metze/wireshark/wip.git
11 months agolua: add support for ethernet addresses to the Address class
Martin Kaiser [Wed, 10 Oct 2018 15:26:59 +0000 (17:26 +0200)]
lua: add support for ethernet addresses to the Address class

The code for the Address class already contains commented-out code for a
number of additional address types.

Activate the draft constructor for ethernet addresses and complete it.
Use the newly-added function to parse a string that contains an ethernet
address.

Add a basic test tvb.lua. Read an ethernet address from a tvb and
compare it to a constant Address.ether object.

Change-Id: I9771dd6e7ade4b572a8b864b8986d641b4eba3e5
Reviewed-on: https://code.wireshark.org/review/30163
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
11 months agotools/validate-commit.py: post-commit hook to check for commit issues
Peter Wu [Tue, 16 Oct 2018 15:29:47 +0000 (17:29 +0200)]
tools/validate-commit.py: post-commit hook to check for commit issues

During review we might overlook issues with the commit messages. Some
commits somehow ended up IP addresses or local VM hostnames as author
address. Automate detecting such issues as well as other whitespace
issues with the commit message itself (detected by commit-msg).

Note: when installing as post-commit hook, it will also be executed when
doing things like 'git reset --hard'.

Change-Id: Ic638e7f51d89277ac359c04764effb69eb4f2fa1
Reviewed-on: https://code.wireshark.org/review/30225
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoieee80211: Extend FILS support (802.11ai)
Joeri de Ruiter [Wed, 17 Oct 2018 13:06:30 +0000 (15:06 +0200)]
ieee80211: Extend FILS support (802.11ai)

- Include some new tags from 802.11ai
- Support authentication messages using FILS authentication
- Determine MIC length automatically

Bug: 15210
Change-Id: I21a6c8df0a4f0429f8d900f32f0e95ace126d4e6
Reviewed-on: https://code.wireshark.org/review/30232
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoFix batch decoding in CQL packet dissector
Michael Penick [Wed, 17 Oct 2018 18:47:26 +0000 (14:47 -0400)]
Fix batch decoding in CQL packet dissector

Batch sub-query values were being incorrectly decoded for non-prepared
(kind = 0) queries.

Change-Id: I89ee1ab9c298c2d09a09ee3ed7a8b837e7c3c5b2
Reviewed-on: https://code.wireshark.org/review/30236
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoadded new OPC UA 1.04 AttributesId
cacamille3 [Wed, 17 Oct 2018 18:04:35 +0000 (20:04 +0200)]
added new OPC UA 1.04 AttributesId

Change-Id: I35963ca61792d41cf72895277e61c9fce3870200
Reviewed-on: https://code.wireshark.org/review/30234
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agowslua: Add support for base.RANGE_STRING handling.
Richard Sharpe [Sun, 14 Oct 2018 19:14:13 +0000 (12:14 -0700)]
wslua: Add support for base.RANGE_STRING handling.

A range string is passed as a table of tables, eg:

  range_string = {
     { 0, 24, "Some string for values 0 to 24" },
     { 25, 25, "The string for value 25" },
     { 26, 255, "The string for the remainder" }
  }

Included is a minimal Lua test for range strings and value strings
(which did not have one previously.) It will take more time than I
currently have to figure out how to do a more exhaustive test.

Also fixed some grammar issues in error messages along the way.

Change-Id: Ia9d1efc8adabb6528c4bdcf1624c9ede49e2fdc6
Reviewed-on: https://code.wireshark.org/review/30211
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
11 months agoextcap: Close stdout_fd and stderr_fd when done
Stig Bjørlykke [Mon, 15 Oct 2018 18:41:39 +0000 (20:41 +0200)]
extcap: Close stdout_fd and stderr_fd when done

The documentation for g_spawn_async_with_pipes() states that stdout_fd
and stderr_fd must be closed when they are no longer in use.

Ping-Bug: 15205
Change-Id: I943eaa68058b0828686469672ea3611e67390b2f
Reviewed-on: https://code.wireshark.org/review/30221
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
11 months agovalidate-diameter-xml.sh: do not hard-code temporary directory
Peter Wu [Wed, 17 Oct 2018 10:22:17 +0000 (12:22 +0200)]
validate-diameter-xml.sh: do not hard-code temporary directory

In the event that validation fails, the hard-coded temporary directory
would remain present. Use of a fixed hard-coded directory also prevents
concurrent runs.

Change-Id: I29f09dc004b1ab3578b4a9c51ea7e1a5b526159f
Reviewed-on: https://code.wireshark.org/review/30231
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
11 months agoRevert "cmake: fix version check for c-ares and gnuTLS"
Joakim Karlsson [Tue, 16 Oct 2018 08:00:33 +0000 (10:00 +0200)]
Revert "cmake: fix version check for c-ares and gnuTLS"

This reverts commit 189a7357e799c0faa5e36d4966f485b9b6d394e3.

Change-Id: I6550703036a135866d7751da489c4974be79bb37
Reviewed-on: https://code.wireshark.org/review/30226
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoKNX-IP: new KNXnet/IP dissector
Ralf Nasilowski [Thu, 16 Aug 2018 08:49:31 +0000 (10:49 +0200)]
KNX-IP: new KNXnet/IP dissector

The new KNXnet/IP dissector replaces the old KNXnet/IP dissector.

The new KNXnet/IP dissector supports the new KNX features
- A_MemoryExtended services
- A_PropertyExt services
- KNX Data Security
- KNXnet/IP Core V2
- KNXnet/IP Device Management V2
- KNXnet/IP Tunneling V2
- KNXnet/IP Routing V2
- KNXnet/IP Security

Change-Id: I3d1d716ef03d16d2720e6a1fcb23c2243d1cd956
Reviewed-on: https://code.wireshark.org/review/29155
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Roland Knall <rknall@gmail.com>
11 months agolicensecheck: fix detection of multiple licenses
Peter Wu [Mon, 15 Oct 2018 20:08:48 +0000 (22:08 +0200)]
licensecheck: fix detection of multiple licenses

licensecheck.pl: by the time the second license is evaluated, the $2
variable was already invalidated. Fix that and make it possible for
checklicenses.py to check for multiple license choices.

