Age | Commit message (Collapse) | Author | Files | Lines |
|
we already have an expert info, so we can just return the number of
bytes in the tvb
Change-Id: I6199760316d7ef141877bc8f65012d36e4dd357b
Reviewed-on: https://code.wireshark.org/review/15925
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Ping-Bug: 12429
Change-Id: I618b2017e161d89f0efa25ce2fb82a1808e8d315
Reviewed-on: https://code.wireshark.org/review/10701
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Change-Id: Ic644042d238b5f2abcd874bca92c6dea55804ba9
Reviewed-on: https://code.wireshark.org/review/15913
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Add REC_TYPE_SYSCALL to wiretap and use it for Sysdig events. Call the
Sysdig event dissector from the frame dissector. Create a "syscall"
protocol for system calls, but add "frame" items to it for now.
Add the ability to write Sysdig events. This lets us merge packet
capture and syscall capture files.
Change-Id: I12774ec69c89d8e329b6130c67f29aade4e3d778
Reviewed-on: https://code.wireshark.org/review/15078
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Even though TCP window scale shift is only 8 bits, the scale
calculated from it is max 16384. therefor a 16 bit value.
Let the tree item map to the single byte in the TVB, while
allowing the value to be 16 bit.
Bug: 12525
Change-Id: I41cebc62f6b8b09e13efa5f3b7432001e8d994e1
Reviewed-on: https://code.wireshark.org/review/15914
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Most protocols just want to limit COL_INFO or COL_PROTOCOL
so give that level of granularity.
Bug: 12144
Bug: 5117
Bug: 11144
Change-Id: I8de9b7d2c69e90d3fbfc0a52c2bd78c3de58e2f8
Reviewed-on: https://code.wireshark.org/review/15894
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
assertion.
If a dissector forces registration of fields during dissection it needs to do
so in a way that clears the prefix registration. Otherwise epan will call the
registration routine a 2nd time (which will cause us to assert out) if a user
types a display filter (with the dissector's prefix) that doesn't exist.
Update the proto_register_prefix() comments to reflect this.
Change-Id: I3ce29243395fb55192bb5dfd950baa88410ac136
Reviewed-on: https://code.wireshark.org/review/15881
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
|
|
don't copy the wmem-buffer from address_to_str() into a g_malloc()ed one
that is never freed
instead, realloc the wmem-buffer and add the nfs path to it
(nfs_name_snoop_add_name() will make a copy internally)
Change-Id: I4274a4a413c09f3f1d78beba65d94748ce185413
Reviewed-on: https://code.wireshark.org/review/15902
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Dirty CORBA IDL dissectors must be compiled without -Werror option
Change-Id: I46431c635274399cd6d365a608cdc0aecbc59c95
Reviewed-on: https://code.wireshark.org/review/15911
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
The stats for mDNS and llmnr are pending. The change just resolves a bug
in the stats that are wrongly generated when the traffic is mDNS or LLMR.
Bug: 12492
Change-Id: Ie772e204d0ddea997dd8cbf609725605c8a507c8
Reviewed-on: https://code.wireshark.org/review/15897
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Bug: 5350
Change-Id: I4b2d60549f9680bbc008a2abba5d7ec108f6bf22
Reviewed-on: https://code.wireshark.org/review/15905
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
By default Windows files are compiled with /O2 optimization flag (that brings the best performance).
But MSVC2013 x64 compiler generates buggy code for CORBA IDL dissectors.
Let's downgrade the optimization to /Ox for those files specifically.
Bug: 12495
Change-Id: Ibbb532653808d915c82bd20b55dd9e68d86b1207
Reviewed-on: https://code.wireshark.org/review/15884
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
WLAN_IGNORE_PROT_
Change-Id: I870cc1e5293dd6e1a1b71157987e27399e080a73
Reviewed-on: https://code.wireshark.org/review/15904
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
Change-Id: I3d00b710c6fc6e5798ecc5eca9af11ccac920e5a
Reviewed-on: https://code.wireshark.org/review/14913
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I24d0320cd164ead2802af37d07016c9c46d18e9e
Reviewed-on: https://code.wireshark.org/review/15903
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
Change-Id: I494cbb8c3c6da18dfd7901d098dde6448226f67e
Reviewed-on: https://code.wireshark.org/review/15711
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 11755
Change-Id: Iecf7ce4bfad45d0c49f3af205e8489e53077198b
Reviewed-on: https://code.wireshark.org/review/15889
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
found by Clang
Change-Id: I158a5fd8a645cd4d58565a6a4ee64371d271eb8e
Reviewed-on: https://code.wireshark.org/review/15892
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
if the length is too large, we can simply skip nfs_name_snoop_add_name()
and the code to prepare its input
Change-Id: I30c9a89edf7b48c45b52e7dad099ac4151f7f4a7
Reviewed-on: https://code.wireshark.org/review/15883
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
remove the checks in dissect_ndr_ucarray_core() where a block or bytes
dissection function is called and an exception is thrown if the offset
wraps around, i.e. the final offset is lower than the initial one
the block functions eventually call proto_tree_add_item(), which throws
an exception if necessary
the bytes functions end up calling functions to dissect basic types.
