git.samba.org - metze/wireshark/wip.git/log

capchild: remove double free (found by clang).

Now the callers are responsible for deallocating argv: not doing it
can lead to memleaks.

Change-Id: I45dc0826c0430e38426eb64555664892744aa2d5
Reviewed-on: https://code.wireshark.org/review/25369
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Add DIAG_OFF_FLEX and DIAG_ON_FLEX for use in Flex scanners.

DIAG_OFF_FLEX turns off all warnings that we want to disable for
Flex-generated code due to some versions of Flex generating code that
triggers those warnings.

DIAG_ON_FLEX restores those warnings, so we do the checks for code that
*we* wrote.

Use them in .l files.

Change-Id: I613a20309a30cd4c61111a1edbe27a5d05fcbf59
Reviewed-on: https://code.wireshark.org/review/25815
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Treat most Lex-generated and all Lemon-generated files as clean.

Now that we're suppressing warnings that come from Flex generating
insufficiently fussy code, just treat many of the Lex-generated files as
clean; we don't seem to be getting warnings from Lemon-generated ones.

Change-Id: Ib53ced6d8cb80645234929afca343d047d30f7f7
Reviewed-on: https://code.wireshark.org/review/25813
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Suppress more PortAudio + Win64 compiler warnings.

Add C4311 and C4312 to the suppression list.

Change-Id: I90c85ee5cd3f7c3f235ed89b78d04f34bf0db449
Reviewed-on: https://code.wireshark.org/review/25810
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Fix a case of copy - too little modify - paste

Change-Id: I4c9ef6b89e0a07d2f9cac59221e0a8ac8f907883
Reviewed-on: https://code.wireshark.org/review/25809
Reviewed-by: Jörg Mayer <jmayer@loplof.de>

Put some info into the INFO column

Change-Id: I4ee22454d45edb382a76603fe21360719c5fa27f
Reviewed-on: https://code.wireshark.org/review/25805
Reviewed-by: Jörg Mayer <jmayer@loplof.de>

Look in %VCToolsRedistDir% for the VC++ redistributable.

Look in %VCToolsRedistDir% for the redistributable that we ship with
the NSIS installer. Clarify a couple of status messages.

Change-Id: I965d15947c3d3422d7c722afa581f4f7dfc2725a
Reviewed-on: https://code.wireshark.org/review/25804
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Move hkdf_extract to wsgcrypt.h

HKDF-Extract is not used in TLS, but in QUIC. For reuse in OSCORE, move
it to wsutil. Adjust comments slightly to emphasize precondition.

Change-Id: I5105e7416037697b383ad58f62be285c2b7ab8b7
Reviewed-on: https://code.wireshark.org/review/25802
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Mališa Vučinić <malishav@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

steam-ihs: Add dissector for the Steam IHS Discovery Protocol

This adds a dissector for the Steam In-Home Streaming
Discovery Protocol by Valve Software.

Useful documentation can be found at:
https://codingrange.com/blog/steam-in-home-streaming-discovery-protocol

Change-Id: I26a79e201cfb0aad0ca702ac962e1e7b1b541517
Reviewed-on: https://code.wireshark.org/review/23615
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

fuzzshark: disable reassembly for few protocols

Reassembly (or in general being stateful) doesn't help when fuzzing,
even if wireshark will crash oss-fuzz will try to reproduce the crash
with just single sample.

Single sample will not reproduce the crash, so being stateful makes
wireshark 'buggy target'.

I hope change will also make IP corpus a little bit smaller.

Change-Id: I01ba8177a653d220c4cfe8a56a5836c96010c6fe
Reviewed-on: https://code.wireshark.org/review/25799
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>

Disable warning C4267 in generated files.

Disable warning C4267 in Visual C++ in order to squelch the following
warnings:

   125>dtd_parse.c(1699): warning C4267: '=': conversion from 'size_t' to 'int', possible loss of data [C:\buildbot\builders\windows-x86-64-petri-dish\windows-x86-64-petri-dish\build\cmbuild\epan\epan.vcxproj]
   125>diam_dict.c(2348): warning C4267: '=': conversion from 'size_t' to 'int', possible loss of data [C:\buildbot\builders\windows-x86-64-petri-dish\windows-x86-64-petri-dish\build\cmbuild\epan\epan.vcxproj]
   125>C:/buildbot/builders/windows-x86-64-petri-dish/windows-x86-64-petri-dish/build/cmbuild/epan/uat_load.c(1476): warning C4267: '=': conversion from 'size_t' to 'int', possible loss of data [C:\buildbot\builders\windows-x86-64-petri-dish\windows-x86-64-petri-dish\build\cmbuild\epan\epan.vcxproj]
   130>wimaxasncp_dict.c(2103): warning C4267: '=': conversion from 'size_t' to 'int', possible loss of data [C:\buildbot\builders\windows-x86-64-petri-dish\windows-x86-64-petri-dish\build\cmbuild\plugins\epan\wimaxasncp\wimaxasncp.vcxproj]

Change-Id: Ie29ae096e5a8b5037abaf3f2aa97754260f4cace
Reviewed-on: https://code.wireshark.org/review/25800
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

DCT2000: read new LTE MAC outheader values

Also extend the carrier id enum to r10 levels.
Change-Id: I1eac50c54801010f0ad7408debb80ad811e03fbe
Reviewed-on: https://code.wireshark.org/review/25793
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Fix a typo in the I/O tests.

