1. Switched to common way to parse Get Attr All, using dissect_cip_get_attribute_all_rsp, for CCO (class version) and CIP Validator. This also fixed a missing attribute in the old CIP Validator code.
2. Add cip_string2 attribute implementation
3. For CIP Validator, set the protocol as "CIPS Validator", previously this was "CIPS Supervisor".
4. For classes with subdissectors, add the service to the Info column in the response.
Change-Id: Id9593ca39497261075df8146cf63ee9581462e2a
Reviewed-on: https://code.wireshark.org/review/14837
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Cast the value before multiplication to prevent overflow.
Change-Id: I673e9e3e869e326ba3d23c3a2100e274e9dc7566
Reviewed-on: https://code.wireshark.org/review/14823
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Alas, QByteArray's constructor takes an int, not a size_t, as a size.
Explicitly cast the size down to an int.
Change-Id: Idc24b5920e8e417dd8555628d685f94224fe47e1
Reviewed-on: https://code.wireshark.org/review/14836
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make FollowStreamText a subclass of QPlainTextEdit instead of QTextEdit.
For large amounts of text, the former should be less unbearably slow
than the latter. Increase the maximum stream size to 500MB. This isn't
perfect but it's much more usable than 2MB and much easier than the next
step, which is to write our own text display widget.
Process UI events while we fill in the stream data. This gives us
behavior similar to the GTK+ UI and is similar to what we do in other
dialogs.
Switch from g_memdup+g_free to a QByteArray in the Qt UI and GByteArray
in the GTK+ UI.
Don't call readStream twice.
Make sure we free all of our stream data in the Qt UI. This fixes a
serious memory leak.
Ping-Bug: 11777
Change-Id: Ibad9bde86692ae07a80660566d1e661ab8b64601
Reviewed-on: https://code.wireshark.org/review/14271
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
if the first length byte is 0xff, the actual length is the last
two bytes interpreted as little endian
Change-Id: I098ce428888147ad9ca0a30c3ed451d1f89eace7
Reviewed-on: https://code.wireshark.org/review/14834
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Use %option extra_type= rather than #defining YY_EXTRA_TYPE.
Change comments to reflect that the state structure is used both by the
lexical analyzer and the parser.
Change-Id: I19a81de61cbd6e86d71154f376ef0681cc6d42fb
Reviewed-on: https://code.wireshark.org/review/14826
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Obviate the need for libtool bug work around.
Requires libtool 2.2.2 as the first fully working release of the
2.0 branch.
Change-Id: I925f44f06b4c8e3bb06d356308afe1bde1b149f3
Reviewed-on: https://code.wireshark.org/review/14811
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
AC_OUTPUT with arguments is obsolescent.
Change-Id: Ibd53f5db1137ec34c70e22ac73385f379aa5d6e5
Reviewed-on: https://code.wireshark.org/review/14816
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
ZigBee has added new 802.15.4 Information Elements, defined in
Annex D.8 of ZigBee Specification R22. Specifically this is the
Enhanced Beacon Payload IE, TX Power, and Rejoin IEs.
Change-Id: Ic54b92c6d1f6437dc7888d10e9ae63453eb60e1d
Reviewed-on: https://code.wireshark.org/review/14547
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Sort some lists in Makefile.common while we're at it.
Change-Id: I888078f30f7bbe6e5b20e2142c43211e3eb11e31
Reviewed-on: https://code.wireshark.org/review/14815
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fixes 7f873d92cb. Replacement function
header files are not automatically added to the distribution
tarball.
Move libwsutil_la_SOURCES for better readability.
Change-Id: I75699a0aa8681d94701931467c9290d9c7c140ac
Reviewed-on: https://code.wireshark.org/review/14814
Reviewed-by: João Valverde <j@v6e.pt>
As stated in the RFC1035 the TTL is a signed int.
https://tools.ietf.org/html/rfc1035#section-3.2.1
Change-Id: I07e57309f83f1877b1b4cb6a085bc3dabf053379
Reviewed-on: https://code.wireshark.org/review/14759
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Wiretap require registration right now. Do it.