Change-Id: I8e9e788c33ccd64e85839c82924e28a504f6ae8f
Reviewed-on: https://code.wireshark.org/review/30223
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
11 months agozebra: fix spelling-error-in-binary found by lintian
Alexis La Goutte [Mon, 15 Oct 2018 18:55:20 +0000 (18:55 +0000)]
zebra: fix spelling-error-in-binary found by lintian

Lenght => Length
paramters => parameters

Change-Id: I42eef8991e17f23e16c395dfe2f400c1ac91fec4
Reviewed-on: https://code.wireshark.org/review/30222
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
11 months agocmake: fix version check for c-ares and gnuTLS
Joakim Karlsson [Sun, 14 Oct 2018 18:37:16 +0000 (20:37 +0200)]
cmake: fix version check for c-ares and gnuTLS

Version requirement was already in place but not executed

Change-Id: I9a163fae2b428cecd309f932f5ef87dd8db8c516
Reviewed-on: https://code.wireshark.org/review/30210
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoMAC NR: align Multiple Entry PHR MAC CE decoding with v15.3.0
Pascal Quantin [Mon, 15 Oct 2018 08:19:55 +0000 (10:19 +0200)]
MAC NR: align Multiple Entry PHR MAC CE decoding with v15.3.0

Change-Id: I4ca2284c3b0418116e810a7c66d693a3647e4191
Reviewed-on: https://code.wireshark.org/review/30217
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
11 months agoSupporting Zebra API version 4 and 5 used in FRRouting. (minimize changes)
Hitoshi Irino [Sat, 13 Oct 2018 07:37:46 +0000 (16:37 +0900)]
Supporting Zebra API version 4 and 5 used in FRRouting. (minimize changes)

Fixed wrong types to avoid unwanted type conversion.

Change-Id: Iaaa2438cd4727bc0f20e003572f41d9cfe8bc927
Reviewed-on: https://code.wireshark.org/review/30200
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoaddr_resolv: function to convert an eth address into raw bytes
Martin Kaiser [Wed, 10 Oct 2018 15:25:52 +0000 (17:25 +0200)]
addr_resolv: function to convert an eth address into raw bytes

Add a function to convert a string that contains an ethernet address
(including the colons) into a sequence of 6 bytes.

Use the existing internal functions to parse an ethernet address.

Declare the new function as local to libwireshark. It'll be used by
wslua to support ethernet addresses.

While at it, fix an incorrect comment about parse_ether_address(). If
accept_mask is false, only a complete 6-byte ethernet address is
accepted.

Change-Id: Ib03306c44866fe97d3cbff2634411b7f5ec31a79
Reviewed-on: https://code.wireshark.org/review/30162
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoFP: Added E-DCH T1 heuristic dissector
Darien Spencer [Sun, 23 Sep 2018 10:57:37 +0000 (13:57 +0300)]
FP: Added E-DCH T1 heuristic dissector

Change-Id: I22a3ba4a7caab1e4885292e6d28b2bc3d1e22bb7
Reviewed-on: https://code.wireshark.org/review/30208
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoUpdate VS command prompt menu names for VS 2017.
Guy Harris [Sun, 14 Oct 2018 20:52:13 +0000 (13:52 -0700)]
Update VS command prompt menu names for VS 2017.

At least on my W10 machine, they shols up as "xxx Native Tools
Commmand Prompt for VS 2017", not "VS2017 xxx Native Tools Command
Prompt".

Change-Id: I55d7ad24df717cfce21f6abdaf97ed1972128e3c
Reviewed-on: https://code.wireshark.org/review/30215
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agojson-glib requires GLib 2.37.6 or later.
Guy Harris [Sun, 14 Oct 2018 20:08:47 +0000 (13:08 -0700)]
json-glib requires GLib 2.37.6 or later.

Go for 2.37.6 for now; we may want to use a newer version.

Change-Id: Icce58716d5f7cb8367e7ff83cad070b2fcd7e1c2
Reviewed-on: https://code.wireshark.org/review/30213
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoNote that you have to be careful reading messages from a pipe.
Guy Harris [Sun, 14 Oct 2018 19:46:45 +0000 (12:46 -0700)]
Note that you have to be careful reading messages from a pipe.

Change-Id: I354e0633b8bd1da3d95fcb770fb9d5a0e4ee5880
Reviewed-on: https://code.wireshark.org/review/30212
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoextcap: Read stderr on extcap error without an infinite loop
Stig Bjørlykke [Sun, 14 Oct 2018 18:22:08 +0000 (20:22 +0200)]
extcap: Read stderr on extcap error without an infinite loop

Check if data is available on stderr before doing a blocking read() to
avoid an infinite read loop when having less data than STDERR_BUFFER_SIZE.

Append data instead of overwrite when doing multiple read() to fetch
available data.

This is a regression from g6a949ed155.

Bug: 15205
Change-Id: I84b232aeafb6123f77f3f5d48bbe89326fe7eb0f
Reviewed-on: https://code.wireshark.org/review/30209
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
11 months agoglib: restore some GLIB_CHECK_VERSION
Joakim Karlsson [Sun, 14 Oct 2018 16:15:27 +0000 (18:15 +0200)]
glib: restore some GLIB_CHECK_VERSION

This restore changes made in Ie95cf37f9cd283545693e290340a7489cc989c95

This change is due to SHA512 checksum wasn't introduced until 2.36.0

Change-Id: I048d5c879dc1038108edd93ed781fd97b50ddc42
Reviewed-on: https://code.wireshark.org/review/30207
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months ago[Automatic update for 2018-10-14]
Gerald Combs [Sun, 14 Oct 2018 08:30:48 +0000 (08:30 +0000)]
[Automatic update for 2018-10-14]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: I3dc92d31a377dafc7c333139a580dbb140ec47e2
Reviewed-on: https://code.wireshark.org/review/30201
Reviewed-by: Gerald Combs <gerald@wireshark.org>
11 months agomacos-setup.sh: fix missing json_glib version check
Peter Wu [Sat, 13 Oct 2018 21:01:22 +0000 (23:01 +0200)]
macos-setup.sh: fix missing json_glib version check

Change-Id: I3d1fecebd4cb0a7b7656cfb3342f68c4e4f929cf
Fixes: v2.9.0rc0-1933-ge9d353112e ("tools: add libjson-glib to macos-setup.")
Reviewed-on: https://code.wireshark.org/review/30196
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
11 months agomacos-setup.sh: fix missing bcg729 version check
Peter Wu [Sat, 13 Oct 2018 21:00:23 +0000 (23:00 +0200)]
macos-setup.sh: fix missing bcg729 version check

Reorder spandsp for consistency with the installation steps.

