Age | Commit message (Collapse) | Author | Files | Lines |
|
"tvb_memcpy()"ing to it, and putting in a null terminator;
"tvb_get_string()" will check whether all bytes of the string are
present before allocating the buffer, so that you don't leak memory if
the copy throws an exception, and don't crash if the length is absurdly
large.
Use "tvb_memdup()" instead of allocating a buffer and "tvb_memcpy()"ing
to it, so that an exception is thrown before you try to allocate the
buffer (for the same reasons as listed above).
Before allocating a buffer used when processing a chunk of data from a
packet, get a pointer to the chunk with "tvb_get_ptr()", or check that
the data is all there with "tvb_ensure_bytes_exist()", so that an
exception is thrown before you try to allocate the buffer (for the same
reasons as listed above).
Fix up the lengths of the tvbuff used when dissecting ONC RPC opaque data
with a particular dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10236 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@10108 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
so you can't rely on getting the length of an FT_UINT_STRING item by
calling "proto_tree_add_item()" and fetching the item length from the
item. Get the length of the string explicitly, and advance the offset
by the length of the string plus the length of the length field.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9658 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
dissecting AFP server status - other servers might have different status
formats.
In "dissect_asp_reply_get_status()", put the UTF-8 server name into a
tree, with the length and name in the tree as separate items, and fetch
the length into a 16-bit variable (as it's a 16-bit length in the
packet), as is done in "dissect_dsi_reply_get_status()". (XXX - should
that just be done with an FT_UINT_STRING field, as is done for other
strings?)
Use "tvb_get_string()" to fetch the UTF-8 server name, and set the
length and name from the values we fetched, in both of those routines.
For FT_UINT_STRING fields in "dissect_asp_reply_get_status()" and
"dissect_dsi_reply_get_status()", don't fetch the length separately -
just use the value filled in by "proto_tree_add_item()" (now that a
"proto_item" is no longer opaque, we can do that). That means we don't
have a problem with overflows of the 8-bit "len" variable if the length
is 255.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9567 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9561 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Make "proto_is_protocol_enabled()" and "proto_get_protocol_short_name()"
take a "protocol_t *" as an argument, so they don't have to look up the
"protocol_t" - this will probably speed them up considerably, and
they're called on almost every dissector handoff.
Get rid of a number of "proto_is_protocol_enabled()" calls that aren't
necessary (dissectors called through handles, including those called
through dissector tables, or called as heuristic dissectors, aren't even
called if their protocol isn't enabled).
Change some direct dissector calls to go through handles.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8979 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8509 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
being complete and for fragmentation being trivial (i.e., the packet in
question is both the first and last fragment). Have its callers *not*
do that check - this lets "process_reassembled_data()" put in the
"Reassembled in" item for fragments other than the last fragment.
Add a "Reassembled in" field to TDS.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8295 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
null) to the "fragment_items" structure, and don't pass that value into
"process_reassembled_data()", just have it use the value in the
"fragment_items" structure passed to it.
Make "process_reassembled_data()" capable of handling reassembly done by
"fragment_add_seq_check()", and use it in the ATP and 802.11 dissectors;
give them "reassembled_in" fields. Make "process_reassembled_data()"
handle only the case of a completed reassembly (fd_head != NULL) so that
we can use it in those dissectors without gunking the code up too much.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7513 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
when doing reassembly.
In some additional places, use "tvb_bytes_exist()" to check whether we
have enough data to do reassembly, rather than checking to see if the
frame is short (it might be short but we might still have enough data to
do reassembly).
In DCE RPC, use the fragment length from the header as the number of
bytes of fragment data.
There's no need to check "pinfo->fragmented" before doing reassembly in
the DCERPC-over-SMB-pipes code - either we have all the data or we
don't.
In SNA and WTP reassembly, add a check to make sure we have all the data
to be reassembled.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7282 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6987 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
list of packets corresponding to a reassembled pdu
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6807 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
pointers.
The first argument to "sscanf()" is a "const char *"; don't cast const
pointers to "char *" when passing them to "sscanf()".
Assign the result of "tvb_get_ptr()" to const pointers, not non-const
pointers.
Make the "pdata" argument to various DCE routines a const pointer.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6688 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
sequence numbers or offsets and are thus assumed to be received in order
with no duplicates or dropped fragments (e.g., for NetBIOS Frame, where
802.2 LLC guarantees in-order delivery to NetBIOS with no duplicates or
dropped fragments).
"show_fragment_tree()' and "show_fragment_seq_tree()" don't modify the
"fragment_items" to which the "fit" argument points, so make that
argument a "const fragment_items *".
Make all the "fragment_items" tables "static" (as they're not used
outside the modules defining them) and "const" (as they're not
modified).
Add support for reassembly of NetBIOS fragmented requests and responses.
Get rid of an unnecessary include of "packet-tr.c" in the NetBIOS
dissector, and make its table of dissection function pointers static.
