git.samba.org - metze/wireshark/wip.git/log

.mailmap: update of May (2018)

Change-Id: I91de09062e3bfa9bb295d1a00ece5ed533ebdb5d
Reviewed-on: https://code.wireshark.org/review/27704
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Remove some unused .gitignore entries.

Remove unused documentation extensions (.dbk or .fo) and what appear to
be files generated or used by QMake.

Change-Id: I8635436e6e7e7117ef9d0aadf97f925751d8df18
Reviewed-on: https://code.wireshark.org/review/27795
Reviewed-by: Anders Broman <a.broman58@gmail.com>

media_type: Default decode application/octet-stream as data

Remove registering media_type application/octet-stream from both
thread and uasip because the settings will interfere each other.

Enable decoding as for media_type instead.

Bug: 14729
Change-Id: I58c527977fe4713418219fc3126ce7a93c4bb641
Reviewed-on: https://code.wireshark.org/review/27789
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Asciidoctor: Remove underscores from macro names.

AsciiDoc allows dashes in macro names but not underscores. Current
versions of AsciiDoctor allow the inverse. Remove underscores to allow
for easier copying and pasting.

Remove asciidoc.conf while we're here. It's no longer used.

Change-Id: I32d8a4ec695b9e17a80ac720ee9faf62dbb362d3
Reviewed-on: https://code.wireshark.org/review/27787
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

ieee80211: Make DMG Capabilities dissection handle earlier formats

The recent changes to support the current 22-byte DMC Capabilities IE
defined in IEEE802.11-2012 prevents Wireshark from handling frames
in the earlier format.

This change allows Wireshark to dissect both the earlier and current
formats but gives an error if the IE does not have a length of 22.

The error could perhaps be demoted to a warning.

Also made a minor correction to the header fields to conform with
other uses.

Bug: 14727
Change-Id: I3dc333b273f915fa5f5f4cc5c13c1b84863b6713
Reviewed-on: https://code.wireshark.org/review/27782
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

PDCP NR: add a framing option to indicate MAC-I presence in user plane PDU (CID 1435480)

Change-Id: I155e4fad0c42c4b2b10cf3a2cb71c0927190b8db
Reviewed-on: https://code.wireshark.org/review/27780
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Allow extra plugins to be missing e.g. because they are in another branch
and still succeed with CMake.

Update the example paths to add epan while at it.

Change-Id: I92d21cc5699e784d7e151d18103d7e44078a40ab
Reviewed-on: https://code.wireshark.org/review/25812
Reviewed-by: Jörg Mayer <jmayer@loplof.de>

opa-mad: Add Support for Reassembly of PA & SA RMPP packets

Change-Id: I349dbd74768df57d6831fa73c3bdbd472be4aaa6
Signed-off-by: Adam Goldman <adam.goldman@intel.com>
Reviewed-on: https://code.wireshark.org/review/27386
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

6lowpan: fix reassembly for forwarded packets

With 6LoWPAN mesh routing over 802.15.4 networks, the same packet will
be forwarded over different links. Such duplicate datagram tags will
result in collisions (wrong "Reasssembled in" and reassembly failure).

Incorporate the link-layer address to differentiate fragments in
forwarded packets, in addition to the datagram tag.

Bug: 14700
Change-Id: I8e4adae54b3e903cfcd74844c6bbe0ecf17eefda
Reviewed-on: https://code.wireshark.org/review/27761
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Eduardo Montoya Marín <emontoya@kirale.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Robert Sauter <sauter@locoslab.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

extcap: set EXTCAP_DIR in the root cmake file and propagate it.

The EXTCAP_DIR must be known in the root file to be set in config.h
and it's still needed in extcap/ to install the binaries, hence we
need caching it as well.

Bug: 14724

Change-Id: I58bac7de7a00e06c23fe8c8f1a7e3d299de6a560
Reviewed-on: https://code.wireshark.org/review/27776
Reviewed-by: Mikael Kanstrup <mikael.kanstrup@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ws_pipe: don't check for negative number using DWORD.

DWORD on windows is unsigned, then there is no point in checking
for negative values.

Change-Id: I0b03fb19ebdff86e610cd4571fc30c49b7bd1284
Reviewed-on: https://code.wireshark.org/review/27766
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

DoIP: ISO 13400-2 Diagnostic communication over Internet Protocol

DoIP is a vehicle bus protocol. It is carried by TCP or UDP and may include an UDS payload.

