path: root/ui/tap_export_pdu.c
AgeCommit message (Collapse)AuthorFilesLines
2019-01-25wiretap: fix memleaks with wtap_rec::opt_commentPeter Wu1-0/+3
The memory ownership of wtap_rec::opt_comment was not clear. Users of wtap were leaking memory (editcap.c). wtap readers were not sure about freeing old comments (erf) or simply ignored memleaks (pcapng). To fix this, ensure opt_comment is owned by wtap_rec and free it with wtap_rec_cleanup. The erf issue was already addressed since cf_get_packet_comment properly duplicates wth.opt_comment memory. - wtap file formats (readers): - Should allocate memory for new comments. - Should free a comment from an earlier read before writing a new one. - Users of wth: - Can only assume that opt_comment remains valid until the next read. - Can assume that wtap_dump does not modify the comment. - For random access (wtap_seek_read): should call wtap_rec_cleanup to free the comment. The test_tshark_z_expert_comment and test_text2pcap_sip_pcapng tests now pass when built with ASAN. This change was created by carefully looking at all users opt "opt_comment" and cf_get_packet_comment. Thanks to Vasil Velichkov for an initial patch which helped validating this version. Bug: 7515 Change-Id: If3152d1391e7e0d9860f04f3bc2ec41a1f6cc54b Reviewed-on: https://code.wireshark.org/review/31713 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot Reviewed-by: Vasil Velichkov <vvvelichkov@gmail.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2019-01-01Add a "failed" return for tap packet routines.Guy Harris1-3/+3
This allows taps that can fail to report an error and fail; a failed tap's packet routine won't be called again, so they don't have to keep track of whether they've failed themselves. We make the return value from the packet routine an enum. Don't have a separate type for the per-packet routine for "follow" taps; they're expected to act like tap packet routines, so just use the type for tap packet routines. One tap packet routine returned -1; that's not a valid return value, and wasn't one before this change (the return value was a boolean), so presume the intent was "don't redraw". Another tap routine's early return, without doing any work, returned TRUE; this is presumably an error (no work done, no need to redraw), so presumably it should be "don't redraw". Clean up some white space while we're at it. Change-Id: Ia7d2b717b2cace4b13c2b886e699aa4d79cc82c8 Reviewed-on: https://code.wireshark.org/review/31283 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2018-12-27Try to squeeze some bytes out of the frame_data structure.Guy Harris1-2/+2
Make the time stamp precision a 4-bit bitfield, so, when combined with the other bitfields, we have 32 bits. That means we put the flags at the same structure level as the time stamp precision, so they can be combined; that gets rid of an extra "flags." for references to the flags. Put the two pointers next to each other, and after a multiple of 8 bytes worth of other fields, so that there's no padding before or between them. It's still not down to 64 bytes, which is the next lower power of 2, so there's more work to do. Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe Reviewed-on: https://code.wireshark.org/review/31213 Petri-Dish: Guy Harris <guy@alum.mit.edu> Tested-by: Petri Dish Buildbot Reviewed-by: Guy Harris <guy@alum.mit.edu>
2018-12-19Clean up exp_pdu_open() API.Guy Harris1-2/+1
It really shouldn't free the comment passed to it, as the caller allocated it, and knows how to free it if necessary; it might not even have been allocated. Make the comment argument a "const char *" to 1) allow passing string constants etc. and 2) to catch any attempts to free it in exp_pdu_open(). Make the callers free it after exp_pdu_open() returns. (Alternatively, we could have exp_pdu_open() take the file name argument and generate the comment itself, so that all code paths generate the same comment.) Change-Id: I6e6924b05565761b641a6c3b4d9a2e97f4264e1b Ping-Bug: 15365 Reviewed-on: https://code.wireshark.org/review/31105 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2018-12-13Move more version-info-related stuff to version_info.c.Guy Harris1-1/+1
