| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
Explain, in detail, exactly what it's trying to do and, for each of the
three commands in the example, what each step does, as well as
explaining what the calculation using the end time of one capture and
start time of another capture is doing.
(Where did this example come from? What is the real-world goal of this
exercise? And why is it an example in which all the fancy stuff is done
in commands *other* than mergecap?)
(cherry picked from commit 628fe2549a47f4f246dd645d5d15dad3edc35cb7)
|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
Manually copy over the Win64 Package and Win32 Package jobs from
2d9280089c in master and adapt for the 3.4 release builds.
|
|
LINKTYPE_ERF pcap files are really ERF files inside a thin pcap wrapper
(don't even ask what a pcapng file with some or all interfaces being
LINKTYPE_ERF is...), so the time stamp comes from the ERF record, not
from the pcap packet header or pcapng block header.
The time stamp reslution for the record should reflect that, so set it
to WTAP_TSPREC_NSEC (ERF time stamps are fractional-power-of-2, not
fractional-power-of-10, so that's the best we can do).
(cherry picked from commit 39315979c638b916d76a9dbf8c7ffb089721f01a)
|
|
Have them take error code and error information string arguments and,
for various failures, fill them in as "internal error" indications.
Check their return codes to see if they got an error.
(cherry picked from commit 02cffb51a9fc048defac1085cb71d5567ae3f4fc)
|
|
The ERF code will generate interfaces based on the ERF records in the
file, so don't bother adding an additional dummy interface.
(cherry picked from commit d69d1271f08fb4e919447dbfb8a36c2cdfe3e48b)
|
|
Don't assume the default is correct, because there's no guarantee of
that - in fact, there's currently a guarantee that it's not, as it's
initialized to 0, which is WTAP_TSPREC_SECS.
(cherry picked from commit 49ec11f5aad2c6c29b02036ef9744c5680ee88a0)
|
|
In the past, tvb_reported_length_remaining(), and thus
Tvb:reported_length_remaining(), may have returned -1 if the offset was
invalid. That's no longer the case; the former returns 0, and, as the
latter just returns the former's return value, that's true of the latter
as well.
(cherry picked from commit 6c043d5c73e3bdbb84f988a82ebdfc18d77489b9)
|
|
It has a "reported length", which is the closes thing to an "actual
length", as it represents the length the packet, or subset thereof, had
on the network, and a "captured length", which is the amount of the
packet that the capture process saved.
In 99.999999999999999999999999999999% of all cases, a dissector should
look at the "reported length", not at the "captured length".
Rename the "len" method to "captured_len", leaving "len" around for
backwards compatibility.
Fix the documentation to reflect reality, to avoid issues such as #15655.
(cherry picked from commit bd9ceaebef86a30f5f45a8887fd01883dd0d1993)
|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
(cherry picked from commit 70cea91c8a3b5c4cea33ec53dab022531b44297b)
|
|
Issue reported by Behzad Mokhtari
Fix #17431
(cherry picked from commit b716e2f1a2a1a592aff2c71662f0827527d72f68)
|
|
Fix EXC_BAD_ACCESS error by using printer variable.
(cherry picked from commit ea20002a0783dfc1c8912ab297f2eff065edca54)
|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
DSACK blocks (the first SACK block in a TCP SACK option, with right edge
being lower or equal to the ACK filed) are now identified correctly.
Closes #17315
(cherry picked from commit 7179e1d1fbd7e6fb3d4f8848e432dd7c5ad54dae)
|
|
The entry was copied and pasted, and the variable name and descriptive
text were changed, but the field name wasn't.
(cherry picked from commit deb6786ed455fa9433caeb4d3c542be4e5918102)
|
|
For 802.11n if the bitrate is not supplied then the calculated bitrate is used. This change does the same for 11ac and 11ax.
Sniffer traces taken on recent versions of Macos no longer supply the bitrate for 11ac frames in the RADIOTAP header, this change allows the wireless timeline to work with these traces.
Fixes #17419.
(cherry picked from commit 5202119239f76af3df20540b35c618d7095c99c6)
|
|
Create the display filter list in the APT Test step.
|
|
[skip ci]
|
|
[skip ci]
|
|
It runs up to either the end of the option data or the terminating
end-of-options option (readers MUST handle lists of options that
contains an end-of-options option and lists of options that don't).
(cherry picked from commit 2f5c0ffdb26d753943201029ff65e237c1a9776b)
|
|
REC_TYPE_PACKET is 0, so if it's been initialized to 0, and never gets
overwritten, this fixes code withotu fixing a visible bug, but it should
be done anyway.
(backported from commit 162251176ae206430b81bd8b467bc22c6c7bcd8b)
|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
|
|
|
|
We can't unescape characters when expanding a display filter macro.
The escaping must be preserved until the expression is evaluated in
the display filter engine, otherwise it will likely generate a syntax
error in the parser.
In the macro body we allow '$' (or any other char) to be escaped
with backslash (preserving the backslash).
Fixes #17160.
(cherry picked from commit 1dba58789d7fbf6952d631774c94f63e2179d4d1)
|
|
Show only the basename of each capture file when fuzzing, which is less
noisy than the full pathname.
(cherry picked from commit 4266e1e9baa2ecce49eaaa20a5beecb39d21a0af)
|
|
Commit 4bf4ee88f0544727e7f89f3f288c6afd2f650a4c removed an else
statement that broke out of the BBFrame processing loop. Without
it, infinite loops might be possible if the GSE frames have bit errors
in the length field.
