Fixes, matching LSB 4.1[1] and the AMD64 ABI[2]:
- Multiple CIE entries can exist after the first one. Introduce a CFI
subtree and add CIE and FDE records below it. Merge comon parsing
functionality of CIE/FDE. A CIE terminator is treated specially, and
added instead of a CFI subtree.
- Validate the header length before using it to avoid a dissector
assert. This condition is triggered by a binary produced by a buggy
gold linker[3].
- Add two expert items: one to detect an invalid CIE length (too small
or too large) and one to detect a segment which is larger than the
CFI records (to catch the gold linker bug[3] where the segment begins
with zeroes).
- Do not overload the elf.eh_frame.length field with the value of the
Extended Length, instead use elf.eh_frame.extended_length (likewise
for FDE).
- Stop tracking the subsection size with another variable
(remaining_length), just store the end of the entry.
- Fix typos in descriptions, improved / shortened field descriptions.
Tested with the 'bad' and 'good' binary from bug 10726 as well as the
'a' binary from bug 8818 (which introduced this code). Decodes properly.
[1]: https://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/ehframechpt.html
[2]: http://www.x86-64.org/documentation/abi.pdf
[3]: https://sourceware.org/bugzilla/show_bug.cgi?id=17639
Bug: 10726
Change-Id: I523600b8141bd8953ae468051a57357ab199a258
Reviewed-on: https://code.wireshark.org/review/5488
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
(And remove them with "make uninstall".)
Change-Id: I76b554bf1a1272813d61c8d2c96cda0a152eebb5
Reviewed-on: https://code.wireshark.org/review/5582
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Both exponent and 'integer N' values are limited:
* max exponent is 3 octets/24-bits
* max integer N is 8 octets/64-bit
Tested with zero value/length, integers, doubles, positive and negative numbers all using the Basic Encoding Rules (BER)
Change-Id: If92e1b3e209c42909b8cb76e6f50b8e6cd1da0da
Reviewed-on: https://code.wireshark.org/review/5527
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We're not necessarily running from the top-level source directory.
Change-Id: I0bb815275f85630e5316bf593f4ac098d9475308
Reviewed-on: https://code.wireshark.org/review/5579
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Just in case not all shells expand {list}, create the apps/icons and
apps/mimetypes directories separately; that makes it a bit clearer in
any case.
Change-Id: I25b3426a17a2ca7e1ce3ce1f7f9e1c650db511a7
Reviewed-on: https://code.wireshark.org/review/5578
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We always install them because of bug 10737.
We install them under $(datadir) because that's where we should install
our data - if your desktop environment can't find the icons there,
either it's broken (file a bug) or misconfigured (fix the configuration
or, if you didn't configure it, file a bug).
Bug: 10737
Change-Id: I567269d8e45e6543d9e39dbedc49830adf7edb9f
Reviewed-on: https://code.wireshark.org/review/5576
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I3b5afb8a59f6443624708b9fecfdcbe93dad59ef
Note: Some of the filters, when/if used, could have caused Wireshark crashes.
Reviewed-on: https://code.wireshark.org/review/5575
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Change-Id: I7db4e67ffe99a9f3b41d0b507d9837e0237d4547
Reviewed-on: https://code.wireshark.org/review/5558
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I668b9c3dfcac83c698e83d4111af8bd19ec8076c
Reviewed-on: https://code.wireshark.org/review/5559
Reviewed-by: Michael Mann <mmann78@netscape.net>
* Include DCP port to the list default ports
* Parse payloads for DCP commands:
* OPEN_CONNECTION
* ADD_STREAM
* STREAM_REQUEST
* Reorganize if conditions to cases
* Update list of known commands
Change-Id: Id37b5c61f0d1084628c6286fd6e4ad722e1d6d99
Reviewed-on: https://code.wireshark.org/review/5388
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Sergey Avseyev <sergey.avseyev@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix AS Path Heuristic
Issue reported by Jon
Bug: 10742
Change-Id: Ie5e4108bd93464a2d1076dcc4f322171ea8e68cb
Reviewed-on: https://code.wireshark.org/review/5564
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Details:
- Rename various "alljoyn.header..." display filter
names releated to the alljoyn "message header"
to "alljoyn.mess_header..." to distinguish
the fields from actual alljoyn "header" fields.
This also fixes the duplicate use of the display
filter name "alljoyn.header".
- Don't use FT_PROTOCOL for a field type.
