Age | Commit message (Collapse) | Author | Files | Lines |
|
Move it next to other capture_file fields for the currently-selected
packet, add a comment indicating that's what all those fields are for,
separate them from the following fields that *aren't* for the
currently-selected field, and explicitly use them in cf_select_packet().
Also add a comment about why we're waiting until the end to free up the
old cf->edt in cf_select_packet() and cf_unselect_packet().
Change-Id: I1653af06eeb4ebe1131bc08bcaa2dc639932c7fa
Ping-Bug: 15683
Reviewed-on: https://code.wireshark.org/review/32764
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: If396f597a2c3c9d6558d6607faa4d0a054c9966d
Reviewed-on: https://code.wireshark.org/review/32760
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Ethernet packets without the CRC are 1514 bytes long, not 1500 bytes
long; using 1514 bytes will avoid a reallocation for a full-sized
Ethernet packet.
Change-Id: Ie8da3f13bf3df07e23e4478b7dcf84f06dec6a9d
Reviewed-on: https://code.wireshark.org/review/32761
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This reverts commit 9445403f9558901dc54c88754ff21795ea1803f3.
cf_select_packet frees the buffer backing the dissection result
(cf->edt) which results in use-after-frees when callers try to access
the contents. See for example this call trace:
* PacketList::selectionChanged
* cf_select_packet(cap_file_, row)
* frameSelected(row) -> ByteViewTab::selectedFrameChanged
* addTab(source_name, get_data_source_tvb(source))
get_data_source_tvb returns the buffer that backs the dissection and
must remain valid even after dissection has completed. If this is not
done, then a possibly expensive redissection must be done in order to
populate the byte view. The temporary memory savings are not worth it.
Bug: 15683
Change-Id: Ia5ec2c7736cdebbac3c5bf46a4e2470c9236262d
Reviewed-on: https://code.wireshark.org/review/32758
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I227db32a59a16c31d7712cb9c48b55fa4aaf28ca
Reviewed-on: https://code.wireshark.org/review/32759
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Bug: 15646
Change-Id: I6476c3fd8bf928e865fc2ced5b70b49e9a2bacd7
Reviewed-on: https://code.wireshark.org/review/32591
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Before this change Wireshark would assume there is no USB devices that
use "device" recepient (RQT_SETUP_RECIPIENT_DEVICE) in Setup stage of
USB CONTROL messages. But there are plenty of such, examples are:
FrescoLogic's FL2000 USB Display controller, Razer USB peripherals;
there are open projects that investigate protocols for them in order to
implement OSS drivers and SW stacks.
Allow dissection of USB "device" Setup CONTROL messages by treating them
in the same way as "other" or "reserved" with assumption that at least
IntefaceClass is set to UNKNWON (0xffff) which is true for at least
beforementioned FL2000 and Razer HW implementations.
Change-Id: I44f4f8cdccd973194aeda2c39c59529d531c31b2
Reviewed-on: https://code.wireshark.org/review/32626
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Replace g_assert in our call_dissector* routines with DISSECTOR_ASSERT.
Change-Id: I76104ba09e272ff34e3eaa958c7f711e27e4a3b5
Reviewed-on: https://code.wireshark.org/review/32741
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ic0d8ec3604ce6a31b68ef265cd5337b0565b8a24
Reviewed-on: https://code.wireshark.org/review/32740
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: I6e010fe0529085aed2fb6f7c07e9598d27416e7d
Reviewed-on: https://code.wireshark.org/review/32436
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Reported by Helge Magnus Keck
Change-Id: If0aae0879d52a2516642d162395795c05c28b9b9
Reviewed-on: https://code.wireshark.org/review/32736
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Reported by Helge Magnus Keck
Change-Id: Ia96521920b3108f2d5867c9392fd93210ac99d37
Reviewed-on: https://code.wireshark.org/review/32735
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: If491e56cd207feef661d88c8a3c86e86e7f90b77
Reviewed-on: https://code.wireshark.org/review/32733
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Change-Id: I01436a16a81dc8aca28c21e6a0121fbddf3216b7
Reviewed-on: https://code.wireshark.org/review/32734
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Most code that reads from a capture_file already has its own wtap_rec
and Buffer; change the remaining ones to do so as well.
