metze/wireshark/wip.git
6 years agoWebSocket: remove useless pointer checks (CID 1418346)
Pascal Quantin [Sat, 23 Sep 2017 19:56:24 +0000 (21:56 +0200)]
WebSocket: remove useless pointer checks (CID 1418346)

websocket_conv is always allocated

Change-Id: Ic119e22ee37703ccea2a42e53d6616faa0901cf9
Reviewed-on: https://code.wireshark.org/review/23662
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
6 years agoPFCP: fix a typo (CID 1418345)
Pascal Quantin [Sat, 23 Sep 2017 19:47:48 +0000 (21:47 +0200)]
PFCP: fix a typo (CID 1418345)

Change-Id: If87fa31dc4933f0b54946910559b4260424848e7
Reviewed-on: https://code.wireshark.org/review/23661
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
6 years agoAdd lcap file extension to nsis and wix installers.
Joerg Mayer [Fri, 22 Sep 2017 12:50:38 +0000 (14:50 +0200)]
Add lcap file extension to nsis and wix installers.

Also add ntar file extention to wix installer to match nsis

Change-Id: Idb6f660fda27c6ad3c3cd70acd482eafa2c14307
Reviewed-on: https://code.wireshark.org/review/23656
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
6 years agoplugins: Fixups for g9260461f4f
João Valverde [Fri, 22 Sep 2017 18:13:33 +0000 (19:13 +0100)]
plugins: Fixups for g9260461f4f

Put plugins in CMake build dir with a version subdir. This avoids some
weird special cases, however running with autotools from build dir
displays the wrong global folder in about->folders. Unfortunately
the hack to run from the autotools build dir is troublesome.

Various fixes for Windows builds.

Try to fix also build dir issue loading plugins on macOS with
ENABLE_APPLICATION_BUNDLE (blind).

Change-Id: Ic3c7c21f5850c12a53844202d61fa0592b45739c
Reviewed-on: https://code.wireshark.org/review/23657
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: João Valverde <j@v6e.pt>
6 years agoZigBee ZCL SE Metering: Dissect functional notification flags and notification flags...
Martin Boye Petersen [Thu, 21 Sep 2017 15:04:23 +0000 (17:04 +0200)]
ZigBee ZCL SE Metering: Dissect functional notification flags and notification flags 2 to 5

Change-Id: Ia79c3e2609247846731a4b375b198702f06954de
Reviewed-on: https://code.wireshark.org/review/23649
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
6 years agoHave sequence analysis properly use filters from taps.
Michael Mann [Sat, 23 Sep 2017 01:57:50 +0000 (21:57 -0400)]
Have sequence analysis properly use filters from taps.

Sequence analysis has its own "filtering" system that required its
tap functions to look for some "filter flags".  register_tap_listener()
already comes with a filter argument, so use that to simplify logic
of tap functions in dissectors.
Also have Qt GUI for Flow Graph look like other dialogs that have a
"Limit to display filter" checkbox.

Change-Id: I91d9d9599309786892f5b50c98692e52651e7174
Reviewed-on: https://code.wireshark.org/review/23659
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoRevert "CMake: Print a warning if CCACHE_CPP2 is unset."
Gerald Combs [Fri, 22 Sep 2017 22:08:26 +0000 (22:08 +0000)]
Revert "CMake: Print a warning if CCACHE_CPP2 is unset."

CCACHE_CPP2 / run_second_cpp is enabled by default in ccache 3.3 and later. (Unfortunately our builders have 3.2.4 installed.)

This reverts commit ed1ecfb39cf0f3344810fabb7a1b855d373aa0a8.

Change-Id: I3cc88fa70bb04db5ae254bc9b878ce379e47527d
Reviewed-on: https://code.wireshark.org/review/23658
Reviewed-by: Gerald Combs <gerald@wireshark.org>
6 years agonsis: Always create the extcap directory
Stig Bjørlykke [Fri, 22 Sep 2017 10:46:29 +0000 (12:46 +0200)]
nsis: Always create the extcap directory

Change-Id: I6955c242036c3aa76be4ceb545905ffeef906518
Reviewed-on: https://code.wireshark.org/review/23654
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
6 years agoZigBee ZCL Attributes: Set length of attribute subtrees
Martin Boye Petersen [Thu, 21 Sep 2017 21:46:33 +0000 (23:46 +0200)]
ZigBee ZCL Attributes: Set length of attribute subtrees

Set length of attribute subtree by setting the end after the attribute has been dissected

Change-Id: Ic8bb66206658525635c08f807651a37369d16f6a
Reviewed-on: https://code.wireshark.org/review/23651
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoCMake: Print a warning if CCACHE_CPP2 is unset.
Gerald Combs [Wed, 20 Sep 2017 23:19:04 +0000 (16:19 -0700)]
CMake: Print a warning if CCACHE_CPP2 is unset.

If we're compiling with clang and ccache, print a warning if CCACHE_CPP2
is unset. Doing so avoids generating a bunch of unwanted output when
warnings are enabled.

Change-Id: I6a796e8b910074ffa028ea45bc639b9461e1629e
Reviewed-on: https://code.wireshark.org/review/23646
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoAdd Flow Graph functionality to TShark
Michael Mann [Fri, 22 Sep 2017 03:20:03 +0000 (23:20 -0400)]
Add Flow Graph functionality to TShark

Add flow graph functionality to tshark through -z option.
Output is same as ASCII format saved from GUI.

Change-Id: Iee0bfea7215858e6488b4728581be28287e9ea1a
Reviewed-on: https://code.wireshark.org/review/23652
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoComplete move of tap-sequence-analysis.c functionality to sequence_analysis.c
Michael Mann [Thu, 21 Sep 2017 15:28:26 +0000 (11:28 -0400)]
Complete move of tap-sequence-analysis.c functionality to sequence_analysis.c

Since dissectors are now populating the timestamp of the seq_analysis_item_t
structure within the tap function, don't have the sequence_anaylsis redo it
when writing an ASCII file.  This removes the need for the capture_file
parameter and simplifies the logic a bit.

Also just have GUI register the tap itself.  It will provide for some more
flexibility in the future.