Change-Id: I45bfa6eb9245d0f470a0316141f81c99cc5a9754
Reviewed-on: https://code.wireshark.org/review/25797
Reviewed-by: Gerald Combs <gerald@wireshark.org>

CMake: Try to avoid Strawberry Perl's xsltproc.

Search for Chocolatey's and Cygwin's respective xsltprocs before searching
%PATH%. Strawberry Perl doesn't include DocBook, which makes it useless
as far as we're concerned.

Another approach would be to look in various locations for an XML catalog
files and set %XML_CATALOG_FILES%. However, Cygwin's /etc/xml/catalog
contains Cygwin-specific URLs, e.g. file:///etc/xml/docbook and can't
be used with a non-Cygwin xsltproc.

Change-Id: Iaebfdff922a6574581b9bd207625f03598c166e0
Reviewed-on: https://code.wireshark.org/review/25794
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

SIGCOMP: check operand offset when accessing UDVM memory

Bug: 14398
Change-Id: Iae786d6766f63926766ab6139d76bdc24fa37103
Reviewed-on: https://code.wireshark.org/review/25790
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

travis: add asciidoctor.

Change-Id: I82e72bf194c37001190868257fb7bef499e38ede
Reviewed-on: https://code.wireshark.org/review/25789
Reviewed-by: Dario Lombardo <lomato@gmail.com>

[nb_rtpmux] Register dissector by name.

Change-Id: I6aca4e84e44cad42bff969d55371d6ac6c5e9600
Reviewed-on: https://code.wireshark.org/review/25788
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: fix crash in packet dialog on changing selection

"((capture_file_t *)cap_file_)->edt" is documented in cfile.h to cover
the currently selected packet (in the packet list). But in the packet
dialog, the packet selection is irrelevant and the data from a different
dissection tree must be used.

Change-Id: Ieaea3cf862d47540e7f6b6c84c1a2fa6945a877b
Fixes: v2.5.0rc0-1532-g56a130a152 ("ByteViewText: Remove epan dependancy")
Bug: 14246
Reviewed-on: https://code.wireshark.org/review/25437
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>

Convert coloring rules dialog to use model.

Change-Id: I12a465b5451bdbaea871828329d48fda3627fca3
Reviewed-on: https://code.wireshark.org/review/25372
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Debian: Update Build-Depends.

Sync the required CMake version and remove w3m.

Change-Id: I6c74bb5eb42c678bc91911085b270a9c60095135
Reviewed-on: https://code.wireshark.org/review/25783
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Fix the filter expression toolbar layout.

Take a hint from the QToolButton sources and update the filter
expression toolbar using updateGeometry instead of adjustSize. This
appears to do the layout updates and other changes required to draw the
dropdown in the correct place.

Bug: 14121
Change-Id: I45d5a1173703f9c16d89841a57f651935da43d92
Reviewed-on: https://code.wireshark.org/review/25784
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Wix: Look for merge modules in %VCToolsRedistDir%.

Add "%VCToolsRedistDir%\MergeModules" to the merge module search path.
This is required for Visual Studio 2017 here.

Change-Id: I91cd1527ae80c85ed304c1233436cae52aa0a501
Reviewed-on: https://code.wireshark.org/review/25782
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

OpenFlow 1.5: add extra property length checks

Bug: 14420
Change-Id: I1813bc6285f950d86dc569f4286bf34c120b5e3c
Reviewed-on: https://code.wireshark.org/review/25780
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

packet-mq: Code reformat

Only reformated code (VS2017 with Ctrl K + Ctrl D)
No code logic change

Change-Id: If574c50cf0efb75984beb45df958be991ea63819
Reviewed-on: https://code.wireshark.org/review/25771
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

OpenFlow: update openflow_version_values value_string

Change-Id: I0552770981d56c1a530b65e755146ec1314fccd8
Reviewed-on: https://code.wireshark.org/review/25781
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

XRA: protect against potential infinite loops and add protocol to release notes

Change-Id: Ib1dc560e0c0c83ada668ada2da799808d5d10fc2
Reviewed-on: https://code.wireshark.org/review/25776
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Update symbol lists.

Change-Id: Iafc539a6ced0f81e2ebf796ccb490119fe2ff3f6
Reviewed-on: https://code.wireshark.org/review/25779
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Add the Excentis XRA DOCSIS header dissector to CMake.

All changes to the set of Wireshark source files must be done in both
Makefile.am and CMakeLists.txt files.

