If the user turns on the "show internal BER encapsulation tokens"
preference, show them the tokens inside SNMP variable bindings.
Change-Id: Ief9040f422cb214bbff8e4cfd45a2e05c7106480
Reviewed-on: https://code.wireshark.org/review/4105
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a routine ber_tvb_new_subset_length() used to construct tvbuffs for
parts of the packet, and have it check the specified length against the
*reported* length. NOTE: that routine should really take an item and an
expert info value as arguments and, if the length is greater than the
remaining packet length, add an expert info for that.
Also, when counting items in a SEQUENCE-OF:
keep track of whether we succeeded in counting them, and report
an "unknown number of items" if we didn't;
if the length of an item in the SEQUENCE-OF is so big we get an
overflow, just bail out of the count loop and indicate that we
didn't succeed in counting them - let the error be reported in
the process of dissection.
Change-Id: I32172737baaed35fc9a0e6c19a727a6ac71ddfb2
Reviewed-on: https://code.wireshark.org/review/4103
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The captured length reflects the way the capture was done; it should not
affect actual lengths used in the dissection.
Don't fetch the version until we need it; that lets us dissect more of
the packet if the previous change caused us to throw an exception trying
to fetch the version from the correct location rather than not throwing
an exception by fetching it from an incorrect location that happens to
be within the captured data.
Change-Id: I9f63afd4ef51f46c19b3afd2a651a5bb768fecaf
Reviewed-on: https://code.wireshark.org/review/4101
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I7301a739a28c20ece274293447713fd02ffab385
Reviewed-on: https://code.wireshark.org/review/4097
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Make sure we use $(PROGRAM_NAME_GTK) consistently. We still need to add
the Qt UI .pdb to the archive but I'm not in front of a proper Windows
development environment right now.
Change-Id: Ie917f68e3e8349fc7955b3b7e68d446b6fe88235
Reviewed-on: https://code.wireshark.org/review/4096
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
return an error if the parameter is _no_ string
Bug: 10401
Change-Id: I5643ef05009072538155e63c3178071ed6bab061
Reviewed-on: https://code.wireshark.org/review/4071
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
documents referring to the split out sections.
Remove trailing whitespace while at this.
Change-Id: I36cfe0ac55e8f653bffbf850e01f582aacf85557
Reviewed-on: https://code.wireshark.org/review/4094
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
For field types where it doesn't mean "to the end of the tvbuff", treat
it like other negative length values - as if it were unsigned and thus
Very Large and thus likely to be past the end of the tvbuff. That way,
some of the "we hax0red your SNMP packets" captures, with length fields
of 0xffffffff, report malformed packets rather than dissector bugs.
Change-Id: Id53f828b06b6febe7d79f8539e54523e0b43e5c2
Reviewed-on: https://code.wireshark.org/review/4091
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also, sort the hfi[] array to be in the same order as the declarations
of the fields, to make it easier to check that all fields are being
registered.
Change-Id: Ida530590ebd00bbf206e0f6041b8da880bce2c6f
Reviewed-on: https://code.wireshark.org/review/4089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Create filters (expert and hf_) that have the "most bang for the buck" (ie have many instances for a single filter)
Change-Id: I61995e41c5b298df77e084e65cdf30ebe95da1e6
Reviewed-on: https://code.wireshark.org/review/4086
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Check the input pointer in the while clause of the loop, so that we
handle an empty input buffer.
When reading a bit mask, check before fetching the bit mask that we have
two bytes of bit mask and the byte after it.
Before putting an uncompressed input byte into the output, make sure we
wouldn't run past the end of the output buffer.
Before copying an earlier string from the output buffer, make sure it
doesn't run past the end of the data we've decompressed so far.
Bug: 10461
Change-Id: I8bb8d0d291368ae8bf0ac26970ff54d3262a7e6e
Reviewed-on: https://code.wireshark.org/review/4083
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Follow TCP's lead by putting the filter in a subtree under the checksum.
Change-Id: I9351ee865011cd04bc3d3e88c51e8dbb3dc23f07
Reviewed-on: https://code.wireshark.org/review/4082
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
- Indicate that ITU-T G.8013/Y.1731 (11/2013) is the latest spec
(and that the cfm dissector has not been updated to reflect same).
- Remove a comment about a "discrepancy in the recommendation
ITU-T Y.1731". The discrepancy has been corrected in the latest
spec.
Change-Id: I5a5f873d2a0a5fdee3aef1688403bb317a155cdf
Reviewed-on: https://code.wireshark.org/review/4081
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Change-Id: I84e204fb7a84eb821f4728a50945f34f4bdba73f
Reviewed-on: https://code.wireshark.org/review/4057
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Change-Id: Ie41ac30f8edaeee75b23717ef1d5147d804a65b3
Reviewed-on: https://code.wireshark.org/review/4074
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Later releases have a different AppID.)
