Currently there can be multiple dlm messages in one tcp segment and in
some cases dlm message can be overlapped between two segments. The main
fix would be that we can now dissect multiple dlm messages if they
appear in one tcp segment. It's still own as one message in the "packet
flow" but in tree view it will be displayed as multiple messages which
are not visible.
For sctp the problem still exists, although there can't be overlapped messages.
Revert change to format_size() added in
f509a83381. This commit broke formatting
with spaces and introduced some dead code.
Also replace unnecessary call to format_size_wmem() and remove
unnecessary casts (since our warning settings were fixed in the
mean time).
Extend sharkd_dissect_request() so that it can replace
sharkd_dissect_columns().
Have it return a status indicating success, invalid frame number, or
read error, so that the caller knows what the problem is.
Pass it pointers to the wtap_rec and Buffer to use when reading packets
from the file, so that if it's called in a loop iterating over all
frames, those structures can be initialized once, before the loop, and
cleaned up once, after the loop, rather than doing both once per loop
iteration.
Pass pointers to the read error code and additional read error
information string pointer, so that, on a file read error, that
information is available to the caller.
Get rid of sharkd_dissect_columns(); instead, use
sharkd_dissect_request(), with code from the loop body pulled into a
callback routine. Fix that code to correctly determine whether the
current frame has any comments, rather than just treating all frames
that have blocks as having comments.
Use _U_ to mark arguments as unused, rather than throwing in a
(void) variablename;
statement.
Move some variables used only within a loop into the for() statement or
the loop body.
epan/CMakeLists.txt set both SYSTEM PUBLIC and SYSTEM PRIVATE for
GLIB2_INCLUDE_DIRS. The PUBLIC keyword adds it to the
INTERFACE_INCLUDE_DIRECTORIES property, which is only appropriate for
includes that we ship with Wireshark, so remove that one. Make
GLIB2_LIBRARIES private as well.
Fixes#17477.
wmem has many assertions during dissection, these are assumed to have
a measurable performance impact so remove assertions with
WS_DISABLE_ASSERT, like is done elsewhere.
We don't use ws_assert() to avoid a dependency on wsutil.
g_assert_not_reached() does not have a performance impact and for
that reason should not be disabled.
This allows wsutil to depend on wmem without introducing a circular
dependency.
Although wmem is included in epan it is in many ways an independent
library and it should remain so.
Reuse the DIAMETER dissector for 3GPP-ULI for RADIUS as well.
The DIAMETER dissector for 3GPP-ULI IE is more complete than the RADIUS
version. The format of the IE is the same in RADIUS and DIAMETER.
"User" sounds as if the blocks belong to the user; at most, the current
user might have modified them directly, but they might also have, for
example, run a Lua script that, unknown to them, modified comments.
Also, a file might have "user comments" added by a previous user, who
them wrote the file and and provided it to the current user.
"Modified" seems a bit clearer than "changed".
Mostly functioning proof of concept for #14329. This work is intended to
allow Wireshark to support multiple packet comments per packet.
Uses and expands upon the `wtap_block` API in `wiretap/wtap_opttypes.h`.
It attaches a `wtap_block` structure to `wtap_rec` in place of its
current `opt_comment` and `packet_verdict` members to hold OPT_COMMENT
and OPT_PKT_VERDICT option values.
This functionality has been added in d2a660d8, where its limitations
are described.
Improvements:
* the Substream index menu now properly filters for available stream numbers;
* Follow Stream selects the first stream in the current packet
Known issue (which is still there): if a packet contains multiple QUIC
streams, then we will show data also from streams other than the selected
one (see #16093)
Note that there is no way to follow a QUIC connection.
Close#17453
Clang gives a fatal warning about "explicitly assigning value of
variable of type 'int' to itself". The statement (and the `if` around
it) are redundant, so this removes both.