Change-Id: Iad0db912dcfd149d0f5acbb38489e0a34c6dac89
Reviewed-on: https://code.wireshark.org/review/25778
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Update the introductory comment.

Update the URL for the Cisco CMTS.

Remove the stuff about the Arris devices; the link doesn't work, their
site doesn't seem to mention "Cadant", and the C4 page I did find
doesn't say anything about how to do captures (that's probably hidden
behind a customerwall).

Emphasize that, if you can, and do, select "DOCSIS" as the link-layer
type when capturing on an Ethernet, the file (for pcap) or interface
(for pcapng) will be handled as DOCSIS, even if you don't set the "force
all frames to be dissected as DOCSIS" preference.

Change-Id: Iec44d4b9c6af231e9b7f36962515b566b3433fb4
Reviewed-on: https://code.wireshark.org/review/25777
Reviewed-by: Guy Harris <guy@alum.mit.edu>

ieee80211: Correct the actual bit positions of the reserved bits.

The reserved bit positions should match the bit positions of the fields
that are reserved. Also, the hf_he_srg_information_present bit was nibble
reversed.

Errors found by George Baltatanu.

Change-Id: I218ff9aa7bdabc4ec6e470c3ef1be230ce341b34
Reviewed-on: https://code.wireshark.org/review/25760
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Added dissector for Excentis DOCSIS31 XRA header. DLT 273. Builtin version.

Change-Id: I7d4a9cf094e8ae6af05d5599489fc609456c5645
Reviewed-on: https://code.wireshark.org/review/25768
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

cms: Add support for RFC 4108

Change-Id: I1ab32240e00c7682074e7bc9d1b05e6daa6b69b4
Reviewed-on: https://code.wireshark.org/review/25769
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Make the DOCSIS dissector a built-in dissector.

Stuff that calls it is built in, and stuff it calls is built in, so
there's not much point in having it be a plugin; we already have
examples of plugin dissectors.

Change-Id: I512e0fda62faedb5f03f476fbece2e267e1d644f
Reviewed-on: https://code.wireshark.org/review/25775
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Asciidoctor macro fixups.

Fix a few errors in the Asciidoctor macros. Use the new macro names in
the release notes and gen-bugnote.

Change-Id: I2ca672949c59ca3da8a6b963cb5bd9abd66c348d
Reviewed-on: https://code.wireshark.org/review/25774
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Fix the "pointer to function that generates a label" values.

build_label_func is a pointer type, pointing to a function that can be
used to generate a label for a "Decode As" entry. There's no need to
have pointers to those pointers; have register_decode_as_next_proto()
take a build_label_func, not a build_label_func *, as its last argument,
assign that value rather than dereferencing it, get rid of unnecessary
casts, and fix the comment in epan/decode_as.h for that argument.

Change-Id: Idc3cf18204c543a2191b122c8129b362562c0ecd
Reviewed-on: https://code.wireshark.org/review/25773
Reviewed-by: Guy Harris <guy@alum.mit.edu>

ssl: Add session ticket lifetime units in seconds

Also show the seconds in a human readable string.

Change-Id: I124bfc12954fb7c2c65777c028986d18c5686c7b
Reviewed-on: https://code.wireshark.org/review/25772
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

more SPDX convertions.

Change-Id: I6b8404c28b31a81767a3b64ffe9ba96156c4c217
Reviewed-on: https://code.wireshark.org/review/25757
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

tools: fix zlib check in licensecheck.pl.

Change-Id: I0b1708c6e4530115698d050e41b691af2a948578
Reviewed-on: https://code.wireshark.org/review/25766
Reviewed-by: Dario Lombardo <lomato@gmail.com>

data: Add option to uncompress compressed data

Change-Id: I7bb212a9638c7b946294b7c805d9167ce7235e90
Reviewed-on: https://code.wireshark.org/review/25761
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

tools: remove extra spaces from licensecheck.pl.

Change-Id: Iab25373f047cc084efaf751cb9a3cfbf62fd1f7a
Reviewed-on: https://code.wireshark.org/review/25767
Reviewed-by: Dario Lombardo <lomato@gmail.com>

IPv6: SLAAC ether address is 8 bytes

Change-Id: Id1ea9bb985b0e83c11d64cce4bb33ea7a65c794f
Reviewed-on: https://code.wireshark.org/review/25763
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Update couchbase dissector with 'flexible framing extras'

Add support to decode the new response message and then decode the
array of flexible frames, currently only the "tracing" durations
ID is fully decoded.

See:
https://github.com/couchbase/kv_engine/blob/master/docs/BinaryProtocol.md#response-header-with-flexible-framing-extras

Change-Id: I9ea1e3bb898d9c4dd3b30cd1109b7b70fc17b19e
Reviewed-on: https://code.wireshark.org/review/25613
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

CMake: Install the HTML guides.

Add a "FileInstall.cmake" module that installs files and directories.
Use it to install the chunked HTML guides.

Install the guides into CMAKE_INSTALL_FULL_DOCDIR. By default this is
/usr/local/share/doc/Wireshark. Define DOC_DIR to match.