Change-Id: Id4e78f36716cf6064638aecd5faf561bcbc88b46
Reviewed-on: https://code.wireshark.org/review/5561
Petri-Dish: Bill Meier <wmeier@newsguy.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Joe Huffman <jhuffman@codeaurora.org>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
The offset used for BGP community tag dissection is a wrong one.
Bug: 10746
Change-Id: I1d1d443568bb97a0b3b95a312762ac0a3102326a
Reviewed-on: https://code.wireshark.org/review/5562
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Dissectors should pass data directly to their subdissectors through the data parameter (of new-style dissectors). This avoids unintentional "trampling" from other dissectors trying to "share" private_data member.
Change-Id: I2efef5c8dfeef64588ba3ac6e695b469238c6468
Reviewed-on: https://code.wireshark.org/review/5487
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Part 3 of many, but this concludes the strict conversion to proto_tree_add_bitmask. Patches to follow with use proto_tree_add_bitmask_xxx (some functions still need to be written)
Change-Id: Ic2435667c6a7f1d40602124e5044954d2a296180
Reviewed-on: https://code.wireshark.org/review/5553
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Two comments are added to the code to notify Coverity scan that breaks are not put in switch statement intentionally.
Change-Id: Ie391790ee7365da56ddf0bf7b19042c9a11efddd
Reviewed-on: https://code.wireshark.org/review/5554
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Part 2 of many
Change-Id: I50815e7738b011382392f3078a7107d3d9eec4ec
Reviewed-on: https://code.wireshark.org/review/5542
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Bugfix grep statement checking if file is "autogenerated"
2. Add to the list of "whitelist" duplicates. Many more were found after #1 was changed.
Change-Id: Idea764c0c8b5fa4f30c9acaab9ba10340834d4f5
Reviewed-on: https://code.wireshark.org/review/5547
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I7694a6f8d8ccec3109fb86ccefee5798de57757d
Reviewed-on: https://code.wireshark.org/review/5548
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Replaces the more verbose `g_strdup(foo.toUtf8().constData())` by
`qstring_strdup(foo)`. While at it, plug a minor memleak in
MainWindow dialogs.
Change-Id: I32b53f972b4e3998ac9beabd98647a381b7b42e3
Reviewed-on: https://code.wireshark.org/review/5531
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
qstring.toUtf8() returns a QByteArray object and .constData() returns
a pointer inside that object. It is not safe to store this pointer as
it will become invalid after the statement. Store a const reference
instead. (Due to scoping differences, some are copy-assigned though.)
In the UAT dialog, strlen(bytes.constData()) has also been replaced by
bytes.size() as an optimization.
Caught by ASAN.
Change-Id: Ie09f999a32d0ef1abaa1e658b9403b74bedffc37
Reviewed-on: https://code.wireshark.org/review/5528
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
For example, this can be used for pcap-ng options not mapped to
file-type-independent metadata values.
Change-Id: I398b324c62c1cc1cc61eb5e9631de00481b4aadc
Reviewed-on: https://code.wireshark.org/review/5549
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Give all routines in epan/print.c that write a particular format a name
beginning with write_{formatname}.
If routines write columns, rather than the raw protocol tree, don't give
it a name containing proto_tree.
Get rid of empty preamble/finale routines.
For CSV, the preamble routine writes out column titles, so call it
write_csv_column_titles().
For C arrays, the body routine writes out raw hex data, so call it
write_carrays_hex_data().
capture_file isn't a structure defined by libwireshark, so don't make it
an argument passed into libwireshark.
Change-Id: I5a7e04de9382cf51a59d9d9802f815b8b3558332
Reviewed-on: https://code.wireshark.org/review/5536
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Part 1 of many
Change-Id: I77a5789ac23388e6a5f8098dc398592f39638124
Reviewed-on: https://code.wireshark.org/review/5532
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
no ethertype 0x8203-0x8205 support in trunk.
0x8204 is QNX OS VER 6's qnet ethernet protocol number.
Bug:3934
Change-Id: I5f3e910876bb7fb86de2111f856d026fdf220917
Reviewed-on: https://code.wireshark.org/review/2954
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
* Also cleanup description of remaining preferences
See Bug 10719
Change-Id: I81faba77d8b88b24c65156f5139067233869154b
Reviewed-on: https://code.wireshark.org/review/5416
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If56209f1274245f54100d0acfaf14098c8df4582
Reviewed-on: https://code.wireshark.org/review/5520
Reviewed-by: Michael Mann <mmann78@netscape.net>