metze/wireshark/wip.git
3 years agoSMB2 ioctl FSCTL_OFFLOAD_WRITE
Gordon Ross [Tue, 31 May 2016 21:58:14 +0000 (17:58 -0400)]
SMB2 ioctl FSCTL_OFFLOAD_WRITE

Decode SMB2 ioctl FSCTL_OFFLOAD_WRITE,
and clean up FSCTL_OFFLOAD_READ to use a
common function to print the "token".

Bug: 12482
Change-Id: I397522416e3a8508f5a99b8ac055d1ae17218d21
Reviewed-on: https://code.wireshark.org/review/15663
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoChange the declaration of nghttp2_mem_free2() to match the definition.
Guy Harris [Wed, 1 Jun 2016 00:48:12 +0000 (17:48 -0700)]
Change the declaration of nghttp2_mem_free2() to match the definition.

The free routine pointer was renamed to free_func to avoid collisions
with the standard C free() function.

From Jeff Morris' abandoned change Ia3810fe228b497d888d825f8b606078e2f71be65.

Change-Id: Iedeb74625b13d1097da510487b60f38861a42bec
Reviewed-on: https://code.wireshark.org/review/15666
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoPick up some updates from Jeff Morris' abandoned change.
Guy Harris [Wed, 1 Jun 2016 00:31:32 +0000 (17:31 -0700)]
Pick up some updates from Jeff Morris' abandoned change.

See change Ia3810fe228b497d888d825f8b606078e2f71be65.

Change-Id: Ia6df3434e31a4364bb867a978ee0f89738c19e9d
Reviewed-on: https://code.wireshark.org/review/15665
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoSquelch a compiler warning.
Guy Harris [Tue, 31 May 2016 23:42:34 +0000 (16:42 -0700)]
Squelch a compiler warning.

Change-Id: I7a0b48dd840a6b4795f87f983bbaf169afceece7
Reviewed-on: https://code.wireshark.org/review/15664
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoSuggest that file types should also be registered in the WiX installer.
Jeff Morriss [Tue, 31 May 2016 13:30:24 +0000 (09:30 -0400)]
Suggest that file types should also be registered in the WiX installer.

Change-Id: If65ff14589ccd0b2d643256f3443dc26b3b71371
Reviewed-on: https://code.wireshark.org/review/15640
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoQt: Use a standard "Start" button in Capture Options.
Gerald Combs [Tue, 31 May 2016 19:43:42 +0000 (12:43 -0700)]
Qt: Use a standard "Start" button in Capture Options.

QDialogButtonBox does a fine job of creating and managing buttons.
Instead of creating our own "Start" button, just rename the "OK" button.
This matches what we do elsewhere, e.g. in the Extcap Options dialog.

Change-Id: I3c5eec1f01925f7b82c4e7360d685acbe4bb2fea
Reviewed-on: https://code.wireshark.org/review/15653
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years ago[docsis->rngrsp] Packet decoded in greater detail
Adrian Simionov [Mon, 30 May 2016 13:02:23 +0000 (23:02 +1000)]
[docsis->rngrsp] Packet decoded in greater detail

Next steps would be to add expert and add missing TLVs.

Change-Id: Ia05d81c380d412ab02e55bbfc08363d9153ff1c3
Reviewed-on: https://code.wireshark.org/review/15617
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoSMB2 ioctl FSCTL_SRV_COPYCHUNK and related
Gordon Ross [Tue, 31 May 2016 16:20:44 +0000 (12:20 -0400)]
SMB2 ioctl FSCTL_SRV_COPYCHUNK and related

Bug: 12481
Change-Id: I0439b10f99d296a46c93e2ced6094689737d9551
Reviewed-on: https://code.wireshark.org/review/15648
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agossl: export ssl_starttls_* functions so they can be used by plugins.
jpmendoza [Tue, 31 May 2016 15:58:57 +0000 (10:58 -0500)]
ssl: export ssl_starttls_* functions so they can be used by plugins.

Change-Id: Ief8ca64391033e84fb37c6a55ec29d32d800920d
Reviewed-on: https://code.wireshark.org/review/15645
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoLTE-RRC: fix dissection of GPRS container
Pascal Quantin [Tue, 31 May 2016 14:09:03 +0000 (16:09 +0200)]
LTE-RRC: fix dissection of GPRS container

Payload embedded in LTE message does not include the first byte identifying the message type.
Let's prepend a fake one before calling the gsm_rlcmac dissector

Change-Id: Ibcf9b52902474a556b55e9b0a076d09d341f868c
Reviewed-on: https://code.wireshark.org/review/15642
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoQt: Monitor mode fixups.
Gerald Combs [Tue, 24 May 2016 23:49:54 +0000 (16:49 -0700)]
Qt: Monitor mode fixups.

When we update the monitor mode setting for an interface, update its
link type list.

Start filling in interface columns from a common function instead of
multiple places.

Rename some member function names to match
https://www.wireshark.org/docs/wsdg_html_chunked/ChUIQt.html#_coding_practices_and_naming_conventions

Bug: 11364
Change-Id: I26ac7e9719863169b62069e49ebf17ed97fbe516
Reviewed-on: https://code.wireshark.org/review/15583
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoRTPS: Updated name of CRC field
Juanjo Martin [Tue, 31 May 2016 16:12:15 +0000 (18:12 +0200)]
RTPS: Updated name of CRC field

The name specified "no header". This is false. It contains the header.