Add explicit file and directory permissions to the default install
targets.

Remove the PDF install target.

Bug: 14258
Change-Id: I4712a4047a54627b7520b5bf5f191e0761d19606
Reviewed-on: https://code.wireshark.org/review/25737
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

WMEM: Add strjoin routines.

Add wmem versions corresponding to g_strjoin() and g_strjoinv().

Modify packet-rtps.c to use wmem routines_ where it is now using g_ routines causing mallocs.

Change-Id: I92c890a8b8f29a973e103676d8e5a681ee5abd50
Reviewed-on: https://code.wireshark.org/review/25764
Reviewed-by: Anders Broman <a.broman58@gmail.com>

NBAP: Fix and enhance SIB parsing

1. Parsing of complete-sib-short was wrong - did not consider the 8 bits of length in the begining
2. Added re-assembly logic for SIBs segmented into first/subsequent/last payloads

Change-Id: I2c4aab2cace795c3e47a22921a34efc4ee26a25f
Reviewed-on: https://code.wireshark.org/review/25598
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

html2text: Prefix lists with a bullet.

Prefix lists with a bullet symbol (U+2022) instead on an asterisk.

Skip the <head> tag while we're here so that we don't print the title
twice.

Change-Id: I1dfad1fc70aa05319e14c55b663dd2183ab87d79
Reviewed-on: https://code.wireshark.org/review/25762
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Remove Lynx.

Use tools/html2text.py to convert HTML to text.

Remove some now-obsolete documentation.

Change-Id: Ib21a1ab10c789182da5fcc68e98917a00f2fa650
Reviewed-on: https://code.wireshark.org/review/25733
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

[PFCP] Fixed a typo in Outer Header Creation IE

Corrected octet order
3GPP TS 29.244 V15.0.0 Section 8.2.56

Change-Id: I9d4795641749481d7efea0b9b1743a0a94044aa2
Reviewed-on: https://code.wireshark.org/review/25759
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

dissectors: use SPDX identifiers.

Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

h225: Fix use after free.

next_tvb_add_handle() allocates memory in packet scope.
When dissecting another packet from dissect_h225_h225_RasMessage() handler [it don't call next_tvb_init()]
next_tvb_add_handle() will write to freed pointer.

Fix by calling next_tvb_init() after leaving scope in order to clear list->last pointer.

ASAN report:
ERROR: AddressSanitizer: heap-use-after-free on address 0x6070000854f0 at pc 0x00000208574a bp 0x7ffca839cf00 sp 0x7ffca839cef8
WRITE of size 8 at 0x6070000854f0 thread T0
    #0 0x2085749 in next_tvb_add_handle /src/wireshark/epan/next_tvb.c
    #1 0xef8728 in dissect_h225_ParallelH245Control_item /src/wireshark/epan/dissectors/./asn1/h225/h225.cnf:368:3
(...)
    #21 0x168f460 in dissect_per_sequence /src/wireshark/epan/dissectors/packet-per.c:1920:12
    #22 0xef31d3 in dissect_h225_InfoRequestResponse /src/wireshark/epan/dissectors/./asn1/h225/h225.cnf:910:12
    #23 0x168e7db in dissect_per_choice /src/wireshark/epan/dissectors/packet-per.c
    #24 0xeed6e3 in dissect_h225_RasMessage /src/wireshark/epan/dissectors/./asn1/h225/h225.cnf:298:12
    #25 0xef97af in dissect_RasMessage_PDU /src/wireshark/epan/dissectors/./asn1/h225/h225.cnf:339:12
    #26 0xeef872 in dissect_h225_h225_RasMessage /src/wireshark/epan/dissectors/./asn1/h225/packet-h225-template.c:385:12

0x6070000854f0 is located 0 bytes inside of 72-byte region [0x6070000854f0,0x607000085538)
freed by thread T0 here:
    #0 0x4e2528 in __interceptor_cfree.localalias.0 /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:76
    #1 0x21263a1 in wmem_simple_free_all /src/wireshark/epan/wmem/wmem_allocator_simple.c:107:9
    #2 0x205aa4d in wmem_leave_packet_scope /src/wireshark/epan/wmem/wmem_scopes.c:81:5
(...)

previously allocated by thread T0 here:
    #0 0x4e26e8 in __interceptor_malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:88
    #1 0x225c588 in g_malloc (/out/fuzzshark_test+0x225c588)
    #2 0x20855e0 in next_tvb_add_handle /src/wireshark/epan/next_tvb.c:40:10
    #3 0xef8728 in dissect_h225_ParallelH245Control_item /src/wireshark/epan/dissectors/./asn1/h225/h225.cnf:368:3

Found by oss-fuzz/5921

Change-Id: Iea006914a9e0c433d2073f6f4c7a2973d5a33a11
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5921
Reviewed-on: https://code.wireshark.org/review/25593
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

NBAP: copy address in pinfo->pool

They are copied in structures using pinfo lifetime. Let's use the same scope.

