Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: Icfdde38e40cca05d0705a081153a4ea3e8782ee7
Reviewed-on: https://code.wireshark.org/review/9086
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Bug: 11292
Change-Id: I69a5591996bec77c2cb2bfcd04e9179784470edf
Reviewed-on: https://code.wireshark.org/review/8987
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I4667fd4091c510a4c798f79dae333a07dc42dad6
Reviewed-on: https://code.wireshark.org/review/8880
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: Ie9bedf6c17c0a941ebaabd5144460a42eb4ca1ed
Reviewed-on: https://code.wireshark.org/review/8336
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Bug: 11170
Change-Id: Ife7f565d17b92cd5f84e92ce109f530e68d98cfa
Reviewed-on: https://code.wireshark.org/review/8333
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Bug: 11170
Change-Id: Ica259867e2c8e0b4b680bca94970e13962a8dbb1
Reviewed-on: https://code.wireshark.org/review/8290
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Add FT_FRAMENUM_ACK and FT_FRAMENUM_DUP_ACK and set them for
tcp.analysis.acks_frame and tcp.analysis.duplicate_ack_frame. Draw a
single or double check mark in the packet list accordingly.
These are probably specific to TCP, but as it happens there are a lot of
TCP packets.
Change-Id: I35416506419159a79ad8cc2e35f8a14485edfb7e
Reviewed-on: https://code.wireshark.org/review/7568
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Since commit v1.99.4rc0-70-g0bec885 (Remove use of sprintf for ftype
string formatting), Wireshark aborts with "Null pointer passed to
bytes_to_hexstr_punct()". This happened with a SSL capture where the
ssl.handshake.extensions_padding_data had a zero length.
Fix it by producing a zero-length string instead (as done by the
previous implementation).
Change-Id: I711d786a9ae692eb44c5e49a30d5fea41c5af31e
Reviewed-on: https://code.wireshark.org/review/7649
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I656d6193aad740ab88bf16fb25c202e766e3092a
Reviewed-on: https://code.wireshark.org/review/7616
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Ping-Bug: 10318
Change-Id: Idb8790681cda901788df10fc1484179001bbb35c
Reviewed-on: https://code.wireshark.org/review/7566
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add the ability to set frame number types: none, request, or response.
Use the types to draw different related packet indicators in the packet
list.
Track the conversation in PacketListRecord. Use it to draw dashed lines
for unrelated frames.
Set frame number types for DNS and ICMP.
Instead of drawing a transparent QImage, alpha blend our foreground
color and draw directly in our painter. Blend more toward the foreground
color.
Add FRAMENUM_TYPE to checkAPIs.
Change-Id: I2495945bb436413e05d6ec697184a0b4fd5ad214
Reviewed-on: https://code.wireshark.org/review/7436
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Otherwise, they don't get the right suffix to tell the compiler that
they're 64-bit even on ILP32 platforms.
Change-Id: I5c52a999d21707602e0a4174a142d1d1036242be
Reviewed-on: https://code.wireshark.org/review/7297
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Fix comments typos and use safe equivalent of sprintf.
Change-Id: Icc9d69532dc35e8a58a78c0eacdb42214b679069
Reviewed-on: https://code.wireshark.org/review/7290
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
|
|
FT_{U}INT{40,48,56}
Change-Id: I57354c309ecf3a0c8f0c7cff485638027f30bb19
Reviewed-on: https://code.wireshark.org/review/5813
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ib0bd1ea7801ab450b300a94c4757f16d0dd75760
Reviewed-on: https://code.wireshark.org/review/7137
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Found by MSVC2013 Code Analysis
Change-Id: I58063946dd558e98308c87b36eeac0ddbe1a6e79
Reviewed-on: https://code.wireshark.org/review/7045
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
There are a few oid functions that are only called in oids_test.c. I'll presume the APIs are used in proprietary dissectors rather than just remove them.
Change-Id: I4595e00f93bf9ab8cf2493fe0432b91960f55a3f
Reviewed-on: https://code.wireshark.org/review/6592
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ib7d1b587b439ff21ec6b7f1756ce6ccf25b66f80
Reviewed-on: https://code.wireshark.org/review/6635
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I79e893f1d810a90c6a495067941d2e393e9fee72
Reviewed-on: https://code.wireshark.org/review/6501
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Have dfilter_compile() take an additional gchar ** argument, pointing to
a gchar * item that, on error, gets set to point to a g_malloc()ed error
string. That removes one bit of global state from the display filter
parser, and doesn't impose a fixed limit on the error message strings.