Change-Id: I1459c51fd710da8e2aaff0056bbf3f6e42c1b25e
Reviewed-on: https://code.wireshark.org/review/27448
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

RNSAP: Parse transportLayerAddress and bindingID

Parse IPv4/v6 and UDP ports

Change-Id: I3cbab496b4c73c1d0a0dbc55be29add8eab60dea
Reviewed-on: https://code.wireshark.org/review/27773
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

NBAP: Fix style issues in .cnf

Removed empty lines and fixed indentations

Change-Id: I583110e87f4fcf76af66d3ed4c3907bf2caba327
Reviewed-on: https://code.wireshark.org/review/27774
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ieee80211: Add dissector for Aerohive vendor specific IE

Dissector supports only type 33: Host Name.

Change-Id: I90fe19494ce8e1ea209af56162b31711f3f7619c
Reviewed-on: https://code.wireshark.org/review/27757
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

coap: Revert "Store ctype values in transaction tracking"

This change was based on a incomplete/incorrect implementation of
LwM2M and is not correct because the payload encoding is mandatory
in the response.

This reverts commit 46fcf452ac0204152b6a4fd574547fb478f9e63b.
This reverts commit b1e0cb01b33d1e6798e5f3b2f649b2359874c622.

Change-Id: I89ae1f84e2735ad049a0f7c9045175940bed25cb
Reviewed-on: https://code.wireshark.org/review/27770
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

androiddump: Fix tcpdump encap type when libwiretap is used

androiddump determines encap type by parsing pcap global header from
tcpdump binary output. Only when libpcap is used with androiddump
this (pcap linktype) value can be used right away. Libwiretap
uses its own encap values but is feed with pcap linktype values
making the whole packet encapsulation invalid.

Fix by converting pcap linktype values into wiretap encap values

(For pcap linktype definitions see http://www.tcpdump.org/linktypes.html)
(For wtap encap defininitions see wiretap/wtap.h)

Fixes: bfef57ebb7 ("androiddump: Fix and simplify tcpdump capture")
Change-Id: I5ea86204b8e5774fd84d4007db8c2910680dbd53
Reviewed-on: https://code.wireshark.org/review/27747
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Florian Bezold <florian.bezold@esrlabs.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>

pfcp: updated names Sx -> PFCP

According to TS 29.244, the name Sx is not used any more. Now it
fully utilize PFCP.

Side note: PFCP is used (today) over interfaces Sxa/Sxb/Sxc/N4.

Change-Id: I2773e64d44f5ca4e010494246ba1f30c21de371b
Reviewed-on: https://code.wireshark.org/review/27756
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

uaudp: simplified code (moved tests of length before the switch/cases)

Change-Id: I78fa8b94e074e23cec2d3a550e62f43fff59c689
Reviewed-on: https://code.wireshark.org/review/27755
Reviewed-by: Anders Broman <a.broman58@gmail.com>

CMake: remove GIT_BIN_PARAM

Added in adb731c1cd69855b1655a0f23001655392a07340 but never worked,
and later corrected in e21da738262af2ba6cf72f46fdc045f0337ca27e.
Correction however gave cygwin user problems with the perl optional parameter
which droped qoutes around the path. But since the orginal commit never worked
as intended in the beginning, it's assume safe to remove.

Change-Id: I825a4e53b257d47601c330b210ac5ffb6870e0d9
Reviewed-on: https://code.wireshark.org/review/27758
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Support search without a selected packet

Support doing Find Packet, search for next/previous marked packet and
search for next/previous time reference without having a packet selected
in the packet list.

Change-Id: I648b26365385d98155e905cda270e9e785b9f1da
Reviewed-on: https://code.wireshark.org/review/27752
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

maxmind: Move request processing to a thread.

It's possible to block while we're writing to our mmdbresolve pipe,
particularly on Windows. Move the write to a separate thread.

Add an #ifdef to mmdbresolve.c which helps test blocking.

Bug: 14701
Change-Id: I6cb8a46a190a268da64f1e6f54d1052d03743c95
Reviewed-on: https://code.wireshark.org/review/27750
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ieee80211: Make QoS DSCP Exception and Range descriptions searchable.

People still want to search on the non-broken out fields.

Change-Id: Ibb68d9d335abc5b409ed99044ac2e895d672a174
Reviewed-on: https://code.wireshark.org/review/27760
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ieee80211: extend DMG capabilities element

extend DMG capabilities element as per IEEE 802.11-2016 spec.

Change-Id: I087c6811399d64e19a2ff0d52b62499a5641940c
Reviewed-on: https://code.wireshark.org/review/27716
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>

IEEE 1722: rename IEC subdissector from 61883 to iec61883

Otherwise it can collide with the value 61883 typed in a display filter.
See https://ask.wireshark.org/question/3177 for details.

