Age | Commit message (Collapse) | Author | Files | Lines |
|
Add a new top-level view that shows each packet as a series of diagrams
similar to what you'd find in a networking textook or an RFC.
Add proto_item_set_bits_offset_len so that we can display some diagram
fields correctly.
Bugs / to do:
- Make this a separate dialog instead of a main window view?
- Handle bitfields / flags
Change-Id: Iba4897a5bf1dcd73929dde6210d5483cf07f54df
Reviewed-on: https://code.wireshark.org/review/37497
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Id0d3ba56e91c5dcf8b7063a2166445ca7bcec5d3
Reviewed-on: https://code.wireshark.org/review/38110
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
PAA is a variable length IE, but it is not extendable (see Table 8.1-1 in
3GPP TS 29.274). For a give type the length therefore has to match and
can not exceed the defined length.
Change-Id: Id65842a7f25018fd3864efd73f74ae583102a681
Reviewed-on: https://code.wireshark.org/review/37984
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I2da85d4ebe069a566943896fddb31e9a095d67b5
Reviewed-on: https://code.wireshark.org/review/38007
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
These are the final issues currently seen by check_typed_item_calls.py
Error: proto_tree_add_none_format(.., hf_authentication_parameter, ...) called at epan/dissectors/packet-obex.c:1840 with type FT_UINT8
(allowed types are {'FT_NONE'} )
Error: proto_tree_add_none_format(.., hf_authentication_parameter, ...) called at epan/dissectors/packet-obex.c:1887 with type FT_UINT8
(allowed types are {'FT_NONE'} )
Error: proto_tree_add_none_format(.., hf_session_parameter, ...) called at epan/dissectors/packet-obex.c:2058 with type FT_UINT8
(allowed types are {'FT_NONE'} )
Change-Id: If6772a72e01c7afd774a7b673d5775fd598bace3
Reviewed-on: https://code.wireshark.org/review/38095
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
This patches adds support to parse the TX flags of the radiotap header,
including a new DONT_ORDER Tx flag.
Bug: 16732
Change-Id: Ia57c079e020a32219a3e3fcfb7da5ef260360b7e
Reviewed-on: https://code.wireshark.org/review/37944
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Removed WLAN from the EAP identity fields because
it is additional and unnecessary. Added fields for
the full identity string and the identity type.
Removed the pseudo and reauth identity types by
collapsing all identity values into one field
(eap.identity) so the values may be filtered easier
by users in tshark and the GUI. Omitting
encrypted IMSI code until this patch and Change
37250 get merged since the encrypted IMSI logic
depends on these two patches.
Bug: 16537
Change-Id: If359756c1949aff2510b822b70e0e79df85213d0
Reviewed-on: https://code.wireshark.org/review/37257
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Id33135d82f30f0d88910b994492b4a64ac170d84
Reviewed-on: https://code.wireshark.org/review/38105
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Routine "dhcpv6_domain()" of packet-dhcpv6.c has the following
issues:
a. It is unaware of partial (relative) domain names which unlike
FQDNs must *not* be root terminated(0); otherwise, the resolver
interprets them as top-level domains (TLDs) such as "com." and
"org.".
b. Malformed errors are not thrown when they should be and when
thrown, it does so for the wrong reason.
c. No detail is provided as to the nature of a malformation.
d. The routine does not know the difference between an "empty"
and "root-only" domain name.
Routine "dhcpv6_option():
The meanings of flags octet of the in the OPTION_CLIENT_FQDN
option sent by the client are different that those of the server.
These differences are not reflected in the display. In addition,
the description of the 'N' bit is incorrect in either case. The
sender type must be determined in order to label them correctly
and to detect conflicts among them.
These changes fully address the above issues. Six types of
domain name errors are now detected. I believe the unusually
large amount of detailed comments with RFC references and
explanations were needed in this case due to the introduction
of concepts such as partial domain names that were not
recognized as such and thus improperly handled and labelled.
The subtree option headers have been converted from "Text only"
to named fields (dhcpv6.option.type_str). Example captures are
attached to the bug report.