Change-Id: I921b7c23d64f43551830e840066231031432dc7c
Reviewed-on: https://code.wireshark.org/review/15646
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoFix display of composite tvbs in GUI
Pascal Quantin [Tue, 31 May 2016 14:11:41 +0000 (16:11 +0200)]
Fix display of composite tvbs in GUI

a composite tvb is the top-level data source tvb
fix composite_get_ptr function

Change-Id: Ibab58801a754fd88fb86b9a13804bccf2ad51c7a
Reviewed-on: https://code.wireshark.org/review/15643
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQt: Expand "to do" comments in SequenceDialog.
Gerald Combs [Tue, 31 May 2016 16:31:10 +0000 (09:31 -0700)]
Qt: Expand "to do" comments in SequenceDialog.

Copy in some text from bug 12419.

Change-Id: Ice3c6cab1f5c32033de3a9a78d7945c31d932755
Reviewed-on: https://code.wireshark.org/review/15649
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoQt: Fix compilation for Qt 4.
Gerald Combs [Tue, 31 May 2016 15:24:12 +0000 (08:24 -0700)]
Qt: Fix compilation for Qt 4.

QString::toHtmlEscaped was introduced in Qt 5.

Change-Id: I50b2df2f6ef441ec95972173a852d7950aedc028
Reviewed-on: https://code.wireshark.org/review/15644
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoIf we've seen HTTP in this conversation mark the frame as being HTTP.
Jeff Morriss [Thu, 28 Apr 2016 00:27:41 +0000 (20:27 -0400)]
If we've seen HTTP in this conversation mark the frame as being HTTP.

... Even if it doesn't look like HTTP.  When TCP desegmentation is turned off
the dissector will be called with frames that don't look like HTTP--but it's
(almost certainly) still HTTP.

This adjusts the changes I9f1c736baaeb86f9fab61601d79e79b4e3a16c38 and
I2617d1e49030bd5ad85b0e818c48c01dc6fae075--hopefully without breaking the
intent of either.

Bug: 10335
Change-Id: I925d53d4f82a01aeffa5d129e53100cc4f488561
Reviewed-on: https://code.wireshark.org/review/15136
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoqt: fix crash when saving RTP audio
Dario Lombardo [Mon, 30 May 2016 14:34:03 +0000 (16:34 +0200)]
qt: fix crash when saving RTP audio

The UI crashes when saving a RTP due to a division by zero.
To reproduce: open a RTP capture file, Telephony->RTP->RTP Streams,
then choose a stream, ANALYZE, SAVE, AUDIO, choose a path.

Bug: 12211
Change-Id: I51d61eb6797fc82c1b03254abaec839d3a1e281d
Reviewed-on: https://code.wireshark.org/review/15621
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoRTPS: Added support for new features
Juanjo Martin [Mon, 9 May 2016 15:45:54 +0000 (17:45 +0200)]
RTPS: Added support for new features

Added partial support for Secure DDS as well as TopicQuery and
IP Mobility (RTI features).

Fixed also a few bugs: wrong octet sequence offset, fixing "switch"
statement that was falling through and shouldn't, fixing endpoint
filters and correct dissection of inline_qos.

Change-Id: I9d1c048eaaf3914420bdd6be37fb2040a6a47874
Reviewed-on: https://code.wireshark.org/review/15496
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoRemove proto_item_append_string.
Michael Mann [Sun, 29 May 2016 19:44:54 +0000 (15:44 -0400)]
Remove proto_item_append_string.

It requires some "extra work" to get it to work properly.  Despite
documenting it, some previous use cases didn't do the extra work.
Let's just see how we get by without it.

Change-Id: I31dba1d5038d793085f6c9e4b4a6eda574e86872
Reviewed-on: https://code.wireshark.org/review/15610
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoRestore a preference column type if fields are empty.
Michael Mann [Sat, 28 May 2016 18:59:00 +0000 (14:59 -0400)]
Restore a preference column type if fields are empty.

The column type is automatically changed to Custom if user clicks
on the "Fields" or "Field Occurrences" column.  This can be
accidental and cause the user grief if he doesn't realize it.
If there is no text in the field, restore the type to its
original value.

Bug: 12465
Change-Id: I0453f43be13077aba58cca61011eeff9ca9b83b2
Reviewed-on: https://code.wireshark.org/review/15600
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agomgcp: remove some unnecessary if (tree) checks
Martin Kaiser [Sun, 29 May 2016 16:25:16 +0000 (18:25 +0200)]
mgcp: remove some unnecessary if (tree) checks

Change-Id: I839564a72163828015b6bb59bfbae6a482472013
Reviewed-on: https://code.wireshark.org/review/15631
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agomgcp: don't THROW() an exception from a dissector
Martin Kaiser [Sun, 29 May 2016 15:23:01 +0000 (17:23 +0200)]
mgcp: don't THROW() an exception from a dissector

we can simply abort the dissection for invalid lines or token lengths

Change-Id: I14e02f49a8803db7ec0a5f5c5139705091fd926a
Reviewed-on: https://code.wireshark.org/review/15628
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agomgcp: clean up dissect_mgcp()
Martin Kaiser [Sun, 29 May 2016 15:38:11 +0000 (17:38 +0200)]
mgcp: clean up dissect_mgcp()

remove some if (tree) checks
rewrite the initial check for a valid packet
use the correct data type for ti

Change-Id: I56f103be074606e7741db395976e28b4fe27d137
Reviewed-on: https://code.wireshark.org/review/15629
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agomgcp: don't throw an exception while checking if it is our packet
Martin Kaiser [Sun, 29 May 2016 16:08:05 +0000 (18:08 +0200)]
mgcp: don't throw an exception while checking if it is our packet

Change-Id: I224a596926e555fd575995b7e19b7aadbb2d8b49
Reviewed-on: https://code.wireshark.org/review/15630
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoUpdate to nghttp2 1.11.1
Alexis La Goutte [Thu, 26 May 2016 21:05:33 +0000 (23:05 +0200)]
Update to nghttp2 1.11.1

