| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Add a script to initialize static proto values to 0 instead of -1.
This will save ~1MB static init code.
|
|
Ran `tools/convert-glib-types.py` over the files in `doc/` and
`docbook/`, then manually checked/massaged/reverted results as
appropriate.
One small step towards addressing #19116
|
|
As requested [here][1] by @eapache, help with removing calls to
`wmem_packet_scope()` in favour of references to `pinfo->pool`.
* Plugins chosen semi-alphabetically.
* When a calling function already has a `pinfo` argument, use that.
* Remove `_U_` from its signature if it was there.
* If a function seems narrowly focused on getting and (possibly)
returning memory, change the function signature to take a
`wmem_allocator_t *`.
* If it seems more focused on packet-based operations, pass in a
`packet_info *` instead and use `pinfo->pool` within.
* Some of the files in this MR still have references to
`wmem_packet_scope()` where it would take significant work to remove.
These will need revisiting later.
[1]: https://www.wireshark.org/lists/wireshark-dev/202107/msg00052.html
|
|
|
|
There is no reason to have separate "RFC 822" and "RFC 1123" parsing of
Internet Message Format date/time values. RFC 1123 adds support for
4-digit years to RFC 822's 2-digit years; RFC 2822, which supplanted RFC
822, supports both, and RFC 5322, which supplanted RFC 2822, continues
to do so. I know of no cases where *only* 2-digit years should be
supported, especially given that it has beenover 23 years since January
1, 2000.
Instead, have ENC_IMF_DATE_TIME for Internet Message Format date/time
values; keep ENC_RFC_1123 for backwards compatibility, but treat it
exactly the same as ENC_IMF_DATE_TIME. Keep ENC_RFC_822 around as an
alias for ENC_IMF_DATE_TIME.
Have separate expert infos for errors parsing string-encoded byte arrays
and string-encoded dates and times, with the messages speaking of byte
arrays and dates/times rather than "numbers". For now, have the only
error being "couldn't convert"; we can add more for specific cases of
what's wrong.
In tvb_get_string_bytes() and tvb_get_string_time(), don't use errno as
a way of indicating failure, use a return of NULL. Using errno 1) runs
the risk of getting errno overwritten by intermediate calls and 2)
would force assinging particular errno values, the set of which we don't
control, to particular errors if we were to distinguish different errors
in the future.
In tvb_get_string_time(), for Internet Message Format date/time values,
check for 2-digit and 3-digit years based on the length of the year
field in the string. Handle them the way the RFCs say, not the way
strptime() does (strptime(), which was originally written to allow
programs to ask the user to specify a date and time and let them enter
it in the locale's date and time format, and to use 2-digit years in
case they were in the habit of doing so, which they might have been
given that this was the mid 1980's; the choice of 1969 as the first "not
21st century" year was based on the fact that it was the earliest year
for a date correspnding to a non-negative time_t value, which is
UNIX-specific, unlike the Internet Message Format).
Change tvb_get_string_time() to use guard clauses to handle errors; yes
it involves gotos, but it's easier to read than nested ifs, for example.
Update the Lua unit tests to reflect this.
|
|
Document `register_dissector()` and
`register_dissector_with_description()` as being preferable alternatives
to `create_dissector_handle()` in doc/README.dissector.
Update the examples in that file which were taken from `packet-hartip.c`
and `packet-dnp.c` to reflect changes in those files made since writing.
One small step toward addressing #5612
|
|
Add ENC_BOM to the list of bitflag modifiers, and use it with
UTF-16, UCS-2, and UCS-4 (UTF-32). If set, this means that the
first 2 (or 4) octets, if present, are checked to see if they are
a Big-Endian BYTE ORDER MARK ("ZERO WIDTH NON-BREAKING SPACE"). If so,
those octets are skipped and the encoding is set to Little-Endian
or Big-Endian depending on endianness of the BOM.
If the BOM is absent, the passed in Endianness flag is used normally.
Related to #17991
|
|
EBCDIC Code Page 500 has exactly the same repertoire as CP 037,
covering all of ISO-8859-1, but has 7 bytes permuted. It is
the default code page for DRDA; use it there.
|
|
|
|
|
|
|
|
Fix a couple cases of using "it's" instead of "its" for the possessive
|
|
Add a section about FRAMENUM_TYPE to the 'strings' field
section of README.dissector
|
|
|
|
The function tvb_get_const_stringz() does not check for a string
encoding and returns a pointer to a byte array. For this reason
it should not be used. Prefer other functions that return a
valid UTF-8 string from a source encoding or use tvb_get_ptr()
to fetch a byte pointer.
|
|
Remove the redundant BASE_FLOAT field display type. The name
BASE_FLOAT is meaningless and the value aliased to BASE_NONE.
Require BASE_NONE instead of BASE_FLOAT (corresponding to
the printf() %g format).
