc.so.6+0x2078f)
#26 0x56ba58 in _start (wireshark+0x56ba58)
AddressSanitizer can not describe address in more detail (wild memory access suspected).
SUMMARY: AddressSanitizer: bad-free /build/gcc-multilib/src/gcc-5-20150519/libsanitizer/asan/asan_malloc_linux.cc:28 __interceptor_free
Change-Id: I63744261096b3cfd0eddcf75bcf85103a3f0788d
Reviewed-on: https://code.wireshark.org/review/9220
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Python 3 has removed the cmp function for sort functions, relying on a
key function instead.
Tested with Python 2.7.10 and 3.4.3.
Change-Id: Id571b836304528ecc3b23a0f8a2843c4538c3e1b
Reviewed-on: https://code.wireshark.org/review/9212
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It either points to col_item->col_buf (which we explicitly free) or to
a static string.
Change-Id: I4d6db3fa16e69a4321be9d01076026c024df9a00
Reviewed-on: https://code.wireshark.org/review/9219
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Split the nsis_package target into nsis_package_prep which has
dependencies and nsis_package which has no dependencies and as a result
blindly builds the package. Remove the nsis_uninstaller target since
that's now handled by nsis_package_prep. Nsis_package_prep *should*
also take care of the dependencies for portableapps_package, but that
hasn't been tested.
Update the Developer's Guide.
This requires coordination with the Windows buildbots.
Change-Id: Ib9e3141832c782355135a1637fba5a07c2ca4ba1
Reviewed-on: https://code.wireshark.org/review/9217
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The RRC ASN.1 definitions resulted in a decode error in Python because
the file is encoded as windows-1252 instead of UTF-8. This patch makes
the tool more forgiving in handling windows-1252 encodings.
Tested with Python 2.6.9, 2.7.10, 3.4.3.
Change-Id: I9c9269e1065c98b8bcfb57ab4bfd21d5e183a656
Reviewed-on: https://code.wireshark.org/review/9133
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: Ib982662db6cf68730a7d121eac60d9bc5ae67429
Reviewed-on: https://code.wireshark.org/review/9195
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We're already only setting it for 11b and 11g; this makes it a bit
cleaner, e.g. we don't need to say "oh, wait, we *don't* have short
preamble" for 11n and 11ac.
Change-Id: Idcf3e8c93d6a417f0319e4bd33247b98f07b6052
Reviewed-on: https://code.wireshark.org/review/9209
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If we don't know whether space-time block coding is being used, we don't
know the number of space-time streams, so don't try to calculate it and
don't put it into the protocol tree.
Mark it as generated, while we're at it, as it's not a value from the
radiotap header, and make it a guint.
Change-Id: Ib0b14f2f4f94e042d034311e10bb96b9b29a9d3e
Reviewed-on: https://code.wireshark.org/review/9206
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If we don't know whether space-time block coding is being used, we don't
know the number of space-time streams, so don't try to calculate it and
don't put it into the protocol tree.
Change-Id: I7ffd1b0e79e45fee526305846aadca04eb135b11
Reviewed-on: https://code.wireshark.org/review/9205
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Found by Pascal Quantin.
Change-Id: I843db0c1d28bcd4714799285da5e1ea8a81307a1
Reviewed-on: https://code.wireshark.org/review/9204
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't set PHDR_802_11_HAS_SHORT_PREAMBLE or phdr.short_preamble unless
we have the flags bits from the Flags field.
Discovered by Pascal Quantin by running valgrind on the capture from bug
11317.
Change-Id: I7e91dea116f6cc977101b7b5e76067021f68a0bf
Reviewed-on: https://code.wireshark.org/review/9203
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The assignment of a short to a guint8 in packet-ieee80211-radiotap.c line 1696
generates a narrowing warning.
In my reading of the spec which shows the field as 9 bits,
and looking at the hf fields for this item I think it should be a guint16.
Change-Id: Ic7785c2bfc66d72f7b1e914b1a46f32079fc99d9
Reviewed-on: https://code.wireshark.org/review/9197
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
We really need a better way to handle packet offset overflows.
Change-Id: I6e476f7bc6ddac2c5515c4e09192d88f528ea091
Reviewed-on: https://code.wireshark.org/review/9194
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I59b43e8d4efe8320cf17c6dd086440d3522ef247
Reviewed-on: https://code.wireshark.org/review/9183
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
flag up a warning if a ui class file is included from the current
directory by using #include ""
Visual Studio needs #include <> to make sure that we always pick up
these files from the build directory if we're building with CMake
combine this check with the other check for gcrypt.h so that included
files are checked in one common subroutine
Change-Id: If8420ff5886f8eb2a71aa8fbfe6bc5d2bda607ce
Reviewed-on: https://code.wireshark.org/review/9189
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I320386b02bea09658636a9281ee3cbba34a5e4cd
Reviewed-on: https://code.wireshark.org/review/9188
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The low-order bit of the field indicates whether it's the HT or VHT
version.