Have a ws_init_version_info() routine that, given an application name string: constructs the app-name-and-version-information string, and saves it; adds the initial crash information on platforms that support it, and saves it. Have show_version() use the saved information and take no arguments. Add a show_help_header() routine to print the header for --help command-line options, given a description of the application; it prints the application name and version information, the description, and the "See {wireshark.org URL}" line. Use those routines in various places, including providing the "application name" string in pcapng SHBs. Change-Id: I0042a8fcc91aa919ad5c381a8b8674a007ce66df Reviewed-on: https://code.wireshark.org/review/31029 Petri-Dish: Guy Harris <guy@alum.mit.edu> Tested-by: Petri Dish Buildbot Reviewed-by: Guy Harris <guy@alum.mit.edu>
2018-11-16Use an enum for compression types in various interfaces.Guy Harris1-2/+2
This: 1) means that we don't have to flag the compression argument with a comment to indicate what it means (FALSE doesn't obviously say "not compressed", WTAP_UNCOMPRESSED does); 2) leaves space in the interfaces in question for additional compression types. (No, this is not part 1 of an implementation of additional compression types, it's just an API cleanup. Implementing additional compression types involves significant work in libwiretap, as well as UI changes to replace "compress the file" checkboxes with something to indicate *how* to compress the file, or to always use some other form of compression). Change-Id: I1d23dc720be10158e6b34f97baa247ba8a537abf Reviewed-on: https://code.wireshark.org/review/30660 Petri-Dish: Guy Harris <guy@alum.mit.edu> Tested-by: Petri Dish Buildbot Reviewed-by: Guy Harris <guy@alum.mit.edu>
2018-11-16Use the dump parameters structure for non-pcapng-specific stuff.Guy Harris1-5/+5
Use it for all the per-file information, including the per-file link-layer type and the per-file snapshot length. Change-Id: Id75687c7faa6418a2bfcf7f8198206a9f95db629 Reviewed-on: https://code.wireshark.org/review/30616 Petri-Dish: Guy Harris <guy@alum.mit.edu> Tested-by: Petri Dish Buildbot Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2018-11-13Don't have _ng versions of the dumper open routines.Guy Harris1-2/+2
Have the routines always take a parameters pointer; pass either null or a pointer to an initialized-to-nothing structure in cases where we were calling the non-_ng versions. Change-Id: I23b779d87f3fbd29306ebe1df568852be113d3b2 Reviewed-on: https://code.wireshark.org/review/30590 Petri-Dish: Guy Harris <guy@alum.mit.edu> Tested-by: Petri Dish Buildbot Reviewed-by: Guy Harris <guy@alum.mit.edu>
2018-11-12wiretap: refactor common parameters for pcapng dump routinesPeter Wu1-2/+6
Four variants of wtap_dump_open_ng exists, each of them take the same three parameters for the SHB, IDB and NRB blocks that has to be written before packets are even written. Similarly, a lot of tools always create these arguments based on an existing capture file session (wth). Address the former duplication by creating a new data structure to hold the arguments. Address the second issue by creating new helper functions to initialize the parameters based on a wth. This refactoring should make it easier to add the new Decryption Secrets Block (DSB). No functional change intended. Change-Id: I42c019dc1d48a476773459212ca213de91a55684 Reviewed-on: https://code.wireshark.org/review/30578 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Petri-Dish: Guy Harris <guy@alum.mit.edu> Tested-by: Petri Dish Buildbot Reviewed-by: Guy Harris <guy@alum.mit.edu> Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2018-08-14export_pdu.c: Fix a memory leakVasil Velichkov1-1/+0
