Age | Commit message (Collapse) | Author | Files | Lines |
|
Use it in the MBMS synchronisation protocol dissector, rather than
calling tvb_get_ptr() there.
Change-Id: I7ddb3c6b30547826cb5372352c7c483d8a24dc8e
Reviewed-on: https://code.wireshark.org/review/3514
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Use it in the ATM dissector, and use a tvbuff version, so that we don't
do tvb_get_ptr() ourselves.
Change-Id: I0bd3594bc739e0cca447ac06f34a471441cf2e70
Reviewed-on: https://code.wireshark.org/review/3513
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The length passed to it already has 4 subtracted from it by the caller.
Change-Id: I6e047c6c4c4cd5220be923b4663088b6b275d768
Reviewed-on: https://code.wireshark.org/review/3511
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Have the wsutil routine just accumulate the stuff from the buffer handed
to us. Have the IUUP dissector deal with the extra stuff. Add a
update_crc10_by_bytes_tvb() routine, which is passed a tvbuff, offset,
and length, and use that rather than using tvb_get_ptr() in dissectors.
Change-Id: Iadd0823c764080e60d1339abb94d2e19150eabfe
Reviewed-on: https://code.wireshark.org/review/3509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
So just use crc16_x25_ccitt_tvb(), which goes a byte at a time rather
than a bit at a time, and which takes a tvbuff rather than requiring you
to call tvb_get_ptr().
It also doesn't 1's-complement the result, so we can compare it against the
0x1D0F in ETSI TS 102 821 V1.4.1 (2012-10) rather than against a
1's-complement version, 0xE2F0.
Change-Id: Ia513f851f0a8ff1e7853278ddf3618c532fb2aba
Reviewed-on: https://code.wireshark.org/review/3507
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Idf275d89591558fd2ea082c886ce07e62523807a
Reviewed-on: https://code.wireshark.org/review/3506
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
There are routines that take a buffer and a length and that take a
tvbuff, offset, and length; use those routines in the DNP dissector
(which no longer needs its own table and loop), and use the tvbuff
routine instead of calling tvb_get_ptr().
Change-Id: Ic67b0f3b65b94ea47c0fdc2f3d3b6f88df77f9c6
Reviewed-on: https://code.wireshark.org/review/3505
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
A little bit of guess work is involved as the group key can use a
different cipher to the pairwise key, and we are trying to do this
purely based on the EAPOL messages with no prior knowledge of the
associate request. We try to guess the cipher based on the lengths.
Bug:8734
Change-Id: I4c456b45939c00a9d1122406891f704fa037349c
Reviewed-on: https://code.wireshark.org/review/3183
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8903a097a59bf9bf1ec62b59e57cdc60e382bdb5
Reviewed-on: https://code.wireshark.org/review/3490
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: If6dc8e3a9328571ccdb106b0aabc617889c434c7
Reviewed-on: https://code.wireshark.org/review/3465
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
This adds "Remove unused hf entries" from Anders.
Change-Id: I1150f34f0eafab03415339d4b34f5f2e7f69f85b
Reviewed-on: https://code.wireshark.org/review/3499
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
* fix exporting "beginning of" frame logs into info field
* add missing "Failure" level to regexp in wiretap part
* remove usage of GDateTime from wiretap part
Change-Id: Ibdea730623241cccbbc1694a34daa308e48c0a89
Reviewed-on: https://code.wireshark.org/review/3493
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
One fewer tvb_get_ptr() call. Yay!
Change-Id: I08ac4888d696f0b6b6a17e9e22f3dfec5aedad59
Reviewed-on: https://code.wireshark.org/review/3496
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I63bde706a6561c834aab9b10975dbb242c65d998
Reviewed-on: https://code.wireshark.org/review/3495
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I64d1177b9a424ede9d1f687843e38bd37723c137
Reviewed-on: https://code.wireshark.org/review/3494
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
It's only available from GLib 2.26 while we only require 2.16
Change-Id: I3c2e6748aa93b9af7158f5051433baff6a7c0324
Reviewed-on: https://code.wireshark.org/review/3480
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Per Android documentation, the PID and TID are int
Change-Id: I05326d134047315d61a873c33dd02a48d1849f8d
Reviewed-on: https://code.wireshark.org/review/3481
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I6f1710a093fc548c718defa9b40ab68877ede977
Reviewed-on: https://code.wireshark.org/review/3470
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
That doesn't eliminate them, but at least it encapsulates them.