Bug: 14416
Change-Id: I5f8ee6fff49d63584a246936f551db1803ff9816
Reviewed-on: https://code.wireshark.org/review/25748
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Extract HKDF-Expand from TLS 1.3 dissector

HKDF (RFC 5869) is a standard construct used in TLS 1.3, QUIC and
OSCORE, generalize it for use outside the TLS dissector.

Since none of the users need the "context" (formerly "hash_value")
field, remove the parameter.

Change-Id: Id952de8cb3000f6f6eda844d17c78bbd3906a84d
Reviewed-on: https://code.wireshark.org/review/25723
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

RPC Netlogon: do not leak memory each time a hash is generated

Use copy_address_swallow() instead of copy_address().
When inserting the key in the hash map, copy it in wmem file scope.

Bug: 14407
Change-Id: Ida524d314c943f480dd0e1bf44fd0ded01aafaeb
Reviewed-on: https://code.wireshark.org/review/25731
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

fuzzshark: disable protocol in fuzzer if it's used by other fuzzer.

Change-Id: I4dcc38b2ac9711660c8cf27cbbabd879c2eee930
Link: https://github.com/google/oss-fuzz/issues/1087
Reviewed-on: https://code.wireshark.org/review/25738
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

packet-ipmi-picmg.c: Add NULL check in rq17.

Crafted packets may not have ipmi_header.

Bug: 14409
Change-Id: Ib6a8eceab13525c6c8dca5cef8bce3532dc50911
Reviewed-on: https://code.wireshark.org/review/25745
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

WCCP: Prevent very long loop in dissect_wccp2_alternate_mask_value_set_element

Sanity check the total_length to make sure it doesn't go negative.

Bug: 14412
Change-Id: I87e38f6c792fa81184e4c412d6433fbbf2060f28
Reviewed-on: https://code.wireshark.org/review/25744
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

SCCP: Use int datatype for offset to prevent infinite loops

Fields are 16-bit values and large 16-bit values can be incorrectly
treated as negative, causing infinite loops in offset calculations.

Bug: 14413
Change-Id: I44334c3e9ced0734f4e1a70720859c0abf4a05c8
Reviewed-on: https://code.wireshark.org/review/25743
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

RPKI-Router: Sanity check length field to prevent infinite loop

Bug: 14414
Change-Id: I39843e8959510a0efa1add51a16e207fc63f88b1
Reviewed-on: https://code.wireshark.org/review/25742
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ceph: clear_address() to make sure to use initialized memory in set_address()

oss-fuzz triggered: set_address: assertion failed: (addr_data == NULL).

Valgrind confirms that ceph was passing uninitialized value to set_address()

==16301== Conditional jump or move depends on uninitialised value(s)
==16301==    at 0x6C37762: set_address (address.h:78)
==16301==    by 0x6C37762: copy_address_shallow (address.h:253)
==16301==    by 0x6C37762: c_node_copy (packet-ceph.c:1433)
==16301==    by 0x6C37F72: c_conv_data_copy (packet-ceph.c:1455)
==16301==    by 0x6C37F72: c_conv_data_clone (packet-ceph.c:1464)
==16301==    by 0x6C37F72: c_pkt_data_save.isra.4.part.5 (packet-ceph.c:1593)
==16301==    by 0x6C40EAE: c_pkt_data_save (packet-ceph.c:1561)
==16301==    by 0x6C40EAE: dissect_ceph.isra.60 (packet-ceph.c:7046)
==16301==    by 0x6C4186A: dissect_ceph_heur (packet-ceph.c:7111)

Found by oss-fuzz/6148.

Change-Id: I8ec762d541fd8cfd919710cf460c44968707dcc5
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6148
Reviewed-on: https://code.wireshark.org/review/25736
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>

SIGCOMP: use correct message length

Since g2a80fe283c (2005-10-06!) length initialization was moved, and
the message length is no more correct (previously tvb_length_remaining()
was called with offset equal to 0, which is no more the case after the
change).

Bug: 14410
Change-Id: I2f00be83fa17ad7344d0d75f4a899f169d7a622b
Reviewed-on: https://code.wireshark.org/review/25735
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

Fix dist.

Add asciidoctor-macros.

Change-Id: Ib3ee30f6da69bad585028eb8f1274a052114630b
Reviewed-on: https://code.wireshark.org/review/25734
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Fix ASCIIDOCTORJ_OPTS.

Avoid excessive quoting.

Change-Id: I0dd7593d464851bd34cfc7a5a99a21a2a826dd7a
Reviewed-on: https://code.wireshark.org/review/25732
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Switch from AsciiDoc to Asciidoctor.

Switch the markup text processor for files in the docbook directory from
AsciiDoc to Asciidoctor. Asciidoctor has several useful features (such
as direct PDF output) and is actively developed. It's written in Ruby
but that dependency can be sidestepped with AsciidoctorJ, a
self-contained bundle that only depends on the JRE.

