That way, if it's cut short by a snapshot length (or its length is
otherwise too large), we don't throw an exception before dissecting the
items that are present.
Change-Id: Id2521efdcf97f63f6826d62b4361722c7eef78c9
Reviewed-on: https://code.wireshark.org/review/33253
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't show every single non-ASCII character as a bunch of meaningless
backslash-escape sequences for the multiple octest of their UTF-8
encodings.
Change-Id: Ieed3cdf26c3c63a0d1681efcf967c7b80132cb14
Reviewed-on: https://code.wireshark.org/review/33245
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Packet data is raw octets, meaning guint8s, not chars or gchars.
The last argument to recvfrom should be of type socklen_t on UN*X and
int on Windows; wsutil/socket.h defines socklen_t to be int on Windows,
so just use socklen_t.
Change-Id: I5355a246e0f74f39c0f8e198d8dd9769b623af49
Reviewed-on: https://code.wireshark.org/review/33242
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Lua 5.2 moves unpack to table.unpack, be sure to define this for Lua 5.1
or LuaJIT. This fixes an error with https://github.com/Lekensteyn/kdnet
when using LuaJIT.
Change-Id: Ib9e4591d9edb1cb3b0c1e86172331055f9f457d9
Ping-Bug: 15745
Reviewed-on: https://code.wireshark.org/review/33046
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Octet arrays are octets of guint8s, not gchars/chars.
Make some strings arrays of chars/gchars, not guint8s; this needs more
thought (throughout Wireshark).
Offsets into tvbuffs are signed, not unsigned. (This is to support
negative offsets, which are offsets from the end of the tvbuff. We
might want to remove that and go with unsigned offsets, and have the
few, if any, places where that feature is used explicitly calculate the
offset from the end based on the tvbuff's length; most if not all of our
handling of trailers/end-of-packet FCSes/etc. does so, and makes sure it
handles the case where the end-of-packet information isn't present, to
better report errors and dissect the stuff before it.)
Change-Id: Ia46ed3fc7c2d8ac97cd14824d521cbc461fb7f45
Reviewed-on: https://code.wireshark.org/review/33239
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Update them to use ws_diag_control.h and ws_compiler_tests.h, and the
DIAG_OFF() macros therein.
Regenerate the CORBA dissectors.
Change-Id: I26f0add0ec8dd920bfe80571b4141c1b0e2f0640
Reviewed-on: https://code.wireshark.org/review/33238
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Or, rather, *disable* it only if we're *not* enabling additional
compiler warnings.
Change-Id: I95c23385a365e0e24f932ea5c680b287b5f717e0
Reviewed-on: https://code.wireshark.org/review/33237
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This enables capture privileges for 'user' that is used in the tests.
travis.yml has been changed as well to reflect the setcap command in
the docs.
Change-Id: I0584e0df417112b1774b86ef8b28121799efe137
Reviewed-on: https://code.wireshark.org/review/33182
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(Why does a call to proto_tree_add_item_ret_uint(), passing a a pointer
to a gint32, rather than a guint32, as the last argument, not cause a
compiler error?)
Change-Id: Id1a0dfb62694bfe5147f53938bf1c9c8972efb70
Reviewed-on: https://code.wireshark.org/review/33234
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It can, and, in at least one capture, it does.
Change-Id: Id3540e6551db5d63427f09c6ccc521958ecccac6
Reviewed-on: https://code.wireshark.org/review/33231
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use the local one *only* while we're trying to determine whether we have
a pcapng file or not; once we know we have a pcapng file, and have
allocated a pcapng_t and attached it to the wtap structure, pass *that*
one to pcapng_read_block(), so if it changes anything in the pcapng_t,
it changes the one we're using.
Change-Id: I53b32595276be97957a0b6056171471878fa40c4
Reviewed-on: https://code.wireshark.org/review/33226
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Embed the git commit hash as well as the tag information for tarballs
produced by 'git archive' (this includes the Github tarball). Example:
TShark (Wireshark) 3.0.1 (Git commit ea351cd80516)
Note that the embedded git ref names can include branch information, see
for example `git log -n1 -s --format=%D v3.0.1`:
tag: wireshark-3.0.1, tag: v3.0.1
HEAD -> bug/15544, tag: v99.99
HEAD, origin/master, origin/HEAD, master
Thus, when creating release tarballs, I would recommend using the above
command to see whether unnecessary branch information is present. If so,
create a new post-release commit first on the same branch. This way, the
release tarballs should be reproducible.
While at it, increase the commit abbreviation length from 8 to 12.
Currently git describe abbreviates to 10 by default. The default length
is at minimum 7 and is dependent on the number of objects:
git count-objects -v | perl -lne 'print int(log($1)/log(2)/2)+1 if /^in-pack: (\d+)/'
Bug: 15544
Change-Id: Ifd1ed636b69f7687a7272775686f51387040a596
Reviewed-on: https://code.wireshark.org/review/33214
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add NCP 98
Fix NDSrequestprotocolflags not being captured on request so that reply
would offset correctly with CRC flag.
Change-Id: Ie45a1017326dd38393baf3f005f3ec9195438565
Reviewed-on: https://code.wireshark.org/review/33146
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
wth has been already checked in line 315.
