A few of them just needed scratch memory, so allocate and free it
manually after doing any exception-raising checks.
A few others were returning memory, and needed conversion to accept a
wmem scope argument.
As requested [here][1], help with replacing calls to
`wmem_packet_scope()` with references to `pinfo->pool`.
My principles were:
* Plugins chosen semi-randomly.
* When a calling function already has a `pinfo` argument, just use that.
* Remove `_U_` from its signature if it was there.
* Don't go more than 2 or 3 levels deep of changing signatures.
* If a function is clearly allocing memory to return, change the
function signature to take a `wmem_allocator_t *`. Otherwise, either
that or take a `packet_info *` as seems to make sense.
* No mention of `wmem_packet_scope()` should remain in the files I've
touched.
* I didn't always succeed at this, but I made a dent.
[1]: https://www.wireshark.org/lists/wireshark-dev/202107/msg00052.html
These were detected by running check_typed_item_calls.py
with --consecutive, which flags items that have different
labels but the same filter string. Usually this is because
of copy/paste.
Quite a few similar bugs still exist, will address in a future commit.
There can be multiple PDV segments in the same frame that belong to
different reassemblies. Change the reassembly_id used for the
reassembly tables so that it is not identical for all segments in
the same presentation context (but still unique for a given reassembly),
so that that case can be handled properly. Otherwise fragment_add_seq_next
will retrieve the wrong reassembly for one of the segments (especially
on the second pass.)
Bug: 13110
Change-Id: Ib967fc7f6b7b591b9e3494d81d3b5d4ecc43cac1
Reviewed-on: https://code.wireshark.org/review/38200
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The names for files extracted from data PDVs depend on information in the tags.
Need to read the tags for data PDVs if the Export Objects tap has a listener
even if there isn't a tree (so that tshark works) and need to send data to
Export Objects only after reading the tags (so that it works on the first pass).
This makes the tshark single pass behavior match wireshark GUI behavior.
Bug: 16771
Change-Id: I6cfa792e7b86f205290ff92c9f5e09fd94a25f9f
Reviewed-on: https://code.wireshark.org/review/38164
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In dcm_export_create_object(), don't assume that assoc->ae_calling and
assoc->ae_called are non-null; if we don't have an A-ASSOCIATE request
earlier in the capture, which we are not guaranteed to have, the called
and called AE titles won't be set.
Bug: 16748
Change-Id: I7d6d22d1c23e28b1f0967a803d0d89609a421712
Reviewed-on: https://code.wireshark.org/review/38077
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
They're used in display strings (columns, higher-level protocol tree
items, hostnames in Export Objects tables), so get display strings.
That means they're not guaranteed to be 16 octets long, so allocate them
as file-scope strings (the structure containing pointers to them is
allocated with file scope), with leading and trailing blanks stripped.
Change-Id: I291884be39557d861927020e682b0bdadfe41dbb
Reviewed-on: https://code.wireshark.org/review/33955
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't just grab raw string data with tvb_memcpy(); all strings must be
fetched using an encoding value, to properly map to UTF-8.
Use the newly-added ENC_ISO_646_BASIC encoding, as that's what the 2003
DICOM spec says is used.
Change-Id: Idaae45a304c746c163b214e2d08e00870c69e9d6
Reviewed-on: https://code.wireshark.org/review/33952
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
packet-dcm.c:3888:6: warning: no previous prototype for function 'col_set_str_conditional' [-Wmissing-prototypes]
packet-dcm.c:3901:6: warning: no previous prototype for function 'col_append_str_conditional' [-Wmissing-prototypes]
Change-Id: I26117b8c3bcb0f88889edd7de5044e57dd0c4b38
Reviewed-on: https://code.wireshark.org/review/33507
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It can, and, in at least one capture, it does.
Change-Id: Id3540e6551db5d63427f09c6ccc521958ecccac6
Reviewed-on: https://code.wireshark.org/review/33231
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- Fixed re-assembly of two PDU in single frame (was optimized out in last commit)
- Improved COL_INFO for C-FIND
- Improved COL_INFO for multiple PDUs in one frame
Change-Id: Ie4ba5023594f3ce65f55584631731ee9f9d0506b
Reviewed-on: https://code.wireshark.org/review/32087
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix offset for reading protocol version
Bug: 15495
Change-Id: I050ee4db23dbafb9cd4c32ed24fcaff0ace4c752
Reviewed-on: https://code.wireshark.org/review/31987
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This allows taps that can fail to report an error and fail; a failed
tap's packet routine won't be called again, so they don't have to keep
track of whether they've failed themselves.
We make the return value from the packet routine an enum.
Don't have a separate type for the per-packet routine for "follow" taps;
they're expected to act like tap packet routines, so just use the type
for tap packet routines.
