Variable is only needed locally, so it can be moved to the local
entity.
Change-Id: I790c1616e27d5e85b3dabbdc327e3f54fc663d25
Reviewed-on: https://code.wireshark.org/review/36863
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fixes a regression introduced by d3c4dfa9ee.
It changed the type of the function, but not the way we access it. The
former code proceeded byte by byte, and we need to keep that behavior.
Bug: 16497
Change-Id: I02983635d7cf8e44a5631bf64d4a2854cb9c3bdb
Reviewed-on: https://code.wireshark.org/review/36858
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
It's possible to create a FrameInformation object that's not backed by
any frame data. In this case, fi_ is NULL and loadFrameTree() does not
run a dissection. However, we run epan_dissect_cleanup() unconditionally
in the destructor, even if edt_ is uninitialized. This causes a crash
when wireshark is closed.
Convert edt_ into a pointer. Run the cleanup only if we ran the
dissection before.
The issue can be reproduced by applying a display filter that makes the
list of the packets smaller than the packet list window. Right click
onto an "empty" part of the packet list and select "Mark/Unmark Frame".
Exiting wireshark at this point causes a segmentation fault
Thread 1 "wireshark" received signal SIGSEGV, Segmentation fault.
tvb_free_chain (tvb=0xf000e000d000c) at ../epan/tvbuff.c:124
124 tvb_free_internal(tvb);
(gdb) bt
#0 tvb_free_chain (tvb=0xf000e000d000c) at ../epan/tvbuff.c:124
#1 0x00007ffff430491e in epan_dissect_cleanup (edt=0x555558075b48) at ../epan/epan.c:648
#2 0x00005555558fa5a6 in FrameInformation::~FrameInformation (this=0x555558075b20,
__in_chrg=<optimized out>) at ../ui/qt/utils/frame_information.cpp:57
#3 0x00005555558fa5e9 in FrameInformation::~FrameInformation (this=0x555558075b20,
__in_chrg=<optimized out>) at ../ui/qt/utils/frame_information.cpp:55
...
#12 0x00005555559a74f7 in PacketList::~PacketList (this=0x55555602e930,
__in_chrg=<optimized out>) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qstring.h:1130
Change-Id: I347dd4901b4e08c37008ff25ac1f20a67555d9fd
Reviewed-on: https://code.wireshark.org/review/36825
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Set mustexist option to true to use Open file dialog instead of Save.
Change-Id: Ic8890facb6eebdacdc52881f617e8137585220f4
Reviewed-on: https://code.wireshark.org/review/36832
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix dead store (Dead assignement/Dead increment) Warning found by Clang
Change-Id: Iefd5cdfb5f24e95bc71768907c7474d3a61a24af
Reviewed-on: https://code.wireshark.org/review/36841
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix dead store (Dead assignement/Dead increment) Warning found by Clang
Change-Id: I6316d82fec8ee87f56cabe27e269cc7ef98cedc8
Reviewed-on: https://code.wireshark.org/review/36842
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add convenience routines for getting and setting a per-protocol,
per-packet depth value, which can be used to limit recursion, nesting,
cycling, etc. Use them in the BACapp, DAAP, Mongo, VLAN, and WBXML
dissectors.
Change-Id: I172514828169253ae7fcf9162c9d7eeb3041ff9c
Reviewed-on: https://code.wireshark.org/review/36846
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move some of the documentation about documentation toolchain itself from
docbook/README.adoc to the documentation toolchain chapter in the WSDG.
Fix the Debugger section level.
Change-Id: I8db92d334dd479324453f7b0bd25b33ea770c532
Reviewed-on: https://code.wireshark.org/review/36843
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
SubTemplateList is one of the 3 hierarchical data types supported by IPFIX.
Adding the capability to dissect fields of this type and show the list
of sub elements along with the 2 header fields in the subtemplate;
semantic and subtemplate id.
Tested with multiple level of nesting with subtemplate list fields
inside another list.
reference: https://tools.ietf.org/html/rfc6313#section-4.5.2
+ Review comment Changes
Change-Id: Iad00944c935cad8c0cdba457b9453fd13c68a6c2
Reviewed-on: https://code.wireshark.org/review/36745
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Do not copy addresses at when dialog opens, they will be initialized
in tapall_tcpip_packet(). Do not clear addresses when switching stream,
they will be properly removed in graph_segment_list_free().
Correctly free addresses in graph_segment_list_free() which is called
when switching stream and when closing the dialog. Free copied addresses
when switching direction (address swap).
Remove redundant and unused code.
Change-Id: I4328aa4df333f59c587f841b74a24dc71d329079
Reviewed-on: https://code.wireshark.org/review/36840
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Instead of guint8* the used type looks more precise. Moreover there
is no need to use local unions in the dissectors to switch between
the actual address and address bytes.
bgp, eigrp and isis-lsp dissectors have been updated accordingly.
Change-Id: I7785fe4c12913a09bd31cd6ef26e53027646d35c
Reviewed-on: https://code.wireshark.org/review/36836
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Complete Additional Controller Advertising Data dissecting, this was just
reported as advertising data in the extended header. Put it under a new tree
for ACAD info in the extended header.