Bug: 16627
Change-Id: I5ef3ee4261b9ab1f331ae2b9b0aa9e3d5e4a5566
Reviewed-on: https://code.wireshark.org/review/37678
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I52534b6a5dab43ee10501383f3fb76f47255b9a5
Reviewed-on: https://code.wireshark.org/review/38102
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
"Save as" in Follow Stream saves whatever is displayed (except for
Raw), and has long always saved in UTF-8 encoding. (A few things are always
ASCII, which is still valid UTF-8.) The older description of "Show data as"
makes more sense here, as otherwise it implies data will be saved in the
original encoding instead of UTF-8. A checkbox or similar to save in the
original encoding instead of UTF-8 is a possible future enhancement.
Change-Id: I2d5016e9a974d5d614ff93eab0301ea0ce96108e
Reviewed-on: https://code.wireshark.org/review/37771
Reviewed-by: Guy Harris <gharris@sonic.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ibcddf1a949f775afa49d36a2d165c3685556035d
Reviewed-on: https://code.wireshark.org/review/38104
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Change-Id: I68a971b9a299d85007f4b7f436750515a8dfe7fa
Reviewed-on: https://code.wireshark.org/review/38101
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Code to fetch the field (metadata length) was correct, but the item
displayed would be wrong. Fix mask, and use _ret_uint() variant
to avoid fetching the value separately.
Described in RFC 8300, section 2.5.1.
Change-Id: I87cdca489392e1baa6c51bbab303c77a803d204e
Reviewed-on: https://code.wireshark.org/review/38099
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I3e456e24f171ea2073806ad56606e6ce9092890c
Reviewed-on: https://code.wireshark.org/review/38096
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ia8f0f2ecada1a94c0bcdaaa5c560575ab945b002
Reviewed-on: https://code.wireshark.org/review/38098
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Update manuf, services enterprise numbers, translations, and other items.
Change-Id: I447ea71cd55ad637f1792ad0224ba43435ce2769
Reviewed-on: https://code.wireshark.org/review/38091
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Have the message indicate the problem and the name of the offending field.
Change-Id: I661125814c9ad5585a3e71d14f8407948e2e6d76
Reviewed-on: https://code.wireshark.org/review/38090
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Very rough support for dissecting the framing on unidirectional and
bidirectional streams. Support for dissecting QPACK contents will be
added later.
Thanks to Omer Shapira for identifying an important issue that broke
reassembly and blocked proper HTTP/3 support.
Bug: 16761
Change-Id: Ib7f87c824f1dca70967b82943e18d5afee39fa0b
Reviewed-on: https://code.wireshark.org/review/38084
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Load private key exchange keys (curve25519-sha256) provided by the user
Find matching public keys in the dissected data
Compute symmetric keys for decrypting encrypted Transport Layer Protocol
data
Bug: 16054
Change-Id: I83481bff6b1206ce222b0120ad9021e1607f7f97
Reviewed-on: https://code.wireshark.org/review/37936
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Error: proto_tree_add_string(.., hf_ansi_a_lai_mcc, ...) called at epan/dissectors/packet-ansi_a.c:3656 with type FT_UINT8
(allowed types are {'FT_STRINGZPAD', 'FT_STRINGZ', 'FT_STRING'} )
Error: proto_tree_add_string(.., hf_ansi_a_lai_mnc, ...) called at epan/dissectors/packet-ansi_a.c:3666 with type FT_UINT8
(allowed types are {'FT_STRINGZPAD', 'FT_STRINGZ', 'FT_STRING'} )
Error: proto_tree_add_none_format(.., hf_bthci_evt_vendor_codecs_item, ...) called at epan/dissectors/packet-bthci_evt.c:4712 with type FT_UINT32
(allowed types are {'FT_NONE'} )
Error: proto_tree_add_string(.., hf_kademlia_tag_hash, ...) called at epan/dissectors/packet-edonkey.c:1100 with type FT_BYTES
(allowed types are {'FT_STRINGZPAD', 'FT_STRINGZ', 'FT_STRING'} )
Error: proto_tree_add_string(.., hf_msmms_data_timing_pair, ...) called at epan/dissectors/packet-ms-mms.c:680 with type FT_NONE
(allowed types are {'FT_STRINGZPAD', 'FT_STRINGZ', 'FT_STRING'} )
Error: proto_tree_add_float_format_value(.., hf_fp_tpc_po, ...) called at epan/dissectors/packet-umts_fp.c:2405 with type FT_UINT8
(allowed types are {'FT_FLOAT'} )
Change-Id: I1ed0276ad9c810ca6b1b01d581c3d73ae28fb9ad
Reviewed-on: https://code.wireshark.org/review/38081
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
It is send from DCAgent to FSSO collector using UDP 8002 packet
It is based on analysis of protocol (and log)
Bug: 16657
Change-Id: I2e23a403a103c25820d714446d4e3245af04e876
Reviewed-on: https://code.wireshark.org/review/37547
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Look for calls to certain proto APIs that require hf items of a certain type,
then check that the items passed in have one of the allowed types.