Change-Id: I55b2f951b977ea70ac9f7eb4929245b0779e5f0e
Reviewed-on: https://code.wireshark.org/review/23650
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoDiameter 3GPP: update S6a/S6d/S13/S13' AVPs
Pascal Quantin [Thu, 21 Sep 2017 13:40:40 +0000 (15:40 +0200)]
Diameter 3GPP: update S6a/S6d/S13/S13' AVPs

Change-Id: Ief76bcd529576ccd5324efb042acc4cad7d79c9b
Reviewed-on: https://code.wireshark.org/review/23648
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years ago[PFCP] Add more IE dissection.
AndersBroman [Thu, 21 Sep 2017 13:07:27 +0000 (15:07 +0200)]
[PFCP] Add more IE dissection.

Change-Id: I6fa21972bf937e92a0907c3cc544239e759659f9
Reviewed-on: https://code.wireshark.org/review/23647
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agopacketlogger: Add Syslog and Config types
Stig Bjørlykke [Wed, 20 Sep 2017 13:11:50 +0000 (15:11 +0200)]
packetlogger: Add Syslog and Config types

Change-Id: I2b023283a004c4dd80e0afb1077493612c1cecc6
Reviewed-on: https://code.wireshark.org/review/23642
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agocmake: look for Qt5 from Homebrew on macOS
Peter Wu [Sun, 27 Aug 2017 13:39:50 +0000 (14:39 +0100)]
cmake: look for Qt5 from Homebrew on macOS

When Qt5 is installed using Homebrew on macOS, Qt5 is not available in
the default prefix. Remove the hack from macos-setup-brew.sh and adjust
the search path instead. Note that is needed for development, "brew
install" has already set this option in the environment.

See https://github.com/Homebrew/homebrew-core/issues/8392

Change-Id: I57ea09b649a94c9a4cb18b1b2d334808e47ec27e
Reviewed-on: https://code.wireshark.org/review/23232
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
6 years agoUMTS RLC: Removing unused 'is ciphered' function
Darien Spencer [Fri, 18 Aug 2017 07:03:06 +0000 (10:03 +0300)]
UMTS RLC: Removing unused 'is ciphered' function

All calls to this function were commented out in a previous commit.
Also dealing with the state of the payload (ciphred or not) should be done within the RLC dissector

Change-Id: Ice3a3ca8392d73c7b67308537d7568ab71a98b5e
Reviewed-on: https://code.wireshark.org/review/23644
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoFP: Removed unused code
Darien Spencer [Wed, 20 Sep 2017 19:48:22 +0000 (22:48 +0300)]
FP: Removed unused code

Removed old code which checked if frames are
ciphered and was '#if 0'ed.
Corresponding logic was implemented in the
RLC dissector in a previous commit.

Change-Id: Ie362771277b5c0b41e790c0297ded5ed91f813e2
Reviewed-on: https://code.wireshark.org/review/23645
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoplugins: Add backward compatibility for personal lua scripts
João Valverde [Tue, 19 Sep 2017 11:12:31 +0000 (12:12 +0100)]
plugins: Add backward compatibility for personal lua scripts

Relax requirements for upgrades and make running side-by-side installations
more convenient.

Change-Id: I5299eed005a4748c54465dec90f477adb577e056
Reviewed-on: https://code.wireshark.org/review/23619
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
6 years agoplugins: Be more descriptive in "about wireshark"->"folders"
João Valverde [Mon, 18 Sep 2017 15:25:20 +0000 (16:25 +0100)]
plugins: Be more descriptive in "about wireshark"->"folders"

Display separate entries for binary plugins and lua scripts.

This is explained in the user guide, that the binary folder is
a subfolder of the lua folder, but it's probably a good idea to be more
explicit about it, at the risk of cluttering the interface a bit.

Move GeoIP information down because it seems the least important.

Add helper functions to provide plugin version subdir.

Change some #ifdefs while at it for legibility.

Change-Id: Ieb8665df029b3c14de19e2c973bd9b1cc4ec4621
Reviewed-on: https://code.wireshark.org/review/23609
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
6 years ago[MEGACO] In dissect_megaco_eventsdescriptor() check for dm(DigitMap) not
AndersBroman [Wed, 20 Sep 2017 14:08:56 +0000 (16:08 +0200)]
[MEGACO] In dissect_megaco_eventsdescriptor() check for dm(DigitMap) not
only d as it may get confused with dt(delayTime).

Change-Id: Ie5ac2a117f2d9e4a231d8ee15c795b3abdc4da07
Reviewed-on: https://code.wireshark.org/review/23643
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agotibia: fix 'tibia.vip' exists multiple times with NOT compatible types: FT_BOOLEAN...
Alexis La Goutte [Wed, 20 Sep 2017 11:46:01 +0000 (11:46 +0000)]
tibia: fix 'tibia.vip' exists multiple times with NOT compatible types: FT_BOOLEAN and FT_UINT32

Change-Id: Icd9171d01ba06faf2e109879de2f5685ac5964bc
Reviewed-on: https://code.wireshark.org/review/23638
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agomessageanalyzer: fix 'etw.ndis.packet_metadata.wifi_channel' exists multiple times...
Alexis La Goutte [Wed, 20 Sep 2017 11:54:55 +0000 (11:54 +0000)]
messageanalyzer: fix 'etw.ndis.packet_metadata.wifi_channel' exists multiple times with NOT compatible types: FT_INT32 and FT_UINT32

Change-Id: I402eb393da5a4cfd4fa19e4f3166bcf9ee058f96
Reviewed-on: https://code.wireshark.org/review/23641
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoPFCP: fix 'pfcp.mp' exists multiple times with NOT compatible types: FT_UINT24 and...
Alexis La Goutte [Wed, 20 Sep 2017 11:47:33 +0000 (11:47 +0000)]
PFCP: fix 'pfcp.mp' exists multiple times with NOT compatible types: FT_UINT24 and FT_BOOLEAN

Change-Id: I3099da21dedec71b0ebf130420f83234300339b3
Reviewed-on: https://code.wireshark.org/review/23639
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoGTPv2: fix 'gtpv2.uli_lai_flg' exists multiple times with NOT compatible types: FT_BO...
Alexis La Goutte [Wed, 20 Sep 2017 11:49:12 +0000 (11:49 +0000)]
GTPv2: fix 'gtpv2.uli_lai_flg' exists multiple times with NOT compatible types: FT_BOOLEAN and FT_UINT8

Change-Id: I14fbe09aad243d65da0af5ab623a1ec67eeac893
Reviewed-on: https://code.wireshark.org/review/23640
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoAdd version.conf to git-export-release.
Gerald Combs [Thu, 31 Aug 2017 23:56:25 +0000 (23:56 +0000)]
Add version.conf to git-export-release.

