This adds the ability for Lua scripts to register heuristic dissectors
for any protocol that has registered a heuristic dissector list, such
as UDP, TCP, and ~50 others. The Lua function can also establish a
conversation tied to its Proto dissector, to avoid having to check the
heuristics for the same flow. The example dissector in the testsuite
has also been enhanced to include a heuristic dissector, to verify
the functionality and provide an example implementation.
Change-Id: Ie232602779f43d3418fe8db09c61d5fc0b59597a
Reviewed-on: https://code.wireshark.org/review/576
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Accessing a pref before it's registered causes a segfault, because prefs_p->next
is not being checked for NULL in wslua_proto.c:Prefs__index().
Change-Id: I270978ddb9238a9e8d2c533a96fc01ee0df385c7
Reviewed-on: https://code.wireshark.org/review/563
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use FT_NONE instead of 0 to initialize an enum.
Drop use of lround/llround since they are not available on Windows.
Change-Id: I3961c1921304bafc090c763f0d6de8532f0b3510
Reviewed-on: https://code.wireshark.org/review/425
Reviewed-by: Evan Huus <eapache@gmail.com>
This fixes/addresses all the coverity warnings shown by
the buildbots. (I hope)
Change-Id: Ic2722df97c577d274e3cf3f0cbdca1902edde047
Reviewed-on: https://code.wireshark.org/review/423
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The current API for Lua provides a global function
"all_field_infos()" which returns all the populated field_info nodes
in the current proto_tree.
By default all_field_infos() "works", in the literal sense: it returns
exactly the fields the previous dissectors of the packet have
populated at that instant of time. But of course dissectors don't
populate all the applicable fields most of the time, because of the
TRY_TO_FAKE_THIS_ITEM optimization where they don't fill in things
that aren't needed at the time by a display, color, or tap's dfilter.
So this commit offers a way to force the dissectors to populate
all the applicable field_infos in the tree, by setting the proto_tree
to be visible. Obviously that is going to impact performance, since
it basically bypasses the TRY_TO_FAKE_THIS_ITEM optimization; so the
patch only does this if the Lua script author told it to explicitly,
by adding an argument to Listener.new() and register_postdissector().
Change-Id: I11d3559fbe8c14fbadf1b51415a3701dc1200b7b
Reviewed-on: https://code.wireshark.org/review/286
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
There are some common things people need to do, such as convert to/from hex or get
the raw binary string in a ByteArray/Tvb/TvbRange. These have been added, as well
as some tests for them in the testsuites. Also, functions have been added to allow
a script to get all the available tap types and filter fields, since they are
not exactly what one can see in the Wireshark gui.
Change-Id: I92e5e4eae713bb90d79b0c024eaa4e55b99cc96b
Reviewed-on: https://code.wireshark.org/review/249
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
As discussed in bug 3513 and 9709, one can register more than one new ProtoFields for
the same field name. Of course C-code can do that too, and does a LOT apparently, but
if they're not similar ftypes then things can get scrweed up in display filters.
So this change prevents duplicate field registration of dissimilar ftypes. The
similarity is based on the discussion on the mailing list, and the listing in
README.developer has been updated to refelect that as well.
Also, this change adds a testscript for Proto/ProtoFields.
Change-Id: I43bd323f785245941a21289647332a19adec2a9d
Reviewed-on: https://code.wireshark.org/review/285
Reviewed-by: Evan Huus <eapache@gmail.com>
Over time the various wslua classes/functions have gotten moldy, with different
ways of doing similar things. Some of it can't be changed without breaking
backwards compatibility for Lua scripts, so I didn't do that. But I did what
I could. The biggest change is a refactoring of how accessors/attributes
are handled in the code, so that most of them work the same way using the
same code.