Also fix the wrong length field used for the length of the ACAD field.
In addition put the scan response data under it's own scan response, similar
to SCAN_RSP handling. We can only do this if the context has given us the
information that this is the aux scan response data.
Remove an accidental addition used for debugging, and an empty if-statement for
a reserved flag.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc634531e
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36835
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Calculate the packet time of an LE Coded PHY using both S8 and S2 coding.
The First part of the packet is always sent in S8 coding. And the CI flag
tells which coding rate is used for FEC block 2.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc634531f
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36788
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for dissecting packet format on LE Coded PHY. This only includes
one additional field, the Coding Indicator (CI) which provides information
about the symbol rate of the FEC Block 2 of the pdu.
The TERM1 and TERM2 bytes are like the preamble assumed not included in the PDU,
these blocks are just bit-sequences for the radio and contains no important
information.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc634531d
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36787
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Newer version of CMake complains with warnings like the one below:
The package name passed to `find_package_handle_standard_args` (POWERSHELL)
does not match the name of the calling package (PowerShell). This can lead
to problems in calling code that expects `find_package` result variables
(e.g., `_FOUND`) to follow a certain pattern.
Change the capitalization of the variables to match the filename.
Change-Id: I5bd763add92e9e279f8e28f31576acb5b9ea7776
Reviewed-on: https://code.wireshark.org/review/36833
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
In case of successfull delivery, TP-Status IE looks as follows:
TP-Status
0... .... = Definition of bits 0-6: as follows
.00. .... = Error: Short message transaction completed (0)
...0 0000 = Reason: Short message received by the SME (0)
in particular, "Error: Short message transaction completed" looks
confusing. Let's make it a bit cleaner:
TP-Status
0... .... = Definition of bits 0-6: as follows
.00. .... = Error: No error, short message transaction completed (0)
...0 0000 = Reason: Short message received by the SME (0)
Change-Id: I95830877c1ff2f45e3c68a40febcf357abda597d
Reviewed-on: https://code.wireshark.org/review/36829
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
According to 3GPP TS 23.040, section 9.2.3.15, the TP-Status IE
indicates the status of a previously submitted SMS-SUBMIT and
certain SMS COMMANDS for which a Status-Report has been requested.
Currently Wireshark dissects this IE as follows:
TP-Status
0... .... = Definition of bits 0-6: as follows
.000 0000 = Error: Short message transaction completed (0)
.000 0000 = Reason: Short message received by the SME (0)
so it's not clear how exactly both Error and Reason are derived
from 7 less-significant bits of the first (and the last) octet.
As can be seen from the section 9.2.3.15, two less-significant
bits of those 7 define the Error, while the remaining 5 bits
define the Reason.
With this change applied, dissected TP-Status IE looks as follows:
TP-Status
0... .... = Definition of bits 0-6: as follows
.00. .... = Error: Short message transaction completed (0)
...0 0000 = Reason: Short message received by the SME (0)
To achieve this, type of the 'dis_field_st_error_rvals' was changed
from 'range_string' to 'value_string', and the range / string array
'dis_field_st_reason_rvals' was split into 4 arrays corresponding
to 4 possible Error values.
Change-Id: I8418ae3532c5e4b0ad2c956c5cd8cd90767d2fd6
Reviewed-on: https://code.wireshark.org/review/36828
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Add protocol for the nRF Sniffer for BLE version 3 of the UART protocol.
These changes provides support for giving different packet IDs for advertising
physical channel and data physical channel.
The flags for advertising physical changes are intepreted differently,
the direction, encryption and MIC valid flags are always zero and are therefore
marked as reserved for future use instead.
The time_delta field is changed to be a firmware timestamp instead. This is to
allow better timestamping of the packets as the timestamp earlies was provided
by the extcap python code, which does not provide accurate timestamps.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc634531c
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36786
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Provide a mechanism for the capture context to provide the auxiliary PDU type
name since this value cannot be inferred from the bytestream and must be taken
from context instead.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345319
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36783
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The length field of a struct can be configured to 0, 8, 16, or 32 bits.
Independent of the config, it will always be ignored as set to 0 bits.
This patch repairs this.
Bug: 16490
Change-Id: Idde3616ec06067363e767bd52bb5f443439c9aca
Signed-off-by: Dr. Lars Völker <lars.voelker@technica-engineering.de>
Reviewed-on: https://code.wireshark.org/review/36770
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Prefer:
- html (rather than txt)
- https
Also includes the script check_dissector_urls.py,
that can be used to find links in code and test them.
Change-Id: Iafd8bb8948674a38ad5232bf5b5432ffb2b1251b
Reviewed-on: https://code.wireshark.org/review/36821
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Added support for RFC 8770 Host Router Support.
As LSA flags are independent of set options fix flags handling also.
Change-Id: Ib74cae55fb9a3b26f27084168d0e15e4f3d2d6b8
Reviewed-on: https://code.wireshark.org/review/36824
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
FieldInformation::parentField() allocated a new FieldInformation,
so ensure to delete this when done.
