| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Change-Id: If6fc3aab7ad4fc634567121f7b9541bc6f6c5766
Reviewed-on: https://code.wireshark.org/review/30926
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
When dissecting USBIP packets, the transfer type is not known for every
packet like when dissecting usbmon captures. This patch lifs the
transfer type for the endpoint in the device descriptor and stores it in
the conversation. If the per-packet transfer type is unknown for a
transfer, it tries the one from the descriptor instead. This enables
bulk/iso payload dissectors to work on USBIP packets too.
Change-Id: If0a3e4f3b9598f586fa460d0d07032d22e203122
Reviewed-on: https://code.wireshark.org/review/28412
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I52cbafe519bbdb46961748a84db4f2db0bbe3c2d
Reviewed-on: https://code.wireshark.org/review/28411
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Make "Prepare a Filter" from the Source and Destination columns work for
USB source and destination address, this value must be quoted as well.
Change-Id: Ib7a772050c204e716781cc27f9eddbdb7971e547
Reviewed-on: https://code.wireshark.org/review/26096
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 14421
Change-Id: Ifb492b776182507c10664d067f99312af250e6ff
Reviewed-on: https://code.wireshark.org/review/25872
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Follow up to having conversions use endpoint_type instead of
port_type.
Change-Id: Ifd59a33bd8b9a013c242bce5fcceb09533f02c17
Reviewed-on: https://code.wireshark.org/review/24172
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
For the moment this mirrors the port_type enumeration (PT_XXX), but the
intent is to move away from using "port types", eliminating most (if not
all)
Added conversation_pt_to_endpoint_type() so that conversations deal with the
correct enumeration. This is for dissector that use pinfo->ptype as input
to conversation APIs. Explicit use of port types are converted to using
ENDPOINT_XXX type.
Change-Id: Ia0bf553a3943b702c921f185407e03ce93ebf0ef
Reviewed-on: https://code.wireshark.org/review/24166
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I2c3d2956be898c767afc19b2c63f2e84b5e79ed0
Reviewed-on: https://code.wireshark.org/review/23422
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I29e0a7bf81b1f6cf2f84cccb212e223089dd918a
Reviewed-on: https://code.wireshark.org/review/23419
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I1ecf16db1b0a10b1a43112cc1225507e08250ace
Reviewed-on: https://code.wireshark.org/review/23405
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The provider ID appears to be the hook into dissecting NetMon Event
user data.
Since capture file with USB data was provided, that was used as the
example for how to hook into the provider ID dissector table.
Bug: 6520
Change-Id: Ie41719b6a28826869cd1672619949ea1f6981268
Reviewed-on: https://code.wireshark.org/review/23377
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The convention of returning negative errno codes from the Linux kernel
is not just limited to usb/usbip, it is also needed by netlink. Now
netlink error codes are properly dissected.
Also add ERFKILL and EHWPOISON (since 2009 and 2011) and change ESTALE
and ENOSYS to match the current description as of Linux 4.7. Fixed
header paths in comments too.
Used this command to generate the table (with fixups for gaps):
cpp -dM -CC include/uapi/asm-generic/errno.h |
perl -ne '/^#define (E[A-Z0-9]+) ([0-9]+) \/\* (.+) \*\// &&
printf " { -%-4s \"%s (-%s)\" },\n", "$2,", $3, $1' | sort -k2
Change-Id: I16fa41a42bd4201a8383ea8e70a0aa8a597b311d
Reviewed-on: https://code.wireshark.org/review/16952
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
During 'Darwin' transfer type conversion the network data is taken
as-is, without checking validity. This results in indexing errors.
Add validation before using as array index.
Bug: 13676
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1307
Change-Id: I24ca49bb21ba36a8d6a3c078ac2c05ded7b8d382
Reviewed-on: https://code.wireshark.org/review/21470
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Change-Id: Iec9e4ac2362cf8e88a3cf6ae3483cefe938967e5
Reviewed-on: https://code.wireshark.org/review/20814
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This emphasizes that there is no such thing as *the* routine to
construct a subset tvbuff; you need to choose one of
tvb_new_subset_remaining() (if you want a new tvbuff that contains
everything past a certain point in an existing tvbuff),
tvb_new_subset_length() (if you want a subset that contains everything
past a certain point, for some number of bytes, in an existing tvbuff),
and tvb_new_subset_length_caplen() (for all other cases).
Many of the calls to tvb_new_subset_length_caplen() should really be
calling one of the other routines; that's the next step. (This also
makes it easier to find the calls that need fixing.)
Change-Id: Ieb3d676d8cda535451c119487d7cd3b559221f2b
Reviewed-on: https://code.wireshark.org/review/19597
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
All the pseudo-headers encode the endpoint as per a bEndpointAddress in
sections 9.6.6 "Endpoint" of the USB 2.0 spec and the USB 3.1 spec, with
a 4-bit endpoint number at the bottom and a 1-bit direction at the top
with 0 = OUT and 1 = IN.
Show the FreeBSD endpoint address the same way the other endpoint
addresses are shown; the FreeBSD one is shown as a 4-byte little-endian
value, but only the low-order (first) byte is used, so just show that
byte.
