We allocate a QMimeData object at the beginning of PacketList::mouseMoveEvent.
Usually, this object is passed to a QDrag object by calling drag->setMimeData.
In this case, the QDrag object owns the mime data object and frees it when
it's no longer required.
If the mime data object contains no data that can be dragged and dropped, we
reach the end of PacketList::mouseMoveEvent without anyone taking care of
the mime object. We have to free it ourselves in this case.
The problem can be reproduced if you add a custom column for an element that
does not exist in your capture file. Left-click onto the empty column and
drag the empty column entry somewhere. An asan build will then show the
memory leak
Indirect leak of 240 byte(s) in 2 object(s) allocated from:
#0 0x7f351e153d30 in operator new(unsigned long) (...)
#1 0x7f3500b79802 in QMimeData::QMimeData() (...)
Indirect leak of 32 byte(s) in 2 object(s) allocated from:
#0 0x7f351e153d30 in operator new(unsigned long) (...)
#1 0x5635156dfbc7 in PacketList::mouseMoveEvent(QMouseEvent*) ...
#2 0x7f3502eb94d7 in QWidget::event(QEvent*) (...)
Conversations Statistics suggested the connection initiator was
Address A because of an address/port comparison, when the packet
list says it was Address B. This behavior is changed then the
conversations statistics now suggest the real initiator. Exporting
data from these statistics allow a loyal re-processing.
Closes#16919.
It has bit-rotted.
Replace a bunch of compile-out "#if 0" with runtime "if (0)", and the "#ifdef
debug" with a static const, both of which should reduce the chance of this
bit-rotting again in future by ensuring that these code paths will at least be
compiled -- even if they are not actively used. The default is kept at FALSE,
so the behavior is unchanged, and toggling it still requires recompilation.
fd->data no longer exists; The nearest equivalent uses (dangerous!) tvb_get_ptr
to dump the address of the first byte of the tvb data, in case that is somehow
useful... I'm guessing it exists for live debugging.
We no longer have access to the structures for the hash keys. For the time
being, let's just #ifdef out the code that tries to print those keys. Maybe we
should move the key structures to an epan/reassemble-int.h so that we can
access them from this test code again...?
And zap an extra comma which snuck into a table... Clearly this code hasn't
been compiled in a while.
Tested with debug=FALSE and debug=TRUE, under Valgrind as well as natively, on
a Linux host.
The file request and file acknowledge APDUs of the auxiliary file system
resource are exactly the same as in the application mmi resource.
We already have a function that dissects file acknowledge. Move the
dissection of file request into a separate function as well.
Call the two functions for both ami and afs resources.
For QT >5.11, stringWidth() uses horizontalAdvance, which gives different
(longer) widths than the old boundingRect().width() method.
Other locations use the boundRect().width() method directly, resulting
in underestimating line widths and clipping the last characters in
the byte view window.
Fix by forcing all width calculations to use stringWidth().
Closes#17087.
The minimum required version of Qt is now 5.6, and thus the minimum
required version of macOS is 10.8. Reflect that in macos-setup, and
remove version checks and older packages installed to support
Snow Leopard and Lion.
