Age | Commit message (Collapse) | Author | Files | Lines |
|
Same as with !8955, To debug with line directive build with
-DENABLE_DEBUG_A2W=ON flag
|
|
To debug with line directive build with -DENABLE_DEBUG_A2W=ON flag
|
|
Doing so corrupts the exceptions stack and causes crashes elsewhere.
Move the heuristics check after get_ber_identifier as dissect_t125
calls that check too.
Bug: 15189
Change-Id: I816fcd693141c5e9e2979348f58bf5a8112290da
Fixes: v2.9.0rc0-2122-gf710f21833 ("T125: Add a heuristic test case.")
Reviewed-on: https://code.wireshark.org/review/30096
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Émilio Gonzalez <egg997@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Looks for common T.125 packet types such as erectDomainRequest and
attachUserRequest. This correctly links COTP with T.125/MCS in case of
RDP traffic, which results in RDP traffic actually being dissected by
the RDP dissector.
Change-Id: I14eecc417cf5038779d78207ac0ccf2dd22a1219
Reviewed-on: https://code.wireshark.org/review/29960
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: Ic73e72b3d2e7590eaed07f6eb30f74f4303e7a65
Reviewed-on: https://code.wireshark.org/review/25880
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
keywords
Change-Id: Iffc7c81e9653e8c1cd938de8f4fc26c5912eceec
Reviewed-on: https://code.wireshark.org/review/24049
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I1208fe3c2ba428995526f561e8f792b8d871e9a9
Reviewed-on: https://code.wireshark.org/review/14388
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Change-Id: I7b794cba2feda2cae40411e2b1cb9fb091d08220
Reviewed-on: https://code.wireshark.org/review/12480
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The preferences are still supported for backwards compatibility, but the heuristic_protos file has final say on the "preference" to enable/disable a heuristic dissector.
Also add parameter to heur_dissector_add() for the "default" enable/disable of a heuristic dissector. With this parameter, a few more (presumably weak) heuristic dissectors have been "registered" but of course default to being disabled.
Change-Id: I51bebb2146ef3fbb8418d4f5c7f2cb2b58003a22
Reviewed-on: https://code.wireshark.org/review/9610
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows better presentation of heuristic dissectors to the end user.
Change-Id: I2ff3985ab914e83c2989880cc0c7b9904045b3f6
Reviewed-on: https://code.wireshark.org/review/9602
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I36b2731d67f9345d2fd0c23800bba7d2be94c387
Reviewed-on: https://code.wireshark.org/review/6008
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
This allows dissector lists to be looked up by name, so they can be
shared by multiple dissectors.
(This means that there's no "udplite" heuristic dissector list, but
there shouldn't be one - protocols can run atop UDP or UDPLite equally
well, and they share a port namespace and uint dissector table, so they
should share a heuristic dissector table as well.)
Change-Id: Ifb2d2c294938c06d348a159adea7a57db8d770a7
Reviewed-on: https://code.wireshark.org/review/5936
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This adds "Remove unused hf entries" from Anders.
Change-Id: I1150f34f0eafab03415339d4b34f5f2e7f69f85b
Reviewed-on: https://code.wireshark.org/review/3499
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
for T.125 so remove the test.
Remove unused hf entries.
Fixes bug 10350.
Change-Id: If28de7877388c669082f8c8a21dd63107d417fbf
Reviewed-on: https://code.wireshark.org/review/3458
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I76ca4d075756e3ac691070e0c05344a410ea2498
Reviewed-on: https://code.wireshark.org/review/2507
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html
This reverts commit 246fe2ca4c67d8c98caa84e2f57694f6322e2f96.
Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9209c1271967405c34c1b6fa43e1726a4d3a5a3f
Reviewed-on: https://code.wireshark.org/review/2377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
which can be used to call the found heuristic dissector on the next pass.
Introduce call_heur_dissector_direct() to be used to call a heuristic
dissector which accepted the frame on the first pass.
Change-Id: I524edd717b7d92b510bd60acfeea686d5f2b4582
Reviewed-on: https://code.wireshark.org/review/1697
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
from gcc 4.9.
Change-Id: I8495d746f47c0e2528f88295771f86197d22d159
Reviewed-on: https://code.wireshark.org/review/1166
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
dissectors.
Change-Id: I0e779b2ac2f608356649c5bbfca438141070dea4
Reviewed-on: https://code.wireshark.org/review/412
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: Ie476c6f82f318188b41ed922b92c6fec119ea954
Reviewed-on: https://code.wireshark.org/review/244
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
svn path=/trunk/; revision=53230
|
|
incompatible filters in ASN.1 dissectors
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2402
svn path=/trunk/; revision=49599
|
|
svn path=/trunk/; revision=48820
|
|
svn path=/trunk/; revision=48609
|
|
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
|
|
epan/exceptions.h; it crashes).
Try BER first, including both the test dissection and the check of the
results. If that fails due to an exception being thrown, or due to the
results not indicating that it's a BER-encoded T.125 packet, try PER, so
that if the BER dissection doesn't work we don't just give up.
Get rid of some _U_s attached to parameters that are, in fact, used.
svn path=/trunk/; revision=46066
|
|
error when having no data (occurs in COTP CR and CC).
svn path=/trunk/; revision=46038
|
|
svn path=/trunk/; revision=45110
|
|
svn path=/trunk/; revision=45017
|
|
svn path=/trunk/; revision=44871
|
|
svn path=/trunk/; revision=44861
|
|
(COPYING will be updated in next commit)
svn path=/trunk/; revision=43536
|
|
svn path=/trunk/; revision=39957
|
|
svn path=/trunk/; revision=39690
|
|
svn path=/trunk/; revision=39554
|
|
svn path=/trunk/; revision=39523
|
|
Also: remove trailing whitespace for a number of files.
svn path=/trunk/; revision=39503
|
|
The only change in each file is in a comment showing the asn2wrs cmd used to build that file.
svn path=/trunk/; revision=39427
|
|
A work in progress.
Can be used with the SSL dissector to decrypt Enhanced RDP Security SSL.
With Standard RDP Security (e.g those on Wiki), the PDUs are all encrypted
after the SecurityExchange PDU.
Wiki to be updated with an example SSL protected capture and associated
key material.
svn path=/trunk/; revision=39066
|
|
svn path=/trunk/; revision=37118
|
|
- Change spaces in the name to underscores before comparing it to the blurb.
- Check if the type simply as T_ prepended to the name.
- Don't put in a blurb of "NULL".
and regenerate the dissectors.
svn path=/trunk/; revision=32748
|
|
svn path=/trunk/; revision=32747
|
|
svn path=/trunk/; revision=32417
|
|
svn path=/trunk/; revision=32405
|
|
svn path=/trunk/; revision=30516
|
|
svn path=/trunk/; revision=30454
|
|
svn path=/trunk/; revision=29346
|