Change-Id: I9b7c136642bbb375848c37ebe23c9cdeffe830c3
Reviewed-on: https://code.wireshark.org/review/32732
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I8118f521c2278e91b031974329bfeffe2b5cc9dc
Reviewed-on: https://code.wireshark.org/review/32610
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ibaf80f7adac396811802ef7fc9dcd3d4ededff57
Reviewed-on: https://code.wireshark.org/review/32731
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Bug: 8165
Change-Id: I73bca63d6c5b32a1b185cd7a65cbf914f5b7823f
Reviewed-on: https://code.wireshark.org/review/32694
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Bug: 15673
Change-Id: Ia737d7b446114e5da9684201344436d80266f0a2
Reviewed-on: https://code.wireshark.org/review/32721
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I07c7f101dbf3507f30a119ab9506378e0fb53d6f
Reviewed-on: https://code.wireshark.org/review/32730
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I35299464560aff2785a52217d4052da3ffedcd6a
Reviewed-on: https://code.wireshark.org/review/32729
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That makes it - and the routines that implement it - work more like the
seek-read routine.
Change-Id: I0cace2d0e4c9ebfc21ac98fd1af1ec70f60a240d
Reviewed-on: https://code.wireshark.org/review/32727
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
When adding generated IID and OID bytes to the tree, use a zero offset
and length like we do elsewhere in the dissector.
Bug: 15617
Change-Id: Id900f2aeeef7926706b417622d452ffa72949e8a
Reviewed-on: https://code.wireshark.org/review/32698
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: I3e7067e84653aa6e71052cdcea98c2305bd663e3
Reviewed-on: https://code.wireshark.org/review/32720
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That's just noise, especially if the signal is SIGINT.
Change-Id: I97df2396d60280e5978f637ec3bb8f93966674b8
Reviewed-on: https://code.wireshark.org/review/32718
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Catch signals/ctrl events when we're reading a capture, and stop reading
if we get one of those. When we close a print stream, restore the color
as appropriate.
Change-Id: I3dd936964560fb3902befe0fd2e961f80437ca72
Ping-Bug: 15659
Reviewed-on: https://code.wireshark.org/review/32716
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ie22137e95c8752a0783e3e9ff99b45c0b79b0d4a
Reviewed-on: https://code.wireshark.org/review/32714
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add defines for AKMS and use instead of magic values in code.
Change-Id: Ib40b88836d58b0e16dae9a2eacfdee67344bc6d8
Reviewed-on: https://code.wireshark.org/review/32712
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I2f4258e2f4fd11c26bdc101e1375d0b5708610b7
Reviewed-on: https://code.wireshark.org/review/32713
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 15665
Change-Id: Iaff2432bf87d1c9d237709b651005518c89bff18
Reviewed-on: https://code.wireshark.org/review/32707
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Put the pass 1 of a two-pass read, pass 2 of a two-pass read, and only
pass of a one-pass read into separate routines, returning success/read
error/write error status codes.
This makes the processing a bit cleaner, and makes it easier to have the
file-reading code catch signals/control events.
Change-Id: I58cd9e4b86f219f3afa2dc61b57f41978fc2f853
Reviewed-on: https://code.wireshark.org/review/32711
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
FT over IEEE 802.1X (SHA384) is also an FT AKMS so treat it
as such when dissecting the RSN IE. While at it replace the big
if statement with a function.
Bug: 15616
Change-Id: I9abe45a5c70bc062a9d6d8fb97226a3d0cde42b3
Reviewed-on: https://code.wireshark.org/review/32692
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Check buflen to prevent wrong scanf call as well.
Bug: 15614
Change-Id: I58a2855d8b1beda067bf9b2d724229ab20249228
Reviewed-on: https://code.wireshark.org/review/32573
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Convert our various PROTO_ITEM_ macros to inline functions and document
them.
Change-Id: I070b15d4f70d2189217a177ee8ba2740be36327c
Reviewed-on: https://code.wireshark.org/review/32706
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Disable the following warning:
../epan/wmem/wmem_test.c:690:9: warning: missed loop optimization, the loop counter may overflow [-Wunsafe-loop-optimizations]
for (j=0; j<=i; j++, k++) {
^~~
Change-Id: If1ea004d6b0fc2aa5450a810dd400245afd1a490
Reviewed-on: https://code.wireshark.org/review/32709
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Fix
epan/dissectors/packet-h248_annex_c.c (1 (of 125) fields)
sdp.media.port.invalid doesn't match PROTOABBREV of h248_annex_c
Change-Id: Id1a030c318792c3b8b2305ed5b4f456506db3270
Reviewed-on: https://code.wireshark.org/review/32708
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The answer to the question "do we need to add hardened runtime
entitlements or exceptions?" in osx-app.sh is "yes". Update a comment
accordingly.
