The title of a decode_as_t was used by the GTK UI. It's no
longer required for Qt.
Change-Id: Ibd9d4acbe9cad2c1af520340d04e550326a97ebe
Reviewed-on: https://code.wireshark.org/review/33557
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The only place where it's currently called passes it data.
Do a DISSECTOR_ASSERT() check to make sure it's non-null.
Remove null-pointer checks that this renders no longer necessary.
Change-Id: I2fc86f9591a7126d328029379ecfe98400dd01cb
Reviewed-on: https://code.wireshark.org/review/31419
Reviewed-by: Guy Harris <guy@alum.mit.edu>
All exported (via dissector tables and dissector handles) routines that
call dissect_atm_common() first do DISSECTOR_ASSERT(atm_info != NULL),
so dissect_atm_common() will never be called iwth a null data pointer.
dissect_reassembled_pdu() is called only from dissect_atm_common(), so
it also won't ever be called with a non-null data pointer.
Fixes Coverity CID 1442299.
Change-Id: I3b455ac546a6a0cd6aa8ef184c71fda2ca2a0710
Reviewed-on: https://code.wireshark.org/review/31418
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The new table takes unit ((VPI << 16) | VCI) to allow ATM cell payload dissection depending on VPI+VCI combination
Change-Id: I8f958f904749363cafe0046424c3c2bf6a1a5c96
Reviewed-on: https://code.wireshark.org/review/31381
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This will allow the VPI and VCI to be handed to
dissect_atm_cell_payload() in
https://code.wireshark.org/review/c/31381/.
That structure also needs to include the enable_fill_columns_by_atm_dissector
flag; we remove that from the pwatm_private_data_t, which is now private
to the ATM pseudo-wire dissector, and put it in the new structure.
Change-Id: I88f4a9f4b3c4c1c94914311bb883ea38e10ca4b4
Reviewed-on: https://code.wireshark.org/review/31384
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
A funny thing happened on the way to the {ATM, MPLS} Forum.
Change-Id: I8159f9191737febe3e5c4618bbb72ecb4bfc300b
Reviewed-on: https://code.wireshark.org/review/29818
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This was inspired by using the Decode-As UI to decode Field "SSL TCP Dissector"
Value (port) XXX as YYY. "SSL Port" makes more sense as the UI name.
Change-Id: Id6398a5dc79e32bddc4f1bfcf0a468ae1364808f
Reviewed-on: https://code.wireshark.org/review/19573
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Mirror it after protocol dissector API.
Change-Id: I7985bcfa9e07654c7cf005efec94efc205d7a304
Reviewed-on: https://code.wireshark.org/review/18496
Reviewed-by: Michael Mann <mmann78@netscape.net>
Have all dissector tables have a "supports Decode As" flag, which
defaults to FALSE, and which is set to TRUE if a register_decode_as()
refers to it.
When adding a dissector to a dissector table with a given key, only add
it for Decode As if the dissector table supports it.
For non-FT_STRING dissector tables, always check for multiple entries
for the same protocol with different dissectors, and report an error if
we found them.
This means there's no need for the creator of a dissector table to
specify whether duplicates of that sort should be allowed - we always do
the check when registering something for "Decode As" (in a non-FT_STRING
dissector table), and just don't bother registering anything for "Decode
As" if the dissector table doesn't support "Decode As", so there's no
check done for those dissector tables.
Change-Id: I4a1fdea3bddc2af27a65cfbca23edc99b26c0eed
Reviewed-on: https://code.wireshark.org/review/17402
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The number of bytes allocated is small enough not to matter.
Change-Id: I44c2103a87bd41f21e61d0f27648266fdc2be557
Reviewed-on: https://code.wireshark.org/review/15470
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This saves many dissectors the need to find the data dissector and store a handle to it.
There were also some that were finding it, but not using it.
For others this was the only reason for their handoff function, so it could be eliminated.
Change-Id: I5d3f951ee1daa3d30c060d21bd12bbc881a8027b
Reviewed-on: https://code.wireshark.org/review/14530
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Started by grepping call_dissector_with_data, call_dissector_only and call_dissector and traced the handles passed into them to a find_dissector within the dissector. Then replaced find_dissector with find_dissector_add_dependency and added the protocol id from the dissector.
"data" dissector was not considered to be a dependency.
Change-Id: I15d0d77301306587ef8e7af5876e74231816890d
Reviewed-on: https://code.wireshark.org/review/14509
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
Have a dissector that is passed a "struct eth_phdr" pointer, indicating
whether there is an FCS, there is no FCS, or there's maybe an FCS, and
an "eth_maybefcs" dissector, to be called from other dissectors. The
latter takes no data argument.
That obviates the need for callers of the latter to fill in an
"eth_phdr" structure.
Note in a comment that setting the "assume an FCS" preference overrides
a file format handler in Wiretap saying "we have no FCS". I seem to
remember that this might be intentional.
Ping-Bug: 9933
Change-Id: I600e1351d468ab31d48369edb96832d6da3e480c
Reviewed-on: https://code.wireshark.org/review/13432
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's called from some places other than packet-frame.c, at least one of
which currently can't call anything else (the ATM dissector, for
VC-multiplexed bridged frames, where you don't know whether the frames
include the FCS or not), so the frame's pseudo-data doesn't necessarily
have the appropriate "FCS length" value. Have it explicitly check the
data argument, and explicitly pass the appropriate value to it.
Ping-Bug: 9933
Change-Id: I0c75f921d25d1e2b75e476c15ff9625205036b25
Reviewed-on: https://code.wireshark.org/review/13382
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Check for it with DISSECTOR_ASSERT().
