minus the lengths of the two length fields and the packet length field,
it's the minimum of that and the packet length, as there might be
padding.
Fixes one problem found by the file in bug 9200.
While we're at it, pcapng_read_packet_block() and
pcapng_read_simple_packet_block() return an integer, not a Boolean;
return 0, not FALSE (they have the same value, but returning 0 makes it
clearer that the return value isn't restricted to TRUE or FALSE).
svn path=/trunk/; revision=52241
2. Converted several add_protocol_subtree calls to add_tlv_subtree to get true filterability. Many of the add_protocol_subtree are effectively being (ab)used as proto_tree_add_text with different highlighting.
3. Convert tvb_new_subset into tvb_new_subset_length.
Still looks like some of the remaining "protocols" need more specific filters, and should just be regular FT_BYTES fields.
svn path=/trunk/; revision=52235
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9127
With 6 unknown bytes leading to the two known values for the
last two bytes this cannot yet be properly dissected. Dissect
the one known case. More traces with additional properties
required to get more sense into the first 6 bytes.
svn path=/trunk/; revision=52233
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-openflow.c: In function ‘dissect_openflow_v_1_3’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-openflow.c:1125:18: error: variable ‘version’ set but not used [-Werror=unused-but-set-variable]
guint8 type, version;
Remove some trailing whitespace.
svn path=/trunk/; revision=52228
The welcome screen in the Qt port runs "dumpcap -S" to draw sparklines.
On OS X this means that it holds open a BPF device for each interface.
Trying to capture using another instance of Wireshark (or tcpdump, or
tshark, or...) will trigger the creation of an additional BPF device but
we won't have permission to use it. Forcing device creation at startup
works around this.
svn path=/trunk/; revision=52227
packet-openflow.c:577:31: error: "/*" within comment
packet-openflow.c:655:24: error: "/*" within comment
cc1: warnings being treated as errors
packet-openflow.c: In function 'dissect_openflow_features_reply_v1_3':
packet-openflow.c:671: warning: unused parameter 'pinfo'
packet-openflow.c:671: warning: unused parameter 'length'
packet-openflow.c: In function 'dissect_openflow_multipart_request_v1_3':
packet-openflow.c:809: warning: unused parameter 'pinfo'
packet-openflow.c:809: warning: unused parameter 'length'
packet-openflow.c: At top level:
packet-openflow.c:1033: warning: return type defaults to 'int'
packet-openflow.c:1119: warning: return type defaults to 'int'
svn path=/trunk/; revision=52226
in its entirety due to a snapshot length being specified is not
malformed.
Instead of checking for the the sum of the offset and the value length
being less than the offset, check whether the TLV length is <= 4 and, if
so, just quit at that point (that also handles the "value is zero
length" case). That makes sure that valuelength isn't negative; given
that length is < 65536, valuelength < 65532, so that won't cause offset
to overflow, so that means offset won't go backwards.
svn path=/trunk/; revision=52220
According to 3GPP R8/R9/R10/R11, the mobility option "3GPP Specific PMIPv6 error
code" is 1 octet length.
However, in the source file packet-mip6.c, the length of the option is set to 4 octets (around line 1744):
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9183
svn path=/trunk/; revision=52218
- Print hexdump of unknown or vendor specific toplevel TLVs
- Try to print the name of type 204 (something still missing)
svn path=/trunk/; revision=52212
A few enhancements to the SEL Fast Message (selfm) Dissector:
- Final piece of dissection for standard Fast Meter messages to display pad byte
(if present) and single-byte checksum footer.
- Enhancement to digital word display to show 1-byte bit patterns on proto_item
without requiring user to expand tree.
svn path=/trunk/; revision=52210
I want to follow up with some massive cleanup (remove PITEM_FINFO calls), but this with r52208 should be good enough to backport to 1.8 and 1.10 to fix bug 5349. Cleanup shouldn't need to be backported.
svn path=/trunk/; revision=52209
of the if (tree) tests in dissect_mac_header_generic_decoder(), as some
of the stuff done inside there should be done even if we're not building
a protocol tree, e.g. CRC stuff and calling subdissectors.
Get rid of a gratuitous pair of curly braces, and fix the indentation of
one line, while we're at it.
svn path=/trunk/; revision=52208
they're not being used, the compiler can be made to warn about that.
In this case, Broadcast_Control_Pointer_IE() was used because of a
missing case in a switch statement; put that case in.
svn path=/trunk/; revision=52204
1. Remove message type field from all MAC Management "sub"dissectors and place it in Mac Management subdissector itself. This may cause backwards-compatibility issues (malformed packets) with third-party subdissectors of the MAC Management dissector, but it didn't make sense to have so many filters for a single enumerated value, especially when the various "protocol" filters covers many of them.
2. Removed some if(tree) checks as column info and calling other dissectors are sometimes executed underneath. Some of this is in preparation for addressing bug 5349.
3. Make all dissector functions (and a few others) static, and use register_dissector() when necessary.
4. Convert generic decoder CRC errors into expert info, rather than have it be a "protocol" filter (it just looks funny that way)
In general, these dissectors seem "over-protocolized". I understand the need for all of the dissectors, but I don't know if they all need "protocol" status.
svn path=/trunk/; revision=52203
This enhancement add the missing structure CAUT, some missing integer
converted to Strings and some field that were unknown to a better explanation.
Sorted alphabetically the MQCFINT_Parse VALS structure to better find what is
missing in this VALS structure
svn path=/trunk/; revision=52198
some smaller changes by me.
- README.cmake
Document how to (one day) run on Windows
- CMakeLists.txt
Use MSVC compiler flags for MSVC instead of gcc flags
- FindWSWinLibs.cmake
New: Creates HINTS for finding includes and libraries
inside the Wireshark support library installation.
- FindXXX.cmake
Make use of HINTS generated by FindWSWinLibs.cmake
This has not really been tested on Windows as my installation seems to have
automagically downloaded some fixes and is in an inconsistent state since.
Will probably need to reinstall.
svn path=/trunk/; revision=52194
1) Corrections to the naming and terminology of DTP, its TLVs, types and values
2) Improvements to the dissection of Trunk Status and Trunk Type TLVs whose values and meaning have not been properly decoded so far
3) Improvements to the dissection of the Domain TLV (now using proto_tree_add_item() to display its value; this also allows for filtering operations)
4) Minor cleanups to the code (mainly renaming the macro names to make them more consistent)
From Peter Paluch, Bug 9156 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9156)
svn path=/trunk/; revision=52189
Guy Harris