Change-Id: I7ec4c4a4c6d3fa6625fff970f7f39f1ab74e3ef5
Reviewed-on: https://code.wireshark.org/review/14761
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Idee028bb6962a7a50d13ec45b41b71410fb92c6e
Reviewed-on: https://code.wireshark.org/review/14799
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
master-branch libpcap now generates a reentrant Flex scanner and
Bison/Berkeley YACC parser for capture filter expressions, so it
requires versions of Flex and Bison/Berkeley YACC that support that.
We might as well do the same. For libwiretap, it means we could
actually have multiple K12 text or Ascend/Lucent text files open at the
same time. For libwireshark, it might not be as useful, as we only read
configuration files at startup (which should only happen once, in one
thread) or on demand (in which case, if we ever support multiple threads
running libwireshark, we'd need a mutex to ensure that only one file
reads it), but it's still the right thing to do.
We also require a version of Flex that can write out a header file, so
we change the runlex script to generate the header file ourselves. This
means we require a version of Flex new enough to support --header-file.
Clean up some other stuff encountered in the process.
Change-Id: Id23078c6acea549a52fc687779bb55d715b55c16
Reviewed-on: https://code.wireshark.org/review/14719
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is consistent with what the rest of the files do, and doesn't
require that the compiler explicitly be told to treat the current
directory as an include directory.
Change-Id: Iefaedd2acc936f45d5095546f8dea7167d2e88c8
Reviewed-on: https://code.wireshark.org/review/14797
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Replace getenv() calls in filesystem.c too for consistency.
Change-Id: I31425179290e556e6696953531989d93777adf92
Reviewed-on: https://code.wireshark.org/review/14752
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: João Valverde <j@v6e.pt>
Tested-by: João Valverde <j@v6e.pt>
Reviewed-by: Michael Mann <mmann78@netscape.net>
When the state pointer is NULL it's defensively coded against by a
NULL pointer check. Variable initialization before should then not
dereference that pointer.
Change-Id: I0ed09e2f22be5651324f43fc3fd339d2f95684c0
Reviewed-on: https://code.wireshark.org/review/14776
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Do not try to recover from truncated tvbs for fragment_add_seq-like
functions:
- If it is the first block and the dissector requested frag_data_len
number of bytes, we should not lie and pretend that we are fully
reassembled.
- For other blocks, returning NULL as no reassembly was possible makes
sense. But other fragments in the list should not be cleared as there
may be partial fragments which were returned before.
It seems that this special behavior was introduced in
b2c11b5e13 (freeing fragments and
returning NULL as an optimization when fragments are deemed not needed
anymore) and faeb2c2ee1 (for returning
fd_head for the first fragment, "so the first fragment gets dissected as
fragmented packet").
Now in theory unused fragments could stick around, but that also
possible with the normal fragment_add functions.
Bug: 11799
Change-Id: I20829c54e1b2eee25a91fe4de51b19b1458c7789
Reviewed-on: https://code.wireshark.org/review/14082
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Either use "wtap.h", if it's only for files in the wiretap directory, or
<wiretap/wtap.h>, if it's also a header that stuff outside libwiretap
can include.
Change-Id: If1c71b3dae9a3c0d64661ae1734f925319e447d1
Reviewed-on: https://code.wireshark.org/review/14788
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I0950f61e90af5bb21c0017204de0c0b509616e5c
Reviewed-on: https://code.wireshark.org/review/14747
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
When deregister_dissector is called by Lua, the protocol was not
property removed from the dependent dissectors list. Fix this and also
duplicate the memory for keys and values since these strings might be
dynamically allocated.
Fixes a use-after-free after reloading Lua dissectors that use
DissectorTable:add() and opening a new/closing an existing capture file.
Change-Id: If2ae02f155e7ab8fc653c08003755897471f9be0
Reviewed-on: https://code.wireshark.org/review/14735
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
D. Ulis