emem was exposed because of its memory limits trying to output PDML for a very large byte field in a capture file.
bug:10081
Change-Id: I6346dfdfb5f6381e16761a99291c4be7851185d9
Reviewed-on: https://code.wireshark.org/review/1566
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Start of refactoring Wiretap and breaking structures down into "generally useful fields for dissection" and "capture specific". Since this in intended as a "base" for Wiretap and Filetap, the "wft" prefix is used for "common" functionality.
The "architectural" changes can be found in cfile.h, wtap.h, wtap-int.h and (new file) wftap-int.h. Most of the other (painstaking) changes were really just the result of compiling those new architecture changes.
bug:9607
Change-Id: Ife858a61760d7a8a03be073546c0e7e582cab2ae
Reviewed-on: https://code.wireshark.org/review/1485
Reviewed-by: Michael Mann <mmann78@netscape.net>
actual dissection still TODO
Change-Id: I58e54ca117a9ccd5d6af34d18f9277afd009aa95
Reviewed-on: https://code.wireshark.org/review/1547
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: I7e484de65c49060793a91cc11cb211effa2006db
Reviewed-on: https://code.wireshark.org/review/1494
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ife125be2c5043cc6cc1b879714671d9973c8214b
Reviewed-on: https://code.wireshark.org/review/1549
Reviewed-by: Michael Mann <mmann78@netscape.net>
The capture for bug 10078 caused the buildbot to time out; callgrind revealed an
enourmous amount of time being spent looking up ethernet addresses. The previous
code cast each address (6 bytes) to a guint64 (8 bytes) then used the built-in
g_int64_hash. Unfortunately, g_int64_hash is an *awful* hash function - it
produces a 4-byte hash by simply discarding the upper 4 bytes of its input.
For the capture file in question this strategy (which effectively ignores the
upper two bytes of each ethernet address) produced an astounding number of
collisions, leading to the terrible running-time.
Use wmem_strong_hash directly on the 6-byte address instead, which saves us a
bunch of useless casting and bit-twiddling and produces a much better hash
distribution. This shaves 20% off the time to tshark-with-tree the capture file
in question *despite* a substantially more expensive hash function
(wmem_strong_hash is not exactly fast compared to g_int64_hash).
Bug:10078
Change-Id: I8e81cbc478e6394ec3a8efe39eec08f680a55609
Reviewed-on: https://code.wireshark.org/review/1543
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"Error out if someone passes the address of a pointer to a *_string to
VALS() or RVALS()."
Change-Id: I1b5b9bbf512f8fdfaab5febea28db2c51d49c48c
Reviewed-on: https://code.wireshark.org/review/1544
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is a followup to Ifc8d6895cc33ad1f00386a3e59926322bd501125; the MQ sample
captures I have don't seg-fault on this but the code was stillw wrong.
Change-Id: Ic689c06836b823a15217281d67b33580fd8e9823
Reviewed-on: https://code.wireshark.org/review/1539
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
There appear to be a couple of bugs in the flow control of this function (which
is very confusing), at least one of which is leading to a buffer overrun. See
the bug comments for more details and guesses of what the correct thing to do
is.
Bug:9579
Change-Id: Ibd3077792c7689a715ea53e8bf8c7a561c67389f
Reviewed-on: https://code.wireshark.org/review/1530
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
MAUSB Packets should always be sent in DWORDs. This means that the
only valid values for the length field are multiples of 4.
This patch adds an expert info check to flag length fields that are
multiples of 4.
Change-Id: Ifb793f82aed4c9fb09a12f6ea97087733b58d14a
Reviewed-on: https://code.wireshark.org/review/1536
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Some new error values, some message types that have been "undocumented" as
internal-only, etc.
Change-Id: Iff15dd67b188c9e2745964d4916b22e0bea4243d
Reviewed-on: https://code.wireshark.org/review/1533
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Based on Icfe1e5477043dd695fd9b02b677ef29ac3fa8866 but rebased and simplified.