Fix some typos in the AppleTalk and NetBIOS dissectors.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6491 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6449 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
winapi_cleanup tool written by Patrik Stridvall for the wine
project.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6117 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
equivalents for the toplevel directory. The removal of winsock2.h will
hopefully not cause any problems under MSVC++, as those files using
struct timeval still include wtap.h, which still includes winsock2.h.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5932 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5801 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Add Zone Information Protocol support.
Rename "ddp.dst.socket" and "ddp.src.socket" to "ddp.dst_socket"
and "ddp.src_socket", as the socket number is no longer
considered part of the DDP address.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5800 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
separate column, and put in hidden fields for AppleTalk source and
destination addresses.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5778 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5760 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
error code in the Info column.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5712 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
but for stuff reassembled with "fragment_add_seq()" or
"fragment_add_seq_check()".
Add a "fragment tag" string to the "fragment_items", so that packets
with fragmentation errors can be properly flagged as having "Illegal
fragments" or "Illegal segments" depending on the term used with the
protocol in question.
Make all the dissectors that can use "show_fragment_tree()" or
"show_fragment_seq_tree()", and don't already use them, do so.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5644 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
in the "packet_info" structure instead, as we don't need a pointer for
every single frame in the capture file, just for each frame for which we
currently have an open "epan_dissect_t".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5614 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
static, and add a new "packet-data.h" to declare "proto_data".
Display escape sequences in octal in the IAPP dissector, as is now done
in the RADIUS dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5441 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
DSI and ASP updates to better handle addresses in replies.
Dissect DSI "open session" and "attention" messages.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5420 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
afp :
more calls.
asp :
move release transaction to atp.
dissect asp call.
fix a bug with transaction handling (conversation +tid are not
enough as key ).
atp :
deal with one packet transaction without ATP_EOM.
dsi:
safeguard against overflow for unreassembled packet.
more flags decoded.
Update the "packet-atalk.c" comment to reflect all the protocols in it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5376 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
column.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5328 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
more calls supported in AFP;
ATP desegmentation;
show the name for NBP function 1 (broadcast request);
"get status" reply for DSI.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5316 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
dissector, so it can show them as replies.
Put the command code into the protocol tree for replies.
Fix some additional AFP function names to match the names in the AFP
spec.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5279 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
More calls, more fields, and other updates, for AFP.
Decode the error code for DSI.
Also, have separate fields for the code field in DSI when it's a data
offset and when it's an error code.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5270 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Show the flag bits in the ATP "Control information" byte as individual
Booleans, and show the TRel timeout indicator if the packet is a TReq
with XO set.
Clean up whitespace.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5256 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5254 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5233 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"epan/..." pathnames, so as to avoid collisions with header files in any
of the directories in which we look (e.g., "proto.h", as some other
package has its own "proto.h" file which it installs in the top-level
include directory).
Don't add "-I" flags to search "epan", as that's no longer necessary
(and we want includes of "epan" headers to fail if the "epan/" is left
out, so that we don't re-introduce includes lacking "epan/").
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4586 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
items to the protocol tree; it's interpreted as "the rest of the data in
the tvbuff". This can be used if
1) the item covers the entire packet or the remaining payload in
the packet
or
2) the item's length won't be known until it's dissected, and
will be then set with "proto_item_set_len()" - if an
exception is thrown in the dissection, it means the item ran
*past* the end of the tvbuff, so saying it runs to the end of
the tvbuff is reasonable.
Convert a number of "proto_tree_add_XXX()" calls using
"tvb_length_remaining()", values derived from the result of
"tvb_length()", or 0 (in the case of items whose length is unknown) to
use -1 instead (using 0 means that if an exception is thrown, selecting
the item highlights nothing; using -1 means it highlights all the data
for that item that's available).
In some places where "tvb_length()" or "tvb_length_remaining()" was used
to determine how large a packet is, use "tvb_reported_length()" or
"tvb_reported_length_remaining()", instead - the first two calls
indicate how much captured data was in the packet, the latter two calls
indicate how large the packet actually was (and the fact that using the
latter could cause BoundsError exceptions to be thrown is a feature - if
such an exception is thrown, the frame really *was* short, and it should
be tagged as such).
Replace some "proto_tree_add_XXX()" calls with equivalent
"proto_tree_add_item()" calls.
Fix some indentation.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4578 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
structure to the "packet_info" structure; only stuff that's permanently
stored with each frame should be in the "frame_data" structure, and the
"column_info" structure is not guaranteed to hold the column values for
that frame at all times - it was only in the "frame_data" structure so
that it could be passed to dissectors, and, as all dissectors are now
passed a pointer to a "packet_info" structure, it could just as well be
put in the "packet_info" structure.
