Age | Commit message (Collapse) | Author | Files | Lines |
|
These are all very obvious what was intended, and should be
tvb_new_subset_length() or tvb_new_subset_remaining() instead.
A few of them could throw exceptions (and sometimes the wrong
exception) on packets where the captured length was not the full
reported length, but for most of these this change has no effect
(especially after commit 0c4dcc164be292790faa4707ccf06dfb6dc9dcb9)
This makes it easier to find the calls that need fixing.
|
|
Individual frame status codes can differ from overall request status.
For example when one of the two frames in isochronous IN status code is
kIOReturnNotResponding, then the request status will also be set to
kIOReturnNotResponding regardless of which frame did error.
Do not repeat the request status for all frames as it brings no value
and can actually mislead the user if frames do not share the same status
code.
|
|
The status values are taken from IOKit IOReturn.h. The value 0xe00002ed
(kIOReturnNotResponding) is reported when timeout occurs on isochronous
IN endpoint.
|
|
Initial BOS dissector implementation supports only USB 2.0 Extension
Descriptor (as defined in USB 2.0 ECN Errata for Link Power Management)
and Platform capability descriptor (WebUSB and Microsoft OS 2.0 UUIDs
are dissected).
|
|
number_of_packets (0x18) is 0xffffffff for non-iso transfers
so don't add -1 * 4 * 4 = 16 bytes to the expected packet length
Signed-off-by: Steve Bennett <steveb@workware.net.au>
|
|
|
|
|
|
|
|
Set the direction based on request type in a similar manner as it done
for other URB types, i.e. set source to host on URB submit. Correctly
set bus number based on locationID upper 8 bits.
Fixes #16768
|
|
Formerly only the class specific dissectors could be registered for
bulk, control and interrupt endpoints. While this is sufficient for
major classes, there are some classes that only use one or two of
possible class/subclass/protocol triple values. Allow registering
specific triples so appropriate dissector can be automatically selected
based on CONFIGURATION DESCRIPTOR data.
Register DFU Run-Time and DFU Mode triples so user no longer needs to
manually set Decode As for USB DFU.
|
|
The setup and data flags are single characters, displayed as
ASCII if printable ASCII or otherwise escaped, with a special
value when 0. FT_CHAR is the appropriate type for that. Use
range strings to handle the special case formatting. This
allowing using proto_tree_add_item.
Fix #18359. Fix #18360. Fix #18361.
|
|
A conversation in Wireshark might have two endpoints or might have no
endpoints; few if any have one endpoint. Distinguish between
conversations and endpoints.
|
|
More {host, hostlist} -> endpoint.
|
|
It's an endpoint table, not a table of hosts.
|
|
The "conversation table" mechanism supports two types of tables, one for
the "Conversations" menu item under "Statistics" and one for the
"Endpoints" menu item under "Statistics". The first of them shows
statistics for conversations at various layers of the networking stack;
the second of them shows statistics for endpoints at various layers of
the networking stack.
The latter is *not* a table of hosts; an endpoint might be a host,
identified by an address at some network level (MAC, IP, etc.), or it
might be a port on a host, identified by an address/port pair.
Some data types, function names, etc. use "host" or "hostlist" or other
terms that imply that an endpoint is a host; change them to speak of
endpoints rather than hosts, using names similar to the corresponding
functions for conversations.
Provide wrapper functions and typedefs for backwards source and binary
compatibility; mark them as deprecated in favor of the new names.
Clean up some comment errors found in the process.
|
|
Allows packets to be filtered but marked and not removed from the
tap listing. Additionally a total is calculated for all rx/tx frames
and bytes
|
|
This allows flags to be passed by the registering listener
to the collection of information
|
|
Introduce Wireshark specific enum to facilitate USB speed specific
dissection. Any similarity of actual enum values with any protocol
is coincidence and should not be relied upon.
Rename speed defines in USBIP dissector to not collide with Wireshark
USB speed enum. The values used in USBIP are implementation specific.
Allow user to set capture speed in USBLL dissector preferences. Use the
selected speed in USB dissector to sanitize endpoint maximum packet size
value based on speed specfic requirements from USB 2.0 specification.
Close #18062
|
|
|
|
Other speed config descriptors are identical to config descriptors, it's
just the request that is different. Handle this request so that other
speed config responses are decoded.
|
|
Use macros from inttypes.h with format strings.
|
|
These display bases work to replace unprintable characters so the
name is a misnomer. In addition they are the same option and this
display behaviour is not something that is configurable.
This does not affect encodings because all our internal text strings
need to be valid UTF-8 and the source encoding is specified using
ENC_*.
Remove the assertion for valid UTF-8 in proto.c because
tvb_get_*_string() must return a valid UTF-8 string, always, and we
don't need to assert that, it is expensive.
|
|
Create pseudo URB and pass the reassembled data to USB URB dissector.
Reassembly for control transfers is not problematic as the transfer
length is known. For bulk transfers assume the transfer can span across
multiple transactions, however for periodic (interrupt and isochronous)
assume the transfer never spans across multiple transactions.