Change-Id: If9ade381ef7316efb4cce0dbc6486c33d44dd9f8
Fixes: v2.5.0rc0-583-ge23e28da22 ("Add bcg729.")
Reviewed-on: https://code.wireshark.org/review/30195
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
11 months agoXRA: Fix of overflow in calculation of PLC timestamp
Bruno Verstuyft [Tue, 9 Oct 2018 13:33:24 +0000 (15:33 +0200)]
XRA: Fix of overflow in calculation of PLC timestamp

Change-Id: I8f566ea44f88633b9ff40c964498b863e0773884
Reviewed-on: https://code.wireshark.org/review/30090
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoWindows: Remove Cygwin warning
Graham Bloice [Sat, 13 Oct 2018 20:57:23 +0000 (21:57 +0100)]
Windows: Remove Cygwin warning

As Cygwin is no longer required for Windows, remove
the CMake warning if it isn't found

Change-Id: I2fd44a00941d6b3f33666d8f6fcfa44a40224ad9
Reviewed-on: https://code.wireshark.org/review/30194
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
11 months agoUpdate installation instructions for MSVC and Qt.
Guy Harris [Sat, 13 Oct 2018 21:23:55 +0000 (14:23 -0700)]
Update installation instructions for MSVC and Qt.

Change-Id: Id610d4d11a0aaa132c0a528a8dfcb41c1cfc4215
Reviewed-on: https://code.wireshark.org/review/30197
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoLTE RRC: add direction to UL-CCCH and DL-CCCH PDUs
Pascal Quantin [Fri, 12 Oct 2018 21:03:38 +0000 (23:03 +0200)]
LTE RRC: add direction to UL-CCCH and DL-CCCH PDUs

This will be useful for the RRC Early Data procedure.

Change-Id: Idcf4251315ee171aa15e650682d7e686a05a9e0a
Reviewed-on: https://code.wireshark.org/review/30185
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agotext2pcap: gracefully handle hexdump without trailing LF
Peter Wu [Fri, 12 Oct 2018 22:21:16 +0000 (00:21 +0200)]
text2pcap: gracefully handle hexdump without trailing LF

When copying hexdumps, the newline might be missing which would result
in a capture file missing one byte in its packet. Adjust the grammar to
recognize the two trailing hexadecimal characters as a "byte".

This is safe because Flex picks the rule that matches the longest input
string. So given "01 ", it will always match all three characters. If
something like "01x" is given, then the "text" rule will be matched (as
before). Only if no more characters are available (such as at the end of
a file), then the rule will match two hexdigits.

Remove the unnecessary hexdigit rule while at it.

Change-Id: I21dc37d684d1c410ce720cb27706a6e54f87f94d
Reviewed-on: https://code.wireshark.org/review/30190
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agotest: increase coverage for text2pcap supported formats
Peter Wu [Fri, 12 Oct 2018 21:25:40 +0000 (23:25 +0200)]
test: increase coverage for text2pcap supported formats

The manual documents several cases, be sure to check for them to avoid
further grammar changes from breaking expectations.

Change-Id: Ie38ecf624120a3a9297d02b4fd9b05511acf5ac9
Reviewed-on: https://code.wireshark.org/review/30189
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agotest: fix text2pcap tests not to overwrite case_text2pcap_pcap
Peter Wu [Fri, 12 Oct 2018 17:21:56 +0000 (19:21 +0200)]
test: fix text2pcap tests not to overwrite case_text2pcap_pcap

Fix an unfortunate typo that disabled all of the pcap tests. Patch the
correct capinfos output with the expected packets/datasize values and
fix the dns+icmp datasize case to match the original test.sh value.

Change-Id: I25aac4c8040c2000602753269f69f4bdc4a8a59b
Reviewed-on: https://code.wireshark.org/review/30167
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoWe don't support VS prior to 2015 in the master branch.
Guy Harris [Fri, 12 Oct 2018 22:03:08 +0000 (15:03 -0700)]
We don't support VS prior to 2015 in the master branch.

Change-Id: I16380ca9205832960c0b2e7f43e237797d7671b6
Reviewed-on: https://code.wireshark.org/review/30188
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoFix section anchor.
Guy Harris [Fri, 12 Oct 2018 21:14:07 +0000 (14:14 -0700)]
Fix section anchor.

Change-Id: I5480c643c44698af764297feb77750850ffefde8
Reviewed-on: https://code.wireshark.org/review/30186
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoConsistenly use "Windows native" rather than "Windows Native".
Guy Harris [Fri, 12 Oct 2018 20:34:37 +0000 (13:34 -0700)]
Consistenly use "Windows native" rather than "Windows Native".

Change-Id: I40164b892e48dc4f484f8e24451b29c68a0da62d
Reviewed-on: https://code.wireshark.org/review/30182
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoFix typoes introduced by the previous change.
Guy Harris [Fri, 12 Oct 2018 20:32:32 +0000 (13:32 -0700)]
Fix typoes introduced by the previous change.

Change-Id: Ifc3b2c4d51e935f8cb4c5514e6c1f0c4bb9007ba
Reviewed-on: https://code.wireshark.org/review/30180
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoSome cleanups.
Guy Harris [Fri, 12 Oct 2018 20:24:45 +0000 (13:24 -0700)]
Some cleanups.

More use of "UNIX-like" as the term for "macOS and Linux and *BSD and
Solaris and AIX and..." or, alternatively, for "not Windows".

Add Fedora as a Linux distribution for which packages are available.

Use "Windows" rather than "Win32" in more cases; "Win32" dates back to
the days when the big difference was between Boring Old 16-bit Windows
and modern shiny new 32-bit Windows, but the former is now dead and the
latter now supports both 32-bit and 64-bit machines and software.  More
people have probably never heard "Win32" but are familiar with
"Windows".

*ALL* UNIX-like platforms support symlinks; Linux wasn't even the first
one, it just picked them up from the UN*Xes with which it was trying to
be compatible.

Change-Id: I254e74f0ed3c86b55d00f9e8d7b78d009b61fb5e
Reviewed-on: https://code.wireshark.org/review/30178
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoTDS: Implement Error token for TDS 4.x.
Craig Jackson [Fri, 12 Oct 2018 16:01:21 +0000 (12:01 -0400)]
TDS: Implement Error token for TDS 4.x.

For completeness, make dissect_tds_error_token compatible with TDS 4.x as well
as TDS 7. It is mostly replaced by the ExtendedError token for TDS 5.0.

Change-Id: Ia01be7d417ec008f97e3310346329f07b7c79e74
Reviewed-on: https://code.wireshark.org/review/30166
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoUpdates.
Guy Harris [Fri, 12 Oct 2018 19:11:06 +0000 (12:11 -0700)]
Updates.