Show subfields as part of a 32-bit bitfield; few subfields begin and end
on a byte boundary (the Link Adaptation Control field no longer does so;
its low-order reserved bit became the VHT flag).
Update references to the 11n spec.
Update a comment.
Change-Id: I9fcb99a5517afb319b67d4deb2355c7cb0be73b6
Reviewed-on: https://code.wireshark.org/review/9191
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I969efbaeda75d2790165a6cbc214f58f1bd0ba7f
Reviewed-on: https://code.wireshark.org/review/9190
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Rather than having a separate "802.11 HT" dissector, just look for the
802.11n (HT) PHY.
(As a side-effect, This also causes PPI HT frames to have the radio
information dissected by the wlan_radio dissector, as is the case with
other 802.11 frames accompanied by radio information.)
Change-Id: I854c42e19481a17767e64a3b92222b09dbaa02dd
Reviewed-on: https://code.wireshark.org/review/9185
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This gives a chance to perform RTP reassembly when "Try to decode RTP outside of conversations"
option is activated.
Bug: 11310
Change-Id: Ic8bd9532a88a072c3cb1f1907cf7117b5072a954
Reviewed-on: https://code.wireshark.org/review/9175
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Plain 'wireshark' is now the Qt version, and 'wireshark-gtk' is the GTK version.
Change-Id: I893d6ae9a205998e191cbf6160cf27fcfd09bb4d
Reviewed-on: https://code.wireshark.org/review/9181
Reviewed-by: Evan Huus <eapache@gmail.com>
(Try to keep the same indentation style within a single switch
statement, at least.)
Change-Id: I5b349fd90881d1a1d2be377a291bfceda56476aa
Reviewed-on: https://code.wireshark.org/review/9180
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's a bogus warning, but not all compilers do enough dataflow analysis
to figure that out.
Change-Id: Iebc1fffab87e83b16210003b60aae2333e0b5ec9
Reviewed-on: https://code.wireshark.org/review/9179
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- Add option to stop capture after X files are created
- Increase the max value for number of packets / files / bytes / seconds from 1000 to INT_MAX
- Fix capture name file selection
Change-Id: I9fb8eeaa925e5bd5380bb654686575f41126546a
Reviewed-on: https://code.wireshark.org/review/9162
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The whole radix tree thing is kind of neat (and may even be more performant for
short strings?) but it's really confusing to reason about and is terribly
inefficient for long strings.
Ping-Bug: 9078
Change-Id: I1bd333918a6e557801e82f4553d386120138065e
Reviewed-on: https://code.wireshark.org/review/9165
Reviewed-by: Evan Huus <eapache@gmail.com>
Add more fields to the metadata to handle everything radiotap has, and
show them.
Call the FEC type field just "FEC", and have it be an integer field with
0 meaning BCC and 1 meaning LDPC, rather than a Boolean.
11ac doesn't have *an* MCS, it can have up to 4, one per user.
Label the 11ac bandwidth values the same way we do in the radiotap
dissector.
Change-Id: I2c2415baff3e5d68d49dda497980e8271d26b1f6
Reviewed-on: https://code.wireshark.org/review/9176
Reviewed-by: Guy Harris <guy@alum.mit.edu>
into Information column in typical fashion (append) instead of
just in reversed order (prepand)
Change-Id: Id78c307fc6d34a378ac7b9335ac1e578837b08a6
Reviewed-on: https://code.wireshark.org/review/9170
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Icaca74f7d5038b4e2e232fb499933219b322e02d
Reviewed-on: https://code.wireshark.org/review/9159
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
It will avoid losing precision in case of export from a nseclibpcap input file.
As Wireshark is probably the only tool able to read this link type, we do not need to bother with compatibility.
Change-Id: Iea5b5c88b02ff4799c255f795be2469a091161fe
Reviewed-on: https://code.wireshark.org/review/9171
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The payload dissection now only includes the remaining bytes,
even if the actual number of payload bytes should be bigger.
An expert Info is added, to inform the user, that the trace was
truncated, but the payload is still given to a sub-dissector,
as it may contain valid information
Change-Id: Iefef78e7c7aed7f87e40875f345ff5debf364f3a
Reviewed-on: https://code.wireshark.org/review/9124
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For out-of-tree builds you have to pass the location of your build to our tools
like the fuzz script, valgrind script etc. Modify them so that the value can be
set in the environment rather than requiring a shell script flag.
Set the environment variable in the vagrant provision step, so that the scripts
Just Work (TM) in the VM.
Change-Id: If8ce6b278176085ba6dd994137b82fc989b80124
Reviewed-on: https://code.wireshark.org/review/9168
Reviewed-by: Evan Huus <eapache@gmail.com>