| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Replace g_get_current_time by g_get_monotonic_time (since GLib 2.28, we
require 2.32) to simplify code and ignore time jumps. Qt does not need
the elapsed time, so remove the parameter from the progress callback.
Change-Id: Icaad4b909b9cb4bb07d28fcdf3d383d64aa00127
Reviewed-on: https://code.wireshark.org/review/33975
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Have cf_read_current_record() take a capture_file as an argument and
read, into its wtap_rec and Buffer for the currently-selected frame,
information for the currently-selected frame.
Rename cf_read_record_r() to cf_read_record().
That gives us 1) a routine that reads the currently-selected frame into
the wtap_rec and Buffer for the currently-selected frame and 2) a
routine that reads an arbitrary frame into the wtap_rec and Buffer
supplied to it. If you *want* the currently-selected record, use the
former, otherwise use the latter.
Change-Id: If6bd5915dd5bc18334d7b89859822a19234153a4
Reviewed-on: https://code.wireshark.org/review/32858
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That way we don't do initialization, possible expansion of the buffer
from its initial size, and cleanup for every packet.
Change-Id: If967bd8f0cc65631b8b128b2c048d32ba54c8033
Reviewed-on: https://code.wireshark.org/review/32774
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Ethernet packets without the CRC are 1514 bytes long, not 1500 bytes
long; using 1514 bytes will avoid a reallocation for a full-sized
Ethernet packet.
Change-Id: Ie8da3f13bf3df07e23e4478b7dcf84f06dec6a9d
Reviewed-on: https://code.wireshark.org/review/32761
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This reverts commit 9445403f9558901dc54c88754ff21795ea1803f3.
cf_select_packet frees the buffer backing the dissection result
(cf->edt) which results in use-after-frees when callers try to access
the contents. See for example this call trace:
* PacketList::selectionChanged
* cf_select_packet(cap_file_, row)
* frameSelected(row) -> ByteViewTab::selectedFrameChanged
* addTab(source_name, get_data_source_tvb(source))
get_data_source_tvb returns the buffer that backs the dissection and
must remain valid even after dissection has completed. If this is not
done, then a possibly expensive redissection must be done in order to
populate the byte view. The temporary memory savings are not worth it.
Bug: 15683
Change-Id: Ia5ec2c7736cdebbac3c5bf46a4e2470c9236262d
Reviewed-on: https://code.wireshark.org/review/32758
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Most code that reads from a capture_file already has its own wtap_rec
and Buffer; change the remaining ones to do so as well.
Change-Id: I9b7c136642bbb375848c37ebe23c9cdeffe830c3
Reviewed-on: https://code.wireshark.org/review/32732
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Separate the stuff that any record could have from the stuff that only
particular record types have; put the latter into a union, and put all
that into a wtap_rec structure.
Add some record-type checks as necessary.
Change-Id: Id6b3486858f826fce4b096c59231f463e44bfaa2
Reviewed-on: https://code.wireshark.org/review/25696
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The first is deprecated, as per https://spdx.org/licenses/.
Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed
Reviewed-on: https://code.wireshark.org/review/25661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Have the routines that create them take a pointer to a struct
packet_provider_data, store that in the tvbuff data, and use it to get
the wtap from which packets are being read.
While we're at it, don't include globals.h in any header files, and
include it in source files iff the source file actually uses cfile. Add
whatever includes that requires.
Change-Id: I9f1ee391f951dc427ff62c80f67aa4877a37c229
Reviewed-on: https://code.wireshark.org/review/24733
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
libwireshark now expects an epan_t to be created with a pointer to a
"packet provider" structure; that structure is opaque within
libwireshark, and a pointer to it is passed to the callbacks that
provide interface names, interface, descriptions, user comments, and
packet time stamps, and that set user comments. The code that calls
epan_new() is expected to provide those callbacks, and to define the
structure, which can be used by the providers. If none of the callbacks
need that extra information, the "packet provider" structure can be
null.
Have a "file" packet provider for all the programs that provide packets
from a file.
Change-Id: I4b5709a3dd7b098ebd7d2a7d95bcdd7b5903c1a0
Reviewed-on: https://code.wireshark.org/review/24731
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The split isn't necessary now that epan no longer uses the capture_file
structure.
Change-Id: Ia232712a2fb5db511865805518e8d03509b2167f
Reviewed-on: https://code.wireshark.org/review/24693
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Embed one of those structures in a capture_file, and have a struct
epan_session point to that structure rather than to a capture_file.
Pass that structure to the routines that fetch data that libwireshark
uses when dissecting.
That separates the stuff that libwireshark expects from the stuff that
it doesn't look at.
Change-Id: Ia3cd28efb9622476437a2ce32204597fae720877
Reviewed-on: https://code.wireshark.org/review/24692
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Have cfile-int.h declare the structure, and use it in files that
directly access the structure.
