Age | Commit message (Collapse) | Author | Files | Lines |
|
Field infos have a length property that was not stored with the
field value so when using a negative index the end was computed
from the captured length of the frame tvbuff, leading to incorrect
results. The documentation in wireshark-filter(5) describes how
this was supposed to work but as far as I can tell it never worked
properly.
We now store the length and use that (when it is different from -1)
to locate the end of the protocol data in the tvbuff. An extra wrinkle
is that sometimes the length is set after the field value is created.
This is the most common case as the majority of protocols have a
variable length and dissection generally proceeds with a TVB subset from
the current layer (with offset zero) through all remaining layers to the
end of the captured length. For that reason we must use an expedient to allow
changing the protocol length of an existing protocol fvalue, whenever
proto_item_set_len() is called.
Fixes #17772.
|
|
This seems to be buggy and have a complicated interaction with
the GCC optimizer. Disable hard failures so we can focus on
actual issues and deal with dormant false positives when it is
convenient.
Ping #18089
|
|
Rename conversation_lookup_hashtable to conversation_lookup_addr_port.
Add a new conversation_lookup_hashtable that consolidates some duplicate
code and takes a general set of arguments similar to the other
conversation_*_hashtable routines.
|
|
|
|
Add conversation_new_full and find_conversation_full, which take
arbitrary element lists instead of fixed addresses and ports.
Update the comments in conversation.h to be more Doxygen-conformant.
Update README.dissector.
Use the new functionality to add initial conversation support to the
Falco Bridge dissector.
|
|
The new TECMP release renames as follows:
- Capture Module -> Device
- Channel -> Interface
Header fields (incl. filters) and Config UATs are affected.
|
|
|
|
We pass "--format-version 1" to rcc. If it's compiled with Zstandard we
need to pass "-compress-algo zlib" as well.
Fixes #18100.
|
|
The Qt implicit casts from QByteArray to QString all use
size = -1, meaning to the end of the string.
This causes gcc 12.1 with -O2 to produce a very dubious stringop-overread
warning, by computing both sides of a branch even when it shouldn't:
/usr/include/qt5/QtCore/qstring.h:706:69: error: ‘size_t strlen(const char*)’ reading 1 or more bytes from a region of size 0 [-Werror=stringop-overread]
706 | return fromUtf8_helper(str, (str && size == -1) ? int(strlen(str)) : size);
| ~~~~~~^~~~~
There's also a similar error with QByteArray.constData(), even though
isEmpty() should return True when the QByteArray is NULL.
(Adding isNull() prevents the warning but is redundant.)
Use DIAG_OFF and DIAG_ON to ignore the warning on GCC 12.1 and higher.
Fix #18090.
|
|
|
|
Update manuf, services enterprise numbers, translations, and other items.
services failed.
|
|
|
|
This patch updates the TECMP dissector with 1.6 and 1.7 changes.
Changes:
- Multiple new flags for CAN, CAN-FD, FlexRay, LIN, Analog, etc.
- Reordering of flags
- Additional data units for Analog
- New Header CRC and Frame CRC for FlexRay (1.6 change)
- New CRCs for CAN and CAN-FD (1.6 change)
- Deprecated the removed Analog Threshold Undershot/Exceeded flags,
since they were removed
This patch does not include the renaming to Device and Interface.
|
|
packet-smc.c:722:4: warning: Value stored to 'offset' is never read [deadcode.DeadStores]
packet-smc.c:887:4: warning: Value stored to 'offset' is never read [deadcode.DeadStores]
|
|
packet-couchbase.c:2685:17: warning: Value stored to 'offset' is never read [deadcode.DeadStores]
|
|
packet-catapult-dct2000.c:1099:13: warning: Value stored to 'tag' is never read [deadcode.DeadStores]
packet-catapult-dct2000.c:1100:13: warning: Value stored to 'len' is never read [deadcode.DeadStores]
packet-catapult-dct2000.c:3076:21: warning: Value stored to 'sub_dissector_result' is never read [deadcode.DeadStores]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Remove the "developers only" admonition.
|
|
|
|
|
|
Update to the current (c02ae4b6) API.
|
|
|
|
Set the row colors in the traffic dialogs to alternating for better
readibility and add a context menu option to resize the columns back
to content
Fixes #16189
|
|
Remove unnecessary subclass and make the code easier to
manage in the future
|
|
|
|
Move the type selection to the tab selection bar, so that new
users may find it faster and easier
|
|
|
|
Allow the headers of the conversations and endpoint statistic
dialog to be used with the Qt translation system
|
|
Remote traffic_table_ui.? and move the JSON stuff into endpoint.
This is in preparation for larger work on both the conversation
table as well as the endpoint table, and to start using Qt code
in the UI where it should be used.
|
|
|
|
Extract Method for multiple message of SDP Media Attribute to simplify things and Make processes clearer.
dissect_sdp_media_attribute_rtpmap
dissect_sdp_media_attribute_fmtp
dissect_sdp_media_attribute_path
dissect_sdp_media_attribute_h248_item
dissect_sdp_media_attribute_crypto
The original function remain unchanged.
|
|
|
|
The debian directory was moved to packaging/debian in 79da670bd1. Update
the documentation to match. Ping #18097.
|
|
After selecting field values to be shown or not shown
residues of the former diagram may reside until the next
scroll event. This updates the viewport to trigger the
paintEvent earlier.
Fixes #17997
|
|
Parameter name should be appended only once to the tree, when handling
national extensions.
Close #18094
|
|
|
|
|
|
It's Windows-only.
|
|
Qt 6.2.4 has a serious display enumeration bug on Windows (QTBUG-101203).
Switch to 6.2.3.
Fixes #18091.
|
|
This is a small speedup for the ResolvedAddressesDialog. QString::arg
is a copy-by-call method as QString::append just extends the space
occupied by the string, leading to a major speed improvement.
Same goes for configuring the proxymodels first and then assigning the
data model as this will lead not to reorganization everytime
invalideFilter is being called
|
|
Windows implements so called CRT handlers, which will catch any
assertions happening inside so called crt routines and either
displays a debug dialog (Cancel, Retry, Ignore) or outright crashes
the application.
See
https://docs.microsoft.com/en-us/cpp/c-runtime-library/parameter-validation?view=msvc-170
for an explanation of the behaviour.
Now, in the current situation here, close will detect (correctly)
that the pipe it is supposed to be closing is already closed. This
happens (again correctly) because it had been closed by the extcap
application.
The change added, checks for a closed pipe first, and if so just
returns -1 (as it should) silently without calling the CRT routine,
therefore not crashing
|
|
The current situation in UatDelegate as well as PathChooserDelegate leads to issues, where Wireshark crashes if the button is clicked. This is due to the UI not correctly positioning the button inside the cell.
This change implements a widget, which will serve as cell content, handling all relations with choosing the file, but also properly handling the size and geometry of said cell content, therefore no longer leading to crashes and cleaning up code at the same time, as duplicate methods are being removed.
Fixes #17789, #17819, #18088
|
|
Use `CMake -E tar xf` to unzip files in win-setup.ps1. This seems to be
the most reliable and reasonably fast common denominator for unzipping
files. Update our comments. Fixes #17756.
|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
Make sure we pass NO_ADDR2 and NO_PORT2 to conversation_new and
NO_ADDR_B and NO_PORT_B to find_conversation.
|