Change-Id: I78f0202cb7d2eb86e2dce220b2b97acc256d1e42
Reviewed-on: https://code.wireshark.org/review/3489
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This eliminates some tvb_get_ptr calls from dissectors, as part of
trying to minimize if not eliminate its use in dissectors (it's a bit of
what's called an "attractive nuisance", in that users who don't
understand what it does - and doesn't! - do may use it in ways that are
unsafe, e.g. thinking you can use it to get a null-terminated string
from a packet).
It also eliminates the possibility of passing one length to
tvb_get_ptr() and another to crc32c_calculate().
Change-Id: I8a07168d0bc088b45d607e00c5bb1d98421ebc73
Reviewed-on: https://code.wireshark.org/review/3488
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Even when the protocol specifies that a string ends in a null-terminator, there
are packets which won't. Therefore:
**the result of tvb_get_ptr SHALL NOT be treated as a null-terminated string**
We need to post that in big neon lettering somewhere obvious.
Bug: 10353
Change-Id: Ie30cd13353a9830311e573e734dd89dc07622c98
Reviewed-on: https://code.wireshark.org/review/3485
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I4056d8b876f71c1f9ce4804a4dc4b0d16ab5afda
Reviewed-on: https://code.wireshark.org/review/3409
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I43440ef6fac1a0c01eec630d2238fcfb085255a5
Reviewed-on: https://code.wireshark.org/review/3471
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
APN field is not encoded as a dotted string so the first character is not a length
Bug: 10323
Change-Id: Ia62137c785d505e9d0f1536a333b421a85480741
Reviewed-on: https://code.wireshark.org/review/3461
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ief00f09225805c6c7488d92f8aa5b59c21575788
Reviewed-on: https://code.wireshark.org/review/3464
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
highlight its data part as well
Change-Id: Ia69ac6b1460245ffa44b6ad3b17f07948baf03d4
Reviewed-on: https://code.wireshark.org/review/3463
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
for T.125 so remove the test.
Remove unused hf entries.
Fixes bug 10350.
Change-Id: If28de7877388c669082f8c8a21dd63107d417fbf
Reviewed-on: https://code.wireshark.org/review/3458
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I7abb415bccff4de846ab273eed3e3b2a434d94b7
Reviewed-on: https://code.wireshark.org/review/3455
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
packet-mq.c:3653: warning: declaration of 'tree' shadows a parameter
Change-Id: I1226dac3764b15a097378aed7696567b9224f4c4
Reviewed-on: https://code.wireshark.org/review/3457
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
CapResp Packets may contain Device Capability Descriptors.
This patch allows wireshark to show what descriptors are present,
& checks that their length fields are valid.
See section 6.3.3 of the MA USB spec for more information.
Change-Id: Ia120435bdffcced091b67e66e0ba8f1a750358db
Reviewed-on: https://code.wireshark.org/review/3330
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I38d65a06b925653e22a59a4a4cd0a53a87072b49
Reviewed-on: https://code.wireshark.org/review/3456
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- handle RFH structure
- use tvb_reported_length...,
- Add Conversation/Request in row display
Change-Id: I84c5cf3e9479d91b363eb093e71bb6bdf07e8194
Reviewed-on: https://code.wireshark.org/review/3354
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Wireshark already supports reading and writing logcat
logs saved in binary files. Binary format, although
better, is used less often than saving those logs to
text files.
This patch extends wireshark's support for android logcat
logs to reading and writing logcat logs in text files.
Features:
* support for tag, brief, process, thread, time, threadtime
and long formats
* saving in original format
* it's generally awesome
Change-Id: I013d6ac2da876d9a2b39b740219eb398d03830f6
Reviewed-on: https://code.wireshark.org/review/1802
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Launch SSL dissector when MySQL switch to SSL
Ping-Bug:9515
Bug:10338
Change-Id: I96487d6d2131db3678f4a24095d702b6cd4ea5b2
Reviewed-on: https://code.wireshark.org/review/3411
Reviewed-by: Daniël van Eeden <wireshark@myname.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I7dfda411ed1d91e9eea43a1eb0cbc70807fedfbb
Reviewed-on: https://code.wireshark.org/review/3451
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This fixes decoding of authetication data in MySQL 5.6+
It also decodes the charset.