Change-Id: Icc6f9ed31838aa6342f405a244e726586e9c0c4d
Reviewed-on: https://code.wireshark.org/review/32703
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
This adds the entitlement to everything we sign. I cannot test a more
granular approach without access to an Apple issued codesigning cert/key
pair.
Bug: 15667
Change-Id: I9fe962a06b681d33853b0944765987e21d21be2d
Reviewed-on: https://code.wireshark.org/review/32700
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Reorganize the lists of accessors, with a top-level heading for the byte
order and subheadings for each size.
Also document ENC_HOST_ENDIAN.
Change-Id: I10131e399f6c90624a387c89340f77ea769ab33f
Reviewed-on: https://code.wireshark.org/review/32701
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ifb34b3959c6a3ea23691d0795227c2a4a98b9290
Reviewed-on: https://code.wireshark.org/review/32599
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: Iefd53ad630f1dabc154c5b5a940e58288a91aa6e
Reviewed-on: https://code.wireshark.org/review/32623
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Require the POD package. Some platforms ship POD translators as a
separate package instead of shipping them with Perl.
Bug: 15513
Change-Id: Ie277f9296d06063581512bc4c2df1d3158117f2c
Reviewed-on: https://code.wireshark.org/review/32685
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
The 'sign' bit was treated like a regular bit because of direct casting to a wider int type
Change-Id: Id0f095fa9bda97ecbdfc32f3610271eeea86fc2e
Reviewed-on: https://code.wireshark.org/review/32688
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
PTK key derivation algorithm for WPA1 uses SHA1 not MD5.
MD5 is used for MIC only.
To avoid regression also add a decrypt test for WPA1 with
GTK rekeying.
Change-Id: Iabcf40c2f74d5dbc1d72cba0718c77020d97f61f
Fixes: v3.1.0rc0-342-g9cf77ec5e1 ("ieee80211: Support decrypting WPA3-Personal / SAE captures")
Reviewed-on: https://code.wireshark.org/review/32691
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Bug: 15620
Change-Id: I600c262f42414dd50c0cf4c1230acfb2a8042212
Reviewed-on: https://code.wireshark.org/review/32520
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: Ied0c91ea070ee76603e7ecb29d874e0c1a65892e
Reviewed-on: https://code.wireshark.org/review/32684
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Updates some information elements according to
https://www.iana.org/assignments/ipfix/ipfix.xhtml
Adds support for RFC8549
Change-Id: Ic4129df7cfeccd86a7bfb40cbc7181559b85fe50
Reviewed-on: https://code.wireshark.org/review/32690
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
For Windows:
Don't use ws_isatty() - which is a wrapper around _isatty() - to
determine whether the output is to a Windows console or not; it returns
a non-zero value for *any* character device, not just a console.
Instead, use a console API; if it succeeds, it's a console, otherwise it
isn't.
If we're writing to a console, and the
ENABLE_VIRTUAL_TERMINAL_PROCESSING flag is set, or it isn't set but we
can set it, assume the console supports the escape sequences that
request 24-bit color, and use them.
For UN*X:
We can isatty() to determine if the output is to a terminal, as it
doesn't check for character special files, it specifically checks for
terminals (which, in practice, means "device that supports one of the
ioctls to get terminal modes" in most if not all cases; that covers
serial lines, pseudo-ttys, and perhaps some other devices).
Only use the 24-bit color escape sequences if the COLORTERM environment
variable is set to "truecolor" or "24bit".
Bug: 15659
Change-Id: I673667b86bd6b2ab48c06e00ed16b537d6723453
Reviewed-on: https://code.wireshark.org/review/32689
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Disable the following warnings:
../epan/oids_test.c:33:68: warning: initialization of a flexible array member [-Wpedantic]
../epan/oids_test.c:34:57: warning: initialization of a flexible array member [-Wpedantic]
../epan/oids_test.c:38:9: warning: initialization of a flexible array member [-Wpedantic]
../epan/oids_test.c:40:60: warning: initialization of a flexible array member [-Wpedantic]
../epan/oids_test.c:41:54: warning: initialization of a flexible array member [-Wpedantic]
../epan/oids_test.c:45:8: warning: initialization of a flexible array member [-Wpedantic]
../epan/oids_test.c:46:84: warning: initialization of a flexible array member [-Wpedantic]
Change-Id: I6af0d3182162a15ea6e072029a86a32c0c27c575
Reviewed-on: https://code.wireshark.org/review/32686
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: Ic31feb3ca5aeb2ccc5555380dd9b5c24995f3081
Reviewed-on: https://code.wireshark.org/review/32687
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|