Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Build on !13975 to add human-readable descriptions for all heuristic
dissector tables in Wireshark.
Chosen names are meant to give some info on when a heuristic dissector
lookup will be made. Terms like 'fallback' are used when the heuristic
is only consulted if other checks do not result in dissection, for
example.
People with more intimate knowledge of the protocols and dissectors
involved are encouraged to suggest or implement better descriptions.
|
|
As requested [here][1], help with removing calls to
`wmem_packet_scope()` in favour of references to `pinfo->pool`.
* Plugins chosen semi-alphabetically.
* When a calling function already has a `pinfo` argument, use that.
* Remove `_U_` from its signature if it was there.
* If a function seems narrowly focused on getting and (possibly)
returning memory, change the function signature to take a
`wmem_allocator_t *`.
* If it seems more focused on packet-based operations, pass in a
`packet_info *` instead and use `pinfo->pool` within.
* Some of the files in this MR still have references to
`wmem_packet_scope()` where it would take significant work to remove.
These will need revisiting later.
[1]: https://www.wireshark.org/lists/wireshark-dev/202107/msg00052.html
|
|
Remove init of proto, header field, expert info and subtree variables.
This will reduces the binary size by approximate 1266320 bytes due to
using .bss to zero-initialize the fields.
The conversion is done using the tools/convert-proto-init.py script.
|
|
Move all the declarations of routines that are internal and
not for use by dissectors from column-utils.h column-info.h
Move the column max length defines into column-utils.h because
dissectors might need that
Since packet.h already includes column-utils.h, dissectors don't
need to include column-utils.h anymore.
Remove or downgrade a few other column header includes that are
unnecessary.
|
|
This allows flags to be passed by the registering listener
to the collection of information
|
|
Do not require a useless ENC_NA parameter for string encodings.
FT_STRING and FT_STRINGZ types don't have any ndianness.
Follow-up to 6ec429622c9258eefd388caf21ce92ab5b9f54b4.
|
|
Use macros from inttypes.h.
|
|
Use macros from inttypes.h with format strings.
|
|
Detected by 'tools/check_typed_item_calls.py --consecutive'
|
|
There may still be some cases seen by
./toos/check_typed_item_calls.py --consecutive
that ought to be fixed, but wasn't sure so left.
|
|
A second batch of spelling errors, detected using a script
that uses pyspellcheck and a Wireshark-specific dictionary file.
I will take at least one more pass through the dissectors, as
further improvements are made to the script.
|
|
The static arrays are supposed to be arrays of const pointers to int,
not arrays of non-const pointers to const int.
Fixing that means some bugs (scribbling on what's *supposed* to be a
const array) will be caught (see packet-ieee80211-radiotap.c for
examples, the first of which inspired this change and the second of
which was discovered while testing compiles with this change), and
removes the need for some annoying casts.
Also make some of those arrays static while we're at it.
Update documentation and dissector-generator tools.
Change-Id: I789da5fc60aadc15797cefecfd9a9fbe9a130ccc
Reviewed-on: https://code.wireshark.org/review/37517
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Convert our various PROTO_ITEM_ macros to inline functions and document
them.
Change-Id: I070b15d4f70d2189217a177ee8ba2740be36327c
Reviewed-on: https://code.wireshark.org/review/32706
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This allows taps that can fail to report an error and fail; a failed
tap's packet routine won't be called again, so they don't have to keep
track of whether they've failed themselves.
We make the return value from the packet routine an enum.
Don't have a separate type for the per-packet routine for "follow" taps;
they're expected to act like tap packet routines, so just use the type
for tap packet routines.
One tap packet routine returned -1; that's not a valid return value, and
wasn't one before this change (the return value was a boolean), so
presume the intent was "don't redraw".
Another tap routine's early return, without doing any work, returned
TRUE; this is presumably an error (no work done, no need to redraw), so
presumably it should be "don't redraw".
Clean up some white space while we're at it.
Change-Id: Ia7d2b717b2cace4b13c2b886e699aa4d79cc82c8
Reviewed-on: https://code.wireshark.org/review/31283
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I51e7207835190fc87cf7c7cb0cf3a09a0588629a
Reviewed-on: https://code.wireshark.org/review/25845
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Sequence analysis has its own "filtering" system that required its
tap functions to look for some "filter flags". register_tap_listener()
already comes with a filter argument, so use that to simplify logic
of tap functions in dissectors.
Also have Qt GUI for Flow Graph look like other dialogs that have a
"Limit to display filter" checkbox.
Change-Id: I91d9d9599309786892f5b50c98692e52651e7174
Reviewed-on: https://code.wireshark.org/review/23659
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Since dissectors are now populating the timestamp of the seq_analysis_item_t
structure within the tap function, don't have the sequence_anaylsis redo it
when writing an ASCII file. This removes the need for the capture_file
parameter and simplifies the logic a bit.
Also just have GUI register the tap itself. It will provide for some more
flexibility in the future.
Change-Id: I55b2f951b977ea70ac9f7eb4929245b0779e5f0e
Reviewed-on: https://code.wireshark.org/review/23650
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Reduce all of the code duplication and just register the sequence
analysis functionality in LBM dissector.
Change-Id: I6cb5a7f0a92b04357334bbae301fa2d730a21994
Reviewed-on: https://code.wireshark.org/review/23630
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This structure contains an array of 65536 bytes.
