| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Change-Id: Iace7c6dfb81f0a98bbae304346906a5e82c82812
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Reviewed-on: https://code.wireshark.org/review/679
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
svn path=/trunk/; revision=54765
|
|
svn path=/trunk/; revision=54334
|
|
- Forward declaration of register functions.
svn path=/trunk/; revision=53958
|
|
pntohs -> pntoh16
pntohl -> pntoh32
pletohs -> pletoh16
pletohl -> pletoh32
phtons -> phton16
phtonl -> phton32
svn path=/trunk/; revision=53652
|
|
using pinfo->private_data.
This was acheived by adding a void* data parameter to the dissect_function_t typedef in packet-rpc.h (r53213). After converting the pinfo->private_data, I'm not sure if it would be better to change the void* data pointer to be a rpc_call_info_value* explicitly. Not all "dissector functions" use it, but it would certainly save a lot of casting...
svn path=/trunk/; revision=53232
|
|
svn path=/trunk/; revision=53230
|
|
here is to use it to replace some pinfo->private_data.
I didn't realize how expansive this change would be, so committing it now before replacing the pinfo->private_data, so if something needs to be reverted, all of this is not lost.
svn path=/trunk/; revision=53213
|
|
svn path=/trunk/; revision=53196
|
|
Move the #defines to packet-rpc.h and pull the functions into packet-rpc.c since they aren't used by any dissectors.
svn path=/trunk/; revision=53040
|
|
pinfo->private_data.
svn path=/trunk/; revision=53036
|
|
- when the text parameter is constant col_add_str() and col_set_str() are equivalent but col_set_str() is faster.
- same for replace col_append_fstr and col_append_str
- remove col_clear() when it's redundant:
+ before a col_set/col_add if the dissector can't throw an exception.
- replace col_append() after a col_clear() with faster col_add... or col_set
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9344
svn path=/trunk/; revision=52948
|
|
- ep_tvb_get_bits() -> wmem_packet_tvb_get_bits()
- tvb_g_memdup()/ep_tvb_memdup() -> tvb_memdup()
- tvb_fake_unicode()/tvb_get_ephemeral_faked_unicode() -> tvb_get_faked_unicode()
- tvb_get_g_string()/tvb_get_ephemeral_string()/tvb_get_seasonal_string() -> tvb_get_string()
- tvb_get_g_unicode_string()/tvb_get_ephemeral_unicode_string() -> tvb_get_unicode_string()
- tvb_get_ephemeral_string_enc() -> tvb_get_string_enc()
- update docs accordingly
svn path=/trunk/; revision=52172
|
|
hf_ field name is the first part of the formatted string. This was done with a perl script on the dissectors directory (packet-*.c), followed by manual inspection of the output. The manual inspection yielded a few cases that really should have been proto_tree_add_uint or proto_tree_add_item, so I updated them accordingly.
The script didn't catch as many as I would have liked, but it's a start.
The most common (ab)use of proto_tree_add_uint_format was for appending strings to CRC/checksum values to note good or bad CRC/checksum.
svn path=/trunk/; revision=52045
|
|
svn path=/trunk/; revision=51619
|
|
the same structure.
This is begin of work to split fragment head and fragments items.
svn path=/trunk/; revision=50708
|
|
(it seems to be working for TCP ^^)
svn path=/trunk/; revision=50580
|
|
don't need them any more and, as shown in
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3290#c16
we really want to check if we're looking at something beyond the end of the TVB
(in order to break out of very long loops).
svn path=/trunk/; revision=49645
|
|
be done on flows from one address to another; reassembly for protocols
running atop TCP should be done on flows from one TCP endpoint to
another.
We do this by:
adding "reassembly table" as a data structure;
associating hash tables for both in-progress reassemblies and
completed reassemblies with that data structure (currently, not
all reassemblies use the latter; they might keep completed
reassemblies in the first table);
having functions to create and destroy keys in that table;
offering standard routines for doing address-based and
address-and-port-based flow processing, so that dissectors not
needing their own specialized flow processing can just use them.
This fixes some mis-reassemblies of NIS YPSERV YPALL responses (where
the second YPALL response is processed as if it were a continuation of
a previous response between different endpoints, even though said
response is already reassembled), and also allows the DCE RPC-specific
stuff to be moved out of epan/reassembly.c into the DCE RPC dissector.
svn path=/trunk/; revision=48491
|
|
changed implicit casts to explicit and substituted se_new for se_alloc
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8416
svn path=/trunk/; revision=48288
|
|
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
|
|
empty. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8145
svn path=/trunk/; revision=46805
|
|
Cast away some implicit 64-bit-to-32-bit conversion errors due to use of
sizeof.
Cast away some implicit 64-bit-to-32-bit conversion errors due to use of
strtol() and strtoul().
Change some data types to avoid those implicit conversion warnings.
When assigning a constant to a float, make sure the constant isn't a
double, by appending "f" to the constant.
Constify a bunch of variables, parameters, and return values to
eliminate warnings due to strings being given const qualifiers. Cast
away those warnings in some cases where an API we don't control forces
us to do so.
