No functional change, fixes typos, adds some meaningful function
parameters and tries to clarify the memory management concerns.
Also fix a -Wdocumentation issue in epan/proto.h
Change-Id: I59d1fcd2ce96178e0a64a0709409a9a7a447c7c6
Reviewed-on: https://code.wireshark.org/review/17431
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: Ibc43b1976d5827e8c40252a5200852fbcd00b70c
Reviewed-on: https://code.wireshark.org/review/16763
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: João Valverde <j@v6e.pt>
This is an attempt to standardize display/handling of checksum fields for all dissectors.
The main target is for dissectors that do validation, but dissectors that just report the
checksum were also included just to make them easier to find in the future.
Bug: 10620
Bug: 12058
Ping-Bug: 8859
Change-Id: Ia8abd86e42eaf8ed50de6b173409e914b17993bf
Reviewed-on: https://code.wireshark.org/review/16380
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Allow a dissector to mark its protocol as "disabled by default", which
means that the "enable all protocols" routine won't enable it. This is
necessary in order to allow the disabling of protocols not to be
unintentionally changed due to profile changes; see bug 9826.
Change-Id: I3947f794c21350b70a8de06899cfc7715b77f90f
Ping-Bug: 9826
Reviewed-on: https://code.wireshark.org/review/16109
Reviewed-by: Guy Harris <guy@alum.mit.edu>
assertion.
If a dissector forces registration of fields during dissection it needs to do
so in a way that clears the prefix registration. Otherwise epan will call the
registration routine a 2nd time (which will cause us to assert out) if a user
types a display filter (with the dissector's prefix) that doesn't exist.
Update the proto_register_prefix() comments to reflect this.
Change-Id: I3ce29243395fb55192bb5dfd950baa88410ac136
Reviewed-on: https://code.wireshark.org/review/15881
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Ran across enough situations that proto_tree_add_bitmask_list couldn't
solve that it seemed necessary.
Change-Id: I6a540ac6efca76cae7c4571a84bb400538652784
Reviewed-on: https://code.wireshark.org/review/15880
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It requires some "extra work" to get it to work properly. Despite
documenting it, some previous use cases didn't do the extra work.
Let's just see how we get by without it.
Change-Id: I31dba1d5038d793085f6c9e4b4a6eda574e86872
Reviewed-on: https://code.wireshark.org/review/15610
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
packet-wsp.c hasn't used proto_tree_append_string() since
Ic5467289aae7d54e78c1fd65f93358387d6139aa. Use packet-frame as the example
instead.
Change-Id: I69fb10679ec1685a61aac182414e596b345153fd
Reviewed-on: https://code.wireshark.org/review/15563
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
rawshark shouldn't be converting FT_ and BASE_ values into strings on its own, there's a function for that.
Change-Id: Ib4ce1651ee130a03644b5de3ab471333444e19a9
Reviewed-on: https://code.wireshark.org/review/15341
Reviewed-by: Michael Mann <mmann78@netscape.net>
Don't just treate the strings as piles of ASCII characters.
Add a proto_tree_add_item_ret_string_and_length() routine to help do
this. Clean up some of the documentation of the proto_tree_add_item_ret
routines while we're at it.
Change-Id: Ib4c52bd8a8331eac97312583326f5be9175889d9
Reviewed-on: https://code.wireshark.org/review/15291
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Having to define two macros for marking a function as never returning
seems a bit redundant. Merge the MSVC and GCC-like attributes into a
single WS_NORETURN.
Tested with Clang 3.7.1, GCC 4.4.7 and even GCC 4.1.2 using this small
program (-Wall -Wextra, the first two generate warnings for
uninitialized variables, the last one compiles without warnings):
#include <stdlib.h>
__attribute__((noreturn)) void foo() { exit(1); }
__attribute__((noreturn)) void bar();
void bar() { exit(1); }
int main() {
int j, i;
if (i) { bar(); return j; }
foo();
return j;
}
Change-Id: I7d19c15e61b8f8fa4936864407199c4109f8cc82
Reviewed-on: https://code.wireshark.org/review/14822
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(The check to ensure the delayed field registration had been done was still
wrapped inside an if(tree) but a bunch of proto_add_*()'s had been pulled out
from under if(tree)'s thus causing some hf's to be used before registered.)
Also simplify the code to ensure the fields are registered since we're doing it
potentially many times per frame: do an integer comparison rather than looking
up an hf by name.
Add a note to the docs for proto_register_prefix() to make it clear that the
initializer routine may not be called before the dissector is asked to dissect
something.
Change-Id: I5dc1154638a290c3a94149184d56570c3abb836a
Reviewed-on: https://code.wireshark.org/review/14711
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It adds string-type fields to the protocol tree and returns the value of
the string.
