Otherwise we use an uninitialized variable
Bug: 14372
Change-Id: Idacdb40569421f7e41e181c14fb2bc033b0645b8
Reviewed-on: https://code.wireshark.org/review/25529
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use QByteArray::fromRawData + tvb_get_ptr to create our ByteViewText
data instead of tvb_memdup. If our tvb lifetime is shorter than our
ByteViewText lifetime then that's a bug.
Change-Id: Iede275578a1493b8658308e0778f7f0799d6c6cd
Reviewed-on: https://code.wireshark.org/review/25534
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Adding Session Multiplex Protocol SMP
SMP is used by TDS when MARS in enabled.
Bug: 14110
Change-Id: Ia4113c627d107da6c3d51e4004265efb228a297b
Reviewed-on: https://code.wireshark.org/review/25509
Reviewed-by: Craig Jackson <cejackson51@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
bf_arr is used as %s argument to proto_tree_add_subtree_format(), so it need to be NUL terminated.
Add + 1 to bf_arr size, and use sizeof() in memset() calls.
ASAN report:
ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7ff1b179f150 at pc 0x00000044cf31 bp 0x7ffdc7493cf0 sp 0x7ffdc74934a0
READ of size 258 at 0x7ff1b179f150 thread T0
SCARINESS: 41 (multi-byte-read-stack-buffer-overflow)
#0 0x44cf30 in printf_common(void*, char const*, __va_list_tag*) /src/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_format.inc:548
#1 0x498cfc in __vsnprintf_chk /src/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc:1558
#2 0x5775cf in proto_tree_set_representation /src/wireshark/epan/proto.c:5508:9
#3 0x577eb1 in proto_tree_add_text_valist_internal /src/wireshark/epan/proto.c:1226:2
#4 0x5782d5 in proto_tree_add_subtree_format /src/wireshark/epan/proto.c:1249:7
#5 0x73c73f in fBitStringTagVS /src/wireshark/epan/dissectors/packet-bacapp.c:7490:15
#6 0x73ad20 in fApplicationTypesEnumeratedSplit /src/wireshark/epan/dissectors/packet-bacapp.c:7569:26
#7 0x73a484 in fApplicationTypes /src/wireshark/epan/dissectors/packet-bacapp.c:7635:12
#8 0x7395db in fIAmRequest /src/wireshark/epan/dissectors/packet-bacapp.c:13412:14
#9 0x7383e1 in dissect_bacapp /src/wireshark/epan/dissectors/packet-bacapp.c:14163:9
Found by oss-fuzz/5452.
Change-Id: I57e948904f707c5003a389431b009a37c1212e04
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5452
Reviewed-on: https://code.wireshark.org/review/25544
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Fixes/improves a few filter identifiers, typos, consistent
use of MHz (as opposed to Mhz), and fixes to the MCS map trees
in the HE Capabilities tag.
Change-Id: I5c761990237ccc241d95fb0b9b2d3f8f1263b460
Reviewed-on: https://code.wireshark.org/review/25530
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
The UDP port for HSRPv6 was mistyped when UDP dissectors was converted
to use "auto" preferences in g2eb7b05b8c.
Change-Id: I4b6f634677d23d81fc197dbeb43ee3d91d9a111f
Reviewed-on: https://code.wireshark.org/review/25526
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Open lua scripts when double-clicked. Behavior depends on your system
configuration. Add tooltips accordingly.
Let Qt wrap the "Wireshark" tab information.
Set column widths by eyeballing their contents.
Elide the Folders and Plugins strings in the middle.
Fixup placeholder text capitalization.
Draw links using the palette link color.
Change-Id: Ic141eae05541480ec1e254c55fd81728d04713d9
Reviewed-on: https://code.wireshark.org/review/25510
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Select our byte field only when we enter marked / locked mode.
Emit fieldSelected from autoScrollTo so that we always set the marked
protocol.
Don't clobber the current index in saveSelectedField.