Change-Id: I41d4a498461e777f570641936db64d0551e36186
Reviewed-on: https://code.wireshark.org/review/4070
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ic4e4d9142a9b05ef3b628fac2e8766014c5fccec
Reviewed-on: https://code.wireshark.org/review/4073
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- Actually register dissector on default UDP ports upon startup.
- expert_...() shouldn't be called under 'if (tree)'
Also: cleanup proto_reg_handoff...() and apply_prefs() code.
Change-Id: I6390d9bf311c9a62fbc43647d9bb19f90156baec
Reviewed-on: https://code.wireshark.org/review/4063
Reviewed-by: Bill Meier <wmeier@newsguy.com>
- Only calculate tvb length once.
- Use tvb_reported_length() instead of tvb_reported_length_remaining() as
this is a subtvb offset is always 0.
Change-Id: I03bd7a95061488d4576fa93f26e6b31d55f88738
Reviewed-on: https://code.wireshark.org/review/4060
Reviewed-by: Anders Broman <a.broman58@gmail.com>
And a few other misc. cleanups while in the neighbourhood.
Change-Id: Ic0d6836dec9c36d31ea244a6adc74d4713565090
Reviewed-on: https://code.wireshark.org/review/4047
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The offset was calculated too high, as it was added
to itself and sizes were added multiple times
Change-Id: I1a581e96e2ab66e40f5566074e8bd1089f55bdb0
Reviewed-on: https://code.wireshark.org/review/4049
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
hf_filter array was removed. Compiles, did some manual testing and didn't see any regression. Bitfield still not changed over to inbuilt functions
Change-Id: I510da6160c0f2375398b9ab30042ff172ae31c9f
Reviewed-on: https://code.wireshark.org/review/3147
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The biggest changes involved:
1. Use the "bounds checking" of proto_tree_add_xxx, instead of doing it manually. There are still places where it's done "manually", but they have been drastically reduced. Someone with more understanding of the protocol/dissector would need to take a look at them.
2. proto_tree_add_text -> proto_tree_add_subtree[_format]
3. Use proto_tree_add_bitmask when appropriate.
Change-Id: Iddbd2aadf5fd27f2cf9ba63873eb59dbd93b6394
Reviewed-on: https://code.wireshark.org/review/4039
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Other minor cleanups while in the area.
Change-Id: I99096ade9c69a4c148962d45bb6b0bd775040ba1
Reviewed-on: https://code.wireshark.org/review/4020
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Most of the items fell under the same 3 filterable fields. Many got converted to proto_tree_add_bitmask. Also removed the superfluous return statements
Change-Id: Ib429f986d1c3648e51add8ad3d208428b0ba898c
Reviewed-on: https://code.wireshark.org/review/4044
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Guy already fixed the issue, I was looking at a stale buildbot page.
This reverts commit f9bfa976e6.
Change-Id: I04e2f1ddfae9558b6cec40740ffbb66a16c3fecb
Reviewed-on: https://code.wireshark.org/review/4046
Reviewed-by: Evan Huus <eapache@gmail.com>
Hopefully squashes the mac buildbot error
packet-mp2t.c:993: warning: implicit conversion shortens 64-bit value into a
32-bit value
Change-Id: I9ca6420925442b56cfdf5db629b63d6ead7bdfbd
Reviewed-on: https://code.wireshark.org/review/4045
Reviewed-by: Evan Huus <eapache@gmail.com>
The problem described in the README is simply because the conformance file
hadn't been updated.
Remove trailing white space from the .idl and .cnf files.
Change-Id: I778f206aa103e5f60574fe2c5c699597969dc644
Reviewed-on: https://code.wireshark.org/review/4042
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
In both cases, make the extension a 16-bit variable, cast the result of
extracting the extension to guint16 to clarify that only the 9 bits
visible through the mask matter.
While we're at it, there's no need to use
"proto_tree_add_uint64_format_value() if the format is just the standard
format for a 64-bit unsigned integer.
Change-Id: I8f1f48595830d4672984f3797be1c9d994e64ea0
Reviewed-on: https://code.wireshark.org/review/4043
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Bug: 10446
simplify OPCR calculation while we're at it
Change-Id: I8590e409895e712fe6bbb64ab23093caf5795fa7
Reviewed-on: https://code.wireshark.org/review/4040
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Extract RFC3315 about hop-count :
20.1.2. Relaying a Message from a Relay Agent
If the message received by the relay agent is a Relay-forward message
and the hop-count in the message is greater than or equal to
HOP_COUNT_LIMIT, the relay agent discards the received message.
The relay agent copies the source address from the IP datagram in
which the message was received from the client into the peer-address
field in the Relay-forward message and sets the hop-count field to
the value of the hop-count field in the received message incremented
by 1.
Bug:10449
Change-Id: Ifb94e7c54c0a26714fc543862d4358d3e60c2676
Reviewed-on: https://code.wireshark.org/review/4017
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Other minor cleanups while in the area.
Change-Id: I623d941e53128f169e55dfc629547b4221fa72fc
Reviewed-on: https://code.wireshark.org/review/4021
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Guy Harris