| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Change-Id: I62a67c4fff4604a3d1e335500b2453bae4f95f37
Reviewed-on: https://code.wireshark.org/review/18223
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Handle Put Message Option V3
Add various new defines
Fix a typo
Bug: 13006
Change-Id: I022de9f131558bb8a0144d840a6484944f75cffe
Reviewed-on: https://code.wireshark.org/review/18121
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8fefb89116685b39567fe8041ca781612f67dbce
Reviewed-on: https://code.wireshark.org/review/18177
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This patch introduces new APIs to allow dissectors to have a preference for
a (TCP) port, but the underlying data is actually part of Decode As functionality.
For now the APIs are intentionally separate from the regular APIs that register a
dissector within a dissector table. It may be possible to eventually combine the
two so that all dissectors that register with a dissector table have an opportunity
to "automatically" have a preference to adjust the "table value" through the
preferences dialog.
The tcp.port dissector table was used as the guinea pig. This will eventually be
expanded to other dissector tables as well (most notably UDP ports). Some
dissectors that "shared" a TCP/UDP port preference were also converted. It also
removed the need for some preference callback functions (mostly when the callback
function was the proto_reg_handoff function) so there is cleanup around that.
Dissectors that has a port preference whose default was 0 were switched to using
the dissector_add_for_decode_as_with_preference API rather than dissector_add_uint_with_preference
Also added comments for TCP ports used that aren't IANA registered.
Change-Id: I99604f95d426ad345f4b494598d94178b886eb67
Reviewed-on: https://code.wireshark.org/review/17724
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This saves many dissectors the need to find the data dissector and store a handle to it.
There were also some that were finding it, but not using it.
For others this was the only reason for their handoff function, so it could be eliminated.
Change-Id: I5d3f951ee1daa3d30c060d21bd12bbc881a8027b
Reviewed-on: https://code.wireshark.org/review/14530
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Register dissector as "mq" (for Export SSL PDU) and consolidate
different heuristics dissector functions into one (TCP vs. non-TCP).
Make it possible to select mq for SSL and add heuristics.
Bug: 4652
Change-Id: Ib0812dc75dda3fe47f46a917f14399f4a92f5b76
Reviewed-on: https://code.wireshark.org/review/13856
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Picking off "easy" dissectors that only have one or two exit points at most.
Change-Id: I96aa9cf53533cbb07105aa400d42922baf3016b3
Reviewed-on: https://code.wireshark.org/review/11860
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Add new Const/Def for WMQ800 FP3
Improve Detection of EBCDIC String in MQCONN_REPLY
Add Value in comments
Change-Id: I695a3afa64fee7f22918f68540901c97dfd38464
Reviewed-on: https://code.wireshark.org/review/10012
Reviewed-by: Robert Grange <robionekenobi@bluewin.ch>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I1e6bf52fad1b1fffefc174a557ff836f400e8fd7
Reviewed-on: https://code.wireshark.org/review/9996
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 11384
Change-Id: If8c2010b38f65b8ee8569e2d2eee1554d6fdee9c
Reviewed-on: https://code.wireshark.org/review/9724
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
The preferences are still supported for backwards compatibility, but the heuristic_protos file has final say on the "preference" to enable/disable a heuristic dissector.
Also add parameter to heur_dissector_add() for the "default" enable/disable of a heuristic dissector. With this parameter, a few more (presumably weak) heuristic dissectors have been "registered" but of course default to being disabled.
Change-Id: I51bebb2146ef3fbb8418d4f5c7f2cb2b58003a22
Reviewed-on: https://code.wireshark.org/review/9610
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows better presentation of heuristic dissectors to the end user.
Change-Id: I2ff3985ab914e83c2989880cc0c7b9904045b3f6
Reviewed-on: https://code.wireshark.org/review/9602
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This patch adds reassembly_table_destroy calls as cleanup function for
dissectors which have a simple init routine that just calls
reassembly_table_init (comments are ignored).
The changes were automatically generated using
https://git.lekensteyn.nl/peter/wireshark-notes/diff/one-off/cleanup-rewrite.py?id=4cc0aec05dc67a51926a045e1955b7a956757b5e
(with the if and assignment parsers disabled).
The only difference from the autogenerated output is that the XXX
comments from the init routines in smb-pipe and tds dissectors are kept.