One tap packet routine returned -1; that's not a valid return value, and
wasn't one before this change (the return value was a boolean), so
presume the intent was "don't redraw".
Another tap routine's early return, without doing any work, returned
TRUE; this is presumably an error (no work done, no need to redraw), so
presumably it should be "don't redraw".
Clean up some white space while we're at it.
Change-Id: Ia7d2b717b2cace4b13c2b886e699aa4d79cc82c8
Reviewed-on: https://code.wireshark.org/review/31283
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This change adds a python (3) script that generates the file packet-dcm.h from
the DocBook sources of the DICOM standard. They can either be present in the
current directory where the script is run, otherwise the current version is
downloaded from the DICOM standard official website.
Change-Id: Ibc0d88e52a5960b48624f729a67a0effbb7c1005
Reviewed-on: https://code.wireshark.org/review/30338
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This is in preparation for generating the tables automatically from the DocBook version
of the DICOM standard. In this commit, there are no changes to the actual contents
of the tables, to facilitate reviewing the actual changes that results from the update.
Change-Id: I3b11597277537901e5804bb246d5f3777bb463d9
Reviewed-on: https://code.wireshark.org/review/30337
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Packet scope lifetime is too short for it.
Bug: 14923
Change-Id: I4bd5ef8c7382d5d3d98598b797732ba3d88e44fd
Reviewed-on: https://code.wireshark.org/review/28505
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
- Fixed initial COL_INFO for associations. It used to 'append' instead of 'set'.
- Changed initial length check from tvb_reported_length() to tvb_captured_length()
- Heuristic Dissection:
o Modified registration, so it can be clearly identified in the Enable/Disable Protocols dialog
o Enabled by default
o Return proper data type
Tested heuristic vs. static on many DICOM captures
Change-Id: I0aa42b91e4f55a6d9fc834657710a6a92c8dadef
Reviewed-on: https://code.wireshark.org/review/27518
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
It'd only overflow if the value is *so* large that it won't fit in the
packet (given that we have a 2^32-1-byte limit on the packet size), so
use tvb_ensure_bytes_exist() to ensure we have the entire value before
processing the value.
(The real problem is that we don't handle the case where there's a value
multiplicity > 1 for some types; in those cases, we should loop,
processing all the values, which would cause us to eventually throw an
exception when we ran past the end of the packet. This is just a quick
fix.)
Bug: 14742
Change-Id: I447ece81d1c84d3b1d218faeb2c155f910208c29
Reviewed-on: https://code.wireshark.org/review/27853
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fixed length decoding for OD, OL, UC, UR Fixed hf_dcm_assoc_item_type to be interpreted as 1 byte
Fixed pdu_type to be interpreted as 1 byte
Fixed decoding of AT type, where value length was wrongly reported in capture as 2 (instead of n*4)
Removed tailing white spaces
Please merge to 2.4 once ok.
Bug: 14415
Change-Id: I7857ef107e7e599c7dd9f8d069daa5b3bfb4122f
Reviewed-on: https://code.wireshark.org/review/26268
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
uint32 value could wrap around, resulting in infinite loop.
Bug: 14411
Change-Id: I26c73f74adc65c7a5acf22970a54c93a7f7a2344
Reviewed-on: https://code.wireshark.org/review/25873
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This makes it easier to identify the simpler/common conversations
Change-Id: I7094f23e49156ee27f5f72c8e130308470f3e462
Reviewed-on: https://code.wireshark.org/review/24145
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
They're not used anywhere other than inside the dissectors, so make them
private to the dissectors.
Change-Id: I9946713f34f95a8173fd7748055fd4aa2e870f70
Reviewed-on: https://code.wireshark.org/review/23357
Reviewed-by: Guy Harris <guy@alum.mit.edu>
See ftp://dicom.nema.org/MEDICAL/dicom/2016a/output/chtml/part07/sect_D.3.3.7.html
Bug: 13875
Change-Id: If5b55ef45b1dd7115a2eaf4a3d1a02bc2b1a5b93
Reviewed-on: https://code.wireshark.org/review/22714
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Revert commit 3752a643ac5c85622822c88c69d83ce23828acb8
to fix bug 13164 and bug 13570 introduced with this commit.
This reopens bug 13110.
Bug: 13164
Bug: 13570
Change-Id: Id237f08258ca100f675614a9cb36a32340944b3e
Reviewed-on: https://code.wireshark.org/review/21089
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I86c9e485b447b380f00195bf407ce28c05bb1822
Reviewed-on: https://code.wireshark.org/review/20268
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.
Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A new "--export-object <protocol>,<destdir>" option is added to tshark.
