It is always an error to chain regexes using the logic for "le" and "eq".
var matches "regex1" matches "regex2"
=> var matches "regex1" and "regex1" matches "regex2"
Before:
Filter: tcp matches "abc$" matches "^cde"
dftest: Neither "abc$" nor "^cde" are field or protocol names.
Filter: "abc$" matches tcp matches "^cde"
dftest: Neither "abc$" nor "tcp" are field or protocol names.
After:
Filter: tcp matches "abc$" matches "^cde"
dftest: "matches" was unexpected in this context.
Filter: "abc$" matches tcp matches "^cde"
dftest: "matches" was unexpected in this context.
Always use the internal API to access "deprecated" and initialize
the data structure on demand. This fixes a null pointer dereference
introduced previously.
Use reference counting to share the array cleanly and avoid memory
leaks.
Keep the pointer in dfwork_t.
The lexical rules for fields and unparsed strings are ambiguous,
e.g. "fc" can be the protocol fibre channel or the byte 0xfc.
In general a name is determined to be a protocol field or not by
checking the registry.
Resolving the name in the parser gives more flexibility, for example
to use different semantic rules according to the relation between
LHS and RHS, and allows function names and protocol names to co-exist
without ambiguity.
Before:
Filter: tcp == 1
Constants:
00000 PUT_FVALUE 01 <FT_PROTOCOL> -> reg#1
Instructions:
00000 READ_TREE tcp -> reg#0
00001 IF-FALSE-GOTO 3
00002 ANY_EQ reg#0 == reg#1
00003 RETURN
Filter: tcp() == 1
dftest: Syntax error near "(".
After:
Filter: tcp == 1
Constants:
00000 PUT_FVALUE 01 <FT_PROTOCOL> -> reg#1
Instructions:
(same)
Filter: tcp() == 1
dftest: Function 'tcp' does not exist
It's also a goal to make it easier to modify the lexer rules.
Ping #12810.
Do the integer conversion for ranges in the parser. This is more
conventional, I think, and allows removing the unnecessary integer
syntax tree node type.
Try to minimize the number and complexity of lexical rules for
ranges. But it seems we need to keep different states for integer
and punctuation because of the need to disambiguate the ranges
[-n-n] and [-n--n].
If we have a STRING value in an expression and a numeric comparison
we must also check if it matches a value string before throwing
a type error.
Add appropriate tests to the test suite.
Fixes 4d2f469212.
A function is grammatically an identifier that is followed by '(' and ')'
according to some rules. We should avoid assuming a token is a function
just because it matches a registered function name.
Before:
Filter: foobar(http.user_agent) contains "UPDATE"
dftest: Syntax error near "(".
After:
Filter: foobar(http.user_agent) contains "UPDATE"
dftest: The function 'foobar' does not exist.
This has the problem that a function cannot have the same name
as a protocol but that limitation already existed before.
Instead of checking for an error return and throwing the exception
then do it where the errors occurs. This takes advantage of the nice
properties of error exceptions to reduce the amount of error
checking code.
Instead of using 3 operations (new + free + reassign_to_parent) to transform
the tree use a simpler single replace operation instead.
This also avoids having to manually copy token values.
The set search and replace method is now obsolete.
Clean up syntax error code. TEST and SET are never returned by
the tokenizer.
Remove unnecessary range_body() grammar element. Fix a comment.
Move the stnode_token_value() function to its proper place.
Allow an entity in the grammar as range body. Perform a stronger
sanity check during semantic analysis everywhere a range is used.
This is both safer (unless we want to allow FIELD bodies only, but
functions are allowed too) and also provides better error messages.
Previously a range of range only compiled on the RHS. Now it can
appear on both sides of a relation.
This fixes a crash with STRING entities similar to #10690 for
UNPARSED.
This also adds back support for slicing functions that was removed
in f3f833ccec (by accident presumably).
Ping #10690
This makes 'stnode_tostr()' more useful for end-user error reporting.
For debugging purposes we tack on the type name in the debug specific
code instead.
When parsing we save the token value to the syntax tree. This is
useful for better error reporting. Use it to report an invalid
entity for the slice operation. Before only the memory location
was reported, which is not a good error message.
Before:
% dftest '"01:02:03:04"[0:3] == foo'
Filter: ""01:02:03:04"[0:3] == foo"
dftest: Range is not supported for entity <0x7f6c84017740> of type STRING
After:
% dftest '"01:02:03:04"[0:3] == foo'
Filter: ""01:02:03:04"[0:3] == foo"
dftest: Range is not supported for entity 01:02:03:04 of type STRING
When creating a new node from an old one we need to copy the token
value. Simple tokens such as RBRACKET, COMMA and COLON are
not part of the AST and don't have an associated semantic value.
Pass the deprecated data struture to the scanner and insert the deprecated
tokens there. This avoids having to keep a dedicated syntax node field
for this.
Pass the deprecated argument in dfwork_t instead of in a separate
argument. This is less cumbersome than adding an extra argument
to every level of the semantic checker.
Use wslog to output debug information. Being able to control
it at runtime is a big advantage.
We extend the syntax tree nodes with a method to return a
canonical string representation.
Add a routine to walk the tree and return an textual representation
for debugging purposes.
Protocol names can only be on the left hand side of filter expressions.
Commit ac0b1d42f3 (merge !4214) caused
unquoted strings that could be interpreted as either protocol names or
byte arrays to be parsed as the latter when on the RHS. Further
relax by allowing unquoted strings on the RHS that can be interpreted as
protocol names to be treated as any generic unquoted string. (The
semantic checker will still prefer interpreting the string as a byte
array, if possible, to a generic string.)
This is useful for filter expressions of the sort "frame contains data",
where data should be interpreted as "data", i.e. "\x64\x61\x74\x61".
Long run this ideally should be fixed earlier, at the lex parser or
grammar checker.
Protocol names can only be on the left hand side of filter expressions.
If a protocol name with an even number of characters ("fc", "dc", "ff",
"fefd", etc.) is on the right hand side of a filter expressions and
can be interpreted as a byte string instead, do so. Fix#12810.
When byte escape sequences, that is hex \xhh or octal \0ddd,
are interpreted at the lexical level it is not possible to
use strings with embedded NUL bytes. The NUL byte is interpreted
as a C string terminator. As a consequence, for example, the
strings "AB" and "AB\x00CDE" compare as the same. This leads to
unexpected false matches and a poor user experience.