The current toolchain targets require Python, AsciiDoc, DocBook XML,
DocBook XSL, Java, FOP, xsltproc, lynx, and the HTMLHelp compiler:

HTML: AsciiDoc → DocBook XML → xsltproc + DocBook XSL
Chunked HTML: AsciiDoc → DocBook XML → xsltproc + DocBook XSL
PDF: AsciiDoc → DocBook XML → xsltproc + DocBook XSL → FOP
HTMLHelp: AsciiDoc → DocBook XML → xsltproc + DocBook XSL → HHC

This change removes the AsciiDoc and FOP requirements and adds either
AsciidoctorJ or Asciidoctor + Ruby:

HTML: Asciidoctor → DocBook XML → xsltproc + DocBook XSL
Chunked HTML: Asciidoctor → DocBook XML → xsltproc + DocBook XSL
PDF: Asciidoctor
HTMLHelp: Asciidoctor → DocBook XML → xsltproc + DocBook XSL → HHC

Ideally we could generate all of these using AsciidoctorJ, Java, and
lynx. Unfortunately we're not there yet.

The release notes depend on several macros (ws-buglink, ws-salink,
cve-idlink, sort-and-group). Add Asciidoctor (Ruby) equivalents.

Remove the BUILD_xxx_GUIDES CMake options and add various output targets
automatically. This means that you have to build the various documentation
targets explicitly.

Change-Id: I31930677a656b99b1c6839bb6c33a13db951eb9a
Reviewed-on: https://code.wireshark.org/review/25668
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

wslua: Convert more comment markup to Asciidoctor.

Convert links, source code blocks, and admonitions.

Change-Id: I50c8daa19a115c23f7501b91dbfd904779a609c9
Reviewed-on: https://code.wireshark.org/review/25720
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>

ModelHelperTreeItem: Rename appendChild -> prependChild

The function was actually calling QList<QVariant>.prepend underneath
and some users of the class may need "append" to mean "append".
prepend() is faster, but current users are sorting all lists anyway.

Change-Id: I65cb02f4a2d1960cc2c49034963b191156789cc9
Reviewed-on: https://code.wireshark.org/review/25730
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

ieee80211: Fix reserved bit positions 18 & 19 when HE Support not set.

These were initially coded incorrectly. The problem was found by
George Baltatanu and a fix supplied by him.

Change-Id: I1de86ca7c5428efbcdd0fb39244a1cafbbcd32ab
Reviewed-on: https://code.wireshark.org/review/25724
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

[Automatic update for 2018-02-11]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: I1d8d8ecda65cb10240b7897399b32fb2c173003f
Reviewed-on: https://code.wireshark.org/review/25727
Reviewed-by: Gerald Combs <gerald@wireshark.org>

dct2000: avoid allocating/storing/freeing empty string

Change-Id: I06bf5ce8bf04b87dd67fb562eb149b39dd16bd76
Reviewed-on: https://code.wireshark.org/review/25726
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Write our NSIS installer to the build directory.

Write our NSIS installer to ${CMAKE_BINARY_DIR}/packaging/nsis instead
of ${CMAKE_SOURCE_DIR}/packaging/nsis.

Change-Id: I6d662b2726dc61fb199509575797b5dfe0d8fdfa
Reviewed-on: https://code.wireshark.org/review/25725
Reviewed-by: Gerald Combs <gerald@wireshark.org>

UDP: Heuristic dissector for conversation taking precedence

When a single UDP port is supporting multiple protocols, for example RTP and
RTCP can share a port, and one of these protocols is detected through a
heuristic before a superior protocol (e.g. SIP/SDP) has established that the
port has multiple protocols, then only the heuristic is used. This is due to
only looking for an exact match with find_conversation() and not going any
further. The superior protocol only adds the dissector by source address/port.
So, to fix, if we do not find the exact match, we continue serching for a
dissector on the partial matches.

Bug: 14370
Change-Id: Icdded9ca1637cd594b920f979f6f0a003bef9aae
Reviewed-on: https://code.wireshark.org/review/25432
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

musl: compile with musl libc

Ensure that wsutil/ws_pipe.c includes <sys/select.h> as as both
the timeval struct and the select function are used.

Change-Id: Idbd9e9a5b9cbee9977a423c32e55be81bb6425c3
Reviewed-on: https://code.wireshark.org/review/25616
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>

radiotap: Add support for the EOF bit in the A-MPDU Status flags.

Change-Id: I80577a0082227d892426f478ffcfff23d6ba0daa
Reviewed-on: https://code.wireshark.org/review/25472
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

androiddump: Fix non-blocking connect on Windows

Commit 043ed1f6 enabled non-blocking connect on Windows. This seems to
break androiddump on Windows completely, since a successful connection
always returns SOCKET_ERROR on connect, with WSAGetLastError() set to
WSAEWOULDBLOCK.