Change-Id: I308b4db02b1501f38b2693b45b2b9bd6054376d1
Reviewed-on: https://code.wireshark.org/review/15579
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoSMB2 ioctl FSCTL_QUERY_ALLOCATED_RANGES etc
Gordon Ross [Fri, 27 May 2016 15:24:59 +0000 (11:24 -0400)]
SMB2 ioctl FSCTL_QUERY_ALLOCATED_RANGES etc

Dissect FSCTL_QUERY_ALLOCATED_RANGES,
 FSCTL_SET_SPARSE, FSCTL_SET_ZERO_DATA

Bug: 12480
Change-Id: I432768288731cebf2c6e83d1564f426b6a329898
Reviewed-on: https://code.wireshark.org/review/15622
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoIf routines return a wtap_opttype_return_val, declare them as doing so.
Guy Harris [Mon, 30 May 2016 22:22:15 +0000 (15:22 -0700)]
If routines return a wtap_opttype_return_val, declare them as doing so.

Also, improve the doxygen comments.

Change-Id: I57929dfba23d926fd806ac001a5a3924bb636ae0
Reviewed-on: https://code.wireshark.org/review/15634
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agozbee-aps: don't THROW() an exception from a dissector
Martin Kaiser [Sun, 29 May 2016 16:47:24 +0000 (18:47 +0200)]
zbee-aps: don't THROW() an exception from a dissector

we alreday bring up an exception and exit cleanly,
so we can just remove the THROW()

Change-Id: I9af9b5349599cc1e19fdfa427cbffcb00a04a7be
Reviewed-on: https://code.wireshark.org/review/15633
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agodcerpc-fileexp: don't THROW() an exception from a dissector
Martin Kaiser [Thu, 26 May 2016 13:53:23 +0000 (15:53 +0200)]
dcerpc-fileexp: don't THROW() an exception from a dissector

exit if the ACL length is smaller than expected

Change-Id: I86e218a31ee1d5d1cb95eb3438ca5dc1a87205d4
Reviewed-on: https://code.wireshark.org/review/15626
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agowinsrepl: don't THROW() an exception from a dissector
Martin Kaiser [Thu, 26 May 2016 13:22:57 +0000 (15:22 +0200)]
winsrepl: don't THROW() an exception from a dissector

we can simply exit, returning the number of bytes we processed
delete an unnecessary cast while it at

Change-Id: I77596a315fcb4c64a0ad017d2b77b702b1829144
Reviewed-on: https://code.wireshark.org/review/15625
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agoTCP: fix 'mptcp.related_mapping' exists multiple times with NOT compatible types...
Alexis La Goutte [Mon, 30 May 2016 13:18:36 +0000 (15:18 +0200)]
TCP: fix 'mptcp.related_mapping' exists multiple times with NOT compatible types: FT_NONE and FT_FRAMENUM

Remove 2 unused expert info

Change-Id: I08c20bc88bce687d8089096d56ac3b3a67ad23d5
Reviewed-on: https://code.wireshark.org/review/15619
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Matthieu Coudron <matthieu.coudron@lip6.fr>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoOPA MAD: fix conflict for hf fields
Alexis La Goutte [Mon, 30 May 2016 13:35:50 +0000 (15:35 +0200)]
OPA MAD: fix conflict for hf fields

'opa.reserved' exists multiple times with NOT compatible types: FT_UINT32 and FT_UINT64
'opa.mad' exists multiple times with NOT compatible types: FT_NONE and FT_PROTOCOL
'opa.mad.attributemodifier.a' exists multiple times with NOT compatible types: FT_UINT32 and FT_BOOLEAN
'opa.mad.attributemodifier.a' exists multiple times with NOT compatible types: FT_BOOLEAN and FT_UINT32
'opa.mad.attributemodifier.b' exists multiple times with NOT compatible types: FT_BOOLEAN and FT_UINT32
'opa.mad.attributemodifier.b' exists multiple times with NOT compatible types: FT_UINT32 and FT_BOOLEAN
'opa.trap.datavalid' exists multiple times with NOT compatible types: FT_BOOLEAN and FT_UINT16
'opa.trap.datavalid' exists multiple times with NOT compatible types: FT_UINT16 and FT_BOOLEAN
'opa.switchcongestionsetting.controlmap' exists multiple times with NOT compatible types: FT_UINT32 and FT_NONE
'opa.aggregate.error' exists multiple times with NOT compatible types: FT_NONE and FT_BOOLEAN

Change-Id: I7971009d19f4916db1c6b0b572595a07bd2072e4
Reviewed-on: https://code.wireshark.org/review/15620
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoAdd nghttp2 folder to ignore pre-commit check
Alexis La Goutte [Mon, 30 May 2016 14:04:23 +0000 (16:04 +0200)]
Add nghttp2 folder to ignore pre-commit check

Change-Id: I6b76b55325db494f16488decfe94ff4129d0ac40
Reviewed-on: https://code.wireshark.org/review/15616
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQUIC: fix 'quic.puflags.cid' exists multiple times with NOT compatible types: FT_UINT...
Alexis La Goutte [Mon, 30 May 2016 13:14:57 +0000 (15:14 +0200)]
QUIC: fix 'quic.puflags.cid' exists multiple times with NOT compatible types: FT_UINT8 and FT_BOOLEAN

Change-Id: I5b90ce0f1201121d699481d3aa15e48b7c747a5a
Reviewed-on: https://code.wireshark.org/review/15618
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoISUP: make number string filterable again
Pascal Quantin [Mon, 30 May 2016 12:26:33 +0000 (14:26 +0200)]
ISUP: make number string filterable again

Change-Id: I441aad51ae8c12f6ce973bbd66e25d716f5aa626
Reviewed-on: https://code.wireshark.org/review/15615
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoISUP: change back code to gc04ee3e and replace proto_item_append_string by proto_item...
Pascal Quantin [Mon, 30 May 2016 07:51:13 +0000 (09:51 +0200)]
ISUP: change back code to gc04ee3e and replace proto_item_append_string by proto_item_append_text

