Age | Commit message (Collapse) | Author | Files | Lines |
|
Remove init of proto, header field, expert info and subtree variables.
This will reduces the binary size by approximate 1266320 bytes due to
using .bss to zero-initialize the fields.
The conversion is done using the tools/convert-proto-init.py script.
|
|
Changes several calls of `create_dissector_handle()` to instead call
`register_dissector()` with a name for the dissector.
This should handle all dissectors in `epan/` from `packet-j*` to
`packet-o*`.
This change allows affected dissectors to be findable by calls to
`find_dissector()`. In turn, this opens up more command-line use for
these protocols, including fuzzshark and rawshark, as well as lua use
via `Dissector.get()`.
Where needed, move the call from the protocol handoff function to the
protocol register function, save the result in a static variable,
and use that variable in the handoff function.
There were some calls to `create_dissector_handle()` or
`register_dissector()` which passed `-1` as the protocol argument. When
I saw those I corrected them to pass the actual `proto_foo` identifier
instead.
Partially addresses #5612
|
|
|
|
References #18697
|
|
|
|
Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
|
|
Use macros from inttypes.h with format strings.
|
|
|
|
|
|
|
|
Instead of passing a pointer to a header_field_info structure,
pass an integer index to the registry.
This allows each dissector to be converted to a more conventional
structure.
|
|
Remove experimental new API.
Fix Netlink dissector to compile with normal proto tree API.
Closes #17774.
|
|
These display bases work to replace unprintable characters so the
name is a misnomer. In addition they are the same option and this
display behaviour is not something that is configurable.
This does not affect encodings because all our internal text strings
need to be valid UTF-8 and the source encoding is specified using
ENC_*.
Remove the assertion for valid UTF-8 in proto.c because
tvb_get_*_string() must return a valid UTF-8 string, always, and we
don't need to assert that, it is expensive.
|
|
|
|
|
|
|
|
Add dissect_netlink_attributes_to_end(), which takes no length argument,
and uses tvb_ensure_reported_length() to get the remaining length in the
packet.
In dissect_netlink_attributes_common(), treat negative lengths as if
they were a positive length >= 2^31, and throw a reported bounds error.
Also, throw a bounds error if there's more padding to a 4-byte boundary
than there is data in the packet.
At that point, we know the length is positive, so assign it to an
unsigned variable and use *that* in the loop. Throw an error if the
attribute goes past the end of the packet (although we presumably would
have done that already).
(We really should eliminate all use of -1 as "to the end", and make
lengths unsigned. We should also get rid of any places where we're
using negative offsets as offsets from the end of the packet - in the
few cases where you're dealing with trailers, you want to do that
carefully, so as not to throw an exception dissecting the trailer before
you get around to dissecting the rest of the packet - and make offsets
unsigned as well.)
|
|
They don't include any attributes - they're not large enough to contain
anything other than the netlink message header and the one-byte address
family. For legacy messages, the attribute we hand to
dissect_netlink_route_attributes() is not aligned on a 4-byte boundary,
as it's the offset right after the 1-byte address family value;
dissect_netlink_route_attributes() will try to align that on a 4-byte
boundary, but that will go past the "immediately after the end of the
packet" offset, which can cause problems if any checking is done to make
sure the offset is valid. Therefore, we don't try to dissect the
attributes, rather than relying on the attributes dissector to discover
that there's nothing left in the packet.
|
|
The message length for legacy netlink route messages doesn't include the
padding in question.
|
|
The structure containing struct rtgenmsg in the message header also
includes a structure that's aligned on a 4-byte boundary, so there's 3
bytes of padding after the struct rtgenmsg.
|
|
Most of the time, the return value tells us nothing useful, as we've
already decided that we're perfectly willing to live with string
truncation. Hopefully this keeps Coverity from whining that those
routines could return an error code (NARRATOR: They don't) and thus that
we're ignoring the possibility of failure (as indicated, we've already
decided that we can live with string truncation, so truncation is *NOT*
a failure).
|
|
Finally, it is becoming difficult to find more.
|
|
true_false_strings have no helper function to properly retrieve the
string representing the true or false value, much like unit_strings,
even though this is not uncommon in dissectors.
This change introduces the helper function and modifies the dissectors,
so that they use this helper i.s.o. their own expressions.
