For users with lots of columns, they may loose track of the current frame/packet.
Bug: 13902
Change-Id: I4d937dc437e254a09d938733aef5f5678ede1095
Reviewed-on: https://code.wireshark.org/review/22772
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Start to remove the dependency on PacketList by moving the signals
out of setPacketList and into MainWindow.
Change-Id: Ibbe5a5619e06809eb71aee5145c4b0f7d54382a2
Reviewed-on: https://code.wireshark.org/review/22798
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: I2524bc008ad35e39890c6b846928f1183f7f9627
Reviewed-on: https://code.wireshark.org/review/22791
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Remove grep output of explict count of heuristic protocols because
it changes too often to bother updating.
Change-Id: I69b0dfbae32f9eb9ffef6c3200238819ddf522e6
Reviewed-on: https://code.wireshark.org/review/22793
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The request doesn't correspond to the request command coe, it
corresponds to the entire request; create it as an item covering the
rest of the packet, and finish it up by setting the length appropriately.
Change-Id: Ib0c044c0c878f1cb2fa0d11deb04b4d31a8a825f
Reviewed-on: https://code.wireshark.org/review/22796
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Rc.exe doesn't have a /WX flag. Passing it /WX apparently results in
setting the /W flag, which warns about invalid code pages, and the /X
flag, which ignores %INCLUDE%. The latter is necessary in our case for
locating winver.h.
Change-Id: I6d757a547fedfa49d078a7bb5f15518c69760f72
Reviewed-on: https://code.wireshark.org/review/22794
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make sure to have bytes before adding raw values to tree
Bug: 13910
Change-Id: I9c6fe679df12e0358df80caf01268acb75ee424c
Reviewed-on: https://code.wireshark.org/review/22782
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The padding was not part of the size calculation of the last subpayload in a
multiple read/write by index.
Change-Id: Ibbd3ded345352ea1ceaea7b871fc2d1a0e1a6832
Reviewed-on: https://code.wireshark.org/review/22781
Reviewed-by: Christoph Schlosser <christoph@schlosser.xyz>
Reviewed-by: Roland Knall <rknall@gmail.com>
Don't assume that the application is initialized when we create a
SimpleDialog.
Bug: 13275
Change-Id: Ieeb52430500570db88463069833855c3789f686b
Reviewed-on: https://code.wireshark.org/review/22778
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fixes a bug when calling randpktdump without the dialog. Reproducer:
Open wireshark
Double click on randpktdump
Stop the capture
No packets have been generated.
Change-Id: I43d1d3c02afbb44f88620a696a7d25aa4e45889a
Reviewed-on: https://code.wireshark.org/review/22775
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The tree may be NULL, so tree->parent may cause access invalid memory address error
which will report 'Dissector bug ... STATUS_ACCESS_VIOLATION' in info column.
Change-Id: I37d4aca2287e77a046e553221a6a824de60aae9c
Reviewed-on: https://code.wireshark.org/review/22776
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add detection for the modular device flag in POWERLINK.
Change-Id: I3e21eec383f1bdf2fa491d415631cda146a0fdef
Reviewed-on: https://code.wireshark.org/review/22774
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: Id87920c5099553e51cfaa9ab0cb0c41cec6a127b
Reviewed-on: https://code.wireshark.org/review/22767
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The InterfaceToolbar does not currently work with Qt4 because usage
of some Qt 5.2 features, but this should at least make it compile.
Change-Id: Id610e04d6c266556bfb84da5399e57a6c1fe9938
Ping-Bug: 13909
Reviewed-on: https://code.wireshark.org/review/22761
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Having two distinct logical concepts (OUI and Well Known Address)
concatenated to a single "manuf" file is needlessly obfuscating
the WKA feature.
Have a distinct "wka" file instead and just skip the cat.
Change-Id: I46f53b0015a37331d65f8cfac7cbbd499dd0c5b8
Reviewed-on: https://code.wireshark.org/review/22742
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Pressing the display filter shortcut Ctrl-/ inserts a '/' into the
LineEdit. On Windows QKeyEvent::text() contains a
printable character when Ctrl is held down and are being redirected
in MainWindow::eventFilter(). This patch filters events that has the
CtrlModifier.
Change-Id: Iefed962b7a2cc944a39b09de9d84b4522a39ff13
Reviewed-on: https://code.wireshark.org/review/22697
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
UatFrame was originally written for filter expressions, so it still
had some "filter expression specific" functionality in it.