In file included from ../sharkd_daemon.c:31:
../wsutil/wsgetopt.h:38:21: warning: redundant redeclaration of ‘optarg’ [-Wredundant-decls]
38 | WS_DLL_PUBLIC char *optarg;
| ^~~~~~
In file included from /usr/include/bits/getopt_posix.h:27,
from /usr/include/unistd.h:883,
from ../wsutil/socket.h:33,
from ../sharkd_daemon.c:28:
/usr/include/bits/getopt_core.h:36:14: note: previous declaration of ‘optarg’ was here
36 | extern char *optarg;
| ^~~~~~
In file included from ../sharkd_daemon.c:31:
../wsutil/wsgetopt.h:52:19: warning: redundant redeclaration of ‘optind’ [-Wredundant-decls]
52 | WS_DLL_PUBLIC int optind;
| ^~~~~~
In file included from /usr/include/bits/getopt_posix.h:27,
from /usr/include/unistd.h:883,
from ../wsutil/socket.h:33,
from ../sharkd_daemon.c:28:
/usr/include/bits/getopt_core.h:50:12: note: previous declaration of ‘optind’ was here
50 | extern int optind;
| ^~~~~~
In file included from ../sharkd_daemon.c:31:
../wsutil/wsgetopt.h:57:19: warning: redundant redeclaration of ‘opterr’ [-Wredundant-decls]
57 | WS_DLL_PUBLIC int opterr;
| ^~~~~~
In file included from /usr/include/bits/getopt_posix.h:27,
from /usr/include/unistd.h:883,
from ../wsutil/socket.h:33,
from ../sharkd_daemon.c:28:
/usr/include/bits/getopt_core.h:55:12: note: previous declaration of ‘opterr’ was here
55 | extern int opterr;
| ^~~~~~
In file included from ../sharkd_daemon.c:31:
../wsutil/wsgetopt.h:61:19: warning: redundant redeclaration of ‘optopt’ [-Wredundant-decls]
61 | WS_DLL_PUBLIC int optopt;
| ^~~~~~
In file included from /usr/include/bits/getopt_posix.h:27,
from /usr/include/unistd.h:883,
from ../wsutil/socket.h:33,
from ../sharkd_daemon.c:28:
/usr/include/bits/getopt_core.h:59:12: note: previous declaration of ‘optopt’ was here
59 | extern int optopt;
| ^~~~~~
In file included from ../sharkd_daemon.c:31:
../wsutil/wsgetopt.h:131:19: warning: redundant redeclaration of ‘getopt’ [-Wredundant-decls]
131 | WS_DLL_PUBLIC int getopt (int ___argc, char *const *___argv, const char *__shortopts)
| ^~~~~~
In file included from /usr/include/bits/getopt_posix.h:27,
from /usr/include/unistd.h:883,
from ../wsutil/socket.h:33,
from ../sharkd_daemon.c:28:
/usr/include/bits/getopt_core.h:91:12: note: previous declaration of ‘getopt’ was here
91 | extern int getopt (int ___argc, char *const *___argv, const char *__shortopts)
| ^~~~~~
Commit 69df23fc40 refactored sharkd_loop()
making the use of argv[] dependent on the #define _WIN32. Add _U_ for
the #ifndef _WIN32 case.
Suppresses:
> [2005/2398] Building C object CMakeFiles/sharkd.dir/sharkd_daemon.c.o
> /projects/wireshark/sharkd_daemon.c:357:33: warning: unused parameter 'argv' [-Wunused-parameter]
> sharkd_loop(int argc _U_, char* argv[])
> ^
> 1 warning generated.
Fedora and RHEL/CentOS put libsofthsm2.so in a different location
than Debian/Ubuntu, so look there too. This causes test_tls_pkcs11
to pass instead of being skipped (if softhsm2 and the other
prerequisites are installed.)
Save a copy of the pathname used to open a file in the wtap structure.
This allows the BER file reader to put a pointer to it in the
pseudo-header; it also would allow file readers to attempt to read
"associated" files that have the same name as the file, but with a
different extension.
Instead of having cf_open() special-case BER files, and calling a
routine in the BER dissector to specify the file name to the dissector,
have separate dissectors for "dissect packet payload as BER" and
"dissect a file as BER", and have the latter get the pathname of the
file from the pseudo-header and determine the ASN.1 syntax from that.
(Side-effect - this means that you can now dissect a BER file, and have
the syntax be determined by the file extension, in TShark as well; the
above cf_open() special-casing was *not* done in TShark, so it didn't
work before. Now the application code doesn't need to do any of that,
so it works in TShark as well as Wireshark.)
Eliminate WTAP_FILE_TYPE_SUBTYPE_ERF and
WTAP_FILE_TYPE_SUBTYPE_SYSTEMD_JOURNAL - instead, fetch the values by
name, using wtap_name_to_file_type_subtype().
This requires that wtap_init() be called before epan_init(); that's
currently the case, but put in comments to indicate why it must continue
to be the case.
Increase the minimum required version of Qt from 5.3 to 5.6. The various
Linux distribution versions that shipped with earlier Qt versions (RHEL
6, Fedora 23, openSUSE 13.2, Debian jessie, Ubuntu 16.04) have either
reached end of support or will do so soon.
The official Qt 5.6 releases for macOS require 10.8, so make that the
minimum macOS version.
Remove a bunch of no-longer-needed version checks.
When handling uncompressed packets:
* Add bounds checks before allocating or reading memory.
* Limit amount of memory allocated to the size of the IP header plus the
maximum needed size of the TCP header, not entire packet contents.
* Check for IPv4 before processing.
