Age | Commit message (Collapse) | Author | Files | Lines |
|
the left and to the right of the '-' operator found by PVS Studio (V501)
Change-Id: Ib3fb73f6cc3dba549bd3104e9227f4e4a6e3b08c
Reviewed-on: https://code.wireshark.org/review/12310
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I1b4545e132bce437570a1ea3afb2b707e7553f4b
Reviewed-on: https://code.wireshark.org/review/12718
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Improved the custom column prime regex so that all fields must be
separated by "||" or "or" to avoid false positives when having
multi-fields which is valid display filters but not valid for
custom columns (e.g. "udp and tcp").
Change-Id: Iec9942d458d6b265d04e14b5966907f1de43b782
Reviewed-on: https://code.wireshark.org/review/12751
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
[-Wmissing-prototypes]
Change-Id: I4a90d1b2dbd5af4222ca4206f1c701842aa0d424
Reviewed-on: https://code.wireshark.org/review/12774
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: If56dfe7f52d965d0ebffcc36588b0c93234a1309
Reviewed-on: https://code.wireshark.org/review/12773
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8ab0388511afb3b9dd3bd16ba569a78252b8d52a
Reviewed-on: https://code.wireshark.org/review/12070
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Modify existing MainWindow::testCaptureFileClose() to handle restart scenario.
Bug: 9605
Change-Id: Ie57624ca482b050745474f5e1c61343f60292a42
Reviewed-on: https://code.wireshark.org/review/12733
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I34d24b05941f9a56c48273254d84cab3b91a12d5
Reviewed-on: https://code.wireshark.org/review/12780
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Add support for Barracuda NGFirewall Ipfix Audit. Used documentation
found at https://techlib.barracuda.com/NG61/ConfigAuditReportingIPFIX
The configuration allows to switch between little endian and big
endian for a Ipfix collector. This commit expects big endian encoding.
However it seems that there is a bug in NGFirewall 6.1.1 which
interchanges the encoding (little-endian instead of big endian and vice
versa).
Bug: 11902
Change-Id: I84c497188eadedf6781dce309888242b0dc1592f
Reviewed-on: https://code.wireshark.org/review/12703
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Introduced in Iad5e28aa
Bug: 11910
Change-Id: I80be5f156786ddb9f7bbe25460b48dbb4588cb8d
Reviewed-on: https://code.wireshark.org/review/12755
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: Iac09b841ff782ea351052ad6b20f5b4ff170e8e8
Reviewed-on: https://code.wireshark.org/review/12752
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
at the moment, AirPDcapDecryptWPABroadcastKey() does not free the buffer
allocated by AES_unwrap() if there's an error while parsing the returned data
this could be fixed by adding more g_free() calls or by using wmem
memory
Change-Id: I332968da2186fbd17cbb7708082fa701dcab668e
Reviewed-on: https://code.wireshark.org/review/12744
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
return an error if our key is shorter than the key type required for the
encryption method we detected
this check prevents an out-of-bounds memory access when the key is copied
Bug: 11826
Change-Id: Ic779b5d87aa97a3b2d2b2c92ce12d0fff4a85adc
Reviewed-on: https://code.wireshark.org/review/12743
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
to make sure that AirPDcapDecryptWPABroadcastKey() does not leak memory
when it returns an error
Change-Id: I01dc8dc0d6cc1e72e9784a262e35e24844e35dbc
Reviewed-on: https://code.wireshark.org/review/12745
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I7340954d9ca2fd11a6db2aa7cd5493d870181e23
Reviewed-on: https://code.wireshark.org/review/12765
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Iee46c43498f42e19dfab0178e80743d35d843d2d
Reviewed-on: https://code.wireshark.org/review/12762
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
rec_length_remaining is the amount of data we haven't already read from
the record; it starts out as the record length and gets decreased. It
is not the length of data in the packet.
Change-Id: I46cd78e29aee13a686f1f6c8efbe258277e15686
Reviewed-on: https://code.wireshark.org/review/12759
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Before reading the record header of a REC_FRAME{2,4,6} record, make sure
the record length is >= the length of that header.
Whe calling fix_pseudo_header(), pass the actual length of the packet
data, not the remaining length of the record (which may include
padding), so we don't read past the end of the packet data.