Call that field the "endpoint address", with the lower 4 bits being the
"endpoint number" and the uppermost bit the "endpoint direction".
Change-Id: Ic7358c7fb6b6df2502315b590eb5178cecb321d9
Reviewed-on: https://code.wireshark.org/review/19200
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Add an FT_CHAR type, which is like FT_UINT8 except that the value is
displayed as a C-style character constant.
Allow use of C-style character constants in filter expressions; they can
be used in comparisons with all integral types, and in "contains"
operators.
Use that type for some fields that appear (based on the way they're
displayed, or on the use of C-style character constants in their
value_string tables) to be 1-byte characters rather than 8-bit numbers.
Change-Id: I39a9f0dda0bd7f4fa02a9ca8373216206f4d7135
Reviewed-on: https://code.wireshark.org/review/17787
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Have all dissector tables have a "supports Decode As" flag, which
defaults to FALSE, and which is set to TRUE if a register_decode_as()
refers to it.
When adding a dissector to a dissector table with a given key, only add
it for Decode As if the dissector table supports it.
For non-FT_STRING dissector tables, always check for multiple entries
for the same protocol with different dissectors, and report an error if
we found them.
This means there's no need for the creator of a dissector table to
specify whether duplicates of that sort should be allowed - we always do
the check when registering something for "Decode As" (in a non-FT_STRING
dissector table), and just don't bother registering anything for "Decode
As" if the dissector table doesn't support "Decode As", so there's no
check done for those dissector tables.
Change-Id: I4a1fdea3bddc2af27a65cfbca23edc99b26c0eed
Reviewed-on: https://code.wireshark.org/review/17402
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This will copy an address's "byte format" into a buffer. The original
intended design is for export_pdu functionality, which tries to do
this "manually" for many address types (and creates undesired dependencies)
The default functionality if a "byte format function" isn't provided
(currently the case for all address types) is a memcpy of the address
data. Providing "address to byte" functions to aid export PDU
functionality will be provided later.
Change-Id: I3703f9e617a8cef09165ad53a0f98c6372676b9b
Reviewed-on: https://code.wireshark.org/review/16070
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This required some hacking in the conversation table handling, but
still seemed worth it as USB address is not widely used.
Maybe a "is_stringlike" property for address types...
Change-Id: I628a15c17cb1f595bb292130867adbc5bea0f41a
Reviewed-on: https://code.wireshark.org/review/16068
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 12511
Change-Id: Ic9af8358e2a8110f53c587201cafc337630c302a
Reviewed-on: https://code.wireshark.org/review/15858
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
If a standard setup response arrives without data, don't call a subdissector.
This can happen if a control endpoint STALLs.
This patch prevents the STALL response from appearing as a malformed packet.
Change-Id: I6f0e82487fae964e93a4291ccb3badbe652f7499
Reviewed-on: https://code.wireshark.org/review/15379
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This saves many dissectors the need to find the data dissector and store a handle to it.
There were also some that were finding it, but not using it.
For others this was the only reason for their handoff function, so it could be eliminated.
Change-Id: I5d3f951ee1daa3d30c060d21bd12bbc881a8027b
Reviewed-on: https://code.wireshark.org/review/14530
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
In URB setup, wInterface is always displayed disregarding the actual
bmRequestType. Show instead: wInterface if recipient is an interface,
WEndpoint if recipient is an endpoint and wIndex when recipient is device
or other.
Change-Id: I6883dc22d80267276f9d171f39695e86e93aae83
Reviewed-on: https://code.wireshark.org/review/14283
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
don't access the class-specific conversation structure before we know
that the packet is a U3V packet
the USB dissector should fill interfaceClass and interfaceSubclass with
correct values - if it doesn't that's another bug to be fixed
Bug:12194
Change-Id: Ic9e73e7cb05c8887fee794e4735936caad1b7f49
Reviewed-on: https://code.wireshark.org/review/14224
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
... and the copy of it that I just made :-(
bInterfaceProtocol should be bInterfaceSubClass
Change-Id: Ic25f28cad7305986cb79ddea5110b1e739e57101
Reviewed-on: https://code.wireshark.org/review/14223
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I597fa87248caf77b3622065bc4dbdaa66cee809a
Reviewed-on: https://code.wireshark.org/review/14222
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I8a42826ae5aa864ee21e1a96a5826642d66a7e63
Reviewed-on: https://code.wireshark.org/review/14104
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
We just dissect it as raw bytes for now; ultimately, we need to process
it the same way we process data for other forms of USB capture.
This also catches the case where the frame length is bogusly large
(including so large that rounding it up to a multiple of 4 overflows).
Bug: 12153
Change-Id: I537974d548fdcda917d9fce8189eb2134bc17bb9
Reviewed-on: https://code.wireshark.org/review/14103
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Nobody looks it up, so just register it in the wtap_encap table, as we
do with the 64-byte-header Linux USB dissector, the USBPCAP dissector,
and the FreeBSD USB dissector.