Create and stash version.conf before archiving our repository. This
makes git-export-release behave more like the current Autotools dist
target.

Make sure the `git describe` command in git-export-release and
make-version.pl use the same match pattern and abbreviation length.
Abbreviate to 8 characters. That's our current unique minimum according
to the git-unique-abbrev script at
https://blog.cuviper.com/2013/11/10/how-short-can-git-abbreviate/ :

516409 objects
 4: 516194 / 65293
 5: 200900 / 92205
 6: 15979 / 7957
 7: 1038 / 519
 8: 74 / 37
 9: 0 / 0

Change-Id: Id2279a59a2e24a9ecd816458f399bcd2b4c94185
Reviewed-on: https://code.wireshark.org/review/23344
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoFP: Comments Fixes
Darien Spencer [Wed, 20 Sep 2017 06:47:54 +0000 (09:47 +0300)]
FP: Comments Fixes

Consistant usage of "UE ID"
Consistant usage of "reassembly"
Removed unused commented code

Change-Id: I9e03d439d75443f8fc0a5eb5a7ef10f6ae54e3f4
Reviewed-on: https://code.wireshark.org/review/23633
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoFP: Properly configure standalone PS RAB DCHs
Unknown [Wed, 20 Sep 2017 05:58:54 +0000 (08:58 +0300)]
FP: Properly configure standalone PS RAB DCHs

Added a check based on transport format to spot DCHs carrying a single
PS RAB and configure them properly.
Also renamed "special case dch 24" with it's actual meaning - a muxed
CS & PS RABs

Change-Id: I730b6d617d9e15bcbb5d7fde09dcd2273d943e18
Reviewed-on: https://code.wireshark.org/review/23632
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoUMTS RLC: Hide deciphering preference by default
Darien Spencer [Fri, 15 Sep 2017 15:47:32 +0000 (18:47 +0300)]
UMTS RLC: Hide deciphering preference by default

Unless wireshark is compiled with a KASUMI implementation, trying to decipher RLC will always fail.

Change-Id: I0d44514579fbfcd21fe8c2b74c566c54f94e4698
Reviewed-on: https://code.wireshark.org/review/23557
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoRTSP: fix stack use after scope error reported by ASan
Pascal Quantin [Wed, 20 Sep 2017 08:14:56 +0000 (10:14 +0200)]
RTSP: fix stack use after scope error reported by ASan

Bug: 14077
Change-Id: I9fa0e62fe354b1c18687ba9041029de97719343c
Reviewed-on: https://code.wireshark.org/review/23635
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
6 years agoQt: Restore ability to display RTT by sequence number
Kevin Hogan [Sun, 3 Sep 2017 14:07:37 +0000 (07:07 -0700)]
Qt: Restore ability to display RTT by sequence number

Adds a checkbox to the TCP Stream Dialog's "Round-trip-time"
graph tab that allows user to choose sequence number
on the x-axis rather than time.

Bug: 13740
Change-Id: Iaf881318437c7eecd16cf6c1f8745283ce9b4a7d
Reviewed-on: https://code.wireshark.org/review/23376
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoCMake: fix extcaps dependency list
Martin Kaiser [Wed, 30 Aug 2017 21:20:21 +0000 (23:20 +0200)]
CMake: fix extcaps dependency list

When compiling the list of dependencies for the extcaps target, add only
those targets that we're actually building. If we skip an extcap, e.g.
because we're missing libraries to build it, don't add this extcap to
the dependency list.

This issue was observed on a Debian box that had no libssh-gcrypt-dev
package installed. Running cmake would create a warning about
non-existent dependencies of the extcaps target.

-- Configuring done
CMake Warning (dev) at CMakeLists.txt:3217 (add_dependencies):
  Policy CMP0046 is not set: Error on non-existent dependency in
  add_dependencies.  Run "cmake --help-policy CMP0046" for policy details.
  Use the cmake_policy command to set the policy and suppress this warning.

  The dependency target "ciscodump" of target "extcaps" does not exist.
This warning is for project developers.  Use -Wno-dev to suppress it.

Change-Id: I7335173fce9833423b0e9443589143cc1a122ac0
Reviewed-on: https://code.wireshark.org/review/23321
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
6 years agoSnort: check executable and config files exist before trying to run.
Martin Mathieson [Sun, 10 Sep 2017 17:03:14 +0000 (18:03 +0100)]
Snort: check executable and config files exist before trying to run.

Change-Id: I63986a61b392a74406ccefeaa001c110793c340a
Reviewed-on: https://code.wireshark.org/review/23469
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoqt: Fix some leaked menu objects
Mikael Kanstrup [Sun, 17 Sep 2017 21:48:12 +0000 (23:48 +0200)]
qt: Fix some leaked menu objects

Calling QPushButton.setMenu and QMenu.addMenu does not transfer ownership
of the menu. Fix some leaks by letting "receiving" object act parent
for the menu object.

Bug: 14071
Change-Id: Id4edaf895503ef5dd4597eac99c2cdd6ad09b2ff
Reviewed-on: https://code.wireshark.org/review/23600
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoFix leaks related to recent settings
Mikael Kanstrup [Thu, 14 Sep 2017 12:53:18 +0000 (14:53 +0200)]
Fix leaks related to recent settings

Fix leaks related to recent settings reported by Valgrind simply after starting/stopping
application.

Bug: 14071
Change-Id: Ib4f205218945c8776724899c0dd99cc81b79a41d
Reviewed-on: https://code.wireshark.org/review/23599
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoExplicitly add ICMP and ICMPv6 to Flow graph.
Michael Mann [Tue, 19 Sep 2017 21:31:11 +0000 (17:31 -0400)]
Explicitly add ICMP and ICMPv6 to Flow graph.

Functionality for ICMP was "hidden" in the frame/"any" flow.
Pull it out into its own using the new sequence analysis API.

Change-Id: I2035f1a59a9e46ea1086443ad4b4a9723dc13883
Reviewed-on: https://code.wireshark.org/review/23625
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoIntegrate LBM UIM Flow dialog into "regular" Flow diagram.
Michael Mann [Wed, 20 Sep 2017 01:49:55 +0000 (21:49 -0400)]
Integrate LBM UIM Flow dialog into "regular" Flow diagram.