Bug: 11827
Change-Id: I1c63a4cb014c4616ffdd202660e68c576f266872
Reviewed-on: https://code.wireshark.org/review/12756
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Set initial value for confirmUnsavedCheckBox.
Change-Id: I7dfebf21e516a9d1be1bd3f543a00834222c9ff7
Reviewed-on: https://code.wireshark.org/review/12739
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Use this as a common regex to split multi-field custom columns.
Change-Id: I40f76743284c5981c95d2e47d6d1d2a7f357d2ea
Reviewed-on: https://code.wireshark.org/review/12753
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Update manuf, services enterprise-numbers, translations, and other items.
Change-Id: I888e6e56894ab3226ad32e8f1d5e3d351cfcd8d8
Reviewed-on: https://code.wireshark.org/review/12747
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: Ic6c6113e91adb416f19aeea5ed85d5deb61832d4
Reviewed-on: https://code.wireshark.org/review/12746
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
for cipher_len==56, some bytes of the output array are not written
An alternative approach would be to add a check for cipher_len.
I understand from RFC 3394 that the AES key wrap algorithm works on
multiples of 64bits and has no upper limit, we couldn't easily reject 56
bytes cipher_len.
Bug: 11527
Change-Id: Ie82357bbe5512de391813dd55098df7a16bda9ae
Reviewed-on: https://code.wireshark.org/review/12741
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
The kernel sets the URBs status to -EXDEV in this case. Don't require
status == OK in this case.
Set pinfo->p2p_dir for USB packets. Sent/received is from the
perspective of the host.
Bug: 11868
Change-Id: I2be2348507bef47272d3d8786019ec90457141ac
Reviewed-on: https://code.wireshark.org/review/12731
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
This allows a 64bit 7-Zip installation to be located even though
win-setup.ps1 is run by a 32-bit process.
This applies to 64bit Windows (7, 10, Server 2008 R2, Server 2012).
Tested on 2012.
Ref:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa384274%28v=vs.85%29.aspx
Change-Id: I6f4f3226b25c890cd674bf4c4d9ea73ddfc8ece0
Reviewed-on: https://code.wireshark.org/review/12740
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
GTK already has it, but Qt forgot about it, so multi-field custom column
works ok if previously saved in GTK-shark. Invalid validation prevent from
modifying and saving multi-field custom column in Qt version.
While at it, rename "custom field" to "custom fields" to ensure
we think about multi-field custom column.
Change-Id: I99588150ccb38be11b75f5dd5b0f6443e7055ebb
Reviewed-on: https://code.wireshark.org/review/12685
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I37602d0e2148150b55b2812855bccf2f181d31b8
Reviewed-on: https://code.wireshark.org/review/12737
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
them.
Change-Id: Ie7b8964fcbb5e0a7c6b4296ee2b63e168dcc55fa
Reviewed-on: https://code.wireshark.org/review/12738
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ie828a38ea0da14224ccf38ae5c703038bddcc835
Reviewed-on: https://code.wireshark.org/review/12736
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I127f55f4ed26a99facea4d1ecc29786ab4898a75
Reviewed-on: https://code.wireshark.org/review/12735
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The working directory for g_spawn_sync should not be escaped, it is
simply passed to chdir. The escaping was needed for the command, so do
so (hmm... maybe the argv arguments should be escaped too for Windows).
Also remove an unnecessary NULL command argument for extcap_foreach.
Note: there is still a memleak when exiting because the ifaces table is
not cleared after querying the list.
Change-Id: I1251d623b954a81848044b6d1faf8dcec8ce465b
Reviewed-on: https://code.wireshark.org/review/12530
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Qt already has a menu item for this in Statistics -> Capture File Properties
Bug: 9628
Change-Id: I85dd6f85d43fbfb60c2f4db82d9a02d91866127c
Reviewed-on: https://code.wireshark.org/review/12725
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It's always TRUE.
Clean up indentation while we're at it.
Change-Id: I11f5b849274b68bbda4fa32a8d909d6d5e71cbb1
Reviewed-on: https://code.wireshark.org/review/12732
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Add the TYPE_COLOR_HASH_POS and TYPE_COLOR_HASH_ETH types, note that
type 26 has no #define, mention that types 28 through 31 are reserved
for future record types.