Change-Id: Ida4872bc4e4b56cb096079a0f0c42e11856e228c
Reviewed-on: https://code.wireshark.org/review/27754
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

NBAP: Simplify private data API

Explicit getters/setters seems excessive and become
unmaintainable when the private data struct gets big, like in NBAP

Change-Id: I54d6eea327f1b393d9f80aafcbdd75080e10d50d
Reviewed-on: https://code.wireshark.org/review/27749
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Add asciidoctor and asciidoctor-pdf to macos-setup.sh

Change-Id: I531c3cbb4685e722e9b5f7762f184063eca61976
Reviewed-on: https://code.wireshark.org/review/26129
Reviewed-by: Jörg Mayer <jmayer@loplof.de>

plugins: Don't free static variable

Our convention is to pass a pointer to a static structure as argument
to *_register_plugin(). Don't try to free it.

Change-Id: I16d81b72faf298ebfb3dccf4c9d4772291fd8cf0
Reviewed-on: https://code.wireshark.org/review/27748
Reviewed-by: João Valverde <j@v6e.pt>

ws_pipe: fix return code on windows.

Change-Id: I30d24a5cad1991c2ce6a0f2a63fbe715b92943ec
Reviewed-on: https://code.wireshark.org/review/27745
Reviewed-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>

Expand doc/pugins.example README a bit.

Change-Id: Ife25fe9aaa333ffcdce3f2a48faed565dc83aebf
Reviewed-on: https://code.wireshark.org/review/27746
Reviewed-by: João Valverde <j@v6e.pt>

Fixups to doc/plugins.example build

Set symbol visibility properly.

Add -Wall -Wextra GCC flags that were there previosuly.

Remove duplicate -I compiler flags. Remove useless "hello_EXPORTS" definition while at it.

Change-Id: Iac173f02e41b3b4f2999e5d71b95b910a9c2da11
Reviewed-on: https://code.wireshark.org/review/27744
Reviewed-by: João Valverde <j@v6e.pt>

Don't look for Asciidoctor PDF unless we find Asciidoctor.

Fix a doc string while we're here.

Change-Id: Ic67e40dc7e8d624a00b97fe40fe162e6f8633cfc
Reviewed-on: https://code.wireshark.org/review/27728
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Update menus when mark/ignore/timeref packet

Update menus when changing mark, ignore or time reference on a packet
to enable/disable entries accordingly.

Change-Id: Icb95b3371fe8183cdeea1b6b2c71d1d33f998dc0
Reviewed-on: https://code.wireshark.org/review/27737
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

vnc: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: Ieee4c370dabb4dde9dacd4f4ee709937969bbd66
Reviewed-on: https://code.wireshark.org/review/27707
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

VNC: move parentheses (and reindent code).

Change-Id: I71afc81bbf4b4c9d4de5341f269ebd69bfe3686b
Reviewed-on: https://code.wireshark.org/review/27706
Reviewed-by: Anders Broman <a.broman58@gmail.com>

make our version of nla_for_each_nested() public

caputils/ws80211_utils.c contains a re-definition of the linux kernel's
nla_for_each_nested() macro that applies the correct casts to allow
compilation with a C++ compiler.

Make this definition public by moving it into a new wsutil/netlink.h
file. Include the kernel's original definition before we overwrite it. This
way, it's not necessary for a .c file to include wsutil/netlink.h after
the system includes.

Use our nla_for_each_nested() version in extcap/dpauxmon.c to squelch the
following compiler warning:

[1664/2251] Building C object
extcap/CMakeFiles/dpauxmon.dir/dpauxmon.c.o
../extcap/dpauxmon.c: In function ‘family_handler’:
../extcap/dpauxmon.c:168:13: warning: request for implicit conversion
from ‘void *’ to ‘struct nlattr *’ not permitted in C++ [-Wc++-compat]
nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], rem_mcgrp) {

Change-Id: I6ba40ef6343c5d168c1b0c4554f13202911ded76
Reviewed-on: https://code.wireshark.org/review/27688
Reviewed-by: Anders Broman <a.broman58@gmail.com>

pem: validate the base64 lines

g_base64_decode_step will ignore all non-base64 characters, so make sure
we catch such characters ourselves. Otherwise, if we encounter any
non-conforming syntax, we'll parse it as base64 text, and consequently
the BER dissector will receive nonsensical input.

