In case like reusing "connection handle" number in next connection
(2 -> 3 -> 2 again) AVDTP dissector does not properly dissected packets
(it should be Signal, but dissect as Media).
Add expert error to all packets that are not in ACL connection. This will
show invalid packages (send after dissconnect), however incomplete
(mostly beginning) connection will be marked too, but I think it have more
pros than cons.
Change-Id: I29cf706600cb12c8b93d0188dd2fba18dd5eba88
Reviewed-on: https://code.wireshark.org/review/4167
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Now all generated dissectors can successfully compile.
Change-Id: I74728926915d5a9f1694cc49c753b80f213df767
Reviewed-on: https://code.wireshark.org/review/2598
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
For:
- FT_BYTES: Always use just ENC_NA
- integral/floating (other than FT_[U]INT8): Do ENC_NA --> ENC_BIG_ENDIAN
Change-Id: I0885f7d110014cb8a7eba1c1892ed8d0852d076a
Reviewed-on: https://code.wireshark.org/review/4187
Reviewed-by: Bill Meier <wmeier@newsguy.com>
- incorrect fetch/display of hf_http2_push_promise_r field
Change-Id: Iddf2db4807713017519b5abcbff3ba824b3624c6
Reviewed-on: https://code.wireshark.org/review/4186
Reviewed-by: Bill Meier <wmeier@newsguy.com>
For:
- FT_BYTES: Always use just ENC_NA
- integral/floating (other than FT_[U]INT8): Do ENC_NA --> ENC_BIG_ENDIAN
Also:
- FT_UINT... --> FT_UINT8 in a few cases (to match proto_tree_add_item...)
- Change one case of incorrect '||' to '|'
Change-Id: I427e0e61618ff8faf55691c8a695930f67d455b0
Reviewed-on: https://code.wireshark.org/review/4184
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Specifically: A number of cases of the use of the encoding arg
"ENC_ASCII | ENC_NA" for FT_BYTES FIELDTYPEs seem to
have crept into Wireshark source.
Also: Add a ToDo comment as to code rework needed to be able to
better *validate* encoding args.
Change-Id: I9d4b10b869fe2aef3f20bcd2d7ad6531375aba87
Reviewed-on: https://code.wireshark.org/review/4183
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Another perl "You can't DO that" ...
Change-Id: I56e11bec19515f883f15286c6aa45018a255ab53
Reviewed-on: https://code.wireshark.org/review/4172
Reviewed-by: Bill Meier <wmeier@newsguy.com>
We really need a buildbot or Petri-Dish which doesn't have GeoIP because
this problem keeps popping up.
Bug: 10480
Change-Id: Iccba50dfcafd2dbacb315b9416324de4114be220
Reviewed-on: https://code.wireshark.org/review/4171
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
It still not complete.
Change-Id: I53c3efe9c6cf0456fcea55336114086445d3bfe9
Reviewed-on: https://code.wireshark.org/review/2719
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Add all logcat format like brief, threadtime, long, etc. when try to save
logcat logs where there is EXPORTED_PDU layer.
Change-Id: I338f0bbd46dd8db984efc1c03980c7e9c7401a44
Reviewed-on: https://code.wireshark.org/review/4164
Reviewed-by: Michal Orynicz <michal.orynicz@tieto.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
If it is used, there is a modified file in git.
Fix this by only including the file if it exists.
Other changes:
- Rename the existing Custom files to CMakeListsCustom.txt.example.
- Move the plugins custom file to the top level (same level as its
including parent).
- Optionally allow a list of custom includes instead of the default one.
Change-Id: I8960eac6222f741c045055d43d1d5a2d4979caf6
Reviewed-on: https://code.wireshark.org/review/4163
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Fixed bugs where multiple messages are combined in a single packet.
Fixed bugs where a single message is distributed across multiple packets.
Fixed bug where arrays of zero length were not dissected properly.
Change-Id: Icfb83e73519d8217d6c477edf531ba6d3f3dcd48
Reviewed-on: https://code.wireshark.org/review/4159
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
* "Accept" option: The option number was changed late in the
specification process.
* "Proxy-Scheme" / "Size1": After including those, all option numbers
specified in the RFC can be dissected by wireshark.
Change-Id: I1b475ac6920fd021e3217cd3b44c173d264a5298
Reviewed-on: https://code.wireshark.org/review/4123
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I575bd2f93202837b2ce15a39b1b0bd9b5c53f5bf
Reviewed-on: https://code.wireshark.org/review/4151
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I5ca5d41edf1f56b24da6360a10f0c6e2600572d2
Reviewed-on: https://code.wireshark.org/review/4150
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I0b533edd7bad52922dd1e0aaa2c980e56dd88b78
Reviewed-on: https://code.wireshark.org/review/4149
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I78963640e32393f3ac399e59a659ddf619d15c3d
Reviewed-on: https://code.wireshark.org/review/4148
Reviewed-by: Michael Mann <mmann78@netscape.net>
It's unclear how the ports should be separated, this additional text in the tooltip clarifies it
Change-Id: I686482522d006024f920a3cc26b83cd21c19f8a5
Reviewed-on: https://code.wireshark.org/review/4147
Reviewed-by: Michael Mann <mmann78@netscape.net>
Move the map creation code from ui/gtk/hostlist_table.c to
ui/traffic_table_ui.c.