Reduce all of the code duplication and just register the sequence
analysis functionality in LBM dissector.

Change-Id: I6cb5a7f0a92b04357334bbae301fa2d730a21994
Reviewed-on: https://code.wireshark.org/review/23630
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoRename get_plugin_dir() for consistency
João Valverde [Mon, 18 Sep 2017 14:45:17 +0000 (15:45 +0100)]
Rename get_plugin_dir() for consistency

WS_DLL_PUBLIC const char *get_plugin_dir(void);
WS_DLL_PUBLIC const char *get_plugins_pers_dir(void);

Opt for the plural form consistently (for public functions at least).

Change-Id: I8a5861ad7f90f9c87168bd3275bd9dbc5c83b749
Reviewed-on: https://code.wireshark.org/review/23608
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
6 years agowindows-common: remove volatile qualifier from num_aces
Martin Kaiser [Tue, 19 Sep 2017 21:16:44 +0000 (23:16 +0200)]
windows-common: remove volatile qualifier from num_aces

A variable in a dissector must only be volatile if it's used inside a
CATCH block. This is not the case for num_aces.

Change-Id: I3aedb9ad2f8b96f56c9be2120276b552602658a1
Reviewed-on: https://code.wireshark.org/review/23624
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoQt: main window slots: don't connect setCaptureFile to DecodeAsDialog
Martin Kaiser [Tue, 19 Sep 2017 21:13:34 +0000 (23:13 +0200)]
Qt: main window slots: don't connect setCaptureFile to DecodeAsDialog

The refactored DecodeAsDialog class has no setCaptureFile slot any more.
It seems it's always in the foreground and there's no way to change the
capture file while the DecodeAsDialog is active.

The dangling connection caused a warning

QObject::connect: No such slot
DecodeAsDialog::setCaptureFile(capture_file*)
   in ../ui/qt/main_window_slots.cpp:2881
QObject::connect:  (sender name:   'MainWindow')
QObject::connect:  (receiver name: 'DecodeAsDialog')

Change-Id: Ibb12b9cdded3c6b7cca40ce08874bc4f1af4eec7
Reviewed-on: https://code.wireshark.org/review/23623
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years ago6lowpan: Create ifcid from AT_ETHER
Stig Bjørlykke [Tue, 19 Sep 2017 13:53:05 +0000 (15:53 +0200)]
6lowpan: Create ifcid from AT_ETHER

This will reassemble source and destination addresses from Bluetooth
and Bluetooth LE.

Change-Id: I563ef7b411488a2ba99fe2284eca0445208cf7e1
Reviewed-on: https://code.wireshark.org/review/23618
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoSequence (flow) analysis: fill timestamp when creating item.
Jakub Zawadzki [Tue, 19 Sep 2017 16:51:36 +0000 (18:51 +0200)]
Sequence (flow) analysis: fill timestamp when creating item.

Change-Id: Ie1b82d016b632162a91e2ed54a964662bc25e9d5
Reviewed-on: https://code.wireshark.org/review/23620
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoWebSocket: check websocket_extensions pointer validity
Pascal Quantin [Tue, 19 Sep 2017 20:28:55 +0000 (22:28 +0200)]
WebSocket: check websocket_extensions pointer validity

Bug: 14075
Change-Id: I825a30e5b8bfa57a020ae208a3a6ee67ee1a58d3
Reviewed-on: https://code.wireshark.org/review/23622
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
6 years agoIXIA lcap support
Joerg Mayer [Tue, 19 Sep 2017 11:30:56 +0000 (15:30 +0400)]
IXIA lcap support

IXIA^WKeysight Technologies's vitual IxNetwork version 8.30 will
create capture files in a modified format: It uses a different magic
and adds the total size of all records, i.e. the filesize minus the
headersize. Add support for this.

v2: Different file types use different magic numbers.

Not yet tested/supported: The default fileending is .lcap

Bug: 14073
Change-Id: Ida90b188ca66a78ff22dca237e4fd6b22e02dc14
Reviewed-on: https://code.wireshark.org/review/23614
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years ago[PFCP] Add more IE dissection.
AndersBroman [Tue, 19 Sep 2017 14:09:35 +0000 (16:09 +0200)]
[PFCP] Add more IE dissection.

Change-Id: Ib055d43fa13aa826ce449ad93cecaab9617d75db
Reviewed-on: https://code.wireshark.org/review/23617
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agobtle: Use bd_addr as link-layer address in data PDU
Stig Bjørlykke [Tue, 19 Sep 2017 13:49:06 +0000 (15:49 +0200)]
btle: Use bd_addr as link-layer address in data PDU

This can be used in a higher layer 6LoWPAN to recreate the source
and destination addresses.

Change-Id: I967c3ac7c3a50526a10bec067521419d0aed8b4f
Reviewed-on: https://code.wireshark.org/review/23616
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoDisable flex-generated [-Wsign-compare] warnings
João Valverde [Fri, 18 Aug 2017 19:11:47 +0000 (20:11 +0100)]
Disable flex-generated [-Wsign-compare] warnings

Change-Id: Iace0462e6bb50573f3e4603f7a19e4b7ee1f9733
Reviewed-on: https://code.wireshark.org/review/23541
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
6 years agoSequence analysis (flow graph) optimizations for dissectors
Michael Mann [Tue, 19 Sep 2017 02:48:11 +0000 (22:48 -0400)]
Sequence analysis (flow graph) optimizations for dissectors

1. Remove protocol member from seq_analysis_item_t.
It's not used by any GUI, so don't burden dissectors with populating it.

2. Allow any dissector to change colors display by flow graph

3. Provide helper functions that may be common if other dissectors
want to create sequence analysis.

Change-Id: I04fa3c9f3cf6879ab9a8d7d6f4896b4979d010d7
Reviewed-on: https://code.wireshark.org/review/23613
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoqt: Fix leaked style for OverlayScrollBar
Mikael Kanstrup [Mon, 18 Sep 2017 13:22:18 +0000 (15:22 +0200)]
qt: Fix leaked style for OverlayScrollBar

The QWidget::setStyle method does not transfer ownership of supplied
style object. Fix leak by letting OverlayScrollBar free styles
created.