Currently takes around a minute to scan epan/dissectors. There are
a few issues that have not yet been fixed..
Hopefully this can be added to the PetriDish at some point.
Change-Id: Ic9eadcc3f1de03223606b5dca1cb45edcbe95e85
Reviewed-on: https://code.wireshark.org/review/38039
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This commit replaces instances of
(myobj *)wmem_alloc(wmem_X_scope(), sizeof(myobj))
and replaces them with:
wmem_new(wmem_X_scope(), myobj)
to improve the readability of Wireshark's code.
Replacements were made with the following Python script:
import os
import re
import sys
pattern = r'\(([^\s\n]+) ?\*\) ?wmem_alloc(0?)\((wmem_[a-z]+_scope\(\)), sizeof\(\1\)\)'
replacewith = r'wmem_new\2(\3, \1)'
startdir = sys.argv[1]
for root, dirs, files in os.walk(startdir):
for fname in files:
fpath = os.path.join(root, fname)
if not fpath.endswith('.c'):
continue
with open(fpath, 'r') as fh:
fdata = fh.read()
output = re.sub(pattern, replacewith, fdata)
if fdata != output:
print(fpath)
with open(fpath, 'w') as fh:
fh.write(output)
Change-Id: I223cb2fcce336bc99ca21c4a74e4cf758fd00572
Reviewed-on: https://code.wireshark.org/review/38088
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This fixes the change from https://code.wireshark.org/review/#/c/38087/
Change-Id: I43b3cb64bfd2f7398873804f1d4dd8821b050ef1
Reviewed-on: https://code.wireshark.org/review/38089
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Graham reported a shadowed variable issue with the variable index.
Changed the variable name so it no longer shadows index. That seems
to be an issue on Macs.
Change-Id: I2a6e9b6d70811aaf7b9f910ddc87ab926b3a0cec
Reviewed-on: https://code.wireshark.org/review/38058
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This proposal adds a new option '-b printname:<filename>' to dumpcap. If
used, dumpcap will print the name of each ring buffer file it creates
after it is closed. Allows the use of '-'/'stdout' and 'stderr'.
Use case: Since the file name is printed after the file is closed for
writing, an automated capture process can do something like the
following with the guarantee that the file in question will not be
changed.
dumpcap -i eth0 -b files:2 -b printname:stdout [-b ...] | \
while read cap_file_name ; do
# Do something with $cap_file_name
done
This sort of scripting is difficult in dumpcap's current form. Dumpcap
prints the names of new files to stderr as it *opens* them, so a script
attempting to use this must sleep for "-b duration:value" seconds plus
some fudge time to be sure it's getting a closed, unchanging file.
Change-Id: Idb288cc7c8c30443256d35c8cd4460a2e3f0861c
Reviewed-on: https://code.wireshark.org/review/37994
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Prepare for adding HTTP/3 support which depends on QUIC to provide an
stream of data. Reassembly code is mostly lifted from the TCP dissector
which shares similar characteristics.