Change-Id: I5da098d799a63449f17a26924b3ba2de36536896
Reviewed-on: https://code.wireshark.org/review/14046
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I6f59028b1134378762691c35897cfcdc04e6dbfe
Reviewed-on: https://code.wireshark.org/review/14045
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I4737a3410cde2d8ead79b42d9734b4412cb5ca77
Reviewed-on: https://code.wireshark.org/review/14026
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
(There's also work needed in libpcap; that's also in progress.)
Change-Id: Iff5a34c139a000865e2d78cc17a4af5ff24fb44b
Reviewed-on: https://code.wireshark.org/review/14025
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I2f6b3e569206e443291f7473ed77b2acde636748
Reviewed-on: https://code.wireshark.org/review/13997
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The current code which dissects the idProduct (and to some extend the
idVendor) item for USB devices is overly complicated. A better method
to format the product string in the right way is using:
proto_tree_add_uint_format_value.
This gets rid of the additinal string and item manipulation altogether.
Change-Id: Iadd69b7dc284e62039402de53418f41460d88a5d
Reviewed-on: https://code.wireshark.org/review/13973
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
This patch adds support for the USBIP protocol [0]. A document
describing the protocol in detail is available from the linux
kernel source [1].
The USBIP protocol mimics a USB HCD on a client PC that tunnels
USB data over TCP/IP between the client and the host where the
physical USB device is connected.
A testcase has been submitted to bug.wireshark.org [2].
[0] <http://usbip.sourceforge.net/>
[1] <https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/drivers/usb/usbip/usbip_protocol.txt>
[2] <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12127>
Bug: 12127
Change-Id: I4e557dc274017eb029c7af2717a62be4b00aebda
Reviewed-on: https://code.wireshark.org/review/13797
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
the code in question deals with the scenario where the length field's
value is larger than the number of remaining bytes
we can simply stop the dissection if truncation of the data is expected
if not, we continue disecting and we'll get an exception when we reached
the end of the data...
Change-Id: I3f29df694d9ea7d41f19511d267ef6b785527e3c
Reviewed-on: https://code.wireshark.org/review/13624
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
It's not tied to the frame_data structure any more, so it belongs by
itself.
Clean up some #includes while we're at it; in particular, frame_data.h
doesn't use anything related to tvbuffs, so don't have it gratuitiously
include tvbuff.h.
Change-Id: Ic32922d4a3840bac47007c5d4c546b8842245e0c
Reviewed-on: https://code.wireshark.org/review/13518
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Add fields for the absolute time stamp (and another field for a presence
flag for the absolute time stamp) and the packet encapsulation for the
packet.
This lets us remove the field for the packet encapsulation in the
frame_data structure; do so.
Change-Id: Ifb910a9a192414e2a53086f3f7b97f39ed36aa39
Reviewed-on: https://code.wireshark.org/review/13499
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
MA USB packets with USB payload are now passed into the USB dissector.
This allows the payload to be dissected by the USB sub-dissectors.
1. Refactor dissect_usb_common() and put the code needed for finding USB subdissectors
into a seperate helper function.
2. Add dissect_usb_payload() call
3. Add dissect_mausb_pkt_common() helper function
4. Put code for dissecting all types of MA USB packets into helper
function dissect_mausb_pkt().
5. Add dissect_mausb_pkt_data() helper function
6. Put code for dissecting MA USB datapacket-specific fields into helper
function dissect_mausb_pkt().
7. Use proto_tree_add_bitmask() call for MA USB bitfields.
8. Create packet-mausb.h to expose MA definitions to USB dissector
9. Dissect MA USB payload with USB subdissectors
10. Undeclare USB calls no longer used by MA USB dissector
Change-Id: I456714572cd8dfc9982b087670ca73c17e25a26c
Signed-off-by: Sean O. Stalley <sean.stalley@intel.com>
Reviewed-on: https://code.wireshark.org/review/13187
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8512cfa1d424f82a873a0e0e1d22c7b075fdd7f3
Reviewed-on: https://code.wireshark.org/review/13069
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The kernel sets the URBs status to -EXDEV in this case. Don't require
status == OK in this case.
Set pinfo->p2p_dir for USB packets. Sent/received is from the
perspective of the host.
Bug: 11868
Change-Id: I2be2348507bef47272d3d8786019ec90457141ac
Reviewed-on: https://code.wireshark.org/review/12731
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
the byteswap function is now called pcap_byteswap_linux_usb_pseudoheader()
Change-Id: Iefceaccf4eabb96228bf8ea53fc5814f9a0ae502
Reviewed-on: https://code.wireshark.org/review/12574
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: Ie39ef054a4a942687bd079f3a4d8c2cc55d5f22c
Reviewed-on: https://code.wireshark.org/review/12485
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Some drivers do a probing access to the descriptor to fetch just the length field
Change-Id: Idd07a1e66800afcc838beb795594a4505ce13e82
Reviewed-on: https://code.wireshark.org/review/12250
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Picking off "easy" dissectors that only have one or two exit points at most.
Change-Id: I9c7d1c092bbae896ec0c2832617891346927f2e1
Reviewed-on: https://code.wireshark.org/review/11932
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
