ws_log_domains.h needs to be included before wslog.h to be used
to define WS_LOG_DOMAIN. Also the definition for enum ws_log_level
needs to be exported for other APIs so move that to ws_log_domains.h
and rename the file to ws_log_defs.h to reflect the new scope.
The IEEE Std 802.11ax-2021 amendment relaxes the requirements for
elements included in the Nontransmitted BSSID Profile subelement:
"Any element specific to the BSS or with content that is different
from the transmitted BSSID" can be included as a sublement.
However, it also enumerates elements that should not be included in the
Nontransmitted BSSID Profile subelement, including some extended element
IDs.
Thus, I've changed the add_tagged_field function to be more comprehensive, so that:
a) it can use the list of elements IDs to check for valid OR invalid element IDs
b) it defines necessary arguments for also checking valid OR invalid extended element IDs
The original function declaration is kept as it is, and the implementation calls the
new function, add_tagged_field_with_validation.
An alternative implementation of this change would be to have
the Multiple BSSID dissector implementation skip the check for invalid
element IDs in the Nontransmitted BSSID Profile subelement,
hence not requiring any changes to the add_tagged_field function.
However, for completeness, the add_tagged_field function should check for
valid extended element IDs in the same way it can check for valid element IDs,
and this commit provides it.
Add macros to round to multiples of 2, 4, 8, 16, and 32.
Use them instead of independently defined macros.
(We don't define a general "round to a power of 2" macro to avoid the
risk of somebody passing something other than a power of 2 to it.)
A TS packet can contain the end of a previous fragmented higher level
packet and the start of a new higher level packet. If an exception
is thrown in the first reassembled packet, catch it and continue to
process the start of the next. This is particularly likely when there
are dropped or out of order frames, since there are no fragment IDs,
just continuous streams (multiplexed by PIDs.) Similar to #13238,
but at a slightly different place in the protocol.
In the past, tvb_reported_length_remaining(), and thus
Tvb:reported_length_remaining(), may have returned -1 if the offset was
invalid. That's no longer the case; the former returns 0, and, as the
latter just returns the former's return value, that's true of the latter
as well.
It has a "reported length", which is the closes thing to an "actual
length", as it represents the length the packet, or subset thereof, had
on the network, and a "captured length", which is the amount of the
packet that the capture process saved.
In 99.999999999999999999999999999999% of all cases, a dissector should
look at the "reported length", not at the "captured length".
Rename the "len" method to "captured_len", leaving "len" around for
backwards compatibility.
Fix the documentation to reflect reality, to avoid issues such as #15655.
Fixes field names and sets field values to be consistent
with equivalent HT and VHT capabilities fields as indicated
in the IEEE Std 802.11ax-2021 amendment.
Add dissect_netlink_attributes_to_end(), which takes no length argument,
and uses tvb_ensure_reported_length() to get the remaining length in the
packet.
In dissect_netlink_attributes_common(), treat negative lengths as if
they were a positive length >= 2^31, and throw a reported bounds error.
Also, throw a bounds error if there's more padding to a 4-byte boundary
than there is data in the packet.
At that point, we know the length is positive, so assign it to an
unsigned variable and use *that* in the loop. Throw an error if the
attribute goes past the end of the packet (although we presumably would
have done that already).
(We really should eliminate all use of -1 as "to the end", and make
lengths unsigned. We should also get rid of any places where we're
using negative offsets as offsets from the end of the packet - in the
few cases where you're dealing with trailers, you want to do that
carefully, so as not to throw an exception dissecting the trailer before
you get around to dissecting the rest of the packet - and make offsets
unsigned as well.)
It is to tvb_reported_length_remaining() as
tvb_ensure_captured_length_remaining() is to
tvb_captured_length_remaining() - it throws an exception if the offset
is out of range.
(Note that an offset that's just past the end of the {reported,
captured} data is *not* out of range, it just means that there is no
data remaining. Anything *past* that is out of range and thus invalid.)
This big patch addresses the following items:
* implement the "message" virtual channel so that multi-transport and bandwidth
PDUs are dissected;
* prepare the identification of static channels to be able to dissect them later;
* fix the compression field in channelPDUHeader.channelFlags;
* implement the drdynvc channel dissector, so now we decode the traffic on this
channel and we're able to track data on dynamic channels and transition to UDP
transport
They don't include any attributes - they're not large enough to contain
anything other than the netlink message header and the one-byte address
family. For legacy messages, the attribute we hand to
dissect_netlink_route_attributes() is not aligned on a 4-byte boundary,
as it's the offset right after the 1-byte address family value;
dissect_netlink_route_attributes() will try to align that on a 4-byte
boundary, but that will go past the "immediately after the end of the
packet" offset, which can cause problems if any checking is done to make
sure the offset is valid. Therefore, we don't try to dissect the
attributes, rather than relying on the attributes dissector to discover
that there's nothing left in the packet.
Note that it was impossible to actually overflow
the buffer, and there is a check to flush and restart
if it gets to within a few bytes of the end, but static
analyzers (CID: 1477927) are unlikely to be able to work
this out.
The structure containing struct rtgenmsg in the message header also
includes a structure that's aligned on a 4-byte boundary, so there's 3
bytes of padding after the struct rtgenmsg.
The circuit API was removed and replaced with the conversation
"_by_id" API that uses a single uint32 value by commit
800b26edbe
Remove the lingering references to circuits from the stream API,
since it's just used with conversations now.
Check whether the length of data remaining in the block content,
starting at the offset past the data preceding options, is > 0, don't
check whether the *total* block content length is > 0.
Fixes mask for reserved field, and adds support for ver. number 3.x.
Also, renames "Release Number" to "Version Number" to match
latest WFA Passpoint specification document (ver 3.2).
Experience has shown that:
1. The current logging methods are not very reliable or practical.
A logging bitmask makes little sense as the user-facing interface (who
would want debug but not crtical messages for example?); it's
computer-friendly and user-unfriendly. More importantly the console
log level preference is initialized too late in the startup process
to be used for the logging subsystem and that fact raises a number
of annoying and hard-to-fix usability issues.
2. Coding around G_MESSAGES_DEBUG to comply with our log level mask
and not clobber the user's settings or not create unexpected log misses
is unworkable and generally follows the principle of most surprise.
The fact that G_MESSAGES_DEBUG="all" can leak to other programs using
GLib is also annoying.
3. The non-structured GLib logging API is very opinionated and lacks
configurability beyond replacing the log handler.
4. Windows GUI has some special code to attach to a console,
but it would be nice to abstract away the rest under a single
interface.
5. Using this logger seems to be noticeably faster.
Deprecate the console log level preference and extend our API to
implement a log handler in wsutil/wslog.h to provide easy-to-use,
flexible and dependable logging during all execution phases.
Log levels have a hierarchy, from most verbose to least verbose
(debug to error). When a given level is set everything above that
is also enabled.
The log level can be set with an environment variable or a command
line option (parsed as soon as possible but still later than the
environment). The default log level is "message".
Dissector logging is not included because it is not clear what log
domain they should use. An explosion to thousands of domains is
not desirable and putting everything in a single domain is probably
too coarse and noisy. For now I think it makes sense to let them do
their own thing using g_log_default_handler() and continue using the
G_MESSAGES_DEBUG mechanism with specific domains for each individual
dissector.
In the future a mechanism may be added to selectively enable these
domains at runtime while trying to avoid the problems introduced
by G_MESSAGES_DEBUG.