aboutsummaryrefslogtreecommitdiffstats
path: root/epan/dissectors/packet-netbios.c
AgeCommit message (Collapse)AuthorFilesLines
2020-10-11check_tfs.py: Also match case insensitivelyMartin Mathieson1-5/+1
Fix up some issues where the words were the same except for captitalisation.
2019-07-26HTTPS (almost) everywhere.Guy Harris1-1/+1
Change all wireshark.org URLs to use https. Fix some broken links while we're at it. Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c Reviewed-on: https://code.wireshark.org/review/34089 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2018-02-12dissectors: use SPDX identifiers.Dario Lombardo1-13/+1
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a Reviewed-on: https://code.wireshark.org/review/25756 Petri-Dish: Dario Lombardo <lomato@gmail.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2017-11-30NetBIOS: Don't write past the beginning of a buffer.Gerald Combs1-1/+2
Make sure process_netbios_name doesn't write past the beginning of its buffer. Bug: 14249 Change-Id: Idb294ba2362e48b879bc4c0c0ddaf64fcf1b5d72 Reviewed-on: https://code.wireshark.org/review/24651 Reviewed-by: Gerald Combs <gerald@wireshark.org> Petri-Dish: Gerald Combs <gerald@wireshark.org> Tested-by: Petri Dish Buildbot Reviewed-by: Michael Mann <mmann78@netscape.net>
2017-01-29Register reassembly tablesMichael Mann1-15/+2
Register all reassembly tables with a central unit, allowing the central unit to have the callback that initializes and destroys the reassembly tables, rather than have dissectors do it individually. Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4 Reviewed-on: https://code.wireshark.org/review/19834 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2016-10-28Implement registration of capture dissectors by nameJoão Valverde1-3/+4
Mirror it after protocol dissector API. Change-Id: I7985bcfa9e07654c7cf005efec94efc205d7a304 Reviewed-on: https://code.wireshark.org/review/18496 Reviewed-by: Michael Mann <mmann78@netscape.net>
2016-03-20Create call_data_dissector() to call data dissector.Michael Mann1-6/+2
This saves many dissectors the need to find the data dissector and store a handle to it. There were also some that were finding it, but not using it. For others this was the only reason for their handoff function, so it could be eliminated. Change-Id: I5d3f951ee1daa3d30c060d21bd12bbc881a8027b Reviewed-on: https://code.wireshark.org/review/14530 Petri-Dish: Michael Mann <mmann78@netscape.net> Reviewed-by: Michael Mann <mmann78@netscape.net>
2016-03-17Associate dissector tables and heuristic subdissector lists with a protocol.Michael Mann1-1/+1
This will make it easier to determine protocol dependencies. Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used) Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d Reviewed-on: https://code.wireshark.org/review/14446 Reviewed-by: Michael Mann <mmann78@netscape.net>
2016-01-08Fix a lot of typos and misspellingsmoshekaplan1-1/+1
Change-Id: I8512cfa1d424f82a873a0e0e1d22c7b075fdd7f3 Reviewed-on: https://code.wireshark.org/review/13069 Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2015-12-22Don't limit capture packet counts to a fixed set of protocols.Michael Mann1-1/+2
Kept backwards compatibility with GTK+ capture info dialog by keeping the protocols tracked hardcoded, but Qt should have more freedom. Change-Id: I497be71ec761d53f312e14858daa7152d01b8c72 Reviewed-on: https://code.wireshark.org/review/12724 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2015-12-20Create capture dissector table for LLC non-snap dissectors.Michael Mann1-1/+3
Change-Id: I37602d0e2148150b55b2812855bccf2f181d31b8 Reviewed-on: https://code.wireshark.org/review/12737 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2015-12-17Create capture dissector "info" structure (capture_packet_info_t)Michael Mann1-2/+2
While it currently only contains packet_counts, it will hopefully stabilize the capture function signature if more fields are added. Change-Id: I003552c58043c7c2d67aec458187b12b233057e2 Reviewed-on: https://code.wireshark.org/review/12690 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2015-12-14Create capture dissector tables.Michael Mann1-1/+2