Have fvalue_from_string() and fvalue_from_unparsed() take a gchar **
argument, pointer to a gchar * item, rather than an error-reporting
function, and set the gchar * item to point to a g_malloc()ed error
string on an error.
Allow either gchar ** argument to be null; if the argument is null, no
error message is allocated or provided.
Change-Id: Ibd36b8aaa9bf4234aa6efa1e7fb95f7037493b4c
Reviewed-on: https://code.wireshark.org/review/6608
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Id336dc16f97a0973754993094aa637813c0ca31c
Reviewed-on: https://code.wireshark.org/review/6604
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Most of the remaining ep_ uses are grouped with specific functionality.
Change-Id: I8fa64a17acc6bcdcf6891b2d28715ac0c58f1a4a
Reviewed-on: https://code.wireshark.org/review/6484
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
There's no requirement for "display" field values to have names
beginning with BASE_; use SEP_, to indicate that they're separators.
(And, yes, we should introduce SEP_NONE, with a value of 0, and use it.)
While we're at it, fix BASE_SEMICOLON - the separator is a colon, not a
semicolon - and document SEP_SPACE in doc/README.dissector.
Change-Id: I856aafda2c60b8320dffe287f0deb06a9604a2bf
Reviewed-on: https://code.wireshark.org/review/6486
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
It's just like BASE_DOT, BASE_DASH and BASE_SEMICOLON, only its a space between bytes. Since this seems pretty specific to FT_BYTES, perhaps there is a better was to represent the functionality (like FT_BOOLEAN uses numeric values for number of bits)?
Change-Id: I1a8f1ab263ece2736a8012b66fdd6a9105db7282
Reviewed-on: https://code.wireshark.org/review/6451
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I6eccd20280e907bd9e6a5fcf873ccf80afddecac
Reviewed-on: https://code.wireshark.org/review/6416
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
type.
These "bases" will put a ".", "-", or ":" respectively between hexidecimal bytes in the field in packet view and display filter. FT_BYTES with BASE_NONE will have no separator in the packet view, but continue to have the ':' as a separator in the display filter.
Converted the "string" hf_ entries that used tvb_fc_to_str as a string to use proto_tree_add_item with FT_BYTES/BASE_DOT type.
Converted applicable tvb_bytes_to_ep_str_punct() calls to use the new BASE values.
Change-Id: I2442185bb314d04a3ff2ba57883652ecd738b5f9
Reviewed-on: https://code.wireshark.org/review/6098
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I90dbf0b31fc737150a01533763a7869b34c68cb6
Reviewed-on: https://code.wireshark.org/review/6220
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Also, convert the "string" hf_ entries that used tvb_fcwwn_to_str as a string to use proto_tree_add_item with FT_FCWWN type.
Change-Id: I4ca77870499fd8239584a70874998b5d194a7167
Reviewed-on: https://code.wireshark.org/review/6036
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
They're locale-dependent (although those *particular* ones might not
be).
Remove no-longer necessary (or not-even-necessary-before-this-change)
includes of <ctype.h>
Change-Id: I1384e3ae4ccba6af9220a08773abcde7ea320573
Reviewed-on: https://code.wireshark.org/review/4755
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
An unsigned 8-bit integer is always <= 0xFF; that was the cause of the
warning.
To see whether a byte, when represented as hex, has letters for its
upper and lower nibbles, just check whether both nibbles are >= 0xA.
Cast the extracted nibbles to make sure there's no sign-extension.
Change-Id: If4c7717a5d2fe341c02e9309ee6b89973a6ac292
Reviewed-on: https://code.wireshark.org/review/4739
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
I'm not 100% certain the comparisons were right even with signed char;
make the comparisons unsigned vs. unsigned, regardless of whether char
is signed or not. (No, C doesn't require it to be signed; that's why
there's a "signed" keyword.)
Change-Id: Icbbd1019a2f7d4ebb40d821255834f825cd7c5a7
Reviewed-on: https://code.wireshark.org/review/4731
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This was removed in ed0b19b94bf07056b5e0cfe64d4d05c3ebae801a
Change-Id: I548ca955eda6e0b6991a0f6731cbbb3bf82e0e2b
Reviewed-on: https://code.wireshark.org/review/4620
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
There are protocols out there that have 64-bit wide bit mask fields, so
make the internal representation and bitfield decoders 64-bit aware.
For this, the ws_ctz() fallback and bits_count_ones() have to be tweaked
slightly.