Change-Id: I38294141134626a3d98b5b12837d887492b18102
Reviewed-on: https://code.wireshark.org/review/27653
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

RANAP: optimize a bit the heuristic checks

And explain the new conditions

Change-Id: I7061ef783bebc260370c16622b8811e7b109c520
Reviewed-on: https://code.wireshark.org/review/27727
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

RNSAP over SCCP heuristic dissector

Change-Id: Ife0612b52e96f3b379783515486751a11e65e86c
Reviewed-on: https://code.wireshark.org/review/27721
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

NBAP: remove an unused expert info field

Change-Id: I1d90a81792d76a39532323ed53a187aeda1f231b
Reviewed-on: https://code.wireshark.org/review/27740
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

NBAP: remove a useless mask

Change-Id: Ic433e7f01394fb5d8229d04a7ddbfb52547676e8
Reviewed-on: https://code.wireshark.org/review/27739
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Qt: Default no selection in UAT dialog

Do not start editing the first column for the first item in a UAT dialog.
This is the same behaviour as in UAT frame.

Change-Id: If8dd90c90301b4af9108cc5286d99f83f613a19e
Reviewed-on: https://code.wireshark.org/review/27708
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

uaudp: added support of IPv6 address for the system_ip preference value.

Change-Id: Ieb4f446b7a3baf3fee29b712dc8c99822ddf6446
Reviewed-on: https://code.wireshark.org/review/27710
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

NBAP: optimize a bit the heuristic checks

Change-Id: Idbc0d8e87e3e91890de61449fab8bc70cbbb21f0
Reviewed-on: https://code.wireshark.org/review/27724
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Do IP address resolution synchronously before printing in TShark.

Otherwise, the first N packets printed, for a value of N dependent on
various factors, won't get IP addresses resolved to names, even if the
user wants them resolved. Unlike Wireshark, which, when a name is
resolved in asynchronously, can go back and fix up the displayed packet
when the asynchronous operation completes, once TShark has written
packet data to the standard output, it can't go back and fix it if it
did name resolution asynchronously.

Bug: 14711
Change-Id: I8ebbd83103e5780c903b5560e01b7b92fa39c924
Reviewed-on: https://code.wireshark.org/review/27668
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Creat protocol tvbuff before allocating and freeing memory.

That way, if the attempt to create the protocol tvbuff throws an
exception, we won't leak the protocol representation string, as we won't
even try to allocate it.

Bug: 14719
Change-Id: Id2855bc97e71aa0682737d1a04486a2a01f5f1e6
Reviewed-on: https://code.wireshark.org/review/27730
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Test: Consolidate our environments.

Move WIRESHARK_QUIT_AFTER_CAPTURE to the default environment instead of
running the capture tests in a separate environment.

Change-Id: I5198df35f512ffe8c0d7f091a7b50d5fdb9c4ff6
Reviewed-on: https://code.wireshark.org/review/27711
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Fix a typo.

Change-Id: Ia4c267bf6e0971511417e25f6fbf8fa9abdc1034
Reviewed-on: https://code.wireshark.org/review/27712
Reviewed-by: Gerald Combs <gerald@wireshark.org>

enip: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: I107e6cb7a9c63e904ed734731d0135201d43554c
Reviewed-on: https://code.wireshark.org/review/27709
Reviewed-by: Anders Broman <a.broman58@gmail.com>

sccp: fix data reassembly with multiple fragments

Reuse of the "destination local reference" as identifier for fragments
in the reassembly table resulted in incorrect tracking of fragments.
This results in the following user-visible issues:
- "Reassembled in" in wrong packets after each message.
- "Reassembled in" is shown even for a single, finished fragment.
- Reassembled data is not displayed in the second pass/GUI when a single
packet contains multiple completed fragments (with "no more data").

The first issue occurs because newer fragments overwrite earlier
reassembled results (due to ID collision). As a result, each fragment
will show information about the last fragment.

The second issue occurs because earlier reassembled results were found
for the given colliding ID.

The third issue occurs because of a subtle issue related to matching
"pinfo->curr_layer_num" against the value at the moment when a
reassembly was completed ("reas_in_layer_num"). Even though
"fragment_add_seq_next" returns a finished reassembly head,
"process_reassembled_data" will not return a tvb because the layer
numbers do not match.

If the last frame has multiple fragments, then the above prevents the
first fragment from being displayed. One might expect that the final
finished fragment is correctly shown, but that is also not the case.
In the first pass, the first fragment would be passed to a subdissector,
this increments "pinfo->curr_layer_num". In the second pass, this
subdissector is not invoked and the number will be smaller. As the layer
again do not match, no reassembled result is shown either.