They are modeled after dissection dissector tables, but for the moment, don't have/need the flexibility. They are intended to be much simpler/faster than full dissection. The two most used/needed are "wtap_encap" and "ethertype", so they were the basis of starting to use and test capture dissector table API. Others may be added in the future. The "capture dissector" function signature needed a bit of tweeking to handling "claiming" of a packet. The current application of this is capture functions returning TRUE if they affected a "type" of packet count. Returning FALSE ends up considering the packet an "other" type. Change-Id: I81d06a6ccb2c03665f087258a46b9d78d513d6cd Reviewed-on: https://code.wireshark.org/review/12607 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2015-12-13Standardize the capture dissector function signature.Michael Mann1-1/+1
This will make it easier to mold into (capture) dissector tables. Change-Id: Iad63f2c2869782977992a3a072adb020be4b1818 Reviewed-on: https://code.wireshark.org/review/12587 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2015-12-09new_create_dissector_handle -> create_dissector_handle for dissector directory.Michael Mann1-1/+1
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now. Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f Reviewed-on: https://code.wireshark.org/review/12484 Petri-Dish: Anders Broman <a.broman58@gmail.com> Reviewed-by: Michael Mann <mmann78@netscape.net>
2015-11-25create_dissector_handle -> new_create_dissector_handleMichael Mann1-4/+5
This finalizes the transformation for dissectors. Change-Id: Ie5986b72bb69a6e8779ca3f5e20a80357c9e6fea Reviewed-on: https://code.wireshark.org/review/12122 Petri-Dish: Michael Mann <mmann78@netscape.net> Reviewed-by: Michael Mann <mmann78@netscape.net>
2015-07-03Call reassembly_table_destroy for some dissectorsPeter Wu1-3/+7
This patch adds reassembly_table_destroy calls as cleanup function for dissectors which have a simple init routine that just calls reassembly_table_init (comments are ignored). The changes were automatically generated using https://git.lekensteyn.nl/peter/wireshark-notes/diff/one-off/cleanup-rewrite.py?id=4cc0aec05dc67a51926a045e1955b7a956757b5e (with the if and assignment parsers disabled). The only difference from the autogenerated output is that the XXX comments from the init routines in smb-pipe and tds dissectors are kept. Change-Id: I64aedf7189877247282b30b0e0f83757be6199e7 Reviewed-on: https://code.wireshark.org/review/9222 Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-12-21Use the "netbios" heuristic dissector list elsewhere.Guy Harris1-1/+1
Use find_heur_dissector_list() to find the "netbios" heuristic dissector list, rather than using code from packet-netbios.c. Change-Id: Ieeab58d7c6eb32491b026b242c687bd18c4d5cdb Reviewed-on: https://code.wireshark.org/review/5955 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-12-21Cleanup use of #includes in non-generated epan/dissector/*.cBill Meier1-2/+0
Specifically: - Set packet.h to be the first wireshark #include after config.h and "system" #includes. packet.h added as an #include in some cases when missing. - Remove some #includes included (directly/indirectly) in packet.h. E.g., glib.h. (Done only for those files including packet.h). - As needed, move "system" #includes to be after config.h and before wireshark #includes. - Rework various #include file specifications for consistency. - Misc. Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95 Reviewed-on: https://code.wireshark.org/review/5923 Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> Reviewed-by: Bill Meier <wmeier@newsguy.com>
2014-12-21Have a heur_dissector_list_t be an opaque handle.Guy Harris1-1/+1
This allows dissector lists to be looked up by name, so they can be shared by multiple dissectors. (This means that there's no "udplite" heuristic dissector list, but there shouldn't be one - protocols can run atop UDP or UDPLite equally well, and they share a port namespace and uint dissector table, so they should share a heuristic dissector table as well.) Change-Id: Ifb2d2c294938c06d348a159adea7a57db8d770a7 Reviewed-on: https://code.wireshark.org/review/5936 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-12-13Use ENC_LITTLE_ENDIAN when fetching FT_U?INT8 fields ...Bill Meier1-2/+2
(for some dissectors which fetch all other integral fields using ENC_LITTLE_ENDIAN). Change-Id: Ica72a68ac560f2920d61e0769de83130557c46fd Reviewed-on: https://code.wireshark.org/review/5752 Reviewed-by: Bill Meier <wmeier@newsguy.com>