Disallow embedded NULs for regular strings (strings literals that
do not begin with 'r' or 'R') for this reason.
It is possible to use a raw string instead (eg: r"AB\x00C")
to match embedded NUL bytes, although that only works with regular
expressions. Normal escape rules would also work with regular
expressions (eg: "AB\\x00C"). This is the same string as the previous
one, written in an alternate form. What won't work is "AB\x00C", this
string is synctatically invalid.
So the expression: data matches r"AB\x00C"
will match the bytes {'A', 'B', '\0', '\C'}.
However the expression: data contains r"AB\x00C"
won't match the fvalue above. Because the "contains" operator
doesn't compile a regular expression it literally tries to
contains-match the bytes {'A', 'B', '\\', 'x', '0', '0', 'C'}.
Therefore raw strings are very convenient but it is still necessary
to be aware that the matches operator has an extra level of indirection
than other string operators (same as in Python).
Fixes#16156.
Add support for a literal string specification copied from Python
raw strings[1].
Raw string literals are enclosed with r"..." or R"...". Double quotes
can be include in the string but they must be escaped with backslash.
In escape sequences backslashes are preserved in the final result.
So for example the string "a\\\"b" is the same as r"a\"b".
r"\\\a" is the same as "\\\\\\a".
Raw strings should be used for convenience wherever a regular expression
is used in a display filter expression.
[1]https://docs.python.org/3/reference/lexical_analysis.html#string-and-bytes-literals
We can't unescape characters when expanding a display filter macro.
The escaping must be preserved until the expression is evaluated in
the display filter engine, otherwise it will likely generate a syntax
error in the parser.
In the macro body we allow '$' (or any other char) to be escaped
with backslash (preserving the backslash).
Fixes#17160.
Replace most instances of ws_debug_printf() except in
epan/dissectors and dissector plugins.
Some replacements use printf(), some use ws_debug(), and
some were removed because they were dead or judged to be
temporary.
It's not a valid field type, it's only a hack to support regular
expression matching in packet-matching expressions.
Instead, in the packet-matching code, have a separate syntax tree type
for Perl-compatible regular expressions, and a separate instruction to
load one into a register, and have the "matching" operator for field
types take a GRegex * as the second argument.
I believe this was the original intention, to use these API restricitons
with dissectors only (not that I necessarily agree with that policy either),
and through copy-paste and lack of clear guidelines it spread to other
parts of the build.
Rename the checkAPI groups to make it very clear that this is dissector-only.
This doesn't mean, of course, that good programming practices shouldn't be
followed everywhere. In particular assertions need to be used properly.
Don't use them to catch runtime errors or validate input data.
This commit will be followed by another removing the various ugly hacks
people have been using to get around the checkAPI hammer.
The include_directories documentation at
https://cmake.org/cmake/help/latest/command/include_directories.html
says:
"Note: Prefer the target_include_directories() command to add include
directories to individual targets and optionally propagate/export them
to dependents."
Switch from include_directories to target_include_directories in a bunch
of places.
Add "SYSTEM" to the remaining external include_directories calls in
order to minimize our compiler warning blast radius.
No version of ISO C I can find (from C90 to C18) says anything more
about __LINE__ than that it's an "integer constant", with no indication
whether it's signed or unsigned (or whether it's int or long or long
long), so we just cast it to "unsigned int" and print it with %u, as it
would make Absolutely No Sense if it were negative.
This should squelch some invalidPrintfArgType_uint warnings from
cppcheck.
They're not used outside a block, so move them inside the block. Also,
they're set before they're used, so don't initialize them when they're
declared.
This should squelch some unreadVariable warnings from cppcheck.
In dump_dfilter_macro_t(), if the dfilter_macro_t pointer is null, just
give up after printing the message that indicates that.
This should squelch several nullPointerRedundantCheck warnings from
cppcheck.
FT_STRINGZPAD is for null-*padded* strings, where the field is in an
area of specified length, and, if the string is shorter than that
length, all bytes past the end of the string are NULs.
FT_STRINGZTRUNC is for null-*truncated* strings, where the field is in
an area of specified length and, if the string is shorter than that
length, there's a null character (which might be more than one byte, for
UCS-2, UTF-16, or UTF-32), and anything after that is not guaranteed to
have any particular value.
Use IS_FT_STRING() in some places rather than enumerating all the string
types, so that those places get automatically changed if the set of
string types changes.
Remove the --check-addtext and --build flags. They were used for
checkAddTextCalls, which was removed in e2735ecfdd.
Add the sources in ui/qt except for qcustomplot.{cpp,h}. Fix issues in
main.cpp, rtp_audio_stream.cpp, and wireshark_zip_helper.cpp.
Rename "index"es in packet-usb-hid.c.
Fall back on the Wayback Machine for some links.
Change-Id: I6a44a2caaeb4fa521c2f08196e7c36069e3bb842
Reviewed-on: https://code.wireshark.org/review/34103
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add header files lists to add_library() so that Visual Studio can pick them
up and include them in a "Header Files" folder for easier navigation within
Visual Studio.
Change-Id: I7cd8e39550f4db67eed8205593060ae8b4a5b1b9
Reviewed-on: https://code.wireshark.org/review/31289
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
User guides are installed to doc/Wireshark. Use doc/wireshark instead.
Remove leftover variable CPACK_PACKAGE_NAME.
Change-Id: I9a1d6bdc7d8f0b48c61e43679285d5ba83904a63
Reviewed-on: https://code.wireshark.org/review/31851
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Put the function name in quotes.
Change-Id: I09be392a9bac3b56c13b82a554d17ea29695657c
Reviewed-on: https://code.wireshark.org/review/31790
Reviewed-by: Guy Harris <guy@alum.mit.edu>
I guess "s" in "The function s" was supposed to be "%s", giving the
function name. Make it so, and properly fetch the function name.
Change-Id: I67287f24626fa0a2816fb2cf574e5d9ff58713bf
Reviewed-on: https://code.wireshark.org/review/31787
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If a display filter contains a set for the set membership operator and
an error occurs, then gen_relation_in() (called via dfw_gencode() will
not take ownership of the set and a memory leak occurs.
Fix this by implementing a free callback for STTYPE_SET nodes which
frees unclaimed data. Add tests to verify the effectiveness, ASAN no
longer complains after this fix.
