Age | Commit message (Collapse) | Author | Files | Lines |
|
In WCCP V2, check whether the length field runs past the end of the
packet (actual packet data, not captured data) and, if so, report an
error with expert info, otherwise use the length field to set the length
of the tvbuff. That allows the dissector to just use the tvbuff checks
to do length checks, so eliminate manual length checks.
In find_wccp_address_table(), stop if we run past the reported length or
packet length; if we fail to find an address table because we run past
the captured length, we should probably note that if we're trying to
dissect addresses.
Don't do any other checks against the captured length, just throw the
BoundsError assertion, to report that the packet was cut short during
the capture process.
When creating a protocol subtree for an item, give it a "to the end"
initial length", and only set the length when we're finished dissecting
the item, based on the amount of data dissected.
Don't speak of dissectors in expert info - the user needn't know what a
dissector is; what matters is what the protocol specifies.
Properly report "item is too short" errors - those are indicated by item
dissectors returning a negative value, so show the negative of that
value.
Make the top level item for a capability element be a separate item from
the element type; use hf_capability_element_type for the type rather
than the entire element, and put the type and length into the protocol
tree in that order, as that's the order in which they appear in the
packet.
Don't do capability element length checks in the capability element
dissector, do it in the dissector for the particular capability element,
and don't fail with a dissector bug report, fail with an expert info.
Sort the ett[] array to match the list of ett_ definitions, to make it
easier to check that they're all registered.
Change-Id: I6545e000b6caf9824f89234602635668fa1d38d6
Reviewed-on: https://code.wireshark.org/review/3754
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I3efa2a81ab2685cde6eae0a00b24520478a545ce
Reviewed-on: https://code.wireshark.org/review/2900
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html
This reverts commit 246fe2ca4c67d8c98caa84e2f57694f6322e2f96.
Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9209c1271967405c34c1b6fa43e1726a4d3a5a3f
Reviewed-on: https://code.wireshark.org/review/2377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
any actual difference)..
Change-Id: I0766d0f130648aaa5a58d9f4062fa24e898cbdc3
Reviewed-on: https://code.wireshark.org/review/545
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
svn path=/trunk/; revision=54773
|
|
obvious that the returned string is ephemeral, and opens up the original names
in the API for versions that take a wmem pool (and thus can work in any scope).
svn path=/trunk/; revision=54249
|
|
svn path=/trunk/; revision=54085
|
|
svn path=/trunk/; revision=53194
|
|
svn path=/trunk/; revision=53189
|
|
- when the text parameter is constant col_add_str() and col_set_str() are equivalent but col_set_str() is faster.
- same for replace col_append_fstr and col_append_str
- remove col_clear() when it's redundant:
+ before a col_set/col_add if the dissector can't throw an exception.
- replace col_append() after a col_clear() with faster col_add... or col_set
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9344
svn path=/trunk/; revision=52948
|
|
svn path=/trunk/; revision=52591
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9252 :
Fix WCCP fix hash buckets assignment info decoding
svn path=/trunk/; revision=52464
|
|
svn path=/trunk/; revision=52287
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9187
Fix some minor length calculation mistakes in the WCCP decoder.
svn path=/trunk/; revision=52260
|
|
"tshark -v" tested
svn path=/trunk/; revision=51988
|
|
svn path=/trunk/; revision=51852
|
|
Remove NULL tree check at start of dissection to ensure expert info is populated.
Overall I think the logic could be a little cleaner (length checking and its tie to expert info seems excessive), but I'm not familiar enough to be comfortable making the changes.
This dissector appears to be vulnerable to DOS attacks through its unsigned 16-bit length fields (just from static inspection). Having the length be a signed 32-bit value even if the length in the protocol field is an unsigned 16-bit value could simplify some of the logic.
svn path=/trunk/; revision=50310
|
|
The attached patch fixes the integer type of the WCCP identity mask value.
This is a bitmask which should be printed as hex, it doesn't make sense to
print it as an IPv4 address. See
http://tools.ietf.org/id/draft-wilson-wrec-wccp-v2-01.txt section 5.7.7 and
the attached capture file as an example.
The current draft http://tools.ietf.org/html/draft-mclaggan-wccp-v2rev1-00#section-6.15
doesn't mention "mask" in the names of the field any more, but the description
still describes them as mask values.
svn path=/trunk/; revision=50211
|
|
svn path=/trunk/; revision=49923
|
|
svn path=/trunk/; revision=49806
|
|
svn path=/trunk/; revision=49805
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8635: Fix bugs found by Coverity: CID's 1026572-1026574 and 1026572.
From me: Dissector was a mix of tabs and spaces. Replace tabs with spaces and set modelines to match.
svn path=/trunk/; revision=49785
|
|
Fixes a crash I got during fuzz testing.
svn path=/trunk/; revision=49783
|
|
cc1: warnings being treated as errors
packet-wccp.c: In function 'wccp_fmt_ipadddress':
packet-wccp.c:555: warning: declaration of 'index' shadows a global declaration
/usr/include/string.h:125: warning: shadowed declaration is here
packet-wccp.c: In function 'dissect_wccp2_alternate_mask_value_set_element':
packet-wccp.c:2570: warning: declaration of 'index' shadows a global declaration
/usr/include/string.h:125: warning: shadowed declaration is here
make[5]: *** [libdissectors_la-packet-wccp.lo] Error 1
make[5]: *** Waiting for unfinished jobs....
svn path=/trunk/; revision=49667
|
|
via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8635
This is an enhanced WCCP decoder handling the new draft 2.01 standard from http://tools.ietf.org/html/draft-mclaggan-wccp-v2rev1
svn path=/trunk/; revision=49666
|
|
was done using textual search+replace, not anything syntax-aware, so presumably
it got most comments as well (except where there were typos).