* Use more constant macros for easier reading and review.
When handling compressed packets:
* Add bounds checks when calculating size of compression header.
General:
* Add extra comments.
* Use reported length instead of captured length for calculating
syn+ack values (since that's what the sender would use).
* Added support for dissecting mPackets with arbitrary preamble length,
in accordance with IEEE 802.3br-2016
Changed fpp.preamble type from FT_UINT64 to FT_BYTES
* Allowed for capture device to signal non-integer preamble length by padding with zero.
Added fpp.preamble.pad to indicate any alignment padding bits
* Added missing printouts of SMD types
i.e. SMD-E, SMD-V, SMD-R, SMD-S0, ...
* Added missing printouts of decoded fragment numbers
i.e. 0, 1, 2, 3
Add dissect_pkt_line helper that dissects a single pkt-line and
simplifies the pre-existing dissect_git_pdu().
A later patch will make use of this same helper for HTTP support.
Part of #17093
Testing with tftpConversationError.pcapng attached to issue 10305 revealed this
warning on the console:
GLib-CRITICAL **: 16:47:08.092: g_str_has_suffix: assertion 'str != NULL' failed
The cause is that the filename retrieved from the tftpinfo struct could
potentially be NULL when dissect_a615a_heur is called, for instance if the TFTP
RRQ/WRQ was not captured or not associated with the same conversation as the
DATA packet.
It's interesting that this condition arises from this capture
file... Perhaps the conversation tracking is amiss? To be investigated.
Without knowing the filename, there appears to be no way to meaningfully
dissect the protocol beyond just dissecting just the file length and the
protocol version; For simplicity, I opted to maintain the present behavior and
have the heuristic test fail if the filename is not known.
Celcius -> Celsius.
ammendment, framenun and untunelled (with one 'n') are in wireshark_words.txt
but do not seem to be present in our codebase anymore (and are not
correctly-spelled words), so AFAIK they can be removed from the list.
Added a handful of words which don't seem to be in the dictionary on my host
but are real words and are in the codebase.
Removed two contractions which are now handled within tools/check_spelling.py .
The include_directories documentation at
https://cmake.org/cmake/help/latest/command/include_directories.html
says:
"Note: Prefer the target_include_directories() command to add include
directories to individual targets and optionally propagate/export them
to dependents."
Switch from include_directories to target_include_directories in a bunch
of places.
Add "SYSTEM" to the remaining external include_directories calls in
order to minimize our compiler warning blast radius.
Using the application mmi (ami) resource, a file of any type may be sent
from the module to the host.
The host receives both the file name and the binary payload. At the moment,
we parse the name and hand the payload to the png dissector if it ends with
.png
Instead of this manual approach, we should make use of all file types that
wireshark can dissect, i.e. all file types registered in the wtap_file
dissector table. The mime-encap dissector does just that, so we pass our
payload to this dissector.
It was returning the length of the array *after* we added the new entry,
which is the index that would be used for the *next* entry added.
Return, instead, the length of the array *before* we add the new entry.
Dissect the ip config request and reply APDUs that were added in the DVB-CI+
v1.4 specification.
Re-use the existing value string for "connected/disconnected". (If the field
was a single bit, we could use a tfs...).
Yet again, this is based on work by Jens Rosenboom.
We need to update the count of builtin types after copying over the
entries from the fixed table; otherwise, slot 0, for
WTAP_FILE_TYPE_SUBTYPE_UNKNOWN, will get assigned to the first
non-fixed-table builtin module.
Fix a comment (is a "builtin plugin" like a "square circle"?).
Provide a wiretap routine to get an array of all savable file
type/subtypes, sorted with pcap and pcapng at the top, followed by the
other types, sorted either by the name or the description.
Use that routine to list options for the -F flag for various commands
Rename wtap_get_savable_file_types_subtypes() to
wtap_get_savable_file_types_subtypes_for_file(), to indicate that it
provides an array of all file type/subtypes in which a given file can be
saved. Have it sort all types, other than the default type/subtype and,
if there is one, the "other" type (both of which are put at the top), by
the name or the description.
Don't allow wtap_register_file_type_subtypes() to override any existing
registrations; have them always register a new type. In that routine,
if there are any emply slots in the table, due to an entry being
unregistered, use it rather than allocating a new slot.
Don't allow unregistration of built-in types.
