Since draft-ietf-quic-tls-17, QUIC uses TLS 1.3 base secrets for
decryption, so no separate key label is necessary. Applications should
not generate such non-standard key log entries. quiche has already been
updated, picoquic will presumably follow soon if it has not already.
For all cases in topic_action_url(), set url and break out of the switch
statement.
For the default case, set the URL to WS_HOME_PAGE_URL - we should never
get there, as here's a g_assert_not_reached() call before that, but this
should squelch Coverity's complaint.
Should fix Coverity CID 1467697.
Check the tag end offset - the offset in the packet of the tag's value's
end - to make sure that 1) it's at or after the offset of the
*beginning* of the tag's value and 2) that it's not past the end of the
packet; in either case, report an error with an expert info, and do not
show the value of that tag or any subsequent tags, as we don't have a
valid value for the length of this tag's value or even the *offset* of
subsequent tags' values.
For tags whose values have a fixed length, report an error, with an
expert info, if the tag value length isn't the expected value, and don't
dissect it.
For tags whose values have a minimum length, report an error, with an
expert value, if the tag value length isn't at least the minimum value,
and don't dissect it.
For tags whose values consist of a sequence of zero or more fixed-length
items, report an error, with an expert value, if there's leftover data
after processing those items.
Add some comments while we're at it.
These appear to be copy/paste errors detected by running
./tools/check_typed_item_calls.py --consecutive
Quite a few issues still remain after this batch.
It's possible to play opus payload with libopus (https://opus-codec.org/).
Closes#16882.
Helped-by: Pascal Quantin <pascal.quantin@gmail.com>
Signed-off-by: Lin Sun <lin.sun@zoom.us>
Signed-off-by: Yuanzhi Li <ryanlee@mail.ustc.edu.cn>
A long time ago, in a galaxy far far away, C had arithmetic/logical-
plus-assignment operators, so that
a = a {op} x;
could be written as
a ={op} x;
Unfortunately, if {op} is -, that meant that you could have, for
example:
a =- 17;
which could be interpreted as
a = -17;
so they changed the operators to be
a {op}= x;
I.e., if you want to subtract 1000 from a variable, do
elapsed_ms -= 1000;
not
elapsed_ms =- 1000;
Add ui/urls.h to define some URLs on various of our websites. Use the
GitLab URL for the wiki. Add a macro to generate wiki URLs.
Update wiki URLs in comments etc.
Use the #defined URL for the docs page in
WelcomePage::on_helpLabel_clicked; that removes the last user of
topic_online_url(), so get rid of it and swallow it up into
topic_action_url().
The condition aimed to avoid interpreting padding bytes after the
Initial Packet as Short Header to avoid breaking decryption. However it
also prevents actual Short Header packets from being matched that have
the QUIC bit cleared.
To avoid breaking the latter, strengthen the condition to match the
former only. Tested with quic-31_grease_quic_bit__with_keys.pcapng (from
!429). Regression tested against a private Firefox Nightly trace.
Run
$ gsed -i -e 's/\(tr *(.*".*\)" *UTF8_HORIZONTAL_ELLIPSIS/\1…"/' $( ag -l 'tr *\(.*" *UTF8_HORIZONTAL_ELLIPSIS' )
$ gsed -i -e 's/\(tr *( *\)UTF8_HORIZONTAL_ELLIPSIS *"/\1"…/' $( ag -l 'tr *\( *UTF8_HORIZONTAL_ELLIPSIS *"' )
in ui/qt. As discussed in #16812, the UTF8_ macros were required at one
time because we only allowed ASCII in our source code. However, that
requirement has since been relaxed and Qt's translation framework
doesn't handle concatenating strings and macros very well.
MAX_UNCOMPRESSED_SIZE is currently 16MiB.
Fix Coverity report CID 1467509: Insecure data
handling (TAINTED_SCALAR) Using tainted variable "times" as a loop
boundary.
If we did not find an msp that matched the current segment we would
try to find the msp for set-1 instead. This will only work IFF
we do not know the the exact size of the PDU and where it ends,
i.e. DESEGMENT_ONE_MORE_SEGMENT and friends.
In the case where "get msp for seq-1" gives us an msp where we know the exact
PDU boundary and the current seq is beyond the end of that boundary, then
we should not use the msp for seq-1 but instead treat this as a brand new PDU.
This fixes issues with SMB2-over-QUIC dissection that can be seen in the
sample capture for the "add smb2-over-quic" bug where only the first
multi-segment PDU would be dissected correctly for each direction.
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Add an encoding for "unpacked" 3GPP TS 23.038 7-bit strings, in which
each code position is in a byte of its own, rather than with the code
positions packed into 7 bits. Rename the packed encoding to explicitly
indicate that it's packed.
Add an encoding for ETSI TS 102 221 Annex A strings.
Use the new encodings.
Add a check to point out where consecutive items have the same filter
but different labels. Quite a few of these look like bugs.
Also, make some REs raw strings, as identified as an issue in
https://gitlab.com/wireshark/wireshark/-/merge_requests/346
A common pattern is to build the source artifacts within a *build* dir.
For example, the wiki instructions for [building `wireshark` on `macOS` specify to
create a `./build`
directory](https://gitlab.com/wireshark/wireshark/-/wikis/BuildingAndInstalling#macos):
```
mkdir build && cd build && cmake ../ && make
```
So this commit adds this directory to `.gitignore` to prevent
accidentally committing build artifacts.
The specific format `/*build*/` protects against the following:
1. The leading slash makes sure only top-level directories that match
this pattern are ignored.
2. The trailing slash makes sure that only directories (and not files)
are ignored.
3. The wildcards catch all the various variations on `build` folder name
that are used...
These were detected by running check_typed_item_calls.py
with --consecutive, which flags items that have different
labels but the same filter string. Usually this is because
of copy/paste.
Quite a few similar bugs still exist, will address in a future commit.
Guy Harris