Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add ENC_TIME_SECS_NSECS and ENC_TIME_SECS_USECS; they make it more
explicit (especially to those not familiar with UN*X data types) what
the representation is, allow for ENC_TIME_SECS_MSECS etc. if they're
needed, and match names such as ENC_TIME_SECS and ENC_TIME_MSECS.
Change-Id: I6ab36fb4da70563587141cd65ffff8523477b0c4
Reviewed-on: https://code.wireshark.org/review/28564
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add support for 8-byte-seconds/8-byte-nanoseconds and 8-byte-seconds/
4-byte-nanoseconds time values. Use them in the 9P dissector, with
proto_tree_add_item().
Only do the length validity checking for time values in
get_time_value().
Change-Id: I0f1d791d7aa503093a491d2c33300bd55ca7866e
Reviewed-on: https://code.wireshark.org/review/28560
Reviewed-by: Guy Harris <guy@alum.mit.edu>
A few dissectors can benefit from the conversion.
Change-Id: I3b7d54926b79314009e271960aff61870a115390
Reviewed-on: https://code.wireshark.org/review/19826
Reviewed-by: Michael Mann <mmann78@netscape.net>
This emphasizes that there is no such thing as *the* routine to
construct a subset tvbuff; you need to choose one of
tvb_new_subset_remaining() (if you want a new tvbuff that contains
everything past a certain point in an existing tvbuff),
tvb_new_subset_length() (if you want a subset that contains everything
past a certain point, for some number of bytes, in an existing tvbuff),
and tvb_new_subset_length_caplen() (for all other cases).
Many of the calls to tvb_new_subset_length_caplen() should really be
calling one of the other routines; that's the next step. (This also
makes it easier to find the calls that need fixing.)
Change-Id: Ieb3d676d8cda535451c119487d7cd3b559221f2b
Reviewed-on: https://code.wireshark.org/review/19597
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This patch introduces new APIs to allow dissectors to have a preference for
a (TCP) port, but the underlying data is actually part of Decode As functionality.
For now the APIs are intentionally separate from the regular APIs that register a
dissector within a dissector table. It may be possible to eventually combine the
two so that all dissectors that register with a dissector table have an opportunity
to "automatically" have a preference to adjust the "table value" through the
preferences dialog.
The tcp.port dissector table was used as the guinea pig. This will eventually be
expanded to other dissector tables as well (most notably UDP ports). Some
dissectors that "shared" a TCP/UDP port preference were also converted. It also
removed the need for some preference callback functions (mostly when the callback
function was the proto_reg_handoff function) so there is cleanup around that.
Dissectors that has a port preference whose default was 0 were switched to using
the dissector_add_for_decode_as_with_preference API rather than dissector_add_uint_with_preference
Also added comments for TCP ports used that aren't IANA registered.
Change-Id: I99604f95d426ad345f4b494598d94178b886eb67
Reviewed-on: https://code.wireshark.org/review/17724
Reviewed-by: Michael Mann <mmann78@netscape.net>
This saves many dissectors the need to find the data dissector and store a handle to it.
There were also some that were finding it, but not using it.
For others this was the only reason for their handoff function, so it could be eliminated.
Change-Id: I5d3f951ee1daa3d30c060d21bd12bbc881a8027b
Reviewed-on: https://code.wireshark.org/review/14530
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I8512cfa1d424f82a873a0e0e1d22c7b075fdd7f3
Reviewed-on: https://code.wireshark.org/review/13069
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This patch converts some dissectors using g_hash_table_foreach_remove.
- 9p: drop no-op free func.
- nfs: use g_hash_table_new_full such that a destructor function can
be used. Drop NULL check since g_free can handle these just fine.
- nlm: use g_hash_table_new_full such that a destructor function can
be used. Simplify "matched" destruction by replacing the wrapper by
a direct g_free call.