Rename the "dump open table" to the "file type/subtype table", as it has
entries for all types/subtypes, even if we can't write them.
Initialize that table in a routine that pre-allocates the GArray before
filling it with built-in types/subtypes, so it doesn't keep getting
reallocated.
Get rid of wtap_num_file_types_subtypes - it's just a copy of the size
of the GArray.
Don't have wtap_file_type_subtype_description() crash if handed an
file type/subtype that isn't a valid array index - just return NULL, as
we do with wtap_file_type_subtype_name().
In wtap_name_to_file_type_subtype(), don't use WTAP_FILE_TYPE_SUBTYPE_
names for the backwards-compatibility names - map those names to the
current names, and then look them up. This reduces the number of
uses of hardwired WTAP_FILE_TYPE_SUBTYPE_ values.
Clean up the type of wtap_module_count - it has no need to be a gulong.
Have built-in wiretap file handlers register names to be used for their
file type/subtypes, rather than building the table in init.lua.
Add a new Lua C function get_wtap_filetypes() to construct the
wtap_filetypes table, based on the registered names, and use it in
init.lua.
Add a #define WSLUA_INTERNAL_FUNCTION to register functions intended
only for internal use in init.lua, so they can be made available from
Lua without being documented.
Get rid of WTAP_NUM_FILE_TYPES_SUBTYPES - most code has no need to use
it, as it can just request arrays of types, and the space of
type/subtype codes can be sparse due to registration in any case, so
code has to be careful using it.
wtap_get_num_file_types_subtypes() is no longer used, so remove it. It
returns the number of elements in the file type/subtype array, which is
not necessarily the name of known file type/subtypes, as there may have
been some deregistered types, and those types do *not* get removed from
the array, they just get cleared so that they're available for future
allocation (we don't want the indices of any registered types to changes
if another type is deregistered, as those indicates are the type/subtype
values, so we can't shrink the array).
Clean up white space and remove some comments that shouldn't have been
added.
In some circumstances when dealing with a series of out-of-order
packets, the last packet of this series is marked as a
retransmission instead of an out-of-order. Closes#17214.
NCSI: Extends NCSI dissection based on DSP0222 Version: 1.2.0_2b
Add pci-ids.c and pci-ids.h for mapping PCI IDs(VID,DID,SID,SVID) to string.
Extends NCSI dissection to support DSP0222 Version: 1.2.0_2b.
Extends NCSI dissection to support Mellanox OEM commands.
NCSI: Use TFS for boolean mapped string and added AEN dissectors
1. Use the tfs defined in tfs.c
2. Refine the boolean mapped strings to be TFS style
3. Added dissectors for AEN
NSCI: Fixed erros with gcc 7.5.0
1. Fix compiling errors with gcc 7.5.0 under Ubuntu 18.04
2. Sloved complaints of git pre-commit hook
NCSI: Add "0x" prefix for displaying HEX values
There are codes display HEX values without prefix, added "0x" to fix that.
PCI-IDS: Added PCI ID file and python script to convert it to C codes
1. Added the PCI ID file pci.ids from https://pci-ids.ucw.cz/
2. Added pci-ids-convert.py to convert to epan/dissectors/pci-ids.c
PCI-IDS: Updated the PCI ID list to be Version 2021.01.11
NCSI: Remove trailing spaces and unused href entries
PCI-IDS: Use a fresh copy of pci.ids to generate pci-ids.c
1. Renamed pci-ids-convert.py to make-pci-ids.py
2. make-pci-ids.py uses a fresh copy of pic.ids to generate pci-ids.c
PCI-IDS: Move internal structure to C file
1. Move pci_id_t and pci_vid_index_t from header file to C file.
2. Refined the comments of pci-ids.c
3. Renamed local variable index (shadow variable) to idx
PCI-IDS: Refined binary search codes
PCI-IDS: Moved pci-ids.[ch] to epan/
Moved pci-ids.[ch] to epan/ as they ought to be
Forcibly unset the cached version of CMAKE_VERBOSE_MAKEFILE if the
FORCE_CMAKE_NINJA_NON_VERBOSE environment variable is set, to make
*extra* sure that we don't do a verbose build.
Visual Studio's code analyzer lets you avoid analyzing external headers
using CAExcludePath. Add a note suggesting that we might want to do this
using the VS_USER_PROPS CMake property, but that for now we're using an
environment variable in the builder config.
Martin Kaiser