| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
Use macros from inttypes.h.
|
|
Use macros from inttypes.h with format strings.
|
|
sharkd_session.c:3307:18: warning: Branch condition evaluates to a garbage value [core.uninitialized.Branch]
|
|
Without that, you could add a comment to a record in a file format the
reading code for which doesn't allocate blocks, but the comment doesn't
get saved, as there's no block in which to save the comment option.
This simplifies some code paths, as we're either using the record's
modified block or we're using the block as read from the file, there's
no third possibility.
If we attempt to read a record, and we get an error, and a block was
allocated for the record, unreference it, so the individual file readers
don't have to worry about it.
|
|
The compiler pointed them out. I'm not sure what purpose they were meant
to serve originally but they're dead now.
|
|
Extend sharkd_dissect_request() so that it can replace
sharkd_dissect_columns().
Have it return a status indicating success, invalid frame number, or
read error, so that the caller knows what the problem is.
Pass it pointers to the wtap_rec and Buffer to use when reading packets
from the file, so that if it's called in a loop iterating over all
frames, those structures can be initialized once, before the loop, and
cleaned up once, after the loop, rather than doing both once per loop
iteration.
Pass pointers to the read error code and additional read error
information string pointer, so that, on a file read error, that
information is available to the caller.
Get rid of sharkd_dissect_columns(); instead, use
sharkd_dissect_request(), with code from the loop body pulled into a
callback routine. Fix that code to correctly determine whether the
current frame has any comments, rather than just treating all frames
that have blocks as having comments.
Use _U_ to mark arguments as unused, rather than throwing in a
(void) variablename;
statement.
Move some variables used only within a loop into the for() statement or
the loop body.
|
|
"User" sounds as if the blocks belong to the user; at most, the current
user might have modified them directly, but they might also have, for
example, run a Lua script that, unknown to them, modified comments.
Also, a file might have "user comments" added by a previous user, who
them wrote the file and and provided it to the current user.
"Modified" seems a bit clearer than "changed".
|
|
Mostly functioning proof of concept for #14329. This work is intended to
allow Wireshark to support multiple packet comments per packet.
Uses and expands upon the `wtap_block` API in `wiretap/wtap_opttypes.h`.
It attaches a `wtap_block` structure to `wtap_rec` in place of its
current `opt_comment` and `packet_verdict` members to hold OPT_COMMENT
and OPT_PKT_VERDICT option values.
|
|
Version info is an aspect of UI implementation so move it to
a more appropriate place, such as ui/. This also helps declutter
the top-level.
A static library is appropriate to encapsulate the dependencies
as private and it is better supported by CMake than object libraries.
Also version_info.h should not be installed as a public header.
|
|
|
|
With int we have a implicit conversion loses integer precision warning
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The *real* maximum object size is size_t, so change payload_len
to match this.
|
|
All users of ssl_export_sessions() calculates the length of the
returned string, so let's return the length instead.
|
|
Retap and UI response are much faster when many RTP streams are
processed. RTP Streams/Analyse 1000+, RTP Player 500+.
Changes:
- RTP streams are searched with hash, not by iterating over list.
- UI operations do not redraw screen after every change, just after all
changes. UI is locked when rereading packets.
- Sample list during RTP decoding is stored in memory so wireshark uses
just half of opened files for audio decoding than before.
- Analysis window checkbox area is limited in height
- Dialogs shows shows count of streams, count of selected streams and
count of unmuted streams
- Documentation extended with chapter about RTP decoding parameters
- Documentation extended with performance estimates
|
|
Changes:
- epan/follow.c: follow_conv_filter_func has new parameter
epan_dissect_t *edt, so filter can be generated based on decoded tree
of packet below the cursor
- menu Follow/SIP Call is enabled when sip packet is selected
- value of sip.Call-ID is used as filter for SIP call
- for sharkd it generates filter just 'sip.Call-ID' with no value
|
|
g_memdup() was deprecated and replaced with g_memdup2() in GLib 2.68,
we provide our own copy of g_memdup2() for older GLib versions.
|
|
Since fe94133f0d06935bb5f2afe21f59bbb078d3d9d3 ws_snprintf()
and ws_vsnprintf() don't actually do anything anymore.