Change-Id: I477ed2d90a9a529fc5dcfef7e3ea42ec180d27ae
Reviewed-on: https://code.wireshark.org/review/36920
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This change fixes the problem of value retrieval being done:
1. without regard for the declared encoding,
2. multiple times, for addition to other tree items.
The first issue can result in two different representations of the
same field. The second is an optimization, and a way to make sure
a consistent interpretation of the protocol field is made.
Change-Id: Id521f4deafe381322195b1eb998138efcaa51f30
Reviewed-on: https://code.wireshark.org/review/35745
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The underlying netlink dissector sets up a data structure to help maintain
information about the netlink packet. This contains the encoding information
as determined for this packet. Use this value in place of the copy that
every netlink dissector makes in its private data structure.
As a consequence the encoding field can be removed from these private data
structures. Since the encoding field is now directly available from the
data structure setup by the underlying netlink dissector, the private data
structures also do not need to keep a pointer to this underlying netlink
dissector data structure.
This change replaces the use of the local copy of encoding with the
original one. This change, by extension, also removes the encoding field and
the pointer to the underlying netlink dissector data structure as these are
no longer needed. The exception is the generic netlink dissector, which
implements the dynamic netlink famiily subdissector table.
Change-Id: Ida0065379c19ae68caf6d87860828b48766c1998
Reviewed-on: https://code.wireshark.org/review/35698
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The underlying netlink dissector sets up a data structure to help maintain
information about this netlink packet. It gets passed through the familiy
specific netlink dissectors private data structures to reappear when
support funtions of the underlying netlink dissector are needed. In the
mean time a copy of data (the value 'encoding' to be precise) in this
structure is also maintained in these familiy specific netlink dissectors,
adding to the confusion.
This change is to make the underlying netlink dissector data structure
a normal part of the function interfaces, so that it is present without
being dependant on another private data structure.
This change is a first step towards removing the unnessesary copy of the
encoding value.
Change-Id: I69e78a2b15e58e149e82e89c19e519ef041ee6b1
Reviewed-on: https://code.wireshark.org/review/35688
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Changes consist of:
- Addition of new enum values
- Header file references now point to kernel sources
- Dissection of few more fields
- Fixes to some dissections
Change-Id: I4cda045153ab0971b0b09ce59a7363238fe627ee
Reviewed-on: https://code.wireshark.org/review/35571
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
No functional change, this just updates the annotations.
Change-Id: I5517a6fd65452db128cdaaa6a90df8c578b5e8d0
Reviewed-on: https://code.wireshark.org/review/29753
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I50c9cf5daa22c9d53e6ca642e6651948a04e8e64
Reviewed-on: https://code.wireshark.org/review/29587
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
'netlink-route.ifa_address' exists multiple times with NOT compatible types: FT_IPv4 and FT_IPv6
Change-Id: I3ba350cfc479a7733d48bc07b4102c8220126247
Reviewed-on: https://code.wireshark.org/review/28841
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
"redefined" to handle the same way as before.
In dissectors using the new API, add all currently used proto_tree_add_xxx
functions to the list of functions that take care of NEW_PROTO_TREE_API changes.
Modify the dissectors that worked around the missing change.
Change-Id: Ib6d6ec2c225d96c98c2a8f507648d7ad4bfb6c68
Reviewed-on: https://code.wireshark.org/review/28002
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
Change-Id: If0acdea872a8c999f5635f0965a64b121beeba48
I: libwireshark0: spelling-error-in-binary usr/lib/x86_64-linux-gnu/libwireshark.so.0.0.0 Adress Address
Reviewed-on: https://code.wireshark.org/review/27040
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This patch adds dissecting of several attributes in RTM_NEWLINK and
RTM_NEWADDR.
Change-Id: Iab476e7439a9bcbc25e70cded67bc371788baec4
Reviewed-on: https://code.wireshark.org/review/26830
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Let subdissectors handle parsing and addition of the Netlink header
instead of doing this before calling subdissectors. After this patch:
- Protocol filters like "netlink-netfilter" can be used to match
packets (previously only a text item was added to the tree).
- Subdissectors have more freedom in modifying the type field, so now
it shows the correct type directly rather than "Message type:
Protocol-specific".