We use VS 2017, not VS 2015, for 2.6.x and development builds.

Microsoft's documentation is moving from msdn.microsoft.com to
docs.microsoft.com.

The way you download pre-2017 versions of VS has changed.

Update links to the Android, GNOME, KDE and macOS human interface
guidelines while we're at it.

Change-Id: I1a3973f76aa5b476cb906b8a8604b82d6131e9c5
Reviewed-on: https://code.wireshark.org/review/30168
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoWin32: Make extcap utilities console applications.
Gerald Combs [Tue, 9 Oct 2018 15:44:54 +0000 (08:44 -0700)]
Win32: Make extcap utilities console applications.

Switch from using WinMain in extcap to wmain.

Change-Id: I54fafad598f5ff74fe84a3ce3e993ac5a31188f7
Reviewed-on: https://code.wireshark.org/review/30094
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoUpdate BACnet protocol to revision 20.
Dirk Römmen [Fri, 12 Oct 2018 14:31:07 +0000 (16:31 +0200)]
Update BACnet protocol to revision 20.

Change-Id: I95370096da31925f3d642d184a1bde3fbbdb265c
Reviewed-on: https://code.wireshark.org/review/30161
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agotest: reduce further influence from the environment
Peter Wu [Fri, 12 Oct 2018 16:12:01 +0000 (18:12 +0200)]
test: reduce further influence from the environment

Some tests used the default home directory which can have side-effects
(such as loading plugins, loading deprecated preferences). These could
cause tests to fail. Always use a sane environment to fix this.

Change getTsharkInfo to use this clean environment as well
(WIRESHARK_CONFIG_DIR does not exist with master-2.6 and would also not
propagate things like ASAN_OPTIONS=detect_leaks=0).

Change-Id: I1674f71972d35de91d191e0c29fdb59b8a0a56ce
Reviewed-on: https://code.wireshark.org/review/30165
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agotest: fix DeprecationWarning: invalid escape sequence
Peter Wu [Fri, 12 Oct 2018 12:12:41 +0000 (14:12 +0200)]
test: fix DeprecationWarning: invalid escape sequence

Change-Id: I4e0365c1f9d30a033b26f68f815c8209b96d73f5
Reviewed-on: https://code.wireshark.org/review/30164
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoMAC NR: fix dissection of Long Truncated BSR CE
Pascal Quantin [Fri, 12 Oct 2018 07:50:13 +0000 (09:50 +0200)]
MAC NR: fix dissection of Long Truncated BSR CE

As specified in 3GPP 38.321, in case of Long Truncated BSR CE, the UE
reports the BSR value for the LCG(s) with the logical channels having
data available for transmission following a decreasing order of the
highest priority logical channel (with or without data available for
transmission) in each of these LCG(s), and in case of equal priority,
in increasing order of LCGID.
SO we cannot make any assumption on the LCG being reported without
keeping track of the logical channel priorities currently active.

Change-Id: I148a13446e9dc035bb1bcd79cb15d8570bcefa57
Reviewed-on: https://code.wireshark.org/review/30151
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>

11 months agoieee80211: extend parsing of SAE messages
Joeri de Ruiter [Thu, 11 Oct 2018 10:45:10 +0000 (12:45 +0200)]
ieee80211: extend parsing of SAE messages

- Groups in the SAE exchange are named
- The SAE message type is included explicitly (Commit or Confirm)

Bug: 15197
Change-Id: I8d95dd1603bbb8f46675ec66d60fd0b187787803
Reviewed-on: https://code.wireshark.org/review/30127
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoQUIC: fix null-ptr dereference in gQUIC version check
Peter Wu [Fri, 12 Oct 2018 11:20:07 +0000 (13:20 +0200)]
QUIC: fix null-ptr dereference in gQUIC version check

Bug: 15201
Change-Id: Idc9964347c251fe7f9599b90abc760f26d85a5ba
Fixes: v2.9.0rc0-2173-g9fcb4af6b6 ("QUIC: gQUIC Q044 always use CHLO from gQUIC (with tag)")
Reviewed-on: https://code.wireshark.org/review/30160
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
11 months agodtn: fix spelling-error-in-binary found by lintian
Alexis La Goutte [Fri, 12 Oct 2018 06:07:20 +0000 (06:07 +0000)]
dtn: fix spelling-error-in-binary found by lintian

Occurance -> Occurrence

Change-Id: I5dbe140f10f7a8b615c40fbf84a5fe2501ed46ff
Reviewed-on: https://code.wireshark.org/review/30140
Reviewed-by: Patricia Lindner <plindner6912@gmail.com>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
11 months agoAlso need a period at the end of the "Built using" clause.
Guy Harris [Fri, 12 Oct 2018 07:30:44 +0000 (00:30 -0700)]
Also need a period at the end of the "Built using" clause.

Change-Id: Ia872e912f1331ef8d6b54b6751f5c132fbf0b4f3
Reviewed-on: https://code.wireshark.org/review/30148
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoNeed a space between the VS year number and the toolchain version.
Guy Harris [Fri, 12 Oct 2018 07:23:13 +0000 (00:23 -0700)]
Need a space between the VS year number and the toolchain version.

Change-Id: I5e0047fde7a2d5a98767c6ed440b85575f711b9e
Reviewed-on: https://code.wireshark.org/review/30145
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months ago3.0 requires VS 2015 or later.
Guy Harris [Fri, 12 Oct 2018 06:32:44 +0000 (23:32 -0700)]
3.0 requires VS 2015 or later.

Change-Id: I20c40ea923df12747f6aec9dd672b3a9a1d6403f
Reviewed-on: https://code.wireshark.org/review/30144
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoClean up MSVC version string generation.
Guy Harris [Fri, 12 Oct 2018 05:12:29 +0000 (22:12 -0700)]
Clean up MSVC version string generation.

Don't bother with versions prior to VS 2010; as of Wireshark 2.4, we
don't support them.

Show it as "Visual Studio (year)", followed by the toolchain version
(not to be confused with the compiler version - or with the Visual
Studio version!).

Do the same thing for the clang/C2 compiler; just append the clang
version stuff after that.

Indent the #if/#elif/#else/#endif to make it a little clearer how
they're nested.