Bug: 13881
Ping-Bug: 16761
Change-Id: Iba07dade111b740418b8b315d0485e200cdfe9f0
Reviewed-on: https://code.wireshark.org/review/38083
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Found using tools/check_tfs.py, included in this commit.
Here are the reports that were fixed here:
Examining:
All dissector modules
epan/dissectors/packet-assa_r3.c tfs_mortisepins_flags - could have used tfs_high_low from tfs.c instead: {High,Low}
epan/dissectors/packet-btle.c tfs_present_bit - could have used tfs_present_not_present from tfs.c instead: {Present,Not Present}
epan/dissectors/packet-dhcp.c tfs_fqdn_s - could have used tfs_server_client from tfs.c instead: {Server,Client}
epan/dissectors/packet-docsis-macmgmt.c mdd_tfs_on_off - could have used tfs_on_off from tfs.c instead: {On,Off}
epan/dissectors/packet-docsis-macmgmt.c mdd_tfs_en_dis - could have used tfs_enabled_disabled from tfs.c instead: {Enabled,Disabled}
epan/dissectors/packet-docsis-macmgmt.c req_not_req_tfs - could have used tfs_requested_not_requested from tfs.c instead: {Requested,Not Requested}
epan/dissectors/packet-docsis-tlv.c on_off_tfs - could have used tfs_on_off from tfs.c instead: {On,Off}
epan/dissectors/packet-docsis-tlv.c activation_tfs - could have used tfs_active_inactive from tfs.c instead: {Active,Inactive}
epan/dissectors/packet-docsis.c ena_dis_tfs - could have used tfs_enabled_disabled from tfs.c instead: {Enabled,Disabled}
epan/dissectors/packet-ecmp.c tfs_not_expected_expected - could have used tfs_odd_even from tfs.c instead: {Odd,Even}
epan/dissectors/packet-erf.c erf_link_status_tfs - could have used tfs_up_down from tfs.c instead: {Up,Down}
epan/dissectors/packet-h263.c on_off_flg - could have used tfs_on_off from tfs.c instead: {On,Off}
epan/dissectors/packet-h263.c cpm_flg - could have used tfs_on_off from tfs.c instead: {On,Off}
epan/dissectors/packet-interlink.c flags_set_notset - could have used tfs_set_notset from tfs.c instead: {Set,Not set}
epan/dissectors/packet-ip.c tos_set_low - could have used tfs_low_normal from tfs.c instead: {Low,Normal}
epan/dissectors/packet-ip.c tos_set_high - could have used tfs_high_normal from tfs.c instead: {High,Normal}
epan/dissectors/packet-isakmp.c flag_r - could have used tfs_response_request from tfs.c instead: {Response,Request}
epan/dissectors/packet-isis-lsp.c tfs_metric_supported_not_supported - could have used tfs_no_yes from tfs.c instead: {No,Yes}
epan/dissectors/packet-kerberos.c supported_tfs - could have used tfs_supported_not_supported from tfs.c instead: {Supported,Not supported}
epan/dissectors/packet-kerberos.c set_tfs - could have used tfs_set_notset from tfs.c instead: {Set,Not set}
epan/dissectors/packet-mac-lte.c mac_lte_scell_status_vals - could have used tfs_activated_deactivated from tfs.c instead: {Activated,Deactivated}
epan/dissectors/packet-p_mul.c no_yes - could have used tfs_no_yes from tfs.c instead: {No,Yes}
epan/dissectors/packet-pgm.c opts_present - could have used tfs_present_not_present from tfs.c instead: {Present,Not Present}
epan/dissectors/packet-rsl.c rsl_ms_fpc_epc_mode_vals - could have used tfs_inuse_not_inuse from tfs.c instead: {In use,Not in use}
epan/dissectors/packet-sita.c tfs_sita_on_off - could have used tfs_on_off from tfs.c instead: {On,Off}
epan/dissectors/packet-vines.c tfs_vine_rtp_no_yes - could have used tfs_no_yes from tfs.c instead: {No,Yes}
epan/dissectors/packet-vnc.c button_mask_tfs - could have used tfs_pressed_not_pressed from tfs.c instead: {Pressed,Not pressed}
27 issues found
Change-Id: I7e53b491f20289955c9e9caa8357197d9010a5aa
Reviewed-on: https://code.wireshark.org/review/38087
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Microsoft Network Monitor lets you capture on an 802.11 adapter either
in monitor mode or in non-monitor mode; frames captured in non-monitor
mode may have the Protected bit set in the 802.11 header, but are
decrypted and don't incclude encryption information, and may have the
A-MSDU Present flag set in the QoS Control field, but have just a
regular frame payload, not a sequence of A-MSDUs, in the payload field.