Have cfile.h just incompletely declare the structure and include it
rather than explicitly declaring it in source files or other header
files.
Never directly refer to struct _capture_file except when typedeffing
capture_file.
Add #includes as necessary, now that cfile.h doesn't drag in a ton of
Change-Id: I7931c8039d75ff7c980b0f2a6e221f20e602a556
Reviewed-on: https://code.wireshark.org/review/24686
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Make sure each ui/*.[ch] file uses identical (4-space) indentation.
Remove ui/.editorconfig. Fix up other formatting where needed.
SPDX-abbreviate the license blurb in the files we modify.
Change-Id: I5faa1c1eae9a4b6220422ad8e4ba7a341c7deb1f
Reviewed-on: https://code.wireshark.org/review/24632
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
NULL checks were removed for following free functions:
- g_free "If mem is NULL it simply returns"
https://developer.gnome.org/glib/stable/glib-Memory-Allocation.html#g-free
- g_slist_free(_full)? "NULL is considered to be the empty list"
https://developer.gnome.org/glib/stable/glib-Singly-Linked-Lists.html
- g_strfreev "If str_array is NULL, this function simply returns."
https://developer.gnome.org/glib/stable/glib-String-Utility-Functions.html#g-strfreev
- g_slice_free "If mem is NULL, this macro does nothing."
https://developer.gnome.org/glib/stable/glib-Memory-Slices.html#g-slice-free
- g_match_info_free "not NULL... otherwise does nothing"
https://developer.gnome.org/glib/stable/glib-Perl-compatible-regular-expressions.html#g-match-info-free
- dfilter_free defined in Wireshark code. Returns early when passed NULL
epan/dfilter/dfilter.c
They were also removed around calls to g_strdup where applicable:
- g_strdup "If str is NULL it returns NULL."
https://developer.gnome.org/glib/stable/glib-String-Utility-Functions.html#g-strdup
Change-Id: Ie80c2db89bef531edc3aed7b7c9f654e1d654d04
Reviewed-on: https://code.wireshark.org/review/23406
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
That way it can be properly filtered out.
This was broken when pkt_comments was switched to a pino and
wasn't available in the protocol filters list.
Change-Id: Ie3f2b4f25eeb11be57111c98be87e33e0849174b
Reviewed-on: https://code.wireshark.org/review/22363
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
matches.
Things like [Reassembled TCP segments] can add superfluous leaves so just walking down the tree from current location, so walk up the tree as well.
Bug: 1734
Change-Id: I91af554b59e1a6867dba9189ba37db5e396d892a
Reviewed-on: https://code.wireshark.org/review/14393
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 1885
Change-Id: If2b68365880f3508ed82947a0d18e6c28d6e4db8
Reviewed-on: https://code.wireshark.org/review/14392
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
If a packet has a comment, the Protocol Hierarchy Statistics dialog will
add its stats to a top-level "Packet comments" node instead of the
"Frame" node. Add a check for the pkt_comment protocol ID and skip over
it if we find it. Affects Wireshark 2.0, 1.12, 1.10, and probably
earlier versions.
As an alternative we could always force "Frame" to be the first item in
the tree.
Change-Id: If7cd817071caf6219515f5d8121b3a1a2c0d79a6
Reviewed-on: https://code.wireshark.org/review/13297
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: I6872e323daca4798c638d764873f54c4c0dc0006
Reviewed-on: https://code.wireshark.org/review/6934
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: Ifd1eebff9080cd3867e44e4dcb2d2681370ed60a
Reviewed-on: https://code.wireshark.org/review/6128
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Change-Id: I9cafa3cd5c74121168777d8c656e7e94e89efd3c
Reviewed-on: https://code.wireshark.org/review/6065
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
For example, this can be used for pcap-ng options not mapped to
file-type-independent metadata values.
Change-Id: I398b324c62c1cc1cc61eb5e9631de00481b4aadc
Reviewed-on: https://code.wireshark.org/review/5549
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I4da7b335d905dbca10bbce03aa88e1cdeeb1f8ad
Reviewed-on: https://code.wireshark.org/review/4626
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
In particular, epan/wslua/lrexlib.c has its own buffer_ routines,
causing some linker warnings on some platforms, as reported in bug
10332.
(Not to be backported to 1.12, as that would change the API and ABI of
libwsutil and libwiretap. We should also make the buffer_ routines in
epan/wslua/lrexlib.c static, which should also address this problem, but
the name change avoids other potential namespace collisions.)
Change-Id: I1d42c7d1778c7e4c019deb2608d476c52001ce28
Reviewed-on: https://code.wireshark.org/review/3351
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ib7c0617d88bf92cad0ac877176001d29960f1cd8
Reviewed-on: https://code.wireshark.org/review/2725
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