Move the "filter expression notifications" to the preferences dialog
and add support for proper notification if UAT affects fields or
dissection (like expert info UAT).
Change-Id: I84cd0c7923450692916bbc6c2cdce93a9830d722
Reviewed-on: https://code.wireshark.org/review/22758
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
media_type_dissector_table is only defined with HAVE_NGHTTP2
Change-Id: I489e04f3d3066f2edf5c656b158c38c3dae84fb6
Reviewed-on: https://code.wireshark.org/review/22760
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change is to limit the number of entries from the NAK message included in the
summary line (and add ellipsis if there are more than will fit).
In addition, add checks to make sure we dont read beyond the end of the
captured packet when parsing NAKs.
Change-Id: I60db4b62d86c05329eb7c79ae1927eeb1b7e11ba
Reviewed-on: https://code.wireshark.org/review/22733
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change Details:
1. Just like HTTP1.1, dissect reassembled http2.data.data according to content-type header value (searching media_type dissector table).
With this feature, we can add new dissector that based HTTP2 (for example application/grpc), or old text/html, image/png, image/jpeg dissectors.
2. Append stream id after frame type on info column, like: HEADERS[1], DATA[1], HEADERS[3], DATA[3]
3. Append request :method and :path inforamtion to info column, like: HEADERS[1]: GET /demo/1.jpg. (and also append :method and :path info to Stream Node in tree)
4. Append response status and reason-phrase to info column, like: HEADERS[1]: 200 OK
One HTTP2 package file's info column will look like:
10.10.10.123 23.13.190.101 Magic
10.10.10.123 23.13.190.101 SETTINGS[0]
10.10.10.123 23.13.190.101 WINDOW_UPDATE[0]
10.10.10.123 23.13.190.101 HEADERS[1]: GET /demo
23.13.190.101 10.10.10.123 SETTINGS[0]
23.13.190.101 10.10.10.123 SETTINGS[0]
10.10.10.123 23.13.190.101 SETTINGS[0]
23.13.190.101 10.10.10.123 HEADERS[1]: 200 OK
23.13.190.101 10.10.10.123 DATA[1], DATA[1], DATA[1], DATA[1] (text/html)
10.10.10.123 23.13.190.101 HEADERS[3]: GET /demo/tile-0.png
10.10.10.123 23.13.190.101 HEADERS[5]: GET /demo/tile-1.png
10.10.10.123 23.13.190.101 HEADERS[7]: GET /demo/tile-2.png
10.10.10.123 23.13.190.101 HEADERS[9]: GET /demo/tile-3.png
10.10.10.123 23.13.190.101 HEADERS[11]: GET /demo/tile-4.png
23.13.190.101 10.10.10.123 SETTINGS[0]
23.13.190.101 10.10.10.123 SETTINGS[0]
10.10.10.123 23.13.190.101 SETTINGS[0]
23.13.190.101 10.10.10.123 HEADERS[5]: 200 OK
23.13.190.101 10.10.10.123 DATA[5]
23.13.190.101 10.10.10.123 HEADERS[7]: 200 OK
23.13.190.101 10.10.10.123 DATA[5], DATA[5] (PNG), DATA[5]
23.13.190.101 10.10.10.123 HEADERS[11]: 200 OK
23.13.190.101 10.10.10.123 DATA[7], DATA[7] (PNG), DATA[11], DATA[11] (PNG)
23.13.190.101 10.10.10.123 HEADERS[3]: 200 OK
23.13.190.101 10.10.10.123 DATA[3], DATA[3] (PNG)
23.13.190.101 10.10.10.123 HEADERS[7]: 200 OK
23.13.190.101 10.10.10.123 DATA[9], DATA[9] (PNG)
Change-Id: I4452dadeeefc49806e3036a44d44b5f5186096b9
Reviewed-on: https://code.wireshark.org/review/22715
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rationale: The IEs are a generic mechanism that allows higher level protocols to
transport additional data in the header and some IDs have already been assigned
to external organisations. Using dissector tables enable looser coupling.
Refactor existing internal IE dissectors to be called via the table as well
based on a suggestion by Michael Mann.
More consistent display and code for Header IEs and Payload IEs.
Change-Id: Ib9c225245fc8dd989200d6ff6aeae8ca5c0f792c
Reviewed-on: https://code.wireshark.org/review/22600
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't fail if it's not present.
