Make all the multi-byte fields, except for OUIs, little-endian -
including fields that contain bitfields. Make the bits in the bitfields
little-endian as well.
For the "number of taps" bitfields, interpret the values.
Fix a typo ("pseduo" -> "pseudo").
The length of an OCT MMPDU is 16 bits, not 8 bits, and it's not a text
string, it's an octet string.
The Beacon Interval Control is 48 bits, not 64 bits.
Handle the beam refinement UI as a 2-byte field that overlaps with a
4-byte field - *none* of the bitfields align on nice 8-bit boundaries,
so that's the best we can do.
Bug: 11419
Change-Id: Ib00ad030ecb33cf676bec23c05b15a4211c75c07
Reviewed-on: https://code.wireshark.org/review/9886
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Current implementation gives all remaining data to sub-dissector.
This is not correct, as with "Write Multiple by Index" the data
given includes the following indeces and their datasets
Change-Id: I5343bf61431a7b5507b51f53f0de8c6e3dc72cf1
Reviewed-on: https://code.wireshark.org/review/9870
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The "LEN" field is the "length of the MAC frame", in bytes; confusingly,
it includes the extended header length, but not the fixed-length part of
the header (including the FCS), so it's not the "length after HCS".
Rename it to "docsis.len", as it's always LEN, not SID; there's a
separate field for the SID.
Rename the Extended Header Length field to docsis.ehdrlen, and the
Number of Concatenated Frames to docsis.concat_cnt, so that different
uses of the "MACPARM" part of the header are flagged differently.
Update some comments while we're at it.
Change-Id: Ib7c4a0cda65cef25dcaf0051b3de89758ef4c29c
Reviewed-on: https://code.wireshark.org/review/9881
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If multiple packets of openSAFETY are present in a single network
packet, searching for the packet needed is complicated. This patch
increases the information along the same lines as the eth and frame
subdissectors
Change-Id: Id3d237135cfadb35c839208749aeeb1652b29830
Reviewed-on: https://code.wireshark.org/review/9871
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
When converting from DocBook to HTML, use DocBook's xhtml5 XSL
stylesheets.
Change-Id: I7a49d60c46a17e1e639b78ee10c4b9fa832d4a77
Reviewed-on: https://code.wireshark.org/review/9878
Reviewed-by: Gerald Combs <gerald@wireshark.org>
code to what failed on the RC version *sigh*
Change-Id: I1b7f6d57da4cb71473a074291da7e5a0d5242c95
Reviewed-on: https://code.wireshark.org/review/9874
Reviewed-by: Anders Broman <a.broman58@gmail.com>
According to 802.3 table 31A-1, only opcodes from 0x0002 to 0x0006 have a timestamp
While we are at it, rename the opcodes to a name matching the specification
Bug: 11403
Change-Id: Iaadc2b801e86523e962b4eb319541bc74de22071
Reviewed-on: https://code.wireshark.org/review/9857
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
These are largely untested, but the two abis captures on the wiki seem
to work OK. The menu item names could also use some work. Patches
welcome.
Change-Id: I19a5b5fe3476b49d1dd0b684cbb7f367c6ebd4b4
Reviewed-on: https://code.wireshark.org/review/9869
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Migrate the Camel stats similar to the recent BOOTP and H.225
migrations.
Change-Id: If82617068ff4b8fa186899f66dc34a08585f66cb
Reviewed-on: https://code.wireshark.org/review/9865
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Stats were moved to the dissector in g03802cc.
Change-Id: I1aaf43789695ba3aae54cfaf201263cd0aed74ea
Reviewed-on: https://code.wireshark.org/review/9867
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Let the reset callback take care of resetting our rows.
Change-Id: I59b0e9d36a9a1cedc5a5893664c875b7416a5229
Reviewed-on: https://code.wireshark.org/review/9868
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Stat table element arrays are allocated once at startup. Reset each
element in free_stat_table() instead of freeing them.
Change-Id: Ia63af93c76a1348bbb809137a521eead58a52dd1
Reviewed-on: https://code.wireshark.org/review/9860
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
It seems like oid_data->name may get freed so do a g_strdup() as it's done
for hf.hfinfo.abbrev.
Change-Id: Ie05fb42d59556aec300d4e007b1db5cc79d8d6f1
Reviewed-on: https://code.wireshark.org/review/9864
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use "3gpp32423" instead of "nettrace3gpp324423":
- There were too many "4"s in the previous name ("324423" vs "32423").
- "nettrace" isn't an official name, per 3GPP TS 32 423
- It's shorter.
Change-Id: Ic981d0351a3014fb79702955ebef7b13f6ce4a2e
Reviewed-on: https://code.wireshark.org/review/9863
Reviewed-by: Anders Broman <a.broman58@gmail.com>
length set to datalen in the returned tvb.
Change-Id: Ie6649a285a9fa4a0564e29ce18ec9459b8da2541
Reviewed-on: https://code.wireshark.org/review/9861
Reviewed-by: Anders Broman <a.broman58@gmail.com>
"IEEE 802.3" has, since IEEE 802.3y-1997, supported a type/length field,
not just a length field (i.e., they acknowledged reality), so it's no
as if there are "802.3" as opposed to "D/I/X" or "Ethernet II" frames.
Change-Id: Ie7f61e48cb2a343a7c83e0747a6eee46964fc335
Reviewed-on: https://code.wireshark.org/review/9858
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The tap API changed the return type of per-packet listener callbacks
from int to gboolean back in 2009. Update a bunch of functions and some
documentation accordingly.