Change-Id: Ied2c584100cb613dc195fbc5de7ae9a5ec5b770b
Reviewed-on: https://code.wireshark.org/review/21077
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I30f1b92ee438361c3bd58743f7d1ae8d5ffc96f0
Reviewed-on: https://code.wireshark.org/review/15718
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
apply a mask to get the lower 32 bit of a guint64
(there's no need for a right shift)
Change-Id: Ia8c963dc0dd88f56c4ccaf0c37a1bd3d51d65d27
Reviewed-on: https://code.wireshark.org/review/15490
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I0e845668a1b9dbec93ea920a8585ecfe60f001d1
Reviewed-on: https://code.wireshark.org/review/15044
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This saves many dissectors the need to find the data dissector and store a handle to it.
There were also some that were finding it, but not using it.
For others this was the only reason for their handoff function, so it could be eliminated.
Change-Id: I5d3f951ee1daa3d30c060d21bd12bbc881a8027b
Reviewed-on: https://code.wireshark.org/review/14530
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Bug: 11984
Change-Id: I16ef6e830f0377992233a1bd255c1e3877e56a55
Reviewed-on: https://code.wireshark.org/review/13375
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I8512cfa1d424f82a873a0e0e1d22c7b075fdd7f3
Reviewed-on: https://code.wireshark.org/review/13069
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8bc9af431e70243b05f4f0ce8c2b8ee451383788
Reviewed-on: https://code.wireshark.org/review/11463
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Replace CMP_ADDRESS, COPY_ADDRESS, et al with their lower-case
equivalents in the asn1 and epan directories.
Change-Id: I4043b0931d4353d60cffbd829e30269eb8d08cf4
Reviewed-on: https://code.wireshark.org/review/11200
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
These aren't "true" shadow issues, but the script doesn't completely understand C syntax (for things like struct member names "time" and "index"). But fixing them creates less noise.
Change-Id: I5a2db1549095824530428529e86cab453c031a04
Reviewed-on: https://code.wireshark.org/review/10368
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
[There were no actual indentation changes since since none of the files
contained tabs].
Change-Id: I92ff551e70274f459c466e1c1d449905e0e7dc92
Reviewed-on: https://code.wireshark.org/review/9945
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
type: [0, 255] found by PVS Studio (V569)
Change-Id: I5dacce44941ac132172df6d7f343fddd114bd888
Reviewed-on: https://code.wireshark.org/review/8792
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
http://www.bitterfilms.com/rejected.html
1) There is *NO* guarantee that you can safely dereference a misaligned
pointer.
2) There is *NO* guarantee that you are running on a little-endian
machine, so that an attempt to fetch a 32-bit integer through such a
pointer will fetch it in little-endian form.
Instead, fetch it using tvb_get_letohl(), which 1) doesn't care about
alignment and 2) always fetches in little-endian order.
Change-Id: I44721cbf3c4456797990cc741836c9dd8c6c3696
Reviewed-on: https://code.wireshark.org/review/8423
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Copy addresses with wmem-scope instead of (forced) seasonal scope. All existing instances were converted to wmem_file_scope, but the flexibility is there for other scopes.
Change-Id: I8e58837b9ef574ec7dd87e278470d7063ae8c1c2
Reviewed-on: https://code.wireshark.org/review/6564
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I36954ea0d8b525b4d7a1b3407f9e9d0e1c9bbd67
Reviewed-on: https://code.wireshark.org/review/6378
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Third batch (packet-icmpv6.c -> packet-mac-lte.c).
Will look at cleaning up and committing script afterwards.
Change-Id: Ib91e36ad200db01c3000605f6a7a21125b96a640
Reviewed-on: https://code.wireshark.org/review/6018
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
This allows dissector lists to be looked up by name, so they can be
shared by multiple dissectors.
(This means that there's no "udplite" heuristic dissector list, but
there shouldn't be one - protocols can run atop UDP or UDPLite equally
well, and they share a port namespace and uint dissector table, so they
should share a heuristic dissector table as well.)
Change-Id: Ifb2d2c294938c06d348a159adea7a57db8d770a7
Reviewed-on: https://code.wireshark.org/review/5936
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
to proto_tree_add_bitmask().
Correctly set the length of LBT-RM and LBT-RU header blocks.
Various other cosmetic cleanups.
Change-Id: If19bbdeb10176b8059fd4cf657719b3b9817bc6a
Reviewed-on: https://code.wireshark.org/review/4776
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Other minor cleanup while in the neighborhood.
Change-Id: If73a029f564219782c313d4154c24c7ce7458b52
Reviewed-on: https://code.wireshark.org/review/3574
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
fixed-length fields. The idea is to allow user-written tap
listeners easier access to the tap data. Also correct the conditions (in packet-lbmc.c) under which a subdissector would be
called, if present.
Change-Id: I5244cfbd17314058f7d3b9f42d647e0e6c375e14
Reviewed-on: https://code.wireshark.org/review/3007
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I5f6ecd246e358edc3a2f4963c201b2435e4a1a42
Reviewed-on: https://code.wireshark.org/review/2910
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I2091f7eb86c64fd086f44a7cf15e7c5483f9b44c
Reviewed-on: https://code.wireshark.org/review/2716
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
tables made avaialble by these dissectors.
Change-Id: If3a143eb9546c9de63cd32b2347000b09e0e3c93
Reviewed-on: https://code.wireshark.org/review/2688
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html
This reverts commit 246fe2ca4c67d8c98caa84e2f57694f6322e2f96.
Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9209c1271967405c34c1b6fa43e1726a4d3a5a3f
Reviewed-on: https://code.wireshark.org/review/2377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|