Bug: 15442
Change-Id: If37cf047660464b2d0304748034d0bc22111e5d6
Reviewed-on: https://code.wireshark.org/review/31758
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
A display filter can contain values such as strings, numbers, etc. These
are internally stored in a fvalue_t structure. While compiling a display
filter, it will store a fvalue_t in a node of type STTYPE_FVALUE.
These nodes are created while parsing the dfilter in dfilter_compile().
If the semantic check and conversion (dfw_semcheck()) succeeds, it will
transfer the values of the parsed tree to dfw_gencode(). After that,
dfwork_free will dispose the tree while a compiled dfilter code remains.
When the dfilter code is destroyed, it will free the values too.
However, when dfw_semcheck() fails (for example, due to an illegal
filter such as "len(badname)==1"), it will skip "dfw_gencode()" and
consequently the fvalue data is not transferred nor freed. Fix this by
always freeing the data (unless the data was stolen by dfw_gencode()).
Fixes a memory leak reported for case_dfunction_string::test_fail_2
which was detected by ASAN.
Bug: 15442
Change-Id: I9b1cb613659890c8ddcfa57f11f9d3f61a51a3f9
Reviewed-on: https://code.wireshark.org/review/31757
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This function can convert non-string fields into strings. This allows the
user to apply string functions (like contains and matches) to non-string fields.
Examples:
string(frame.number) matches "[13579]$" => for odd frames
string(eth.dst) matches "aa\.bb\.cc\.dd\.ee\..." => to match a group of stations
string(snmp.name) matches "^1.2.3.4" => for all OIDs under a specific node
Change-Id: I18173f50ba5314ecdcd1e4b66c7e8ba5b44257ee
Reviewed-on: https://code.wireshark.org/review/31427
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It is overlapping to len(), then they've been merged into len()
that now gives the length of any field.
Change-Id: I8e39536a4d15eff4c4b44bb39fd965729cc46951
Reviewed-on: https://code.wireshark.org/review/31462
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
All other error-return code paths set *dfp to NULL; make this one do so
as well.
Change-Id: I4015c1d53bdbac99cdeda158d7d01c8da7bf2562
Reviewed-on: https://code.wireshark.org/review/31102
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Install headers to support plugins development on Windows.
Change-Id: I3161bd2f730edf62ab44fee6ce4fedbb9aee0d31
Reviewed-on: https://code.wireshark.org/review/30776
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
(It's llvm-gcc, and appears to be a version too old to support
_Pragma("gcc diagnostic ...").)
Change-Id: I220997890636d5a5c33889d2e6c640feee155deb
Reviewed-on: https://code.wireshark.org/review/29580
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add support for aliasing one protocol name to another and for filtering
using aliased fields. Mark aliased fields as deprecated.
Rename the BOOTP dissector to DHCP and alias "bootp" to "dhcp". This
lets you use both "dhcp.type" and "bootp.type" as display filter fields
without having to duplicate all 500+ DHCP/BOOTP fields.
To do:
- Add checks to proto.c:check_valid_filter_name_or_fail?
- Transition SSL to TLS.
- Rename packet-bootp.c to packet-dhcp.c?
Change-Id: I29977859995e8347d80b8e83f1618db441b10279
Ping-Bug: 14922
Reviewed-on: https://code.wireshark.org/review/29327
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It doesn't necessarily produce an FT_BYTES value any more.
Change-Id: I7bad1e328394a829400bd139c48a9538c4892818
Reviewed-on: https://code.wireshark.org/review/28318
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have charconst_to_bytes() take the desired type as an argument, and pass
it to dfilter_fvalue_from_unparsed().
Bug: 14084
Change-Id: I11db417311b9681b18c4a3fca2862b35837194d7
Reviewed-on: https://code.wireshark.org/review/28315
Reviewed-by: Guy Harris <guy@alum.mit.edu>
g_array_free(a, FALSE) returns "a->data". Callers that do not handle
this will leak memory. Convert other users to use the return value
instead of direct access to "a->data".
Change-Id: I0a29864e8106c0bf09e9573ef29e4474179c4171
Reviewed-on: https://code.wireshark.org/review/27438
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
g_ptr_array_free(a, FALSE) returns "a->pdata". Callers that do not
handle this will leak memory (e.g. "tshark -G plugins"). Convert other
users to use the return value instead of direct access to "a->pdata".
Change-Id: I29835477d587f5f54bf0d94cdae9f375e3da3ce3
Reviewed-on: https://code.wireshark.org/review/27437
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Running tools/dfilter-test.py with LSan enabled resulted in 38 test
failures due to memory leaks from "fvalue_new". Problematic dfilters:
- Return values from functions, e.g. `len(data.data) > 8` (instruction
CALL_FUNCTION invoking functions from epan/dfilter/dfunctions.c)
- Slice operator: `data.data[1:2] == aa:bb` (function mk_range)
These values end up in "registers", but as some values (from READ_TREE)
reference the proto tree, a new tracking flag ("owns_memory") is added.
Add missing tests for some functions and try to improve documentation.
Change-Id: I28e8cf872675d0a81ea7aa5fac7398257de3f47b
Reviewed-on: https://code.wireshark.org/review/27132
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A filter such as "data.data[1] == 2" would leak the GSList structure.
Change-Id: If57ffbdbf815434f6e11fb53ffa031dde370a9ec
Reviewed-on: https://code.wireshark.org/review/27131
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Previously a filter such as `http.request.method in {"GET"HEAD""}` would
be parsed as three strings (GET, HEAD and an empty string). As it seems
more likely that people make typos rather than intending to construct
such a filter, forbid this by always requiring a whitespace separator.
Change-Id: I77e531fd6be072f62dd06aac27f856106c8920c6
Reported-by: Stig Bjørlykke
Reviewed-on: https://code.wireshark.org/review/26989
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For numeric values such as port numbers, "4430..4434" looks more
natural than "4430 .. 4434", so support that.
To make this possible, the display filter syntax needs to be restricted.
Assume that neither field names nor values can contain "..". The display
filter `data contains ..` will now be considered a syntax error and must
be written as `data contains ".."` instead. More generally, all values
that contain ".." must be quoted.