Change-Id: I967b20608f991a5f3e6a0979b1f702f874ce27b4
Reviewed-on: https://code.wireshark.org/review/25521
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The selected profile may be renamed in apply_profile_changes()
so write the recent file before renaming the directory to ensure that
we reload the latest changes.
Change-Id: I8988a00647926d93b0a1903090aadc8c61f1a34e
Reviewed-on: https://code.wireshark.org/review/25516
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Do not try to delete the old profile name after renaming. In most
cases it will not exist, but when using a case-insensitive file system
this will delete the renamed profile if only changing capitalizations
(first it's renamed and then it's deleted).
Change-Id: I27d2d22d2353b09f2041d82ea1cf1bae37a1ce3d
Reviewed-on: https://code.wireshark.org/review/25515
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use Qvector::value in a few places instead of an array index.
Change-Id: I821ef4b16df919977739c12ccaa3b9c3d53f049c
Ping-bug: 14357
Reviewed-on: https://code.wireshark.org/review/25511
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add missing NULL terminator to ieee1905_reporting_policy_flags[], in order to fix buffer overflow.
ASAN report:
ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000092a4af8 at pc 0x00000062afd2 bp 0x7ffce7e468d0 sp 0x7ffce7e468c8
READ of size 8 at 0x0000092a4af8 thread T0
#0 0x62afd1 in proto_item_add_bitmask_tree /src/wireshark/epan/proto.c:10406:9
#1 0x62953f in proto_tree_add_bitmask_with_flags /src/wireshark/epan/proto.c:10786:3
#2 0xfb8271 in dissect_metric_reporting_policy /src/wireshark/epan/dissectors/packet-ieee1905.c:2762:9
#3 0xfb2997 in dissect_ieee1905_tlv_data /src/wireshark/epan/dissectors/packet-ieee1905.c:4390:18
#4 0xfb23c8 in dissect_ieee1905 /src/wireshark/epan/dissectors/packet-ieee1905.c:4577:18
Found by oss-fuzz/5298.
Change-Id: I35dbd6d29d0a3a5560286146fbed172c810e5b2d
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5298
Reviewed-on: https://code.wireshark.org/review/25520
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Configuring Wireshark with Cmake using -DENABLE_LUA:BOOL=OFF and
-DENABLE_PLUGINS:BOOL=OFF causes all plugin support to be removed.
The about Wireshark dialog wasn't made aware of that trying to
manipulate the related mdoel anyway, causing a crash.
Make the compilation of the offending code conditional.
Change-Id: Ifa51f40fda7f019d09327dc5650e5a55da2daf2a
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/25517
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
We stopped using various images in the following commits:
307c0d70fb (2011, not sure how they lasted that long)
clist_*.xpm
20cc0d7ce9 (2010)
stock_dialog_error_48.xpm
stock_dialog_info_48.xpm
stock_dialog_warning_48.xpm
stock_dialog_stop_48.xpm
2e4e229739 (2004)
stock_dialog_question_48.xpm
1a3e596609 (2011)
voip_select.xpm
194a145c8f (2013)
wssplash*.xpm
07c3d057b8 (2013)
openhand-16.png
rubberband-16.png
Change-Id: I3647cb2cb47e3927a4359f519ce45eb57e5aa534
Reviewed-on: https://code.wireshark.org/review/25519
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Rearrange the logic in showCaptureStatistics. Fixes a crash here when
capturing from stdin.
Change-Id: I7ec15a556579afe968a06a36d7914aa1631666df
Reviewed-on: https://code.wireshark.org/review/25507
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
One thing I hate is big slabs of open coding. Compilers are very good these days
and will inline functions if they are used in only one place.
By using functions we make the code very much more readible.
There is also a big opportunity to use functions like proto_tree_add_bitmask.
