| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This allows taps that can fail to report an error and fail; a failed
tap's packet routine won't be called again, so they don't have to keep
track of whether they've failed themselves.
We make the return value from the packet routine an enum.
Don't have a separate type for the per-packet routine for "follow" taps;
they're expected to act like tap packet routines, so just use the type
for tap packet routines.
One tap packet routine returned -1; that's not a valid return value, and
wasn't one before this change (the return value was a boolean), so
presume the intent was "don't redraw".
Another tap routine's early return, without doing any work, returned
TRUE; this is presumably an error (no work done, no need to redraw), so
presumably it should be "don't redraw".
Clean up some white space while we're at it.
Change-Id: Ia7d2b717b2cace4b13c2b886e699aa4d79cc82c8
Reviewed-on: https://code.wireshark.org/review/31283
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This keeps it in the same resolution as the dns.time field.
Ping-Bug: 15382
Change-Id: Ibacf8761819c0fac2e87fa147f7381336ce5cb39
Reviewed-on: https://code.wireshark.org/review/31223
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 4234
Change-Id: Ibd59809b2dd9890a7851eb57ef7af384e280a74b
Reviewed-on: https://code.wireshark.org/review/31222
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The stat tree API only supports 32-bit integers and if nanosecond resolution
is used correctly it's easy to hit integer overflow issues on even a fairly
small capture file trying to sum up response times.
Bug: 15382
Change-Id: I15d2cfbdbec7b0bef2bcfe1afe4f6eb6fc1d2456
Reviewed-on: https://code.wireshark.org/review/31217
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I913fdeb3cc827347b0ef11d10f03981c59cad1df
Reviewed-on: https://code.wireshark.org/review/30526
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I995b0c93cef0f0b15b4a8115408b68bd7f4e12a3
Reviewed-on: https://code.wireshark.org/review/30523
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Handle DoH messages specially, use the HTTP/2 Stream ID for matching
requests with responses. Fixes misleading "retransmission" expert infos
and properly link (successive) requests with (out-of-order) responses.
Change the "Protocol" column to "DoH" while at it.
Change-Id: I42b22c5c8560ee029051dcb3561e188572a4245f
Ping-Bug: 14433
Reviewed-on: https://code.wireshark.org/review/29889
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
This is required for the latest version. The message type "dns/message"
was briefly used in draft -06, but it was changed in the next version.
Change-Id: If26e367b71b7e270cad2f61eaee76041f530273c
Ping-Bug: 14433
Reviewed-on: https://code.wireshark.org/review/29887
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Rename packet-ssl{,-utils}.[ch] to packet-tls{,-utils}.[ch].
Change-Id: I4732162ec131ddf0734b3dd191ccc9e48a76ce06
Reviewed-on: https://code.wireshark.org/review/29659
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
"maxname" is the size of the buffer which also includes the "null
label" (represented by the NUL byte). Do not write this past the end.
Bug: 14955
Change-Id: I51e2237741807aded7ffb82c178d7d7ce5123f78
Fixes: v2.9.0rc0-1142-g53e04b621c ("DNS: fix in expand_dns_name")
Reviewed-on: https://code.wireshark.org/review/28657
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Erika Szelleová <szelleerika@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
The function parsed the DNS name correctly, however, it did not indicate
that a given name is too long (more than MAX_DNAME_LEN bytes).
Bug: 14041
Change-Id: I4078db488a814ca2114c725d1a17e3ef757843c5
Reviewed-on: https://code.wireshark.org/review/28410
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
This allows code to initialize them without having to know the details
of the structure; the initializes should, and will, be changed if the
members of the structure are changed.
Change-Id: I93e6ebfcde9ceca17df696fcba4e8410c5afb175
Reviewed-on: https://code.wireshark.org/review/28501
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
According to RFC1035 there are limitations on the maximum length of DNS
names. The maximum length in the code was defined as 1025, this commit
changes it to 255. Also a new macro is introduced which holds the
minimum length of a DNS name.
Bug: 14041
Change-Id: Ic63b332b2a357e33728df183c05ab0e222faf13f
Reviewed-on: https://code.wireshark.org/review/28309
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Per RFC 2782, the name should follow the "_Service._Proto.Name" format.
If a malformed packet does not adhere to this and provides a zero-length
name, then wmem_strsplit returns NULL.