Change-Id: I64aedf7189877247282b30b0e0f83757be6199e7
Reviewed-on: https://code.wireshark.org/review/9222
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
http://www.bitterfilms.com/rejected.html
1) There is *NO* guarantee that you can safely dereference a misaligned
pointer.
2) There is *NO* guarantee that you are running on a little-endian
machine, so that an attempt to fetch a 32-bit integer through such a
pointer will fetch it in little-endian form.
Instead, fetch it using tvb_letohl(), which 1) doesn't care about
alignment and 2) always fetches in little-endian order.
Change-Id: I30ad6607b7c6d5047245bfcfdcbe757b02d02172
Reviewed-on: https://code.wireshark.org/review/8422
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Avoid using sort for string_value_ext. The string value are now
sorted at definition
Change-Id: I08452b0423289d04e55ed7e3573e74bfcc329865
Reviewed-on: https://code.wireshark.org/review/6488
Reviewed-by: Robert Grange <robionekenobi@bluewin.ch>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
You *CANNOT* defer it until dissection time, otherwise "tshark -G
values" will fail.
Change-Id: I4edf9abda271baaf916f020a211b9add5543ecc7
Reviewed-on: https://code.wireshark.org/review/6481
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Some value_string_ext are sorted only in the dissector,
and only once.
Adapted as said in comments.
Added test for sort in dissect_mq_spx
Change-Id: If72159fe96ab28a3ed540778d67996e152b4f110
Reviewed-on: https://code.wireshark.org/review/6444
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Otherwise it could trigger an exception
Change-Id: I280e3c5d9e5554e4be49035c03e0170ae4495e6e
Reviewed-on: https://code.wireshark.org/review/6463
Reviewed-by: Robert Grange <robionekenobi@bluewin.ch>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
the array given to qsort algorithm must be alterable
Change-Id: I811cade161b7635e9bc9e070c1ec37d2cce50d1f
Reviewed-on: https://code.wireshark.org/review/6420
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Add missing definition, add new definition, Reformat some lines
Re-order the value_string used with ext_value_string definition
so they are in asc ASCII order as the ext_value_string is now
sorted before first use
renamed own tvb_get... funct to new tvb_get_guintxx funct
and deleted own tvb_get... funct
use ptvcursor_ funct instead of own macro to increment offset
removed <epan/tvbuff.h> in *.c files
correct [-Wunused-const-variable]
Change-Id: Iaee26289e098cde0e5787ca1c98de64b6b733fa2
Reviewed-on: https://code.wireshark.org/review/6079
Reviewed-by: Robert Grange <robionekenobi@bluewin.ch>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Fourth batch (packet-mac-lte.c -> packet-rtp.c).
Will look at cleaning up and committing script afterwards.
Change-Id: Id921f07f4b274f0cfb77ce81abe4a285fdb8b644
Reviewed-on: https://code.wireshark.org/review/6023
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
This allows dissector lists to be looked up by name, so they can be
shared by multiple dissectors.
(This means that there's no "udplite" heuristic dissector list, but
there shouldn't be one - protocols can run atop UDP or UDPLite equally
well, and they share a port namespace and uint dissector table, so they
should share a heuristic dissector table as well.)
Change-Id: Ifb2d2c294938c06d348a159adea7a57db8d770a7
Reviewed-on: https://code.wireshark.org/review/5936
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I0c2bcd81955375abf3af24e42c70bea0bb960083
Reviewed-on: https://code.wireshark.org/review/5681
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Eliminate proto_tree_add_text for Expert Info
Improve PCF Parameters numeric value display
Change-Id: Ibc259ba05d0591d434e7638d91d6943101d45305
Reviewed-on: https://code.wireshark.org/review/5080
Reviewed-by: Robert Grange <robionekenobi@bluewin.ch>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Use of value_string_ext for big value_strign array, sort them, to force use the btree search
parse more integer value with value_string
Bug: 9367
Change-Id: I49625cf2d46e0974cddde2c7b1767cb7d06ec47d
Reviewed-on: https://code.wireshark.org/review/5037
Petri-Dish: Bill Meier <wmeier@newsguy.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
reported by Jean-Marc Lamond
Bug: 10597
Change-Id: I481fad9cd0b8d55e3dd3af00cde2897105547f13
Reviewed-on: https://code.wireshark.org/review/4898
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
packet-mq.c:3653: warning: declaration of 'tree' shadows a parameter
Change-Id: I1226dac3764b15a097378aed7696567b9224f4c4
Reviewed-on: https://code.wireshark.org/review/3457
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- handle RFH structure
- use tvb_reported_length...,
- Add Conversation/Request in row display
Change-Id: I84c5cf3e9479d91b363eb093e71bb6bdf07e8194
Reviewed-on: https://code.wireshark.org/review/3354
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The pStr argument to dissect_mq_charv() isn't modified (and always
points to a character string), so make it a "const char *", and
eliminate the casts to "guint8 *" in calls to it.
