As specified in 3GPP 38.321, in case of Long Truncated BSR CE, the UE
reports the BSR value for the LCG(s) with the logical channels having
data available for transmission following a decreasing order of the
highest priority logical channel (with or without data available for
transmission) in each of these LCG(s), and in case of equal priority,
in increasing order of LCGID.
SO we cannot make any assumption on the LCG being reported without
keeping track of the logical channel priorities currently active.
Change-Id: I148a13446e9dc035bb1bcd79cb15d8570bcefa57
Reviewed-on: https://code.wireshark.org/review/30151
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
- Groups in the SAE exchange are named
- The SAE message type is included explicitly (Commit or Confirm)
Bug: 15197
Change-Id: I8d95dd1603bbb8f46675ec66d60fd0b187787803
Reviewed-on: https://code.wireshark.org/review/30127
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 15201
Change-Id: Idc9964347c251fe7f9599b90abc760f26d85a5ba
Fixes: v2.9.0rc0-2173-g9fcb4af6b6 ("QUIC: gQUIC Q044 always use CHLO from gQUIC (with tag)")
Reviewed-on: https://code.wireshark.org/review/30160
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
All of the six users in plugins/epan/profinet/packet-dcom-cba.c expect
the string to be NUL-terminated, so ensure this to avoid reading
uninitialized memory for the Info column.
Bug: 15130
Change-Id: Ibc922068d14b87ce324af3cec22a5f8343088b40
Reviewed-on: https://code.wireshark.org/review/30128
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The function was documented for use with a NULL scope, but it actually
crashes since callbacks are not available for NULL scopes. git master
is unaffected, but the GTK+ protocol dialog in 2.4 and 2.6 do crash.
Bug: 14349
Change-Id: I54350e112192394797cf85eaac4f30194178d7c4
Fixes: v2.3.0rc0-2597-gb7d6cca4ae ("Add wmem_tree_destroy")
Reviewed-on: https://code.wireshark.org/review/30126
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Instead of creating the pointers list early, defer it to the point when
a new list item is added. This avoids the need for a dummy element.
This happens to fix the memory leak in bug 14735 as well (verified with
both ASAN and valgrind).
Change-Id: I3b169dfc447bd7465d06c26e0bd9dfd4225b1307
Bug: 14735
Reviewed-on: https://code.wireshark.org/review/30115
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Observe that the "current_depth" and "len_ndr_pointer_list" just track
the length of the current singly linked list in order to insert (append)
or remove [the last] element (a linked list of lists and a linked list
of pointers respectively). Replace these callers by equivalents that do
not require explicit length tracking, internally they both have to do a
O(n) lookup anyway.
There used to be a case where "current_depth" could run out-of-sync, no
longer tracking the actual list length: when the callback (tnpd->fnct or
tnpd->callback) triggers an exception. I believe this was unintentional.
No functional change intended, but this should make further changes to
the data structures easier.
Change-Id: I3cb13aba22caa87dc7baba411cf34f47792f7bb7
Ping-Bug: 14735
Fixes: v2.5.0rc0-292-g6bd87bdd5d ("dcerpc: improve greatly the speed of processing of DCERPC packets")
Reviewed-on: https://code.wireshark.org/review/30114
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The tvb_offset method should return the offset of the buffer within the
backing tvb (ds_tvb). The currently returned non-zero offset is valid
for tvbuff_subset.c, but not for the composite TVB. The backing tvb is
the tvb itself, so the offset should be zero (or "counter" for
consistency with tvbuff_real.c and others).
This bug is observable with the capture from the bug. In tshark, the
data field in the PDML output has value "field length invalid!" and the
position attribute ("pos") is too large. With the -V option it even
crashes with a buffer overflow (read). In the GUI, the bytes tab shows
range 3199-19642 even if the data source is only 16444 bytes while the
selection should have been 0-16443.
Bug: 14466
Change-Id: I01399ff500321dba262eb60b67c4cddb173b4679
Reviewed-on: https://code.wireshark.org/review/30124
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The identity in SIM/AKA/AKA' is IMSI (permanent identity) in some cases only.
Others contain a pseudonym or a fast reauthentication username. Dissect the
formers as flat usernames.
Bug: 15196
Change-Id: Ia4491431b6ff557a248271b743c1e37c4e6c0b24
Reviewed-on: https://code.wireshark.org/review/30129
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
dcerpc_hooks_init_protos is unused since v1.11.3-rc1-34-g01c8945438.
uuid_dissector_table was added in v2.1.0rc0-391-ge0e574d167 and was not
used outside the file, so mark it as static.
Change-Id: I6113fbaf1f2e2e6241b91b659711986d6e6ded66
Reviewed-on: https://code.wireshark.org/review/30116
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Packet 2478 in capture 15142 triggers a UAF crash since val_to_str is
packet-scoped and by the time tshark reads the column, it is destroyed.
