Usage, Usage Minimum and Usage Maximum can be "Extended" Usages. When
parsing report descriptor, respect page encoded in extended usage value.
Remove arbitrary usage count limit, as the usage ranges are limited to
16-bit value and thus the usages array can grow by up by 256 KiB with
single usage range.
Consolidate build instructions and troubleshooting into WSDG chapter 2.
Remove (moved) troubleshooting note that libpcap is required.
Link from WSUG build instructions to the WSDG chapters.
Reorder WSUG to have install instructions before build instructions for both
Windows and Unix.
Link from WSDG build instructions in WSDG sources chapter back to
WSDG chapter 2.
Offer options to the 'git clone' lines in obtaining sources: '--depth' and
'--shallow-since'
Add brief descriptions of new options mentioned.
Save a list of all user options that were specified on the Wireshark
command line using the `-o` option. Reapply those preferences after
reloading Lua plugins. Fixes the behaviour given in #12331 wherein such
prefs were reset to the defaults, not the command-line values, when
reloading Lua plugins.
When the user changes a preference in the Wireshark UI, remove that
preference from the stored command line options, so it doesn't get reset
when Lua plugins are reloaded again.
Use the same style of message for too-short block errors ("pcapng: total
block length XXX of {a,an} XXX is too small...").
Add an additional check for the "skip" Netflix cutom block, to make sure
it has enough room for the 4-byte "skipped" value.
Starting with 3.0 there is a new non backwards compatible Web-Sec-Protocol for BLIP, so the plugin should handle both (the differences are irrelevant from Wireshark's standpoint)
Have the IEEE 1722 AVTP dissector call the MP2T dissector when that
is the payload type. Comment out the "if (tree)" statement since
the MP2T dissector needs to be called on the first pass regardless
to handle fragmentation.
Since there is a 4 octet source packet header timestamp before each
MPEG2-TS packet when carried on AVTP, the MP2T dissector has to be
called multiple times per frame. Since the fragmentation data is
indexed by the offset in the tvb passed to the MP2T dissector, create
a table for each MP2T layer in the packet via pinfo->curr_layer_num.
Fix#10702.
A few helpers weren't in exception-throwing paths and can just free
unscoped memory. The macro in proto.c is only used in contexts with a
tree, so just use the tree's scope there.
Re-implement below change but for the legacy ccmp decryption used on
3.2 release track but also on later releases when Wireshark is built
with older versions of libgcrypt:
e5e37add9a 802.11 Decrypt: Fix AAD Calculation when HT-Control present in a QoS Data Frame
Ping #17577.
If a graph is added it should be a single operation, not multiple setData operations
leading to a myriad of dataChanged signals to be fired, which in turn can hinder redissection.
Allocate the root node in the same pool as the list itself, and make
that pool explicit so we can pass the pinfo scope instead of using the
global packet pool.
Fix support for IEEE 1722-2016 Annex J IP Encapsulation.
Dissect extra 4-octet encapsulation_sequence_num field that
is present when carried on UDP/IP. Perform rudimentary sequence
analysis with it. Fix#17389.
When written by hand, it’s difficult to have a fully functional
subdissector for a given command if the structures in it contain at lot
of fields and/or numerous level of sub-structures, making the definition
of all sub-structures mandatory before we have all sub-structures fully
defined before we can dissect anything.
This patch makes it easy not to defined some structure fields and let
the generic Thrift dissector handle them.
If you care only about some fields for your analysis or you have some
obsolete fields that may appear in your captures due to old client but
are no longer defined in the .thrift files, you can still write the sub-
dissector for your protocol just by omitting the obsolete field.
For example:
static const thrift_member_t tcustom_data[] = {
{ &hf_tcustom_data_id, 1, TRUE, DE_THRIFT_T_I64, TMFILL },
{ &hf_tcustom_data_name, 2, TRUE, DE_THRIFT_T_BINARY, TMUTF8 },
{ &hf_tcustom_data_content, 3, TRUE, DE_THRIFT_T_STRUCT, &ett_tcustom_resource, { .members = tcustom_resource } },
{ NULL, 0, FALSE, DE_THRIFT_T_STOP, TMFILL }
};
could become:
static const thrift_member_t tcustom_data[] = {
{ &hf_tcustom_data_id, 1, TRUE, DE_THRIFT_T_I64, TMFILL },
{ &hf_tcustom_data_name, 2, TRUE, DE_THRIFT_T_BINARY, TMUTF8 },
{ NULL, 3, TRUE, DE_THRIFT_T_GENERIC, TMFILL },
{ NULL, 0, FALSE, DE_THRIFT_T_STOP, TMFILL }
};
and avoid the need to define the extremely complex "resource" struct.
In this case, the structured data would be dissected by the generic
dissector while keeping the possibility for the user to filter on the
resource id or name.
wblock->internal is not initialized on pcapng_read_custom_block function
pcapng.c:3747:9: warning: Branch condition evaluates to a garbage value [core.uninitialized.Branch]
This patch adds support to SOME/IP to be dissected on top of DTLS. This
can be used via the Decode As feature of Wireshark.
This extends the existing support for DTLS.
Add an expert info for more protocol issues:
- Thrift protocol exceptions.
- Thrift application exceptions.
- Negative field id that are now prohibited in new interfaces.
- Out-of-order field ids (not prohibited but unusual).
packet-erldp.c:403:13: warning: Although the value stored to 'buf_ptr' is used in the enclosing expression, the value is never actually read from 'buf_ptr' [deadcode.DeadStores]
packet-erldp.c:922:9: warning: Value stored to 'offset' is never read [deadcode.DeadStores]
packet-erldp.c:928:7: warning: Value stored to 'offset' is never read [deadcode.DeadStores]
packet-json.c:365:7: warning: Value stored to 'is_valid_unicode_character' is never read [deadcode.DeadStores]
packet-json.c:371:7: warning: Value stored to 'is_valid_unicode_character' is never read [deadcode.DeadStores]
packet-json.c:383:8: warning: Value stored to 'is_valid_unicode_character' is never read [deadcode.DeadStores]
packet-json.c:389:8: warning: Value stored to 'is_valid_unicode_character' is never read [deadcode.DeadStores]
packet-rdp.c:1600:3: warning: Value stored to 'offset' is never read [deadcode.DeadStores]
packet-rdp.c:1614:3: warning: Value stored to 'offset' is never read [deadcode.DeadStores]
packet-thrift.c:1382:17: warning: Value stored to 'len_pi' is never read [deadcode.DeadStores]
packet-thrift.c:1388:9: warning: Value stored to 'len_pi' is never read [deadcode.DeadStores]