Add CMake commands to copy ipmap.html to the run directory so that
WIRESHARK_RUN_FROM_BUILD_DIRECTORY works for the endpoint map. Not sure
if they're entirely correct but they appear to work.
Add boundary checkes to geoip_db_lookup_ipv[46].
To do:
- It looks like there are prettier maps and newer APIs that we
might want to use.
Change-Id: Ie06992c9bc9c9aa683328aecab3f5f69c9cab966
Reviewed-on: https://code.wireshark.org/review/4011
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Different GeoIP databases have the same column name, e.g. "City"
currently matches two revisions each for IPv4 and IPv6. Map each
uniquely named column to a list of databases and populate
EndpointTreeWidgetItem columns based on the first database match.
Fix a copy/pasteo introduced in g30f3d52: Make sure
geoip_db_lookup_ipv[46] returns longitude instead of latitude.
Change-Id: Idd31f976dfd1cb011cfa7b5aec14b7031ee0e25e
Reviewed-on: https://code.wireshark.org/review/4157
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Added support for the new Routable RDMA over Converged Ethernet.
Change-Id: I97bc29fdc92bdcb12888f38383107a965837963e
Reviewed-on: https://code.wireshark.org/review/3723
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Interpret the meaning of the endpoint handle direction bit,
instead of just saying if it is set.
Change-Id: I9fc0d6f95f6c3a94d6db90c8394fe3ca8fc83715
Reviewed-on: https://code.wireshark.org/review/4119
Reviewed-by: Evan Huus <eapache@gmail.com>
during usb device enumeration, a host may attempt to only read the
first 8 bytes of a device descriptor. Dissecting a partial device
descriptor was throwing a bounds error.
Change-Id: I09cdd356d15153afc93ee478fdd98329495a642a
Reviewed-on: https://code.wireshark.org/review/4137
Reviewed-by: Evan Huus <eapache@gmail.com>
We rarely, if ever, want to, or need to, explicitly set the captured
length of a packet; we want to set the *reported* length and let the
tvbuff code figure out how much of that data was actually captured.
Change-Id: I9b93d296197989f677d888b10954589dfc1edc59
Reviewed-on: https://code.wireshark.org/review/4138
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The main site URI scheme is now https. Update the URL in some other
places while we're here.
Change-Id: Ib03d4fd1c58dabd3cf5050dc4f79216e0b94d525
Reviewed-on: https://code.wireshark.org/review/4133
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Replace some conditional + fprintf + DISSECTOR_ASSERT()s with
DISSECTOR_ASSERT_HINT() or just change the DISSECTOR_ASSERT() to
DISSECTOR_ASSERT_NOT_REACHED() when the hint requires formatting.
Change-Id: I80c7c6579d7755a60d644b5ef60ec4e3299ba0ab
Reviewed-on: https://code.wireshark.org/review/4115
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
- Fix a few parameter descriptions in expert.h;
- Do whitespace changes;
- Add editor modelines.
Change-Id: I1b75fa88021f1f44bd607cd33d0ab7f9ec672ab7
Reviewed-on: https://code.wireshark.org/review/4122
Reviewed-by: Bill Meier <wmeier@newsguy.com>
No need to wrap each SRVLOC PDU, which contains a SRVLOC protocol layer,
in *another* SRVLOC protocol layer.
Change-Id: I25e05d94bb9968eb4e26b63beb09fd151820d750
Reviewed-on: https://code.wireshark.org/review/4118
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Bug: 10464
Change-Id: I1a42877ee549b40e0c739dd2d1cbe4615ed9b9bd
Reviewed-on: https://code.wireshark.org/review/4098
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I138859ce735a9ff6541d6852dec29a13c1034c36
Reviewed-on: https://code.wireshark.org/review/4114
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Don't use try_val_to_str() and then never test the result to see whether
it's null. Instead, use val_to_str_const().
Don't use proto_tree_add_uint_format_value() to emulate what
proto_tree_add_uint() does unless the string for the value isn't
computed from the value_string for the field.
Also, prepend to the Info column as soon as we have the data with which
to do so.
Change-Id: Iae9bdfc7c80cbd1ec63e1bbb8d43560adec558bd
Reviewed-on: https://code.wireshark.org/review/4113
Reviewed-by: Guy Harris <guy@alum.mit.edu>