Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Remove ETTs that do not match the standard.
|
|
Update manuf, services enterprise numbers, translations, and other items.
|
|
When breaking up a raw HDLC byte stream into frames, each frame
should be treated separately, much like it were a new frame in
an ordinary capture file. That means that many of the elements
in the big packet_info struct should be reset for each new frame.
In particular, the "most recent conversation" information stored
in conv_elements and conv_addr_port_endpoints should be reset.
This is not that different to how multiple PDUs should be handled
in some other protocols (DVB-S2, TCP, etc.). When a frame contains
protocol layers A, B, then C, we should distinguish between "C is
contained within B within A" and "C and B are consecutive PDUs both
contained within A."
Unfotunately, it's difficult to handle this in a general way, as we
don't know when calling the dissector for a PDU whether another PDU
will follow or not. If something is the last PDU, we don't want to
reset the last addresses/ports/conversation, so that we can access
them for display purposes, conversation filters, the related packets
line, follow stream, etc., many of which use find_conversation_pinfo
Fix #18278.
|
|
|
|
This patch fixes 3 bugs where tvb_bytes_to_str_punct length was not
checked.
Fixes: #18865
|
|
|
|
This is mean to use the value to select the correct field length.
Fix Coverity CID 1517107, 1517124, 1517136, 1517164, 1517184, 1517195.
|
|
Some of the item length changes in !9655 needed to be done with
the ASN.1 templates so that they don't get lost on ASN.1 regeneration.
Fixup ed8ee831fda2df69657af95dc34a3ea6b3ef4c88
|
|
|
|
As requested [here][1] by @eapache, help with removing calls to
`wmem_packet_scope()` in favour of references to `pinfo->pool`.
* Plugins chosen semi-randomly.
* When a calling function already has a `pinfo` argument, use that.
* Remove `_U_` from its signature if it was there.
* If a function seems narrowly focused on getting and (possibly)
returning memory, change the function signature to take a
`wmem_allocator_t *`.
* If it seems more focused on packet-based operations, pass in a
`packet_info *` instead and use `pinfo->pool` within.
* If there are several functions defined with the same call
signature, add `pinfo _U_` to the argument list of similar
functions in order to maintain clarity/symmetry.
[1]: https://www.wireshark.org/lists/wireshark-dev/202107/msg00052.html
|
|
|
|
|
|
This fixes the dissection of RDTCI subfunction.
Fixes: #18873
|
|
|
|
The PTP analysis code did not support very long traces, in which the PTP
seqid wrapped around (~2.27 hours with 125ms intervals). This is fixed
by ensuring that PTP messages are only matched, if less than 60s apart.
Fixes: #18872
|
|
|
|
mssage => message
|
|
line 764: Value stored to 'subtree' is never read
|
|
Fixes: #18871
|
|
The tests in `packet-tls-utils.c` for GREASE values aren't strictly
correct, in that they would falsely ignore a value such as 0x1a2a.
Create a macro to replace this test, which also serves to document the
intent of the test to future developers.
Also create a macro for the reserved values of QUIC transport parameters
which serve a similar function as GREASE.
|
|
|
|
|
|
- Added topic name (tq) suffix in the column information.
- Added topic query kind field dissection
- Added filter for last and intermediate DATA_SESSION submessages
|
|
|
|
- Endpoint List Get Response
- Endpoint Responders Get Response
|
|
While there, fix also the reporting of unknown types or events
of timers.
|
|
[-Werror=clobbered]
|
|
|
|
|
|
|
|
I leave it to those more familiar with the protocol to explain this
better or in more detail and, if possible, to come up with a better way
of doing this.
|
|
Now S2L_SUB_LSP objects shows up as "rsvp.s2l_sub_lsp" instead of "rsvp.obj_unknown".
|
|
While there, improve the handling of unknown event types.
|
|
|
|
Change ENC_NA to ENC_LITTLE_ENDIAN for following Short SSID items:
- hf_ieee80211_ff_fils_discovery_short_ssid
- hf_ieee80211_short_ssid
|
|
|
|
Some classes, most notably Mass Storage, use STALL (instead of ZLP) to
prematurely end transfer. Finish reassembly when dissecting STALL. For
IN transfers ending reassembly is pretty straightforward and resembles
ZLP packet. For OUT transfers the reassembled URB is opposite direction
than the STALL handshake itself and last data packet may not be part of
reassembled URB. The last OUT data packet is part of reassembled URB
only if packet was acknowledged with NYET before endpoint was STALLed.
|
|
|
|
Use the names from RFC 9293 for consistency.
|
|
Fix:
Unused href entry: epan/dissectors/packet-rtps.c: hf_rtps_flag_timestamp_present
created from e93f42350400687800262925839fb14f40ab234b
|
|
According to the Bluetooth Core Specification v5.3, Volume 2, Part C,
Section 5.1, the Name_Offset parameter of the LMP_NAME_RES PDU should be at
offset 2 in the payload and Name_Length should be at offset 3.
|
|
|
|
|
|
The kernel unfortunately doesn't indicate which payload type
it is. In particular, it might be an Ethernet packet or an IP one,
depending on how the SKB has been generated.
We work around this issue by guessing if the packet contains the
EtherType at the right offset to be an Ethernet packet, and decode
accordingly the payload.
|
|
|
|
|
|
|
|
|
|
If MSP_FLAGS_REASSEMBLE_ENTIRE_SEGMENT is set (because the dissector
asked for one more segment) but the new segment didn't result in
a completed reassembly (because it overlapped and didn't add new
data), don't clear the REASSEMBLE_ENTIRE_SEGMENT flag.
Related to #18411
|