It looks like multi-configuration generators (notably MSBuild) need
Qt autogen properties set on the wireshark target as well as qtui. Do
so unconditionally in both cases. (We were doing so conditionally for
qtui before.)
This patch splits the SOME/IP-SD configuration string according to
the specification into smaller key-value-pairs or keys. This makes
analysis involving the configuration options much easier since it
allows filtering on these elements of the configuration string.
This patch adds suppport for 64bit elements in the user data. With
CAN-FD and Ethernet replacing traditional CANs, NM is not limited
to 8 Byte messages anymore; therefore, the limitation of uint32
elements needed to change.
The upcoming TRXDv2 brings significant changes, not only adding
new fields but also changing order and presence of those that
were considered common so far. Let's rename this function to
reflect that it's TRXDv0/v1 specific, and call it directly
from the corresponding dissection functions.
Use correct segment type given by the reassembly message id when
dealing with multiple chunks in the same frame.
When an NFS WRITE is sent with a read chunk having multiple
segments and it also includes a reply chunk, using the wrong
segment type could lead to reassemble the message prematurely
on the last read response for the first read chunk segment.
The message should be reassembled in the last read response
for the last segment.
If the variable `dfilter' always points to malloc-ed memory, it should
be easier to avoid any leaks.
Leak:
```
Direct leak of 46 byte(s) in 1 object(s) allocated from:
#0 0x7fadf5a67bc8 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:144
#1 0x7fadd7ecbe98 in g_malloc (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x57e98)
#2 0x5556272dbfd5 in main /home/ivan/svnrepos/wireshark/tshark.c:1594
#3 0x7fadd71ed0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
```
The mmdb_val needs to be allocated with the same wmem allocator as the
one used for mmdb_ipv4_map and mmdb_ipv6_map hash maps.
Build with ENABLE_ASAN and run `ctest -R suite_fileformats -V`
24: Direct leak of 144 byte(s) in 2 object(s) allocated from:
24: #0 0x55e6deb6eebf in malloc (/home/vasko/sources/wireshark/build_clang/run/tshark+0x1f1ebf)
24: #1 0x7f708f717bb8 in g_malloc (/lib64/libglib-2.0.so.0+0x5bbb8)
24: #2 0x7f709c0a7b3c in maxmind_db_pop_response /home/vasko/sources/wireshark/epan/maxmind_db.c:622:49
24: #3 0x7f709c0a895f in maxmind_db_await_response /home/vasko/sources/wireshark/epan/maxmind_db.c:661:9
24: #4 0x7f709c0a895f in maxmind_db_lookup_ipv4 /home/vasko/sources/wireshark/epan/maxmind_db.c:696:17
24: #5 0x7f709d1a97c5 in add_geoip_info_entry /home/vasko/sources/wireshark/epan/dissectors/packet-ip.c:570:33
24: #6 0x7f709d1a2907 in add_geoip_info /home/vasko/sources/wireshark/epan/dissectors/packet-ip.c:662:3
24: #7 0x7f709d1a2907 in dissect_ip_v4 /home/vasko/sources/wireshark/epan/dissectors/packet-ip.c:2205:7
Fixes: v2.9.0rc0-2687-g1bab83de53 ("maxmind: Move response processing to a thread.")
Spurious Retransmissions are now ignored during the reassembly
because their respective payloads are already computed with
previous packets. Closes#10289.
It is rather weak and thus can easily trigger false positives.
While in the area, ensure that the minimu number of bytes were
captured for heuristic checks.
The RANAP ASN.1 defines a RAI as being composed of an LAI and a RAC.
(Cf. the RNSAP ASN.1, which defines a RAI as being composed of a
PLMN-Identity, a LAC, and an RAC.) Handle it so that the RAI fields
are used when dissecting a RAI, only using the LAI fields if the LAI
dissection was not called from the RAI.
Use the specific MCC/MNC fields in NGAP for the ECGI, NRCGI, LAI,
TAI, and 5GSTAI, using E212_NONE elsewhre. (Note that NGAP refers to
the 5GSTAI as just TAI, and the original TAI as EPS-TAI.)
Some packets with the error field do not include any remaining fields if
the error is not SUCCESS (0).
Previously this was not handled.
Wiki reference:
https://wowdev.wiki/Packets/Login/Vanilla#Opcodes_and_Errors
The ENC_LITTLE_ENDIAN values have been changed because the pre-commit
script complained.
Graham Bloice
Vadim Yanitskiy