Change-Id: I79affe65db975caed3cc296a7e2985b7b9cdf4cc
Reviewed-on: https://code.wireshark.org/review/9853
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Follow-up to g2eabd35 which added a 20MB limit, this lowers it quite a bit since
we're still seeing out-of-memory failures with files slightly larger than 8MB.
Based on a quick scan of the menagerie this only excludes another dozen or so
files so we won't lose much coverage.
Ping-Bug: 11395
Change-Id: I8d684bebad553408c68b125330f2878deedc3bff
Reviewed-on: https://code.wireshark.org/review/9849
Reviewed-by: Evan Huus <eapache@gmail.com>
When applying a conversation filter via context menu on the packet list,
something triggers the scrollbar to redraw when it has a maximum value of 0,
leading to a div-by-0. Guard against that (for now) though there may be a better
long-term fix.
Change-Id: I5fa0cac3e67f50a6c603a6fa10b117de5540d444
Reviewed-on: https://code.wireshark.org/review/9850
Reviewed-by: Gerald Combs <gerald@wireshark.org>
It is so fragile that it triggers too many false positives and it was not
activated by default prior to g21e5a95.
If required, a user can still use 'Decode As' functionality.
Change-Id: I0236609665c57c6f3961cb9596c47b54da777641
Reviewed-on: https://code.wireshark.org/review/9842
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
This pseudo field is a specific case that is not linked to any protocol (despite parent being set to -1).
This prevents a crash in Qt GUI when selecting a line added with proto_tree_add_subtree() or similar.
Change-Id: I3b1cc2e6c7e71a71898f2ee9a02e9158eccf6fac
Reviewed-on: https://code.wireshark.org/review/9845
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The reported length should be the size of the chunk, not the remaining
size of dechunked data.
Update some comments while we're at it.
Change-Id: Ia71948fb5ecebdaae3e171c53fd88cf72dcf76a3
Reviewed-on: https://code.wireshark.org/review/9846
Reviewed-by: Guy Harris <guy@alum.mit.edu>
- prevent some NULL pointer deference pointer
- remove DISSECTOR_ASSERT calls: it should be used only for dissector bugs
- replace g_slist_next macro calls as the NULL pointer checks are already performed in the for loop
Change-Id: If4efd5bb055c7806107ec9646e9864c7e345246d
Reviewed-on: https://code.wireshark.org/review/9843
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Add the wiki and field reference items to the packet detail context
menu. Add the "Go To Linked Packet" item in the Go menu and packet
detail context menu. Use "Linked Packet" instead of "Packet Reference"
and "Corresponding Packet". Remove more pending item comments.
Change-Id: I66c40f71738f0996690f4818a546520ea0747088
Reviewed-on: https://code.wireshark.org/review/9841
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Print the first packet and last packet time stamps with the resolution
supplied for them, and print the difference between them with the higher
of those two resolutions.
Change-Id: I111fbbf91b5957e63dca650b85f182c5f103c5fd
Reviewed-on: https://code.wireshark.org/review/9840
Reviewed-by: Guy Harris <guy@alum.mit.edu>
As the QClipboard::setMimeData documentation says, "Ownership of the
data is transferred to the clipboard." Allocate the mime data object
accordingly.
Note the results of trying to paste into hex editors on Windows.
Frhed works. Hex Editor Neo and HxD do not.
Change-Id: I46691ba95bf1f5c38817cd42ded73e8e67e4ee97
Reviewed-on: https://code.wireshark.org/review/9837
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The OS X Human Interface Guidelines at
https://developer.apple.com/library/mac/documentation/UserExperience/Conceptual/OSXHIGuidelines/TerminologyWording.html#//apple_ref/doc/uid/20000957-CH15-SW3
says:
"Be sure to create the ellipsis character using the key combination
Option-; (Option-semicolon). This ensures that an assistive app can
provide the correct interpretation of the character to a disabled user.
If you use three period characters to simulate an ellipsis, many
assistive apps will be unable to make sense of them. Also, three period
characters and an ellipsis don't look the same because the periods are
spaced differently than the points of an ellipsis."
The Windows desktop applications guidelines has a section on ellipses:
https://msdn.microsoft.com/en-us/library/windows/desktop/dn742478.aspx
but doesn't specify the a single glyph vs three dots.
The GNOME HIG at
https://developer.gnome.org/hig/stable/typography.html.en
says "Take Advantage of Unicode" then specifically says to use U+2026
HORIZONTAL ELLIPSIS.
Remove the ellipsis from "Find Next" and "Find Previous". Neither
requires user interaction.
Change-Id: I0e6c28bb8b3a84b242731e2ca96f1a6f6f42c303
Reviewed-on: https://code.wireshark.org/review/9833
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
In addition to fixing some clang warnings code now handles the scenario
where some needed messages may be missing in the capture, instead of
silently ignoring now tell how many bytes we can't dissect and why.
Change-Id: Ia6fd70d204d279799bc02209865c7f1da35d8191
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-on: https://code.wireshark.org/review/9824
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Add some missing items to the packet list and detail "Copy" context
menus. Don't nest the "Copy" items so deeply. Add YAML to the supported
summary formats.
Note that "Copy as Binary" copies to the clipboard as
application/octet-stream, which is a) arguably correct, and b) not very
useful. Fixes welcome.
Enable and disable packet detail context menu items from a set of
booleans similar to the packet list.
Change-Id: Iaa931c766aa476c33f27de089e5c4dbaf9ce74d6
Ping-Bug: 9320
Bug: 10831
Reviewed-on: https://code.wireshark.org/review/9825
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I256c364954e1b9edd479e5f25a1d742cc216ffff
Reviewed-on: https://code.wireshark.org/review/9809
Reviewed-by: Michael Mann <mmann78@netscape.net>