Other than the ".." restriction, the scanner deliberately accepts more
characters that can potentially form invalid input. This is to prevent
accidentally splitting input in multiple tokens. For example, "9.2." in
"frame.time_delta in {9.2.}" is currently parsed as one token and then
rejected because it cannot be parsed as time. If the scanner was made
stricter, it could treat it as two tokens (floats), "9." and "2." which
has different meaning for the set membership operator.
An unhandled edge case is "1....2" which is parsed as "1 .. .. 2" but
could have been parsed as "1. .. .2" instead. A float with trailing dots
followed by ".." seems sufficiently weird, so rejection is fine.
Ping-Bug: 14180
Change-Id: Ibad8e851b49346c9d470f09d5d6a54defa21bcb9
Reviewed-on: https://code.wireshark.org/review/26960
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Allow "tcp.srcport in {1662 1663 1664}" to be abbreviated to
"tcp.srcport in {1662 .. 1664}". The range operator is supported for any
field value which supports the "<=" and "=>" operators and thus works
for integers, IP addresses, etc.
The naive mapping "tcp.srcport >= 1662 and tcp.srcport <= 1664" is not
used because it does not have the intended effect with fields that have
multiple occurrences (e.g. tcp.port). Each condition could be satisfied
by an other value. Therefore a new DVFM instruction (ANY_IN_RANGE) is
added to test the range condition against each individual field value.
Bug: 14180
Change-Id: I53c2d0f9bc9d4f0ffaabde9a83442122965c95f7
Reviewed-on: https://code.wireshark.org/review/26945
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It has been replaced by cmake.
Change-Id: I83a5eddb8645dbbf6bca9f026066d2e995d8e87a
Reviewed-on: https://code.wireshark.org/review/26969
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Iff833bf5c197959c8decb62d6ce794c6d0415fb7
Reviewed-on: https://code.wireshark.org/review/26978
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Found by clang.
Change-Id: I89497bd0f32c79f82218c6d254a214364c930eb3
Reviewed-on: https://code.wireshark.org/review/25884
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We no longer use different compiler flags for generated and
non-generated files, so we don't need to put them into separate
libraries and then add the files from the generated library into the
main library.
Change-Id: Idbd35510ccb8c9107b4de4199c8b1bcaa6f7a060
Reviewed-on: https://code.wireshark.org/review/25831
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use AM_CFLAGS for everything except for libdirtydissectors in
epan/dissectors. Rename GENERATED_CFLAGS/GENERATED_CXXFLAGS to
DIRTY_CFLAGS/DIRTY_CXXFLAGS, as it doesn't apply to all generated files.
Change-Id: I702b53e185d6972c08d68ef31c05df7b03669daa
Reviewed-on: https://code.wireshark.org/review/25829
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
DIAG_OFF_FLEX turns off all warnings that we want to disable for
Flex-generated code due to some versions of Flex generating code that
triggers those warnings.
DIAG_ON_FLEX restores those warnings, so we do the checks for code that
*we* wrote.
Use them in .l files.
Change-Id: I613a20309a30cd4c61111a1edbe27a5d05fcbf59
Reviewed-on: https://code.wireshark.org/review/25815
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Now that we're suppressing warnings that come from Flex generating
insufficiently fussy code, just treat many of the Lex-generated files as
clean; we don't seem to be getting warnings from Lemon-generated ones.
Change-Id: Ib53ced6d8cb80645234929afca343d047d30f7f7
Reviewed-on: https://code.wireshark.org/review/25813
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Match closer the behavior of autotools which does not include epan in
its include paths by default.
Change-Id: I885bc7942490a5674c6ac75f9a8ea221555e3784
Reviewed-on: https://code.wireshark.org/review/24639
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Autotools has the very useful feature by design of allowing the user
to override the default build flags (you break it you keep it).
Apparently CMake applies COMPILE_OPTIONS target property after
CMAKE_{C,CXX}_FLAGS so that doesn't work here. Prepend our flags to those
variables instead to make it work then.
Specific target flag overrides can still be added with COMPILER_OPTIONS
(e.g: generated files with -Wno-warning) but this is less effective and
then we're back at the point where this overrides user flags. It's less
of a concern though.
Change-Id: I44761a79be4289238e02d4e781fef0099628817b
Reviewed-on: https://code.wireshark.org/review/23675
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
To be continued incrementally to fix gaps and omissions.
If we are willing to reorganize the source tree to have one or two header
include folders this could be simplified considerably.
It would also force developers to give more consideration to API issues,
which is a good thing.
See also e7ef19efc0.
Bug: 14062
Change-Id: I0759da2f9793cfb5cf92c9e231457bba43df4353
Reviewed-on: https://code.wireshark.org/review/23548
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Install public headers required to build plugins for libwireshark (taps and
dissectors).
The source tree is organized to serve the CLI/GUI parts of wireshark.
Plugins are built in tree. This change is intende to allow plugins to be built
out-of-tree but we want to avoid dumping all headers into /usr/include.
To be continued incrementally to fix errors and omissions.
Change-Id: Iaa0def0ba3de4b456a29114c315544d2d64fa748
Reviewed-on: https://code.wireshark.org/review/23374
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
For a sane plugin build environment. Include config.h as the first
header in the .c file instead.
Fix by moving required compiler attribute macros to a new
"ws_attributes.h" API header.
Change-Id: I34f58a927f68c1a0e59686c14d214825149749e1
Reviewed-on: https://code.wireshark.org/review/23400
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
len() can now handle FT_STRING, FT_STRINGZ, FT_STRINGZPAD,
FT_UINT_STRING, FT_BYTES, and FT_UINT_BYTES
through the use of fvalue_length()
Change-Id: I53baf2657f7804f64e63e4645d0b84b782ae9b08
Reviewed-on: https://code.wireshark.org/review/21775
Reviewed-by: Michael Mann <mmann78@netscape.net>
When using a filter such as "ncp.alloc_reply_lvl2 == FALSE", a memory
leak would occur as follows:
1. dfilter_fvalue_from_unparsed is called and
2. ends up calling _uint64_from_unparsed
3. which fails with error message "\"FALSE\" is not a valid number.".
4. Next, mk_fvalue_from_val_string is called which maps "FALSE" to 0
5. and the filter is successfully compiled.
6. dfwork_free deliberately does not free the error message (since
there should be none at this point) and we have a memleak (from 3).
Fix this memleak by clearing the error message when a successful
value_string mapping is found.