This keeps decoding consistent with the previous code while getting rid of the unwanted function

Change-Id: Icaec269588c97a797beecfa678caceda4561b548
Reviewed-on: https://code.wireshark.org/review/15613
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoRTPS: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang
Alexis La Goutte [Mon, 30 May 2016 08:37:48 +0000 (10:37 +0200)]
RTPS: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: I28e2098c72faedcb112db605e004010f0dcd1215
Reviewed-on: https://code.wireshark.org/review/15614
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Juan Jose Martin Carrascosa <juanjo@rti.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoFix a compile error:
Joerg Mayer [Mon, 30 May 2016 07:49:13 +0000 (09:49 +0200)]
Fix a compile error:
[ 17%] Building C object epan/dissectors/CMakeFiles/dissectors.dir/packet-isup.c.o
/Users/jmayer/worktmp/wireshark/git/epan/dissectors/packet-isup.c:3415:71: error: implicit conversion loses integer precision: 'unsigned long' to 'guint'
      (aka 'unsigned int') [-Werror,-Wshorten-64-to-32]
    e164_info.E164_number_length = wmem_strbuf_get_len(strbuf_number) - 1;
                                 ~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~
1 error generated.

No idea wether this fix is valid, but it got me past the error.

Change-Id: I191d0dfd9d84b997d4e886ff9f5a4e76032a368e
Reviewed-on: https://code.wireshark.org/review/15612
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
3 years agoCopy all options when creating SHB block for new file.
Michael Mann [Mon, 30 May 2016 00:02:55 +0000 (20:02 -0400)]
Copy all options when creating SHB block for new file.

Change-Id: I666d4f546d9fdc026ccd7fac7750e80df7f9b697
Reviewed-on: https://code.wireshark.org/review/15611
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoRemove the last usage of proto_item_append_string
Michael Mann [Sun, 29 May 2016 19:38:57 +0000 (15:38 -0400)]
Remove the last usage of proto_item_append_string

Change-Id: Id365931569bb3e8419023f30e788259939dea386
Reviewed-on: https://code.wireshark.org/review/15609
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years ago[Automatic update for 2016-05-29]
Gerald Combs [Sun, 29 May 2016 15:11:11 +0000 (08:11 -0700)]
[Automatic update for 2016-05-29]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: Id13bada7b6b5e5c9e697967e22c687d2f64e5329
Reviewed-on: https://code.wireshark.org/review/15605
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years ago[docsis->type35ucd] TLV 7 ON OFF
Adrian Simionov [Sun, 29 May 2016 01:04:41 +0000 (11:04 +1000)]
[docsis->type35ucd] TLV 7 ON OFF

Change-Id: I5083346cb03de522d76632eba5ec9cbbf17666ea
Reviewed-on: https://code.wireshark.org/review/15603
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoMore use of wtap_optionblock_foreach_option().
Guy Harris [Sat, 28 May 2016 19:33:50 +0000 (12:33 -0700)]
More use of wtap_optionblock_foreach_option().

Change-Id: I5c0eb9f399e00580d8fc25c5e164b7b67353655f
Reviewed-on: https://code.wireshark.org/review/15602
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoUse wtap_optionblock_foreach_option() to get the SHB options.
Guy Harris [Sat, 28 May 2016 19:17:48 +0000 (12:17 -0700)]
Use wtap_optionblock_foreach_option() to get the SHB options.

That way, we're not assuming that there's one, and only one, of each of
those options.

That also lets us not have to modify the options to replace linefeeds
with spaces - we just make a copy of the option string, do the
replacement, print the modified copy, and free the copy.

Change-Id: I6c51a0a5e70ac01b03b3657a8e2aef39fefcafa6
Reviewed-on: https://code.wireshark.org/review/15601
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoQt: Sequence dialog page up+down.
Gerald Combs [Sat, 28 May 2016 17:45:12 +0000 (10:45 -0700)]
Qt: Sequence dialog page up+down.

Handle page up, page down, and space key presses.

Change-Id: I8447df53eef6c529f68532412b2e9e8bee267bfc
Reviewed-on: https://code.wireshark.org/review/15597
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoIf we're "[Saving] the file and [closing] it", actually *close* it.
Guy Harris [Sat, 28 May 2016 18:04:06 +0000 (11:04 -0700)]
If we're "[Saving] the file and [closing] it", actually *close* it.

Otherwise, if you've modified the file (added, removed, or changed
comments), and you try to close the file or quit, and answer "Save" to
the "save your work?" question, Wireshark tries to clean up the wmem
scopes, but the file scope hasn't been left, and wmem crashes with an
assertion error.

(The GTK+ version does the close, so it doesn't have the bug.)

Change-Id: Ie5942e415cfab1907e29b09926a62e2679aca6ee
Reviewed-on: https://code.wireshark.org/review/15598
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoBOOTP: Added Boot Services Discovery Protocol (BSDP)
Uli Heilmeier [Fri, 27 May 2016 10:36:57 +0000 (12:36 +0200)]
BOOTP: Added Boot Services Discovery Protocol (BSDP)

Added Apple's Boot Services Discovery Protocol (BSDP) to Bootp.
Used documentation:

* http://opensource.apple.com/source/bootp/bootp-198.1/Documentation/BSDP.doc
* https://en.wikipedia.org/wiki/Boot_Service_Discovery_Protocol
* Files from Bug report

Bug: 12427
Change-Id: I58c3fd53c164d075d5bfc12881bed66dc97236c6
Reviewed-on: https://code.wireshark.org/review/15586
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoConsistently pass C++ Boolean constants to saveCaptureFile().
Guy Harris [Sat, 28 May 2016 03:33:37 +0000 (20:33 -0700)]
Consistently pass C++ Boolean constants to saveCaptureFile().