Allocate the exp_pdu_data using the wmem_packet_scope allocator so the epan_dissect_run_with_taps will free it after calling all registered tap listeners. valgrind --tool=memcheck --leak-check=full ./run/tshark -r sctp.pcap -U "OSI layer 3" -w exported.pcap 32 bytes in 1 blocks are definitely lost in loss record 48 of 76 at 0x4C2EBAB: malloc (vg_replace_malloc.c:299) by 0xB3FC3C5: g_malloc (gmem.c:99) by 0x68C2BE1: export_pdu_create_tags (exported_pdu.c:251) by 0x68C2D5E: export_pdu_create_common_tags (exported_pdu.c:231) by 0x70AA54E: create_exp_pdu_proto_name (packet-sctp.c:3240) by 0x70AA54E: export_sctp_data_chunk.part.23 (packet-sctp.c:3268) by 0x70AB76B: export_sctp_data_chunk (packet-sctp.c:3256) by 0x70AB76B: dissect_data_chunk (packet-sctp.c:3509) Change-Id: I6e247ab2861bbb053f0958faf253913b28dbcbeb Reviewed-on: https://code.wireshark.org/review/29126 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com>
2018-08-03tap_export_pdu: Fix two memory leaksVasil Velichkov1-8/+10
253 (8 direct, 245 indirect) bytes in 1 blocks are definitely lost in loss record 87 of 93 at 0x4C2EBAB: malloc (vg_replace_malloc.c:299) by 0xBC4B3C5: g_malloc (gmem.c:99) by 0x13E225: exp_pdu_open (tap_export_pdu.c:128) 372 (40 direct, 332 indirect) bytes in 1 blocks are definitely lost in loss record 88 of 93 at 0x4C2EBAB: malloc (vg_replace_malloc.c:299) by 0xBC4B3C5: g_malloc (gmem.c:99) by 0xBC62FF6: g_slice_alloc (gslice.c:1025) by 0xBC16984: g_array_sized_new (garray.c:194) by 0x13E143: exp_pdu_open (tap_export_pdu.c:93) Change-Id: I24a3cec1dc4491032232c282b01fea04a23872b3 Reviewed-on: https://code.wireshark.org/review/28934 Reviewed-by: Gerald Combs <gerald@wireshark.org> Petri-Dish: Gerald Combs <gerald@wireshark.org> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com>
2018-08-01tshark: Allow exporting of PDUs to stdoutVasil Velichkov1-3/+9
The following command will export the PDUs to stdout tshark -r ./test.pcapng -U "OSI layer 3" -w - Change-Id: Idddded6bfcac458d82cdc033babc7546b67f7327 Reviewed-on: https://code.wireshark.org/review/28919 Petri-Dish: Anders Broman <a.broman58@gmail.com> Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com>
2018-07-21Add a tap "finish" callback, called when a listener is removed.Guy Harris1-0/+1
Change-Id: Ic6c23dbd39d1adf8f730f1c866e409f731947475 Reviewed-on: https://code.wireshark.org/review/28786 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2018-05-01Fix comment end after SPDX identifierStig Bjørlykke1-1/+2
Move */ to a separate line below the SPDX identifier. Change-Id: Id1032215449cfccae0933147b45e04b65e0b727f Reviewed-on: https://code.wireshark.org/review/27211 Reviewed-by: Anders Broman <a.broman58@gmail.com>
2018-02-09Generalize wtap_pkthdr into a structure for packet and non-packet records.Guy Harris1-16/+15
Separate the stuff that any record could have from the stuff that only particular record types have; put the latter into a union, and put all that into a wtap_rec structure. Add some record-type checks as necessary. Change-Id: Id6b3486858f826fce4b096c59231f463e44bfaa2 Reviewed-on: https://code.wireshark.org/review/25696 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2018-02-08replace SPDX identifier GPL-2.0+ with GPL-2.0-or-later.Dario Lombardo1-1/+1
The first is deprecated, as per https://spdx.org/licenses/. Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed Reviewed-on: https://code.wireshark.org/review/25661 Petri-Dish: Anders Broman <a.broman58@gmail.com> Petri-Dish: Dario Lombardo <lomato@gmail.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2018-02-02ui: use SPDX identifiers.Dario Lombardo1-14/+1
Change-Id: I6b05399395bcc35e59b73b4030ba4a05711a7b1a Reviewed-on: https://code.wireshark.org/review/25565 Petri-Dish: Michael Mann <mmann78@netscape.net> Reviewed-by: Michael Mann <mmann78@netscape.net>
2017-12-08Have the frame_tvbuff.c routines not use the global cfile.Guy Harris1-2/+0
Have the routines that create them take a pointer to a struct packet_provider_data, store that in the tvbuff data, and use it to get the wtap from which packets are being read. While we're at it, don't include globals.h in any header files, and include it in source files iff the source file actually uses cfile. Add whatever includes that requires. Change-Id: I9f1ee391f951dc427ff62c80f67aa4877a37c229 Reviewed-on: https://code.wireshark.org/review/24733 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-09-26Rename "ws_version_info.h", also .cJoão Valverde1-1/+1