The return value of ws_[v]snprintf was discarded before,
now it too conforms to C99.
|
|
This change adds code to allow the selection of a configuration
profile during sharkd start by adding a -C command line option.
A new -a option has been added to specify the api service
endpoint e.g. tcp:127.0.0.1:4446
The change also adds version display (-v) and help display (-h) options.
These additions have been made in a way to ensure that the original
command line options still work correctly to maintain backward
compatibility.
The new options have been added using the getopt_long(...) function
that is used by tshark to simplify the addition of further command
line options.
Closes #17222
|
|
VoIP Calls dialog and RTP Streams dialog has now option to apply display
filter dialog during processing packets.
Filter checkbox is activated during dialog open when display filter is active.
New field apply_display_filter had to be added to voip_calls_tapinfo_t and
_rtpstream_tapinfo/rtpstream_tapinfo_t structures.
|
|
Adds a pre-commit hook for detecting and replacing
occurrences of `g_malloc()` and `wmem_alloc()` with
`g_new()` and `wmem_new()`, to improve the
readability of Wireshark's code, and
occurrences of
`g_malloc(sizeof(struct myobj) * foo)`
with
`g_new(struct myobj, foo)`
to prevent integer overflows
Also fixes all existing occurrences across
the codebase.
|
|
Bug: 16780
Change-Id: I07ca12675fc79a7c524719d18b85e5d3dada6652
Reviewed-on: https://code.wireshark.org/review/38160
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal@wireshark.org>
|
|
warning: ‘%s’ directive argument is null [-Wformat-overflow=]
544 | fprintf(stderr, "load: filename=%s\n", tok_file);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Change-Id: I583a94308ad53b461606053def17e8537eec8d65
Reviewed-on: https://code.wireshark.org/review/37195
Petri-Dish: Pascal Quantin <pascal@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Although c-ares support was techically optional, it was either on by
default or required in all of our packaging. Go ahead and require it
globally. C-ares is widely available and synchronous name resolution can
easily result in a horrific user experience.
Change-Id: Id67c797316ed6b8a0ab5052e55a43a1b9e2a2464
Reviewed-on: https://code.wireshark.org/review/35188
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
The HTTP/2 protocol multiplexes a single TCP connection into multiple
independent streams. The Follow TCP output can interleave multiple
HTTP/2 streams, making it harder to analyze a single HTTP/2 stream.
Add the ability to select HTTP/2 Streams within a TCP stream.
Internally, the HTTP/2 dissector now stores the known Stream IDs in a
set for every TCP session which allows an amortized O(n) lookup time for
the previous/next/max Stream ID.
[Peter: make the dissector responsible for clamping the HTTP/2 Stream ID
instead of the Qt code, that should permit future optimizations.]
Change-Id: I5d78f29904ae8f227ae36e1a883155c0ed719200
Reviewed-on: https://code.wireshark.org/review/32221
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexander Gryanko <xpahos@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I8443379d23a2946dd21c12e5e0bd5464ab73ca25
Reviewed-on: https://code.wireshark.org/review/31857
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Both functions accept an address in network byte order, but
maxmind_db_lookup_ipv4 does not accept a pointer. Add an indirection and
remove unnecessary memcpy calls. This removes some confusion for me.
Change-Id: I291c54c8c55bc8048ca011b84918c8a5d3ed1398
Reviewed-on: https://code.wireshark.org/review/31951
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Fixing some "implicit conversion loses integer precision" warnings
reported by clang with -Wshorten-64-to-32 option
Change-Id: Icd641d5f4fd8ff129f03f1b9e1da0fc86329f096
Reviewed-on: https://code.wireshark.org/review/31901
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I457613ea154a86098f536b57844ad6606c595a46
Reviewed-on: https://code.wireshark.org/review/31035
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
|
|
Found by clang-tidy.