The second argument is a bool, so pass bool constants.

(The C integer constants presumably get coerced correctly, but we might
as well be clean.)

Change-Id: Ia170b443bb9933a8916d9dc25d7492fc8acf1f22
Reviewed-on: https://code.wireshark.org/review/15596
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoSet frame/file protocol list only after dissection is complete.
Michael Mann [Fri, 27 May 2016 15:27:16 +0000 (11:27 -0400)]
Set frame/file protocol list only after dissection is complete.

The protocol list tree item used in a frame/file is near the bottom
of items under the frame/file tree. Move it a little farther down until
after the rest of the frame/record is dissected.  This prevents the need
for proto_item_append_string (and its special handling)

Change-Id: Iea4eaac7675126ebad642b11fa86ad211f21ae26
Reviewed-on: https://code.wireshark.org/review/15589
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoMake wtap_optionblock_foreach_option public.
Guy Harris [Sat, 28 May 2016 01:31:48 +0000 (18:31 -0700)]
Make wtap_optionblock_foreach_option public.

Change-Id: I99e448319669acfdb0ec3b96e8e1195ba4a1f4f9
Reviewed-on: https://code.wireshark.org/review/15594
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoQt: Sequence dialog navigation updates.
Gerald Combs [Fri, 27 May 2016 20:00:31 +0000 (13:00 -0700)]
Qt: Sequence dialog navigation updates.

Clean up the next / previous logic a bit. If the selected item is out of
range, move it in-range.

Change-Id: Idd5f83e7f4ccf960500f261e1c2292da6cecab57
Reviewed-on: https://code.wireshark.org/review/15591
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoTest: Revert debugging output.
Gerald Combs [Fri, 27 May 2016 18:21:09 +0000 (11:21 -0700)]
Test: Revert debugging output.

Revert "Test: Make capture_step_stdin more verbose." and "Test: more
suite-capture debugging." Tests on the Windows 8.1 builder have been
passing since recommended OS updates were installed on the 24th.

This reverts commits 7f710ef2b54d9eeb06c35ab1bd834f2df0696024 and
f52c3c468a508e1e770c32d479cdd761cb412af8.

Change-Id: I7cf10a38ba001426baea5fc76a34610c3a26ced2
Reviewed-on: https://code.wireshark.org/review/15590
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoCreate a "placeholder" NFS CB protocol for ONC-RPC stats.
Michael Mann [Fri, 27 May 2016 12:25:55 +0000 (08:25 -0400)]
Create a "placeholder" NFS CB protocol for ONC-RPC stats.

In GTK GUI, "NFS" shows up twice in the ONC-RPC Service Response Time
Programs list.  That's probably confusing enough to users.  In Qt
the "second" NFS wasn't showing up at all (or getting overwritten)
because it was hashing on program name.
Make NFS programs unique with a "stubbed" protocol.

Bug: 12478
Change-Id: Ic4ebdab8ba8b70e6026e1fb0f8e8defd4532b0f2
Reviewed-on: https://code.wireshark.org/review/15587
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoDon't use "== {TRUE,FALSE}" when testing whether a Boolean is true or false.
Guy Harris [Fri, 27 May 2016 06:46:22 +0000 (23:46 -0700)]
Don't use "== {TRUE,FALSE}" when testing whether a Boolean is true or false.

"if (boolean)" suffices to test for true, and "if (!boolean)" suffices
to test for false.

Most of the time, explicitly comparing against TRUE or FALSE is
harmless, although possibly slightly less efficient, as you're
explicitly testing against 1 rather than testing for "not zero".

*However*, if you want to test whether a given bit is set in a flags
field, "if ((flags & flagbit) == TRUE)" *DOES NOT WORK* unless "flagbit"
is equal to 1, because TRUE is equal to 1, and if "flagbit" is not equal
to 1, "flags & flagbit" will *NEVER* be equal to 1.

So comparing "== TRUE" is a bad habit to get into, as it might lead to
its use when doing bit testing.

While we're at it, clean up some other tests:

"if (!(x == FALSE))" really means "x is true", so write it as
such, i.e. "if (x)";

if (a && b)
do this;
if (a && !b)
do that;

reads better as

if (a) {
if (b)
do this
else
do that
}

when doing bit testing, there's no need to shift the bit, just
test it (and, no, that doesn't conflict with the bit about TRUE
being 1 - *just test the bit*, it's the standard C idiom).

Fixes CID 1362119.

Change-Id: I011154caae45307796ffd270d265c05a2533b1db
Reviewed-on: https://code.wireshark.org/review/15585
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoShow the reserved fields in AAPL buffers.
Guy Harris [Fri, 27 May 2016 00:26:11 +0000 (17:26 -0700)]
Show the reserved fields in AAPL buffers.

Change-Id: I254984f0b9f46359b34af21dec965d366be5a176
Reviewed-on: https://code.wireshark.org/review/15581
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoRTPS: Added support to parse the PID_TYPE_OBJECT
Juanjo Martin [Mon, 9 May 2016 12:10:17 +0000 (14:10 +0200)]
RTPS: Added support to parse the PID_TYPE_OBJECT

Bug:12415

Change-Id: I457bda34b089f95525192ed4cdce0d4fe8883fd7
Reviewed-on: https://code.wireshark.org/review/15305
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoSMB NtTransCreate should decode extended response
Gordon Ross [Thu, 26 May 2016 05:32:22 +0000 (01:32 -0400)]
SMB NtTransCreate should decode extended response

SMB Nt Transact Create can have an extended response like
SMB Nt Create, as described in MS-SMB 2.2.7.1.2

Bug: 12477
Change-Id: Id1d7b96a1eb336b8c45bcb9af7b7d1b9b42c662a
Reviewed-on: https://code.wireshark.org/review/15577
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoSMB TreeConnectAndX response improvement
Gordon Ross [Thu, 26 May 2016 04:52:32 +0000 (00:52 -0400)]
SMB TreeConnectAndX response improvement

The file system type string can be decoded in either the
three word seven word formats.  While I'm here, comment
the various formats an simplify a bit.