This required refactoring Export Object behavior in all GUIs to give the
export object handling to the dissector, rather than the ui layer.
Included in the refactoring was fixing some serious memory leaks in Qt
Export Object dialog, crash due to memory scope issues in GTK Export
Object dialog, and addition sorting column feature in Qt dialog (set
up by creating a widget to manage the items that were previously
leaking memory)
Bug: 9319
Ping-Bug: 13174
Change-Id: I515d7662fa1f150f672b1476716f347ec27deb9b
Reviewed-on: https://code.wireshark.org/review/18927
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
wmem_file_scope() was used too many times when wmem_packet_scope() will do.
Also, use the wmem string functions to only allocate enough space to
handle a string instead of using MAX_BUF_LEN.
Change-Id: I3031d3aef34b7105264b17dc83e3b1f4cfb4b3d4
Reviewed-on: https://code.wireshark.org/review/18910
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Use tvb_get_guintXX with encoding parameter rather than have an "is_little_endian" flag
2. Replace proto_tree_add_xxx_format with proto_tree_add_xxx_format_value or proto_tree_add_item
3. Create some value_strings in favor of functions.
Change-Id: If4b8e8992662bda768b39ba5f1932272760eef65
Reviewed-on: https://code.wireshark.org/review/18909
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A Attribute Identifier List can have more than one AT element. Therefore
we have to loop through the elements list.
Bug: 13077
Change-Id: I3adaa5ba50a1ad01e7c5bacd05118c65afcf4442
Reviewed-on: https://code.wireshark.org/review/18825
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
When a TCP frame contains more DICOM segments, make sure that
only segments with "More fragments" bit set gets reassembled.
Bug: 13110
Change-Id: Ie19c71285a00240a035ff92ce3183de4d9048cbd
Reviewed-on: https://code.wireshark.org/review/18805
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This patch introduces new APIs to allow dissectors to have a preference for
a (TCP) port, but the underlying data is actually part of Decode As functionality.
For now the APIs are intentionally separate from the regular APIs that register a
dissector within a dissector table. It may be possible to eventually combine the
two so that all dissectors that register with a dissector table have an opportunity
to "automatically" have a preference to adjust the "table value" through the
preferences dialog.
The tcp.port dissector table was used as the guinea pig. This will eventually be
expanded to other dissector tables as well (most notably UDP ports). Some
dissectors that "shared" a TCP/UDP port preference were also converted. It also
removed the need for some preference callback functions (mostly when the callback
function was the proto_reg_handoff function) so there is cleanup around that.
Dissectors that has a port preference whose default was 0 were switched to using
the dissector_add_for_decode_as_with_preference API rather than dissector_add_uint_with_preference
Also added comments for TCP ports used that aren't IANA registered.
Change-Id: I99604f95d426ad345f4b494598d94178b886eb67
Reviewed-on: https://code.wireshark.org/review/17724
Reviewed-by: Michael Mann <mmann78@netscape.net>
The code sets up a conversation, then proceeds getting it
and using it. It must be there, so assert that it is before
dereferencing it.
Change-Id: I5384b9b773a5f4e86f649612ee4f4929a503c523
Reviewed-on: https://code.wireshark.org/review/14641
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The DICOM protocol in PS3.8 E.2 says bits 2-7 should be set to zero by the
sender and not checked by the receiver. The version of software sending a
bad PDV flags is PACSONE01AUG03. The version of this software might be
2004-02-07 (or earlier) found at http://www.pacsone.net/download.htm
Change-Id: If4d9d8e63d7bdba0f8f1c50e49979ca15b5f9157
Reviewed-on: https://code.wireshark.org/review/13384
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Assign result of `register_dissector(..., func, proto)` to FOO_handle
and remove `FOO_handle = create_dissector_handle(func, proto)`.
Found by looking for files named packet-FOO.c having the above
create_dissector_handle pattern. Some files (with different dissect
routines for the two functions) remain unchanged.
Change-Id: Ifbed8202c6dbc63a1dae9acc03313980ffbbbb90
Reviewed-on: https://code.wireshark.org/review/13247
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
in other similar cases, we return tvb_captured_length(tvb)
do this here as well instead of returning TRUE where we should return a number
Change-Id: Ifafdb7011256100d127033c0a43d100525f6a42b
Reviewed-on: https://code.wireshark.org/review/13084
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
in this case, we can simply exit the loop if we see an invalid pdu length
Change-Id: I818736f25d15d9054ea66b4670a5362b557b0e9f
Reviewed-on: https://code.wireshark.org/review/13083
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ie39ef054a4a942687bd079f3a4d8c2cc55d5f22c
Reviewed-on: https://code.wireshark.org/review/12485
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Evan Huus