Try to retrieve the per packet info data first, and create it if
it doesn't exist, rather than assuming it is there on the second
pass. Prevents segfaults in cases with strange TCP sequence issues
(that still show up as bugs in the TCP dissector.) Fix#17737.
There are a bunch of near-identical macros here, but I'm gonna change
one at a time or else the builder times out at the number of files
changed in one merge.
A few of them just needed scratch memory, so allocate and free it
manually after doing any exception-raising checks.
A few others were returning memory, and needed conversion to accept a
wmem scope argument.
DCP Frames with Reserved Option dissection changed
short time ago. There isn't a predefined suboption
for Reserved option in the standard. But in this
implementation it dissected like control suboption.
This is not true and creates malformed frames in some
dcp pcaps. This implementation is reverted.
Wireshark will dissect undefined bytes as paddings
just like before.
This header was installed incorrectly to epan/wmem_scopes.h.
Instead of creating additional installation rules for a single
header in a subfolder (kept for backward compatibility) just
rename the standard "epan/wmem/wmem.h" include to
"epan/wmem_scopes.h" and fix the documentation.
Now the header is installed *correctly* to epan/wmem_scopes.h.
Automated find/replace of wmem_packet_scope() with pinfo->pool in all
files where it didn't cause a build failure.
I also tweaked a few of the docs which got caught up.
Fixes pre-commit warning
"wimax.dcd.dl_burst_profile_multiple_fec_types doesn't match PROTOABBREV"
All the other fields of this dissector use `wmx` not `wimax`.
GSML parsing has a bug related to multiple submodules,
such that, the first submodule found in the GSDML needs
to be the PROFIsafe element, otherwise the description
is not parsed.
If there is DCP SET block with 0 block length, it is dissected
as erroneous block since DCP SET block can not have 0 block
length. Moreover, DCPBlockLength is not decoded if DCP option
and suboption is 0. However, each DCP block must have
Option/Suboption/DCPBlockLength. This is also fixed.
Replace most instances of ws_debug_printf() except in
epan/dissectors and dissector plugins.
Some replacements use printf(), some use ws_debug(), and
some were removed because they were dead or judged to be
temporary.
When dissecting messages with multiple API types
within the same message, the parsing of the connect
request fails to take all elements into account.
This results in only partial parsing of the elements.
This fix ensures that all parts of the message are taken
into account and dissected correctly.
Most of the time, the return value tells us nothing useful, as we've
already decided that we're perfectly willing to live with string
truncation. Hopefully this keeps Coverity from whining that those
routines could return an error code (NARRATOR: They don't) and thus that
we're ignoring the possibility of failure (as indicated, we've already
decided that we can live with string truncation, so truncation is *NOT*
a failure).
According to specification, size of PROFINETIOServiceResPDU
is calculated and checked under dissect_RSI_RSP_block
function. Moreover, dissect_rsi_blocks function is added and
type of PDU and operation number (Opnum) are checked before
dissection starts.
The '/codecs' dir was removed in g63af1da7e7.
Avoid using include_directories(), prefer target_include_directories().
Remove some unnecessary CMAKE_CURRENT_*_DIR includes and some other
small cleanups while at it.
I believe this was the original intention, to use these API restricitons
with dissectors only (not that I necessarily agree with that policy either),
and through copy-paste and lack of clear guidelines it spread to other
parts of the build.
Rename the checkAPI groups to make it very clear that this is dissector-only.
This doesn't mean, of course, that good programming practices shouldn't be
followed everywhere. In particular assertions need to be used properly.
Don't use them to catch runtime errors or validate input data.
This commit will be followed by another removing the various ugly hacks
people have been using to get around the checkAPI hammer.
COContainerContent dissects PDInterfaceMrpDataAdjust and
PDInterfaceMrpDataAdjust dissects remaining COContainerContent
because of offset problem. Offset problem is fixed.
Instead of having the source file containing the top-level registration
routine for the pinfo_stats_tree plugin checked into our repository,
generate it with tools/make-plugin-reg.py, as we do with other plugins.
While we're at it, fix a comment - "DLL" is a Windows term; the
equivalent term in UN*Xes would be "shared object" ("so" or ".so") or
"dynamic library" ("dylib" or ".dylib").
Current Profinet Spec includes additional RSI features.
As a result, new file is added for PN-RSI protocol.
DCP substitutions related to RSI are added under PN-DCP.
PDRsiInstances record is added under PN-IO.
When creating a _mate_cfg_gog, instead of
allocating space for a `_mate_cfg_gop`,
allocate space for a _mate_cfg_gog. Also, use
`g_new` instead of `gmalloc`.
Adds a pre-commit hook for detecting and replacing
occurrences of `g_malloc()` and `wmem_alloc()` with
`g_new()` and `wmem_new()`, to improve the
readability of Wireshark's code, and
occurrences of
`g_malloc(sizeof(struct myobj) * foo)`
with
`g_new(struct myobj, foo)`
to prevent integer overflows
Also fixes all existing occurrences across
the codebase.