Change-Id: Ib7a3af3251e6375d267b3b5da9f8e26a377ceeac
Reviewed-on: https://code.wireshark.org/review/30138
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoDCOM: always NUL-terminate dissect_dcom_BSTR results
Peter Wu [Thu, 11 Oct 2018 11:04:03 +0000 (13:04 +0200)]
DCOM: always NUL-terminate dissect_dcom_BSTR results

All of the six users in plugins/epan/profinet/packet-dcom-cba.c expect
the string to be NUL-terminated, so ensure this to avoid reading
uninitialized memory for the Info column.

Bug: 15130
Change-Id: Ibc922068d14b87ce324af3cec22a5f8343088b40
Reviewed-on: https://code.wireshark.org/review/30128
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agowmem_tree: fix crash with wmem_tree_destroy and NULL scope
Peter Wu [Thu, 11 Oct 2018 10:14:00 +0000 (12:14 +0200)]
wmem_tree: fix crash with wmem_tree_destroy and NULL scope

The function was documented for use with a NULL scope, but it actually
crashes since callbacks are not available for NULL scopes. git master
is unaffected, but the GTK+ protocol dialog in 2.4 and 2.6 do crash.

Bug: 14349
Change-Id: I54350e112192394797cf85eaac4f30194178d7c4
Fixes: v2.3.0rc0-2597-gb7d6cca4ae ("Add wmem_tree_destroy")
Reviewed-on: https://code.wireshark.org/review/30126
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoDCERPC: fix memleak by removing dummy element from ndr_pointer_list
Peter Wu [Wed, 10 Oct 2018 13:41:42 +0000 (15:41 +0200)]
DCERPC: fix memleak by removing dummy element from ndr_pointer_list

Instead of creating the pointers list early, defer it to the point when
a new list item is added. This avoids the need for a dummy element.

This happens to fix the memory leak in bug 14735 as well (verified with
both ASAN and valgrind).

Change-Id: I3b169dfc447bd7465d06c26e0bd9dfd4225b1307
Bug: 14735
Reviewed-on: https://code.wireshark.org/review/30115
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoDCERPC: simplify pointer list tracking
Peter Wu [Wed, 10 Oct 2018 12:46:14 +0000 (14:46 +0200)]
DCERPC: simplify pointer list tracking

Observe that the "current_depth" and "len_ndr_pointer_list" just track
the length of the current singly linked list in order to insert (append)
or remove [the last] element (a linked list of lists and a linked list
of pointers respectively). Replace these callers by equivalents that do
not require explicit length tracking, internally they both have to do a
O(n) lookup anyway.

There used to be a case where "current_depth" could run out-of-sync, no
longer tracking the actual list length: when the callback (tnpd->fnct or
tnpd->callback) triggers an exception. I believe this was unintentional.

No functional change intended, but this should make further changes to
the data structures easier.

Change-Id: I3cb13aba22caa87dc7baba411cf34f47792f7bb7
Ping-Bug: 14735
Fixes: v2.5.0rc0-292-g6bd87bdd5d ("dcerpc: improve greatly the speed of processing of DCERPC packets")
Reviewed-on: https://code.wireshark.org/review/30114
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agotvbuff_composite: fix buffer overflow due to wrong offset adjustment
Peter Wu [Wed, 10 Oct 2018 22:02:26 +0000 (00:02 +0200)]
tvbuff_composite: fix buffer overflow due to wrong offset adjustment

The tvb_offset method should return the offset of the buffer within the
backing tvb (ds_tvb). The currently returned non-zero offset is valid
for tvbuff_subset.c, but not for the composite TVB. The backing tvb is
the tvb itself, so the offset should be zero (or "counter" for
consistency with tvbuff_real.c and others).

This bug is observable with the capture from the bug. In tshark, the
data field in the PDML output has value "field length invalid!" and the
position attribute ("pos") is too large. With the -V option it even
crashes with a buffer overflow (read). In the GUI, the bytes tab shows
range 3199-19642 even if the data source is only 16444 bytes while the
selection should have been 0-16443.

Bug: 14466
Change-Id: I01399ff500321dba262eb60b67c4cddb173b4679
Reviewed-on: https://code.wireshark.org/review/30124
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoieee802154: Show FCF reserved bit
Stig Bjørlykke [Thu, 11 Oct 2018 19:54:08 +0000 (21:54 +0200)]
ieee802154: Show FCF reserved bit

Change-Id: Ibd18e988a3c0692c1a5eccb2db1abf87947f3c03
Reviewed-on: https://code.wireshark.org/review/30131
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoTools: Compress our tarball using threads.
Gerald Combs [Thu, 11 Oct 2018 22:08:23 +0000 (15:08 -0700)]
Tools: Compress our tarball using threads.

Check to see if xz supports threads and enable them if that's the case.

Change-Id: I8a0e7100fec98e5b7d7ccd9a987f7782bf7c7512
Reviewed-on: https://code.wireshark.org/review/30137
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoeap: don't dissect the identity as IMSI unless that's the case.
Dario Lombardo [Thu, 11 Oct 2018 12:20:22 +0000 (14:20 +0200)]
eap: don't dissect the identity as IMSI unless that's the case.

The identity in SIM/AKA/AKA' is IMSI (permanent identity) in some cases only.
Others contain a pseudonym or a fast reauthentication username. Dissect the
formers as flat usernames.

Bug: 15196
Change-Id: Ia4491431b6ff557a248271b743c1e37c4e6c0b24
Reviewed-on: https://code.wireshark.org/review/30129
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
11 months agotext2pcap: Fix TCP, UDP or SCTP headers over IPv6
Vasil Velichkov [Tue, 9 Oct 2018 21:40:04 +0000 (00:40 +0300)]
text2pcap: Fix TCP, UDP or SCTP headers over IPv6

When the IPv6 (-6) option was specified together with either TCP (-T),
UDP (-u) or SCTP (-s/-S) option the generated packet was invalid because
an IPv4 option was implied an a wrong header was added.

Bug: 15194
Change-Id: I5a7b83d8aa3f3ad56f0c8110e598090945e60225
Reviewed-on: https://code.wireshark.org/review/30107
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
11 months agowsutil: Add config_file_exists_with_entries()
Stig Bjørlykke [Wed, 10 Oct 2018 12:33:40 +0000 (14:33 +0200)]
wsutil: Add config_file_exists_with_entries()

The purpose of this function is to check if a configuration file exists
and has at least one entry which is not a comment.

Use this when building the list of profiles where the user can copy
configuration from, to avoid listing profiles with empty files or files
with only comments.