Add new float display types using BASE_DEC, BASE_HEX and BASE_EXP
corresponfing to %f, %a and %e respectively.
Add support for BASE_CUSTOM with floats.
|
|
|
|
|
|
Add conversation_new_full and find_conversation_full, which take
arbitrary element lists instead of fixed addresses and ports.
Update the comments in conversation.h to be more Doxygen-conformant.
Update README.dissector.
Use the new functionality to add initial conversation support to the
Falco Bridge dissector.
|
|
Needed to format timestamp in #18038 - packet-cql.c
Mirrors changes made in !1924 - Add ENC_TIME_NSECS timestamp encoding
Documentation in README.dissector, proto.c, proto.h - could use
refresh in a different merge request.
|
|
Add BASE_SHOW_UTF_8_PRINTABLE and related function tvb_utf_8_isprint
for supporting fields of bytes that are "maybe UTF-8" (default or
SHOULD be UTF-8 but could be something else, with no encoding indicator),
such as SSID fields in IEEE 802.11 (See #16208), certain OctetString
fields in Diameter or PFCP, and other places where
BASE_SHOW_ASCII_PRINTABLE is currently used. Fix #5307
|
|
|
|
Repeated words were found with:
egrep "(\b[a-zA-Z]+) +\1\b" . -Ir
and then manually reviewed.
Non-displayed strings (e.g., in comments)
were also corrected, to ease future review.
|
|
|
|
These display bases work to replace unprintable characters so the
name is a misnomer. In addition they are the same option and this
display behaviour is not something that is configurable.
This does not affect encodings because all our internal text strings
need to be valid UTF-8 and the source encoding is specified using
ENC_*.
Remove the assertion for valid UTF-8 in proto.c because
tvb_get_*_string() must return a valid UTF-8 string, always, and we
don't need to assert that, it is expensive.
|
|
|
|
Unlike other header fields in filter expressions protocol names
cannot contain upper-case letters. Remove that restriction. This
should make start-up slightly faster as it remove an extra loop
for each protocol filter name.
This was added in 9ead15a6eb16be93559d71b4083948338ab9d26e but
I don't see a reason to have different rules for protocols and
fields, it seems the README.developer was just being vague and
conflating PROTOABBREV with PROTOFILTERNAME.
The recommendation for lower case is a style recommendation,
and it's a good one, but it should be applied uniformly. As
long as we are not enforcing this for all field filter values
there is no point in enforcing it just for protocol names and
actually it is detrimental, e.g:
hi2operations
HI2Operations.IRIsContent
HI2Operations.UUS1_Content_element
HI2Operations.iRIContent
HI2Operations.iRISequence
HI2Operations.IRIContent
HI2Operations.iRI_Begin_record_element
HI2Operations.iRI_End_record_element
HI2Operations.iRI_Continue_record_element
HI2Operations.iRI_Report_record_element
(...)
It's weird and unexpected to have this difference and there is
no technical reason to require it. What we should probably do
is not include the protocol name in the FIELDFILTERNAME and
have the registration mechanism append it to the PROTOFILTERNAME.
Also disallow leading '-' everywhere in filter names, not just
protocol filter names. It's a universal requirement.
|
|
|
|
|
|
- Make sure reassembly requests & errors are properly propagated from
any point in the PDU, no matter how many sub-structure levels.
- Handle the sub-dissection methods as well:
- Ensure the sub-dissection methods handle errors from previous calls.
- Reduce the error handling needed in sub-dissector implementations.
- Add missing sub-dissection methods for list, set, and map.
- Add the handling of sub-structure.
- Handle Compact protocol in addition to the existing binary protocol.
- Include and improve MR !3171
- Handle reassembly the same way as for binary protocol.
- Handle sub-dissection with the same functions.
=> Sub-dissectors only depend on .thrift files.
Additional changes:
- Use of constants instead of hard-coded values.
- Removed U64 support (never supported by thrift code generator, only
referenced in the C++ thrift library header but not supported in reality.
- Removed references to UTF-8 and UTF-16 string for the same reason.
- Replaced references to UTF-7 string with just string (same reason).
- Replaced references to byte with i8 as the documentation explicitly
states that byte is a compatibility name.
Documentation reference:
- https://thrift.apache.org/developers
- https://thrift.apache.org/docs/idl.html
- https://github.com/apache/thrift/blob/master/doc/specs/thrift-compact-protocol.md
- https://erikvanoosten.github.io/thrift-missing-specification/
- https://diwakergupta.github.io/thrift-missing-guide/
Closes #16244
Additional changes:
- Add authors and improve consistency
- Fix typo and clarify documentation
|
|
Add a new timestamp encoding format ENC_TIME_NSECS, like ENC_TIME_SEC but
for nanosecond values. Needed for my work-in-progress dissector for Apple
push notifications.
|
|
- Fix duplicate "are are".
