Age | Commit message (Collapse) | Author | Files | Lines |
|
Try to improve address API and also fix some constness warnings
by not overloading the 'data' pointer to store malloc'ed buffers
(use private pointer for that instead).
Second try, now passing test suite.
Change-Id: Idc101cd866b6d4f13500c9d59da5c7a38847fb7f
Reviewed-on: https://code.wireshark.org/review/13946
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
1. More Identity attributes
2. Port attributes
3. Set Attribute List request highlighted too much attribute data
4. TCP/IP object, Attr 5 needs padding
5. Switch most attributes to use wrappers instead of dissect_epath() directly.
6. Change new Volume 8 attributes to treat path size as words instead of bytes, when parsing size+EPATH formats.
Change-Id: I1b8c476475c6fbb9c7cdb99ec4a6c28934631a19
Reviewed-on: https://code.wireshark.org/review/13898
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This reverts commit 13ec77a9fc3af3b0b502820d0b55796c89997896.
This commit introduces a segmentation fault for Lua code (uncovered by the test suite).
Change-Id: Ibc273d1915cda9632697b9f138f0ae104d3fb65e
Reviewed-on: https://code.wireshark.org/review/13813
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Try to improve 'address' API (to be easier/safer) and also avoid
some constness warnings by not overloading the 'data' pointer to
store malloc'ed buffers (use private pointer for that instead).
Change-Id: I7456516b12c67620ceadac447907c12f5905bd49
Reviewed-on: https://code.wireshark.org/review/13463
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
This includes request/response tracking
Change-Id: I12ac4c198929aa6a75f3f839f9ee52ebf00b8059
Reviewed-on: https://code.wireshark.org/review/13743
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: D. Ulis <daulis0@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
These objects are defined in Volume 8, but it doesn't make sense to create a new dissector file for them, so just distribute them where it makes the most sense in the existing CIP dissectors.
Also do some conversions to proto_tree_add_bitmask while in the neighborhood.
Add support for EtherNet/IP over DTLS/TLS.
Change-Id: I4e658e8871eebb222816229de7594ff766264308
Reviewed-on: https://code.wireshark.org/review/13710
Reviewed-by: D. Ulis <daulis0@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
externed global variable.
Change-Id: Id8156680d67d65d87c156df05e8a66e2531728d2
Reviewed-on: https://code.wireshark.org/review/13709
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
1. ENIP: When there is more than one ENIP command in a given TCP packet, display both in the Info column. Previously, only 1 would be displayed.
2. CIP: Services need a context to be able to interpret properly. Display the Class or Symbol name in the Info column in an object oriented manner for Request Paths, or Connection Paths.
3. CIP: Display the request path/service in a CIP response, instead of just "Success". These changes make it visually easier to identify traffic.
4. CIP: For the Info column, make Multiple Service Packet formatting a little more consistent regarding the divider between embedded packets. Previously, it would display 2 different separator types "," and "|".
5. CIP: Add preference to enable/disable "Display enhanced Info column data"
Change-Id: I7e95bc144588c0925137e01abbc814babb494d19
Reviewed-on: https://code.wireshark.org/review/13632
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
It's not tied to the frame_data structure any more, so it belongs by
itself.
Clean up some #includes while we're at it; in particular, frame_data.h
doesn't use anything related to tvbuffs, so don't have it gratuitiously
include tvbuff.h.
Change-Id: Ic32922d4a3840bac47007c5d4c546b8842245e0c
Reviewed-on: https://code.wireshark.org/review/13518
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Add fields for the absolute time stamp (and another field for a presence
flag for the absolute time stamp) and the packet encapsulation for the
packet.
This lets us remove the field for the packet encapsulation in the
frame_data structure; do so.
Change-Id: Ifb910a9a192414e2a53086f3f7b97f39ed36aa39
Reviewed-on: https://code.wireshark.org/review/13499
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Get Attributes All is a predefined list of existing attribute IDs for a given class. Add a new index for each attribute for their place in GetAttributesAll response. Then a hash table of classes for existing attributes are created to handle the GetAttributesAll service.
Added more TCP/IP object attributes since more have been added to the spec.
Moved TCP/IP object attributes all to ENIP dissector.
Bug: 11996
Change-Id: I7f50c9aadf04efdb17ef31f39e6a991c0a84bef2
Reviewed-on: https://code.wireshark.org/review/13186
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8933cbc250e3d1a3c6867f8166bc5b584b82211c
Reviewed-on: https://code.wireshark.org/review/12977
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I2384424c410e83d299e810467734bfc5428d1182
Reviewed-on: https://code.wireshark.org/review/12969
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
If the connection info is not available, ensure that enough connected data is available to meet the minimum explicit message size.