Change-Id: I7183ce6e1f2af822ebeed219be0f2ca7dd0bab0f
Reviewed-on: https://code.wireshark.org/review/22759
Reviewed-by: Guy Harris <guy@alum.mit.edu>
In the RTP player dialog, list the default audio device first, ensure
it's selected by default and ensure that the list items are unique.
According to
http://code.qt.io/cgit/qt/qtmultimedia.git/tree/src/plugins/windowsaudio/qwindowsaudiodeviceinfo.cpp?h=5.9
the default device on Windows uses the special WAVE_MAPPER id, which
appears to support various sample rates even when the underlying
hardware doesn't.
Ensuring the names are unique fixes an issue I'm seeing on a test
machine here.
When decoding, check to see if our sample rate is supported by our
output device and adjust accordingly.
Bug: 13906
Change-Id: Iddc0beb2459bfac42276ff29d227c2619b0a8d90
Reviewed-on: https://code.wireshark.org/review/22756
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I74f4d33ad1805bd233190e7cb9ee1610ae628af5
Reviewed-on: https://code.wireshark.org/review/22755
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
In the fast-path "no options" case for writing an Enhanced Packet Block,
just copy the block total length to the buffer, don't put it into the
buffer in little-endian byte order. If we're running on a big-endian
machine, and thus *should* be writing out multi-byte integral block
fields in big-endian byte order, that'll write out a corrupt pcapng
file.
Bug: 13802
Change-Id: I33958e3fc1d205ca6df3ef4057d92b461831c50e
Reviewed-on: https://code.wireshark.org/review/22753
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That way, if you have an older version, we fail at configure time, with
what should be a message indicating that your c-ares is too old, rather
than at compile time, with what might provoke users to ask "what am I
doing wrong?" or "what do I need to fix?" or "why is my compile
failing?" or....
Change-Id: I911574c4d90174b6bd074c5ef537557d47b199dc
Reviewed-on: https://code.wireshark.org/review/22752
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Version 1.5 was released on 21-nov-2007. RHEL, Suse, etc supported versions
are all above c-ares v1.5.
We don't bother testing for it at build time for now, because it's non-trivial
(times two build systems).
Change-Id: I9253256d8d905da0c75d80b2b0fa4527df2b1420
Reviewed-on: https://code.wireshark.org/review/22741
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add tfs_open_closed to general tfs collection (tfs.[ch])
Change-Id: I79b22b591128c33084489880842e19e9a0d80560
Reviewed-on: https://code.wireshark.org/review/22730
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"Missing newline after '}'" suggests either that the "}" is the line
character in the file or that it's followed by a character other than a
newline. What it actually appears to mean is "you didn't put a blank
line between one author entry and the next author entry".
Change-Id: Ic0e4dd02f04680ab84fbfcf1183c911d049ee2d2
Reviewed-on: https://code.wireshark.org/review/22746
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Get rid of the error:
Missing newline after '}', found: Ben Stewart <bst[AT]google.com> {
Change-Id: Ic8c83c23e5215032a9e06d4ad089be85f7b98b0d
Reviewed-on: https://code.wireshark.org/review/22744
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Removed get_ipxnet_addr(), get_ether_addr(). If this feature is desired at
a minimum it should use an efficent data structure (and no disk-based
lookups mid-dissection).
Change-Id: Ie72449c631f21f4a3d82ec435bb5e1d7892f122c
Reviewed-on: https://code.wireshark.org/review/22729
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
See ftp://dicom.nema.org/MEDICAL/dicom/2016a/output/chtml/part07/sect_D.3.3.7.html
Bug: 13875
Change-Id: If5b55ef45b1dd7115a2eaf4a3d1a02bc2b1a5b93
Reviewed-on: https://code.wireshark.org/review/22714
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Escape shell command quotes so that what appears to be "unquoted_legacy"
behavior doesn't kick in.
Ping-Bug: 12305
Change-Id: I4763df2fbc58b80d6e4e3ec15f78c16fa1cf3853
Reviewed-on: https://code.wireshark.org/review/22732
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
proto_tree_add_bitmask_with_flags().
Change-Id: If8e9f9956543f253f4f59d8204c9536f444dbcd5
Reviewed-on: https://code.wireshark.org/review/22728
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
To make translation updates less noisy.
Change-Id: I3efee819ea10bb326862e0f818bfd3cd7eff48e3
Reviewed-on: https://code.wireshark.org/review/22654
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Michael Mann