Change cflow.sysuptime from an FT_UINT32 (milliseconds since the router booted)
to an FT_RELATIVE_TIME (seconds since the router booted). I don't imagine
anyone will care if we show them seconds or milliseconds and it satisfy the
user's request (in that bug) to compare cflow.sysuptime to cflow.timeend (which
is already an FT_RELATIVE_TIME).
(If someone does care, we could always display the field twice, once in
milliseconds and once in seconds.)
svn path=/trunk/; revision=52821
I'm not sure of the correct way of fixing them.
file-elf.c(642) : error C2220: warning treated as error - no 'object' file generated
file-elf.c(642) : warning C4244: '=' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(644) : warning C4244: 'function' : conversion from 'guint64' to 'const gint', possible loss of data
file-elf.c(715) : warning C4244: 'function' : conversion from 'guint64' to 'const guint32', possible loss of data
file-elf.c(729) : warning C4244: 'function' : conversion from 'guint64' to 'const guint32', possible loss of data
file-elf.c(752) : warning C4244: 'function' : conversion from 'guint64' to 'const gint', possible loss of data
file-elf.c(917) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(967) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1013) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1015) : warning C4244: '+=' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1018) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1019) : warning C4244: '+=' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1021) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1036) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1069) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1071) : warning C4244: '+=' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1074) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1075) : warning C4244: '+=' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1253) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1257) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1285) : warning C4244: '=' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1381) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1381) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1394) : warning C4244: '=' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1411) : warning C4244: 'function' : conversion from 'guint64' to 'const gint', possible loss of data
file-elf.c(1411) : warning C4244: 'function' : conversion from 'guint64' to 'const gint', possible loss of data
file-elf.c(1414) : warning C4244: 'function' : conversion from 'guint64' to 'const gint', possible loss of data
file-elf.c(1414) : warning C4244: 'function' : conversion from 'guint64' to 'const gint', possible loss of data
file-elf.c(1417) : warning C4244: 'function' : conversion from 'guint64' to 'const gint', possible loss of data
file-elf.c(1453) : warning C4244: '=' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1486) : warning C4244: 'function' : conversion from 'guint64' to 'const gint', possible loss of data
file-elf.c(1486) : warning C4244: 'function' : conversion from 'guint64' to 'const gint', possible loss of data
file-elf.c(1489) : warning C4244: 'function' : conversion from 'guint64' to 'const gint', possible loss of data
file-elf.c(1489) : warning C4244: 'function' : conversion from 'guint64' to 'const gint', possible loss of data
file-elf.c(1492) : warning C4244: 'function' : conversion from 'guint64' to 'const gint', possible loss of data
file-elf.c(1581) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1581) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1586) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1586) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1592) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1592) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1598) : warning C4244: '=' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1601) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1612) : warning C4244: '=' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1615) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1626) : warning C4244: '=' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1637) : warning C4244: '=' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1640) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1641) : warning C4244: '+=' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1680) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1686) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
file-elf.c(1698) : warning C4244: 'function' : conversion from 'guint64' to 'gint', possible loss of data
svn path=/trunk/; revision=52781
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8818
Add support for dissection ELF files. It opens as a "capture" file via wiretap
at the moment for simplicity's sake, but the intention is eventually to have
this (and other file types we dissect) open through some other program sharing
much of the libwireshark infrastructure.
svn path=/trunk/; revision=52775
- remove duplicate/unneeded #includes
- remove some boilerplate comments
- fix up whitespace: indentation, trailing & etc
- remove 'if (tree)'
(Note: 'if (tree)' needs to be around all the code (as in the previous
version of packet-wsmp) or none so that the same value of offset is used
in various function calls whether or not 'tree == NULL'.
For the moment I've chosen to remove the 'if (tree)' since (in theory)
the (external) data dissector shouldn't be called under 'if (tree)'.
- revert SVN #52757 since no it's longer needed with the removal of 'if (tree)';
- remove another unneeded line of code.
svn path=/trunk/; revision=52761
Didn't integrate
0010-frsrpc-Regenerate-frsrpc-due-to-changes-in-the-pidl-.patch
0016-Regenerate-the-dnserver.patch
due to compilation errors on Windows.
svn path=/trunk/; revision=52744
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9312
Anders, this may be related to your recent TVB optimizations, since I don't
think it happened before that? Did you change the behaviour of tvb_find_line_end
or its callees at all?
svn path=/trunk/; revision=52730
Compilation fails on (only the ?) OSX-10.6-x64 buildbot with error:
netscaler.c: In function 'nstrace_read_v30':
netscaler.c:1295: warning: implicit conversion shortens 64-bit value into a 32-bit value
(Life is too short for me to dig multiple levels deep into a set of macros to try to see which
actual line of code is causing the problem. Maybe the patch submitter can identify the problem).
svn path=/trunk/; revision=52666
very smallest part of its logic. Just call tvb_get_guint8 directly and check
that the return is between 1 and 4. Properly fixes the set-but-unused and
associated warnings that were showing up.
svn path=/trunk/; revision=52648
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9273
This patch adds modelines and cleans up the irregular indentation of
this dissector's code. The only other change was in
asn1/c1222/packet-c1222-template.c to consolidate an #ifdef that had a
redundant #endif (line 812) and subsequent reopening #ifdef (line
824). The only thing between them was comments, so the span of the
original #ifdef (line 644) was simply extended by eliminating those
two lines.
