Source/Destination BD_ADDRs and name are filterable.
Also simplify code around wmem trees, and enable commented "data"
field in unreassembled case and fix btl2cap offsets
(discovered by enabling "data" field).
Change-Id: Ic28c9bf19bcd6281b652be538b221da74df4bb76
Reviewed-on: https://code.wireshark.org/review/471
Reviewed-by: Evan Huus <eapache@gmail.com>
Interface ID should correspond to the Wireshark Interface Id
to avoid mixing data from various interfaces in dissectors.
Change-Id: Ibaa3ddab7f0ebd0985efea74439b94a5881145a7
Reviewed-on: https://code.wireshark.org/review/472
Reviewed-by: Evan Huus <eapache@gmail.com>
When capturing, they'll be in host byte order. The top of the libpcap
trunk and 1.5 branch, when reading a file, will, if necessary, byte-swap
the type and length values so that they're in the byte order of the host
reading the file (rather than the host that wrote the file).
Do the same when we read a file, and have the NFLOG dissector assume
host byte order for those fields.
Change-Id: I493aed1e07b626af1157d75f3bc293b0a694ad07
Reviewed-on: https://code.wireshark.org/review/148
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(Copyright or info about file...)
Change-Id: I90ba8b1c3ec8406b0c3365a69a8555837fc4bbb1
Reviewed-on: https://code.wireshark.org/review/515
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Create a placeholder protocol tree item under which to put the options,
do the analysis of fields from the fixed-length portion of the TCP
header (such as sequence numbers), and then do a straightforward
dissection of the options, throwing an exception if we run past the end
of the options field.
This is a bit simpler, and doesn't add confusing notes about
truncation of the options.
XXX - we're currently not including selective acknowledgments in any of
the SEQ/ACK analysis; should we? That means, of course, that we have to
dissect the options before doing that analysis, and if the options were
cut short by slicing, you lose....
Change-Id: I425a6c83f26512b802267f76739cbf40121b3040
Reviewed-on: https://code.wireshark.org/review/511
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The previous macro gave the correct alignment, but there was one case where it
would add a whole block of unnecessary ALIGN_SIZE bytes. The new one is also
slightly faster to compute.
Benchmark win of about 3%.
Change-Id: I5d8bad0f78dc0e383e14c2c7a951328a06400020
Reviewed-on: https://code.wireshark.org/review/492
Reviewed-by: Evan Huus <eapache@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It has been extremely well-tested at this point, and is a very hot code path so
the performance gain is measurable (~1-2% on most captures I tried).
Change-Id: I2f5e03d2f348f56e740bf0dfbc83a4fd9cc8c5a9
Reviewed-on: https://code.wireshark.org/review/499
Reviewed-by: Anders Broman <a.broman58@gmail.com>
label_mark_truncated()
Change-Id: I7ede5f9776d26ebce2ccf427cf6ff5dec56814cd
Reviewed-on: https://code.wireshark.org/review/465
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
The content of a YMSG message is a sequence of lines, each one of which
contains a text string (in some ASCII-based encoding) for a key, a
0xc080 separator, and a text string (in some ASCII-based encoding) for a
value. That's not a string in any ASCII-based encoding I know of - 0xc0
0x80 is not, for example, a valid UTF-8 sequence (it's a too-long
sequence for NUL).
This should fix bug 9832:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9832
by avoiding the general "GTK+ on Windows crashes when asked to copy
something that's not valid UTF-8" problem.
Fix some field descriptions while we're at it.
Change-Id: I4084dabc89b0186ecd1a7329452ca2f1cb48f1c0
Reviewed-on: https://code.wireshark.org/review/488
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- Multiple value string arrays were defined in packet-fcels.h (which was included
in two differnt .c files). Only one of the arrays was actually used in two
different .c files. All the value_string arrays (and most of the #defines)
moved to packet-fcels.c.
- Other:
Use -1 instead of tvb_length() for the length param of several proto_tree_add...() calls.
Add editor modelines.
Change-Id: Idc642caf1c8d62b658147a234d5560b8f2fd0630
Reviewed-on: https://code.wireshark.org/review/479
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
- Value string arrrays should never be defined in a .h file (especially one
included in multiple .c files).
So: a. The value_string array (and associated #defines) was moved from the .h file
to packet-rtp_events.c
b. A public extended value_string was created in packet-rtp_events.c
and declared as external in packet-rtp_events.h
- Other:
Remove a few unneeded initializers;
Add editor modelines.
Change-Id: Ib580c3e50ab5ce79484c9c6af57f62ca604b57d1
Reviewed-on: https://code.wireshark.org/review/468
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
- Move setting COL_PROTO & clearing COL_INFO to before a tvb fetch which
could cause an exception;
- Remove some unneeded initializers;
- Fix up some long-lines and whitespace;
- Use a consistent indentation;
- Add editor modelines.