Dissect those frames correctly.
Bug: 16758
Change-Id: I42b7e9ce52faa80222692403fa7276c039644343
Reviewed-on: https://code.wireshark.org/review/38082
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Change-Id: I35991da41437617e816edfa3220f7de2705eac14
Reviewed-on: https://code.wireshark.org/review/38075
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add the `--capture-comment "comment"` option for appending pcapng
comments to the SHB of the output file(s).
Add the `--discard-capture-comment` option for removing pcapng comments
present in the input file SHB(s) before writing to the output file(s).
Supports multiple comments per SHB. Noted in the documentation that
Wireshark itself doesn't support multiple comments.
Bug: 15033
Change-Id: If07a4e7a93505438639018783a11343cd5992f2a
Reviewed-on: https://code.wireshark.org/review/38074
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
In dcm_export_create_object(), don't assume that assoc->ae_calling and
assoc->ae_called are non-null; if we don't have an A-ASSOCIATE request
earlier in the capture, which we are not guaranteed to have, the called
and called AE titles won't be set.
Bug: 16748
Change-Id: I7d6d22d1c23e28b1f0967a803d0d89609a421712
Reviewed-on: https://code.wireshark.org/review/38077
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
The "monitor mode" flag was called "netmon_802_11.op_mode.on", not
"netmon_802_11.op_mode.mon". Fix that.
Change-Id: I4a712c1d5fa7c7e43335d83c0f40ace4358a881c
Reviewed-on: https://code.wireshark.org/review/38069
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
"XXX isn't a valid time format" could be read as "XXX isn't a valid
format to use for times" in the sense of, for example, a format argument
to strftime() or strptime(). It's also a date *and* time, so just say
it "isn't a valid date and time".
Change-Id: I7e0f01914c5e16b7eaa89b798cf94a2964fc764c
Reviewed-on: https://code.wireshark.org/review/38068
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Have separate Boolean flags to indicate whether the start and stop times
were specified, rather than having a value of 0 meaning it wasn't.
Change-Id: Ie9968ebd588df6b150062caa50f0b23e6f77f214
Reviewed-on: https://code.wireshark.org/review/38067
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Only check whether the start time is after the stop time if both a start
time and a stop time were specified.
Change-Id: I864480a789c52312dc934c217910e7b68597f066
Reviewed-on: https://code.wireshark.org/review/38066
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Use ws_strtou32() so that we're guaranteed to produce a value that fits
in a 32-bit integer (and don't get a narrowing warning on LP64 platforms
for converting a long to an int), and then make sure it's less than one
billion.
Note, while we're at it, that you can, for example, specify a date of
2020-10-40 and it won't produce an error.
Change-Id: I26c36d346cfa5c2bdc9ecdbdf821a9bc3529c940
Reviewed-on: https://code.wireshark.org/review/38065
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
I haven't been able to find the appropriate spec, but either there is a
limit to the number of features bytes to add and this patch is needed,
or the (i < 8) part should be dropped. As it is the other data and
expert info for 'unknown' fields will never be reached.
