Age | Commit message (Collapse) | Author | Files | Lines |
|
Combine the check for whether the field is within the packet data and
the swapping of the field into macros that do both, and use them.
Change-Id: I1db4c5fd76172edd44abc9fb111d79a2537c6c9d
Reviewed-on: https://code.wireshark.org/review/130
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
For some routines that take multiple arguments that come from a struct
wtap_pkthdr, pass a pointer to the struct wtap_pkthdr in question,
rather than the separate arguments. Do this even if we're passing
expressions that were earlier assigned to the struct wtap_pkthdr fields
in question. This simplifies the calling sequences and ensures that the
right values are picked up by the called routine; in at least one case
we were *not* passing the right values (the code to handle Simple Packet
Blocks in pcap-ng files).
Also, call the byte-swapping routines for pseudo-header fields only if
we need to do byte-swapping.
Change-Id: I3a8badfcfeb0237dfc1d1014185a67f18c0f2ebe
Reviewed-on: https://code.wireshark.org/review/119
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: If20a14b949667911df44f09c6a705b7645d4c49e
Reviewed-on: https://code.wireshark.org/review/85
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I6be0d2dfe3b44f166233b1dd20ef02c10a024f97
Reviewed-on: https://code.wireshark.org/review/74
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Evan Huus <eapache@gmail.com>
|
|
* Remove _MSC_VER < 1500 check
* Cleanup config.nmake
See http://www.wireshark.org/lists/wireshark-dev/201305/msg00159.html
svn path=/trunk/; revision=54965
|
|
willing to read or that's bigger than will fit in the file format;
instead, report an error.
For the "I can't write a packet of that type in that file type" error,
report the file type in question.
svn path=/trunk/; revision=54882
|
|
heuristic cases broken in r49999 when we permitted packets > 64KB, since that
relaxed so severely the definition of a valid packet header.
64MB is an arbitrary and perhaps suboptimal number, but it seems to do the right
thing in all the examples I have handy.
Fixes https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9634
svn path=/trunk/; revision=54812
|
|
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9606)
From Michal Labedski
1. add support for new btsnoop "format" introduced by BlueZ team in "btmon" tool
2. Bluetooth: Make EIR, AD and COD more generic
3. Bluetooth: HCI/LL: Update Error Codes to Core 4.1 Specification
4. Ubertooth: Fix response command handling
5. Ubertooth: Update to support firmware version
6. Ubertooth: Dissect by Vendor Id/Product Id
svn path=/trunk/; revision=54699
|
|
svn path=/trunk/; revision=54686
|
|
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9607)
This is a VERY PRELIMINARY version of tfshark. It's an attempt to jumpstart FileShark and its architecture. Right now it's mostly just a very stripped down version of tshark with all of the necessary build modifications (including now building filetap library since tfshark depends on it)
This code has helped me identify what I believe to be all of the necessary layers for a complete fileshark architecture. And those layers will slowly be added in time (patches always welcome!).
svn path=/trunk/; revision=54646
|
|
wtap_seek_read().
svn path=/trunk/; revision=54570
|
|
seek-read routine does that.
Pass the length we just filled in to buffer_assure_space() in the
seek-read routine, and use that in the memcpy() as well.
svn path=/trunk/; revision=54568
|
|
svn path=/trunk/; revision=54565
|
|
svn path=/trunk/; revision=54564
|
|
both the read and seek-read routines.
Use the packet length read from the packet header when reading packets
randomly.
svn path=/trunk/; revision=54549
|
|
and seek-read routines.
svn path=/trunk/; revision=54548
|
|
routines.
svn path=/trunk/; revision=54547
|
|
of bytes in them to 0, as there's no data in them, and set the offset in
that buffer of the stream's current position, to 0, as we're currently
at the beginning of the file in both streams.
This fixes some tricky-to-reproduce errors (which show up only if the
ngsniffer_t structure is allocated from data that's been allocated,
written to in those variables, and freed).
#BACKPORT 1.8, 1.10
svn path=/trunk/; revision=54544
|
|
unrelated uninitialized-data bug that I want to fix in the next commit,
and then backport.
svn path=/trunk/; revision=54543
|
|
access. We currently can't provide a time stamp when randomly reading,
so don't set WTAP_HAS_TS in that case.
svn path=/trunk/; revision=54527
|
|
commit message.
svn path=/trunk/; revision=54526
|
|
don't break it into chunks.
This means we don't need to do reassembly in the MIME-encapsulated-data
dissector.
svn path=/trunk/; revision=54525
|
|
don't break it into chunks.
This means we don't need to do reassembly in the MIME-encapsulated-data
dissector.
svn path=/trunk/; revision=54524
|
|
ngsniffer_read_rec_data(), and separatelyskip extra data after that.
When reading randomly, use the packet length read from the packet
header.
svn path=/trunk/; revision=54523
|
|
randomly.
svn path=/trunk/; revision=54522
|
|
svn path=/trunk/; revision=54521
|
|
header when reading packets randomly.
svn path=/trunk/; revision=54520
|
|
randomly.
svn path=/trunk/; revision=54519
|
|
randomly.
svn path=/trunk/; revision=54518
|
|
and treat it as an error, when reading packets randomly.
svn path=/trunk/; revision=54517
|
|
and treat it as an error, when reading packets randomly.
svn path=/trunk/; revision=54516
|
|
svn path=/trunk/; revision=54504
|
|
and set it in NetXRay/Windows Sniffer files if the putative "ATM
reassembly failed" flag is set and, if reassembly failed, don't attempt
to dissect the packet.
svn path=/trunk/; revision=54503
|
|
Use a consistent formatting style for function defs;
Add editor modelines.
svn path=/trunk/; revision=54501
|
|
svn path=/trunk/; revision=54500
|
|
svn path=/trunk/; revision=54497
|
|
heuristics, but do have a file extension that files of that format are
likely to have, use the extension of the file we're opening, if it has
one, as a hint for which heuristics to try first.
svn path=/trunk/; revision=54495
|
|
this is already correct in 1.8 and 1.10 and was
accidentially(?) changed in r52176
svn path=/trunk/; revision=54479
|
|
svn path=/trunk/; revision=54460
|
|
svn path=/trunk/; revision=54328
|
|
svn path=/trunk/; revision=54314
|
|
others don't have trailing periods, and the caller adds a period as
desired.
svn path=/trunk/; revision=54199
|
|
svn path=/trunk/; revision=54101
|
|
numeric values using strtoul and casting it the result to a guint32.
Hopefully no user or session IDs are negative or greater than 32 bits.
svn path=/trunk/; revision=54100
|
|
svn path=/trunk/; revision=54018
|
|
svn path=/trunk/; revision=54017
|
|
suspect, the change to handle VWR files with no packets); shuffle it
after all the types we've seen misidentified as VWR files.
svn path=/trunk/; revision=54012
|
|
NULL-terminated.
svn path=/trunk/; revision=53995
|
|
svn path=/trunk/; revision=53834
|
|
svn path=/trunk/; revision=53764
|