insert calls to tvb_ensure_bytes_exist() if those functions increase our
offset without reading data. thus, an exception is thrown if there's an
overflow.
remove some unnecessary if (tree) checks while at it
Change-Id: I8006399ae20934daeec231246debe247f8dedbf0
Reviewed-on: https://code.wireshark.org/review/15832
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
packet-ieee1722.c now contains the entire protocol.
packet-ieee1722a.c file was removed, because the term 1722a is outdated
and now part of 1722 protocol.
Change-Id: Ic2f44a2752f9254cde62d878dc971f09cddc5adc
Reviewed-on: https://code.wireshark.org/review/15810
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: If13ffe4ddb9ae08e738ccf0c715dc12ce7a076e8
Reviewed-on: https://code.wireshark.org/review/15834
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
which shouldn't have any impact on performance
we should not remove the chcks around blocks where
vb_format_text() is called
Change-Id: Idc191cc70e7458225bbc5dfececb3c88c83ab5f1
Reviewed-on: https://code.wireshark.org/review/15879
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
do the special handling for len==0 and tag==ISNS_ATTR_TAG_PORTAL_GROUP_TAG
before going into the different attributes
Bug: 12503
Change-Id: I4dd6dcea25aba2e4963811a7a85f1eed1b906bcd
Reviewed-on: https://code.wireshark.org/review/15875
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The formatting of the address type is determined by a preference in
packet-mtp3.c, so just make MTP3 register the address type.
Use address_type_get_by_name in other dissectors (and export_pdu)
to use the address type.
Change-Id: Ifb32d7de27aeaa23cee8e803e25ffb3c905547b5
Reviewed-on: https://code.wireshark.org/review/15856
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ib7096039aa9761fda96ed8552899833597ba70a6
Reviewed-on: https://code.wireshark.org/review/15812
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Ib40f78a0d1822bf216af0911f9672c750a78b265
Reviewed-on: https://code.wireshark.org/review/15813
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
It's only needed for a few milliseconds--there's no need for it to stick around
until the epan scope ends.
As discussed on I51813815babb4c40722c38459139ab9e3e3ccb42.
Change-Id: I81fef351ef2d700cc5ec5866340605704173fbdb
Reviewed-on: https://code.wireshark.org/review/15861
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
(removed spaces)
(removed C++ style comments)
Change-Id: I0f6c7586486b48eab8659a048be451ce3fe1c72b
Reviewed-on: https://code.wireshark.org/review/15850
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This allows the decoupling of a dissector registering an address type
so it doesn't need to export the returned registered type.
Change-Id: I49c913d042e70bd4b7ea1e964ba9511bb27304f5
Reviewed-on: https://code.wireshark.org/review/15855
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It has been deprecated and replaced with dissector_add_for_decode_as.
Change-Id: I5a4976f83951f749e70b5267570fca188daa7a07
Reviewed-on: https://code.wireshark.org/review/15854
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 12511
Change-Id: Ic9af8358e2a8110f53c587201cafc337630c302a
Reviewed-on: https://code.wireshark.org/review/15858
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Ping-Bug: 12511
Change-Id: I6193e3bb084adf9925bb6800a756804164030630
Reviewed-on: https://code.wireshark.org/review/15857
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Ie5d859e166fbc8073be88cbbd96bffa877e6b654
Reviewed-on: https://code.wireshark.org/review/15865
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Change-Id: I535aba36cc906e8d78cb594900e9a7fdcbd26c83
Reviewed-on: https://code.wireshark.org/review/15828
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Bug: 12512
Change-Id: I5672ff3b8c4e8afcc82e957933330e0bf9454b08
Reviewed-on: https://code.wireshark.org/review/15593
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
just return the overall length even if the value is not in line with the
protocol specification
Change-Id: Ieeb5d1d265acb6de807a1175f07c7981db4b6c2b
Reviewed-on: https://code.wireshark.org/review/15833
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The loop reading through the command data doesn't progress through
it, it just reads until the available data (represented by max_length)
runs out. It therefore:
- doesn't present the commands
- doesn't detect a missing final marker bit (CID-281394)
This change does make the code progress through the command data,
fixing both issues in the process.