It's not installed so like most other files it doesn't need or benefit from the prefix. Change-Id: I01517e06f12b3101fee21b68cba3bc6842bbef5c Reviewed-on: https://code.wireshark.org/review/23751 Petri-Dish: João Valverde <j@v6e.pt> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: João Valverde <j@v6e.pt>
2017-07-17ERF_TYPE_META write and comment supportAnthony Coddington1-2/+4
Support per-packet comments in ERF_TYPE_META through a new Anchor ID extension header with per-Host unique 48-bit Anchor ID which links an ERF_TYPE_META record with a packet record. There may be more than one Anchor ID associated with a packet, where they are grouped by Host ID extension header in the extension header list. Like other ERF_TYPE_META existing comments should not be overwritten and instead a new record generated. See erf_write_anchor_meta_update_phdr() for detailed comments on the extension header stack required. As Wireshark only supports one comment currently, use the one one with the latest metadata generation time (gen_time). Do this for capture comment too. Write various wtap metadata in periodic per-second ERF_TYPE_META records if non-WTAP_ENCAP_ERF or we have an updated capture comment. Refactor erf_dump to create fake ERF header first then follow common pseudoheadr and payload write code rather than two separate code paths. Support an ERF_HOST_ID environment variable to define Wireshark's Host ID when writing. Defaults to 0 for now. ERF dissector updates to support Anchor ID extension header with basic frame linking. Update ERF_TYPE_META naming and descriptions to official name (Provenance) Core changes: Add has_comment_changed to wtap_pkthdr, TRUE when a packet opt_comment has unsaved changes by the user. Add needs_reload to wtap_dumper which forces a full reload of the file on save, otherwise wireshark gets confused by additional packets being written. Change-Id: I0bb04411548c7bcd2d6ed82af689fbeed104546c Ping-Bug: 12303 Reviewed-on: https://code.wireshark.org/review/21873 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Stephen Donnelly <stephen.donnelly@endace.com> Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-06-05Allow bigger snapshot lengths for D-Bus captures.Guy Harris1-2/+2
Use WTAP_MAX_PACKET_SIZE_STANDARD, set to 256KB, for everything except for D-Bus captures. Use WTAP_MAX_PACKET_SIZE_DBUS, set to 128MB, for them, because that's the largest possible D-Bus message size. See https://bugs.freedesktop.org/show_bug.cgi?id=100220 for an example of the problems caused by limiting the snapshot length to 256KB for D-Bus. Have a snapshot length of 0 in a capture_file structure mean "there is no snapshot length for the file"; we don't need the has_snap field in that case, a value of 0 mean "no, we don't have a snapshot length". In dumpcap, start out with a pipe buffer size of 2KB, and grow it as necessary. When checking for a too-big packet from a pipe, check against the appropriate maximum - 128MB for DLT_DBUS, 256KB for everything else. Change-Id: Ib2ce7a0cf37b971fbc0318024fd011e18add8b20 Reviewed-on: https://code.wireshark.org/review/21952 Petri-Dish: Guy Harris <guy@alum.mit.edu> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Guy Harris <guy@alum.mit.edu>
2017-06-03Don't keep the pcap/pcapng link-layer header type as interface data.Guy Harris1-1/+0
Either 1) it can be determined from the libwiretap encapsulation type, in which case it's redundant information or 2) there *is* no pcap/pcapng link-layer header type for that encapsulation type, in which case you need to check for the attempt to determine it failing and handle that failure appropriately. Change-Id: Ie9557b513365c1fc8c6df74b9c8239e29aad46bc Reviewed-on: https://code.wireshark.org/review/21924 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2016-07-26Ensure to have a valid string pointer when writing OS SHB optionPascal Quantin1-1/+6
Change-Id: Ib0b6dcdf1700e88383d30bf43739312fce10e1c7 Reviewed-on: https://code.wireshark.org/review/16696 Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2016-07-14Redo the block options APIs.Guy Harris1-12/+12