Change-Id: If45f52025959818fb1213ffac488cd59441e9fce
Reviewed-on: https://code.wireshark.org/review/30113
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
11 months agoDCERPC: remove unused variable and mark another global as static
Peter Wu [Wed, 10 Oct 2018 13:57:16 +0000 (15:57 +0200)]
DCERPC: remove unused variable and mark another global as static

dcerpc_hooks_init_protos is unused since v1.11.3-rc1-34-g01c8945438.
uuid_dissector_table was added in v2.1.0rc0-391-ge0e574d167 and was not
used outside the file, so mark it as static.

Change-Id: I6113fbaf1f2e2e6241b91b659711986d6e6ded66
Reviewed-on: https://code.wireshark.org/review/30116
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
11 months agoQUIC: gQUIC Q044 always use CHLO from gQUIC (with tag)
Alexis La Goutte [Mon, 10 Sep 2018 20:35:10 +0000 (22:35 +0200)]
QUIC: gQUIC Q044 always use CHLO from gQUIC (with tag)

Bug: 15131
Change-Id: I26af8d31939725824fd57000bc9ce57e8034def9
Reviewed-on: https://code.wireshark.org/review/29575
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
11 months agoMAC NR: call NR RRC dissector for broadcast and common channels
Pascal Quantin [Wed, 10 Oct 2018 16:38:31 +0000 (18:38 +0200)]
MAC NR: call NR RRC dissector for broadcast and common channels

Change-Id: I70b7356e15023400189a4ab57a41473da7363374
Reviewed-on: https://code.wireshark.org/review/30121
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
11 months agoMAC NR: upgrade dissector to v15.3.0
Pascal Quantin [Wed, 10 Oct 2018 14:57:00 +0000 (16:57 +0200)]
MAC NR: upgrade dissector to v15.3.0

Change-Id: I017c04d44ed156ced140bb96e153a8738f143f62
Reviewed-on: https://code.wireshark.org/review/30117
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
11 months agoWindows: Make our program details more consistent.
Gerald Combs [Mon, 8 Oct 2018 23:34:39 +0000 (16:34 -0700)]
Windows: Make our program details more consistent.

Use a single template file for most of our program resources. Encode
our resource files as UTF-8. Add resources to extcap/*.exe.

Replace a regex with concatenation.

Change-Id: I0ed49086618127ca4fdef69272f849d8f16e4dab
Reviewed-on: https://code.wireshark.org/review/30088
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
11 months agoDiameter: add a few more AVPs from 3GPP 29.272 v15.5.0
Pascal Quantin [Wed, 10 Oct 2018 11:12:33 +0000 (13:12 +0200)]
Diameter: add a few more AVPs from 3GPP 29.272 v15.5.0

Change-Id: Id01c2c79b0923eb469ab03f7cbc7fe9e0be59a3d
Reviewed-on: https://code.wireshark.org/review/30112
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
11 months agoQUIC: fix UAF crash related to the Info column for Long Header messages
Peter Wu [Tue, 9 Oct 2018 20:01:16 +0000 (22:01 +0200)]
QUIC: fix UAF crash related to the Info column for Long Header messages

Packet 2478 in capture 15142 triggers a UAF crash since val_to_str is
packet-scoped and by the time tshark reads the column, it is destroyed.

Bug: 15142
Change-Id: If8df858c6a295fbac57c758577fb51b288e7f44a
Reviewed-on: https://code.wireshark.org/review/30104
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agocoap: ensure that piv_len matches piv
Peter Wu [Tue, 9 Oct 2018 17:18:34 +0000 (19:18 +0200)]
coap: ensure that piv_len matches piv

In frame 121, piv_len was 1 while piv was NULL. Ensure that both piv and
piv_len are reset to avoid this. Adjust another check to ensure that piv
and piv_len are in sync (probably not necessary, but it seems the
intention).

Bug: 15172
Change-Id: If8636d32f3273d6707749c807bd7d676ca9ab96d
Fixes: v2.5.2rc0-9-g830ea5731a ("CoAP: Hooks to OSCORE")
Reviewed-on: https://code.wireshark.org/review/30100
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoQt: Add back pathLabel in some dialogs
Stig Bjørlykke [Tue, 9 Oct 2018 09:46:00 +0000 (11:46 +0200)]
Qt: Add back pathLabel in some dialogs

Add the pathLabel for Coloring Rules, Decode As, Display Filters
and Capture Filter. Put the absolute file path into the pathLabel
if the file exists. This aligns with UAT dialogs and frames.

Change-Id: I72bd06e31bab220de0a0ef8df99df9a4daed667c
Reviewed-on: https://code.wireshark.org/review/30089
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoQt: Use regular size buttons on macOS
Stig Bjørlykke [Tue, 9 Oct 2018 17:09:27 +0000 (19:09 +0200)]
Qt: Use regular size buttons on macOS

Use regular size buttons in dialogs on macOS.

Change-Id: Iad769190b7f62297343eea4299e3f03ea6be4b1e
Reviewed-on: https://code.wireshark.org/review/30099
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoexcept: detect exception stack corruption
Peter Wu [Tue, 9 Oct 2018 17:58:10 +0000 (19:58 +0200)]
except: detect exception stack corruption

Valgrind found an invalid read in the capture from Bug 15173 which was
not detected by ASAN, probably because 'top' pointed to a valid stack
address. Try to catch such issues with an explicit invariant check.

Change-Id: I3e2d90f053209c133ea2edc9c7990a2fd39bd236
Ping-Bug: 15189
Reviewed-on: https://code.wireshark.org/review/30101
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agocheckAPIs.pl: check for return/goto in TRY/CATCH blocks
Peter Wu [Tue, 9 Oct 2018 15:39:05 +0000 (17:39 +0200)]
checkAPIs.pl: check for return/goto in TRY/CATCH blocks

As documented in epan/exceptions.h, return/goto should never be used in
a TRY/CATCH/FINALLY block as ENDTRY must be executed first. Additionally
clamp the exit code since values larger than 255 will wrap around. Use a
small value as shells typically use 128+signal for termination signals.

Verified against packet-t125.c and ftype-protocol.c while they suffered
from the return bug. Tested against packet-gssapi.c for lack of false
positives (goto with labels within the function) and against:

    int main() {
        TRY {
            goto bar;
            goto omg;
            goto bar;
            goto barrie;
    barrie: ;
        } ENDTRY;
    bar: meh;
    }

Change-Id: I44484add34e238e07a84fc2c74b69f50ba6dc3f3
Ping-Bug: 15189
Reviewed-on: https://code.wireshark.org/review/30097
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoT125: avoid returning from TRY/CATCH in dissect_t125_heur
Peter Wu [Tue, 9 Oct 2018 15:23:44 +0000 (17:23 +0200)]
T125: avoid returning from TRY/CATCH in dissect_t125_heur

Doing so corrupts the exceptions stack and causes crashes elsewhere.
Move the heuristics check after get_ber_identifier as dissect_t125
calls that check too.