Add the new bitmask-adding routines to the Debian symbol list while
we're at it.
Change-Id: Idaeec44c9cd373588cadce85010f3eaf1f3febb5
Reviewed-on: https://code.wireshark.org/review/13657
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add tables for heuristic dissectors, and add dissectors for the stuff
Microsoft puts there for RDP; they're violating the COTP spec, but I
guess they're stuck because they're using TP0, which doesn't support
user data.
While we're at it, add variants of proto_tree_add_bitmask() and
proto_tree_add_bitmask_flags() that return the bitmask, for use by
callers.
A side-effect of the change is that the proto_tree_add_bitmask routines
no longer treat the encoding as a Boolean, so we have to pass
ENC_LITTLE_ENDIAN or ENC_BIG_ENDIAN, not just some non-zero or zero
value. Do so.
Rename ositp_decode_CC() to ositp_decode_CR_CC(), to note that it
decodes both CR and CC PDUs.
Bug: 2626
Change-Id: If5fa2a6dfecd9eb99c1cb8104f2ebceccf1e57c2
Reviewed-on: https://code.wireshark.org/review/13648
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Output from BASE_HEX et al has always been zero-padded to according to
the field type - 8 digits for FT_UINT32, etc.
When the field has a bitmask, this is definitely not appropriate - the
field type is used to indicate the size of the bitfield container, and
tells us nothing about the size of this field.
Instead, determine the actual size of the field by inspecting the
bitmask, and output the corresponding number of hex digits.
Change-Id: I10ec4e93e1e40e8b1354d5368cc8945cf671a617
Reviewed-on: https://code.wireshark.org/review/13225
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
proto_item_get_len() is *not* guaranteed to return a correct value.
Even if there's a non-null tree item, it might be pointing to a "faked"
item; it really shouldn't be used.
So add proto_tree_add_item_ret_length() and
proto_tree_add_item_new_ret_length(), which calculate the real length
themselves and return it through a pointer.
Fix as many places as we straightforwardly can to use them rather than
to use proto_item_get_len(). (There's a Lua API for
proto_item_get_len(), so we keep it around, but we should add Lua APIs
for the new routines, and deprecate the old API.)
Fix ptvcursor_add() to do the same thing that
proto_tree_add_item_ret_length() and
proto_tree_add_item_new_ret_length() do.
Split the TRY_TO_FAKE_THIS_ITEM macros into a macro to check for the
tree being null and to try to fake the item. We don't always use the
former macro, as we might need to do more than just return NULL if the
incoming tree is null (for example, calculating the item's real length
and using it...).
new_field_info() never returns NULL; remove checks for it. The check
for a null tree is done before the calls to new_field_info().
Change-Id: I002a218d1f810c73e0de837e0ac6ebcde21bacec
Reviewed-on: https://code.wireshark.org/review/13139
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Instead, prime the epan_dissect_t's tree to look for rtp.ssrc, and
extract that value with proto_get_finfo_ptr_array().
Also, have the filter used to check whether the packet is a candidate
for RTP analysis to check for RTPv2 (and add a check for IPv4 or IPv6
back to the Qt version), and get rid of an unnecessary extra level of
indirection for that string.
In the Qt version, if findStreams() set the error string, don't
overwrite it with a "No streams found." indication, and fix error
handling for the "filter didn't compile" case.
Change-Id: I09d0ea37ccd4806d99e3b6394f2a8a376e974705
Reviewed-on: https://code.wireshark.org/review/13045
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(Probably inserted by a script.)
Change-Id: Ibf4e4d84c0c036841971df8dad54a916502d6909
Reviewed-on: https://code.wireshark.org/review/13036
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add support for IEEE-11073 32-bit FLOAT and 16 bit SFLOAT field types.
Use them in Bluetooth ATT dissector.
Change-Id: Ife0f3843da84a9af23483b0a0d9b69cd2f511d08
Reviewed-on: https://code.wireshark.org/review/12680
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Most of the deregister functions are used internally from Lua
while reloading plugins. Don't export them for others to use.
Change-Id: I919dbfa807f696c38d409ca7206104a0fba1ae65
Reviewed-on: https://code.wireshark.org/review/12508
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
<MISSING> implies that the field should be there and isn't. Allow dissectors to specify when a zero-sized array for a field is perfectly valid.
Ping-Bug: 11803
Change-Id: I3fd60e3c6f832c6b4a3a8837ebc52c3e74e795ae
Reviewed-on: https://code.wireshark.org/review/12271
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This prevents some false positives for fix-encoding_args.pl which doesn't like constant values (like 0) passed as the last argument to any proto_tree_add_xxx call.