Bug: 14071
Change-Id: Ibc14cadfc6d012e8a909be21b4f8974009fa75f5
Reviewed-on: https://code.wireshark.org/review/23601
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoprefs: Fix leak when parsing empty pref string
Mikael Kanstrup [Thu, 14 Sep 2017 08:19:12 +0000 (10:19 +0200)]
prefs: Fix leak when parsing empty pref string

Fix minor leak. When parsing preference string lists and preference
is empty a buffer is allocated to hold the string but is then never
inserted into the string list as it is empty. This causes a minor leak
as no reference is kept to allocated buffer and won't be freed by
corresponding clear string list function call.

Bug: 14071
Change-Id: I1edcc77095c0f430e03a49491e5281730fbceb95
Reviewed-on: https://code.wireshark.org/review/23598
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoQt: Add key events to accept and reject changes in FilterExpressionFrame
Stig Bjørlykke [Mon, 18 Sep 2017 18:24:20 +0000 (20:24 +0200)]
Qt: Add key events to accept and reject changes in FilterExpressionFrame

Change-Id: Iba3fe50b3ca4953fc59ebd6235d04f6878d183a4
Reviewed-on: https://code.wireshark.org/review/23607
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoQt: Fix FilterExpressionFrame layout
Stig Bjørlykke [Mon, 18 Sep 2017 17:56:54 +0000 (19:56 +0200)]
Qt: Fix FilterExpressionFrame layout

- Use QToolButton for "Filter Buttons Preferences..." button
- Remove QVBoxLayout layout for Cancel and OK buttons

Change-Id: Ic5d4e96ca1c421750dc45f81a7d15f8ad637649d
Reviewed-on: https://code.wireshark.org/review/23606
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoQt: Add key events to accept and reject changes in PreferenceEditorFrame
Stig Bjørlykke [Mon, 18 Sep 2017 17:20:50 +0000 (19:20 +0200)]
Qt: Add key events to accept and reject changes in PreferenceEditorFrame

Change-Id: I4a9c4b80b0438cd33c38b274a24a3b1b5db46cb8
Reviewed-on: https://code.wireshark.org/review/23605
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoQt: Make ColumnEditorFrame use FieldFilterEdit to get a autocomplete list
Stig Bjørlykke [Sun, 17 Sep 2017 17:40:44 +0000 (19:40 +0200)]
Qt: Make ColumnEditorFrame use FieldFilterEdit to get a autocomplete list

Change-Id: I81d5f46d572aa3f0fa1b5b94741697fc72554d2e
Reviewed-on: https://code.wireshark.org/review/23587
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
6 years agoQt: Add key events to accept and reject changes in ColumnEditorFrame
Stig Bjørlykke [Sun, 17 Sep 2017 16:57:25 +0000 (18:57 +0200)]
Qt: Add key events to accept and reject changes in ColumnEditorFrame

Change-Id: I5f9ee01ee3aca5b2d75136fff3d8dc3e90ca1a4e
Reviewed-on: https://code.wireshark.org/review/23585
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
6 years agoWebSocket: add permessage-deflate extension support
Pascal Quantin [Tue, 12 Sep 2017 12:48:43 +0000 (14:48 +0200)]
WebSocket: add permessage-deflate extension support

Bug: 14054
Change-Id: Ib6fbb58cab4d9eb140c0911391a9c330a036cfd1
Reviewed-on: https://code.wireshark.org/review/23515
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoautomake: Add -Wcomma as a warning flag.
Stig Bjørlykke [Mon, 18 Sep 2017 08:05:52 +0000 (10:05 +0200)]
automake: Add -Wcomma as a warning flag.

Change-Id: I93a8cefe08068f8028de01b3312f04cc05eb4f5c
Reviewed-on: https://code.wireshark.org/review/23597
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoTDS: Fix some URLs and add a note about our heuristic check.
Gerald Combs [Mon, 18 Sep 2017 22:56:25 +0000 (15:56 -0700)]
TDS: Fix some URLs and add a note about our heuristic check.

Wayback-ize a couple of URLs. Note that we might be able to improve our
heuristic check by checking various string lengths. (I didn't add the
checks myself because I don't have any TDS captures with login packets.)

Change-Id: I3d67c66a292fd02035a15e1e047227f55314737a
Reviewed-on: https://code.wireshark.org/review/23612
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
6 years agosharkd: support flows (sequence analysis)
Jakub Zawadzki [Sat, 16 Sep 2017 15:46:15 +0000 (17:46 +0200)]
sharkd: support flows (sequence analysis)

Change-Id: Ie85295dbcfab3efe7ba05c5c9c7ae22d0c6eedec
Reviewed-on: https://code.wireshark.org/review/23572
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoMove most of sequence analysis code from ui/ to epan/
Jakub Zawadzki [Sat, 16 Sep 2017 14:52:23 +0000 (16:52 +0200)]
Move most of sequence analysis code from ui/ to epan/

Create registration system to allow creation of analysis items
to be localized to the dissector.  For now only frame (all) and
TCP are supported.
VOIP functionality will be covered in a separate patch.

Change-Id: I5b05ef6d5afff8d0b162b03a0f451ab810602e81
Reviewed-on: https://code.wireshark.org/review/23571
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoUpdate list of symbols for Debian.
Guy Harris [Mon, 18 Sep 2017 19:48:00 +0000 (12:48 -0700)]
Update list of symbols for Debian.

Change-Id: I4ba02f37fcfbae01d43d7fdf5e5361373a2b0391
Reviewed-on: https://code.wireshark.org/review/23611
Reviewed-by: Guy Harris <guy@alum.mit.edu>
6 years ago[PFCP] Dissect more IEs.
AndersBroman [Mon, 18 Sep 2017 15:20:36 +0000 (17:20 +0200)]
[PFCP] Dissect more IEs.

Change-Id: Ic3a32f3317af81289da0be73474f4a8882d4bf43
Reviewed-on: https://code.wireshark.org/review/23603
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoQt: Fix -Wimplicit-fallthrough with GCC
João Valverde [Sun, 17 Sep 2017 18:21:01 +0000 (19:21 +0100)]
Qt: Fix -Wimplicit-fallthrough with GCC

    ../../../ui/qt/models/decode_as_model.cpp: In member function ‘virtual QVariant DecodeAsModel::data(const QModelIndex&, int) const’:
    ../../../ui/qt/models/decode_as_model.cpp:155:13: error: this statement may fall through [-Werror=implicit-fallthrough=]

Change-Id: I29654a0f6ce6cce7bc778231bc8d6e602875104f
Reviewed-on: https://code.wireshark.org/review/23589
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years ago[PFCP] Add more IE dissection.
AndersBroman [Wed, 13 Sep 2017 15:22:05 +0000 (17:22 +0200)]
[PFCP] Add more IE dissection.