1) Allow AVP_DEBUGGING settings to be made from Preferences, iff compiled so.
2) Flush MATE/AVP debug output once sequential packet parse has completed.
when a new AR is established between devices which already
has another AR, same station_info was used and it caused wrong
dissection problem of IOCS and IOData objects of related AR.
In order to fix problem, new struct is added in order to match
station_info and corresponding ARs. New struct is used for
keeping ARUUID, related inputCR and outputCR frame IDs and
setup/release frame numbers of ARs. ARUUID's are used for
adding station_info data to their corresponding conversations.
If matching ARUUID and Frame IDs are found in RTC frame
dissection, then corresponding IOCS and IOData objects are
dissected.
Remove the --check-addtext and --build flags. They were used for
checkAddTextCalls, which was removed in e2735ecfdd.
Add the sources in ui/qt except for qcustomplot.{cpp,h}. Fix issues in
main.cpp, rtp_audio_stream.cpp, and wireshark_zip_helper.cpp.
Rename "index"es in packet-usb-hid.c.
There are undefined bytes which must be included in DHCP
suboption block according to DCP Block Length. In other
words, there are still bytes after dissection of defined
parameters finish but DCP block length does not finish.
In order to solve the problem, these bytes are included in
DHCP suboption block and marked Undefined. The byte number
can be 1, so bytes word in pn_user_data is changed to byte.
Change-Id: I2be23b41a9827f9c2159b97a05658ddf557865cf
Reviewed-on: https://code.wireshark.org/review/38203
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
This commit replaces instances of
(myobj *)wmem_alloc(wmem_X_scope(), sizeof(myobj))
and replaces them with:
wmem_new(wmem_X_scope(), myobj)
to improve the readability of Wireshark's code.
Replacements were made with the following Python script:
import os
import re
import sys
pattern = r'\(([^\s\n]+) ?\*\) ?wmem_alloc(0?)\((wmem_[a-z]+_scope\(\)), sizeof\(\1\)\)'
replacewith = r'wmem_new\2(\3, \1)'
startdir = sys.argv[1]
for root, dirs, files in os.walk(startdir):
for fname in files:
fpath = os.path.join(root, fname)
if not fpath.endswith('.c'):
continue
with open(fpath, 'r') as fh:
fdata = fh.read()
output = re.sub(pattern, replacewith, fdata)
if fdata != output:
print(fpath)
with open(fpath, 'w') as fh:
fh.write(output)
Change-Id: I223cb2fcce336bc99ca21c4a74e4cf758fd00572
Reviewed-on: https://code.wireshark.org/review/38088
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There were some cases which has zero remaining data
and it was causing an error.
Remaining Data length check added.
Change-Id: Ib0132d892e871c0f7980ff297d18c276aee26ba6
Reviewed-on: https://code.wireshark.org/review/37815
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
According to specification, problematic Block Decode
is fixed.
Change-Id: I0d1a13a26771231eb6f05b18325ee2bb94e975bc
Reviewed-on: https://code.wireshark.org/review/37813
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This true_false_string does not provide anything in relation to the whole
bitfield. The field itself is questionable as a boolean anyway.
This is reported by the conflict checker.
Change-Id: I4a67db6755038b5a07ce4402181a0ea2a3a2b392
Reviewed-on: https://code.wireshark.org/review/37710
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The static arrays are supposed to be arrays of const pointers to int,
not arrays of non-const pointers to const int.
Fixing that means some bugs (scribbling on what's *supposed* to be a
const array) will be caught (see packet-ieee80211-radiotap.c for
examples, the first of which inspired this change and the second of
which was discovered while testing compiles with this change), and
removes the need for some annoying casts.
Also make some of those arrays static while we're at it.
Update documentation and dissector-generator tools.
Change-Id: I789da5fc60aadc15797cefecfd9a9fbe9a130ccc
Reviewed-on: https://code.wireshark.org/review/37517
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The 8 combinations of the display address, control, and tag were being
handled as 8 separate cases in `dissect_display_switch()`. This resulted
in duplicated, inconsistent code. Some paths resulted in bug #15219
while others did not have this problem.
I believe I have been able to combine them all into a single case branch
which handles each aspect correctly. I am not a UNISTIM expert and
welcome more knowledgeable reviewers.
Bug: 15219
Change-Id: Ie3eee8e19c10daab27c1df599ce0d03b52f69205
Reviewed-on: https://code.wireshark.org/review/37190
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make sure we have enough data for a CRC.
Bug: 16368
Change-Id: I03a2532061a5cf5e28cb65c83dd4ab90654d1679
Reviewed-on: https://code.wireshark.org/review/36048
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Bug at dissection of ARData is fixed. Moreover,
there is also bug in DCP's DHCP suboption and it
is also fixed.