Change-Id: Iab7b09b425bf0d48126533daa0e65490bd7b8890
Reviewed-on: https://code.wireshark.org/review/12167
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Check if description (protocol name) and short_name are used before
registering the protocol. This because proto_register_protocol() makes
sure there's not already a protocol with any of the names registered
and duplicates will be reported with a g_error() which terminates the
Wireshark unexpectedly.
Also check if short_name contains valid characters.
Give appropriate error messages.
Bug: 11739
Change-Id: Ib9776a2a3406ae5278ce744defd61864ebed0282
Reviewed-on: https://code.wireshark.org/review/11995
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
RTPS uses NTP encoding with a BASETIME equal to 0.
Also, changed "magic" by "Magic"
Change-Id: I2512176f2018396edaa6b2a1478facd26118cb13
Reviewed-on: https://code.wireshark.org/review/11184
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If5897e8137f729503edf2cafb49b2ebeab4716ad
Reviewed-on: https://code.wireshark.org/review/10997
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
tvb_get_ipv6() takes a struct e_in6_addr *, use that here too.
Change-Id: Id8b368daa05c151a61d4bc01dc88c00da13e9c88
Reviewed-on: https://code.wireshark.org/review/10953
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: Ic6b3d71c3c9a14688b55d98f402d359f69524394
Reviewed-on: https://code.wireshark.org/review/10939
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Avoid displaying duplicate port numbers with transport name resolution disabled and
make some dissector code simpler.
Introduces port_with_resolution_to_str_buf() function and amends UDP/TCP/DCCP/SCTP to
use the new field display type.
Change-Id: Ifb97810b9c669ccbb1a310a2c0ffd6e2b63af210
Reviewed-on: https://code.wireshark.org/review/10625
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
While IPv4 subnet masks are obviously related and similar to IPv4
addresses, they are distinct enough that they need to be treated
seperately in some aspects. For instance, there is no value in
attempting to resolve a subnet mask.
This change creates a new display type: BASE_NETMASK, which allows distinction from FT_IPv4
(and possible name resolution) where appropriate.
Change-Id: I99e19c9a58eb613f8e58d481af84c30e2e5e14d7
Reviewed-on: https://code.wireshark.org/review/10438
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
are registered.
Change-Id: I06f10d96916640cb9a782cae87898a5dd6c9c6e3
Reviewed-on: https://code.wireshark.org/review/10601
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Its time has finally come.
Technically I just renamed it to proto_tree_add_text_internal and removed the WS_DLL_PUBLIC (so it shouldn't link outside of epan). It's still (legitimately) used by expert.c otherwise I would have made it static within proto.c (and the rename wouldn't have been necessary).
Change-Id: I9bdf888d5e92bc7b70a3f5461b9297a66d994b80
Reviewed-on: https://code.wireshark.org/review/10594
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
This is what should be used if, for some reason, decryption can't be
performed. (And if there's a known reason why decryption can't be
performed, it should be used, so the user knows why their
802.11/SSL/whatever traffic isn't decrypted, and either doesn't have to
ask why or, at least, can give more details when they do ask why.)
(Yes, I plan to use this for the 802.11 decryption code. Work in
progress.)
Change-Id: I812e61c2a4613d2e85f9ced1f5ed6ae91ac5f7ae
Reviewed-on: https://code.wireshark.org/review/10421
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is initial support for reloading Lua plugins without
restarting the application.
Still todo:
- Deregister FileHandlers
- Support deregister ProtoField with existing abbrev (same_name_hfinfo)
- Add a progress dialog when reloading many plugins
- Search for memory leakages in wslua functions
Change-Id: I48870d8741251705ca15ffe1068613fcb0cb18c1
Reviewed-on: https://code.wireshark.org/review/5028
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This dialog combines the "protocols" and heuristic dissectors (from GTK) into a single tree view where heuristic dissectors are children of their protocol.
Change-Id: I107656afd079c1d1c8a98161b736e4b4ad84f813
Reviewed-on: https://code.wireshark.org/review/9739
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Combine the GTK+ RTP Stream Analysis and RTP Graph Analysis dialogs into
one. Yell at the user less. Disable the Analyze RTP Stream menu item if
we don't have an RTP stream selected.
There are a *lot* of moving parts in this dialog. I've tested with the
few RTP captures I have but it's by no means complete.
"To do" items are listed at the top of rtp_analysis.cpp.
Change-Id: Id503977f069bebc46cc68bc749f0c9cbf4d37bf6
Reviewed-on: https://code.wireshark.org/review/9650
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add spaces around literals to avoid warnings when compiling ui/qt
with clang++ 3.6 -Wreserved-user-defined-literal (on Mac OS X).