To tackle the above issues, make the reassembly ID really unique for
each group of fragments and make these IDs available in the second pass.

Tested with tshark -V (with and without -2, the output should match) and
the GUI using sccp_reasseble_1.pcap and rnsap_error.cap.

Bug: 3360
Bug: 11130
Change-Id: Ic5a8d69ab8b86d53ade35f242a18153952d7de1e
Reviewed-on: https://code.wireshark.org/review/27676
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

nas-5gs: Return if the message isn't 5GS.

Change-Id: I9659e7a4158427ba5b1a15d5b672981e4fe47f5a
Reviewed-on: https://code.wireshark.org/review/27703
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

rnsap: fix use-after-free of "obj_id"

dissect_PrivateIEFieldValue could use "obj_id" after it was freed. Use
per-packet info instead of globals to avoid such dangling pointers and
erase any previous state to avoid interference in the same packet.

Change-Id: I7376210ef02a8e781b5a34858ae47d2254c74948
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4311
Reviewed-on: https://code.wireshark.org/review/27650
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Darien Spencer <cusneud@mail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

lwm2mtlv: Fix reloading Resource name table

Change-Id: I2c528465aad5472f7a4b4f837e719c24b7b47ecb
Reviewed-on: https://code.wireshark.org/review/27702
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

CMake: Search for asciidoctor-pdf separate from asciidoctor.

Search for asciidoctorj and asciidoctor-pdf and set
ASCIIDOCTOR_PDF_EXECUTABLE if either are found. Only enable the PDF
targets if we find ASCIIDOCTOR_PDF_EXECUTABLE.

Remove env.cmake since it's no longer needed.

Change-Id: Iee82b30eaa67d1ad3fd3a296d9997b0643a0cb4e
Reviewed-on: https://code.wireshark.org/review/27696
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Set a minimum width for the main window.

Set a minimum width for the main window so that we override the minimum
size set by the display filter combo.

Add a couple of comments and fixup a cast while we're here.

Bug: 13516
Change-Id: I6e994a7d06f5a966bb9bf8d3f4c4fc343cd466c8
Reviewed-on: https://code.wireshark.org/review/27697
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

rlc: Catch exceptions from sub-dissectors

Incorrect reassembly and/or parsing ciphered data can lead to exceptions.
We want to be able to parse other SDUs/transport blocks in FP even
if this happens.

Change-Id: Ie54ee337cf85d8c1cd0e3ac8e46bda96ff2304b9
Reviewed-on: https://code.wireshark.org/review/27656
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ieee80211: fix the value for CBAP allocation

as per IEEE 80211-2016: table 9-236, the encoding for
allocation type is (bits 6, 5, 4)

0 - SP allocation
1 - CBAP allocation

Change-Id: Ibe396aee7bd40f573f8e39769aebfe1a610a1c16
Reviewed-on: https://code.wireshark.org/review/27700
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Convert doc/plugins.example to use CMake

Change-Id: Ic290249569ea9bb435638a9cabd4d87ac7ef9323
Reviewed-on: https://code.wireshark.org/review/27699
Reviewed-by: João Valverde <j@v6e.pt>

CMake: Fix unset VERSION_RELEASE variable in wireshark.pc

Change-Id: I81358833f0527f55312aaab7a3dea68f9b128178
Reviewed-on: https://code.wireshark.org/review/27698
Reviewed-by: João Valverde <j@v6e.pt>

proto: add handle of NTP bit 0

According to RFC2030, chapter 3.

If bit 0 is set, the UTC time is in the range 1968-2036 and
UTC time is reckoned from 0h 0m 0s UTC on 1 January 1900.
If bit 0 is not set, the time is in the range 2036-2104 and
UTC time is reckoned from 6h 28m 16s UTC on 7 February 2036.

Change-Id: I9cf25449a1cb3c12d5514e3c7820a204525589d6
Reviewed-on: https://code.wireshark.org/review/27553
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Windows: update custom_plugins.txt template

Change-Id: I98fe409069df66c7082b254dbba24519bc02d7bf
Reviewed-on: https://code.wireshark.org/review/27692
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

GTP: update GTP-U extension header types

Change-Id: I71d8db0f9fe59d41edaf1aa2e6afd4f71436ad91
Reviewed-on: https://code.wireshark.org/review/27682
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Test: Be more paranoid about our log output.

Run our CTest tests with PYTHONIOENCODING=UTF-8.