Change-Id: I19237b954a69c9e6c55864f281993c1e8731a233
Reviewed-on: https://code.wireshark.org/review/4158
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This regression was introduced by the commit e5353bf1198d6abf748de78084ff64f597f13663 done for bug 10081
Bug: 10213
Change-Id: I3925a47ef13055f10f49fa9fefd022731746fbb8
Reviewed-on: https://code.wireshark.org/review/2572
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
With autotools, CMake, and nmake, if we have a function, #define
HAVE_{function_name_in_all_caps}, otherwise don't #define it.
If we provide our own version of a function in libwsutil, make sure we
have a header that declares it, and *ONLY* include that header if
HAVE_{function_name_in_all_caps} is *NOT* defined, so that we don't have
the system declaration and our declaration colliding.
Check for inet_aton, strncasecmp, and strptime with CMake, just as we do
with autotools.
Simplify the addition of {function_name_in_all_caps}_LO to libwsutil in
autotools.
Change-Id: Id5be5c73f79f81919a3a865324e400eca7b88889
Reviewed-on: https://code.wireshark.org/review/2903
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ibaae0e79935dc62f12f713f2df5b57d0f3f799b9
Reviewed-on: https://code.wireshark.org/review/2254
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I24fe3cc4a3589dadc4528a77fe7ff13d06b1a983
Reviewed-on: https://code.wireshark.org/review/2245
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Always call $(top_srcdir)/tools/checkAPIs.pl with -sourcedir=$(srcdir)
from Makefile.am to allow out-of-source 'make checkapi'.
Change-Id: I60d7e0079984a8ededdacf4517a0738486fa7973
Reviewed-on: https://code.wireshark.org/review/1294
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add an FT_STRINGZPAD type, for null-padded strings (typically
fixed-length fields, where the string can be up to the length of the
field, and is null-padded if it's shorter than that), and use it. Use
IS_FT_STRING() in more cases, so that less code needs to know what types
are string types.
Add a tvb_get_stringzpad() routine, which gets null-padded strings.
Currently, it does the same thing that tvb_get_string_enc() does, but
that might change if we don't store string values as null-terminated
strings.
Change-Id: I46f56e130de8f419a19b56ded914e24cc7518a66
Reviewed-on: https://code.wireshark.org/review/1082
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
So get rid of the commented-out FT_UCS2_LE; that would be handled as an
FT_STRING, FT_UINT_STRING, or FT_STRINGZ with an encoding of
ENC_UCS_2|ENC_LITTLE_ENDIAN.
Change-Id: I828fc1ed49843a503ec70e6adaf6dadd256df407
Reviewed-on: https://code.wireshark.org/review/996
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
(Using sed : sed -i '/^\# \$Id\$/,+1 d') (start with dash)
Change-Id: Ia4b5a6c2302f6a531f6a86c1ec3a2f8205c8c2dd
Reviewed-on: https://code.wireshark.org/review/881
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I8116f63ff88687c8db3fd6e8e23b22ab2f759af0
Reviewed-on: https://code.wireshark.org/review/385
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
As discussed in bug 3513 and 9709, one can register more than one new ProtoFields for
the same field name. Of course C-code can do that too, and does a LOT apparently, but
if they're not similar ftypes then things can get scrweed up in display filters.
So this change prevents duplicate field registration of dissimilar ftypes. The
similarity is based on the discussion on the mailing list, and the listing in
README.developer has been updated to refelect that as well.
Also, this change adds a testscript for Proto/ProtoFields.
Change-Id: I43bd323f785245941a21289647332a19adec2a9d
Reviewed-on: https://code.wireshark.org/review/285
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
svn path=/trunk/; revision=54813
|
|
appropriate for particular FT_ types. This lets us do some more type
checking and lets us use const pointers when appropriate.
Constify a bunch of stuff, and don't cast away constness.
svn path=/trunk/; revision=54811
|
|
error: unused parameter 'allow_partial_value'
svn path=/trunk/; revision=54389
|
|
with FT_BYTES to now use FT_SYSTEM_ID type.
svn path=/trunk/; revision=54383
|
|
buffers. Remove two unused functions.
svn path=/trunk/; revision=54250
|
|
the ftenum_t for the fvalue's ftype, rather than a pointer to the ftype
(which isn't all that useful except as a handle, unless you import the
internal header).
Have fvalue_to_string_repr() return NULL, rather than failing, if the
fvalue's ftype has no val_to_string_repr method.
This lets us not include the ftypes internal header in
ui/cli/tap-diameter-avp.c.
svn path=/trunk/; revision=53290
|