Change-Id: I9b7266e2fdcb58f38115250d785637cd585c69e0
Reviewed-on: https://code.wireshark.org/review/1532
Reviewed-by: Evan Huus <eapache@gmail.com>
(1) Display sequence numbers in both decimal and hex
(2) Fix an inconsistency in field naming between LBT-RU and LBT-RM.
bug:9718
Change-Id: I967062d6aa00ea9a3db51db94e56d37e68e642d3
Reviewed-on: https://code.wireshark.org/review/1531
Reviewed-by: Evan Huus <eapache@gmail.com>
Two conditions were not checked, state_length == 0 && state_begin != 0
and the boundaries of the state buffer. The former is not a big deal,
but the second issue causes a buffer overrun (detected by ASAN).
The buffer size is supposed to be stored in the state buffer, that was
not the case for the initial two SIP SDP and Presence state buffers.
Fix a typo for presence_buf zero-ing while at it.
Bug: 9601
Change-Id: I41dde83185da60b670cca010ecc7b2a2aaaedeb9
Reviewed-on: https://code.wireshark.org/review/1529
Reviewed-by: Anders Broman <a.broman58@gmail.com>
packet-mysql.c(1446) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
Change-Id: Ie0b2e916e0d15287f5a3ededc404b678b45600d8
Reviewed-on: https://code.wireshark.org/review/1525
Reviewed-by: Anders Broman <a.broman58@gmail.com>
From the comments I think it was intended - but there were no G_VA_COPY macro in glib (?).
Change-Id: Ic1e1d4a5ac9e5b8f27f25487416c0ededeed2093
Reviewed-on: https://code.wireshark.org/review/1518
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Just started on this, more changes incoming
Change-Id: Idc88442f382cea1f29f05edb991b920488cfc113
Signed-off-by: Anish Bhatt <anish@chelsio.com>
Reviewed-on: https://code.wireshark.org/review/1502
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The formatting routine is quite simple so it can be replaced with
g_stpcpy() and still keeping it clean.
Change-Id: Ifbab1dc1140ee271d39bbbfb7586cfda6ded5c54
Reviewed-on: https://code.wireshark.org/review/1517
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It appears that on some platforms the timer underlying g_test_timer() is
relatively low-precision, so the small amount of work that we were previously
doing was not enough for the timer to provide a useful value.
Bumping the amount of work should provide more meaningful values, and the whole
timing step still takes only a few seconds.
Change-Id: Idce1386eaa33add845d9a2758b0beb72bbf370d6
Reviewed-on: https://code.wireshark.org/review/1523
Reviewed-by: Evan Huus <eapache@gmail.com>
Masks for padding now have an additional parenthesis to ensure
proper operator precedence.
Per the request of Evan Huus; See comment in Change-Id:
I3ad4e1beb891f9c2835adff320095e7e738241eb, Patch Set 10.
Change-Id: Ic8878f870b58cd272675b4d6c3658a029bb67984
Reviewed-on: https://code.wireshark.org/review/1519
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
for Proxy Mobile IPv6) MIP6 Mobile Option
Change-Id: I650cb33fcf083bd8826a702cb975295518012292
Reviewed-on: https://code.wireshark.org/review/1511
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
so give it a name
Change-Id: Iaf9a6f8cb58a565673f53696f7e5d1698e6eae0f
Reviewed-on: https://code.wireshark.org/review/1509
Reviewed-by: Evan Huus <eapache@gmail.com>
Dissection of OXM_OF_IPV6_ND_SLL triggers "malformed packet" comment in packet list since it makes dissecting of further OXM fields impossible.
It is possible that similar issue will be with OXM_OF_IPV6_ND_TLL since its dissecting is basically the same.
Issue found by Viktor
Closed-bug:10011
Change-Id: I21b85cc0572ffdb8bb8b73cfae0db1d72219fe4b
Reviewed-on: https://code.wireshark.org/review/1505
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dissection of OXM_OF_IPV6_ND_SLL triggers "malformed packet" comment in packet list since it makes dissecting of further OXM fields impossible.
It is possible that similar issue will be with OXM_OF_IPV6_ND_TLL since its dissecting is basically the same.
Issue found by Viktor
Closed-bug:10011
Change-Id: I13893710ad4028669e454c6f8485f719b62bcaab
Reviewed-on: https://code.wireshark.org/review/1504
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The struct literal syntax {0} does not appear to be universally supported - use
memset instead.
Change-Id: If70d475cf3d7a582c43dcc879cefebc9aef0a99e
Reviewed-on: https://code.wireshark.org/review/1508
Reviewed-by: Evan Huus <eapache@gmail.com>
Michael Mann