Change-Id: Id0f538cc696551ec47169103be823eb1e55d1777
Reviewed-on: https://code.wireshark.org/review/36823
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Document that the payload of the BLE_EVENT packet is excluding the preamble
that is sent on air.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc634531b
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36785
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add BTLE physical channel pdu type from capture context. The dissector uses
the access address to determine if the packet is either an Advertising physical
channel PDU or a Data physical channel PDU.
This assupmtion is not valid for Periodic Advertising where the AUX_SYNC_IND
advertising packet will be sent with a non-advertising access address.
There is also the new Isochronous physical channel PDU which can be both
broadcasted or connection-oriented.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345318
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36782
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Document the RSSI sample result in the nordic_ble dissector. This value is
directly from the RSSISAMPLE register which is a positive number. It must
be converted to negative value.
Change to using INT8 because the RSSISAMPLE is only 7 bits value, and will
always be a positive number.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc634531a
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36784
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Dissect the common extendend advertising payload header which is common for
the following advertising PDUs:
- ADV_EXT_IND
- AUX_ADV_IND
- AUX_SYNC_IND
- AUX_CHAIN_IND
- AUX_SCAN_RSP
- AUX_CONNECT_RSP
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345317
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36781
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add handling of ADV_EXT_IND and setting valid adv header flags.
Advertising Extension assumes channel selection #2, and both TX and RX address
type bits must be checked if present in the extended advertising header by
reading the extended advertising header flags.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345315
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36780
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Like in markFrame, the integer list of selected rows is not used in
ignoreFrame. Remove it.
Change-Id: Ic2bf4b1d2d330767370a2e831e321e285cb00e91
Reviewed-on: https://code.wireshark.org/review/36805
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The "rows" variable is populated with the indices of all selected rows.
It seems that rows is never read and can be removed.
(In parallel, there's QModelIndexList frames. This list is used
when it comes to actually marking the selected packets.)
Change-Id: If2b97a2f5d87fe24717b9ad56444e2a779e0b3fc
Reviewed-on: https://code.wireshark.org/review/36804
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make sure the summary record is large enough; if not, report it as a bad
file.
If it's *too* large, skip the added data.
Clean up the length check for the header records - use sizeof, as we
later use sizeof when subtracting the fixed length portion's length.
Change-Id: I70697804eaa0cbbb1fb074eadf6457d237f26876
Reviewed-on: https://code.wireshark.org/review/36814
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Get rid of leftover duplicate code setting up the wtap structure and
private data before we've found a summary record.
If we find no data records, break out of the loop, so we fall into the
code that sets up the wtap structure and private data.
Change-Id: I00652bb7f3cb52b6c7c2088c6dd5fe5ec9a012a7
Reviewed-on: https://code.wireshark.org/review/36806
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
A generated item is not derived from the bytes in the packet.
The components of the length field and the timestamp are fields in the
packet. They should not be marked as generated.
Change-Id: Ic2e74f7db50b2ea65bc0e48883e6562992114296
Reviewed-on: https://code.wireshark.org/review/36766
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Use proto_tree_add_item() for the timestamp, there's no need to extract
the time manually.
Remove the unnecessary if (tree) check.
Call proto_tree_add_item_ret_uint() to read the value and add it to the
tree in one go.
Change-Id: Ibce3a5c83c260e46c4bd6ebf957e300fd345ed8a
Reviewed-on: https://code.wireshark.org/review/36765
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Use content-type property to decode message.
Lookup Topic using topic-alias property mapping from the first Publish
message if this is used by the sender. Add an expert info note when
a lookup fails.
MQTT-4.7.3-1 defines that all Topic Names and Topic Filters MUST be
at least one character long. Add an expert info warning for this.
Change-Id: I5b27a72462a7c80b200ec065e5aed167cf36a3a8
Reviewed-on: https://code.wireshark.org/review/36748
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Currently every URI that carries display information has that presented
as the same field. This makes specific filtering difficult.
This change introduces seperate fields for every URI type, while
preserving the common display info field as hidden item.
A display field has been introduced for every URI handled, whether or
not the field is described in an RFC. Practice learns that it may be
done anyway.
Bug: 16488
Change-Id: I15bf10e3fbdcce581a62182c205976a751c98c69
Reviewed-on: https://code.wireshark.org/review/36773
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Handle the reserved bits in the LE channel map. The bits do not
represent the advertising channels, but are simply reserved.
Allow the dissector to set these bits as non-channel map related, which
is the case for Extended Advertising Sync Info.
Change-Id: I7f0ad74b3e30ffecade59b6d0c5965bfc6345314
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Reviewed-on: https://code.wireshark.org/review/36779
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
check_dissector_urls.py was written and used to
find URLs within epan/dissectors/*.c and try to
fetch them using 'requests'. Will be commmitted
separately.
Most of the changes were to adapt to reorganisation
of IETF or 3gpp2 links, but many of the broken links
are for websites or companies that no longer exist.
Change-Id: Ie9afdb95099218402a61626a0cd5193c6f781b96
Reviewed-on: https://code.wireshark.org/review/36769
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>