Age | Commit message (Collapse) | Author | Files | Lines |
|
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This finalizes the transformation for dissectors.
Change-Id: Ie5986b72bb69a6e8779ca3f5e20a80357c9e6fea
Reviewed-on: https://code.wireshark.org/review/12122
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Picking off "easy" dissectors that only have one or two exit points at most.
Change-Id: I96aa9cf53533cbb07105aa400d42922baf3016b3
Reviewed-on: https://code.wireshark.org/review/11860
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The target here is the Decode As dialog where protocols have multiple registrations into a dissector table and that shows up as multiple entries in the Decode As dialog list with the same name so users are unsure which "dissector" they are choosing.
The "default" behavior (done in this commit) is to not allow duplicates for a dissector table, whether its part of Decode As or not. It's just ENFORCED for Decode As.
Bug: 3949
Change-Id: Ibe14fa61aaeca0881f9cc39b78799e314b5e8127
Reviewed-on: https://code.wireshark.org/review/11405
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It ends up dragging in libwireshark headers, which programs not linking
with libwireshark shouldn't do. In particular, including
<epan/address.h> causes some functions that refer to libwireshark
functions to be defined if the compiler doesn't handle "static inline"
the way GCC does, and you end up requiring libwireshark even though you
shouldn't require it.
Move plurality() to wsutil/str_util.h, so that non-libwireshark code can
get it without include epan/packet.h. Fix includes as necessary.
Change-Id: Ie4819719da4c2b349f61445112aa419e99b977d3
Reviewed-on: https://code.wireshark.org/review/11545
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I6f90aba1d804b1da666d471b9470acac63df4845
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/11291
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
the case where the number of bitmaps is too large was already handled
more cleanly in some places, we can just copy their code
unfortunately, we have to add a pinfo parameter to quite a few functions
Change-Id: I0e0fa9674d6ecd98c3d7e49e065f7121cc275a9b
Reviewed-on: https://code.wireshark.org/review/11247
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
I thought this was already caught by one of the check*.pl scripts, but I ran into the one in packet-nfs.c and decided to manually check the dissector directory.
Change-Id: I8df83227255818eabc43763e3cf760cf762797cc
Reviewed-on: https://code.wireshark.org/review/11230
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Replace CMP_ADDRESS, COPY_ADDRESS, et al with their lower-case
equivalents in the asn1 and epan directories.
Change-Id: I4043b0931d4353d60cffbd829e30269eb8d08cf4
Reviewed-on: https://code.wireshark.org/review/11200
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
tvb_get_ipv6() takes a struct e_in6_addr *, use that here too.
Change-Id: Id8b368daa05c151a61d4bc01dc88c00da13e9c88
Reviewed-on: https://code.wireshark.org/review/10953
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
The existing code parsed the callback program number from
a packet and then registered the callback program number.
But since the RPC dissector checks for valid and known
program numbers, it never parses it out.
Anyway, NFS4_CALLBACK is a well known number - use it!
Change-Id: Ia812359102bf6620e3b83109eb918032155cd8d3
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10558
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 11528
Change-Id: I9f92a2b38e9c094609b960eb1e105cc57ea66de3
Reviewed-on: https://code.wireshark.org/review/10543
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Not in C, but in C++, and we check to make sure our C code can be
compiled by a C++ compiler.
Change-Id: Ib77fac1abf1c583ebbf4465e4bd681b9db71123c
Reviewed-on: https://code.wireshark.org/review/10495
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
tvb_get_string_enc() treats the FH as an an ASCII string and thus stops
reading at the first zero (0) it encounters.
Replace 'tvb_get_string_enc()' with 'tvb_memdup()' in dissect_fhandle_data().
Change-Id: Ifc30ec41590e9cab5666d0988fab1f66040ce0c7
Reviewed-on: https://code.wireshark.org/review/10493
Reviewed-by: Cal Turney <cturney@charter.net>
Reviewed-by: ronnie sahlberg <ronniesahlberg@gmail.com>
|
|
Initialize layout_type.