Change-Id: I26a75055d0a4fee209d2d118dd9403d614739d76
Reviewed-on: https://code.wireshark.org/review/23525
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
6 years agoTLS13: restore draft -18 support for HRR
Peter Wu [Thu, 14 Sep 2017 23:09:48 +0000 (00:09 +0100)]
TLS13: restore draft -18 support for HRR

Draft 18 is still the most current boringssl version, avoid a malformed
packet exception by recognizing a draft -18 HelloRetryRequest.

Change-Id: I43cf91350a8a2ebfad6c1e0e35eb9621a3b3e44b
Fixes: v2.3.0rc0-2789-g18c4d1bb1f ("TLS13: update HRR for draft -19")
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/23544
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
6 years agoTLS13: restore draft -18 support for CertificateRequest
Peter Wu [Thu, 14 Sep 2017 23:14:00 +0000 (00:14 +0100)]
TLS13: restore draft -18 support for CertificateRequest

Prevent a malformed packet exception with draft -18 CertificateRequest
message which would break further decryption. Tested with
tls13-18-certreq.pcap from the linked bug.

Change-Id: I00be21935370d0f0be66d2dbc87ee9fea3bb889a
Fixes: v2.3.0rc0-2761-g0e244e01fe ("TLS13: update CertificateRequest dissection for draft -19")
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/23543
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
6 years agoQt: Improved ColumnEditorFrame validation checks
Stig Bjørlykke [Sun, 17 Sep 2017 16:52:10 +0000 (18:52 +0200)]
Qt: Improved ColumnEditorFrame validation checks

Use common validation checks for fieldsNameLineEdit and occurrenceLineEdit.
No need to check for COL_CUSTOM and empty occurrence because this will
give a valid value anyway.

Change-Id: I8981a15954e9a55a9a43e4a5760b34d83aa2e1ca
Reviewed-on: https://code.wireshark.org/review/23584
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
6 years agoUpdate ldp TLVs from iana webpage (scripted).
Joerg Mayer [Sun, 17 Sep 2017 00:26:31 +0000 (04:26 +0400)]
Update ldp TLVs from iana webpage (scripted).

Change-Id: I1cb4210d4af93303298485c86627027adecd6052
Reviewed-on: https://code.wireshark.org/review/23578
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
6 years agoZigBee: fix buffer overrun in zbee_sec_add_key_to_keyring
Peter Wu [Sun, 17 Sep 2017 17:51:06 +0000 (18:51 +0100)]
ZigBee: fix buffer overrun in zbee_sec_add_key_to_keyring

"key" is a guint8 array of ZBEE_APS_CMD_KEY_LENGTH, compare its value
and not the pointer.

Bug: 14070
Change-Id: I8add2bbcc04f9bbbc9502a07aa34d35b5a67e1c1
Fixes: v2.5.0rc0-1007-gf63fc33362 ("ZigBee: implemented a dissector for ZBOSS key dump")
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3408
Reviewed-on: https://code.wireshark.org/review/23588
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoDMP: check 7bit string length before decoding it
Pascal Quantin [Sun, 17 Sep 2017 19:46:09 +0000 (21:46 +0200)]
DMP: check 7bit string length before decoding it

Bug: 14068
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3372
Change-Id: Ib9ff63e2ef8d3c2546f357534c374a662e70e43c
Reviewed-on: https://code.wireshark.org/review/23591
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
6 years agoRRC: check wmem_strbuf_t pointer before using it
Pascal Quantin [Sun, 17 Sep 2017 19:15:08 +0000 (21:15 +0200)]
RRC: check wmem_strbuf_t pointer before using it

Digit field is also ussed by other fields than PLMN-Identity and
IMSI-GSM-MAP

Bug: 14069
Change-Id: Ic8cf4dc148fecf24e28ef1be21c3968d46e4b456
Reviewed-on: https://code.wireshark.org/review/23590
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
6 years agocmake: Add option to disable -Wframe-larger-than
Stig Bjørlykke [Sat, 16 Sep 2017 10:47:30 +0000 (12:47 +0200)]
cmake: Add option to disable -Wframe-larger-than

In some editors (like Xcode) it's possible to turn on and off
ASAN and UBSAN independent of the settings in CMake.

This option will disable the -Wframe-larger-than= flag even if
ASAN or UBSAN are not turned on in CMake.

Change-Id: I70b1ae544fe87093d0f5ce7ceb191f33399191ea
Reviewed-on: https://code.wireshark.org/review/23567
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
6 years agoAdd comment to docinfo.xml to note make-version.pl update
João Valverde [Sun, 17 Sep 2017 17:04:25 +0000 (18:04 +0100)]
Add comment to docinfo.xml to note make-version.pl update

Change-Id: I71e4352c94515e4edc3a7bda6851ecfd404800ef
Reviewed-on: https://code.wireshark.org/review/23586
Reviewed-by: João Valverde <j@v6e.pt>
6 years agoplugins: Change personal plugin dir path on Unix
João Valverde [Mon, 11 Sep 2017 01:20:03 +0000 (02:20 +0100)]
plugins: Change personal plugin dir path on Unix

Installing machine code to XDG_CONFIG_HOME is problematic.

Use ~/.local/lib/wireshark/plugins instead.

XDG_CONFIG_HOME should be architecture independent. This allows copying the
configuration between different architectures safely.

Reference: https://www.freedesktop.org/software/systemd/man/file-hierarchy.html

Change-Id: I1b18f64aab4dd351d611cfbea3b9333f23c98bfa
Reviewed-on: https://code.wireshark.org/review/23498
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
6 years agoplugins: Use minor version number for plugin install path
João Valverde [Sun, 10 Sep 2017 22:08:14 +0000 (23:08 +0100)]
plugins: Use minor version number for plugin install path

Wireshark patch releases (X.Y.Z) are binary compatible so reflect
that in the plugin installation path.

By installing to $pkglibdir/plugins/X.Y out-of-tree plugins don't
need to be reinstalled with every patch release.