Bug: 12479
Change-Id: Ie5554068bef9d9c916c6c9862da00529639863b3
Reviewed-on: https://code.wireshark.org/review/15580
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoSMB2 FSCTL_SRV_ENUMERATE_SNAPSHOTS misnamed
Gordon Ross [Fri, 27 May 2016 00:55:09 +0000 (20:55 -0400)]
SMB2 FSCTL_SRV_ENUMERATE_SNAPSHOTS misnamed

The SMB2 ioctl FSCTL_SRV_ENUMERATE_SNAPSHOTS is currently
presented as FSCTL_GET_SHADOW_COPY_DATA (incorrect).

Bug: 11405
Change-Id: I7f025d1cf219c583666f4e6faedfc7adc3fbf14b
Reviewed-on: https://code.wireshark.org/review/15582
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoSMB2 Notify response shown as malformed
Gordon Ross [Fri, 27 May 2016 03:08:00 +0000 (23:08 -0400)]
SMB2 Notify response shown as malformed

SMB2 Notify needs to treat STATUS_NOTIFY_ENUM_DIR the same as success.
MS-SMB2 3.3.4.4 mentions this.

Bug: 12128
Change-Id: I3fea5f958449a469ccf66ea637db2d0db236c464
Reviewed-on: https://code.wireshark.org/review/15584
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoQt: Don't use QMap::first or ::last
Gerald Combs [Thu, 26 May 2016 15:29:27 +0000 (08:29 -0700)]
Qt: Don't use QMap::first or ::last

QMap::first and ::last were added in Qt 5.2.

Change-Id: I63bbb384aa75910bb96d8f75185ae90444b6c127
Reviewed-on: https://code.wireshark.org/review/15576
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoRemove some proto_item_append_string
Michael Mann [Thu, 26 May 2016 13:25:38 +0000 (09:25 -0400)]
Remove some proto_item_append_string

These calls to proto_item_append_string were not taking into account all
of the special treatment needed to use it, so proto_item_append_text
(or similar) was probably intended.

Change-Id: I5d1f092f8162a87d30fc8dc694f6124dc81372b5
Reviewed-on: https://code.wireshark.org/review/15575
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRemove write capabilities from wtap_optionblocks.
Michael Mann [Sun, 22 May 2016 04:02:33 +0000 (00:02 -0400)]
Remove write capabilities from wtap_optionblocks.

The write functionality was too PCAPNG-specific and the intention is to
keep the option blocks as generic as possible.

So moved the write functionality back to pcapng.c and added a
wtap_opttype API to loop through all options in the block
(wtap_optionblock_foreach_option)

Change-Id: Iaf49126a1a3e2ed60ae02c52878ca22671dac335
Reviewed-on: https://code.wireshark.org/review/15525
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoCyclic PROFINET PROFIsafe RTC1 data dissection
T. Scholz [Thu, 19 May 2016 17:27:17 +0000 (13:27 -0400)]
Cyclic PROFINET PROFIsafe RTC1 data dissection

New implemented functions for profinet plug-in to read cyclic RTC1 data
frames more detailed and further to dissect PROFIsafe on PROFINET frames.

New functions include:
- Reading the PROFINET "Ident OK" Frame for detailed module information,
  as ModuleIdentNr., SubModuleIdentNr., etc. total dynamically
- Improved the existing dissection of fParameter with usage of GSDML-files,
  as the indexnumber for those parameters can change
- Reading a GSDML-file for further module-information, such as PROFIsafe
  Module, etc.
- Aded new pnio protocol preferences, in which the user can define its own
  network path to his GSDML-files, so that Wireshark is able to read those
  files for detailed information output.
- Added new filter functions for PROFINET and PROFIsafe
- All gained and saved information will be used to dissect the cyclic
  PROFINET frames

Bug: 12216
Change-Id: I379da1d349fa099047953042f1aa30450bee5b30
Reviewed-on: https://code.wireshark.org/review/14119
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Birol Capa <birol.capa@siemens.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoSMB NtCreate andX with extended response sometimes incorrect
Gordon Ross [Thu, 26 May 2016 01:54:20 +0000 (21:54 -0400)]
SMB NtCreate andX with extended response sometimes incorrect

Bug: 12473
Change-Id: Id513a89c5674e7288c7e0b12a06076eec18ff830
Reviewed-on: https://code.wireshark.org/review/15568
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoSMB Open andX extended response decoded incorrectly
Gordon Ross [Wed, 25 May 2016 22:56:33 +0000 (18:56 -0400)]
SMB Open andX extended response decoded incorrectly

Bug: 12472
Change-Id: I94740078631e96980f14ade5df8ae9694c9d73b1
Reviewed-on: https://code.wireshark.org/review/15565
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQt: Add next / previous sequence shortcuts.
Gerald Combs [Wed, 25 May 2016 19:02:40 +0000 (12:02 -0700)]
Qt: Add next / previous sequence shortcuts.

Add next (N) and previous (P) keyboard shortcuts. The GTK+ UI uses the
down and up keys, but we're already using those for panning the Y axis.
Add a scroll margin when using N and P.

Add mouse wheel and trackpad support.

Disable mouse dragging for now until we figure out how to limit it to
our axis boundaries.

