This is more reliable than doing "tree math" and corrects the intention of 5470356154 which made the incorrect assumption that tcp_dissect_pdus will be called with the tree that is passed into a protocol's main dissection function (directly from TCP).
Change-Id: I6ffc2188420ab74784c7bc2c69aa79ff071c90b6
Reviewed-on: https://code.wireshark.org/review/1214
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rather than using a hash table, which is overkill and slow, embed a
doubly-linked-list in the prefix structure.
On my tests with some random capture file and tshark -nxVr:
- normal block allocator: ~2.1 seconds
- old (slow) strict allocator: ~4.2 seconds
- new (fast) strict allocator: ~2.8 seconds
The buildbot will thank me :)
Change-Id: I2fb42229c4ee4c40bbe45ba04b7848792998eaa9
Reviewed-on: https://code.wireshark.org/review/1251
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Modern hosts typically open many more TCP and UDP connections than in
years past. For an example opening a popular news site in a web browser
can easily trigger dozens of separate connections. At the same time our
services file has accumulated a lot of cruft over time. As a result
transport name resolution is a bunch of lies.
Change-Id: Ibbca5b1c7ea1e800fc46dad63b9270128dacd721
Reviewed-on: https://code.wireshark.org/review/1240
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ib4cfdd8261e53caef695d54a2991223b1f296448
Reviewed-on: https://code.wireshark.org/review/1247
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I474c03a1a40586a14cdec2196ee3ebc89eedd8ab
Reviewed-on: https://code.wireshark.org/review/1236
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I9b0cb7c8602f813fd06f1b3ea6107ed6fe8d72ed
Reviewed-on: https://code.wireshark.org/review/1244
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I5e0e44019ddee4d39fbf2d6204c40c02d3e97c6f
Reviewed-on: https://code.wireshark.org/review/1243
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I5e0e44018eaee4da9fbf2d6204c40c0ad3ea7a6f
Reviewed-on: https://code.wireshark.org/review/1242
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Bugs fixed:
- DISSECTOR_BUG (reported by proto.c) when displaying "Parameters"
(Apparently introduced in I8de7a19 (gc538b44))
- Incorrect byte pane highlighting for ARG_ARRAY container type
(In dissector code as originally committed)
- "uint32uint32" should be "uint32" in packet details.
(In dissector code as originally committed)
Cleanup:
- Remove unneeded #includes;
- Simplify some code;
- Remove unneeded initializers;
- Fix: "warning: no previous prototype...[-Wmissing-prototypes]"
- Reformat hf[] array entries;
- Fix some spelling;
- Do indentation, whitespace & formatting style changes.
Change-Id: If1f488f10ba83b27f75a1f71cf4bce7d5279e87c
Reviewed-on: https://code.wireshark.org/review/1238
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
This is substantially more memory-efficient, shaving another ~1.5MB off our base
usage. It also lets us remove the annoying extra "last_field" pointer and
simplify proto_register_field_common(). It also accidentally fixed what may
have been a memory leak in proto_unregister_field().
It unfortunately complicates proto_get_next_protocol_field() to require
refetching the protocol each time, but that is itself just an array-lookup under
the covers (and isn't much used), so I don't expect the performance hit to be
noticable.
Change-Id: I8e1006b2326d6563fc3b710b827cc99b54440df1
Reviewed-on: https://code.wireshark.org/review/1225
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Shaves ~1.5MB off our base memory usage, and provides O(1) operations instead of
O(log n). We don't need the additional operations a tree provides.
Change-Id: I6159d09ee380a2bca0de3bb2d031a874d8eb79d2
Reviewed-on: https://code.wireshark.org/review/1224
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: Ia0779c6055f6e2864d2099fd607d9763e4040380
Reviewed-on: https://code.wireshark.org/review/1233
Reviewed-by: Michael Mann <mmann78@netscape.net>
This matches the current name of the --enable-extra-compiler-warnings
option in autotools.
Fix the documentation of the option to match.
(Note that "compiler" won't necessarily always be GCC or Clang, and
won't necessarily always use -W for warning options, so speaking of them
as "-W checks" isn't future-proof.)
Change-Id: I2e142532e78be3c8051f1e738b3109a83e7d10dc
Reviewed-on: https://code.wireshark.org/review/1231
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Rename --enable-extra-warnings to --enable-extra-compiler-warnings, and
have the message talking about "extra warnings" talk about "extra
compiler warnings", to make it more uniform (the documentation for the
--enable flag speaks of "additional compiler warnings") and to clarify
that these are warnings from the compiler, not from *shark.
Change-Id: Ic1a045670144f8d9eda2e3427142027e2a339156
Reviewed-on: https://code.wireshark.org/review/1230
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This matches with the change made to CMakeLists.txt.
Change the description as well - the name was changed because those
extra checks don't just apply to GCC.