Bug: 14681
Change-Id: I7b9935238a9800a1526c8b694fd2c63d3b488d0b
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7416
Reviewed-on: https://code.wireshark.org/review/27499
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I9d867992e4f10c056c6070f0eb1aa0c8bb7cf117
Fixes: v2.5.2rc0-72-ga055e3c299 ("dns: skip stats if packet is within icmp.")
Reviewed-on: https://code.wireshark.org/review/27026
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Add 8-bit, 16-bit, 24-bit, and 32-bit "fetch signed value" routines, and
use them rather than casting the result of the 8/16/24/32-bit "fetch
unsigned value" routines to a signed type (which, BTW, isn't sufficient
for 24-bit values, so this appears to fix a bug
in epan/dissectors/packet-zbee-zcl.c).
Use numbers rather than sizeof()s in various tvb_get_ routines.
Change-Id: I0e48a57fac9f70fe42de815c3fa915f1592548bd
Reviewed-on: https://code.wireshark.org/review/26844
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 14574
Change-Id: Ibacb6955c227a21ab813c48aad463a666fe45c40
Reviewed-on: https://code.wireshark.org/review/26695
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Uli Heilmeier <openid@heilmeier.eu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The expand_dns_name() function is not used outside of the DNS dissector
(any more?). Remove the function declaration from the public header
file, make the function internal.
Change-Id: Ibba81fa68a0dfd195ca3bbfca3eca20c39cc01f4
Reviewed-on: https://code.wireshark.org/review/26698
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I25894fd4e28002f75e43b7a6fd7bec58889e0590
Reviewed-on: https://code.wireshark.org/review/26538
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I0f1866361ce60713535b1875fc9b75fe049f1790
Reviewed-on: https://code.wireshark.org/review/26537
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I1af293a9dc53869858dafc5921792aa3fbbfe766
Reviewed-on: https://code.wireshark.org/review/26536
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
They include:
- request-response time
- unsolicited response count
- retransmissions count
Change-Id: I01398bf1a88a23fb7850715f256b178c66d933a4
Reviewed-on: https://code.wireshark.org/review/26535
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
This should squelch a warning from Visual Studio Code Analyzer.
Change-Id: Ie66e45276458a6f880c9b020ff541b7d2a71433a
Reviewed-on: https://code.wireshark.org/review/26184
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Add support for POST requests, and GET and POST responses containing a
DNS (UDP) payload. GET requests are still unsupported.
(DOH is sent over HTTP2/TLS/TCP which means that a special check is
needed in dissect_dns to avoid matching DNS over TCP).
Change-Id: I82bfcda068baf6f06c5a0159d73e6d40d1d9a758
Ping-Bug: 14433
Reviewed-on: https://code.wireshark.org/review/25806
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This means we don't lose alignment information that causes spurious
compiler warnings.
Change-Id: I721f180c137bcffbcf7edf88cf8caf52c33fa545
Reviewed-on: https://code.wireshark.org/review/25842
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add a preference to the DNS dissector to specify how many seconds can
elapse before a DNS query is considered a retransmission because the
transaction ID is shared with a previous request.
If retransmission is found, add expert info and hf_ field linking to
the original request.
If a retransmission of a response is found, add expert info and hf_ field
linking to the original response.
Bug: 14178
Bug: 13313
Change-Id: Idd77ab7f7638f5056d5690633c787a4d52285aee
Reviewed-on: https://code.wireshark.org/review/24525
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
That allows a parallel typedef of ws_in4_addr for guint32.
Change-Id: I03b230247065e0e3840eb87635315a8e523ef562
Reviewed-on: https://code.wireshark.org/review/24073
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
It avoids leaking memory in case an exception is thrown during
dissection
Change-Id: Iab72bcb4cc1ac56e7ce5ff2693e3111aead03e7d
Reviewed-on: https://code.wireshark.org/review/23464
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I1bb25125d9bd7b62b5784bd43d933dc5ff13987c
Reviewed-on: https://code.wireshark.org/review/23005
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I710d9c519ccf012d3e74e7c2087d0f9fc5cfca12
Reviewed-on: https://code.wireshark.org/review/23004
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Id0f9fd6d49669f5d4606448788658e5a8ed89f8d
Reviewed-on: https://code.wireshark.org/review/23003
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Iec47e262beb9600fc6596242c4ce0d56162be74f
Reviewed-on: https://code.wireshark.org/review/22881
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Add support for draft-bellis-dnsop-xpf to the DNS dissector:
- Parse the XPF additional RR (currently using a temp value of 65422)
Bug: 13928
Change-Id: I2d4fa23a8d3828db483bc41fafe6cbd8885514dc
Reviewed-on: https://code.wireshark.org/review/22803
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The LOC records LATITUDE and LONGITUDE angle values may become too
large. Find these and stop conversion into invalid values.