A block can have zero or more instances of a given option. We distinguish between "one instance only" options, where a block can have zero or one instance, and "multiple instances allowed" options, where a block can have zero or more instances. For "one instance only" options: "add" routines add an instance if there isn't one already and fail if there is; "set" routines add an instance if there isn't one already and change the value of the existing instance if there is one; "set nth" routines fail; "get" routines return the value of the instance if there is one and fail if there isn't; "get nth" routines fail. For "multiple instances allowed" options: "add" routines add an instance; "set" routines fail; "set nth" routines set the value of the nth instance if there is one and fail otherwise; "get" routines fail; "get nth" routines get the value if the nth instance if there is one and fail otherwise. Rename "optionblock" to just "block"; it describes the contents of a block, including both mandatory items and options. Add some support for NRB options, including IPv4 and IPv6 option types. Change-Id: Iad184f668626c3d1498b2ed00c7f1672e4abf52e Reviewed-on: https://code.wireshark.org/review/16444 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2016-06-19Revert "tap: change glib functions to wmem."Pascal Quantin1-1/+7
This reverts commit 2e9f3c5d366eaa7139fc877b5301392166b3f985. It breaks the registration of codec, dissector and libwiretap plugins. Change-Id: I4ef91dd192f765adf87ea9fe9f3693e25dbd24de Reviewed-on: https://code.wireshark.org/review/16012 Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2016-06-17tap: change glib functions to wmem.Dario Lombardo1-7/+1
Change-Id: I878ae6b121a669f9b7f4e1e57bc079f0cb44c0bf Reviewed-on: https://code.wireshark.org/review/15270 Petri-Dish: Dario Lombardo <lomato@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Evan Huus <eapache@gmail.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2016-06-01Add data structures necessary to support multiple Section Header blocks.Michael Mann1-1/+4
This doesn't try to use any data from multiple Section Header blocks, it just converts single Section Header block usage into a GArray, so the potential is there to then use/support multiple Section Header blocks within a file format (like pcapng) Change-Id: I6ad1f7b8daf4b1ad7ba0eb1ecf2e170421505486 Reviewed-on: https://code.wireshark.org/review/15636 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2016-05-22Add wtap_optionblock_set_option_string_formatMichael Mann1-9/+7
Also add a length parameter to wtap_optionblock_set_option_string Change-Id: I8c7bbc48aa96b5c2a91ab9a17980928d6894f1ee Reviewed-on: https://code.wireshark.org/review/15505 Reviewed-by: Anthony Coddington <anthony.coddington@endace.com> Reviewed-by: Michael Mann <mmann78@netscape.net>
2016-05-03Implement Export PDU for tsharkAndersBroman1-58/+29
This patch introduces the "-U tap_name[,filter]" tshark option and is similar to the "Export PDUs as file" option in Wireshark. Wireshark implements this feature by reopening a capture file, applying a tap and finally opening the temporary file. Since tshark knows in advance that a PDU export is needed, it can optimize by not creating the temporary file and perform the export at the first opportunity. This patch splits the opening/tapping functionality from error reporting since tshark does not need a temp file and has no dialogs. The capture file comment is now specified explicitly as there is no "current file" anymore if the tap is running without active file. TODO: - Review whether it is acceptable to overwrite save_file in tshark. - Add documentation (tshark manpage). Bug: 3444 Change-Id: Ie159495d42c32c2ba7400f2991b7b8185b3fda09 Reviewed-on: https://code.wireshark.org/review/5890 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2016-04-21Link version code statically againJoão Valverde1-1/+1
This allows keeping the code-sharing with the static linking. This "fixes" a hypothetical ABI mismatch with wsutil and avoids pulling more external dependencies to wsutil than strictly necessary. A nice side-effect is that libwsutil no longer depends on version.h. Follow up to f95976eefcbeb5d24df383c29d29ef888b503945. Change-Id: I8f0d6a557ab3f7ce6f0e2c269124c89f29d6ad23 Reviewed-on: https://code.wireshark.org/review/15002 Petri-Dish: João Valverde <j@v6e.pt> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: João Valverde <j@v6e.pt>