Change-Id: I71ba81107f7a4aff21b0f0dbecb5158dc4ff6238
Reviewed-on: https://code.wireshark.org/review/13318
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't use the pseudo-header pointed to by pinfo->pseudo_header; have the
argument either point to a struct atm_phdr or to a pwatm_private_data_t.
Don't *overwrite* the pseudo-header pointed to by pinfo->pseudo_header
if you need to construct an ATM pseudo-header for a dissector; have your
own struct atm_phdr structure, fill it in, and pass a pointer to *that*
to the sub-dissector.
Cleans things up a bit.
Change-Id: I4464924def4de41c625002b2d273592bd529e46e
Reviewed-on: https://code.wireshark.org/review/13270
Reviewed-by: Guy Harris <guy@alum.mit.edu>
While it currently only contains packet_counts, it will hopefully stabilize the capture function signature if more fields are added.
Change-Id: I003552c58043c7c2d67aec458187b12b233057e2
Reviewed-on: https://code.wireshark.org/review/12690
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
These were created from capture dissector functions that had switch statements determine "next" protocol/dissector. The registration decreases the need for function declarations in header files.
Added new capture dissection tables for IP, IPv6, TCP and UDP as that seems like the next logical place to expand
Change-Id: I1ec0cd54eecda4f400669ee5b026bf6e2b46545a
Reviewed-on: https://code.wireshark.org/review/12634
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
They are modeled after dissection dissector tables, but for the moment, don't have/need the flexibility. They are intended to be much simpler/faster than full dissection.
The two most used/needed are "wtap_encap" and "ethertype", so they were the basis of starting to use and test capture dissector table API. Others may be added in the future.
The "capture dissector" function signature needed a bit of tweeking to handling "claiming" of a packet.
The current application of this is capture functions returning TRUE if they affected a "type" of packet count. Returning FALSE ends up considering the packet an "other" type.
Change-Id: I81d06a6ccb2c03665f087258a46b9d78d513d6cd
Reviewed-on: https://code.wireshark.org/review/12607
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This will make it easier to mold into (capture) dissector tables.
Change-Id: Iad63f2c2869782977992a3a072adb020be4b1818
Reviewed-on: https://code.wireshark.org/review/12587
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Capture dissectors could be architected like dissection dissectors, with tables and subtables and possibly using tvbs to pass there data instead of raw byte arrays. This is a first step towards that by refactoring capture_info_packet() to work off of a "capture dissector table"
Registering the capture dissection functions instead of calling them directly also clears up a bunch of dissector header files who sole purpose was providing the capture dissection function definition.
Change-Id: I10e9b79e061f32d2572f009823601d4f048d37aa
Reviewed-on: https://code.wireshark.org/review/12581
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ie39ef054a4a942687bd079f3a4d8c2cc55d5f22c
Reviewed-on: https://code.wireshark.org/review/12485
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Picking off "easy" dissectors that only have one or two exit points at most.
Change-Id: Ie514f126352e7598acc4f7c38db9c61d105d5e48
Reviewed-on: https://code.wireshark.org/review/11850
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The target here is the Decode As dialog where protocols have multiple registrations into a dissector table and that shows up as multiple entries in the Decode As dialog list with the same name so users are unsure which "dissector" they are choosing.
The "default" behavior (done in this commit) is to not allow duplicates for a dissector table, whether its part of Decode As or not. It's just ENFORCED for Decode As.
Bug: 3949
Change-Id: Ibe14fa61aaeca0881f9cc39b78799e314b5e8127
Reviewed-on: https://code.wireshark.org/review/11405
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Have separate dissectors for ATM MPLS pseudo-wire traffic and regular
traffic. That way, we can handle the regular traffic dissectors being
handed private data, e.g. an ATM pseudo-header from libwiretap.
Change-Id: I11e5abfdb1c3a5acc070ddaba8ef53813bc85e1a
Reviewed-on: https://code.wireshark.org/review/8921
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also, set decoded to TRUE after we return from a dissector; that makes
it a bit clearer when we're setting it.
Change-Id: Ief3e999c72954e08d4608b15b49921da294807c1
Reviewed-on: https://code.wireshark.org/review/8284
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also create dissector table for AAL5 subdissectors. This isn't identified as a "Decode As" need, but now the conversion should be easier if that becomes needed.
Change-Id: Ie70318991874de9ef8d95a2853dfceb3c0b94a00
Reviewed-on: https://code.wireshark.org/review/7894
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Use it in the ATM dissector, and use a tvbuff version, so that we don't
do tvb_get_ptr() ourselves.
Change-Id: I0bd3594bc739e0cca447ac06f34a471441cf2e70
Reviewed-on: https://code.wireshark.org/review/3513
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have the wsutil routine just accumulate the stuff from the buffer handed
to us. Have the IUUP dissector deal with the extra stuff. Add a
update_crc10_by_bytes_tvb() routine, which is passed a tvbuff, offset,
and length, and use that rather than using tvb_get_ptr() in dissectors.
Change-Id: Iadd0823c764080e60d1339abb94d2e19150eabfe
Reviewed-on: https://code.wireshark.org/review/3509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ib6024307e85d6c23decf40e9759f549c19ffe136
Reviewed-on: https://code.wireshark.org/review/3318
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ib60ca75b7da8cfa21cfe2999c9b9448a02c332df
Reviewed-on: https://code.wireshark.org/review/2560
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
tvb_new_subset -> tvb_new_subset_remaining it appears that's what the intention is.
Change-Id: I2334bbf3f10475b3c22391392fc8b6864454de2d
Reviewed-on: https://code.wireshark.org/review/1999
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>