Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Used to support variable length in QUIC protocol
Bug: 13881
Change-Id: Ia274b1530152376c5fb4e364fc4cf5ab246be1b3
Reviewed-on: https://code.wireshark.org/review/24990
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Craig Jackson <cejackson51@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
error: comparison 'guint32' (aka 'unsigned int') <= 4294967295 is always true [-Werror,-Wtautological-constant-compare]
Change-Id: Id1f6a0a01dd897d263f7133a0d95aaecfba31e14
Reviewed-on: https://code.wireshark.org/review/24495
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows for the removal of epan/dwarf.[ch]
Functionality could probably be handled by an encoding (like dissect_uleb128),
but for now keep it in file-elf.c as that's the only functionality
currently using it.
Change-Id: I84cf6af02abb3d53ea7d9b774e3313d77a1ff497
Reviewed-on: https://code.wireshark.org/review/24486
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Also update ENC_VARINT_PROTOBUF documentation while we're at it
Change-Id: I72e1f9175adc0c6a8bb03ceddba04ffd4844a12e
Reviewed-on: https://code.wireshark.org/review/24485
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
git/epan/dissectors/packet-a21.c:478:25: error: 'item' was marked unused but was used
[-Werror,-Wused-but-marked-unused]
proto_item_append_text(item, "%s", val_to_str_const(event_id, a21_event_vals, "Unknown"));
^
Added manual change id because file-jpeg.c forced the use of commit -n
Change-Id: Iffff53d6253758c8454d9583f0a11f317c8390cb
Reviewed-on: https://code.wireshark.org/review/14666
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
datatypes.
'bitcoin.addr.count' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.inv.count' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.getdata.count' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.notfound.count' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.getblocks.count' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.getheaders.count' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.tx.input_count' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.tx.in.script_length' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.tx.output_count' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.tx.out.script_length' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.block.num_transactions' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.headers.count' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.merkleblock.flags.count' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.merkleblock.hashes.count' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.string.count' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'bitcoin.data.count' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'dcerpc.referent_id' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'dmp.body.id' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'edonkey.start_offset' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'edonkey.end_offset' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.entry' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.phoff' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.shoff' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.p_offset' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.p_vaddr' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.p_paddr' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.p_filesz' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.p_memsz' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.p_align' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.sh_addr' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.sh_offset' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.sh_size' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.sh_addralign' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.sh_entsize' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.symbol_table.value' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.symbol_table.size' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.dynamic.tag' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.dynamic.value' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.dynamic.pointer' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.dynamic.ignored' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'elf.dynamic.unspecified' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'h248.contextId' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'hcrt.data32' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'wlan_mgt.fixed.psmp.stainfo.reserved' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'isakmp.tf.attr.life_duration' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'isakmp.ike.attr.life_duration' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'jxta.message.element.content.length' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'rmt-lct.tsi' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'rmt-lct.toi' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'smb.alloc_size' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
'trmac.response_code' exists multiple times with NOT compatible types: FT_UINT64 and FT_UINT32
Change-Id: I903933e6448bac3d3374eef1a6a0bc4771c1a9f4
Reviewed-on: https://code.wireshark.org/review/14060
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ie39ef054a4a942687bd079f3a4d8c2cc55d5f22c
Reviewed-on: https://code.wireshark.org/review/12485
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The preferences are still supported for backwards compatibility, but the heuristic_protos file has final say on the "preference" to enable/disable a heuristic dissector.
Also add parameter to heur_dissector_add() for the "default" enable/disable of a heuristic dissector. With this parameter, a few more (presumably weak) heuristic dissectors have been "registered" but of course default to being disabled.
Change-Id: I51bebb2146ef3fbb8418d4f5c7f2cb2b58003a22
Reviewed-on: https://code.wireshark.org/review/9610
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows better presentation of heuristic dissectors to the end user.
Change-Id: I2ff3985ab914e83c2989880cc0c7b9904045b3f6
Reviewed-on: https://code.wireshark.org/review/9602
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ib7df1e2c40ad86866f5a3d6902a7a92144028be7
Reviewed-on: https://code.wireshark.org/review/8620
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
(I guess newer versions of GCC/Clang know that dissect_eh_frame() is
never called with a segment_size of 0, so the loop is traversed at least
once. NOTE: if it ever *is* called with a segment_size of 0, then
that's a genuine bug and needs to be fixed.)
Also, segment_size is used; no need to mark it as unused.