If someone runs our tests manually and their output encoding isn't
UTF-8, print replacement characters instead of failing with an error.

Open our log files with "errors='backslashreplace'" in case their
contents aren't UTF-8.

Change-Id: Ifa4d12c2b5e272cf3903f3e0c6102e4d961562f1
Reviewed-on: https://code.wireshark.org/review/27686
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Update some CMakeListsCustom.txt templates

Change-Id: I3d4d5d160bfa08f1837ca571c2ff29241893cb2e
Reviewed-on: https://code.wireshark.org/review/27685
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Restore doc/plugins.example Makefile.am

This file was erroneously removed in 4a156da068269aae75d79cd08e579754c52a0c43.
This file is not part of Wireshark's (the application) build system.
We may want to convert the example to use CMake instead (purely for consistency) but until then configure.ac and Makefile.am are required files.

Change-Id: I7902ff71a44bba798e8dc7083103d4785095b374
Reviewed-on: https://code.wireshark.org/review/27684
Reviewed-by: João Valverde <j@v6e.pt>

PDCP NR: status bitmap starts at FMC+1

Moreover we are displaying a 32 bits count, so it can contain up to 10 digits.

Change-Id: I93252f2f631658b1e36c939ba804b4481dc7523b
Reviewed-on: https://code.wireshark.org/review/27683
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Do not use #if* in struct

Do not assume that somebody always includes "config.h" with "epan/prefs.h",
because I do not include that one and I notice a lot of bugs, like:
in one file sizeof(prefs) is 538 but in another is 544...
and of course preferences do not work as expected - order of fields
in the struct was changed. Try to avoid #if in struct.

Remove dependency of config.h for prefs by removing #ifs, because all prefs
should be registered also if not used.

Change-Id: I02f71d2e64acf3e0f90c802b1610cc4620727051
Reviewed-on: https://code.wireshark.org/review/27654
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

json: fix typo.

Change-Id: I36c4d0e15dae2f3cbf0efe1f3e1b0e82433cc3cd
Reviewed-on: https://code.wireshark.org/review/27681
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

sccp: refactor XUDT/XUDTS dissection to reduce code duplication

XUDT/XUDTS dissection had exactly the same code (minus a comment and
some minor whitespace changes). To reduce code duplication, pull out the
shared code. No functional change intended.

Change-Id: I59dae50090808c927a592c8a237c9d564844876b
Reviewed-on: https://code.wireshark.org/review/27675
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Make the two names for Unigraf DPA-400 captures the same.

Change-Id: I8ec41233e78e9ec5fa1d1f56c45ef2936e95467d
Reviewed-on: https://code.wireshark.org/review/27680
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Make the two file type descriptions for WTAP_FILE_TYPE_SUBTYPE_MPLOG the same.

Change-Id: Id800bf9ea0617398d1eaede1fbacfa61ed8ebe8c
Reviewed-on: https://code.wireshark.org/review/27674
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Add an entry for WTAP_ENCAP_DPAUXMON.

Change-Id: Ie9a7816023c02222e624b16bcdf6e90ff7678343
Reviewed-on: https://code.wireshark.org/review/27673
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Add entries for two WTAP_ENCAP_ types, and clean up another entry.

We didn't have entries for WTAP_ENCAP_JUNIPER_ST or
WTAP_ENCAP_ETHERNET_MPACKET; add them.

The entry for WTAP_ENCAP_DOCSIS31_XRA31 just called it "DOCSIS31 XRA31",
not "DOCSIS with Excentis XRA pseudo-header", which is a more complete
description. (That field is supposed to be a descriptive word or
phrase, not just a short protocol name.)

Change-Id: Ib2b30fccce2339a12d216466831a1786e14178b7
Reviewed-on: https://code.wireshark.org/review/27671
Reviewed-by: Guy Harris <guy@alum.mit.edu>

80211ax: Fixes for Mult-STA Block Acks, searching in MCS sets, a-control

Feedback from the recent test event showed that the code for Multi-STA
block acks did not exist, searching for indovidual MCS set produced
confusing results and A-Control was not correctly handled.

This contains fixes for each of those.

Bug: 13207
Change-Id: I4b18497d9e7642e370d0b6bb34e2180bacea8b8e
Reviewed-on: https://code.wireshark.org/review/27655
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>

[Automatic update for 2018-05-20]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: Ied42aaad58b11ec1796d6c14c4981b8d54258769
Reviewed-on: https://code.wireshark.org/review/27665
Reviewed-by: Gerald Combs <gerald@wireshark.org>

CIP: Code cleanup

1. Convert more things to proto_tree_add_bitmask
2. Remove unnecessary pathpos param everywhere
3. Replace some tvb_get_xxx with proto_tree_add_item_ret_uint
4. Remove unused variables, params
5. Remove if(tree)

There are no functional changes. In the area where there is a lot of
diff (eg: pathpos), I verified using the pcap from Bug: 12049, and
compared the PDML output before and after, just as a sanity check.