2014-09-12proto_tree_add_text cleanupMichael Mann1-57/+95
Create filters (expert and hf_) that have the "most bang for the buck" (ie have many instances for a single filter) Change-Id: I61995e41c5b298df77e084e65cdf30ebe95da1e6 Reviewed-on: https://code.wireshark.org/review/4086 Reviewed-by: Michael Mann <mmann78@netscape.net> Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-07-04convert to proto_tree_add_subtree[_format]Michael Mann1-4/+2
Change-Id: Idd1b20ab32c0960ea52c6f3bc5346462c37c5684 Reviewed-on: https://code.wireshark.org/review/2853 Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-05-21Change the signature of dissector_try_heuristic() to return hdtbl_entryAndersBroman1-1/+3
which can be used to call the found heuristic dissector on the next pass. Introduce call_heur_dissector_direct() to be used to call a heuristic dissector which accepted the frame on the first pass. Change-Id: I524edd717b7d92b510bd60acfeea686d5f2b4582 Reviewed-on: https://code.wireshark.org/review/1697 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-03-04Remove all $Id$ from top of fileAlexis La Goutte1-2/+0
(Using sed : sed -i '/^ \* \$Id\$/,+1 d') Fix manually some typo (in export_object_dicom.c and crc16-plain.c) Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8 Reviewed-on: https://code.wireshark.org/review/497 Reviewed-by: Anders Broman <a.broman58@gmail.com>
2013-12-14Fix [-Wmissing-prototypes]Jakub Zawadzki1-0/+3
svn path=/trunk/; revision=54095
2013-11-15To quote GCC, "uninitialized const 'zeroes' is invalid in C++". I guessGuy Harris1-1/+1
that must be true, and that there's a reason why it's invalid.... svn path=/trunk/; revision=53336
2013-11-14Let's try putting the 'const' in the right place...Bill Meier1-1/+1
svn path=/trunk/; revision=53332
2013-11-14Create/use value_string_ext to reference certain value-string-arrays.Bill Meier1-177/+206
Define an array as const. Add editor modelines. Do some minor whitespace & formatting style changes. svn path=/trunk/; revision=53330
2013-07-17Remove fragment_data, add fragment_head, fragment_item - for now alias it to ↵Jakub Zawadzki1-1/+1
the same structure. This is begin of work to split fragment head and fragments items. svn path=/trunk/; revision=50708
2013-07-14Rewrite reassemble API to use TVBs instead of raw data.Jakub Zawadzki1-2/+1
(it seems to be working for TCP ^^) svn path=/trunk/; revision=50580
2013-06-14Removed check_col() and the occasional tree.Michael Mann1-19/+15
svn path=/trunk/; revision=49938
2013-03-22Don't wire into the reassembly code the notion that reassemblies shouldGuy Harris1-10/+8
be done on flows from one address to another; reassembly for protocols running atop TCP should be done on flows from one TCP endpoint to another. We do this by: adding "reassembly table" as a data structure; associating hash tables for both in-progress reassemblies and completed reassemblies with that data structure (currently, not all reassemblies use the latter; they might keep completed reassemblies in the first table); having functions to create and destroy keys in that table; offering standard routines for doing address-based and address-and-port-based flow processing, so that dissectors not needing their own specialized flow processing can just use them. This fixes some mis-reassemblies of NIS YPSERV YPALL responses (where the second YPALL response is processed as if it were a continuation of a previous response between different endpoints, even though said response is already reassembled), and also allows the DCE RPC-specific stuff to be moved out of epan/reassembly.c into the DCE RPC dissector. svn path=/trunk/; revision=48491
2013-02-28Combine all the flags fields into one field, and get rid of theGuy Harris1-112/+90
commented-out/#if-ed-out "Data1" field, as it's the same field. Give the flags in that field names including "flags". Shuffle the fields around to put "Flags" (a/k/a Data1) where Data1 was, and put the bits in that field after it. Update the URL for the spec at IBM. Reformat the entries in hf_netb[] to use the same style. svn path=/trunk/; revision=47933
2013-02-27Increase use of proto_tree_add_item (mostly replacing proto_tree_add_text)Michael Mann1-31/+50
svn path=/trunk/; revision=47909