Change-Id: I66d1509f577d2955996f4649e05494ab0370ed01
Reviewed-on: https://code.wireshark.org/review/24964
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The sip_is_packet_resend() function sets the internal transaction_state to
final_response_seen, the prevents the sip_find_request() from finding the
matching INVITE as it expects transaction_state == request_seen. Simply
reversing the order of these functions seems to fix the problem.
Change-Id: I61d085c979dee24ad88b4eea26dfa002fd9cd213
Reviewed-on: https://code.wireshark.org/review/25429
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Distinguish between hovered and marked bytes using a lighter and heavier
outline. Remove the "mark" color definitions.
Change-Id: Icf6363e920a634574b7a42a10ea77b538ce78290
Reviewed-on: https://code.wireshark.org/review/25513
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
CCM* algorithm implemented as part of ieee802154 dissector can be
leveraged for higher layer protocols, e.g. OSCORE. This change adds an
additional parameter to the CCM* API in order to allow passing a generic
13-byte nonce.
Bug: 14367
Change-Id: Ib2da1146659f67ffb3a4767ec093f8b7f09461ce
Reviewed-on: https://code.wireshark.org/review/25455
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If merge_open_in_files() is going to fail, free files array to avoid memleak.
Found by clang.
Change-Id: I156c5f1c041cd7779ff0a0095bc2810f50768ab6
Reviewed-on: https://code.wireshark.org/review/25421
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
callback_args.col_widths[] is allocated only for visible columns,
use 'visible_col_count' index instead of 'i' one, which is incremented
only for visible columns.
Found by clang.
Change-Id: I4e3c05fd372585295e3a0d7427497a46f32f93bb
Reviewed-on: https://code.wireshark.org/review/25444
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 14332
Change-Id: I49642a9880fc03d38942eebfd6b1015894fef23d
Reviewed-on: https://code.wireshark.org/review/25255
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This wiretap plugin serves a dual purpose. One is to add usbdump file
reading capability to wiretap and therefore Wireshark and Tshark.
Second it is an illustration of a basic wiretap plugin module.
Change-Id: Iefbb156ea1bc5d90dabc1753942cdb9e393714ad
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/25487
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Modern SDP usage (e.g. SIP, WebRTC) can "bundle" multiple RTP media streams on
a single port. Thus the RTP dissector has to be able to handle audio and video
at the same time, so the gboolean flag in _rtp_info was changed to a bit mask.
The SDP parsing was then changed to detect multiple "m=" lines using the same
port, and combine their audio/video bit masks, and the rtp_dyn_payload used
has all the audio and video payload descriptions.
Change-Id: Ifa3c034260f892ed005fe28647d28f3b0b1b05cf
Reviewed-on: https://code.wireshark.org/review/25431
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Add the crypto suite that came in with a spec change (v171212).
2. Add two additional fields that need handling.
3. Make the attribute value a separate sub-tree.
Change-Id: Ic01527bcd0361bf2522d2efbc91cd8191d7b2e27
Reviewed-on: https://code.wireshark.org/review/25514
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The NSIS checkboxes were last used in 2003. I'm not sure if the KDE
icons ({hi,lo}??-app-wireshark.png) were ever used.
Change-Id: Ib548b0fcfb650b279e8d475f350cdba663f903c0
Reviewed-on: https://code.wireshark.org/review/25512
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Should fix clang warning created by https://code.wireshark.org/review/#/c/25492.
Change-Id: Iafa31e24cd786a510f3a953d615df4cbc3930fa6
Reviewed-on: https://code.wireshark.org/review/25508
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Somehow the registration of the SBC codec was duplicated, which does not
(yet) cause an error message, but also doesn't work.
Remove the duplicate registration.
Change-Id: Ic22ba66fd65b326fb2688300dad8f9b81081c7e5
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/25506
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Chances are if there are a large number of "empty objects" (that don't increment packet
counter) it's an intentionally malicious packet and we should break the loop.