Change-Id: Ia2703dd8c914e8ffb299c4a6c44bba3aa674acb8
Reviewed-on: https://code.wireshark.org/review/8607
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
- DCOM:
* Mark some DCOM functions as public do allow calls from plugins
* Add Support for Additional Variant Types Money, I8, UI8
* Fix an uint32 overflow when dissecting nwstringz0 where the length is 0
* Use WS_DLL_PUBLIC instead of WS_DLL_PUBLIC_DEF
Change-Id: I02861a09203c6b42326f5a7b7e652e0f7c26d369
Reviewed-on: https://code.wireshark.org/review/8222
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
argument 'expression' of command @param is not found in the argument list of __DISSECTOR_ASSERT_STRINGIFY(s)
The following parameters of __DISSECTOR_ASSERT_STRINGIFY(s) are not documented: parameter 's'
The following parameters of __DISSECTOR_ASSERT_CMPINT(a, op, b, type, fmt) are not documented: parameter 'type', fmt
The following parameters of proto_tree_add_bitmask_list(proto_tree *tree, tvbuff_t *tvb, const guint offset, const int len, const int **fields, const guint encoding) are not documented: parameter 'len'
Change-Id: I6adc34e66f45cdba63c34e87db762b39a281d127
Reviewed-on: https://code.wireshark.org/review/8230
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This allows checkAPIs to continue checking the 'convert' field for correctness
when dissectors use value_string_ext_new() to build their value_string_ext's
(without resorting to tricks like getting the address of the dereferenced
pointer).
This will be used to resolve the checkAPIs failure in patch set 3 of
Ia5c96b1f6f1fe3a9521b3d70142889e3881fae5e .
Change-Id: I700d86b9076f077706d34000f5a6aa5c96351f69
Reviewed-on: https://code.wireshark.org/review/8162
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add proto_tree_add_bitmask_value, proto_tree_add_bitmask_value_with_flags and proto_tree_add_bitmask_list to aid in the removal of proto_tree_add_boolean "groupings" as well as "groups" of fields that use proto_tree_add_item with the same offset/len.
This may be able to be optimized later, but the first step will be converting dissectors to use it. A sample conversion of each API is also included.
Change-Id: I53febc7450ad632482f82615a7fa62174f8472c9
Reviewed-on: https://code.wireshark.org/review/8038
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ibca63a9119b9c45e6a24fe3dc14dc7ed86c3576a
Reviewed-on: https://code.wireshark.org/review/7774
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
works as proto_tree_add_item(), but also returns the value of (u)ints
of 8,16,24 and 32 bits length in a 32 bit variable. It's based on Hadriels
previous work.
Change-Id: If3b4b8588b63251f1ee9b954a202acde7c02ce86
Reviewed-on: https://code.wireshark.org/review/7230
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Most of our sites are now HTTPS-only. Update URLs accordingly. Update
other URLs while we're at it. Remove or comment out dead links.
Change-Id: I7c4f323e6585d22760bb90bf28fc0faa6b893a33
Reviewed-on: https://code.wireshark.org/review/7621
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
proto.c:8733:1: warning: no previous prototype for 'proto_tree_add_uint64_bits_format_value' [-Wmissing-prototypes]
proto.c:8812:1: warning: no previous prototype for 'proto_tree_add_int64_bits_format_value' [-Wmissing-prototypes]
proto.c:8861:1: warning: no previous prototype for 'proto_tree_add_boolean_bits_format_value64' [-Wmissing-prototypes]
Change-Id: Ic40ca6f32739b415a423fc978e8677d669a95867
Reviewed-on: https://code.wireshark.org/review/7509
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the ability to set frame number types: none, request, or response.
Use the types to draw different related packet indicators in the packet
list.
Track the conversation in PacketListRecord. Use it to draw dashed lines
for unrelated frames.
Set frame number types for DNS and ICMP.
Instead of drawing a transparent QImage, alpha blend our foreground
color and draw directly in our painter. Blend more toward the foreground
color.
Add FRAMENUM_TYPE to checkAPIs.
Change-Id: I2495945bb436413e05d6ec697184a0b4fd5ad214
Reviewed-on: https://code.wireshark.org/review/7436
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I57354c309ecf3a0c8f0c7cff485638027f30bb19
Reviewed-on: https://code.wireshark.org/review/5813
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a CF_FUNC macro to match VALS, TFS, etc. This should help us to avoid
the following warning:
warning: ISO C forbids initialization between function pointer and 'void *' [-Wpedantic]
We could start adding DIAG_OFF+DIAG_ON everywhere but this seems to be
more consistent with the other macros in proto.h. Update each instance
of BASE_CUSTOM to use CF_FUNC.