Bug: 15189
Change-Id: I816fcd693141c5e9e2979348f58bf5a8112290da
Fixes: v2.9.0rc0-2122-gf710f21833 ("T125: Add a heuristic test case.")
Reviewed-on: https://code.wireshark.org/review/30096
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Émilio Gonzalez <egg997@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoOSITP: do not call subdissector if there is no data
Peter Wu [Tue, 9 Oct 2018 19:25:35 +0000 (21:25 +0200)]
OSITP: do not call subdissector if there is no data

None of the current heuristics dissectors for "cotp" accept the packet,
so just skip calling subdissectors if the packet is empty.

Change-Id: Ie26f05d472b4d184d5229ceab8b143a88cc921fc
Reviewed-on: https://code.wireshark.org/review/30103
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Émilio Gonzalez <egg997@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoftype-protocol: do not return from TRY/CATCH
Peter Wu [Tue, 9 Oct 2018 15:14:11 +0000 (17:14 +0200)]
ftype-protocol: do not return from TRY/CATCH

TRY/CATCH are macros, before returning the ENDTRY block must be executed
or the weirdest crashes can occur.

Change-Id: Ic56871322f8567263e2b8a81cce5a3c7042301b7
Fixes: v2.1.0rc0-2939-g5493fe0167 ("Convert ftype-tvbuff.c to ftype-protocol.c")
Reviewed-on: https://code.wireshark.org/review/30095
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agosteam-ihs: fix memleak on exception
Peter Wu [Tue, 9 Oct 2018 16:16:11 +0000 (18:16 +0200)]
steam-ihs: fix memleak on exception

When protobuf_dissect_unknown_field throws an exception,
steamdiscover_dissect_body_status will leak memory as
wmem_destroy_allocator is not called. Capture fuzz-2018-10-06-3104.pcap
from the linked bug leaks 64kiB memory in each frame 14 and 36.

Bug: 15171
Change-Id: I930d0738fde61799ab4ef2310f8ff11c1bcb032b
Fixes: v2.5.1rc0-130-g7ae954c7ac ("steam-ihs: Add dissector for the Steam IHS Discovery Protocol")
Reviewed-on: https://code.wireshark.org/review/30098
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoxdmcp: fix indent
Alexis La Goutte [Tue, 2 Oct 2018 10:23:31 +0000 (12:23 +0200)]
xdmcp: fix indent

Change-Id: I97c95c30653771d6d144836408b2b2b8b3259421
Reviewed-on: https://code.wireshark.org/review/30102
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoNAS EPS: upgrade dissector to v15.4.0
Pascal Quantin [Tue, 9 Oct 2018 14:47:35 +0000 (16:47 +0200)]
NAS EPS: upgrade dissector to v15.4.0

Change-Id: I7c392269b4f6ec38d12b2f6d637276b4e6a3c8c0
Reviewed-on: https://code.wireshark.org/review/30093
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
11 months agoNAS EPS: upgrade dissector to v15.4.0
Pascal Quantin [Tue, 9 Oct 2018 13:45:32 +0000 (15:45 +0200)]
NAS EPS: upgrade dissector to v15.4.0

Change-Id: I43c75c92beac87674bb1293ee4951e47560721d2
Reviewed-on: https://code.wireshark.org/review/30091
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
11 months agoLTE RRC: add missing lte_rrc.bcch_bch.nb.tdd dissector
Pascal Quantin [Tue, 9 Oct 2018 14:05:34 +0000 (16:05 +0200)]
LTE RRC: add missing lte_rrc.bcch_bch.nb.tdd dissector

Bug: 15190
Change-Id: Id3560dbc2bd539534f1750c3b8079a2f1e149375
Reviewed-on: https://code.wireshark.org/review/30092
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
11 months agoE1AP: upgrade dissector to v15.1.0
Pascal Quantin [Mon, 8 Oct 2018 10:03:41 +0000 (12:03 +0200)]
E1AP: upgrade dissector to v15.1.0

Change-Id: If0b27d7f70c15c7b760d1686a3cc9f78a3a2b24e
Reviewed-on: https://code.wireshark.org/review/30071
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoDOCSIS: Requested bytes in request frame is in units of N bytes, where N is a service...
Bruno Verstuyft [Mon, 8 Oct 2018 08:31:14 +0000 (10:31 +0200)]
DOCSIS: Requested bytes in request frame is in units of N bytes, where N is a service flow specific multiplier.

Change-Id: I5cd769bc170491215c25083420ec8b8b8d58c47f
Reviewed-on: https://code.wireshark.org/review/30069
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agosharkd: free initalized wtap_rec when wtap failed to read frame.
Jakub Zawadzki [Mon, 8 Oct 2018 20:50:41 +0000 (22:50 +0200)]
sharkd: free initalized wtap_rec when wtap failed to read frame.

Change-Id: I564a3704c0ea1b0df85f3cafacf790ed24591232
Reviewed-on: https://code.wireshark.org/review/30086
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
11 months agoQt: Add copy from another profile for UAT frames
Stig Bjørlykke [Mon, 8 Oct 2018 19:12:41 +0000 (21:12 +0200)]
Qt: Add copy from another profile for UAT frames

Add a new button to UAT frames to copy entries from another profile.

Change-Id: I9decb5ed5d67e97388ee7b22a15cacae4d5a3621
Reviewed-on: https://code.wireshark.org/review/30084
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
11 months agoQt: Refactor copy from profile widget
Stig Bjørlykke [Mon, 8 Oct 2018 18:57:19 +0000 (20:57 +0200)]
Qt: Refactor copy from profile widget

Refactor CopyFromProfile class from Button to Menu to make it
usable for existing buttons, both QPushButton and QToolButton.

Change-Id: I7d23b4225dbe45f961fb05e73dbb4dd51e6f8ea1
Reviewed-on: https://code.wireshark.org/review/30083
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
11 months agoRelease note updates.
Stig Bjørlykke [Mon, 8 Oct 2018 09:47:52 +0000 (11:47 +0200)]
Release note updates.

Add an entry for the copy from profile feature for coloring rules,
IO graphs and protocol preference tables.