Change-Id: Ic828254599599c6bd7399d4682f9a3d4bff1f0f7
Reviewed-on: https://code.wireshark.org/review/12728
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Update erf_open heuristic to not break when ERF_TYPE_META records are present.
Remove check for maximum non-pad ERF type and add defines for reserved types.
No dissection in this commit beyond record type name, this will come later.
Change-Id: Ib64e450e26b2878b5519fb6afeafa2ce9477ac85
Reviewed-on: https://code.wireshark.org/review/12708
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Unsigned type value is always >= 0
min_secs is always set to 0
Change-Id: I62e3a5b71b423ae9ae15be1206bd1deeb9962760
Reviewed-on: https://code.wireshark.org/review/12400
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I5b43c02a75ae2ade1d389d01f352b1500417779d
Reviewed-on: https://code.wireshark.org/review/12696
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
ring buffer.
This matches the Gtk UI.
(Note that the Qt UI's upper limit for this option (1k) is much lower than
the Gtk UI's (100k).)
Change-Id: Ie5b5b7b4bdb9205594ed7fcc38630a6268cc3acf
Reviewed-on: https://code.wireshark.org/review/12711
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
It was buried as a static variable in capture_info.c, and functions were refactored to allow a pointer to the info_data_t structure to be passed in. TShark and GTK will have their own single (global) copy of the structure, while it opens up Qt to have multiple instances.
Change-Id: Ic2d7a2ad574de43f457cb18b194d6bc3fffb6120
Reviewed-on: https://code.wireshark.org/review/12691
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 11733
Change-Id: Ic144634acce7b9e9eb9821ca6452694cb2dcf4dd
Reviewed-on: https://code.wireshark.org/review/12684
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
|
|
Change-Id: I57fd59a065e987e0e188b0898a874116e7cc56e8
Reviewed-on: https://code.wireshark.org/review/12722
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Id05c3fbf0c667ae2b2e349b73eba62a23d9e9e9e
Reviewed-on: https://code.wireshark.org/review/12721
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
the ring buffer and autostop configuration sections.
Change-Id: I2a260e4f9e52444ee9d6c072bce34067dd74cc19
Reviewed-on: https://code.wireshark.org/review/12712
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Make sure we use relative destination paths in each install
command. Apparently many CPack generators don't support absolute paths,
particularly on Windows. This fixes the following error when running
`cpack -G WIX` here:
----
CPack: Create package using WIX
CPack: Install projects
CPack: - Install project: Wireshark
CMake Error at C:/Development/wireshark/cmbuild/cmake_install.cmake:206 (message):
ABSOLUTE path INSTALL DESTINATION forbidden (by caller): C:/Program Files/Wireshark/lib/wireshark/extcap/androiddump.exe
CPack Error: Error when generating package: wireshark
----
Change-Id: Ifdcd40814df8163ea722a65ef55acc1a511b2f75
Reviewed-on: https://code.wireshark.org/review/12657
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
|
|
In NFS protocol, stateid's seq# changes within the stateid and therefore
it changes the calculated hash of the stateid displayed by the wireshark.
It makes it inconvenient to filter packets based on such value.
This patches adds additional field (instead of replacing old) to display
the CRC32 hash of the stateid.other field.
Bug:11895
Change-Id: I70c6d2b88822b6f735e8bc506a1bfcb421f6ddb9
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Reviewed-on: https://code.wireshark.org/review/12536
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Icca723d08e25ecd492ba553d5a0f66af558e7556
Reviewed-on: https://code.wireshark.org/review/12716
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: If2a5ad5c836c5dfddb4f6c4ffa41c52e52f2b671
Reviewed-on: https://code.wireshark.org/review/12717
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
While we are at it, let's centralize bytes_view_type definition
Bug: 11903
Change-Id: I606c779a8efaea668db1b440d3ae0336e6e3fc67
Reviewed-on: https://code.wireshark.org/review/12706
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
The offsetof() macro is an ANSI C library feature.
Change-Id: I2ac91b0b4c94c6f6baf14133b076fdc5ed2e182b
Reviewed-on: https://code.wireshark.org/review/12707
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I5ea72998de9bbc3db02a33b53c0bb5a89e597b6d
Reviewed-on: https://code.wireshark.org/review/12427
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|