Update the list of possible UDH IEs. Include some rudimentary decoding
of the Language Shift IEs, though actually implementing the different
encodings is an entirely different beast.
The DCS in SMPP has many reserved values, and only can take a few
possiblities from the GSM DCS (and cannot be interpreted as Cell
Broadcast DCS.) Remove unused DCS fields and add others that are
missing.
Determine the proper text encoding for the values from 3GPP TS 23.038
DCS with the high two bits set.
Add support for EUC-KR. Add a preference for GSM 7-bit alphabet packed
versus unpacked for the DCS values that unambiguously indicate the
7 bit alphabet (unlike DCS 0).
If the SOME/IP-SD message is broken, it could have happend that the
parsing stopped on the option and did not go back to the entry parsing.
This patch makes this code more robust.
Fix
```
*** CID 1505356: Null pointer dereferences (REVERSE_INULL)
/builds/wireshark/wireshark/epan/conversation.c: 1427 in find_conversation()
1421 * conversation with the specified address B and port B as the
1422 * first address and port, and with any second address and port
1423 * (this packet may be going in the opposite direction from the
1424 * first packet in the conversation).
1425 * (Neither "addr_a" nor "port_a" take part in this lookup.)
1426 */
>>> CID 1505356: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "addr_a" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
1427 if ((addr_a != NULL) && (addr_a->type == AT_FC)) {
1428 DPRINT(("trying wildcarded match: %s:%d -> *:*",
1429 addr_b_str, port_a));
1430 conversation = conversation_lookup_no_addr2_or_port2(frame_num, addr_b, port_a, etype);
1431 } else {
1432 DPRINT(("trying wildcarded match: %s:%d -> *:*",
```
If a display filter had been applied during the opening
of the conversation or endpoint dialog, automatically check
the entry for "Limit to display filter" to ensure that
the filtered result is being shown, as expected by the user.
In commit 8c7e3f0d30, the config.nsh.in
was renamed as wireshark-config.nsh.in, and the config.nsh was renamed
as wireshark-config.nsh as well, but the wireshark-common.nsh still
includes the config.nsh, which will cause the packaging failed.
Commit 5cd591129f removes a number
of conversation related functions. Remove them from the debian
symbol list.
The commit also removed the implementation of conversation_hash_exact,
so remove the declaration from the header file.
It's only necessary to check that cap_file_.capFile()->edt is
not NULL if use_stream_index is FALSE.
This prevents failure and an inaccurate error message about the
capture file being invalid when using the spinbox to cycle through
a stream when all packets are filtered out.(E.g., Follow a stream,
append to the filter looking for something, no packets match, try to
go to the next stream.)
CMake 3.19 added support for CMakePresets.json and
CMakeUserPresets.json, which let you prepopulate various configure,
build, and test options. Add CMakeUserPresets.json to .gitignore as
recommended by the documentation and add an example to the Developer's
Guide. CMake uses 2-space indentation; specify that for CMake*.json in
.editorconfig.
Building tfshark is disabled by default in CMake options.
The tfshark code should be continuously tested or removed from the
main repo. It should not be allowed to exist in a broken state.
Add it to the code check job to make sure that it at least compiles.
Convert the address+port conversation code to element lists. Make our
conversation keys element lists. Document more of the conversation API.
Update the Conversation Hash Table dialog to use the new API.
Describe an alternative key type and data structure at the top of
conversation.c.
Allow the endpoint and conversation dialogs to have detachable
tabs. At the same time move the tree functionality to a subclass
to better be able to handle the context menu when detached.
Right now, still a lot of tree stuff is in the tabwidget, but
could be moved to the tree for the future
In a typical setting where int is 32 bits and the type guint8 is 8 bits,
the overflow check in Dot11DecryptDerivePmkFromMsk will automatically
promote the sum of msk_len and *pmk_len to an int. Since int is 32 bits
and guint8 will always be 8 bits, the sum will never overflow.
Therefore, an explicit casting of the sum of msk_len and *pmk_len to
the type guint8 is necessary.
Signed-off-by: Elijah Conners <business@elijahpepe.com>
Some AT commands and responses need context to be parsed correctly.
For example AT+CGMI's and AT+CGSN's responses are arbitrary strings
without "AT+" or "+" prefix (So saving the command is needed).
Another use case is when a command/response is followed by its data in
the following line, like AT+CGML (SMS content's listed in the line after
the "+CGML" line).
The implementation utilizes the USB conversation of the session to
pass information between packets.
Every new packets takes a 'snapshot' of the data stored in the conversation
before starting to parse and re-uses it when parsing & re-parsing of
that packet occurs.
Create Logwolf-specific copies of the various Wireshark NSIS config files
and modify them to install and uninstall Logwolf. There are still a bunch
of rough edges, but the installer works for a test capture I have here.
Retapping can have some side-effects and was done in
an overflowing way. Reducing the number of times retapping
is required and done, and also giving control for taps
reload to TrafficTab
Rename the following build targets, similar to the recent macOS target
name changes:
nsis_package_prep to wireshark_nsis_prep
nsis_package to wireshark_nsis
Rename some NSIS files to reflect that they're specific to Wireshark.
Update the documentation and CI configurations.