Bug: 15142
Change-Id: If8df858c6a295fbac57c758577fb51b288e7f44a
Reviewed-on: https://code.wireshark.org/review/30104
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In frame 121, piv_len was 1 while piv was NULL. Ensure that both piv and
piv_len are reset to avoid this. Adjust another check to ensure that piv
and piv_len are in sync (probably not necessary, but it seems the
intention).
Bug: 15172
Change-Id: If8636d32f3273d6707749c807bd7d676ca9ab96d
Fixes: v2.5.2rc0-9-g830ea5731a ("CoAP: Hooks to OSCORE")
Reviewed-on: https://code.wireshark.org/review/30100
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the pathLabel for Coloring Rules, Decode As, Display Filters
and Capture Filter. Put the absolute file path into the pathLabel
if the file exists. This aligns with UAT dialogs and frames.
Change-Id: I72bd06e31bab220de0a0ef8df99df9a4daed667c
Reviewed-on: https://code.wireshark.org/review/30089
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Valgrind found an invalid read in the capture from Bug 15173 which was
not detected by ASAN, probably because 'top' pointed to a valid stack
address. Try to catch such issues with an explicit invariant check.
Change-Id: I3e2d90f053209c133ea2edc9c7990a2fd39bd236
Ping-Bug: 15189
Reviewed-on: https://code.wireshark.org/review/30101
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Doing so corrupts the exceptions stack and causes crashes elsewhere.
Move the heuristics check after get_ber_identifier as dissect_t125
calls that check too.
Bug: 15189
Change-Id: I816fcd693141c5e9e2979348f58bf5a8112290da
Fixes: v2.9.0rc0-2122-gf710f21833 ("T125: Add a heuristic test case.")
Reviewed-on: https://code.wireshark.org/review/30096
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Émilio Gonzalez <egg997@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
None of the current heuristics dissectors for "cotp" accept the packet,
so just skip calling subdissectors if the packet is empty.
Change-Id: Ie26f05d472b4d184d5229ceab8b143a88cc921fc
Reviewed-on: https://code.wireshark.org/review/30103
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Émilio Gonzalez <egg997@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
TRY/CATCH are macros, before returning the ENDTRY block must be executed
or the weirdest crashes can occur.
Change-Id: Ic56871322f8567263e2b8a81cce5a3c7042301b7
Fixes: v2.1.0rc0-2939-g5493fe0167 ("Convert ftype-tvbuff.c to ftype-protocol.c")
Reviewed-on: https://code.wireshark.org/review/30095
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When protobuf_dissect_unknown_field throws an exception,
steamdiscover_dissect_body_status will leak memory as
wmem_destroy_allocator is not called. Capture fuzz-2018-10-06-3104.pcap
from the linked bug leaks 64kiB memory in each frame 14 and 36.
Bug: 15171
Change-Id: I930d0738fde61799ab4ef2310f8ff11c1bcb032b
Fixes: v2.5.1rc0-130-g7ae954c7ac ("steam-ihs: Add dissector for the Steam IHS Discovery Protocol")
Reviewed-on: https://code.wireshark.org/review/30098
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add new value (used by WPA3)
Issue reported by Philipp Ebbecke
Bug: 15168
Change-Id: Iff4a7332dfc57226b191ec34319f0b7a78e30ede
Reviewed-on: https://code.wireshark.org/review/30040
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for "FiTness Machine Service" characteristics:
- 0x2ADA Fitness Machine Status
Change-Id: Ifceae6aba9f1849d1b9f027e54953385c0d1a98c
Reviewed-on: https://code.wireshark.org/review/30042
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Looks for common T.125 packet types such as erectDomainRequest and
attachUserRequest. This correctly links COTP with T.125/MCS in case of
RDP traffic, which results in RDP traffic actually being dissected by
the RDP dissector.
Change-Id: I14eecc417cf5038779d78207ac0ccf2dd22a1219
Reviewed-on: https://code.wireshark.org/review/29960
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Most callers (in tshark.c, ui/commandline.c, etc.) do not modify their
optarg argument, so don't do that here either.
Fixes: v2.9.0rc0-2110-g872b573381 ("Recognize -zfollow,ssl,ascii,0 for compatibility")
Change-Id: I80d56aee7ba80591b684d847a9cc95cf9a96c5dd
Reviewed-on: https://code.wireshark.org/review/30031
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add 'v' option for VLAN ID resolving and get rid of
deprecated 'C' option.
Bug: 14826
Change-Id: I63104f4a465d251048693ad02882ea7eb2c4d926
Reviewed-on: https://code.wireshark.org/review/30029
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a new button to UAT dialogs to copy entries from another profile.
Change-Id: I641ba764d8738f738466529d74d4a21ff13075a0
Reviewed-on: https://code.wireshark.org/review/30028
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Dirk Römmen
Shinjo Park