Rely on USB dissector to provide endpoint maximum packet size. Actual
interface/configuration handling in USB dissector needs to be reworked
as the code assumes that there is only one configuration and alternate
interface configurations have matching endpoints.
While the reassembly bulk transfers and never reassemble periodic
transfers result in pretty good dissection, the USB class dissectors
need a mechanism to provide transfer size hints to USBLL dissector.
Such hint is not needed for software USB capture as software sniffers
essentially capture URBs and every transfer is associated with one URB.
The problem can be seen for example in Mass Storage Class where it is
common for data transfers length to be multiple of endpoint maximum
packet size. Because USBLL dissector doesn't know expected transfer
size, it combines together data and status transport.
Related to #15908
|
|
Automated find/replace of wmem_packet_scope() with pinfo->pool in all
files where it didn't cause a build failure.
I also tweaked a few of the docs which got caught up.
|
|
Add macros to round to multiples of 2, 4, 8, 16, and 32.
Use them instead of independently defined macros.
(We don't define a general "round to a power of 2" macro to avoid the
risk of somebody passing something other than a power of 2 to it.)
|
|
Most of the time, the return value tells us nothing useful, as we've
already decided that we're perfectly willing to live with string
truncation. Hopefully this keeps Coverity from whining that those
routines could return an error code (NARRATOR: They don't) and thus that
we're ignoring the possibility of failure (as indicated, we've already
decided that we can live with string truncation, so truncation is *NOT*
a failure).
|
|
For class-specified HID request with data fragment, the original codes perform repeated dissection.
For example, the SET REPORT REQUEST 21 09 02 02 03 00 02 00 02 00 would be dissected as:
Setup Data
bmRequestType: 0x21
0... .... = Direction: Host-to-device
.01. .... = Type: Class (0x1)
...0 0001 = Recipient: Interface (0x01)
bRequest: SET_REPORT (0x09)
wValue: 0x0202
ReportID: 2
ReportType: Output (2)
wIndex: 3
wLength: 2
bRequest: 9
wValue: 0x0202
wIndex: 3 (0x0003)
wLength: 2
Data Fragment: 0200
And dissected as below after the codes removed:
Setup Data
bmRequestType: 0x21
0... .... = Direction: Host-to-device
.01. .... = Type: Class (0x1)
...0 0001 = Recipient: Interface (0x01)
bRequest: SET_REPORT (0x09)
wValue: 0x0202
ReportID: 2
ReportType: Output (2)
wIndex: 3
wLength: 2
Data Fragment: 0200
|
|
|
|
Some of the fiels that are claimed to be in "host endian byte order" are
also used for the Linux USB/IP protocol, where they're big-endian.
Change-Id: I8e17d6d6e848ba9cd3465bb3b1debe385c522392
Reviewed-on: https://code.wireshark.org/review/38022
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
We now have ENC_HOST_ENDIAN, so we can use it to add host-endian fields
with proto_tree_add_item().
Instead of fetching field values directly, use
proto_tree_add_item_ret_{}int() to get the value.
Change-Id: I96b9a55174594bf04f805af559c2521cd813e8f3
Reviewed-on: https://code.wireshark.org/review/38021
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
The type for this field really can be -ve - it corresponds to errno.
Change-Id: I842664b692ffd944a0c02ad5de750b321b247dbf
Reviewed-on: https://code.wireshark.org/review/38019
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
The field does seem to be an int (kernel/srouce/drivers/usb/mon/mon_bin.c),
so item type (FT_INT32) is correct, but was using uint API.
Change-Id: I3c45785d18f890c362c96deb06120904ffea2081
Reviewed-on: https://code.wireshark.org/review/38014
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
dissect_usb_endpoint_descriptor() silently assumed that Audio Endpoint
Descriptor size is 9B. In v2.0, the last two fields are absent.
Change-Id: I5758857fd2b26e2b3430874c313769862a2a87de
Reviewed-on: https://code.wireshark.org/review/37973
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
In dissect_usbpcap_iso_packets check for a sane isochronous packet
count, otherwise we might overflow our data start offset.
Bug: 16677
Change-Id: I79534b4a519eefcf85cf4dd03424ac654bacd8c9
Reviewed-on: https://code.wireshark.org/review/37789
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The static arrays are supposed to be arrays of const pointers to int,
not arrays of non-const pointers to const int.
Fixing that means some bugs (scribbling on what's *supposed* to be a
const array) will be caught (see packet-ieee80211-radiotap.c for
examples, the first of which inspired this change and the second of
which was discovered while testing compiles with this change), and
removes the need for some annoying casts.
Also make some of those arrays static while we're at it.
Update documentation and dissector-generator tools.
Change-Id: I789da5fc60aadc15797cefecfd9a9fbe9a130ccc
Reviewed-on: https://code.wireshark.org/review/37517
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Both bus id and device address are already known when creating interface
info on the first pass. Set the values early to prevent passing zero
initialized data to dissectors.