Change-Id: I9564172ccece558cf1877b667f713b584a00d73f
Reviewed-on: https://code.wireshark.org/review/27642
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Get rid of add_async_dns_ipv4().

We don't have add_async_dns_ipv6(), we just do the same stuff inline in
host_lookup6(); this removes an irrelevant difference between
host_lookup() and host_lookup6().

Change-Id: Ib4aa1783ddec1bc390e2a7f64c87f1c8441fa849
Reviewed-on: https://code.wireshark.org/review/27661
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Make private variables static.

Change-Id: I0844795597cec83dfb6752fb986d2a9957789530
Reviewed-on: https://code.wireshark.org/review/27657
Reviewed-by: Guy Harris <guy@alum.mit.edu>

cmake: move extcap sections to extcap/CMakeLists.txt.

Change-Id: Ie7d9f6ad3d8b788e0d22e3ce15159fc46f5a93e8
Reviewed-on: https://code.wireshark.org/review/27638
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

prefs: fix bug in color saving

Colors were only saved and effectuated when all 3 color components are changed.

Change-Id: I0d82ac8d62780e507714bc48c310338e87deefea
Reviewed-on: https://code.wireshark.org/review/27639
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

If the OS version of curl isn't new enough, download and install from source.

The Mountain Lion version, and presumably earlier versions, can't handle
the site for xz.

This means we don't need to check the OS version before downloading
Ninja or MaxMindDB.

Change-Id: I0afa2216d67cddc58d5c3d91d1620f3004026dfa
Reviewed-on: https://code.wireshark.org/review/27652
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Install CMake 3.5.2 on Lion and 3.7.2 on later releases.

See the comment for the painful details.

Change-Id: Ic82de342b1d9c8d118e08c7b298ab7514a6f4ed3
Reviewed-on: https://code.wireshark.org/review/27651
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Older versions of Clang don't understand -Wpedantic.

Define DIAG_OFF_PEDANTIC and DIAG_ON_PEDANTIC, and have it do nothing on
Clang prior to 4.0.

Change-Id: Ic6b2e607659db66f3210401024bf3f2239665506
Reviewed-on: https://code.wireshark.org/review/27649
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Don't try to download MaxMindDB on Lion or earlier.

Same problem as with Ninja - I guess this version can't handle the TLS
version those sites use.

Change-Id: I659313813d0e0d68c9ab7426e8feaf1f3f52b06e
Reviewed-on: https://code.wireshark.org/review/27648
Reviewed-by: Guy Harris <guy@alum.mit.edu>

maxmind: Process our requests more often.

The answer to

// XXX Should we call maxmind_db_lookup_process first?

in maxmind_db.c is "yes", since it's possible to fill up our pipe
between host name lookup intervals, at least on Windows. Note that we
might want to move request processing to a thread.

Bug: 14701
Change-Id: I8cfb77444d7f999e77571bc6bb61ea7f1f677778
Reviewed-on: https://code.wireshark.org/review/27644
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Wrong Darwin major version - Lion is 11, not 10.

Change-Id: I3977bf33b7c9d66c299fa945b49791dac7a03126
Reviewed-on: https://code.wireshark.org/review/27646
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Don't try to download Ninja on Lion or earlier.

The version of curl that comes with Lion gets a TLS error when trying to
download Ninja.

Also note some other issues.

Change-Id: I0e26a5b2f2f54e36461d3d3909f719fcca2ac04b
Reviewed-on: https://code.wireshark.org/review/27645
Reviewed-by: Guy Harris <guy@alum.mit.edu>

ieee80211: fix typos related to 802.11ad

fix a few typos related to 802.11ad

1. 802.11-2016 changed the acronym from ECPAC to ECAPC
2. dmp_params to dmg_params

Change-Id: I4e3bc02cdceff826ab334bc93ebfb008c5041f74
Reviewed-on: https://code.wireshark.org/review/27643
Reviewed-by: Anders Broman <a.broman58@gmail.com>

cmake: remove dependency of i18n.qrc on .qm files

The i18n.qrc file is generated at cmake time while the .qm files are
also built as dependency of the AUTORCC process. The extraneous .qm
dependency of i18n.qrc possibly causes duplicate wireshark_zh_CN.qm
builds (see v2.9.0rc0-605-g644939ed9e), so remove it.