Ping-Bug: 12419
Change-Id: I292319928db365206277bf2bb3e42e14ef811ff0
Reviewed-on: https://code.wireshark.org/review/15559
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoUpdate the comments/warnings about using proto_tree_append_string().
Jeff Morriss [Wed, 25 May 2016 22:06:37 +0000 (18:06 -0400)]
Update the comments/warnings about using proto_tree_append_string().

packet-wsp.c hasn't used proto_tree_append_string() since
Ic5467289aae7d54e78c1fd65f93358387d6139aa.  Use packet-frame as the example
instead.

Change-Id: I69fb10679ec1685a61aac182414e596b345153fd
Reviewed-on: https://code.wireshark.org/review/15563
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoFix dissection of JXTA over UDP.
Jeff Morriss [Wed, 25 May 2016 21:35:43 +0000 (17:35 -0400)]
Fix dissection of JXTA over UDP.

Prior to this change all JXTA-over-UDP frames throw an exception after setting
COL_PROTOCOL.

The offset used when adding the protocol to the tree had already been
incremented to point to the end of the TVB; use tree_offset (which is the
current offset) instead.

This code has been here since r17282 (2006) so presumably the change is that
proto_tree_add_protocol_format() started throwing an exception when offset
points to the end of the TVB sometime between then and now.

Change-Id: Iadbcada29cd235e8abe5662b825a2d97ff6f7308
Reviewed-on: https://code.wireshark.org/review/15560
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQt: Escape sequence dialog hint text.
Gerald Combs [Wed, 25 May 2016 21:39:20 +0000 (14:39 -0700)]
Qt: Escape sequence dialog hint text.

Escape HTML markup before showing hint text. Otherwise things like SIP
addresses won't be displayed correctly.

Change-Id: I5ceae978af0ff9e253dae4d3ec8ad9da20948de0
Reviewed-on: https://code.wireshark.org/review/15561
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoAdd P-Access-Network-Info decoding fields
Binh Trinh [Wed, 25 May 2016 02:46:17 +0000 (22:46 -0400)]
Add P-Access-Network-Info decoding fields

Change-Id: I62b9a768674952b8762bddcfe5a5f9d71b53fe4f
Reviewed-on: https://code.wireshark.org/review/15557
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoQt: Add Time and Comment labels to the sequence diagram.
Gerald Combs [Thu, 19 May 2016 02:21:02 +0000 (11:21 +0900)]
Qt: Add Time and Comment labels to the sequence diagram.

Add "Time" and "Comment" labels to the sequence diagram similar to the
GTK+ UI. Draw a border around the diagram as well.

Widen the default spacing and set it to a simple em-width multiple.

Fix our port number alignment.

Copy over the sequence diagram colors from the GTK+ UI and add them to
ColorUtils. Color sequences according to their respective conversation
numbers.

To do:
- Add zoom.

Ping-Bug: 12419
Change-Id: I3f9b4ffbfcc34aae1c38e303cd36ff207be247b1
Reviewed-on: https://code.wireshark.org/review/15554
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoRemove an extra break from a copy-and-pasteo.
Guy Harris [Wed, 25 May 2016 01:49:03 +0000 (18:49 -0700)]
Remove an extra break from a copy-and-pasteo.

Change-Id: I1f09d74f1d06260a08c8b975195d83c34e6ae253
Reviewed-on: https://code.wireshark.org/review/15556
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoClean up indentation.
Guy Harris [Wed, 25 May 2016 01:32:03 +0000 (18:32 -0700)]
Clean up indentation.

Change-Id: I6954dfe50eac07f8ab3df41d30a8285d329dcd98
Reviewed-on: https://code.wireshark.org/review/15555
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoRemove NULL checks after dereference (CID 1358549 and CID 1358683)
Jaap Keuter [Mon, 23 May 2016 18:22:17 +0000 (20:22 +0200)]
Remove NULL checks after dereference (CID 1358549 and CID 1358683)

Change-Id: If7eb246909abad2eeb9979cf14509a7d697dfd81
Reviewed-on: https://code.wireshark.org/review/15545
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoStylistic constency.
Guy Harris [Tue, 24 May 2016 20:11:37 +0000 (13:11 -0700)]
Stylistic constency.

Change-Id: I7a9b3889886ca80b1b999bb91862bc1a0ff80d9b
Reviewed-on: https://code.wireshark.org/review/15553
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoOPA MAD: fix Result of operation is garbage or undefined found by Clang Analyzer
Alexis La Goutte [Sun, 22 May 2016 16:33:21 +0000 (18:33 +0200)]
OPA MAD: fix Result of operation is garbage or undefined found by Clang Analyzer

Change-Id: I16a81cacef2b576f634a6726fa1620a0e6660e76
Reviewed-on: https://code.wireshark.org/review/15533
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Adam Goldman <adam.goldman@intel.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agomanolito: fix indent (remove unused tab/space)
Alexis La Goutte [Tue, 24 May 2016 11:51:28 +0000 (13:51 +0200)]
manolito: fix indent (remove unused tab/space)

Change-Id: Iebff327f91580b254f26dd85a5d2e5ed6da122f2
Reviewed-on: https://code.wireshark.org/review/15551
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoAdd support for Apple Create Context extensions.
Guy Harris [Tue, 24 May 2016 09:19:10 +0000 (02:19 -0700)]
Add support for Apple Create Context extensions.

Change-Id: I1e0f055e88610c559715b8431a82e7600beeae83
Reviewed-on: https://code.wireshark.org/review/15550
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoDocument wmem null guarantee
Evan Huus [Tue, 24 May 2016 02:12:19 +0000 (22:12 -0400)]
Document wmem null guarantee

Change-Id: Ibbbda815b144441f7db2d1920e1551c45e997370
Reviewed-on: https://code.wireshark.org/review/15549
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
3 years agoqt follow stream: set the file name before opening
Martin Kaiser [Mon, 23 May 2016 20:57:54 +0000 (22:57 +0200)]
qt follow stream: set the file name before opening

If we don't, Save As will always fail.