Apparently, the only way to check for a real connection is to try a
write select on the socket:
https://stackoverflow.com/questions/35370239/timeout-in-connect-function-from-winsock

This fixes androiddump on Windows:
- If ADB server is running, extcap interfaces are listed
- If ADB is not running, there is no noticeable delay in Wireshark

Change-Id: I6bd772215c7b232c8fe8e840cb7ad1d54c7d8860
Reviewed-on: https://code.wireshark.org/review/25715
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

androiddump: Fix and simplify tcpdump capture

1. Use "exec:" ADB command to get raw (non-PTY) tcpdump output
This is also supported on Android devices before Android 7, and is a
much easier approach than testing the new "shell,raw:" command and
falling back if unsupported. This basically undoes commit 5ebc3277.

2. Pass "-U" to tcpdump to prevent on-target buffering
Before using the "shell,raw" approach in commit 5ebc3277, I tried the
"exec:" command already, but experienced extreme buffering of the
tcpdump output, which is unacceptable for live trace viewing.
Turns out, the buffering is determined "automatically" by libpcap:
- When running in a PTY, output is flushed fast for viewing
- When _not_ in a PTY, output is not flushed and thus heavily buffered.
The "exec" command obviously doesn't use a PTY.
Fortunately, tcpdump has a "-U" option to flush the output after each
catpured packet, which is exactly what we need.

3. Ignore tcpdump stderr output
Enabling "-U" caused androiddump to fail, because it happened that the
tcpdump stderr logs were mixed with the stdout data. (We were probably
lucky this didn't happen without -U as well).
To fix this, we just ignore stderr completely by adding "2>/dev/null" to
the tcpdump command.

4. Get linktype from pcap global header
The stderr logs were previously parsed to get the textual linktype.
This is now replaced by a simpler & less fragile approach: tcpdump
prints the global pcap header, which contains precicesly the linktype
info we need.

5. Parse pcap global header magic correctly for timestamps & endianness
The previous code only supported the "classic" pcap header magic and
might also been incorrect on big-endian host machines.
Now, endian handling is simplified and we can detect the "nanosecond
timestamp" magic values as well.
This fixes the problem that extcap_dumper_dump expects *nano*second
timestamps, but the previous code supplied *micro*seconds if on-target
tcpdump outputs microseconds.

6. The parsing simplifications above allowed the main loop for tcpdump
capture to be simplified considerably.

Change-Id: Id66791e700a8943b86128f044f080bee60a9fa79
Reviewed-on: https://code.wireshark.org/review/25713
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

CMake: Don't shadow PROCESSOR_ARCHITECTURE.

PROCESSOR_ARCHITECTURE is a standard Windows environment variable.
Rename the CMake variable WIRESHARK_TARGET_PROCESSOR_ARCHITECTURE.

Change-Id: I03109d45d6fb5f00742cd43085a9d33d9e5ddf1f
Reviewed-on: https://code.wireshark.org/review/25721
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Separately count all records and data records.

A file might contain only metadata records, which exist only to provide
information needed to interpret data records; no point in showing them
in record counts.

Put the counts into the structure that we fill in, and rename the
structure and the routine to reflect that it determines statistics other
than just times.

Speak of data records rather than packets; the file might be full of
Sysdig event records but not have any packets in it, for example.

Change-Id: I8553181dca4129736bdae2c0cbba92becc28d6ef
Reviewed-on: https://code.wireshark.org/review/25722
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Move the merge_action_e enum to the Win32 file dialog source file.

It's only used with the Windows dialog, so no need to make it public.

Change-Id: I4976748d642399b57abc89bccc26f680e3938509
Reviewed-on: https://code.wireshark.org/review/25719
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix indentation.

Change-Id: I7f19b35032a686dfb2f776e8ff3527366b008331
Reviewed-on: https://code.wireshark.org/review/25718
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Put the preview-generation loop into a common routine.

Don't have all the file open dialogs have their own copies.

Change-Id: Icd6f2fd44b081575e6481a134027c90046938c64
Reviewed-on: https://code.wireshark.org/review/25717
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>

caputils/tools: more SPDX convertions.

Change-Id: I44a8d1848f768acf4c3b31a68c845264c74e4bba
Reviewed-on: https://code.wireshark.org/review/25709
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

epan: more SPDX convertions.

Change-Id: I3c9ba4542c50321ce60cba68696d99575a735392
Reviewed-on: https://code.wireshark.org/review/25708
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

tools: fix BSD license name in licensecheck.pl.

Change-Id: I401efcbb4f8f9eec5ef38f3788e979a3752c4a7f
Reviewed-on: https://code.wireshark.org/review/25714
Reviewed-by: Anders Broman <a.broman58@gmail.com>

plugins: use SPDX identifiers.

Change-Id: I8155573933daeb69c6e4c95c6702bdd6fc1fa89b
Reviewed-on: https://code.wireshark.org/review/25707
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

wslua: use SPDX identifiers.