That saves memory, by shrinking the "frame_data" structure (there's one
of those per frame), and also lets us clean up the code a bit.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4370 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
specifies how the selector values used as keys in those tables are to be
displayed, and the title to use when displaying the table.
Use that information in the code to display the initial and current
entries of various dissector tables.
Have the dissector for BACnet APDUs register itself by name, and have
the BACnet NPDU dissector call it iff the BAC_CONTROL_NET bit isn't set,
rather than doing it with a dissector table.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4358 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
take a dissector handle as an argument, rather than a pointer to a
dissector function and a protocol ID. Associate dissector handles with
dissector table entries.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4308 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Rename WTAP_ENCAP_PRISM to WTAP_ENCAP_PRISM_HEADER, to match
DLT_PRISM_HEADER.
Add in missing capture support for WTAP_ENCAP_PRISM_HEADER when
capturing with "pcap_open_live()" rather than reading the capture from a
pipe.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4299 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4266 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"header_field_info" structure, including the ones that are later set by
the routines to register fields.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3561 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3386 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3364 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
and into epan.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3160 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
DLT_HDLC to it.
Make a separate dissector for Cisco HDLC, and add a dissector for Cisco
SLARP. Have the PPP dissector call the Cisco HDLC dissector if the
address field is the Cisco HDLC unicast or multicast address. Use the
Cisco HDLC dissector for the Cisco HDLC Wiretap encapsulation type.
Add a new dissector table "chdlctype", for Cisco HDLC packet types
(they're *almost* the same as Ethernet types, but 0x8035 is SLARP, not
Reverse ARP, and 0x2000 is the Cisco Discovery protocol, for example),
replacing "fr.chdlc".
Have a "chdlctype()" routine, similar to "ethertype()", used both by the
Cisco HDLC and Frame Relay dissectors. Have a "chdlc_vals[]"
"value_string" table for Cisco HDLC types and protocol names. Split the
packet type field in the Frame Relay dissector into separate SNAP and
Cisco HDLC fields, and give them the Ethernet type and Cisco HDLC type
"value_string" tables, respectively.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3133 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
statements.
Move the setting of the Protocol column in various dissectors before
anything is fetched from the packet, and also clear the Info column at
that point in those and some other dissectors, so that if an exception
is thrown, the columns don't reflect the previous protocol.
Make the IP dissector static, as it's called only via dissector tables
or dissector handles. Also make the "dissect the TOS field as the
DiffServ DS field" flag static, as it's not referred to outside of
"packet-ip.c".
In the NCP dissector, refer to the port type through "pinfo" rather than
through the global "pi", as it's a tvbuffified dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2929 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"{old_}heur_dissector_add()", "{old_}conv_dissector_add()", and
"register_dissector()", so that an entry in those tables has associated
with it the protocol index of the protocol the dissector handles (or -1,
if there is no protocol index for it).
This is for future use in a number of places.
(Arguably, "proto_register_protocol()" should take a dissector pointer
as an argument, but
1) it'd have to handle both regular and heuristic dissectors;
2) making it take either a "dissector_t" or a union of that and
a "heur_dissector_t" introduces some painful header-file
interdependencies
so I'm punting on that for now. As with other Ethereal internal APIs,
these APIs are subject to change in the future, at least until Ethereal
1.0 comes out....)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2849 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
protocols, in addition to adding structures to the list of filterable
fields. Give it an extra argument that specifies a "short name" for the
protocol, for use in such places as
pinfo->current_proto;
the dialog box for constructing filters;
the preferences tab for the protocol;
and so on (although we're not yet using it in all those places).
Make the preference name that appears in the preferences file and the
command line for the DIAMETER protocol "diameter", not "Diameter"; the
convention is that the name in question be all-lower-case.
Make some routines and variables that aren't exported static.
Update a comment in the ICP dissector to make it clear that the
dissector won't see fragments other than the first fragment of a
fragmented datagram.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2810 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
can be put, and a pointer to the string for the column, which might or
might not point to that buffer.
Add a routine "col_set_str()", which sets the string for the column to
the string passed to it as an argument; it should only be handed a
static string (a string constant would be ideal). It doesn't do any
copying, so it's faster than "col_add_str()".
Make the routines that append to columns check whether the pointer to
the string for the column points to the buffer for the column and, if
not, copy the string for the column to the buffer for the column so that
you can append to it (so you can use "col_set_str()" and then use
"col_append_str()" or "col_append_fstr()").
Convert a bunch of "col_add_str()" calls that take a string constant as
an argument to "col_set_str()" calls.
Convert some "col_add_fstr()" calls that take a string constant as the
only argument - i.e., the format string doesn't have any "%" slots into
which to put strings for subsequent arguments to "col_set_str()" calls
(those calls are just like "col_add_str()" calls).
Replace an END_OF_FRAME reference in a tvbuffified dissector with a
"tvb_length(tvb)" call.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2670 f5534014-38df-0310-8fa8-9805f1628bb7
|