Change-Id: Ie02a77ffc17050743de216594d40faa65e1dabc2
Reviewed-on: https://code.wireshark.org/review/31336
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This allows taps that can fail to report an error and fail; a failed
tap's packet routine won't be called again, so they don't have to keep
track of whether they've failed themselves.
We make the return value from the packet routine an enum.
Don't have a separate type for the per-packet routine for "follow" taps;
they're expected to act like tap packet routines, so just use the type
for tap packet routines.
One tap packet routine returned -1; that's not a valid return value, and
wasn't one before this change (the return value was a boolean), so
presume the intent was "don't redraw".
Another tap routine's early return, without doing any work, returned
TRUE; this is presumably an error (no work done, no need to redraw), so
presumably it should be "don't redraw".
Clean up some white space while we're at it.
Change-Id: Ia7d2b717b2cace4b13c2b886e699aa4d79cc82c8
Reviewed-on: https://code.wireshark.org/review/31283
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Bug: 4234
Change-Id: Ibd59809b2dd9890a7851eb57ef7af384e280a74b
Reviewed-on: https://code.wireshark.org/review/31222
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Align comments and add two fixup notes while at it.
Change-Id: I977c1a6e55712414f7af042cb215bac49926a019
Reviewed-on: https://code.wireshark.org/review/30742
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Rename wsjson_unescape_json_string to json_decode_string_inplace
(inspired by the g_base64_decode_inplace name). Rename
wsjson_is_valid_json to json_validate (inspired by g_unichar_validate).
Ideally json_parse is inlined with its user (sharkd_session.c), but that
requires exporting the jsmn_init and jsmn_parse functions... Hence the
dependency on jsmn.h remains in wsjson.h.
Change-Id: I7ecfe3565f15516e9115cbd7e025362df2da5416
Reviewed-on: https://code.wireshark.org/review/30731
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Don't use sharkd_json_value_stringf() if there is no need for it.
Change-Id: Ie375be1d91fc3bd20fae68df282ec14310055eba
Reviewed-on: https://code.wireshark.org/review/30075
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
|
|
../sharkd_session.c: In function ‘json_puts_string’:
../sharkd_session.c:125:20: warning: array subscript has type ‘char’ [-Wchar-subscripts]
fputs(json_cntrl[str[i]], stdout);
Change-Id: I03a07b8cb42692f636491fad9b15ac71ac0c03f4
Reviewed-on: https://code.wireshark.org/review/29883
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
It should fix warning reported by Stig:
[...]/wireshark/sharkd_session.c:125:20: warning: array subscript is of type 'char' [-Wchar-subscripts]
fputs(json_cntrl[str[i]], stdout);
^~~~~~~
Change-Id: I9352174223644394ba2bf76f10ff3bf6b6abcad5
Reviewed-on: https://code.wireshark.org/review/29877
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Fix JSON generation:
- add lookup table to encode all required control characters (0x00 - 0x1F),
- don't output comma just after opening object in iograph.
Change-Id: Ib53af9c37f4d7785cafc5f9a8d0e71b214c7f349
Reviewed-on: https://code.wireshark.org/review/29852
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
|
|
Replace remaining printf()s.
Change-Id: I42e2e7f0cbc70612eea80efc0b5831702fc7ec7d
Reviewed-on: https://code.wireshark.org/review/29830
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
|
|
Many printf()s generates only key, value is generated by
json_puts_string() or json_print_base64().
Add helper functions sharkd_json_value_string, sharkd_json_value_base64
to generate key with a string, or base64 as a value.
It lower number of printf() from 156 to 105 (32% reduction).
Change-Id: I22901d9759534a4fab7bcdefd66242fd6c5b20cc
Reviewed-on: https://code.wireshark.org/review/29821
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
|
|
Most of sharkd printf()'s are used to output formatted value with given key.
Add two formatting-function helpers: sharkd_json_value_anyf and sharkd_json_value_stringf.
Conversion printf to these function lower number of printf() from 300 to 156 (48% reduction).
Change-Id: Ied538cc5b84d48d942e2140ff6b93969579d6132
Reviewed-on: https://code.wireshark.org/review/29816
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
|