Change-Id: I185e66f957f330dae587fc63b76cd50f567f5f9b
Reviewed-on: https://code.wireshark.org/review/35974
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
According to specification, missing profienergy records
and alarms are dissected.
Change-Id: I36eec046f0aff7f4b1235e50b6dc469847c1ac8d
Reviewed-on: https://code.wireshark.org/review/35389
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
According to specification, redundancy bit values in
packet-pn-rt.c are swapped. Moreover, endpoint type
was changed by Change 30821 and became ENDPOINT_NONE.
It has caused an error since related conversation can
not be found with its endpoint (ENDPOINT_UDP). Finally,
it is detected that when PNIOStatus is error, dissection
still continues but there is no data to dissect. This
defect is also fixed by this commit. (This change also
includes one fix for dead store.)
Change-Id: I09a07fd0027c4485ba84651e969b3de9d0012b5c
Reviewed-on: https://code.wireshark.org/review/35158
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
According to specification, padding in SRLData block
will be adapted to make the block unsigned32 aligned.
2 bytes padding is changed to unsigned32 aligned.
Change-Id: I78729a491cd5245acaff07fe595664187c2bf39e
Reviewed-on: https://code.wireshark.org/review/34979
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
According to specification, ranges for manufacturer data
are modified for both DCP and MRP. Small fixes are done.
Change-Id: I08fa8a8b04e8b82ade7f6a275774cfcbdb490495
Reviewed-on: https://code.wireshark.org/review/34755
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For the same reason as in g89c9d909.
Change-Id: I5e344ebdf8ba05d169484aa32b409d84edc6124f
Reviewed-on: https://code.wireshark.org/review/34943
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix dead store (Dead assignement/Dead increment) Warning found by Clang
Change-Id: Ic06613b355e2ad5e4128e0040fc540476aed425a
Reviewed-on: https://code.wireshark.org/review/34905
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
GUIDs of the OPC UA protocol are always encoded in little endian format.
Using the default RFC4122 decoder assumes big endian and results in displaying
wrong values.
Change-Id: I0c2f60ca2f1c0ae118e8388ec58291dc0d1222b9
Reviewed-on: https://code.wireshark.org/review/34790
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
According to specification, Normal (non-DFP) RTC3 frames
are not decoded as subframes. However, undecoded data was
not shown at the tree. The undecoded data text is added
Change-Id: Ib6ffd750c81d05318d9b81debd73a1f8022bbbb7
Reviewed-on: https://code.wireshark.org/review/34698
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Use switch statement for request/response functions
2. Reorder functions to limit the need for forward declarations
3. Use proto_tree_add_item_ret_uint and proto_tree_add_item_ret_length to
limit "duplicate" functionality.
4. Create initial (simple) request/response matching. This can probably be
improved upon.
5. Use the request/response matching structures to pass (ioctl) context between
request and response.
Change-Id: I3f4c16c07f4b3aa9556d229d003a4842ff118cd9
Reviewed-on: https://code.wireshark.org/review/34404
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 16020
Change-Id: I59c24d3bdb3f3a85f6e498683594ee12db9642a8
Reviewed-on: https://code.wireshark.org/review/34392
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If we do it after trying to fetch packet data, the attempt to fetch
might throw an exception, and the structure won't be fully initialized.
Bug: 15934
Change-Id: If50a8c18232d934c1e33512cddb40a011a4eaef7
Reviewed-on: https://code.wireshark.org/review/34087
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use proto_tree_add_item_ret_display_string() routines to add strings
if we want to display the string's value in a column, and just use
proto_tree_add_item() if we don't need the string's value. That way,
all strings are fetched using an encoding value, to properly map to
UTF-8, and, if necessary, are formatted for display.
Add comments asking about encodings.
Change-Id: I32dbdf17c90e77cc080d6132c740c8c5d19ef4c5
Reviewed-on: https://code.wireshark.org/review/33997
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
VisibleString does, in fact, mean ASCII in PROFINET.
Put a space after a comma.
Change-Id: I0b9da9599ddd5429736dff598e5c37e9cac88bc6
Reviewed-on: https://code.wireshark.org/review/33996
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use proto_tree_add_item_ret_display_string() routines to add strings if
we want to display the string's value in a column, and just use
proto_tree_add_item() if we don't need the string's value. That way,
all strings are fetched using an encoding value, to properly map to
UTF-8, and, if necessary, are formatted for display.
Add comments about fields that have type VisibleString, asking whether
that means "ASCII" or "just the "Basic" part of ISO 646", where the
latter is ENC_ISO_646_BASIC.
Add a comment about fields using "The definition of IETF RFC 5890" -
that means "Punycode", but I don't think we map Punycode to Unicode;
perhaps we should. Also ask whether that also implies RFC 1035's
encoding of domain names as sequences of counted strings.
Change-Id: Ie8d5bc18d2846f8d723019b22f69a50ce55f9a9b
Reviewed-on: https://code.wireshark.org/review/33986
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
João Valverde