2016-02-23Making wiretap option blocks more generic.Michael Mann1-30/+27
This was inspired by https://code.wireshark.org/review/9729/, but takes it in a different direction where all options are put into an array, regardless of whether they are "standard" or "custom". It should be easier to add "custom" options in this design. Some, but not all blocks have been converted. Descriptions of some of the block options have been moved from wtap.h to pcapng.h as it seems to be the one that implements the description of the blocks. Also what could be added/refactored is registering block behavior. Change-Id: I3dffa38f0bb088f98749a4f97a3b7655baa4aa6a Reviewed-on: https://code.wireshark.org/review/13667 Petri-Dish: Michael Mann <mmann78@netscape.net> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2016-02-18Don't add the wiretap directory to the list of include directories.Guy Harris1-1/+1
If you include something from the wiretap directory, always precede it with wiretap/. Fix some includes of files in the top-level directory to use a path relative to the current directory, not relative to the wiretap directory. This makes it a bit clearer what's being included. Change-Id: Ib99655a13c6006cf6c3112e9d4db6f47df9aff54 Reviewed-on: https://code.wireshark.org/review/13990 Petri-Dish: Guy Harris <guy@alum.mit.edu> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Guy Harris <guy@alum.mit.edu>
2016-01-23More pinfo->fd->abs_ts to pinfo->abs_ts.Guy Harris1-2/+2
Change-Id: I70db0a345cc4c5c57c454371deb4f92f9ac4b9ac Reviewed-on: https://code.wireshark.org/review/13501 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2015-11-12Add wtap_dump_open_tempfile routines, to write to a temporary file.Guy Harris1-10/+7
It includes the temporary-file generation, so you don't have to do it yourself. Change-Id: I0798df95a5c5646224ec49612f50b423ed78547a Reviewed-on: https://code.wireshark.org/review/11751 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2015-08-21Fix memory leaks of dumper SHB and IDB infosHadriel Kaplan1-6/+3
Change-Id: I6b81d3e853d503c6a81f9793957b48ab34c6808c Reviewed-on: https://code.wireshark.org/review/10156 Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2015-08-18Pcapng: clean up Section Header Block handlingHadriel Kaplan1-1/+1
Change-Id: I8516d0c561ed0b63e49a3594027c9c15bb789258 Reviewed-on: https://code.wireshark.org/review/9726 Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com> Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2015-08-06Pcapng: support Name Resolution Block optionsHadriel Kaplan1-1/+3
Make pcapng decode options in an NRB during read, and store the comment option, and write it back out as well. Also make it handle plugin handlers for unknown options in received NRB(s). Change-Id: I81863ef8d85cb1c8b5ba6673ba0e562efe77714f Reviewed-on: https://code.wireshark.org/review/9723 Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2015-08-03Make sure per-packet tap callbacks return gbooleans.Gerald Combs1-1/+1
The tap API changed the return type of per-packet listener callbacks from int to gboolean back in 2009. Update a bunch of functions and some documentation accordingly. Change-Id: I79affe65db975caed3cc296a7e2985b7b9cdf4cc Reviewed-on: https://code.wireshark.org/review/9853 Petri-Dish: Gerald Combs <gerald@wireshark.org> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Gerald Combs <gerald@wireshark.org>
2015-06-26PDU export: increase time precision to nano secondsPascal Quantin1-2/+2
It will avoid losing precision in case of export from a nseclibpcap input file. As Wireshark is probably the only tool able to read this link type, we do not need to bother with compatibility. Change-Id: Iea5b5c88b02ff4799c255f795be2469a091161fe Reviewed-on: https://code.wireshark.org/review/9171 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2015-06-24Remove the last deprecated tvb_length callsEvan Huus1-2/+2
And remove the shims themselves! Change-Id: I511c06eb21eaf68d1dc36bbb9558408807472f9c Reviewed-on: https://code.wireshark.org/review/9088 Reviewed-by: Evan Huus <eapache@gmail.com>