Change-Id: I21dad38c41324528be297a8ddc1854beff2276db
Reviewed-on: https://code.wireshark.org/review/2877
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I621f2e2cad9403449cb78f45302388f0c874d3bc
Reviewed-on: https://code.wireshark.org/review/2852
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Hopefully that name makes it clear what the routiner's purpose is, and
will encourage people to use it rather than using dissector_add_uint()
with a bogus integer value.
Change-Id: Ic5be456d0ad40b176aab01712ab7b13aed5de2a8
Reviewed-on: https://code.wireshark.org/review/2483
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html
This reverts commit 246fe2ca4c67d8c98caa84e2f57694f6322e2f96.
Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9209c1271967405c34c1b6fa43e1726a4d3a5a3f
Reviewed-on: https://code.wireshark.org/review/2377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
which can be used to call the found heuristic dissector on the next pass.
Introduce call_heur_dissector_direct() to be used to call a heuristic
dissector which accepted the frame on the first pass.
Change-Id: I524edd717b7d92b510bd60acfeea686d5f2b4582
Reviewed-on: https://code.wireshark.org/review/1697
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The majority of the fixes are for calls to uat_new(). Instead of
having each caller cast its private data to (void**), we use void*
in the uat_new() API itself. Inside uat_new(), we cast the void*
to void**.
Some dissectors use val64_string arrays, so a VALS64() macro was
added for those, to avoid using VALS(), which is useful only for
value_string arrays.
packet-mq.c was changed because dissect_nt_sid() requires
a char**, not a guint**. All other callers of dissect_nt_sid() use
char*'s (and take the address of it) for their local storage. So,
this was changed to follow the other practices.
A confusion between gint and absolute_time_display_e in packet-time.c
was cleared up.
The ugliest fix is the addition of ip6_guint8_to_str(), for exactly
one caller. The caller uses one type of ip6 address byte array,
while ip6_to_str() expects another. This new function is in place
until the various address implementations can be consolidated.
Add VALS64() to the developer documentation.
Change-Id: If93ff5c6c8c7cc3c9510d7fb78fa9108e4552805
Reviewed-on: https://code.wireshark.org/review/48
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
svn path=/trunk/; revision=54578
|
|
Add new Structure dissection
Fix some small issues
Reformat some part of code
use spaces instead of tabs for indentation
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9603
From me:
Remove some trailing whitespace;
Change a few tabs to spaces;
Change editor-modelines tab-width, etc to 8 (altho
not really relevant since tabs not being used).
svn path=/trunk/; revision=54489
|
|
See wireshark-dev message thread begining at:
https://wireshark.org/lists/wireshark-dev/201312/msg00156.html
svn path=/trunk/; revision=54226
|
|
svn path=/trunk/; revision=54095
|
|
fuzzing.
svn path=/trunk/; revision=54083
|
|
- Convert "4 space tabs" to spaces;
- Remove some unneeded initializers;
- 'offset++' --> 'offset += 1' for consistency;
- Reformat hf[] entries;
- Rework/add whitespace;
- Adjust editor modelines (set tab-width to 8).
svn path=/trunk/; revision=54005
|
|
Remove some unneeded initializers;
Also: packet-mq.c: Add an XXX coment.
svn path=/trunk/; revision=53244
|
|
svn path=/trunk/; revision=53230
|
|
"new" style dissectors.
Now that "bytes consumed" can be determined, should tcp_dissect_pdus() take advantage of that?
Should tcp_dissect_pdus return length (bytes consumed)? There are many dissectors that just call tcp_dissect_pdus() then return tvb_length(tvb). Seems like that could all be rolled into one.
svn path=/trunk/; revision=53198
|