Adjust a dummy variable name generated by asn2wrs.py that was triggering
an invalid error in checkhf.pl.
Fix an encoding arguement in packet-elasticsearch.c found by
fix-encoding-args.pl.
Change-Id: Id0e75076c2d71736639d486f47b87bab84e07d22
Reviewed-on: https://code.wireshark.org/review/7150
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: Ib79831e02a9a6457ca49c21536ce46df7d4cafa0
Reviewed-on: https://code.wireshark.org/review/7133
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1988 called, they want their lack of a C standard back. We don't need
to check whether we have stdarg.h, stddef.h, stdlib.h, or string.h, as
they're specified by C89 and I don't think there are any platforms we
care about that don't have a C89 environment in which we could be built.
Change-Id: I447551181284fab7722354b62774625ed8ee94bc
Reviewed-on: https://code.wireshark.org/review/7110
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change name from proto_tree_add_new_bytes to
proto_tree_add_bytes_with_length and other tweaks
pointed by Peter Wu.
Change-Id: I6058c28a74a154e2882e4eb04558bedcede6f508
Reviewed-on: https://code.wireshark.org/review/7039
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Version to add as generated field, without tvb offset, length.
Change-Id: If4c7aebcbf1b47faa483bcbd40995eff3ccb99f0
Reviewed-on: https://code.wireshark.org/review/6906
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
the DISSECTOR_ASSERT macro and friends are all guaranteed to be called within
the scope of a dissection, so they are safe to replace with wmem_packet_scope.
Change-Id: I2684fb902da78d50aca5f4644df66c060caff625
Reviewed-on: https://code.wireshark.org/review/6629
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: I7a40c0996517aa71b4ddb764ce3a6e92a55260ad
Reviewed-on: https://code.wireshark.org/review/6589
Reviewed-by: Michael Mann <mmann78@netscape.net>
There's no requirement for "display" field values to have names
beginning with BASE_; use SEP_, to indicate that they're separators.
(And, yes, we should introduce SEP_NONE, with a value of 0, and use it.)
While we're at it, fix BASE_SEMICOLON - the separator is a colon, not a
semicolon - and document SEP_SPACE in doc/README.dissector.
Change-Id: I856aafda2c60b8320dffe287f0deb06a9604a2bf
Reviewed-on: https://code.wireshark.org/review/6486
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's just like BASE_DOT, BASE_DASH and BASE_SEMICOLON, only its a space between bytes. Since this seems pretty specific to FT_BYTES, perhaps there is a better was to represent the functionality (like FT_BOOLEAN uses numeric values for number of bits)?
Change-Id: I1a8f1ab263ece2736a8012b66fdd6a9105db7282
Reviewed-on: https://code.wireshark.org/review/6451
Reviewed-by: Michael Mann <mmann78@netscape.net>
There isn't a legitimate use for the API, all cases can be covered with proto_tree_add_item. As a bonus, a few more tvb_get_ptr calls can be removed.
Change-Id: I3bb86ba8f05ef3363407bcfe9b059ee27ebc135d
Reviewed-on: https://code.wireshark.org/review/6429
Reviewed-by: Michael Mann <mmann78@netscape.net>
These "bases" will put a ".", "-", or ":" respectively between hexidecimal bytes in the field in packet view and display filter. FT_BYTES with BASE_NONE will have no separator in the packet view, but continue to have the ':' as a separator in the display filter.
Converted the "string" hf_ entries that used tvb_fc_to_str as a string to use proto_tree_add_item with FT_BYTES/BASE_DOT type.
Converted applicable tvb_bytes_to_ep_str_punct() calls to use the new BASE values.
Change-Id: I2442185bb314d04a3ff2ba57883652ecd738b5f9
Reviewed-on: https://code.wireshark.org/review/6098
Reviewed-by: Michael Mann <mmann78@netscape.net>
(Along the lines of provious changes.)
Change-Id: I22d76f22400d4a93242392ff4688acc753eb0039
Reviewed-on: https://code.wireshark.org/review/5961
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Give the field name in the message.
Change-Id: I046c74b451b473c9c87c2980122b025390f82cc8
Reviewed-on: https://code.wireshark.org/review/5959
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The code works if they're defined afterwards, but defining them earlier
makes it a bit clearer that they're helper macros used as components of
the macros we're exporting.
Change-Id: I326894eea67d2db43fedf4567699cd9eaaa0e004
Reviewed-on: https://code.wireshark.org/review/5956
Reviewed-by: Guy Harris <guy@alum.mit.edu>
You can now add column with Custom type with more than one field
by using OR "||" splitter.