- Fix NTP epoch year in ENC_TIME_NTP docs (572b80d2 fixed it in the README
but not in proto.h).
- Remove completely redundant "(ie. )" clauses.
|
|
ENC_TIME_MIP6 and ENC_TIME_CLASSIC_MAC_OS_SECS were added recently by
factoring them out of specific dissectors, but they weren't documented.
I added documentation, based on comments in the dissector code they came
from.
|
|
|
|
Add support internally to using iconv (always present with glib) to convert
strings from various encodings to UTF-8 (using REPLACEMENT CHARACTER as
recommended), and use that to support GB 18030 and EUC-KR. Replace call
directly to iconv in ANSI 637 for EUC-KR to new API. Update comments
and documentation around character encodings. It is possible to replace
the calls to iconv with an internal decoder later. Tested on Linux and
on Windows (including with illegal characters). Closes #16630.
|
|
|
|
|
|
FT_STRINGZPAD is for null-*padded* strings, where the field is in an
area of specified length, and, if the string is shorter than that
length, all bytes past the end of the string are NULs.
FT_STRINGZTRUNC is for null-*truncated* strings, where the field is in
an area of specified length and, if the string is shorter than that
length, there's a null character (which might be more than one byte, for
UCS-2, UTF-16, or UTF-32), and anything after that is not guaranteed to
have any particular value.
Use IS_FT_STRING() in some places rather than enumerating all the string
types, so that those places get automatically changed if the set of
string types changes.
|
|
Change-Id: I0fd52a17a80f3d4f6acc3c38d53c7d452e85382f
|
|
FT_STRINGZ should be used *ONLY* if the string is *ALWAYS* supposed to
have a null terminator, either because the length isn't otherwise
specified, so that it can only be determined by finding the terminating
null character, or because a character count *and* a NULL terminator are
both used (yes, there appear to be some cases where that's true).
FT_STRINGZPAD is null-padded rather than null-terminated; this is
typically used for fixed-length fields that contain a string value that
might be shorter than the fixed length.
Change-Id: Ifdf421ca666482583a4dfc76167eae6dc473f48a
Reviewed-on: https://code.wireshark.org/review/38137
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
The static arrays are supposed to be arrays of const pointers to int,
not arrays of non-const pointers to const int.
Fixing that means some bugs (scribbling on what's *supposed* to be a
const array) will be caught (see packet-ieee80211-radiotap.c for
examples, the first of which inspired this change and the second of
which was discovered while testing compiles with this change), and
removes the need for some annoying casts.
Also make some of those arrays static while we're at it.
Update documentation and dissector-generator tools.
Change-Id: I789da5fc60aadc15797cefecfd9a9fbe9a130ccc
Reviewed-on: https://code.wireshark.org/review/37517
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add some ENC_ values for various flavors of packed BCD, and use that
instead of explicitly calling tvb_bcd_dig_to_wmem_packet_str() and
adding the result.
Change-Id: I07511d9d09c9231b610c121cd6ffb3b16fb017a9
Reviewed-on: https://code.wireshark.org/review/36952
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Change-Id: Ic997fa586e11a33abc2c2a054c7ccd415372b27a
Reviewed-on: https://code.wireshark.org/review/36954
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
They were added in the code, but weren't documented.
Change-Id: Iaa12e2d33aa4a4b889c00a7f10b12b4c9b6e8197
Reviewed-on: https://code.wireshark.org/review/36953
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Check is enabled by #ifdef ENABLE_CHECK_FILTER
Remaining issues found by this check are fixed here,
along with a documentation note that the entries
are checked in order and the first match is used.
The only issue not yet fixed is in packet-isup.c,
where the spec was not available to me.
Change-Id: Ife747cda9b91a265bc2b81ce0a53f55f3389919e
Reviewed-on: https://code.wireshark.org/review/36708
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Change-Id: I9d29cd705c9af39bae6cffdefaba0b9c8b4bb2e6
Reviewed-on: https://code.wireshark.org/review/36081
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ie3b6dfcea7b1cee3b0bda3d9ec2cc9a6857578fc
Reviewed-on: https://code.wireshark.org/review/35308
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Generate a dissector based on doc/packet-PROTOABBREV.c.
Change-Id: I9233c1212acb30f7166ba91e39d98bc3fb123731
Reviewed-on: https://code.wireshark.org/review/35062
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Change-Id: I3956dd841ee29d1676dbe2d1927a31bae5249414
Reviewed-on: https://code.wireshark.org/review/34986
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
proto_tree_add_bitmask_len also expects an expert information field
to display in the event that the decodeable length is less than the
specified length.
Bug: 16061
Change-Id: If8061b0754cd6862799ab76bf9c10e16ed5d8f38
Reviewed-on: https://code.wireshark.org/review/34567
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