Change-Id: I455e7f0ad4e47e70dae05af7233fdcdebf583f9f
Reviewed-on: https://code.wireshark.org/review/9224
Reviewed-by: Michael Mann <mmann78@netscape.net>
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Part 1 of many
Change-Id: I77a5789ac23388e6a5f8098dc398592f39638124
Reviewed-on: https://code.wireshark.org/review/5532
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
See, for example:
http://code.google.com/p/diod/wiki/protocol#attach,_auth_--_messages_to_establish_a_connection
and
http://code.google.com/p/diod/wiki/protocol#Overview
where the latter says
9P2000.L consists of a subset of the canonical 9P2000
operations, the 9P2000.u attach and auth messages, plus new
operations designed to map to the Linux VFS in a straightforward
way.
so tattach and tauth are the same as 9P2000.u.
Don't throw a dissector assertion of there's data at the end of the
packet; in the particular case that found this bug, yes, it was a
dissector bug, but it could also be a malformed packet, and we should
not throw dissector assertions unless we know *for certain* that the
problem is a dissector bug rather than a malformed packet.
Change-Id: I5ef5d837bccb4e7c4844d31a138aa55a85ec1b60
Reviewed-on: https://code.wireshark.org/review/3758
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ib6024307e85d6c23decf40e9759f549c19ffe136
Reviewed-on: https://code.wireshark.org/review/3318
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix version detection (detect against full string instead of prefix),
properly dissect Tcreate extension field (9p2000.u only), dissect
Tunlinkat flags (9p2000.L).
Refactor pattern to dissect string[s] types for DRY.
Convert to use tcp_dissect_pdus. I have not seen a fragmented case, but
maybe that may happen in the future.
The main motivation for touching 9p was that it returns bogus values
for some types. This has been fixed by properly increasing offset, and
always return the captured length.
Change-Id: If2184204ae9c853b94aca8ade3763d7fe523fa86
Reviewed-on: https://code.wireshark.org/review/2836
Reviewed-by: Christopher Maynard <Christopher.Maynard@gtech.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Also make repetition_coding_indications[] standard terminated.
Change-Id: Ice20e1f27f5ab4d111f893608a230b83899efc9f
Reviewed-on: https://code.wireshark.org/review/2288
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
explicit, and frees up the "generic" names (like tvb_memdup) for new signatures
that take the appropriate wmem pool.
Majority of the conversion done with sed.
svn path=/trunk/; revision=52164
packet-9p.c:342:16: error: not a Doxygen trailing comment [-Werror,-Wdocumentation]
guint16 len; /*< Length of the string */
^~~
/**<
packet-9p.c:343:13: error: not a Doxygen trailing comment [-Werror,-Wdocumentation]
char *str; /*< The string */
^~~
/**<
packet-9p.c:364:15: error: not a Doxygen trailing comment [-Werror,-Wdocumentation]
guint8 type; /*< Type */
^~~
/**<
packet-9p.c:365:19: error: not a Doxygen trailing comment [-Werror,-Wdocumentation]
guint32 version; /*< Monotonically incrementing version number */
^~~
/**<
packet-9p.c:366:16: error: not a Doxygen trailing comment [-Werror,-Wdocumentation]
guint64 path; /*< Per-server-unique ID for a file system element */
^~~
/**<
5 errors generated
svn path=/trunk/; revision=51260
Follow-up on 9P dissector enhancement ( https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8589 )
"fid"s, 9P file descriptors, are valid from the moment it's allocated until
when it's freed. My original patch kept a fid hashtable updated everytime a
packet was dissected in full-view (with a non-null tree)
Attached is a patch that builds a tree for each 9P fid and stores the
corresponding path when it becomes valid/marks it as invalid when it no longer
is.
svn path=/trunk/; revision=51092
Theses patches add alot of new message types for the 9P protocol and its
extensions (most specifically 9P2000.L), while staying compatible with the
legacy protocol (hence the hashtable with conversation information, since
version is only known at handshake)
It is still missing alot of 9P2000.u specifics, but I don't have any server
to test it with. I'm also missing some dump to test legacy, but I'm pretty
confident I didn't break much there as it is mostly compatible, most
differences are handled using different messages, the only one that was
changed would be RERROR.
second diff also adds deeper interpretation of the protocol, by following
the conversation stream and keeping a bigger hashtable associating fid (file
handles) and file names, for easier debugging.
From me: roll the contents of the (new) packet-9p.h back into the C file.
svn path=/trunk/; revision=49363