A few of them just needed scratch memory, so allocate and free it
manually after doing any exception-raising checks.
A few others were returning memory, and needed conversion to accept a
wmem scope argument.
This is a new check added to check_typed_item_calls.py --label
Ignoring cases where item type is FT_NONE, as fpr tjpse
text was appended that otherwise would lack a colon.
1. New EtherNet/IP commands and Common Packet Formats
2. CIP Security: Attributes (These go better in enip vs cip dissector)
3. TCP/IP object: Improve existing attribute parsing
4. Certificate Management Object: Attribute
5. Add units for some existing types
6. Correct hf_ size mismatch
1. Connection Manager parameter is called 'Redundant Owner' instead of 'Exclusive'
2. Add new CIP Class Names
3. Support new time types: UTIME, STIME, NTIME
4. Add units to data type
This header was installed incorrectly to epan/wmem_scopes.h.
Instead of creating additional installation rules for a single
header in a subfolder (kept for backward compatibility) just
rename the standard "epan/wmem/wmem.h" include to
"epan/wmem_scopes.h" and fix the documentation.
Now the header is installed *correctly* to epan/wmem_scopes.h.
Most of the time, the return value tells us nothing useful, as we've
already decided that we're perfectly willing to live with string
truncation. Hopefully this keeps Coverity from whining that those
routines could return an error code (NARRATOR: They don't) and thus that
we're ignoring the possibility of failure (as indicated, we've already
decided that we can live with string truncation, so truncation is *NOT*
a failure).
These were detected by running check_typed_item_calls.py
with --consecutive, which flags items that have different
labels but the same filter string. Usually this is because
of copy/paste.
Quite a few similar bugs still exist, will address in a future commit.
Notes:
1. There are no functionality changes with this delivery
2. This change is to reduce manual copying between structs. This will make it easier to add upcoming feature changes, and fix some connection handling issues (future merge requests).
3. Combine enip_conn_val_t and cip_conn_info_t. Previously, there were 2 different structs to track information about an overall CIP Connection.
Notes:
1. There are no functionality changes with this delivery
2. cip_connID_info_t describes a one-way connection. Each CIP Connection includes 2 of these. Previously, each operation was duplicated for each direction.
3. This change is to reduce copypaste, simplify logic, and make it easier to add upcoming feature changes, and fix some connection handling issues (future merge requests)
Changes:
1. Extract Method: get_conversation_info_one_direction
2. dissect_net_param16/dissect_net_param32: Parse and set data into cip_connID_info_t
- refactoring of B&R specific company naming
Change-Id: Ic8533617f61f5bee009e1d00ebc323e00f28b3e8
Reviewed-on: https://code.wireshark.org/review/37851
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The static arrays are supposed to be arrays of const pointers to int,
not arrays of non-const pointers to const int.
Fixing that means some bugs (scribbling on what's *supposed* to be a
const array) will be caught (see packet-ieee80211-radiotap.c for
examples, the first of which inspired this change and the second of
which was discovered while testing compiles with this change), and
removes the need for some annoying casts.
Also make some of those arrays static while we're at it.
Update documentation and dissector-generator tools.
Change-Id: I789da5fc60aadc15797cefecfd9a9fbe9a130ccc
Reviewed-on: https://code.wireshark.org/review/37517
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Dissect the Motion Configuration Block from the Forward Open
2. Add Motion Attributes related to #1
3. Save the first/last segment for certain segment types in an EPATH.
Behavior changes based on the values in first segments for a given type,
vs later segments.
Change-Id: Id0552a585d158041c13adfa50f4bb164cada79b7
Reviewed-on: https://code.wireshark.org/review/37168
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Electronic Key Segment: Add support for Serial Number Key Format
2. Electronic Key Segment: Display more values in generated (response) output
3. Display Route/Connection Path in response data
4. Add more device types, class names
5. Minor display improvements to text strings, units for clarity
Change-Id: Ie7738cb395579674db448535474444da49b5b297
Reviewed-on: https://code.wireshark.org/review/37156
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This matches the wording in the Spec.