Change-Id: I9d1728e6fb12bcb51d2a723af22c750cb7a966cf
Reviewed-on: https://code.wireshark.org/review/23497
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
6 years agoplugins: Fix paths to match WSUG
João Valverde [Tue, 12 Sep 2017 09:51:46 +0000 (10:51 +0100)]
plugins: Fix paths to match WSUG

The Wireshark User Guide seems to say:

Global lua plugins are in $pkglibdir/plugins
Personal lua plugins are in XDG_CONFIG_HOME/plugins

Global binary plugins are in $pkglibdir/plugins/$version
Personal binary plugins are in XDG_CONFIG_HOME/plugins/$version

Fix code to match that. This is a backward-incompatible change
for global lua plugins and personal binary plugins.

Adds a version subfolder to the personal plugin folder for binary plugins.

This allows for safe upgrades and side-by-side installations
with different prefixes (they no longer use the same personal dir).

Change-Id: Ie0f039113628a257625a9a9fb2cb30e532f5dd47
Reviewed-on: https://code.wireshark.org/review/23516
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
6 years ago[Automatic update for 2017-09-17]
Gerald Combs [Sun, 17 Sep 2017 08:07:02 +0000 (08:07 +0000)]
[Automatic update for 2017-09-17]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: I0b157ca377ef2e8f1a2502e51b542322dc0d36b2
Reviewed-on: https://code.wireshark.org/review/23580
Reviewed-by: Gerald Combs <gerald@wireshark.org>
6 years agoCMake: Initial work to install headers for the benefit of plugins
João Valverde [Sat, 2 Sep 2017 23:42:00 +0000 (00:42 +0100)]
CMake: Initial work to install headers for the benefit of plugins

To be continued incrementally to fix gaps and omissions.

If we are willing to reorganize the source tree to have one or two header
include folders this could be simplified considerably.

It would also force developers to give more consideration to API issues,
which is a good thing.

See also e7ef19efc0e928b50644b37772ccbf176e74f766.

Bug: 14062
Change-Id: I0759da2f9793cfb5cf92c9e231457bba43df4353
Reviewed-on: https://code.wireshark.org/review/23548
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
6 years agoFix the trivial fix.
Joerg Mayer [Sun, 17 Sep 2017 01:11:27 +0000 (05:11 +0400)]
Fix the trivial fix.

Change-Id: I95743eb53a3f30206a496163dea3b79f92a54b4e
Reviewed-on: https://code.wireshark.org/review/23579
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
6 years agoieee802.11: Add Element ID Extension dissector framework
Masashi Honma [Sat, 16 Sep 2017 23:24:20 +0000 (08:24 +0900)]
ieee802.11: Add Element ID Extension dissector framework

The IEEE Std 802.11ai-2016 and 802.11-2016 defines Element ID Extensions.
This patch add the dissector framework of it.

Change-Id: I47b21959cc115743d6b2f0c691bc41f3059d45cd
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Reviewed-on: https://code.wireshark.org/review/23577
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoieee802.11: Add FILS authentication algorithm number
Masashi Honma [Sat, 16 Sep 2017 23:23:25 +0000 (08:23 +0900)]
ieee802.11: Add FILS authentication algorithm number

The IEEE Std 802.11ai-2016 defines new algorithm number for FILS(IEEE 802.11ai)
at "9.4.1.1 Authentication Algorithm Number field" section.

Change-Id: I4351682d38efab2727e3a36741fe2f49508bba14
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Reviewed-on: https://code.wireshark.org/review/23576
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoInquire what frame_size < msdu_length means.
Guy Harris [Sat, 16 Sep 2017 20:23:34 +0000 (13:23 -0700)]
Inquire what frame_size < msdu_length means.

Change-Id: Ie618ed61fb098bfe55529e31e9cc3f6bfe7d4ac0
Reviewed-on: https://code.wireshark.org/review/23575
Reviewed-by: Guy Harris <guy@alum.mit.edu>
6 years ago_U_ is wrong in c++, as is Q_UNUSED (in most cases).
Joerg Mayer [Sat, 16 Sep 2017 14:35:01 +0000 (18:35 +0400)]
_U_ is wrong in c++, as is Q_UNUSED (in most cases).
The correct way is to not name the variable.

interface_tree_cache_model.cpp is one of the exceptions: Use Q_UNUSED in a conditional compile, instead of unconditionally.

Change-Id: If561e632a3a60d2424f454202f233e9a63926e78
Reviewed-on: https://code.wireshark.org/review/23570
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
6 years ago_U_ is wrong in c++, as is Q_UNUSED (in most cases).
Joerg Mayer [Sat, 16 Sep 2017 14:19:23 +0000 (18:19 +0400)]
_U_ is wrong in c++, as is Q_UNUSED (in most cases).
The correct way is to not name the variable.

Change-Id: Ic016f1b9161db6b4cc3f6534c853a1f50e31aa2b
Reviewed-on: https://code.wireshark.org/review/23569
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
6 years agomake-version.pl: Update Wireshark version in User/Developer Guides
João Valverde [Fri, 15 Sep 2017 14:58:21 +0000 (15:58 +0100)]
make-version.pl: Update Wireshark version in User/Developer Guides

Change-Id: I5b14a6ae815e9e6e9c1705a8e38945e19dba479a
Reviewed-on: https://code.wireshark.org/review/23554
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: João Valverde <j@v6e.pt>
6 years agoGTPv2: improve APN restriction IE
Joakim Karlsson [Fri, 15 Sep 2017 18:41:38 +0000 (20:41 +0200)]
GTPv2: improve APN restriction IE

Change-Id: Id5fd2a0c6b09a1127ab867bf2e5bc44a0cd2acd6
Reviewed-on: https://code.wireshark.org/review/23565
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agocmake: Add -Wcomma as a warning flag.
Stig Bjørlykke [Sat, 16 Sep 2017 10:21:04 +0000 (12:21 +0200)]
cmake: Add -Wcomma as a warning flag.

Change-Id: I90827ac2cd2277a969d25996392ad1627fc6c530
Reviewed-on: https://code.wireshark.org/review/23566
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoAdd support for dissector tables of type FT_NONE.
Michael Mann [Sun, 9 Jul 2017 17:44:06 +0000 (13:44 -0400)]
Add support for dissector tables of type FT_NONE.