Specific changes made:
* Added null/expired checking macro to class declarations for many classes
* Removed extraneous pointer/expired checking, since checkFoo() does that already
* Fixed "errors" reported by clang static analyzer; they were false positives, but it was easier to get it to stop complaining by changing the code
* Moved internal wslua functions from wslua_utils.c into a new 'wslua_internals.c' file
* Changed Listener/NSTime/Pinfo/Proto to use a common setter/getter accessor/attribute code model, instead of each of them doing their own
* Fixed some API doc mistakes, mostly around attributes that were documented as read-only but were actually read-write
Change-Id: Idddafc5fbd3545ebff29e063acc767e1c743a1a9
Reviewed-on: https://code.wireshark.org/review/271
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
Similar to bug 9725 and ProtoField.new(), the way the VALUESTRING argument is being checked
in the code for ProtoField.bool() ends up making it non-optional. This patch fixes that,
along with some minor API documentation fixes (text).
Change-Id: Iadb9a8ace9c5514fc623d882301fe16b637fe4ce
Reviewed-on: https://code.wireshark.org/review/125
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Using ProtoField.new() is dicey. Many of the optional arguments don't properly check the lua stack - they call lua_isnil() for their index number, instead of lua_gettop() to see the stack size. lua_isnil() may return false in such cases.
Change-Id: I83ca1e5fc34e71ec35899adbedabcee69571b9fe
Reviewed-on: https://code.wireshark.org/review/118
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Stig Bjørlykke <stig@bjorlykke.org>
- Allow both string and integer for type and base (improve usability).
- Check valid base and mask for different types (avoid crashes).
- Remove ftypes.PROTOCOL from valid types.
This should fix bug #9549.
svn path=/trunk/; revision=54292
When a new Field is created, does as following:
* Check whether that field is registered, by using `proto_registrar_get_byname`. This is current behavior.
* (patched) If not registered, check whether that field is defined in LUA and will be registered. This is performed in `wslua_is_field_available` accessing LUA context.
* If not, an error "a field with this name must exist" occurs.
svn path=/trunk/; revision=52771
registered port numbers in PROTO.prefs_changed.
Now we only need this code in Lua plugins having port numbers prefs:
PROTO.prefs.ports = Pref.range ("Ports", 0, "Port numbers", 65535)
PROTO.prefs_changed()
local udp_table = DissectorTable.get ("udp.port")
udp_table:set (PROTO.prefs.ports, PROTO)
end
svn path=/trunk/; revision=51860
when the preferences for the dissector are changed.
This is not a 100% correct implementation at the time because the
prefs_changed function in all Lua plugins will be called whenever
a preference in a single Lua plugin is changed.
svn path=/trunk/; revision=51818
Lua cannot store a 64 bit integer with full precision, which is used
for keys in tables, so this is not a 100% solution. But it will probably
be good enough for value strings, and it is better to have some support
than no support.
svn path=/trunk/; revision=50988
made implicit casts explicit and changed a number of fields and function return values from base_display_e to unsigned because the enum was not a comprehensive list of all possible values
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8416
svn path=/trunk/; revision=48289
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
function name isn't the same as the method name; this is used if we're
providing compatibility aliases for method names.
Use WSLUA_CLASS_FNREG() and WSLUA_CLASS_FNREG_ALIAS() for all method
registrations.
Fix the spelling of "prepend", but leave a compatibility alias in place.
svn path=/trunk/; revision=47667
Cast away some implicit 64-bit-to-32-bit conversion errors due to use of
sizeof.
Cast away some implicit 64-bit-to-32-bit conversion errors due to use of
strtol() and strtoul().
Change some data types to avoid those implicit conversion warnings.
When assigning a constant to a float, make sure the constant isn't a
double, by appending "f" to the constant.
Constify a bunch of variables, parameters, and return values to
eliminate warnings due to strings being given const qualifiers. Cast
away those warnings in some cases where an API we don't control forces
us to do so.
Enable a bunch of additional warnings by default. Note why at least
some of the other warnings aren't enabled.
randpkt.c and text2pcap.c are used to build programs, so they don't need
to be in EXTRA_DIST.
If the user specifies --enable-warnings-as-errors, add -Werror *even if
the user specified --enable-extra-gcc-flags; assume they know what
they're doing and are willing to have the compile fail due to the extra
GCC warnings being treated as errors.
svn path=/trunk/; revision=46748
Fix leaks
- don't g_strdup a string just to use it in a g_strdup_printf
- clean up properly in error cases in lua bindings
- misc. other missing g_free() calls
- one missing fclose() in the new 80211_utils
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7454
svn path=/trunk/; revision=43617