Change-Id: I78d59a4336342b09dc5448ea994b2e1d199d7f3f
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1302
Reviewed-on: https://code.wireshark.org/review/21497
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
XXX_prime_with_YYY makes it a bit clearer than does XXX_prime_YYY that
we're not priming YYY, we're priming XXX *using* YYY.
Change-Id: I1686b8b5469bc0f0bd6db8551fb6301776a1b133
Reviewed-on: https://code.wireshark.org/review/21031
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This function will free the resources allocated by the caller.
Change-Id: Ib486c14e4fd3c321662fb71f7fd06733ce9a64a4
Reviewed-on: https://code.wireshark.org/review/19375
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
That way, if we #define anything for large file support, that's done
before we include any system header files that either depend on that
definition or that define it themselves if it's not already defined.
Change-Id: I9b07344151103be337899dead44d6960715d6813
Reviewed-on: https://code.wireshark.org/review/19035
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fix the handling of the case of a "matches" operator with a field and a
character constant as operands.
Change-Id: I6451cee907d8486db96937173d0098de91ce7956
Reviewed-on: https://code.wireshark.org/review/18424
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Instead of checking for the boolean "FALSE", just set an empty string.
This avoids the need to check for WERROR_COMMON_FLAGS before using it.
The transformation is the same for all files, remove
"if (WERROR_COMMON_FLAGS)" and "endif()", reindent and add quotes (since
we have a string here and not a list).
Modelines have been added where missing.
Change-Id: I0ab05ae507c51fa77336d49a99a226399cc81b92
Reviewed-on: https://code.wireshark.org/review/17997
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Add an FT_CHAR type, which is like FT_UINT8 except that the value is
displayed as a C-style character constant.
Allow use of C-style character constants in filter expressions; they can
be used in comparisons with all integral types, and in "contains"
operators.
Use that type for some fields that appear (based on the way they're
displayed, or on the use of C-style character constants in their
value_string tables) to be 1-byte characters rather than 8-bit numbers.
Change-Id: I39a9f0dda0bd7f4fa02a9ca8373216206f4d7135
Reviewed-on: https://code.wireshark.org/review/17787
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Tried to poke various fields (including the capture filter field), this
revealed some memleaks.
Change-Id: I1eca431a09839906a4b3c902ad85e55bffc71ca8
Reviewed-on: https://code.wireshark.org/review/17648
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Setting our compiler warning flags in CMAKE_C_FLAGS does not allow
using different flags per target.
Allow for that possibility by setting the internal WS_WARNINGS_{C,CXX}_FLAGS
and using the COMPILE_OPTIONS property to set them.
This change is just setting mechanism and there should be no difference
in generated warnings.
The check_X_compiler_flag cmake test is changed to test each flag individually.
We need a list, not a space separated string, and the aggregate test is not
significant.
Change-Id: I59fc5cd7e130c7a5e001c598e3df3e13f83a6a25
Reviewed-on: https://code.wireshark.org/review/17150
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Many of the complaints from checkAPI.pl for use of printf are when its embedded
in an #ifdef and checkAPI isn't smart enough to figure that out.
The other (non-ifdef) use is dumping internal structures (which is a type of
debug functionality)
Add a "ws_debug_printf" macro for printf to pacify the warnings.
Change-Id: I63610e1adbbaf2feffb4ec9d4f817247d833f7fd
Reviewed-on: https://code.wireshark.org/review/16623
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Now that nmake build system has been removed they are not needed anymore.
Change-Id: I88075f955bb4349185859c1af4be22e53de5850f
Reviewed-on: https://code.wireshark.org/review/16050
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
The lex files use malloc and friends which is prohibited; don't check them
(until checkAPIs becomes smart enough to realize this is OK).
This mirrors what is done in cmake.
Change-Id: Ie80ea7a9b7c0e25c70c8edf3671e80a493ea1b2f
Reviewed-on: https://code.wireshark.org/review/15377
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Previous patches converted all fvalue_to_string_repr calls to expect
an allocated buffer (and not a passed in one). Now changing signature
to force an allocated buffer. Added wmem in case that can be taken
advantage of within epan (and since the function signature was changing
anyway).
Change-Id: Ica1ac4a9a182ce0e73303856329e198d9d525b7b
Reviewed-on: https://code.wireshark.org/review/15343
Reviewed-by: Michael Mann <mmann78@netscape.net>
This generates a top level target, checkAPI, that is
excluded from the ALL build target, so must be run separately.
On Windows using a Visual Studio generator, call
msbuild /p:Configuration=RelWithDebInfo checkAPI.vcxproj
Change-Id: I44a57c564dcfc75499463b942436f4b920a82478
Reviewed-on: https://code.wireshark.org/review/14873
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
master-branch libpcap now generates a reentrant Flex scanner and
Bison/Berkeley YACC parser for capture filter expressions, so it
requires versions of Flex and Bison/Berkeley YACC that support that.
We might as well do the same. For libwiretap, it means we could
actually have multiple K12 text or Ascend/Lucent text files open at the
same time. For libwireshark, it might not be as useful, as we only read
configuration files at startup (which should only happen once, in one
thread) or on demand (in which case, if we ever support multiple threads
running libwireshark, we'd need a mutex to ensure that only one file
reads it), but it's still the right thing to do.
We also require a version of Flex that can write out a header file, so
we change the runlex script to generate the header file ourselves. This
means we require a version of Flex new enough to support --header-file.
Clean up some other stuff encountered in the process.
Change-Id: Id23078c6acea549a52fc687779bb55d715b55c16
Reviewed-on: https://code.wireshark.org/review/14719
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Always look and set the uinteger64 member of the union for FT_BOOLEAN
values.
Bug: 12236
Change-Id: I7b0166e564b9d6cbb80051a81714a4b4c5f740a2
Reviewed-on: https://code.wireshark.org/review/14481
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Smaller epan/CMakeLists.txt is easier to work with and this structure
is well suited to CMake. It should make it easier to manage and configure
each epan module differently if necessary.
Change-Id: Ia649db3b7dcd405aa43dbdba3288699d5e375229
Reviewed-on: https://code.wireshark.org/review/14068
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
Remove mostly obsolete aclocal macros. Make GTK build flags a strict superset
of GLib flags. Use GTK build variables for GTK GUI and GLib elsewhere. Add
dependency flags explicitly instead of using WS_CPPFLAGS.