Change-Id: Id81c081574c42e11144d119c8af45875248578b5
Reviewed-on: https://code.wireshark.org/review/1229
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It no longer does anything, and it refers to variables that no longer
exist, as we're not distinguishing between extra GCC warning flags and
extra CLang warning flags any more.
Change-Id: If0b346f669f2573e46261e6da4dc78e96ef79a8f
Reviewed-on: https://code.wireshark.org/review/1228
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That makes it clearer that what we're enabling are extra warnings, and
fits better with the description for --enable-warnings-as-errors, which
says the default is "yes, unless extra warnings are enabled".
Change-Id: If21f778df0dfdb98acbe02cb6a763ed27f2a7f91
Reviewed-on: https://code.wireshark.org/review/1227
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We test whether a given compiler supports a given -W flag, so we don't
need to separate them and check them only for particular compilers.
To make that even clearer, rename the --enable option from
--enable-extra-gcc-checks to --enable-extra-compiler-checks, and
document it as just "do additional -W checks", and rename the
WIRESHARK_EXTRA_GCC_ CMake variables to WIRESHARK_EXTRA_COMPILER_.
Sync up the lists of warning flags in CMake with the lists in autoconf.
Uncomment -Wdocumentation while we're at it. If it doesn't work *at
all*, comment it out until it's fixed, or, better yet, fix it; if it
still produces warnings, we just leave it among the "extra" flags.
Change-Id: I4042affdade612e4025e2881d08f1ca69d759626
Reviewed-on: https://code.wireshark.org/review/1226
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ic315ed9b7d65fe70401945cb0cceda4af863d140
Reviewed-on: https://code.wireshark.org/review/1215
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add ep_ to routines that may return ephemeral strings.
Change "get_XXX" to "XXX_to_display" if the routine returns a formatted
string if it can't get a name.
Change-Id: Ia0e82784349752cf4285bf82788316c9588fdd88
Reviewed-on: https://code.wireshark.org/review/1217
Reviewed-by: Guy Harris <guy@alum.mit.edu>
"get_addr_name()" -> "ep_address_to_display()", to 1) indicate that it
returns a string with ephemeral scope and 2) indicate that it maps an
address to a "displayable" form - a name if possible, an address string
if not.
"se_get_addr_name()" -> "get_addr_name()", to indicate that its strings
have the same scope as "get_ether_name()", "get_hostname()", and
"get_hostname6()".
Change-Id: If2ab776395c7a4a163fef031d92b7757b5d23838
Reviewed-on: https://code.wireshark.org/review/1216
Reviewed-by: Guy Harris <guy@alum.mit.edu>
According to RFC 5846 (https://tools.ietf.org/html/rfc5846#section-5.2), there are 3 bits in the Binding Revocation Acknowledgement Message, which come in the following order:
1. Proxy Binding (P)
2. IPv4 HoA Binding Only (V)
3. Global (G)
Found by Boaz Brickner
From Alexis: MIP6 dissector is based on old draft...
Closed-bug: 10007
Change-Id: I570381171e1455cc03fa7b40bf682d6ed7bd0a92
Reviewed-on: https://code.wireshark.org/review/1203
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
When IPv6 has a Mobility Header that is followed by an Authentication Header, the Authentication Header is not parsed.
Found by Boaz Brickner
Change-Id: Ib6ad759c9f08c94650d72d8dfcc95856e628d2e6
Close-Bug: 10005
Reviewed-on: https://code.wireshark.org/review/1205
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This should significantly reduce memory usage, without increasing the
CPU time required to process a capture file in TShark or Wireshark.
As a result, se_address_to_str() is no longer used; eliminate it.
Fixes bug #9949.
Change-Id: I65a112a426c82cc73a957b81384c765c3d14f2c3
Reviewed-on: https://code.wireshark.org/review/1213
Reviewed-by: Evan Huus <eapache@gmail.com>
Also do a quick scan for other similar issues and fix them too; this type of
underflow has popped up three times now in the openflow dissector in separate
bugs. Hopefully this squashes the last of them.
Change-Id: Id404433333016f64cdd83d7e0f9e60a3028d2d0b
Reviewed-on: https://code.wireshark.org/review/1207
Reviewed-by: Evan Huus <eapache@gmail.com>
This should complete the transition to the "New" type.
Change-Id: I882b088206c6e6d0592159451c943caeaf5b90ec
Reviewed-on: https://code.wireshark.org/review/1202
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Added RFC 3244 ChangePasswdData to the kerberos dissector.
This is the last dissector using the "old BER" functions.
Change-Id: I1d79047103c07c268d08e652745391f1ac37c82c
Reviewed-on: https://code.wireshark.org/review/1198
Reviewed-by: Tomáš Kukosa <tomas.kukosa@unify.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
These tag values have been pretty stable for a while now; mark them as
stable and insert a warning (copied directly from tcpdump.org) to ensure
that people don't start using tags without registering them.
Change-Id: I9d7b9cd0daaff7eded606506d540c2555d78c417
Reviewed-on: https://code.wireshark.org/review/1193
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Michael Mann