- netfilter: the type fields are now actually linked to a tvb,
previously it was linked to a NULL tvb.
- netfilter: fix unintended rejection of packets (the length should
have been added to the offset, otherwise it would fallback to the
data dissector).
- Now subdissectors will not be called for control messages (so the
netlink-conntrack.pcap sample now shows "Netlink" instead of "Netlink
route" for the "End of dump" control message).
Change-Id: I2ab1bef91fb0080664195b281a6a45c9702914e5
Reviewed-on: https://code.wireshark.org/review/20910
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Some legacy tools, including iproute2 < 3.9, issue shorter RTM_GETLINK
and RTM_GETADDR dump queries which only contain struct rtgenmsg rather
than struct ifinfomsg. As noted in kernel comment in rtnl_dump_ifinfo(),
these legacy requests will be (even with attributes) always shorter than
struct ifinfomsg so that they are easy to detect.
Similar problem can be observed with tools using nl_rtgen_request()
function from libnl3; this also affects other RTM_GET* types.
If such legacy message is detected by length shorter than expected data
structure, parse it as this legacy version with (1-byte) struct
rtgenmsg so that it's shown as intended rather than as malformed.
Change-Id: I53b6bff9e44cd2359d7cd313b6f0724f63f0e74d
Reviewed-on: https://code.wireshark.org/review/20461
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michal Kubeček <mkubecek@suse.cz>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Always give the netlink data struct to dissect_netlink_attributes() so
we can extract which endianness we should use. This fixes the netlink
dissector on big endian.
Change-Id: Ia485a29035c947908c29a9e30d0aba8d4fc94093
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-on: https://code.wireshark.org/review/17636
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
NLA types consist of a type and two flags, add new fields for this.
Add a new parameter to restrict the data consumed by the
dissect_netlink_attributes function, this is needed when implementing
nested attributes using another call to this function. This also avoids
adding padding to the payload and matches the comment in
include/uapi/linux/netlink.h (Linux 4.7).
Change-Id: I34dbfa466081b6c6c4580941aff568bd120b4210
Reviewed-on: https://code.wireshark.org/review/17030
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Based on inspection of the Linux 4.7 source code. Replaced tabs by
spaces in enums and value_strings for consistency.
Change-Id: I78b5de53b53dc3f2a7c807a72d8d94880f6406d5
Reviewed-on: https://code.wireshark.org/review/16931
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Also some other tricks to remove unnecessary tvb_get_string_enc calls.
Change-Id: I2f40d9175b6c0bb0b1364b4089bfaa287edf0914
Reviewed-on: https://code.wireshark.org/review/16158
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Id218dec9e5a721d6c63fd34962ffe50b6ab8dd56
Reviewed-on: https://code.wireshark.org/review/11946
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Diederik de Groot <dkgroot@talon.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Added missing strings to netlink_route_ifla_attr_vals
Improved dissection of netlink.hdr_flags
Replaced deprecated use of tvb_length_remaining
Change-Id: Ie16f7e602e1fb69a0a88a4d0657ec2d6da3c0d83
Reviewed-on: https://code.wireshark.org/review/8916
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add a CF_FUNC macro to match VALS, TFS, etc. This should help us to avoid
the following warning:
warning: ISO C forbids initialization between function pointer and 'void *' [-Wpedantic]
We could start adding DIAG_OFF+DIAG_ON everywhere but this seems to be
more consistent with the other macros in proto.h. Update each instance
of BASE_CUSTOM to use CF_FUNC.
Adjust a dummy variable name generated by asn2wrs.py that was triggering
an invalid error in checkhf.pl.
Fix an encoding arguement in packet-elasticsearch.c found by
fix-encoding-args.pl.
Change-Id: Id0e75076c2d71736639d486f47b87bab84e07d22
Reviewed-on: https://code.wireshark.org/review/7150
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I391cdf80a6e4ae5b0f4068e0500a90d013588f8a
Reviewed-on: https://code.wireshark.org/review/4442
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Iee5cb12d3b6669c7e45e18352ebcd151db721ad3
Reviewed-on: https://code.wireshark.org/review/408
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: Ia03a1cd4590aceda30ead4aa93ad413d90c6aea6
Reviewed-on: https://code.wireshark.org/review/372
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|