Change-Id: I566da78e88ff5aaa832c657dd74b5c590ee6b4aa
Reviewed-on: https://code.wireshark.org/review/36479
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use Unit and Transaction Identifier to identify the correct request to a
response.
The Transaction Identifier is only available in Modbus TCP.
Bug: 15698
Change-Id: Ic3a279ce200bee9e9274aaec66bd9dc2f1c096b9
Reviewed-on: https://code.wireshark.org/review/34274
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove most cases where we were processing CI_GRC_SERVICE_ERROR as a
success condition.
Leave CI_GRC_SERVICE_ERROR in some cases where this may make sense, eg:
Modbus embedded messages may still want to be parsed as the embedded
format.
Bug: 15669
Change-Id: I44cae1ea8d3bacd6291a3118750f8a9e825de044
Reviewed-on: https://code.wireshark.org/review/32874
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Some buffer size checking was off by 1.
Change-Id: Ib99da61f476b6f20abe40311fd2112a8693a7878
Reviewed-on: https://code.wireshark.org/review/31946
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Show 3 digits of precision after the decimal place for API/RPI when
displaying in ms.
2. Remove displaying the value as hex microseconds.
Change-Id: I483739c13ff0e02bd773b5207b41a5eec6c23289
Reviewed-on: https://code.wireshark.org/review/31583
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
SNN = Safety Network Number
No functional/parsing changes.
Changes:
1. Fix some display fields and filter names that previously used the
incorrect ssn naming.
2. Changed all variable names in a similar way.
Change-Id: I7bdc52a5aef31a9c6007545d5a79c99bab6cd184
Reviewed-on: https://code.wireshark.org/review/31549
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
DATE_AND_TIME struct is actually time then date. We were previously
parsing it as date then time.
Change-Id: I7367b5502318de32b7c9e7fd170ae58de4c3347f
Reviewed-on: https://code.wireshark.org/review/31431
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
dissect_cip_cm_data() was getting hard to read so:
1. Pull out some some logic into separate functions
dissect_cip_cm_unconnected_send_req
dissect_cip_cm_fwd_close_req
dissect_cip_cm_fwd_close_rsp_success
2. Reduce the scope of some variables.
No functional changes
Change-Id: I40c3dd5d2505b29991589ede4752c383348006ec
Reviewed-on: https://code.wireshark.org/review/31051
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Extra data could be an indicator of a problem, or it could be that we
haven't added support in Wireshark for it yet. Either way, it's helpful
to show it, instead of hiding it.
Changes:
1. Show unparsed data in the CIP CM dissector
2. Clean up some offsets
Change-Id: Ieebe208aab1f293f97a8774a6a4de5d5dbd3df67
Reviewed-on: https://code.wireshark.org/review/31003
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add cip.connection. This works just like tcp.stream, but for CIP
connections. This is added to CIP connected messages and the Forward
Open/Close messages.
Change-Id: Ib358c00dc0a4fd61065cb22b0e9b574ac43a44a4
Reviewed-on: https://code.wireshark.org/review/30984
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. For each connected data message, display generated connection
information including:
a. Connection Path from the initial connection
b. API values
c. Forward Open packet number. (This already existed, but moving it to a
consistent place in the tree)
2. Display O->T or T->O in the Info column depending on the direction of data.
3. Remove cip.conn_path_class filter. This was originally added to show
which type of data is in a given packet. But, it's not really needed
anymore because we have the generated connection path in each connected
data packet now.
4. Ensure dummy structs used for Decode As menus are zeroed out.
5. memset -> zero initialization
pcaps from the following bug reports are good examples:
Bug: 14939
Bug: 6617
Bug: 14916
Bug: 14958
Change-Id: I63885a5ca41f95e04f855a1e1dcd9ab3684f7eec
Reviewed-on: https://code.wireshark.org/review/30808
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>