Bug: 10351
Change-Id: Ic76961e94d2e3bf15bc72e279128a5251acfd749
Reviewed-on: https://code.wireshark.org/review/3441
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I3445ae22f10584582d465bf632942e016f5f70ca
Reviewed-on: https://code.wireshark.org/review/3452
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
take this setting into account when we try to detect the first packet of
a tftp transfer
Change-Id: Ia80f9b5f994b02ecaaa063308b1a87d00fe0dafe
Reviewed-on: https://code.wireshark.org/review/3450
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
when we set one, we clear the other
Change-Id: I7c316dc9cc7b2c93cfa1b00eb617553f55a58715
Reviewed-on: https://code.wireshark.org/review/3449
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I80f7e438cbb44c40ee28f1eb78a7779f43563732
Reviewed-on: https://code.wireshark.org/review/3448
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
don't add a generated tree item with the filename stored in the
conversation
Change-Id: Ia9a7fe712d0dd8241399e456509019b8e3902554
Reviewed-on: https://code.wireshark.org/review/3447
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
display the opcode first, followed by the file name
Change-Id: Ic5dd7409414d2f748c326c59a4b850dc2244da1f
Reviewed-on: https://code.wireshark.org/review/3446
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: Ia91d51acd7dedd18ba5d0a73bc353b2d198474c7
Reviewed-on: https://code.wireshark.org/review/3445
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
packet-isakmp.c: In function 'dissect_isakmp':
packet-isakmp.c:1873:6: error: 'ivd' may be used uninitialized in this function [-Werror=maybe-uninitialized]
packet-isakmp.c:1747:14: note: 'ivd' was declared here
cc1: all warnings being treated as errors
(not sure why the compiler complains here)
Change-Id: I9b9589d3193b0dc37f2db8f6c4c6727b2a92eaaa
Reviewed-on: https://code.wireshark.org/review/3444
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
- remove unneeded initializers;
- replace tabs in files with editor mode line 'expandtabs';
- col_set_str() --> col_add_str() (in one case);
- tvb_length() -- > tvb_reported_length() (in one case);
- do some whitespace & indentation fixes/changes.
Change-Id: Ib8ffbbcdb6e4a74c0df6021a75430ae1ef9ae089
Reviewed-on: https://code.wireshark.org/review/3435
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
- Fix a few minor bugs;
- Remove unneeded #includes;
- Do some whitespace/long_lines formatting changes.
Change-Id: I97239fa20727498604682239cda0e1b87b10f4bc
Reviewed-on: https://code.wireshark.org/review/3434
Petri-Dish: Bill Meier <wmeier@newsguy.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
After the MySQL protocol has established a SSL connection the first packet is a HandshakeResponse packet (aka Login Request).
http://dev.mysql.com/doc/internals/en/ssl.html
http://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::HandshakeResponse
The loginrequest within the SSL stream is not packet_number 1. (it however is the first packet in the ssl stream)
Issue found by Daniël van Eeden
Change-Id: Ic6110c38f7206a9788158c5c6861064939644221
Ping-Bug:10338
Reviewed-on: https://code.wireshark.org/review/3408
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Daniël van Eeden <wireshark@myname.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Added dissection of MAUSB Capability Response (CapResp) fields.
Change-Id: I41044a25c72b72ef9c8ef5640a609eb6448b054d
Reviewed-on: https://code.wireshark.org/review/3329
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Other minor cleanup while in the area.
Change-Id: Id8d957d3d68a2e3dd5089f490bd59d773e1be967
Reviewed-on: https://code.wireshark.org/review/3427
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
I.e., no, the epan/decode_as.c stuff belongs in libwireshark, not libui,
because dissectors need to be able to say "I support decode-as...".
Code to implement the UIs that allow decode-as entries to be specified
would belong in libui.
Change-Id: Ibf9da19e752481a3892d0f03d0a0537590ab1811
Reviewed-on: https://code.wireshark.org/review/3416
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|