Change-Id: I79a191c1ec13e96fcb1b5fb04dd28c95dd034aca
Reviewed-on: https://code.wireshark.org/review/30070
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agosharkd: prefer sharkd_json_value_string() over sharkd_json_value_stringf().
Jakub Zawadzki [Mon, 8 Oct 2018 11:19:20 +0000 (13:19 +0200)]
sharkd: prefer sharkd_json_value_string() over sharkd_json_value_stringf().

Don't use sharkd_json_value_stringf() if there is no need for it.

Change-Id: Ie375be1d91fc3bd20fae68df282ec14310055eba
Reviewed-on: https://code.wireshark.org/review/30075
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
11 months agoGSMTAP: update description of types
Shinjo Park [Mon, 8 Oct 2018 10:29:38 +0000 (12:29 +0200)]
GSMTAP: update description of types

Change-Id: Idf0b7b81192827e8c71876c47a66e275f31f32cb
Reviewed-on: https://code.wireshark.org/review/30074
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
11 months agoGSMTAP: add definitions for new LTE RRC channels
Shinjo Park [Mon, 8 Oct 2018 09:21:48 +0000 (11:21 +0200)]
GSMTAP: add definitions for new LTE RRC channels

Later release of 3GPP TS 36.331 added new LTE RRC channels. This commit
additionally defines LTE RRC message types existing in Release V15.3.0.

Change-Id: If20710c15823ed879bddde17355704c769845d0d
Reviewed-on: https://code.wireshark.org/review/30073
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
11 months agoUpdate the URL of the latest gsmtap.h
Shinjo Park [Mon, 8 Oct 2018 09:10:46 +0000 (11:10 +0200)]
Update the URL of the latest gsmtap.h

Change-Id: I528f769a2981a2cc8113349e69629fc9fc49c7f1
Reviewed-on: https://code.wireshark.org/review/30072
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
11 months agoQt: Fix a typo in a tooltip
Stig Bjørlykke [Mon, 8 Oct 2018 08:28:34 +0000 (10:28 +0200)]
Qt: Fix a typo in a tooltip

Change-Id: I71c8193d5352f9ac58541dc56b58cf3e85275f6e
Reviewed-on: https://code.wireshark.org/review/30068
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
11 months agoQt: Add clear all button to Decode As
Stig Bjørlykke [Sun, 7 Oct 2018 17:45:15 +0000 (19:45 +0200)]
Qt: Add clear all button to Decode As

Add a clear all button to easily remove all existing entries.

Change-Id: I76e7ee2b7b85a9b4e5f9f5a788a89f38f70ee8ce
Reviewed-on: https://code.wireshark.org/review/30052
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoQt: Remove unused pathLabel
Stig Bjørlykke [Sun, 7 Oct 2018 20:15:30 +0000 (22:15 +0200)]
Qt: Remove unused pathLabel

Change-Id: Id1c40f231f49f75210af43fa2a5cfbe3937d9ca1
Reviewed-on: https://code.wireshark.org/review/30055
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
11 months agoPut the Windows-specific system library settings in CMakeLists.txt.
Guy Harris [Mon, 8 Oct 2018 03:38:51 +0000 (20:38 -0700)]
Put the Windows-specific system library settings in CMakeLists.txt.

We already do that for the macOS-specific system libraries; do it for
the Windows-specific system libraries as well.

Change-Id: I4646cbf5043406a9b6be70307b51df2fbe0329dd
Reviewed-on: https://code.wireshark.org/review/30066
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoBring back arg_list_utf_16to8(), but have it just do UTF-16-to-UTF-8 mapping.
Guy Harris [Mon, 8 Oct 2018 02:04:50 +0000 (19:04 -0700)]
Bring back arg_list_utf_16to8(), but have it just do UTF-16-to-UTF-8 mapping.

Call it from wmain() in the command-line tools, passing it the input
argument count and vector, and call it from main() in Wireshark, after
getting a UTF-16 argument vector from passing the result of
GetCommandLineW() to CommandLineToArgvW().

Change-Id: I0e51703c0a6c92f7892d196e700ab437bd702514
Reviewed-on: https://code.wireshark.org/review/30063
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
11 months agoQt: Clean up indentation
Stig Bjørlykke [Sun, 7 Oct 2018 20:26:34 +0000 (22:26 +0200)]
Qt: Clean up indentation

Change-Id: Idbae503b44c207d71431159a3eaf762e1dc79977
Reviewed-on: https://code.wireshark.org/review/30056
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
11 months agoQt: Fix Coloring Rules apply as filter button size
Stig Bjørlykke [Sun, 7 Oct 2018 20:01:23 +0000 (22:01 +0200)]
Qt: Fix Coloring Rules apply as filter button size

Change-Id: I3847f10b8b337b6df4f86b920dcf11b73b35b869
Reviewed-on: https://code.wireshark.org/review/30054
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
11 months agoF1AP: upgrade dissector to v15.3.0
Pascal Quantin [Sun, 7 Oct 2018 17:20:29 +0000 (19:20 +0200)]
F1AP: upgrade dissector to v15.3.0

Change-Id: Ic9de8506b156c50cc79b8e615da882b22a2408b4
Reviewed-on: https://code.wireshark.org/review/30053
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
11 months agoUse wsetargv.obj, and wmain() rather than main(), on Windows.
Guy Harris [Sun, 7 Oct 2018 17:06:00 +0000 (10:06 -0700)]
Use wsetargv.obj, and wmain() rather than main(), on Windows.

Doing so for command-line programs means that the argument list doesn't
ever get converted to the local code page; converting to the local code
page can mangle file names that *can't* be converted to the local code
page.

Furthermore, code that uses setargv.obj rather than wsetargv.obj has
issues in some versions of Windows 10; see bug 15151.

That means that converting the argument list to UTF-8 is a bit simpler -
we don't need to call GetCommandLineW() or CommandLineToArgvW(), we just
loop over the UTF-16LE argument strings in argv[].

While we're at it, note in Wireshark's main() why we discard argv on
Windows (Qt does the same "convert-to-the-local-code-page" stuff); that
means we *do* need to call GetCommandLineW() and CommandLineToArgvW() in
main() (i.e., we duplicate what Qt's WinMain() does, but converting to
UTF-8 rather than to the local code page).

Change-Id: I35b57c1b658fb3e9b0c685097afe324e9fe98649
Ping-Bug: 15151
Reviewed-on: https://code.wireshark.org/review/30051
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>