Change-Id: I6c8bf54dda4adbf23749d2a2c8c19f4ea2bc5222
Reviewed-on: https://code.wireshark.org/review/12520
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ie39ef054a4a942687bd079f3a4d8c2cc55d5f22c
Reviewed-on: https://code.wireshark.org/review/12485
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
EtherNet/IP
1. EtherNet Link object parsed Physical Address attribute response incorrectly.
2. Display Unknown Commands as ENIP instead of just TCP data.
CIP
1. For connected data, don't interpret it as a Message Router Request/Response format when the Forward Open connection was not directed to the Message Router. Previously, this data would be incorrectly shown as explicit CIP data. In many cases, this would show as malformed. This traffic will now just display as Data in the Wireshark tree, and "Implicit Data - Class (0x123)" in the Info column. Make this data filterable by "cip.conn_path_class == 0x123".
2. Fix parsing of Unconnected Send responses. Previously, for most cases, the response was not fully parsed, and would just show "Data", or it would parse the response as if the request class was the Connection Manager, which is incorrect. Now, also show the request path of the original embedded message in the tree.
3. Add some detailed error data for malformed Forward Close response.
Change-Id: I1c98ce516373d8c0ed6e049e25342f726bc370ea
Reviewed-on: https://code.wireshark.org/review/12339
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: D. Ulis <daulis0@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
EtherNet/IP
1. Only decode 32-bit header if there is enough data. Previously, this would show malformed data, even for I/O packets that have no data, eg: heartbeat data.
2. Typos
CIP
1. Many Time Sync attribute responses were flagged incorrectly as malformed.
2. Create service response highlighted the instance number incorrectly, and showed warnings.
3. Set Attribute List Request should exit early if it doesn't know about a particular attribute.
4. Incorrect format for Safety Network Segment: Router Format.
5. Typos
Change-Id: I506dbb053c247bc8efcbde2cce6ab24d9550c897
Reviewed-on: https://code.wireshark.org/review/12321
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Picking off "easy" dissectors that only have one or two exit points at most.
Change-Id: Ie514f126352e7598acc4f7c38db9c61d105d5e48
Reviewed-on: https://code.wireshark.org/review/11850
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The target here is the Decode As dialog where protocols have multiple registrations into a dissector table and that shows up as multiple entries in the Decode As dialog list with the same name so users are unsure which "dissector" they are choosing.
The "default" behavior (done in this commit) is to not allow duplicates for a dissector table, whether its part of Decode As or not. It's just ENFORCED for Decode As.
Bug: 3949
Change-Id: Ibe14fa61aaeca0881f9cc39b78799e314b5e8127
Reviewed-on: https://code.wireshark.org/review/11405
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Rename the color_dissector_filters.[ch] files to just
dissector_filters.[ch], and rename the routines not to include the
string "color_", as those filters can be used as color filters *or*
display filters.
Remove "color_" from other places where we're not doing colorization.
In the GTK+ code, combine the two loops that add menu items for filters
in the dissector-provided filters list into one.
Change-Id: I08ecccc6b1b1be675e4129a0589f36c9f240407c
Reviewed-on: https://code.wireshark.org/review/11379
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
registration.
In the GTK, there was "colorize" (via context menu using color_dissector_filter.{c,h}) or "not colorize" (via main menu using dissector_filters.{c,h}). In Qt, you have the option to colorize (via context menu using color_dissector_filter.{c,h}) or not colorize (via main menu using color_dissector_filter.{c,h}).
Combine all into "colorize" and convert GTK to use color_dissector_filter.{c,h} in the "not colorize" main menu like Qt.
Change-Id: Ib3ca1c822f5f66ab5b812632d808f7905b328483
Reviewed-on: https://code.wireshark.org/review/11263
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8cfd1c223c70c7e03728af8b2f7cbf9354d7ad86
Ping-Bug: 3949
Reviewed-on: https://code.wireshark.org/review/10865
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
While IPv4 subnet masks are obviously related and similar to IPv4
addresses, they are distinct enough that they need to be treated
seperately in some aspects. For instance, there is no value in
attempting to resolve a subnet mask.
This change creates a new display type: BASE_NETMASK, which allows distinction from FT_IPv4
(and possible name resolution) where appropriate.
Change-Id: I99e19c9a58eb613f8e58d481af84c30e2e5e14d7
Reviewed-on: https://code.wireshark.org/review/10438
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This patch moves g_hash_table_destroy calls from the init routine to
the cleanup routine. Besides that, the conditional check for the hash
table has been removed, assuming that init is always paired with a
cleanup call.
If reassembly_table_init is found, a reassembly_table_destroy call is
prepended to the cleanup function as well.
Comments have been removed from the init function as well as these did
not seem to have additional value ("destroy hash table" is clear from
the context).
The changes were automatically generated using
https://git.lekensteyn.nl/peter/wireshark-notes/diff/one-off/cleanup-rewrite.py?id=4d11f07180d9c115eb14bd860e9a47d82d3d1dcd
Manually edited files (for assignment auditing): dvbci, ositp, sccp,
tcp.