Bug: 13914
Change-Id: Ia01ac1ecf5080350454f06536c9be1cf758d6f3c
Reviewed-on: https://code.wireshark.org/review/22847
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
When getting the (partial) IPv4 address make sure to pass the full
32 bits of the address when adding the proto tree item.
Bug: 13923
Change-Id: I5b849705e723efd1269a64ee28b8d93724ab769a
Reviewed-on: https://code.wireshark.org/review/22838
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I56b99941db63ca87cd233112967592c948d2a390
Reviewed-on: https://code.wireshark.org/review/22361
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This was inspired by using the Decode-As UI to decode Field "SSL TCP Dissector"
Value (port) XXX as YYY. "SSL Port" makes more sense as the UI name.
Change-Id: Id6398a5dc79e32bddc4f1bfcf0a468ae1364808f
Reviewed-on: https://code.wireshark.org/review/19573
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Previously the number of allowed pointers within a message is equal to
the data in a tvb (16575 in one example). This is still expensive, so
implement an alternative detection mechanism that looks for a direct
self-loop and limits the total pointers to about 256.
Bug: 13633
Change-Id: I803873e24ab170c7ef0b881d3bdc9dfd4014de97
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1206
Reviewed-on: https://code.wireshark.org/review/21507
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
found by gcc7
and add also a missing (optional) break after default
Change-Id: I03d594db4702ccb4ebab3fca6b071d323e7f8d39
Reviewed-on: https://code.wireshark.org/review/20994
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Get rid of extra blank lines.
Clean up indentation.
Use the same style for switch statements inside cases for the main
switch statement in dissect_dns_answer() that's used for the main switch
statement.
Change-Id: I77da88a9ffcbf176d27e16222e75c778202c651b
Reviewed-on: https://code.wireshark.org/review/20907
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Bug: 13548
Change-Id: I4c018ae7a46ebb3e667004293b3f6e180f9d693f
Reviewed-on: https://code.wireshark.org/review/20855
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
When a packet contains multiple conflicting names for the same address,
it would result in modification of the resolved name every time this DNS
packet is selected. In Qt, this causes a periodic (one second)
redissection of the current (DNS!) packet which interferes with user
interaction. To avoid this, only add the address on the first visit.
Bug: 13533
Change-Id: Ic71515131da4d666bfd589df9ff90a866a30778c
Reviewed-on: https://code.wireshark.org/review/20800
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add some new encodings for absolute time stamps, and use them as
appropriate; this fixes some cases where the time stamps in question
were being dissected incorrectly.
For the encodings with seconds and 1/2^32s of a second, don't
arbitrarily give only microsecond resolution; 2^32 is greater than 1
million, and, in fact, at least some NTP RFCs explicitly talk about time
resolution greater than 1 microsecond.
Update references in the RELOAD dissector to reflect the documents in
question having been updated and published as RFCs.
Change-Id: Icbe0b696d65eb622978eb71e99ddf699b84e4fca
Reviewed-on: https://code.wireshark.org/review/20759
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I39a8c6639174e73f90bc4c3d8bccf628c3a477c3
Reviewed-on: https://code.wireshark.org/review/20179
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ifbee604f25c27076750f41ada9dfef6157ac7819
Reviewed-on: https://code.wireshark.org/review/20180
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
All cases of the "original" format_text have been handled to add the
proper wmem allocator scope. Remove the "original" format_text
and replace it with one that has a wmem allocator as a parameter.
Change-Id: I278b93bcb4a17ff396413b75cd332f5fc2666719
Reviewed-on: https://code.wireshark.org/review/19884
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows for a wmem_allocator for users of format_text who want
it (dissectors for wmem_packet_scope()). This lessens the role of
current format_text functionality in hopes that it will eventually
be replaced.
Change-Id: I970557a65e32aa79634a3fcc654ab641b871178e
Reviewed-on: https://code.wireshark.org/review/19855
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ib376127546aa15806ed37a7c26fe29b0fa80225c
Reviewed-on: https://code.wireshark.org/review/19722
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