Bug: 14362
Change-Id: Id9a6f4270cc47188becdf4652f903d0ba4478dcb
Reviewed-on: https://code.wireshark.org/review/25497
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I5d8797b68c53168d4c00be8c3c3a3325b370e38c
Reviewed-on: https://code.wireshark.org/review/25492
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
JSON will be display like in browswer developer tool (Firefox or Chrome).
Change-Id: Ib504f4828d9fd8d25d9564b93717007ac021713c
Reviewed-on: https://code.wireshark.org/review/25474
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Handle the Estimated Service Parameters tagged element and the Future
channel guidance one. The second may need more work in future.
These are defined in IEEE STD 802.11-2016 but may have been defined earlier.
Change-Id: I1c67a0ea6df9c1cc89bb3a34da921f3938e0a012
Reviewed-on: https://code.wireshark.org/review/25407
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: Iecfb705b37f54119eaec75ab8df8c7ee3c76bfec
Reviewed-on: https://code.wireshark.org/review/25503
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ie4dfc68583fa6fc742baeaf9d9fd1c7d2f783f38
Reviewed-on: https://code.wireshark.org/review/25435
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
UAT color "datatype" has the format of #XXXXXX so the XXXXXX is strduped
to pass to strtol(). The "pointer math" assumed the # was always present
and would result in large memory allocation if string was empty.
Bug: 14357
Change-Id: Idc43b17f0e07705880d0d77f106991d10e09f072
Reviewed-on: https://code.wireshark.org/review/25504
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add dissection of the TDS response packet for TDS 4.2. In order to share code, this
required parameterizing TDS 7.x token-handling routines for things such as endian-ness
and one-byte vs two-byte character encodings. This required ascertaining accurately when
TDS 7.x is in use as early in the conversation as possible. This in turn required knowing
the program versions downloaded in the prelogin packet in the case where the login packet
is encrypted. (Listening to the LoginAck token is a little too late.)
Add more support routines to parameterize the endian nature of each connection.
Although the particular tokens decoded here are documented for TDS 4.2, it has only been tested
with a trace from TDS 4.6. TDS 4.6 didn't change much, but there may be a few minor errors.
Change-Id: I6f8f136bcc565640fbea4302cb79ea29a118d9a1
Reviewed-on: https://code.wireshark.org/review/25464
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Running "tcpdump -D" on target seems to be a expensive operation in some
cases, not finishing within the 500ms timeout on several devices (~1000 ms
in one of our cases).
Change-Id: I57e4d31f12c4e393ff84e79b64cb024b74a11f0e
Reviewed-on: https://code.wireshark.org/review/24719
Reviewed-by: Michal Labedzki <michal.labedzki@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If file wasn't found in PATH, there is a leak of path.
Don't break the loop after reaching NUL character.
Check for NUL character will be done in while() start condition.
Found by clang.
Change-Id: I0111a71853ffd485ee1096296f92de4472409c66
Reviewed-on: https://code.wireshark.org/review/25445
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This should no longer be necessary with the sub-version directory
struture. If the user is installing a DLL for a built-in plugin, an
error message is appropriate.
Change-Id: I80842f1ea03a08594321a674650a1373aaa48712
Reviewed-on: https://code.wireshark.org/review/25500
Reviewed-by: João Valverde <j@v6e.pt>
This makes it more obvious that it is a static function.
Change-Id: I7348c4326b1e388870cb6657d9c67bd1086357b0
Reviewed-on: https://code.wireshark.org/review/25499
Reviewed-by: João Valverde <j@v6e.pt>
This is cleaner and allows the "duplicate plugin name check" to be
performed correctly (per module and not globally).
Change-Id: I2b2122495dc047af5b7043dcf020a525766b7c30
Reviewed-on: https://code.wireshark.org/review/25496
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Used reference:
Book "InfiniBand Network Architecture" by Tom Shanley; page 369 ff
Bug: 14359
Change-Id: I77e64ca16ccc5f193eac34b304165f722ffb0748
Reviewed-on: https://code.wireshark.org/review/25489
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>