Bug: 9695
Change-Id: Ia82a91e7a35b867647d36cb9626e3870f46c0d85
Reviewed-on: https://code.wireshark.org/review/5804
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Have dissectors register their desire to be part of "color" conversation filters and have the GUI use that registered list. GUI actually using API will come in a separate commit.
Change-Id: I5ffe922d97894fe7bf3182056b76ab5839a9461a
Reviewed-on: https://code.wireshark.org/review/5658
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's proto_tree_add_bitmask with the ability to control the data appended to header.
Change-Id: Icce97437ba7cfc9158ec204a837da8db8138424a
Reviewed-on: https://code.wireshark.org/review/5533
Reviewed-by: Michael Mann <mmann78@netscape.net>
This improvement avoids use of deallocated memory (crash) if using a
deregistered field in display filter, color filter, custom column and
other cases when the field is used as "interesting field".
This functionality is currently used in http, imf and ldap preferences.
Also removed unused proto_registrar_n() as this does not work correctly
after deregistering fields.
Change-Id: I043e3bf7a98bd773c9801e712a012d1eab8a7f94
Reviewed-on: https://code.wireshark.org/review/5161
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Stig Bjørlykke <stig@bjorlykke.org>
it returns the parent tree of a given tree object
Change-Id: I191e0221651ffb5b26df761e9a25075aa0eb2ad3
Reviewed-on: https://code.wireshark.org/review/4954
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
There are protocols out there that have 64-bit wide bit mask fields, so
make the internal representation and bitfield decoders 64-bit aware.
For this, the ws_ctz() fallback and bits_count_ones() have to be tweaked
slightly.
Change-Id: I19237b954a69c9e6c55864f281993c1e8731a233
Reviewed-on: https://code.wireshark.org/review/4158
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also: re-enable use of DISSECTOR_ASSERT_CMP... macros in packet-ceph.c
Change-Id: Icee80381f5c8feb14cfc7e4033bdeb893018ce95
Reviewed-on: https://code.wireshark.org/review/3749
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Change-Id: I2e8d18df71688c654f7acaff51fae7823c08aa6a
Reviewed-on: https://code.wireshark.org/review/3677
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Other minor cleanup while in the neighborhood.
Change-Id: Ib76f4a9f89b5933425760af0a980c6a549031b8f
Reviewed-on: https://code.wireshark.org/review/3537
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Refactor (non-GUI) conversation table functionality from gtk/Qt to epan. Also refactor "common GUI" conversation table functionality.
The idea is to not have to modify the GUI when a dissector adds a new "conversation type"
Change-Id: I11f08d0d7edd631218663ba4b902c4a4c849acda
Reviewed-on: https://code.wireshark.org/review/3113
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I2d2bbc211e98ad24a27c855031f670b7bdbd530e
Reviewed-on: https://code.wireshark.org/review/3162
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Adds DISSECTOR_ASSERT_CMPINT() family of assertions which show the value
of each side of the comparison upon failure.
Change-Id: Ie6f2ba46d62fc864c08eb432c403fab8f1932d91
Reviewed-on: https://code.wireshark.org/review/3103
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: I13924c5a2f056688a42cdee25654d82c056b5f97
Reviewed-on: https://code.wireshark.org/review/2974
Reviewed-by: Michael Mann <mmann78@netscape.net>
The WRETH dissector showed up some garbage in the column display. Upon
further inspection, it turns out that the format string had a trailing
percent sign which caused (unsigned)-1 to be returned by
g_printf_string_upper_bound (in emem_strdup_vprintf). Then ep_alloc is
called with (unsigned)-1 + 1 = 0 memory, no wonder that garbage shows
up. ASAN could not even catch this error because EP is in charge of
this.
So, start adding G_GNUC_PRINTF annotations in each header that uses
the "fmt" or "format" paramters (grepped + awk). This revealed some
other errors. The NCP2222 dissector was missing a format string (not
a security vuln though).
Many dissectors used val_to_str with a constant (but empty) string,
these have been replaced by val_to_str_const. ASN.1 dissectors
were regenerated for this.
Minor: the mate plugin used "%X" instead of "%p" for a pointer type.
The ncp2222 dissector and wimax plugin gained modelines.
Change-Id: I7f3f6a3136116f9b251719830a39a7b21646f622
Reviewed-on: https://code.wireshark.org/review/2881
Reviewed-by: Evan Huus <eapache@gmail.com>
This is intended as a replacement for all of the proto_tree_add_text followed by proto_item_add_subtree calls.