Change-Id: Ied6cf61045cbee4f45b802c99ba06c2a07cc7613
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10461
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I748166ebcad1fa704b3d99770cf0c6296bdae3dd
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10434
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I40462f2acf20b99b5691a5efe1f6bfa563163bee
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10429
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I29429373b4a50d9580560b4f0759e31dd8cbf0c3
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10427
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I6a170f7e38a712c4ea0bc83ff4b1baf616a47253
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10436
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I10fd5c28c57c467c854ce3658887b2d0ce6f51b8
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10435
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Idfd27f382e78813b067b99fbe2e7934ddb72b6da
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10433
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ie2cc621fa928a541810e67a2444408572e0d8d4d
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10432
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Ic5ff60f559e1651b206cac4612b3cbc64ca67306
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10431
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I38eab48dcc27c813fc134881b359d8033bc00771
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10430
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I780b7519be5b8a8aadac7141363ff138cae4e583
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10428
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I178b166ee682693e6e3c17759573899ba13ca6f5
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10426
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Ib6f0c723dc7a5f031cdc52fd339a8fb29362370b
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10425
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I9a4cbb3b43c2695ca576eea7263c561a9d0f3783
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10424
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: If3970a20045d84200924f89ac467c4eb0206cb11
Reviewed-on: https://code.wireshark.org/review/10446
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Before:
skull:bugs loghyr$ ~/ipv4/wireshark/tshark -r 2-layoutstats-in-1-compound.pcap -Y nfs -V | grep -i ipv4
[IPv4 address 113.12.31.172, protocol=tcp, port=2049]
After:
skull:bugs loghyr$ ~/ipv4/wireshark/tshark -r 2-layoutstats-in-1-compound.pcap -Y nfs -V | grep -i ipv4
[IPv4 address 172.31.12.113, protocol=tcp, port=2049]
Bug: 11496
Change-Id: Ia6097ae76411f6ff9de1f53191c8fc767856e2d1
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10347
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Hand it a table of version/procedure table/hf-for-program-number
triplets.
Change-Id: I2acc03c2da83353165bd422d8537362201c814e2
Reviewed-on: https://code.wireshark.org/review/9740
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Either there's a known body for the call or reply, in which case we
already have a dissector for it, or the body is empty, in which case we
now have dissect_rpc_void() to dissect it, or the body is unknown or
nobody's bothered writing it, in which case we use dissect_rpc_unknown()
for now.
This means that an attempt to look up the dissector for a known
procedure will always succeed, so we can label it with the name rather
than with "proc-N".
It also means that we distinguish between "it's void" and "it's
unknown", so that unknown values will get flagged as such.
Change-Id: I748580c1dca61d1f0972396db1a3b0885fc0a541
Reviewed-on: https://code.wireshark.org/review/9699
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This patch converts some dissectors using g_hash_table_foreach_remove.
- 9p: drop no-op free func.
- nfs: use g_hash_table_new_full such that a destructor function can
be used. Drop NULL check since g_free can handle these just fine.
- nlm: use g_hash_table_new_full such that a destructor function can
be used. Simplify "matched" destruction by replacing the wrapper by
a direct g_free call.
Change-Id: I455e7f0ad4e47e70dae05af7233fdcdebf583f9f
Reviewed-on: https://code.wireshark.org/review/9224
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8509b9290a7255a91fa5f10a8312ca80eb94ead6
Reviewed-on: https://code.wireshark.org/review/7900
Reviewed-by: Cal Turney <cturney@charter.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
of a "homegrown" method.
Change-Id: I06d7d4e9747ed8593cf40506cae3a09ae237846b
Reviewed-on: https://code.wireshark.org/review/9456
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
dissector function signature.
This paves the way for using dissector tables.