Enable a bunch of additional warnings by default. Note why at least
some of the other warnings aren't enabled.
randpkt.c and text2pcap.c are used to build programs, so they don't need
to be in EXTRA_DIST.
If the user specifies --enable-warnings-as-errors, add -Werror *even if
the user specified --enable-extra-gcc-flags; assume they know what
they're doing and are willing to have the compile fail due to the extra
GCC warnings being treated as errors.
svn path=/trunk/; revision=46748
|
|
used to override the filter generated from the address column.
Fixes https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7728 (again).
svn path=/trunk/; revision=45792
|
|
See discussion on https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7728
svn path=/trunk/; revision=45791
|
|
svn path=/trunk/; revision=45017
|
|
Make right-click + apply-as-filter work in the packet list for non-ethernet
frames (such as ieee 802.11 frames).
svn path=/trunk/; revision=44921
|
|
Add new parameter 'data' to heur_dissector_t and new_dissector_t, for now it's always NULL
svn path=/trunk/; revision=44860
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7683 :
The reassembled fragments tree in the Packet Details view is awesome, but it
lacks one thing: a field that exposes the reassembled data.
tcp.data already exists for exposing a single TCP segment's payload as a byte
array. It would be handy to have something similar for a single application
layer PDU when TCP segment reassembly is involved. I propose
tcp.reassembled.data, named and placed after the already existing field
tcp.reassembled.length.
My primary use case for this feature is outputting tcp.reassembled.data with
tshark for further processing with a script.
The attached patch implements this very feature. Because the reassembled
fragment tree code is general purpose, i.e. not specific to just TCP, any
dissector that relies upon it can add a similar field very cheaply. In that
vein I've also implemented ip.reassembled.data and ipv6.reassembled.data, which
expose reassembled fragment data as a single byte stream for IPv4 and IPv6,
respectively. All other protocols that use the reassembly code have been left
alone, other than inserting NULL into their initializer lists for the newly
introduced struct field reassemble.h:fragment_items.hf_reassembled_data.
svn path=/trunk/; revision=44802
|
|
(COPYING will be updated in next commit)
svn path=/trunk/; revision=43536
|
|
RPC: show the AUTH_GLUSTERFS/lk_owner as hex
svn path=/trunk/; revision=42940
|
|
Remove useless null check
svn path=/trunk/; revision=42741
|
|
In one case, define our own size for a string buffer
(instead of using a magic constant 'BUFSIZ');
In a few cases: do some whitespace, indentation & reformatting cleanup.
svn path=/trunk/; revision=42634
|
|
svn path=/trunk/; revision=42574
|
|
Add dissection of AUTH_GLUSTERFS as used in GlusterFS-3.3
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7244
svn path=/trunk/; revision=42573
|
|
Add a helper function to dissect AUTH_UNIX groups
Fix hf_rpc_auth_lk_owner entry
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7244
svn path=/trunk/; revision=42572
|
|
proto_tree_add_item() calls.
svn path=/trunk/; revision=42537
|
|
dissect AUTH_RSA as Gluster AUTH-flavor
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7190
svn path=/trunk/; revision=42244
|
|
Remove whitespace at end of line.
svn path=/trunk/; revision=41845
|
|
that we have eaten all these bytes or rpc will think there was un-dissected data remaining and will show it as an extra "data" field.
svn path=/trunk/; revision=41833
|
|
svn path=/trunk/; revision=41822
|
|
carry neither a verifier nor a payload.
Stop decoding the packed immediately after the credentials so that we dont incorrectly flag these packets as malformed.
svn path=/trunk/; revision=41817
|
|
removed from previous commit
svn path=/trunk/; revision=41814
|
|
Add traking of when GSS authentication contexts are created and when they are destroyed
so that it is easy to "click on created in link" in a SecNFS packet to get to where the kerberos blob for authentication is
Add context created in/destroyed in to the decode so you can quickly jump to where the authantiation happened to check the decrypted krb5 credentials
svn path=/trunk/; revision=41813
|
|
svn path=/trunk/; revision=39618
|
|
Also: remove trailing whitespace for a number of files.
svn path=/trunk/; revision=39503
|
|
reference an hf item (in hf[] with types:
FT_NONE
FT_BYTES
FT_IPV6
FT_IPXNET
FT_OID
Note: Encoding field set to ENC_NA only if the field was previously TRUE|FALSE|ENC_LITTLE_ENDIAN|ENC_BIG_ENDIAN
svn path=/trunk/; revision=39260
|
|
See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5748
svn path=/trunk/; revision=39081
|
|
NULL-return check.
Use val_to_str_const instead of val_to_str() in a couple places where the string
is constant.
Use val_to_str() instead of blindly passing the return value from match_strval()
into a format routine (to ensure a non-NULL string pointer). A couple of these
were cases where it could not actually return NULL, but I changed it for
consistency.
Store the return value of match_strval() rather than calling it repeatedly.
svn path=/trunk/; revision=37204
|