Change-Id: I63b7a580a853b55f22494de73b4c4e6f9a387647
Reviewed-on: https://code.wireshark.org/review/5591
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Fixes, matching LSB 4.1[1] and the AMD64 ABI[2]:
- Multiple CIE entries can exist after the first one. Introduce a CFI
subtree and add CIE and FDE records below it. Merge comon parsing
functionality of CIE/FDE. A CIE terminator is treated specially, and
added instead of a CFI subtree.
- Validate the header length before using it to avoid a dissector
assert. This condition is triggered by a binary produced by a buggy
gold linker[3].
- Add two expert items: one to detect an invalid CIE length (too small
or too large) and one to detect a segment which is larger than the
CFI records (to catch the gold linker bug[3] where the segment begins
with zeroes).
- Do not overload the elf.eh_frame.length field with the value of the
Extended Length, instead use elf.eh_frame.extended_length (likewise
for FDE).
- Stop tracking the subsection size with another variable
(remaining_length), just store the end of the entry.
- Fix typos in descriptions, improved / shortened field descriptions.
Tested with the 'bad' and 'good' binary from bug 10726 as well as the
'a' binary from bug 8818 (which introduced this code). Decodes properly.
[1]: https://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/ehframechpt.html
[2]: http://www.x86-64.org/documentation/abi.pdf
[3]: https://sourceware.org/bugzilla/show_bug.cgi?id=17639
Bug: 10726
Change-Id: I523600b8141bd8953ae468051a57357ab199a258
Reviewed-on: https://code.wireshark.org/review/5488
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
|
|
Displays the FDE Count as a number, not a series of bytes.
Change-Id: I60dd426cb5305a5001a8200578008b7c4a99c64e
Reviewed-on: https://code.wireshark.org/review/5489
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
|
|
cut/paste errs
Change-Id: Id658b9e1803b2f5b92e711a3ce981ff602333d98
Reviewed-on: https://code.wireshark.org/review/5513
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
This makes it easier to focus on a single section entry, collapsing all
other entries.
Change-Id: I3de72065eb279e9449496a7224508e5be85c3757
Reviewed-on: https://code.wireshark.org/review/5456
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Id8eba103b9edd54bdfdea9144c807c3fbe0cb4e4
Reviewed-on: https://code.wireshark.org/review/3353
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Hopefully, this will fix the warnings from the buildbot that entry_item
was used without being set.
Change-Id: Ibfd921bfbbad68cd8eafd1e3ad3d178cfca03d6e
Reviewed-on: https://code.wireshark.org/review/2547
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I358bfaa4e5d40cd01b766f614f8bd0dbaf611dd0
Reviewed-on: https://code.wireshark.org/review/2508
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html
This reverts commit 246fe2ca4c67d8c98caa84e2f57694f6322e2f96.
Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9209c1271967405c34c1b6fa43e1726a4d3a5a3f
Reviewed-on: https://code.wireshark.org/review/2377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9607)
This is a VERY PRELIMINARY version of tfshark. It's an attempt to jumpstart FileShark and its architecture. Right now it's mostly just a very stripped down version of tshark with all of the necessary build modifications (including now building filetap library since tfshark depends on it)
This code has helped me identify what I believe to be all of the necessary layers for a complete fileshark architecture. And those layers will slowly be added in time (patches always welcome!).
svn path=/trunk/; revision=54646
|
|
warning C6385: Invalid data: accessing 'tag_to_type', \
the readable size is '136' bytes, but '140' might be read
svn path=/trunk/; revision=54099
|
|
'tag_to_type', the readable size is '136' bytes, but '540' bytes might be read
svn path=/trunk/; revision=53984
|
|
Do a few trivial whitespace tweaks.
svn path=/trunk/; revision=53549
|
|
svn path=/trunk/; revision=53353
|
|
svn path=/trunk/; revision=52875
|
|
accessing tag_to_type[tag]: while the array is made of enums and the values of
the enum will fit in a guint8 (making the conditional safe) compilers don't
*have* to "right size" the storage for the enum. They very well could be lazy
and store the enum in int's.
Replace it with a macro that tells us the size of the array.
svn path=/trunk/; revision=52842
|
|
Move a URL from in the middle of the copyright notice to up where it (appears
to) belong.
svn path=/trunk/; revision=52839
|
|
Actually tested on 32-bit XP vm, so should really work this time.
svn path=/trunk/; revision=52800
|
|
Fix offset values
Still some warnings remaining.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8818
svn path=/trunk/; revision=52789
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8818
Add support for dissection ELF files. It opens as a "capture" file via wiretap
at the moment for simplicity's sake, but the intention is eventually to have
this (and other file types we dissect) open through some other program sharing
much of the libwireshark infrastructure.
svn path=/trunk/; revision=52775
|