Change-Id: I88ac165ef9aa5bf5c05e1115f7321e18e734d683
Reviewed-on: https://code.wireshark.org/review/9453
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I1b61f6a91fbd3553106d1a9a8aba56db1894a010
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/8940
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
And no longer uses opaque_auth
Change-Id: I272e1c5c1391dac977ad850b899505a28c42b6fd
Reviewed-on: https://code.wireshark.org/review/8939
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I7a4e99242365a6fd7c0fa81c6bc97cbe01a00763
Reviewed-on: https://code.wireshark.org/review/8938
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I67239a7cd1ea63499e5ee1956a2a5ac7b8191f9e
Reviewed-on: https://code.wireshark.org/review/8936
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I7ba0720f4f1dcf15d257d5358226e82b4ee7d2d9
Reviewed-on: https://code.wireshark.org/review/8935
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Idd162119b1fdc6747452b9a13ef580705567983e
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/8934
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
We can only parse file layout ds addrs, treat all other layouts as having
opaque data.
Change-Id: I50892dbdbd6785d8216e2d8725da7bec0c554ee2
Reviewed-on: https://code.wireshark.org/review/8933
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
'type' = FATTR4_BITMAP_ONLY
This patch updates the code accordingly.
Vars 'num_bitmaps', and 'count' are declared as guint8 but being passed to
32-bit fields of proto_tree_add_uint() and tvb_ensure_bytes_exist(). In
glibconfig.h 'guint8' is defined as 'typedef unsigned char guint8;' and in
'limits.h', ‘char’ is defined as 8 bits: #define CHAR_BIT 8 /* number of
bits in a char */. These vars have been changed to 32-bits.
There are 22 other dissectors that call "tvb_ensure_bytes_exist()". In
addition, there are an 215 CHECK_BYTE_COUNT_SUBR macro calls in
packet-smb.c which essentially do the same thing. README.developer does
state "you can check whether the data is present by using
"tvb_ensure_bytes_exist()" although this frequently is not needed." This
call has been removed in accordance with that statement.
Bug: 10483
Change-Id: Ib06ab14254882e9110af265d2d67a66dcce694f2
Reviewed-on: https://code.wireshark.org/review/8847
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
This reverts commit da1766e9871ba1eb4156ebd05c819eee9d91c10f.
I should have set CR-2 because I was working on the following update: According to RFC 5661, a zero attribute mask is acceptable if type FATTR4_BITMAP_ONLY is passed to dissect_nfs4_fattrs(). In addition I found guint8 vars 'num_bitmaps', and 'count' are declared as guint8 but being passed into 32-bit fields of proto_tree_add_uint() and tvb_ensure_bytes_exist().I will push a new patch for review.
Change-Id: I95e55af7fef17d0554f9741aa426feeeb95e2c21
Reviewed-on: https://code.wireshark.org/review/8843
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Bug: 10483
Change-Id: Ic0df7d92c6ec2da83ad02796a008f6512d7fdc9b
Reviewed-on: https://code.wireshark.org/review/8731
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Otherwise it could throw an exception if captured length < reported length
Change-Id: Ia9eb2778dbfebc1865a0040020a62ba20882b482
Reviewed-on: https://code.wireshark.org/review/8804
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Change-Id: I413a77903c8a56cb722e38ff9f64cf3d9c668ed8
Reviewed-on: https://code.wireshark.org/review/8801
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
These attributes are already represented by hf_nfs4_reco_attr items.
Change-Id: Ib3804e2d30921764913f483863c003ffb55118ca
Reviewed-on: https://code.wireshark.org/review/8586
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
NFSv4 attributes are transferred as a bitmask, followed by each of the
attributes in the bitmask. The offset and length of the dissected attribute
values should point at where the attribute values are; instead, they were
pointing at the bitmap. Fix that.
Change-Id: I4f93b7fffd7497306ae828a2fbd3c0e9b0accd1c
Reviewed-on: https://code.wireshark.org/review/8536
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|