(cherry picked from commit 0137c24d60934f131b25506a88c9464e4dc827de)
|
|
The ftype-protocol has two components to its value - a tvb, which is
allowed to be be NULL (most notably in _ws.expert), and a string
description. They can also be created from string literals, such as
in display filters. It's possible to compare protocols with a NULL
tvb with protocol terms created from literals, e.g. entering the
display filter "_ws_expert < 1".
Partially revert 69e2603c48d04a675785d9e7bad162ebb9a83b07 so that
this doesn't crash, by assigning proto_string to the empty string
instead of null when creating from a literal. Fixes #17316
(cherry picked from commit 31297dbb82da0b3adf5c257398638d9b4da94931)
|
|
Set the AUTOMOC, AUTOUIC, and AUTORCC properties for the qtui and
wireshark targets to match what we currently do in master. This should
keep us from running moc and uic on unwanted targets.
|
|
(cherry picked from commit fb2414ae6dbdc3d81c9ccdd24eb65cd8324065ea)
|
|
|
|
Enable ccache for our fuzz builds. Add sections as described at
https://docs.gitlab.com/ee/ci/jobs/#expand-and-collapse-job-log-sections
for the CMake step as well.
(cherry picked from commit 02f4dcb0ad13fd3b671c212aec739be96ca2dc41)
|
|
Move the RANAP heuristic dissector registration under the initialization
guard that they're only registered once. Prevents console warnings about
the dissectors already being registered to the sccp and sua tables if
a RANAP preference is changed. (Backported manually to regenerate the
dissector via asn2wrs.py)
|
|
If the two putative number-of-records values don't match (meaning one of
them is presumably the number of records and the other one isn't - we
don't know which is the case), free up the private data structure we
allocated before returning an error.
(cherry picked from commit 7f6c5d0137c94bdc9f7b07ee249d1b3cc9396dd9)
|
|
Just say "(Unknown application) <version>".
This also means that we don't leak the app_version string if there's no
app_name string.
(cherry picked from commit 297b6c5407426aa33b197f0f5d280ce4c6c04dc3)
|
|
Free the read buffer if the first read fails.
(cherry picked from commit 976ccc9a00d5abd4f1e1a6041378f8cb1292b27e)
|
|
Plugs a leak.
(cherry picked from commit 1bb64b7e0ca46442b3f3a65e4b99893674b3c287)
|
|
If we're throwing away the data, *throw away the data* - free it, as
we're not using it as the backing data for a tvbuff.
(cherry picked from commit 618661b22e34a59b21117db723d8ff91e064d4ba)
|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
There's a "break" in some code that appears to be copied and pasted from
a switch statement; the break would exit the loop (and leak memory
allocated within the loop), which does not appear to be the intent, so
it may have been copied over incorrectly. Remove it.
While we're at it, redo the "constant-time append to the end of a loop"
code to be a bit clearer, both to humans reading the code and code
analyzers reading the code.
(cherry picked from commit c73ab16bef0c97dd67f03fdfa7063958d1712d8b)
|
|
g_key_file_get_groups() returns a pointer to g_mallocated data; we need
to pass its return value to g_strfreev() when we're done with that data,
to free it up.
(cherry picked from commit 64f3f08702d09f912c2713ec830c91ead242507f)
|
|
If cf_export_specified_packets() succeeds, and it wrote to a temporary
file, it leaks the name of the file to which it was writing. Free that
after we've renamed that file on top of the target file (safe save).
(cherry picked from commit 8ca86b29bfa4780b17e6d15ab1f382f6f79a5065)
|
|
If the user aborted the process of exporting packets, if we're writing
to a temporary file, we unlink the file, but we don't free the
g_mallocated name of the file, so it's leaked. Free it.
(cherry picked from commit 54508703b0ac4d85df4104f6114a247d68c42b8e)
|
|
If init_progfile_dir() fails, it returns a g_mallocated string with an
error message. After printing the error message, free the string.
(cherry picked from commit c22b857942ea3f123d9fa5c31e04e85c6f3928f5)
|
|
Close the directory handle we've opened before returning a failure
indication if pbw_load_proto_file() or load_all_files_in_dir() reports a
failure.
(cherry picked from commit f0abd29e48c1bd724efea606000b86356a764011)
|
|
Free the path we've constructed before returning a failure indication if
pbw_load_proto_file() or load_all_files_in_dir() reports a failure.
Also, explicitly compare pbw_load_proto_file()'s return value against 0,
to make it a little clearer that it's *not* a Boolean, it's a return
code (with 0 meaning success and different non-zero values meaning
failure; if it matters *which* failure it is, we should probably have
otherwise we should just make it a Boolean).
(cherry picked from commit f1ffe7d4215ac1cc80d9596e6604b30ddfa59fcf)
|
|
0af60377b4 added an heuristic to detect (unencrypted) padding data;
it is based on the fact that all coalesced QUIC packets must have the
same CID.
Unfortunately it doesn't work when the CID length is 0.
Treat decryption error of SH packets as a non fatal error, report them
as possible padding data misdetectd as coalesced packets and try
decrypting next traffic.
Close #17383
(cherry picked from commit 389a899a18742185d14da729bf308505ca4f4a2e)
|
|
[AT]ify his email address.
This should address the recently-added problem mentioned #16658.
|