Use a consistent coding style, and make proper use of the WS_DLL_* defines.
Group the functions appropriately in the header.
I ended up getting rid of most of the explanatory comments since many of them
duplicated what was in the value_string.c file (and were out of sync with the
recent updates I made to those in r48633). Presumably most of the comments
should be in the .h file not the .c file, but there's enough churn ahead that
it's not worth fixing yet.
Part of https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8467
svn path=/trunk/; revision=48634
|
|
svn path=/trunk/; revision=47427
|
|
Cast away some implicit 64-bit-to-32-bit conversion errors due to use of
sizeof.
Cast away some implicit 64-bit-to-32-bit conversion errors due to use of
strtol() and strtoul().
Change some data types to avoid those implicit conversion warnings.
When assigning a constant to a float, make sure the constant isn't a
double, by appending "f" to the constant.
Constify a bunch of variables, parameters, and return values to
eliminate warnings due to strings being given const qualifiers. Cast
away those warnings in some cases where an API we don't control forces
us to do so.
Enable a bunch of additional warnings by default. Note why at least
some of the other warnings aren't enabled.
randpkt.c and text2pcap.c are used to build programs, so they don't need
to be in EXTRA_DIST.
If the user specifies --enable-warnings-as-errors, add -Werror *even if
the user specified --enable-extra-gcc-flags; assume they know what
they're doing and are willing to have the compile fail due to the extra
GCC warnings being treated as errors.
svn path=/trunk/; revision=46748
|
|
have that one any more.
svn path=/trunk/; revision=45030
|
|
svn path=/trunk/; revision=45028
|
|
svn path=/trunk/; revision=45017
|
|
Add new parameter 'data' to heur_dissector_t and new_dissector_t, for now it's always NULL
svn path=/trunk/; revision=44860
|
|
(COPYING will be updated in next commit)
svn path=/trunk/; revision=43536
|
|
svn path=/trunk/; revision=43235
|
|
length bugfix + proto_tree_add_text() cleanup
Fixed the Web-Cache Identity Info dissection. Also converted many of the
proto_tree_add_text() to "more filterable" APIs.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5141
svn path=/trunk/; revision=43231
|
|
Also: remove trailing whitespace for a number of files.
svn path=/trunk/; revision=39503
|
|
non-autogenerated epan/dissectors:
Specifically: Replace FALSE|0 and TRUE|1 by ENC_BIG_ENDIAN|ENC_LITTLE_ENDIAN as
the encoding parameter for proto_tree_add_item() calls which directly reference
an item in hf[] which has a type of:
FT_BOOLEAN
FT_IPv4
FT_EUI64
FT_GUID
FT_UINT_STRING
Also: For type FT_ITv6 use ENC_NA. (This was missed in SVN #39260)
svn path=/trunk/; revision=39328
|
|
non-autogenerated epan/dissectors:
Specifically: Replace FALSE|0 and TRUE|1 by ENC_BIG_ENDIAN|ENC_LITTLE_ENDIAN as
the encoding parameter for proto_tree_add_item() calls which directly reference
an item in hf[] which has a type of:
FT_UINT8
FT_UINT16
FT_UINT24
FT_UINT32
FT_UINT64
FT_INT8
FT_INT16
FT_INT24
FT_INT32
FT_INT64
FT_FLOAT
FT_DOUBLE
svn path=/trunk/; revision=39288
|
|
do the same as the non-tvb equivalents but take a TVB and an offset instead
of a pointer to an array of bytes.
Their purpose is to prevent (many) dissectors from doing:
ip_to_str(tvb_get_ptr(...)).
(About the names and the location: I like the names as they are but the names
imply that they should live in tvbuff.c. That would make some sense but
I didn't want to pull to_str.h into tvbuff.c...)
svn path=/trunk/; revision=35519
|
|
keys to have _uint in their names, to match the routines that handle
dissector tables with string keys. (Using _port can confuse people into
thinking they're intended solely for use with TCP/UDP/etc. ports when,
in fact, they work better for things such as Ethernet types, where the
binding of particular values to particular protocols are a lot
stronger.)
svn path=/trunk/; revision=35224
|
|
indicate that these fields are unused in this case and must be zero.
Furthermore, if the value is non-zero, add an expert info warning about it.
Fixes bug 3631.
svn path=/trunk/; revision=34998
|
|
svn path=/trunk/; revision=32411
|
|
See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4643
svn path=/trunk/; revision=32392
|
|
svn path=/trunk/; revision=31673
|
|
Cleanup dissector code - use proper memory functions.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4164
svn path=/trunk/; revision=30691
|
|
svn path=/trunk/; revision=29346
|
|
svn path=/trunk/; revision=29345
|
|
svn path=/trunk/; revision=29249
|