Change-Id: I80d9d4e3ffc25eebf09e6ef693c378b77554e1b8
Reviewed-on: https://code.wireshark.org/review/25693
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Do changes from Generalize wtap_pkthdr into a structure for packet and
non-packet records for file_dlg_win32.c

Change-Id: I34ce10e574036b2d857675008c7109d5e38be6e7
Reviewed-on: https://code.wireshark.org/review/25710
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Update symbols lists.

Change-Id: Iecdef99d172fad793fd98ae10a6f03bb425d73de
Reviewed-on: https://code.wireshark.org/review/25712
Reviewed-by: Guy Harris <guy@alum.mit.edu>

pcap: Update link_type_vals

Change-Id: I7d26883344f908f86bf7b2b4beb359db014fb28b
Reviewed-on: https://code.wireshark.org/review/25705
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Do the maximum block size check in pcap_read_block().

Do it before we even *try* to read the block, so that it's done in one
place rather than having to be done in every routine to handle
particular block types.

The check was missing in the routine to read sysdig event blocks, so if
we got a huge sysdig even block we'd try to allocate a huge amount of
memory.

Bug: 14403
Change-Id: Iff0fb0387e4499420598361be6d241f2832042d7
Reviewed-on: https://code.wireshark.org/review/25702
Reviewed-by: Guy Harris <guy@alum.mit.edu>

RLC graph: fix zooming, both in normal case and when graph direction has been switched

Change-Id: I05e02b2821367ef1a78b9ededd462324053cf06e
Reviewed-on: https://code.wireshark.org/review/25683
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

html2text: Skip some tags and add references.

Skip the contents of <style> and <script> tags. Add URL footnotes
similar to `lynx -dump`.

Change-Id: I721bdfabeacc000d604aa8475f13be1d797ad0fb
Reviewed-on: https://code.wireshark.org/review/25697
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Rename ft_specific_data to reflect what we're actually using it for.

It's only being used as a working buffer to hold the raw options data we
read in.

Change-Id: I17b812e447f575ad92394b9f957658fc655cdf8e
Reviewed-on: https://code.wireshark.org/review/25701
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Remove redundant members from wtap_syscall_header.

No need for len, and call caplen event_filelen and move it after
event_len.

Change-Id: I8b3825d4022ee083ee52f83f7a69f22829ed9fc4
Reviewed-on: https://code.wireshark.org/review/25698
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Generalize wtap_pkthdr into a structure for packet and non-packet records.

Separate the stuff that any record could have from the stuff that only
particular record types have; put the latter into a union, and put all
that into a wtap_rec structure.

Add some record-type checks as necessary.

Change-Id: Id6b3486858f826fce4b096c59231f463e44bfaa2
Reviewed-on: https://code.wireshark.org/review/25696
Reviewed-by: Guy Harris <guy@alum.mit.edu>

CIP: Highlight correct bytes in Req/Rsp processing

Previously, dissect_cip_generic_service_req and dissect_cip_generic_service_rsp
set lengths at different levels of the packet. In some cases, this would
cause a malformed packet when the data length was zero. This fixes the
malformed error by explicitly setting the length, instead of using -1.

The length of the service data set is not the data paylod for both
cases. Previously, for requests, it attempted to highlight the whole CIP
layer, but this was already covered by the full CIP protocol layer
length.

Change-Id: I4b4a99d30b9e04872fcf7ffb127c496e6062856c
Reviewed-on: https://code.wireshark.org/review/25672
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

CIP Safety: Add decode options for I/O Payloads

1. Add Decode Options for 4 Safety I/O types. Previously, you could only decode as "CIP Safety", which only showed as a generic data block (because all important things for parsing are in the FwdOpen).
2. Change some timestamp display formatting to match other related timestamp fields (now all Dec)
3. Don't create connections for Null Forward Opens.

Change-Id: Ia1031b3887739a864a453b9e566ebe6f29fa5b8b
Reviewed-on: https://code.wireshark.org/review/25664
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>

QUIC: Add initial draft-09 support

Bug:13881
Change-Id: I4127330ff6af96291452dd31086b57d24ec368ab
Reviewed-on: https://code.wireshark.org/review/25687
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

epan: use SPDX indentifiers.

Skipping dissectors dir for now.

Change-Id: I717b66bfbc7cc81b83f8c2cbc011fcad643796aa
Reviewed-on: https://code.wireshark.org/review/25694
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

wmem: use SPDX identifiers.

Change-Id: Iad9a7a8a26bc6a7189a4578dfbcec1c2b3cc376e
Reviewed-on: https://code.wireshark.org/review/25692
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Get rid of no-longer-used variables.

They were used by the now-removed draft-07 support.

Change-Id: I4762d2a6bb81e231010f1fd4b2b51278bb3c4329
Reviewed-on: https://code.wireshark.org/review/25695
Reviewed-by: Guy Harris <guy@alum.mit.edu>

QUIC: remove draft-07 support

Bug: 13881
Change-Id: I6e85eb99e8f9a75772f4752657d3706402bc17fe
Reviewed-on: https://code.wireshark.org/review/25686
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>