Change-Id: I629e7b809486a65b27158f66a7e62cfcf61657d3
Reviewed-on: https://code.wireshark.org/review/27633
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

prefs: remove wimaxasncp.udp.wimax_port compatibility

This fixes a warning when plugins are not built ("Deprecated ports pref
check - module 'wimaxasncp' not found").

This warning was added in v2.9.0rc0-372-gf7296644c5 ("prefs: fix
importing some old protocol preferences") which also corrected the
wimaxasncp module name, but as this broken preference was never noticed
before, just remove the compatibility pref to fix the warning.

Change-Id: I97430fcb00ce0e489bcf0ae3ac47c9b211705518
Reviewed-on: https://code.wireshark.org/review/27632
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

proto.c: do not dereference a NULL pointer in proto_item_get_len() on first pass

Like the proto_item_set_XXX functions, check proto_item pointer validity
before using it. It can be NULL on first pass for example.

Bug: 14703
Change-Id: I94957e0738d66f99793682dc0ea1c7c0a65ceecd
Reviewed-on: https://code.wireshark.org/review/27629
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

BOOTP: Disentangle BSDP naming from PacketCable.

BSDP (Boot Server Discovery Protocol, layered upon BOOTP) is entirely Apple's
creation, and has nothing to do with PacketCable as far as I can tell, so let's
not label it as PacketCable.

BSDPD is one possible name for a daemon that speaks the BSDP protocol, and it
seems more reasonable to use the name of the protocol here, so let's replace
"BSDPD" references with "BSDP", and use CLIENT and SERVER to better identify
the Vendor Class ID prefixes.

Change-Id: I6711022f16b37a2864482ba4eb544683865de274
Reviewed-on: https://code.wireshark.org/review/27628
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

travis: add regression tests to pcap builds.

Change-Id: Ibdd3f5bfc7ed0e6a75c83227d50d6e00dccf6814
Reviewed-on: https://code.wireshark.org/review/27619
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

randpktdump: use boolflag instead of boolean in config.

Change-Id: I259382352d4c79755c095b1e23325265226acd23
Reviewed-on: https://code.wireshark.org/review/27613
Reviewed-by: Anders Broman <a.broman58@gmail.com>

elf: fix unintented sign extension.

Use cast to avoid int promotion as done in
Ibca08ee3766f6c79b933c3db7ccd1f8f906cb3fe

CIDs:
1111807
1111808
1111809
1111810
1111811

Change-Id: I64dfa670b93eda3023109ea105dd2d94f58d91ba
Reviewed-on: https://code.wireshark.org/review/27611
Reviewed-by: Anders Broman <a.broman58@gmail.com>

CMake: cleanup ui/qt/CMakeLists.txt

Remove some unused variables, favor list(APPEND X Y) over set(X ${X} Y),
use consistent capitalization and whitespace.

Change-Id: I2a90b55d29899393019a1aee3394b87ab12dda5b
Reviewed-on: https://code.wireshark.org/review/27625
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

QUIC: Append colmun info and use small "name"

Bug: 13881
Change-Id: Ibf1d1315dc259726d5990e17df2d141d1cf83784
Reviewed-on: https://code.wireshark.org/review/27032
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Make sure we destroy the Capture Information dialog.

Change-Id: Id45da4247aa3214227a96b77cb70b06f2edf38bf
Reviewed-on: https://code.wireshark.org/review/27623
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Debian: Add a missing symbol.

Change-Id: Id01abe37b24be701a1b531ef583c9fca2a97338d
Reviewed-on: https://code.wireshark.org/review/27617
Reviewed-by: Anders Broman <a.broman58@gmail.com>

dot11crypt: add bounds check for TDLS elements

Fixes a buffer overrun (read) of at most 255 bytes which could occur
while processing FTE in Dot11DecryptTDLSDeriveKey.

While at it, according to 802.11-2016 9.4.1.9, "A status code of
SUCCESS_POWER_SAVE_MODE also indicates a successful operation.". No idea
when it makes a difference, but let's implement it too.

Bug: 14686
Change-Id: Ia7a41cd965704a4d51fb5a4dc4d01885fc17375c
Fixes: v2.1.0rc0-1825-g6991149557 ("[airpdcap] Add support to decrypt TDLS traffic")
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8189
Reviewed-on: https://code.wireshark.org/review/27618
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>