This is for dissectors that have "payloads" that don't have
a unique identifier to determine a sub dissector.

For the command line parameter -d, specifying a selector is no longer
required for dissector tables of type FT_NONE.

Change-Id: I3370d9e0dc147deeca4f26b842fe35dc3bda876e
Reviewed-on: https://code.wireshark.org/review/22574
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoHave register_decode_as_next_proto create dissector table.
Michael Mann [Sun, 9 Jul 2017 17:47:59 +0000 (13:47 -0400)]
Have register_decode_as_next_proto create dissector table.

For protocols that have don't have a unique identifier for their
payload, have register_decode_as_next_proto be a one stop shop to
create Decode As functionality and a dissector table of type FT_NONE.

Change-Id: Ic1f2e9ed0aee0554a4eb8f232630b99c0604dfc0
Reviewed-on: https://code.wireshark.org/review/22575
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoRefactor Decode As dialog to use a model/delegate
Michael Mann [Fri, 14 Jul 2017 19:21:37 +0000 (15:21 -0400)]
Refactor Decode As dialog to use a model/delegate

The model provides a lot more flexibility and abstracting the
data from the view (dialog)

Noticeable changes from user perspective:
1. Value column doesn't always have a combobox.  If registered decode as
structure doesn't support multiple values, a simple edit box is used.
2. Existing value will always be a choice (default) in the Value combobox.
3. Duplicate values in Value combobox have been removed (for things like
UDP port where source port and dest. port are same)
4. When adding/copying a decode as item, only first column (table) is
editable, not the whole column.
5. Separator always present in Current protocol column to distinguish
"none" from rest of protocols.
6. "Current" protocol defaults to "default value" when first added to the
list instead of "none".

Noticeable changes from developer perspective:
1. Code is much more spread out, but most new additions (like DCE/RPC support)
should be limited to the model class (maybe delegate).  The dialog class
probably won't change much anymore.
2. decode_as_dialog.ui is much less useful because information is provided through
model and delegate.

Change-Id: I70a667cab2c07d251ab370430bc51e5c1f4a3a02
Reviewed-on: https://code.wireshark.org/review/22625
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agogtp: add readable numbers
Joakim Karlsson [Fri, 15 Sep 2017 12:00:07 +0000 (14:00 +0200)]
gtp: add readable numbers

Change-Id: I95f814d2a92d8c585db57f8ab32e6a84a8eeeb6d
Reviewed-on: https://code.wireshark.org/review/23564
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agogtp: correct order of eARP
Joakim Karlsson [Fri, 15 Sep 2017 11:32:30 +0000 (13:32 +0200)]
gtp: correct order of eARP

Change-Id: Idc6d4d9c7f12521fa878f25ef66187fd286f017b
Reviewed-on: https://code.wireshark.org/review/23563
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agogtp: update of MS Not Reachable Reason
Joakim Karlsson [Fri, 15 Sep 2017 11:26:49 +0000 (13:26 +0200)]
gtp: update of MS Not Reachable Reason

Change-Id: I48c056ba7a532148275f6c1cea9cd3a916c70952
Reviewed-on: https://code.wireshark.org/review/23562
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agowireless-timeline: handle generators that report incorrect MCS for some frames
Simon Barber [Tue, 12 Sep 2017 22:35:47 +0000 (15:35 -0700)]
wireless-timeline: handle generators that report incorrect MCS for some frames

Macbook and QCA generators sometimes report the minimum MCS for subframes
in an aggregate that have FCS errors.

Change-Id: I77d1a81f5b3d0e3d0755adcb889f1237b0257814
Reviewed-on: https://code.wireshark.org/review/23521
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agobtle: Add Bluetooth 5.0 LL Control PDUs
Stig Bjørlykke [Thu, 14 Sep 2017 08:47:26 +0000 (10:47 +0200)]
btle: Add Bluetooth 5.0 LL Control PDUs

* Dissect LL_PHY_REQ, LL_PHY_RSP, LL_PHY_UPDATE_IND and LL_MIN_USED_CHANNELS_IND.
* Add Control Feature Set values.
* Change Advertising Header Length from 6 bits to 8 bits (and removed RFU).
* Change Data Header Length from 5 bits to 8 bits (and removed RFU).

Change-Id: I453583fbb8c36dc87642c3c5087ab6dd77c46e45
Reviewed-on: https://code.wireshark.org/review/23536
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agowslua: Disable -Wunreachable-code in lua_bitop.c
Stig Bjørlykke [Fri, 15 Sep 2017 18:41:02 +0000 (20:41 +0200)]
wslua: Disable -Wunreachable-code in lua_bitop.c

Some code is unreachable in some configurations.

Change-Id: I23ff9a6032f4f7f6eb8e6607c6473a77a8bb6ac6
Reviewed-on: https://code.wireshark.org/review/23561
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoUMTS RRC: Call E.212 Dissector
Darien Spencer [Sun, 27 Aug 2017 19:10:48 +0000 (22:10 +0300)]
UMTS RRC: Call E.212 Dissector

Calling E.212 dissector for MCC-MNC pairs/IMSIs found in RRC messages

Change-Id: I1cbb4fe552323b65c761cdf7a721e8b93f297106
Reviewed-on: https://code.wireshark.org/review/23520
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
6 years agowslua: Avoid possible misuse of comma operator warning
Stig Bjørlykke [Fri, 15 Sep 2017 18:35:28 +0000 (20:35 +0200)]
wslua: Avoid possible misuse of comma operator warning

Change-Id: I441359741332aa49fb91ded438cf2ec3d70b5e0f
Reviewed-on: https://code.wireshark.org/review/23560
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
6 years agoepan: Fix misuse of comma operator
Stig Bjørlykke [Fri, 15 Sep 2017 18:28:24 +0000 (20:28 +0200)]
epan: Fix misuse of comma operator

Change-Id: I349dc9896db0bd306bc92f92eb9d4a65d98d309c
Reviewed-on: https://code.wireshark.org/review/23558
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
6 years agoQt: Use Q_UNUSED macro for unused arguments
Stig Bjørlykke [Fri, 15 Sep 2017 18:29:49 +0000 (20:29 +0200)]
Qt: Use Q_UNUSED macro for unused arguments

Change-Id: I4bf7fe4ba3e3e6575e6537a8ec2b6024c253e776
Reviewed-on: https://code.wireshark.org/review/23559
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>