Detected by cppcheck:
epan/dissectors/packet-bthci_cmd.c:9183:72: warning: Condition 'i<8' is always true [knownConditionTrueFalse]
while (tvb_captured_length_remaining(tvb, offset) > 0 && i < 8) {
^
epan/dissectors/packet-bthci_cmd.c:9181:25: note: Assignment 'i=0', assigned value is 0
guint8 i = 0;
^
epan/dissectors/packet-bthci_cmd.c:9183:72: note: Condition 'i<8' is always true
while (tvb_captured_length_remaining(tvb, offset) > 0 && i < 8) {
Change-Id: Icfef0e9142a58aa1c525df9b7daf0aa820039167
Reviewed-on: https://code.wireshark.org/review/38049
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Also, take into account length of GUID before
adding expert info for not-decoded data afterwards.
Change-Id: I3e3ee2fc014bc7ace477015b21b2d6ca9127a6be
Reviewed-on: https://code.wireshark.org/review/38062
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
When checking a filter the status message should always be pop'ed when
having an empty filter, regardless of having the clear button or not.
This will ensure the status message is removed when removing a display
filter using DisplayFilterEdit in other dialogs than Main.
Change-Id: I3c9a4933cd0c60ab624ea1939ffafecb58b3ffd5
Reviewed-on: https://code.wireshark.org/review/38052
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: Ic52b45a00684a036e51e0eaad6a2f878fbe86232
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Reviewed-on: https://code.wireshark.org/review/38063
|
|
Allow user to specify time resolutions as fine as 1 nanosecond for the
start and stop times (-A and -B options) for editcap. Uses `nstime_t`
for the user options and `nstime_cmp()` to compare with packet
timestamps.
Change-Id: I2340bc4830c7d9a6b17a5e53fa4e8837e231bcb6
Reviewed-on: https://code.wireshark.org/review/38057
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This matches the description at
https://www.museek-plus.org/wiki/SoulseekProtocol,
where some fields are uint32 but many are just 'int'.
Change-Id: I192aaf9ca84ccee7b52d266083bbbd8baef28685
Reviewed-on: https://code.wireshark.org/review/38060
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Fix some status message and tooltip issues introduced when enabling
autocomplete on find packet search in g0162ba73.
1. Enable or disable completion only when search type is changed.
This setting is used in checkDisplayFilter(), which used to be
called *before* changing allowCompletion in updateWidgets(), and
this was causing issues with wrong status messages.
2. Check filter (usually triggered by changes in the search line)
or reset filter syntax (added by DisplayFilterEdit) when search
type is changed. This will trigger an update of the status message
and the tooltip.
3. Stop checking display filter if not doing completion (not display
filter search). This will avoid setting a status message from a
previous illegal display filter.
Ping-Bug: 16638
Change-Id: I1534d9494cc4d7b7a0583cb845c091ae709458ae
Reviewed-on: https://code.wireshark.org/review/38061
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Some heuristic functions (example: dtls over stun) perform exact checks on
paylaod length, so we need to skip any padding added by TURN layer
(RFC 5766, 11.5).
Bug: 16756
Change-Id: Iaaf3dc83fbc5f5f8d0af1cabfe94861480fe7c98
Reviewed-on: https://code.wireshark.org/review/38042
Tested-by: Petri Dish Buildbot
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
Pop the filter syntax message in search frame when changing search type
and when hiding the widget to avoid having outdated status messages.
Change-Id: I87c63c070621cff0d5ecebc2fcd41f9d7c02adec
Reviewed-on: https://code.wireshark.org/review/38051
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Move attribute padding out of individual attributes to end of attribute loop
Error codes update
Change-Id: Ifc4617be9d78d432c2f12a04d80f4fa3c5bec54b
Reviewed-on: https://code.wireshark.org/review/38048
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Petri-Dish: Jörg Mayer <jmayer@loplof.de>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: Ibaa5b074a1d98a5be17e5f1514c5666a64fefafb
Reviewed-on: https://code.wireshark.org/review/38050
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
code to dissect PASSWORD-ALGORITHMS and PASSWORD-ALGORITHM attributes is
ready to go.
Change-Id: I6fcfb1da49c596a11b3c5b0e3dce51e47f1f7c1c
Reviewed-on: https://code.wireshark.org/review/38047
Reviewed-by: Guy Harris <gharris@sonic.net>
|