Age | Commit message (Collapse) | Author | Files | Lines |
|
Tested with a sample pcap file containing an GSM GM packet (Attach
Request) with an MS Radio Access Capabilities IE containing several entries.
TODO:
* Check if by dropping the ad-hoc decoder we lose support/features.
* Drop de_gmm_ms_radio_acc_cap and replace it with
de_gmm_ms_radio_acc_cap_rlcmac(), since there are other users of that
function in other protocol dissectors. Then all benefit from the
change. More than 1k lines of code can be dropped.
* Some general clean up required
Change-Id: I096eafcb5ca31d0ad1fa63561f43853ee4e7a40f
|
|
|
|
|
|
|
|
|
|
In 3GPP 26.449 Codec for Enhanced Voice Services (EVS); Comfort Noise Generation
(CNG) aspects, Computational details and bit allocation:
For the EVS primary modes, the SID payload consists of 48 bits. The first bit of
the payload determines the CNG scheme, where 0 stands for the LP-CNG and 1 for
the FD-CNG.
|
|
|
|
Removed the type_id check when dissecting user data. That check avoids
dissection in valid cases.
|
|
|
|
Dissect MCX IE present in 802.11 packets like Beacon, Assoc Req, Assoc Res ...
|
|
Handle uTP payload to the bittorrent dissector.
Implement dissect PDUs to handle more than one bittorrent PDU
in a uTP payload.
Implement basic multisegment PDU tracking; not enough to actually
desegment, but enough to provide a hint to the start offset of the
next PDU when a PDU does span segments. (Provided that they're in
order, but OOO handling isn't implemented yet either.)
Improves #8792.
|
|
In 3GPP 26.449 Codec for Enhanced Voice Services (EVS); Comfort Noise Generation
(CNG) aspects, Computational details and bit allocation:
For the EVS primary modes, the SID payload consists of 48 bits. The first bit of
the payload determines the CNG scheme, where 0 stands for the LP-CNG and 1 for
the FD-CNG.
|
|
Closes #17666
|
|
Related spec: 3GPP TS 24.008 Table 10.5.146
|
|
The APDU information element in Perform Location Request and Perform
Location Information messages is optional and not mandatory, as seen in
3GPP 49.031. This commit fixes a regression introduced in ga6ed603f5c.
Closes #17667
|
|
Updated UUIDs to match new version from 1st October 2021
Change-Id: Ifab0296389fe3815f7ce9b15de841e8675faba32
|
|
|
|
Try to make sure protocolID and saved_protocolID are initialized before
we use them. Another attempt at fixing #16342, #17664, and related bugs.
|
|
Fixes #17635.
|
|
Bluetooth LE SMP protocol uses Little-endian byte order. Convert
Bluetooth LE Secure Connections debug public key to Little-endian
byte order to fix the problem that dissector did not properly
identify debug keys when they were used during the pairing.
|
|
Some enhancements and visual fixes to version 3 dissector are also included.
|
|
This statement is at the top of the function, calls itself recursively
without changing any state, reaches the max recursion level, and then
travels back up the stack adding expert infos and returning -1, and
then at the end always causes a variable to be set to a known value.
Remove all that, and just set the variable to the value it's going to
have anyway. This speeds things up a lot and prevents adding dozens
of expert infos to dictionaries without otherwise changing the
behavior, which does seem to work.
|
|
Add support for websocket fragmented payload reassembly.
|
|
In many cases, the "value offset" is actually the value itself.
Handle those cases correctly.
|
|
The Linux SocketCAN header now uses the formerly-reserved byte in the
SocketCAN header after the "payload length" field as an "FD flags"
field, with a flag bit reserved to indicate whether the frame is a
classic CAN frame or a CAN FD frame, with two other bits giving frame
information for FD frames.
For LINKTYPE_CAN_SOCKETCAN, use that flag bit to determine whether the
frame is classic CAN or CAN FD. As some older LINKTYPE_CAN_SOCKETCAN
captures have SocketCAN headers in which the fields after the "payload
length" field were uninitialized, so trust that thge "FD flags" was
filled in, rather than possibly randomly uninitialized, only if the only
bits set in that field are the bits defined to be in that field and the
two reserved bytes after it are zero.
This will be needed when the current main-branch libpcap is released, as
it uses LINKTYPE_CAN_SOCKETCAN rather than LINKTYPE_LINUX_SLL for
ARPHRD_CAN devices; we add it now to future-proof the Wireshark releases
to which this is being committed. It also handles what existing CAN FD
captures using LINKTYPE_CAN_SOCKETCAN exist.
For LINKTYPE_LINUX_SLL frames, we have the protocol field to distinguish
between classic CAN and CAN FD, so we use that to determine the frame
type, rather than looking at the CANFD_FDF flag.
dissect_socketcan_common() now handles both classic CAN and CAN FD
frames.
|
|
|
|
|
|
|
|
Fixes #17649.
|
|
Change-Id: Icce8f7a30caf0d52c01b20b8535a1f157a1e4f56
|
|
Change-Id: I914f4aae11b4c459a6db0d7b18ab81b73747fd58
|
|
Change-Id: I7d5350d1a590e8c5a2b87f4cc0d815d5da63a2f1
|
|
|
|
|
|
|
|
Add endpoint type for uTP connection IDs.
Manage uTP conversations, creating generated stream ID to filter
on both sides of a conversation.
Display more information in INFO column, similar to TCP.
This is some progress towards #8792.
|
|
epan/dissectors/packet-bpv7.c (00000000000010d0 T bp_block_canonical_free) is not referred to so could be static?
epan/dissectors/packet-bpv7.c (0000000000000e50 T bp_creation_ts_new) is not referred to so could be static?
One function was not called at all - the other only in this dissector so could be static.
|
|
|
|
Since the wraparound aware GT_SEQ is used, passing in 0 for the
ACK number can result in thinking that bytes are missing and
dropping frames from the follow stream tap.
|
|
In rare circumstances when a connection could not established on
the first try, succeeding in establishing it later would generate
many Retransmissions. Closes 17616.
|
|
Always make sure our offset advances in dissect_bencoded_list.
Fixes #17651.
|
|
We fetch the protocol IDs for several protocols, but use none of them.
Get rid of them.
|
|
|
|
The usage of PRIi64 and PRIu64 may lead to failed builds on MacOS - at
least it did for me.
This patch fixes this.
|
|
|
|
Null frames are frames with invalid data. This patches makes sure that
the invalid data is not further dissected.
Closes #17644
Bug present since Wireshark 3.4.
|
|
When UDP-NM was renamed into AUTOSAR-NM (as well as filename changed)
the author of that patch missed the dynamic filters. This patch fixes
this oversight and makes sure all filters of AUTOSAR NM start with
"autosar-nm.".
Fixes #17643
|
|
|
|
Since the UDP connection switches back and forth between DHT and uTP,
use conversation_set_dissector_from_frame_number so that the dissector
called by try_conversation_dissector in packet-udp.c doesn't change for
a given frame based on the last packet clicked in the GUI.
Split out a heuristic dissector from uTP so that conversation_set_dissector
is only called from the heuristic dissector.
This doesn't make a difference when the heuristics are accurate but
might in some edge cases.
|
|
Last version of MS-RDPEUDP2 has detailled the interpretation of ackvec packets. The
patch also adds the interpretation of ack vector items (bitmap or RLE encoded).
|