Some minor improvements and fixes for missing/unnecessary variables (no impact
on our test builds).
Change-Id: I3e1f067a875f79d6516c1fa7af986f17a7a6b671
Reviewed-on: https://code.wireshark.org/review/14005
Reviewed-by: João Valverde <j@v6e.pt>
semcheck.c:986:24: warning: cast from function call of type 'sttype_id_t' to non-matching type 'int' [-Wbad-function-cast]
semcheck.c:986:5: warning: format '%p' expects argument of type 'void *', but argument 3 has type 'struct stnode_t *' [-Wformat=]
Change-Id: I83031251c83f6597eb7c31f35e02c5a95bd2dabb
Reviewed-on: https://code.wireshark.org/review/13930
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
The proto tree is needed in several cases when using Lua field extractors,
because they fetch values from the tree. Without a valid field extractor
a Lua plugin may misbehave and display wrong column info.
This fixes column issues when:
- Calling resetColumns() in Qt. This involves adding a display filter,
change time display format, change name resolution and other changes
in UI which requires column updates.
- Print summary lines.
- Export as CSV and PSML.
Change-Id: Ieed6f8578cdf2759f1f836cd8413a4529b7bbd80
Reviewed-on: https://code.wireshark.org/review/13708
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
GNU coding standards recommend against it and automake is designed
around it.
This allows overriding the global build flags using AM_CFLAGS, etc.,
or per object flags, something that is difficult or impossible currently
because of automake precedence rules.
Change-Id: I3f1ea12e560af5a46b2f04b342b1882bbf123f12
Reviewed-on: https://code.wireshark.org/review/13455
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Add support for IEEE-11073 32-bit FLOAT and 16 bit SFLOAT field types.
Use them in Bluetooth ATT dissector.
Change-Id: Ife0f3843da84a9af23483b0a0d9b69cd2f511d08
Reviewed-on: https://code.wireshark.org/review/12680
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
dfilter_macro_apply_recurse() returns either NULL or a pointer to
freshly-allocated memory, so it doesn't return a const pointer.
dfilter_macro_apply() calls dfilter_macro_apply_recurse(), so it doesn't
return a const pointer, either.
In dfilter_compile(), have separate variables for the filter handed in
and the macro-expanded filter, the former being const gchar * and the
latter being gchar *.
Change-Id: I191549bf0ff6c09c1278a98432a907c93d5e0e74
Reviewed-on: https://code.wireshark.org/review/12446
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit b56f53884b.
Sadly, we *do* get warnings at this point with older versions of Flex,
such as the one on the 32-bit OS X buildbot.
Change-Id: I9aec1a16e9f2e1bbcfaac3dffdabdd89af5815e3
Reviewed-on: https://code.wireshark.org/review/12443
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We shouldn't be getting warnings at this point.
Change-Id: I363a48546cb8d916425f42962ae1697d52ed9a29
Reviewed-on: https://code.wireshark.org/review/12436
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tweak lemonflex-tail.inc to fix an issue this reveals.
It appears that, at least on the buildbots, the Visual Studio compiler
no longer issues warnings for the code generated with %option noyywrap.
Change-Id: Id64d56f1ae8a79d0336488a4a50518da1f511497
Reviewed-on: https://code.wireshark.org/review/12433
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The only file system operations it does are printing of debugging output
to the standard output, so it doesn't need <wsutil/file_util.h>.
Change-Id: Ia5caf62a3aab418f039669aa0b54e163e54d0d21
Reviewed-on: https://code.wireshark.org/review/11635
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Either remove them completely, or put them inside an #ifdef.
Change-Id: Iceff4909e250c17812f38d94e067f7c37ab72e1b
Reviewed-on: https://code.wireshark.org/review/11630
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We don't have any Flex scanners that support an interactive command-line
interface, so none of our scanners are, or need to be, interactive.
Mark text2pcap's scanner as not interactive.
That means none of our scanners should call isatty(), so they don't have
any need to include <io.h> on Windows; remove that include from the
Lucent/Ascent text capture scanner.
Update a comment to reflect that what matters isn't whether we can read
from a terminal or whether we actually do so, what matters is whether
they read *interactively* from a terminal (if you want to run text2pcap
reading from the standard input and type at it, be my guest).
Change-Id: I59979d1fdb37e1913125a400963ff7a3fa6b9bbd
Reviewed-on: https://code.wireshark.org/review/11587
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Because of a change in lemon the %parse_failure is not always called.
Bug: 11637
Change-Id: Iea218aeee10e20f29461169829a10345bbdac903
Reviewed-on: https://code.wireshark.org/review/11302
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
While IPv4 subnet masks are obviously related and similar to IPv4
addresses, they are distinct enough that they need to be treated
seperately in some aspects. For instance, there is no value in
attempting to resolve a subnet mask.
This change creates a new display type: BASE_NETMASK, which allows distinction from FT_IPv4
(and possible name resolution) where appropriate.
Change-Id: I99e19c9a58eb613f8e58d481af84c30e2e5e14d7
Reviewed-on: https://code.wireshark.org/review/10438
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Added a new relational test: 'x in {a b c}'. The only LHS entity
supported at this time is a field. The generated DFVM operations are
equivalent to an OR'ed series of =='s, but with the redundant existence
tests removed.
Change-Id: Iddc89b81cf7ad6319aef1a2a94f93314cb721a8a
Reviewed-on: https://code.wireshark.org/review/10246
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The hfinfo->strings pointer is used to store a ft_framenum_type_t
Bug: 11325
Change-Id: Ia6ee1bdd4f1e6ff93907e6107fcecab56c0320de
Reviewed-on: https://code.wireshark.org/review/9458
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Update from SQLite trunk (19 April 2015)
Add include <config.h>
Fix warning: unused parameter 'argc' [-Wunused-parameter] (using _U_)
Fix implicit conversion loses integer precision
Fix comparison of integers of different signs: 'size_t' (aka 'unsigned long') and 'int' [-Wsign-compare]
Fix function declaration isn’t a prototype [-Wstrict-prototypes]
Fix warning: old-style function definition [-Wold-style-definition]
Fix trailing whitespace
Fix use -T for template for epan\Makefile.nmake, epan\dfilter\Makefile.nmake, plugins\mate\Makefile.nmake, plugins\tpg\Makefile.nmake and cmake/modules/UseLemon.cmake
Fix -Wmissing-prototypes Remove unused function (acttab_free)
Add basename the filename with only filename (no path...)