Change-Id: I892136d7b9d8b4e100996097eff62ce7af9512d2
Reviewed-on: https://code.wireshark.org/review/2472
Reviewed-by: Michael Mann <mmann78@netscape.net>
There are lot of text dissectors which want just to add escaped (not filtrable) text,
add new function proto_tree_add_format_text() which just do this in optimized way.
Change-Id: Ia0e189b620cc0a5b74cfdaef1ad4571d766bb2ab
Reviewed-on: https://code.wireshark.org/review/1678
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
This is substantially more memory-efficient, shaving another ~1.5MB off our base
usage. It also lets us remove the annoying extra "last_field" pointer and
simplify proto_register_field_common(). It also accidentally fixed what may
have been a memory leak in proto_unregister_field().
It unfortunately complicates proto_get_next_protocol_field() to require
refetching the protocol each time, but that is itself just an array-lookup under
the covers (and isn't much used), so I don't expect the performance hit to be
noticable.
Change-Id: I8e1006b2326d6563fc3b710b827cc99b54440df1
Reviewed-on: https://code.wireshark.org/review/1225
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
This commit adds tvb_get_string_bytes and proto_tree_add_bytes_item routines for
getting GByteArrays fields from the tvb when they are encoded in ASCII hex string form.
The proto_tree_add_bytes_item routine is also usable for normal
binary encoded byte arrays, and has the advantage of retrieving
the array values even if there's no proto tree.
It also exposes the routines to Lua, both so that a Lua script can take
advantage of this, but also so I can write a testsuite to test the functions.
Change-Id: I112a038653df6482a5d0ebe7c95708f207319e20
Reviewed-on: https://code.wireshark.org/review/1158
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit adds tvb_get_string_time and proto_tree_add_time_item routines for
getting nstime fields from the tvb when they are encoded in ASCII string form.
The proto_tree_add_time_item routine is also usable for normal
big/little-endian encoded time_t, and has the advantage of retrieving
the value even if there's no proto tree.
It also exposes the routines to Lua, both so that a Lua script can take
advantage of this, but also so I can write a testsuite to test the functions.
Change-Id: I955da10f68f2680e3da3a5be5ad8fdce7ed6808c
Reviewed-on: https://code.wireshark.org/review/1084
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add an FT_STRINGZPAD type, for null-padded strings (typically
fixed-length fields, where the string can be up to the length of the
field, and is null-padded if it's shorter than that), and use it. Use
IS_FT_STRING() in more cases, so that less code needs to know what types
are string types.
Add a tvb_get_stringzpad() routine, which gets null-padded strings.
Currently, it does the same thing that tvb_get_string_enc() does, but
that might change if we don't store string values as null-terminated
strings.
Change-Id: I46f56e130de8f419a19b56ded914e24cc7518a66
Reviewed-on: https://code.wireshark.org/review/1082
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For each graph you can set:
- Its visibility
- A name
- A display filter
- Color, from a fixed list
- Plot style: Line, Impulse, Bar, Stacked Bar, Dot, Square, Diamond
- Basic Y Axes (packets/s, bytes/s, bits/s)
- Computed Y Axes (SUM, MIN, AVG, MAX)
- Smoothing
You can pan and zoom using the mouse and keyboard. Clicking on a graph
selects the last packet for that interval. If all graphs have the same Y
axis a single label is shown, otherwise a legend is shown.
The time scale (X axis) can be toggled between relative seconds and the
time of day.
Graphs can be saved as PDF, PNG, BMP, and JPEG. Settings are "sticky"
via the io_graphs UAT.
To do:
- Minimize graph drawing delays.
- Figure out why smoothing differs from GTK+
- Everything else at the top of io_graph_dialog.cpp
- Fix empty resets.
A fair amount of code was copied from TCPStreamDialog. We might want to
subclass QCustomPlot and place the shared code there.
Move common syntax checking to SyntaxLineEdit.
Move some common code from ui/gtk/io_stat.c to ui/io_graph_item.[ch] and
use it in both GTK+ and Qt.
Make the io_graph_item_t array allocation in io_stat.c static. The
behavior should be identical and this gives us additional compile-time
checks.
Change-Id: I9a3d544469b7048f0761fdbf7bcf20f44ae76577
Reviewed-on: https://code.wireshark.org/review/435
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Gerald Combs <gerald@wireshark.org>
proto tree api, similar to other proto_tree_add_...() functions
Change-Id: Iaef0711b8221a7bbb24f1004c81a1438f5674e42
Reviewed-on: https://code.wireshark.org/review/926
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
This adds the ability for a Lua script to register expert info fields,
similar to C-code dissectors. This change also removes the need for
the expert_add_info_format_internal() function. Existing Lua scripts
do not have to change, because the existing expert info function
uses the internal "_ws.lua" protocol instead of nothing; but using
the new functionality provides more benefits since it correctly
registers the expert info fields to the dissector's protocol.