Change-Id: I8a8015a65d5dc581ed02cbd134231481b9f96263
Reviewed-on: https://code.wireshark.org/review/467
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
Change-Id: I9e50920fbc09fdf0650be3a63fee8153ce0fd3df
Reviewed-on: https://code.wireshark.org/review/462
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I8ecfdb1c366310d224660e89c99136a0a9f4a067
Reviewed-on: https://code.wireshark.org/review/461
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ia1db91ef9344e46a3f32204bbf9cdbcc514980ce
Reviewed-on: https://code.wireshark.org/review/460
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I1e9ff715c3e315c9e36abb69fb5f441b71477501
Reviewed-on: https://code.wireshark.org/review/459
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I1542d715594b1b90e2442edb6f220ddc4dd99675
Reviewed-on: https://code.wireshark.org/review/458
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I355600320865a9c7c17093d37fc693b02f0a7f0c
Reviewed-on: https://code.wireshark.org/review/457
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Idea44f0e4678f738336215f4a250b9e9d9a60fbc
Reviewed-on: https://code.wireshark.org/review/456
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I81ef4cd363acf6cff99fd0f75b135962c4c22f53
Reviewed-on: https://code.wireshark.org/review/455
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
It's still O(n) in the worst case since the comparison function doesn't appear
to be suitable for use in a tree or hash-table, but at least we no longer spend
O(n) by default just finding the end of the list so we can iterate backwards.
Discovered while investigating bug #9823, but probably not the cause of that
bug.
Change-Id: Ib6c3691cff8e7fa49703df7c75635ef797c8fbe8
Reviewed-on: https://code.wireshark.org/review/443
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Misc changes:
- sort entries in an enum by value;
- add some XXX notes as to possible missing entries in a value-string array;
- remove an unneeded initializer;
- 0 --> FALSE for several boolean values;
- whitespace.
Change-Id: I6c8f1c1f37edad120d979fcd2d7278e7981ca5a7
Reviewed-on: https://code.wireshark.org/review/449
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
- val_to_str() -> val_to_str_const() in a few cases;
- localize some vars;
- remove some unneeded initializers;
- convert "4 space tabs" indentation to "4 spaces";
revise editor modelines to match;
- do some whitespace changes.
Change-Id: Ic91df02022971c973b27c71e6127395ed3ef06d3
Reviewed-on: https://code.wireshark.org/review/448
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
- Use VALUE_STRING_ENUM/VALUE_STRING_ARRAY macros to create one of the
value string arrays instead of using the usual separate #defines & array definition;
- Remove a few unneeded initializers;
- prefs_register_protocol() need not be called under 'if (gp_zbee_prefs == NULL)'
- Do some minor whitespace changes;
- Add editor modelines.
Change-Id: I33669b25fa18ecc452b83a0d88a6c0b33aae904a
Reviewed-on: https://code.wireshark.org/review/441
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
Also put a note in sctpppids.h saying that only IANA-registered PPIDs should go
in that file. Inspired by the rejection of
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4332
Change-Id: I763aad7d1b69e9d36c798061473438ce3cb66ca1
Reviewed-on: https://code.wireshark.org/review/434
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tested-by: Anders Broman <a.broman58@gmail.com>
Fix a modeline while we're at it.
Change-Id: Ief6d5edbe33456170059cfab4f436f0844de32a1
Reviewed-on: https://code.wireshark.org/review/440
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Offloading seems to be very common nowadays and having this option
enabled by default generates a lot of false positives. Suggested by
Laura Chappell.
Change-Id: I285f218efb3c9f164d8ad7a6d6de8270e442ffff
Reviewed-on: https://code.wireshark.org/review/426
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The HomePlug AV dissector was not consistently using the
HOMEPLUG_AV_MMVER_1_1 constant and was sometimes using it and sometimes
using mmver == 1 directly. Make sure we use that constant throughout the
code to help clarifiying which version tests are applying to.
Change-Id: I602413163e4e44dedfbf3e2364448a951fa70f54
Signed-off-by: Florian Fainelli <florian@openwrt.org>
Reviewed-on: https://code.wireshark.org/review/428
Reviewed-by: Evan Huus <eapache@gmail.com>
dissect_homeplug_av_nw_info_sta() was processing stations
information correctly, except that after the first station dump, all
dumps would be off-by-one byte because we were not reserving a missing
byte at the end of the station dump. Fixes#9798.
Change-Id: Iff3afd5ff536ae718fa446de3c59cd5e9851ff20
Signed-off-by: Florian Fainelli <florian@openwrt.org>
Reviewed-on: https://code.wireshark.org/review/427
Reviewed-by: Evan Huus <eapache@gmail.com>
Use FT_NONE instead of 0 to initialize an enum.
Drop use of lround/llround since they are not available on Windows.
Change-Id: I3961c1921304bafc090c763f0d6de8532f0b3510
Reviewed-on: https://code.wireshark.org/review/425
Reviewed-by: Evan Huus <eapache@gmail.com>
This fixes/addresses all the coverity warnings shown by
the buildbots. (I hope)
Change-Id: Ic2722df97c577d274e3cf3f0cbdca1902edde047
Reviewed-on: https://code.wireshark.org/review/423
Reviewed-by: Gerald Combs <gerald@wireshark.org>