Fix lemon.c:3435: warning: implicit conversion shortens 64-bit value into a 32-bit value
Add "new" version of lempar.c (3 November 2009).
LEMPAR: fix trailing whitespace
LEMPAR: fix -Wunused-parameter
Change-Id: I2df7e39c9a6846de26743a981fb76aca423fe813
Reviewed-on: https://code.wireshark.org/review/6502
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I57354c309ecf3a0c8f0c7cff485638027f30bb19
Reviewed-on: https://code.wireshark.org/review/5813
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Have them return TRUE on success and FALSE on failure. Check the return
value rather than whether the error string pointer is null or not.
Change-Id: I800a03bcd70a6bbb7b217cf7c4800e9cdcf2189c
Reviewed-on: https://code.wireshark.org/review/7222
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Its callers treat a non-null error pointer as a failure and a null error
pointer as a success, so it has to set *error, even if it's only setting
it to NULL.
Change-Id: I48b2faa4bc013e4a754180dfae487829c8fe35a6
Reviewed-on: https://code.wireshark.org/review/7211
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit 876c322df8.
Wrong branch. It builds in master; it does *not* build in 1.12 or 1.10.
Change-Id: I3a2409d5a37f08965d6caac64dc97a48a1c5d1b8
Reviewed-on: https://code.wireshark.org/review/7152
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit f5902a677e.
This is not a simple cherry-pick; backporting this fix will have to be done manually.
Change-Id: I53efc06a8e35c6b1aa793edf4e702cabee2e929b
Reviewed-on: https://code.wireshark.org/review/7151
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Since commit 4a1bd75b60
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7471), the data
pointer does not match anything from the macros array.
This patch fixes a false warning by checking for duplicates before the
name is committed.
Bug: 10957
Change-Id: Id61110bf63de1de80b85524705a2df6a5e7be33a
Reviewed-on: https://code.wireshark.org/review/7119
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Found by MSVC2013 Code Analysis
Change-Id: I58063946dd558e98308c87b36eeac0ddbe1a6e79
Reviewed-on: https://code.wireshark.org/review/7045
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Have dfilter_compile() take an additional gchar ** argument, pointing to
a gchar * item that, on error, gets set to point to a g_malloc()ed error
string. That removes one bit of global state from the display filter
parser, and doesn't impose a fixed limit on the error message strings.
Have fvalue_from_string() and fvalue_from_unparsed() take a gchar **
argument, pointer to a gchar * item, rather than an error-reporting
function, and set the gchar * item to point to a g_malloc()ed error
string on an error.
Allow either gchar ** argument to be null; if the argument is null, no
error message is allocated or provided.
Change-Id: Ibd36b8aaa9bf4234aa6efa1e7fb95f7037493b4c
Reviewed-on: https://code.wireshark.org/review/6608
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Couldn't quite eliminate it completely, but it's much improved. Need to figure out where/when to free dfilter_error_msg.
Change-Id: I10216e9546d38e83f69991ded8ec0b3fc8472035
Reviewed-on: https://code.wireshark.org/review/6591
Reviewed-by: Michael Mann <mmann78@netscape.net>
g_string_free(str, FALSE) frees the GString container but not the
underlying g_malloc()ed string; instead, it returns a pointer to the
g_malloc()ed string.
Fix those places that didn't already get the string pointer from
g_string_free() to do so rather than manually extracting the string
themselves.
And fix one place that didn't even need to use a string - it was just
scanning a C string without even modifying it.
Change-Id: Ibbf4872bf5b9935b9907f539b6edb1013f3053a5
Reviewed-on: https://code.wireshark.org/review/6532
Reviewed-by: Guy Harris <guy@alum.mit.edu>
UAT error strings are usually allocated by g_strdup() or
g_strdup_printf(), and must ultimately be freed by the caller.
Make the pointer-to-error-string-pointer arguments to various functions
be "char **", not "const char **".
Fix cases that finds where a raw string was being used, as that won't
work if you try to free it; g_strdup() it instead.
Add a missing free of an error string.
Remove some no-longer-necessary casts.
Remove some unnecessary g_strdup()s (the string being handed to it was
already g_malloc()ated).
Change some variable declarations to match.
Put in XXX comments for some cases where the error string is just freed,
without being shown to the user.
Change-Id: I40297746a2ef729c56763baeddbb0842386fa0d0
Reviewed-on: https://code.wireshark.org/review/6525
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I009c09f25d170e5c9aaaef713eaacb3252817856
Reviewed-on: https://code.wireshark.org/review/6460
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This reverts commit 5855dd8d53.
This Lemon update fails to compile on OSX and triggers asserts on other platforms
Change-Id: I12a8a2bf32db31e5a9b0cb1a67a39724e30f3e91
Reviewed-on: https://code.wireshark.org/review/6496
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Fix warning: declaration shadows a variable in the global scope [-Wshadow]
Add include <config.h>
Fix warning: unused parameter 'argc' [-Wunused-parameter] (using _U_)
Fix implicit conversion loses integer precision
Fix comparison of integers of different signs: 'size_t' (aka 'unsigned long') and 'int' [-Wsign-compare]
Fix function declaration isn’t a prototype [-Wstrict-prototypes]
Fix warning: old-style function definition [-Wold-style-definition]
Fix trailing whitespace
Fix use -T for template for epan\Makefile.nmake, epan\dfilter\Makefile.nmake, plugins\mate\Makefile.nmake, plugins\tpg\Makefile.nmake and cmake/modules/UseLemon.cmake
Fix -Wmissing-prototypes
Remove unused function (acttab_free)
Add basename the filename with only filename (no path...)
Change-Id: Ia79f61e29f828575df61cc89134c6c553044e86d
Reviewed-on: https://code.wireshark.org/review/3976
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
These "bases" will put a ".", "-", or ":" respectively between hexidecimal bytes in the field in packet view and display filter. FT_BYTES with BASE_NONE will have no separator in the packet view, but continue to have the ':' as a separator in the display filter.
Converted the "string" hf_ entries that used tvb_fc_to_str as a string to use proto_tree_add_item with FT_BYTES/BASE_DOT type.