Change-Id: I61ba8b56b4a153affe9b4f9a574267f981ef0594
Reviewed-on: https://code.wireshark.org/review/15825
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The Gateway Control Protocol (Context Tracking) is used by both H248
and MEGACO, so the functionality was refactored to epan, but should
really be kept in the dissector directory to minimize (and eventually
completely remove) the epan directory's dependence on it.
Change-Id: I387b46aecde97234086bfdb7d8c546854fa301cd
Reviewed-on: https://code.wireshark.org/review/15798
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I6734fe448e4ee6f20a0d57b1aaae5e7e61f0cb5c
Reviewed-on: https://code.wireshark.org/review/15811
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Fail if:
1) you have an AT_NONE address with data;
2) you have a non-AT_NONE address with a zero length and a
non-null data pointer, or with a non-zero length and a null
data pointer.
When comparing addresses for equality, just make sure the types are the
same, the lengths are the same and, if the lengths are non-zero, the
data is the same; don't treat AT_NONE specially - the "lengths are
non-zero" check will make sure we do the right thing.
Make sure when we create an AT_NONE address it has a zero length and
null data pointer.
Change-Id: I5c452ef0d140c2d9aef3004f1cfd124a95b78fb2
Reviewed-on: https://code.wireshark.org/review/15839
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
p_add_proto_data/p_get_proto_data.
Change-Id: I0380151fb0f45063b81bc55dd5b8dc4add99ad30
Reviewed-on: https://code.wireshark.org/review/15794
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8513ef550e81a97e1a8ac1c1f365355118d5ebae
Reviewed-on: https://code.wireshark.org/review/15827
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
the condition for THROW() will never be true
there's no way to decrement offset below its initial value
the dissect_browser_TYPE_x_data() functions read a uint32 and increment
offset by 4 + the uint32 value that was read
Change-Id: Ia5a63e714ffa0add601960d858452152e4d9b10b
Reviewed-on: https://code.wireshark.org/review/15627
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Iec3595a9ee0f7037af1f949804f1022f315d1edc
Reviewed-on: https://code.wireshark.org/review/15824
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Device dialog appears when user double clicks on device in
Devices dialog (Bluetooth->Devices). It provides
summary of device, like BD_ADDR, name, timeouts, etc.
Base on information from HCI layer, so this feature is more interesting
for local devices (capturing on its side). Each field has changes counter,
what mean that value at specified field changes in time, for example:
user change device name 3 times. Please note that initial change
is not counted. It means that you can see fielkd without any value
then change occur and counter is not increased. It will be increased
next time. Reason for that is in most cases field value is unknown
at start.
Change-Id: Ife0a6bd454eac00a28f8eb2906e1b395695b0307
Reviewed-on: https://code.wireshark.org/review/15793
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
|
|
Issue reported by Brent Lovelace https://www.wireshark.org/lists/wireshark-dev/201606/msg00034.html
Change-Id: If296f01747316ddbe28e88d4d11d9df90d68bc5d
Reviewed-on: https://code.wireshark.org/review/15800
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
When entering a loop with check for minimum length, don't stick
to the pattern of checking length first thing.
Change-Id: I28c414108efa5499dbacd8527b2c3e654e49e808
Reviewed-on: https://code.wireshark.org/review/15795
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The code tries to show a file handle when the file is relative
to it, but doesn't actually make that determination. Extract the
relevant bit and use that to flag the relative file.
Change-Id: I7259c8843dc388b9dda96a73399a6da5575d3f5e
Reviewed-on: https://code.wireshark.org/review/15789
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I9595abf882adb821fd3c08532afba1b7e20412fe
Reviewed-on: https://code.wireshark.org/review/15788
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|