Change-Id: I50c748eb16e0ab39fdc84f2d7503c87ae48eeae9
Reviewed-on: https://code.wireshark.org/review/37328
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Filipe Laíns <lains@archlinux.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ief4bf1d9e3bc8419f3a99187267dbb0064273c20
Reviewed-on: https://code.wireshark.org/review/36631
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
Coverity CID 1460459
Change-Id: I64c40a8c8aa85a01909c36bc35e61917c80e9327
Reviewed-on: https://code.wireshark.org/review/36258
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Dissection of "Class-specific Audio Control Interface Descriptor:
Selector Unit Descriptor" and "ENDPOINT DESCRIPTOR" for USB Audio
Device added.
The USB Audio class extended Standard USB Endpoint Descriptor 2
bytes further. A condition to check whether the interface class is
CLASS_AUDIO is added and the 2 bytes are dissected.
Change-Id: I63f1334df71b9e8cd92a299d533b732b0a13ace7
Reviewed-on: https://code.wireshark.org/review/36250
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Set usb conversation info vendor, product and version based on values
recorded in device product data. This results in USB dissectors that
register on VID/PID to get correct vendor, product and version
information if configuration descriptor is not present in the capture.
One such dissector is FTDI FT where the version is used to determine
chip type.
Ping-Bug: 11743
Change-Id: Idcc361861b616222e32fc0d8cef9f9dd687cf1e4
Reviewed-on: https://code.wireshark.org/review/36243
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Filipe Laíns <lains@archlinux.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Pass chip and interface information from FTDI FT to MPSSE dissector.
Set usb_conv_info_t field deviceVersion to bcdDevice field from DEVICE
DESCRIPTOR so USB dissectors can use it. In case of FTDI FT chips, the
bcdDevice value is used to determine chip.
Ping-Bug: 11743
Change-Id: I4f2cf5d50355d914fef51cf7e268064b02bc02ed
Reviewed-on: https://code.wireshark.org/review/36147
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Filipe Laíns <lains@archlinux.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I7a818a11352e437a9492f896557c3348abe33c95
Reviewed-on: https://code.wireshark.org/review/35668
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
CDC Data interfaces are linked with Communications and CDC Control
interfaces via Union Functional Descriptors. Store subordinate to master
interface connection during descriptor dissection and use that
information to determine if CDC Data is Ethernet or not.
Bug: 14587
Change-Id: I442262186319969303af9ac3a7c17aad19cecab8
Reviewed-on: https://code.wireshark.org/review/35496
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Currently only following packets have the address fields populated:
* SETUP
* OUT
* IN
* PING
* SPLIT
Although only some packets have the fields populated, this already makes
trace analysis significantly easier.
Ping-Bug: 15908
Change-Id: I5a5c0e210cb1ceb8e8a747349c4da33ac84ec4c9
Reviewed-on: https://code.wireshark.org/review/34039
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Bug: 15842
Change-Id: I63188c30e1747a65c2a2a7cce498b5777122fec3
Reviewed-on: https://code.wireshark.org/review/33628
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
USBPcap 1.5.0.0 features two main changes:
* Introduction of USB IRP Info transfer type (0xFE)
This type is used when the IRP is of general interest to the user,
but does not really directly match to any USB payload. When such
type is encountered, display the URB Function code in Info column.
Currently following URB functions are recorded as USB IRP Info:
* URB_FUNCTION_SYNC_RESET_PIPE_AND_CLEAR_STALL
* URB_FUNCTION_SYNC_RESET_PIPE
* URB_FUNCTION_SYNC_CLEAR_STALL
* URB_FUNCTION_ABORT_PIPE
* URB_FUNCTION_CLOSE_STATIC_STREAMS
* Introduction of control stage COMPLETE (0x03)
The control transactions are now recorded as 2 packets: SETUP and
COMPLETE. All Wireshark versions since the USBPcap pseudoheader
support was implemented correctly pass the data to subdissectors.
This makes the USBPcap control packets behave just like usbmon.
Ping-Bug: 15842
Change-Id: Idc0edf2a0fcf58997531c492293e0719f037493f
Reviewed-on: https://code.wireshark.org/review/33623
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
USBPcap control status packets for non standard request types (eg.
Vendor) were incorrectly treated as the standard request type. This
resulted in confusing Info column description.
Describe status packet of non standard request types as "URB_CONTROL
status". Do not try any extra labelling as the overall idea of
Setup/Data/Status is not too good and will be revised in future USBPcap
versions.
Ping-Bug: 11743
Ping-Bug: 15842
Change-Id: Iade5cb85aa01e65874006eb4c7a242568f07b7c8
Reviewed-on: https://code.wireshark.org/review/33596
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
The title of a decode_as_t was used by the GTK UI. It's no
longer required for Qt.
Change-Id: Ibd9d4acbe9cad2c1af520340d04e550326a97ebe
Reviewed-on: https://code.wireshark.org/review/33557
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Note that this dissector covers the USB to serial only. FTDI
Multi-Protocol Synchronous Serial Engine (MPSSE) should be implemented
as separate dissector receiving data from FTDI FT dissector if the chip
has MPSSE.
Ping-Bug: 11743
Change-Id: I1f2e2b56b9351442f7ddbe97106b5f166de2cdca
Reviewed-on: https://code.wireshark.org/review/33520
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|