Converted applicable tvb_bytes_to_ep_str_punct() calls to use the new BASE values.
Change-Id: I2442185bb314d04a3ff2ba57883652ecd738b5f9
Reviewed-on: https://code.wireshark.org/review/6098
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also, convert the "string" hf_ entries that used tvb_fcwwn_to_str as a string to use proto_tree_add_item with FT_FCWWN type.
Change-Id: I4ca77870499fd8239584a70874998b5d194a7167
Reviewed-on: https://code.wireshark.org/review/6036
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This adds possibility to have two fields with the same abbrev name
but different type, for example FT_ETHER and FT_STRING.
That allows to compare each one to find a valid field.
Change-Id: I8b2a1708ac9648b7a4289777c72a0f3b18f3d8f8
Reviewed-on: https://code.wireshark.org/review/5702
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
a string, a field name or another range - not an unparsed element
Bug: 10690
Change-Id: I126143636c940cc73ed6467660f0a573209e2ae9
Reviewed-on: https://code.wireshark.org/review/5243
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
We can just use g_ascii_tolower() and g_ascii_toupper();
Change-Id: I8a88a096d16ce8c60dd9151e5bdddf6747702145
Reviewed-on: https://code.wireshark.org/review/4754
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That way, we don't have to worry about casting the argument (which, in
one place, was done wrong - casting to int preserves the sign-extension
done with signed chars), and don't have to worry about a locale in which
particular 8-bit byte values are considered alphanumeric characters.
Change-Id: I129b4bfdad70ade4ab6e0a1d2c13d59ae9e6f524
Reviewed-on: https://code.wireshark.org/review/4751
Reviewed-by: Guy Harris <guy@alum.mit.edu>
return an error if the parameter is _no_ string
Bug: 10401
Change-Id: I5643ef05009072538155e63c3178071ed6bab061
Reviewed-on: https://code.wireshark.org/review/4071
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Not all compilers we use support __func__.
Change-Id: I61194e1073c87e67f821e14698ea21b73d63983c
Reviewed-on: https://code.wireshark.org/review/3071
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The WRETH dissector showed up some garbage in the column display. Upon
further inspection, it turns out that the format string had a trailing
percent sign which caused (unsigned)-1 to be returned by
g_printf_string_upper_bound (in emem_strdup_vprintf). Then ep_alloc is
called with (unsigned)-1 + 1 = 0 memory, no wonder that garbage shows
up. ASAN could not even catch this error because EP is in charge of
this.
So, start adding G_GNUC_PRINTF annotations in each header that uses
the "fmt" or "format" paramters (grepped + awk). This revealed some
other errors. The NCP2222 dissector was missing a format string (not
a security vuln though).
Many dissectors used val_to_str with a constant (but empty) string,
these have been replaced by val_to_str_const. ASN.1 dissectors
were regenerated for this.
Minor: the mate plugin used "%X" instead of "%p" for a pointer type.
The ncp2222 dissector and wimax plugin gained modelines.
Change-Id: I7f3f6a3136116f9b251719830a39a7b21646f622
Reviewed-on: https://code.wireshark.org/review/2881
Reviewed-by: Evan Huus <eapache@gmail.com>
Always call $(top_srcdir)/tools/checkAPIs.pl with -sourcedir=$(srcdir)
from Makefile.am to allow out-of-source 'make checkapi'.
Change-Id: I60d7e0079984a8ededdacf4517a0738486fa7973
Reviewed-on: https://code.wireshark.org/review/1294
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add an FT_STRINGZPAD type, for null-padded strings (typically
fixed-length fields, where the string can be up to the length of the
field, and is null-padded if it's shorter than that), and use it. Use
IS_FT_STRING() in more cases, so that less code needs to know what types
are string types.
Add a tvb_get_stringzpad() routine, which gets null-padded strings.
Currently, it does the same thing that tvb_get_string_enc() does, but
that might change if we don't store string values as null-terminated
strings.
Change-Id: I46f56e130de8f419a19b56ded914e24cc7518a66
Reviewed-on: https://code.wireshark.org/review/1082
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(Using sed : sed -i '/^\# \$Id\$/,+1 d') (start with dash)
Change-Id: Ia4b5a6c2302f6a531f6a86c1ec3a2f8205c8c2dd
Reviewed-on: https://code.wireshark.org/review/881
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The majority of the fixes are for calls to uat_new(). Instead of
having each caller cast its private data to (void**), we use void*
in the uat_new() API itself. Inside uat_new(), we cast the void*
to void**.
Some dissectors use val64_string arrays, so a VALS64() macro was
added for those, to avoid using VALS(), which is useful only for
value_string arrays.
packet-mq.c was changed because dissect_nt_sid() requires
a char**, not a guint**. All other callers of dissect_nt_sid() use
char*'s (and take the address of it) for their local storage. So,
this was changed to follow the other practices.
A confusion between gint and absolute_time_display_e in packet-time.c
was cleared up.
The ugliest fix is the addition of ip6_guint8_to_str(), for exactly
one caller. The caller uses one type of ip6 address byte array,
while ip6_to_str() expects another. This new function is in place
until the various address implementations can be consolidated.
Add VALS64() to the developer documentation.
Change-Id: If93ff5c6c8c7cc3c9510d7fb78fa9108e4552805
Reviewed-on: https://code.wireshark.org/review/48
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
appropriate for particular FT_ types. This lets us do some more type
checking and lets us use const pointers when appropriate.
Constify a bunch of stuff, and don't cast away constness.
svn path=/trunk/; revision=54811
the ftenum_t for the fvalue's ftype, rather than a pointer to the ftype
(which isn't all that useful except as a handle, unless you import the
internal header).
Have fvalue_to_string_repr() return NULL, rather than failing, if the
fvalue's ftype has no val_to_string_repr method.
This lets us not include the ftypes internal header in
ui/cli/tap-diameter-avp.c.
svn path=/trunk/; revision=53290
convert all existing UAT update callbacks to use glib memory instead of
ephemeral memory for that string.
UAT code paths are entirely distinct from packet dissection, so using ephemeral
memory was the wrong choice, because there was no guarantees about when it would
be freed.
The move away from emem still needs to be propogated deeper into the UAT code
itself at some point.
Net effect: remove another bunch of emem calls from dissectors, where replacing
with wmem would have caused assertions.
svn path=/trunk/; revision=52854
João Valverde