Other files that needed special attention due to the use of
register_postseq_cleanup_routine:
- ipx: keep call, do not add another cleanup routine.
- ncp: remove empty mncp_postseq_cleanup. mncp_hash_lookup is used
even if a frame is visited before (see dissect_ncp_common), hence
the hash table cannot be destroyed here. Do it in cleanup instead.
- ndps: add cleanup routine to kill reassembly table, but do not
destroy the hash table as it is already done in ndps_postseq_cleanup.
Change-Id: I95a72b3df2978b2c13fefff6bd6821442193d0ed
Reviewed-on: https://code.wireshark.org/review/9223
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I56260a82b19001ab2f87f4be34a9510f127f841f
Reviewed-on: https://code.wireshark.org/review/9050
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I9d7c0f296176679b61d7ee0c4358ce409dfc4f4f
Reviewed-on: https://code.wireshark.org/review/7895
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Add a CF_FUNC macro to match VALS, TFS, etc. This should help us to avoid
the following warning:
warning: ISO C forbids initialization between function pointer and 'void *' [-Wpedantic]
We could start adding DIAG_OFF+DIAG_ON everywhere but this seems to be
more consistent with the other macros in proto.h. Update each instance
of BASE_CUSTOM to use CF_FUNC.
Adjust a dummy variable name generated by asn2wrs.py that was triggering
an invalid error in checkhf.pl.
Fix an encoding arguement in packet-elasticsearch.c found by
fix-encoding-args.pl.
Change-Id: Id0e75076c2d71736639d486f47b87bab84e07d22
Reviewed-on: https://code.wireshark.org/review/7150
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Change-Id: Ic918c27f36569572523a17abb172b94cc32f2e3b
Reviewed-on: https://code.wireshark.org/review/6786
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I3681462aeb98ca62ed3ec5eb226b2553317391a9
Reviewed-on: https://code.wireshark.org/review/5997
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
cut/paste errs
Change-Id: Id658b9e1803b2f5b92e711a3ce981ff602333d98
Reviewed-on: https://code.wireshark.org/review/5513
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
For:
- FT_BYTES: Always use just ENC_NA
- integral/floating (other than FT_[U]INT8): Do ENC_NA --> ENC_BIG_ENDIAN
Also:
- FT_UINT... --> FT_UINT8 in a few cases (to match proto_tree_add_item...)
- Change one case of incorrect '||' to '|'
Change-Id: I427e0e61618ff8faf55691c8a695930f67d455b0
Reviewed-on: https://code.wireshark.org/review/4184
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I398e9cf4f6882e76644aa758e12c39a39159e95f
Reviewed-on: https://code.wireshark.org/review/3319
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I525ac2aae2bdbfd5f3a2f3b35f1bf10dde053f66
Reviewed-on: https://code.wireshark.org/review/2667
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html
This reverts commit 246fe2ca4c67d8c98caa84e2f57694f6322e2f96.
Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9209c1271967405c34c1b6fa43e1726a4d3a5a3f
Reviewed-on: https://code.wireshark.org/review/2377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
tvb_new_subset -> tvb_new_subset_remaining it appears that's what the intention is.
Change-Id: I2334bbf3f10475b3c22391392fc8b6864454de2d
Reviewed-on: https://code.wireshark.org/review/1999
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
present in capture for generated filter to work properly.
Change-Id: I8e442dff85ef856672f42e787feb88453eba6f0e
Reviewed-on: https://code.wireshark.org/review/1857
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
whitespace changes.
Change-Id: I6007c1b2098d06e4a892474dd07f06a7538f94ef
Reviewed-on: https://code.wireshark.org/review/1843
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: Ia69cbe9fea364c735bde956d84a82404b46ec236
Reviewed-on: https://code.wireshark.org/review/1810
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
I coincidentally found a few files with errors, so I thought it might be time to run it on the whole directory again.
Change-Id: Ia32e54b3b1b94e5a418ed758ea79807c8bc7e798
Reviewed-on: https://code.wireshark.org/review/978
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
svn path=/trunk/; revision=54209
|
|
svn path=/trunk/; revision=54137
|
|
svn path=/trunk/; revision=54135
|
|
svn path=/trunk/; revision=54092
|
|
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9470)
I'm not sold on the name or module the proto_data functions live in, but I believe the function arguments are solid and gives us the most flexibility for the future. And search/replace of a function name is easy enough to do.
The big driving force for getting this in sooner rather than later is the saved memory on ethernet packets (and IP packets soon), that used to have file_scope() proto data when all it needed was packet_scope() data (technically packet_info->pool scoped), strictly for Decode As.
All dissectors that use p_add_proto_data() only for Decode As functionality have been converted to using packet_scope(). All other dissectors were converted to using file_scope() which was the original scope for "proto" data.
svn path=/trunk/; revision=53520
|