The purpose for this patch is to make the file easier to edit and
understand in advance of more substantive patches later. This patch
is intended to be easy to review by having only non-substantive
changes.
svn path=/trunk/; revision=52636
These consist of the following bitmask fields:
[packet-smb.c] 'Create Flags', 'Access Mask', 'File Attributes', 'Share Access', 'Create Options',
'Security Flags', 'Optional Support'(in TreeConnect AndX responses), and "Quota Flags"
[packet-smb2.c] 'Flags', 'Session Flags', 'Security mode', and 'Interface Capabilities'.
[packet-smb.c] Made the tfs_file_attribute_xxx true_false_string values less verbose and more compact.
[packet-smb2.c] Changed all references to "RMDA" to RDMA".
[packet_smb.c] In dissect_qfi_SMB_FILE_NETWORK_OPEN_INFO() (GetInfo response) changed "Unknown Field"
to "Reserved" (See capture 'DMtrace2.cap' frame 20023).
svn path=/trunk/; revision=52623
Changes:
- All messages now have a checksum (and not only version and verack).
- In the version message: user agent added as a string preceded by a varint length.
- Port in an address is in little endian and not big endian.
- In the version message the receiving and emitting address where inverted.
From Eric Masson
svn path=/trunk/; revision=52609
Fix memory leaks and bad memory accesses in c1222 dissector.
From me: use realloc in a handoff function since it may get called multiple
times, and we only need the latest.
svn path=/trunk/; revision=52497
Fix1: The proto_tree_add_item() was changed to proto_tree_add_uint.
Fix2: "If (len==0) PROTO_ITEM_SET_GENERATED(item);" was added to dissect_nt_create_options_bits(), dissect_nt_share_access_bits(), dissect_smb_access_mask_bits(), dissect_nt_create_bits(), and dissect_file_ext_attr_bits().
svn path=/trunk/; revision=52494
Patch was tested with snaplens of:
49 and 52: (TCP fixed header incomplete) TCP analysis NOT performed.
54: (Fixed header complete but entire options wfield was sliced off) TCP analysis ran and was OK.
64: (Fixed header complete but a portion of the options field was missing) Options were dissected to the extent possible. TCP analysis ran and was OK.
66: (Fixed header and options complete) TCP analysis ran and was OK.
70: (Fixed header and options complete plus 4 bytes) TCP analysis ran and was OK.
svn path=/trunk/; revision=52467
Just break out of the loop if offset doesn't go up.
There's almost certainly a better fix - the dissector is weird, and I'm not sure
if all the _length_remaining() checks are important or legacy, and what affect
they have on this issue.
At the very least this will pacify the fuzzbots until somebody has time to
figure it out properly.
svn path=/trunk/; revision=52458
tYN flag in named messages
Named messages are both used for connectionless
messaging and connection setup requests. A SYN
flag is now represented by the previously reserved
bit 18 in word 0 to differentiate named messages from
connection requests.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9241
svn path=/trunk/; revision=52440
tipc: update discovery protocol header according to spec
Dissection of word 1 in the TIPC ndisc protocol header
is wrong. The field called "Broadcast ack no" should
be "Node Signature" (16 bits wide).
"Requested Links" is also wrong. This should actually be
5 bits reserved, followed by a 8 bit "Minor protocol version"
field
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9241
svn path=/trunk/; revision=52439
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9232
Use wmem_strbuf instead of manual string management in btsdp. Fixes fuzz
failure.
From me: minor tweak to make the patch apply to current trunk.
svn path=/trunk/; revision=52438
Fix CoAP option decoding. It's perfectly acceptable for the Payload Marker to
appear with no preceding options. Without this check such a situation produces
an invalid diagnostic: end-of-options marker found, but option length isn't 15
svn path=/trunk/; revision=52383
Fix GPRS-NS protocol dissector for STATUS PDU
When a NS-STATUS message contains a PDU, the packet description
refers to the contained PDU and the offset is wrong, thus finding
information elements that are not present.
This fixes the implementation by checking, whether the PDU dissector
has been called recursively and by updating the offset correctly.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9221
(from me: use gboolean, separate variable declaration and initialization)
svn path=/trunk/; revision=52378
epan/dissectors/packet-s5066sis.c, to clarify that it's not for STANAG
5066 as a whole, but just for the Subnetwork Interface Sublayer.
There's currently an enhancement to support the Data Transport Sublayer,
which adds a epan/dissectors/packet-s5066dts.c file.
svn path=/trunk/; revision=52348
PSK allows up to 2^16-1 octets as key according to RFC 4279 (PSK for
TLS). Therefore remove the restriction of 16 octets. While at it, skip
testing for negative size as this is unnecessary.
Reported at:
http://ask.wireshark.org/questions/25157/can-not-decrypt-ssl-psk-traffic
svn path=/trunk/; revision=52335
The name "RC2" is not used by libgcrypt, instead it uses
"RFC2268_<keysize>". RFC2268_40 and RFC2268_128 are both documented,
though only RFC2268_40 is implemented right now.
As documented in RFC2246 (TLS 1.0), section 6.3.1 Export key generation
example, exportable ciphers (in this case, the
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 cipher) only use 40 bits of the
key_block, but the real key (final_{client,server}_write_key) used for
the actual algorithm (RC2) is still 16 bytes (128 bits). Therefore
RFC2268_128 is the correct name to use.
As libgcrypt 1.5.3 does not support the 128-bit keys, I have submitted a
patch for libgcrypt to support the larger 128-bit rc2 keys has been
submitted to gcrypt-devel@gnupg.org (it sits in their mail queue as I am
not subscribed).
svn path=/trunk/; revision=52320