2015-01-13Consistently use the "g_string_free returns a C string pointer" idiom.Guy Harris1-11/+15
g_string_free(str, FALSE) frees the GString container but not the underlying g_malloc()ed string; instead, it returns a pointer to the g_malloc()ed string. Fix those places that didn't already get the string pointer from g_string_free() to do so rather than manually extracting the string themselves. And fix one place that didn't even need to use a string - it was just scanning a C string without even modifying it. Change-Id: Ibbf4872bf5b9935b9907f539b6edb1013f3053a5 Reviewed-on: https://code.wireshark.org/review/6532 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2015-01-03Use g_strdup_printf(), rather than a fixed-length buffer, for the app name.Guy Harris1-2/+4
Add some missing g_free()s while we're at it. Change-Id: Id38acc21d3c0b337e5d05baaf5ebbcd63699ff50 Reviewed-on: https://code.wireshark.org/review/6287 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2015-01-02Remove pkt_comment member from packet_info structure.Michael Mann1-2/+8
Change-Id: Ifd3d201a09944e3fc36188f891ea8a584886101d Reviewed-on: https://code.wireshark.org/review/5884 Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com> Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2015-01-01Remove unneeded includes from ui folderMartin Mathieson1-2/+0
Change-Id: Ifd1eebff9080cd3867e44e4dcb2d2681370ed60a Reviewed-on: https://code.wireshark.org/review/6128 Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
2014-12-18Handle "I can't map this for that file format" better.Guy Harris1-1/+12
For cases where record (meta)data is something that can't be written out in a particular file format, return WTAP_ERR_UNWRITABLE_REC_DATA along with an err_info string. Report (and free) that err_info string in cases where WTAP_ERR_UNWRITABLE_REC_DATA is returned. Clean up some other error reporting cases, and flag with an XXX some cases where we aren't reporting errors at all, while we're at it. Change-Id: I91d02093af0d42c24ec4634c2c773b30f3d39ab3 Reviewed-on: https://code.wireshark.org/review/5823 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-08-18Fix warning: no previous prototype for ... [-Wmissing-prototypes]Alexis La Goutte1-1/+1
Add static before function Change-Id: I42c5be7a1436160bcb82d0cb4309959802b7b3cb Reviewed-on: https://code.wireshark.org/review/3696 Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-07-16The plural is "PDUs", not "PDU:s".Guy Harris1-1/+1
Change-Id: I4bef734ef17b02e254b742744e2debd3038e98a0 Reviewed-on: https://code.wireshark.org/review/3074 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-07-15Cleanup the "export PDU" common code.Guy Harris1-4/+3
exp_pdu_file_open() isn't used outside ui/tap_export_pdu.c; make it static. do_export_pdu() isn't a tap routine, it's called *from* tap routines, so its last argument doesn't need to be a generic pointer; its last argument must be a pointer to an exp_pdu_t, so declare it as such. Clean up comments while we're at it. Change-Id: Iab51b54a0c272052d7876110a095f2fff66fa2c1 Reviewed-on: https://code.wireshark.org/review/3060 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-22Add a routine to return a version string including VCS information.Guy Harris1-2/+2
Add a routine get_ws_vcs_version_info() that, for builds from a tree checked out from Wireshark's version control system, returns a string that includes both the Wireshark version number and an indication of what particular VCS version was checked out, and just returns Wireshark's version number for other builds. Use that routine rather than manually gluing VERSION and the Git version number together. ("vcs", not "git", just in case we do something bizarre or mercurial some day. :-)) Change-Id: Ie5c6dc83b9d3f56655eaef30fec3ec9916b6320d Reviewed-on: https://code.wireshark.org/review/2529 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-21Move get_os_version_info() to libwsutil.Guy Harris1-0/+1
This mean we also have to move CFString_to_C_string() there for OS X. Change-Id: Ic91ad872e9d5290cf34f842503ededd5452e4337 Reviewed-on: https://code.wireshark.org/review/2511 Reviewed-by: Guy Harris <guy@alum.mit.edu>