2013-02-26Fix spelling/typos found using a list of commonly misspelled words.Bill Meier1-1/+1
The misspellings were mostly in comments but some were in text strings visible to the user. svn path=/trunk/; revision=47899
2013-01-31Use '#if 0 ... #endif' rather than /** ... **/ to comment outBill Meier1-2/+2
unused hf[] entries (which I should have done in the first place). svn path=/trunk/; revision=47390
2013-01-26Comment out cases of unused hf array entries found by checkhf.Bill Meier1-3/+5
svn path=/trunk/; revision=47302
2012-09-26replaced decode_boolean_bitfield calls with itemized filtersMichael Mann1-17/+20
svn path=/trunk/; revision=45152
2012-09-25replaced decode_boolean_bitfield calls with itemized filtersMichael Mann1-11/+13
added tfs_no_yes to tfs.[ch] svn path=/trunk/; revision=45115
2012-09-20We always HAVE_CONFIG_H so don't bother checking whether we have it or not.Jeff Morriss1-3/+1
svn path=/trunk/; revision=45017
2012-09-11Add data parameter to dissector_try_heuristicJakub Zawadzki1-1/+1
svn path=/trunk/; revision=44871
2012-09-07From Robert Bullen via ↵Jeff Morriss1-0/+2
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7683 : The reassembled fragments tree in the Packet Details view is awesome, but it lacks one thing: a field that exposes the reassembled data. tcp.data already exists for exposing a single TCP segment's payload as a byte array. It would be handy to have something similar for a single application layer PDU when TCP segment reassembly is involved. I propose tcp.reassembled.data, named and placed after the already existing field tcp.reassembled.length. My primary use case for this feature is outputting tcp.reassembled.data with tshark for further processing with a script. The attached patch implements this very feature. Because the reassembled fragment tree code is general purpose, i.e. not specific to just TCP, any dissector that relies upon it can add a similar field very cheaply. In that vein I've also implemented ip.reassembled.data and ipv6.reassembled.data, which expose reassembled fragment data as a single byte stream for IPv4 and IPv6, respectively. All other protocols that use the reassembly code have been left alone, other than inserting NULL into their initializer lists for the newly introduced struct field reassemble.h:fragment_items.hf_reassembled_data. svn path=/trunk/; revision=44802
2012-08-10Use val_to_str_const() where appropriate;Bill Meier1-1/+1
Also (for a few files): - create/use some extended value strings; - remove unneeded #include files; - remove unneeded variable initialization; - re-order fcns slightly so prefs_reg_handoff...() at end, etc svn path=/trunk/; revision=44438
2012-06-28Update Free Software Foundation address.Jakub Zawadzki1-1/+1
(COPYING will be updated in next commit) svn path=/trunk/; revision=43536
2012-05-17General cleanup including as appropriate:Bill Meier1-1/+0
- Remove unneeded #include files (string.h, addr_resolv.h); - Remove unneeded 'if(!initialized){...}' in proto_reg_handoff(); - Reformat hf[] entries; - Remove unneeded variable initializations; - "localize" some variables; - Whitespace/indentation/long lines/formatting (in one case: re-order code slightly to not do col_set_str() & etc until after initial "frame acceptance testing" by dissector. svn path=/trunk/; revision=42683
2011-10-23Fix a few proto_tree_add_item() encoding args.Bill Meier1-2/+2
svn path=/trunk/; revision=39514
2011-10-21For proto_tree_add_item(..., proto_xxx, ...)use ENC_NA as the encoding arg.Bill Meier1-1/+1
Also: remove trailing whitespace for a number of files. svn path=/trunk/; revision=39503
2011-10-06Convert 'encoding' parameter of certain proto_tree_add_item() calls in ↵Bill Meier1-3/+3
non-autogenerated epan/dissectors: Specifically: Replace FALSE|0 and TRUE|1 by ENC_BIG_ENDIAN|ENC_LITTLE_ENDIAN as the encoding parameter for proto_tree_add_item() calls which directly reference an item in hf[] which has a type of: FT_UINT8 FT_UINT16 FT_UINT24 FT_UINT32 FT_UINT64 FT_INT8 FT_INT16 FT_INT24 FT_INT32 FT_INT64 FT_FLOAT FT_DOUBLE svn path=/trunk/; revision=39288
2011-07-31Restore saved 'pinfo->fragmented' as appropriate;Bill Meier1-0/+1
Fixes gcc 4.6 "set but not used [-Wunused-but-set-variable]" warnings. svn path=/trunk/; revision=38297
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-25 08:14:47 +0000