The test suite was amended to generate both old and new forms.
Change-Id: Ib5ae74e927cfa81312baf7b04ff4104b0b4f936e
Reviewed-on: https://code.wireshark.org/review/830
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Linux USB Header should be in Host Endian.
Also add ENC_HOST_ENDIAN to simplify code.
Change-Id: I95e7d97014633e8fc1d7739d0728780d70c60442
Reviewed-on: https://code.wireshark.org/review/15
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
The majority of the fixes are for calls to uat_new(). Instead of
having each caller cast its private data to (void**), we use void*
in the uat_new() API itself. Inside uat_new(), we cast the void*
to void**.
Some dissectors use val64_string arrays, so a VALS64() macro was
added for those, to avoid using VALS(), which is useful only for
value_string arrays.
packet-mq.c was changed because dissect_nt_sid() requires
a char**, not a guint**. All other callers of dissect_nt_sid() use
char*'s (and take the address of it) for their local storage. So,
this was changed to follow the other practices.
A confusion between gint and absolute_time_display_e in packet-time.c
was cleared up.
The ugliest fix is the addition of ip6_guint8_to_str(), for exactly
one caller. The caller uses one type of ip6 address byte array,
while ip6_to_str() expects another. This new function is in place
until the various address implementations can be consolidated.
Add VALS64() to the developer documentation.
Change-Id: If93ff5c6c8c7cc3c9510d7fb78fa9108e4552805
Reviewed-on: https://code.wireshark.org/review/48
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
appropriate for particular FT_ types. This lets us do some more type
checking and lets us use const pointers when appropriate.
Constify a bunch of stuff, and don't cast away constness.
svn path=/trunk/; revision=54811
Shuffle the character ENC_ values around a bit, keeping the Unicode
encodings together, moving the Windows code pages (only one for now)
after the ISO 8859 encodings, and putting "I can't believe it's not
ASCII!" at the end.
Fix some comment typoes, and update another comment, while we're at it.
svn path=/trunk/; revision=54351
Move the Wikipedia links for the code page layouts in front of the
tables whose contents reflect the code page layouts.
svn path=/trunk/; revision=53837
knowledge of particular types of plugins. Instead, let particular types
of plugins register with the common plugin code, giving a name and a
routine to recognize that type of plugin.
In particular applications, only process the relevant plugin types.
Add a Makefile.common to the codecs directory.
svn path=/trunk/; revision=53710
cd /home/jmayer/work/wireshark/svn/build/qt-gtk3/epan && /usr/bin/cc -DG_DISABLE_DEPRc
In file included from /home/jmayer/work/wireshark/svn/trunk/epan/packet.h:29:0,
from /home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-2dp:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-2dparityfec.c: In functio:
/home/jmayer/work/wireshark/svn/trunk/epan/proto.h:2128:2: error: ISO C90 forbids mixe]
extern header_field_info __start__data_ ##proto[]; \
^
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-2dparityfec.c:331:4: note’
proto_register_fields(proto_2dparityfec, hfi, array_length(hfi));
^
cc1: all warnings being treated as errors
svn path=/trunk/; revision=53152
pinfo memory pool, they have exactly the same scope. Simplification and minor
performance win (one GHashTable we longer have to create/destroy on every
packet).
svn path=/trunk/; revision=53076
This time it makes more sense, cause for each dissection we need two wmem allocators.
Reseting wmem allocator is much faster than destroy & create.
svn path=/trunk/; revision=52706
tree_data and reference it directly when allocating/freeing tree items. This
lets us keep multiple around when we need them, and still lets us use
wmem_free_all for a major speedup. It also, coincidentally, lets us get rid of
the annoying fi_tmp hack that was needed before, since that element gets swept
up in the free_all with everything else.
Keep one pool cached to avoid creating/destroying a pool for each packet,
another minor performance win.
The various changes in approach seem to balance out pretty much exactly, this
still gives ~11% over pre-52569.
svn path=/trunk/; revision=52573
- (for now) keep ABI, restore prototype of old proto_tree_add_item, add new proto_tree_add_item_new
- add few helpers for boolean, time, string which will do ->id
- don't use HFI_INIT directly, use it by another macro (MSVC has very small limit for section name)
svn path=/trunk/; revision=51401
overloaded use of the DISPLAY field). Thanks to Jakub for pointing out I'd done
this wrong the first time (months ago in r49357).
Fixes severity display for collectd protocol, originally filed at:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8472
svn path=/trunk/; revision=50935