Change-Id: Ib620e0b1e9262e5344feb934b024f7817cfda6fd
Reviewed-on: https://code.wireshark.org/review/33178
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There is no FCS length information for a pcapng file; there's FCS length
information for each interface.
Change-Id: I3abb1a35b28475aa3ad6f126060140d0a524bbca
Reviewed-on: https://code.wireshark.org/review/33215
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
In handling the capture preferences frame, the preference to not load
interfaces on startup is handled incorrectly. Instead of using the
preference value itself, the validity of the pointer to the preference is
used. This leads to some confusing logic.
Replacing this code with proper preference retrieval.
This was introduced with commit 7a07832712
CID 1439697
Change-Id: I9bf3df413d89f8df55553a7218f34d425eb103de
Reviewed-on: https://code.wireshark.org/review/33187
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
When checksum calculations are performed (irrespective of type) the
calculation is assumed to be possible on at least a common header and
optionally a payload. This assumption was not checked, which could
lead to out of bound access of packet buffer data.
Simply adding the assurance that enough buffer data is available avoids
this out of bound access.
CID 1439698
Change-Id: I5fec69b96b1064ffdda11f51b882fe5775844475
Reviewed-on: https://code.wireshark.org/review/33185
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
When decrypt_ssl3_record is called with a record length of zero, it will
pass NULL to ssl_data_set because tvb_get_ptr(..., 0) yields NULL. That
triggers a DISSECTOR_ASSERT. Fix this and add expert info while at it.
Bug: 15780
Change-Id: I727b511aa48b6e1aeb20a441d1eb9d3627a74413
Reviewed-on: https://code.wireshark.org/review/33203
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Prior to this change the extcap option dialog destructor was called only
when the main Wireshark window closed.
Besides that, fix the NULL pointer dereference that would happen if
device name was not a valid extcap device.
Change-Id: I84334e3a83c66557d961771f74c39447d30a6875
Reviewed-on: https://code.wireshark.org/review/33197
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bits named according to IEEE 802.11-2016, p.836, Figure 9-192
Change-Id: I4e0a6c90796d80ebbdc31c32a3ea2d9da4db8885
Reviewed-on: https://code.wireshark.org/review/33193
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The default chk callbacks for individual fields only catches basic
errors such as invalid, too large numbers. Many dissectors perform
additional validation in the update_cb which is invoked for a record as
a whole. If this check fails, then the UAT must not be marked as valid
or else invalid records (like NULL pointers) could be exposed.
Thanks to Uli Heilmeier for noticing this.
Bug: 15709
Change-Id: I1cc4c6925322011a561ad6df840fbac67796e5b2
Fixes: v2.3.0rc0-1002-g1cd22559a8 ("Qt: convert UatDialog to model/view pattern, improve UX")
Reviewed-on: https://code.wireshark.org/review/33157
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Uli Heilmeier <openid@heilmeier.eu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Check the return value of fscanf() instead of relying on feof(). This
should help ensure that we exit correctly.
Bug: 15777
Change-Id: I8b5985f6015cb6a85378db5135b29bb2c3de1e90
Reviewed-on: https://code.wireshark.org/review/33196
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For type B cards, the PCD assigns a card identifier (CID)
in the attrib message it sends to the card. The card sends
the assigned CID back in its response.
We already dissect the CID in the response. Dissect it in the
attrib message as well.
Change-Id: Ic0bd200f0e40496d8fe3121aa9ad601a269de36c
Reviewed-on: https://code.wireshark.org/review/33183
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The outputs of -T ek and -G elastic-mapping don't match. To be effective
the fields in the mapping report and the fields in the traffic output must
be the same.
2 issues have been fixed. The elastic-mapping requires the parent protocol
to be prepended to the field to match the traffic output. The field "dns.a"
has been changed to "dns_dns_a".
The traffic output prints some fields with a leading "text_". This happens
for some fields that have been created under a text only field. One example
is "dns.a", that was printed as "text_dns_a". This has been fixed by accessing
the parent hfinfo resulting in "dns_dns_a" as other fields for the dns
protocol.
Bug: 15759
Change-Id: Ibd000c865102ca49bb6a6394019a475483eae4cc
Reviewed-on: https://code.wireshark.org/review/33099
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Eneko Gómez <eneko.gomez.tecnalia@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Ber choice called with a non FT_UINT hf variable. Work around by
duplicating ASN1 code.
Change-Id: I71b38e25288f222058793110eb43c122c012dcca
Reviewed-on: https://code.wireshark.org/review/33191
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
No, not every machine on which Wireshark is built, run, and tested is
little-endian. See bugs 15772 and 15754.
Change-Id: Ice1d012e1a788f6a7bb031bdf0e2f01f523a91ec
Reviewed-on: https://code.wireshark.org/review/33192
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Convert the host-endian session ID passed to seskey_find_sid_key()
before comparing it with the little-endian session IDs in the UAT.
While we're at it, tag session ID fields in various structures with the
byte order.
Bug: 15772
Change-Id: Ib1e7323bad1dfdb1ac24a08998205650f2744097
Reviewed-on: https://code.wireshark.org/review/33188
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Controlled by a preference (off by default).
Change-Id: If2fafb1d0b94faf4e42c3e9bb4bef010f1a9be0b
Reviewed-on: https://code.wireshark.org/review/33056
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Gerald Combs