(I broke this in 6a992182ce47d721ce73eabf99983cea480dcf97)

Change-Id: I4abfe495af3aee470331ae5464acbd7d08028bf0
Reviewed-on: https://code.wireshark.org/review/15547
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agozigbee zdp: There are 32 bits in a guint32.
Martin Kaiser [Sun, 22 May 2016 16:12:41 +0000 (18:12 +0200)]
zigbee zdp: There are 32 bits in a guint32.

No need for obtuse math and lots of casting.

Change-Id: I41bf7dd98700b1b58eae93d36bb55e2e7017b506
Reviewed-on: https://code.wireshark.org/review/15532
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoQt: Enable Analyze -> Conversation Filter
D. Ulis [Sun, 22 May 2016 18:46:11 +0000 (14:46 -0400)]
Qt: Enable Analyze -> Conversation Filter

Exit early if there is no color rule before setting the parent menu enabled/disabled.

Bug: 12458
Change-Id: I37dc093681d3dc28afb60df7fd45e49ab804b2a1
Reviewed-on: https://code.wireshark.org/review/15538
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoTCP: Fix Dereference of null pointer found by Clang analyzer
Alexis La Goutte [Thu, 14 Apr 2016 14:28:48 +0000 (16:28 +0200)]
TCP: Fix Dereference of null pointer found by Clang analyzer

Change-Id: Ie103b7f673db54056ad9edb15adb7fb7678ac336
Reviewed-on: https://code.wireshark.org/review/14916
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoTCPCL: Return -1 when tcp_dissect_pdus asks for a length and it doesn't look like...
Michael Mann [Sun, 22 May 2016 18:22:18 +0000 (14:22 -0400)]
TCPCL: Return -1 when tcp_dissect_pdus asks for a length and it doesn't look like a TCPCL packet.

This will stop dissection of Bundle packets, but more importantly
prevents assertion in TCP dissector when trying to reassemble
the packets as TCPCL/Bundle.

Bug: 11395
Bug: 12462
Change-Id: I3a2ccd5e02022dfe03bc93d81bfbd3f2d3bcd8aa
Reviewed-on: https://code.wireshark.org/review/15537
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoMake sure EAPOL body is big enough for a EAPOL_RSN_KEY.
Michael Mann [Mon, 23 May 2016 00:21:17 +0000 (20:21 -0400)]
Make sure EAPOL body is big enough for a EAPOL_RSN_KEY.

A pointer to a EAPOL_RSN_KEY is set on the packet presuming the
whole EAPOL_RSN_KEY is there.  That's not always the case for
fuzzed/malicious captures.

Bug: 11585
Change-Id: Ib94b8aceef444c7820e43b969596efdb8dbecccd
Reviewed-on: https://code.wireshark.org/review/15540
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoInclude <sys/socket.h>, too.
Guy Harris [Mon, 23 May 2016 02:22:22 +0000 (19:22 -0700)]
Include <sys/socket.h>, too.

The Single UNIX Spec says AF_INET and AF_INET6 are defined by
<sys/socket.h>, which means you *should* include it if you want those
defines, and it doesn't look as if DragonFly BSD's <netinet/in.h>
includes it.

Do the includes in the order in whcih dumpcap does them.

Change-Id: I2ee611fc08a5487d5b8ed48396aa2a49447c881a
Reviewed-on: https://code.wireshark.org/review/15542
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoExplicitly include <netinet/in.h>.
Guy Harris [Mon, 23 May 2016 02:07:34 +0000 (19:07 -0700)]
Explicitly include <netinet/in.h>.

We use structures from it, and must not depend on <arpa/inet.h> or
<ifaddrs.h> to include it for us, as that doesn't necessarily happen on
all platforms (it doesn't happen on DragonFly BSD, for example).

Change-Id: Id0e6cc406b774efb076bb8e04827fdb7d502be16
Reviewed-on: https://code.wireshark.org/review/15541
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoAdd wtap_optionblock_set_option_string_format
Michael Mann [Fri, 20 May 2016 02:28:43 +0000 (22:28 -0400)]
Add wtap_optionblock_set_option_string_format

Also add a length parameter to wtap_optionblock_set_option_string

Change-Id: I8c7bbc48aa96b5c2a91ab9a17980928d6894f1ee
Reviewed-on: https://code.wireshark.org/review/15505
Reviewed-by: Anthony Coddington <anthony.coddington@endace.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoqt follow stream: don't crash when saving to an non-writable file
Martin Kaiser [Sun, 22 May 2016 17:44:25 +0000 (19:44 +0200)]
qt follow stream: don't crash when saving to an non-writable file

When the user clicks Save As in the Follow Stream window, check that the
selected target file can be opened for writing. Bring up a warning box
if the file is not writable.

Change-Id: I76e67b064377dd432d3b14592f5096b99d9968c0
Reviewed-on: https://code.wireshark.org/review/15536
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRevert "zigbee zdp: remove some misleading casts"
Martin Kaiser [Sun, 22 May 2016 20:29:59 +0000 (22:29 +0200)]
Revert "zigbee zdp: remove some misleading casts"

It seems that the casts are required on OS X.

This reverts commit d8ef04c8914e162139594cfe0aee3072bc513e70.

Change-Id: I9644555552a6daab93334073a4fcf4f3f2522b59
Reviewed-on: https://code.wireshark.org/review/15539
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agozigbee zdp: remove some misleading casts
Martin Kaiser [Sun, 22 May 2016 16:08:13 +0000 (18:08 +0200)]
zigbee zdp: remove some misleading casts

sizeof() returns a size_t, which is unsigned

when we assign the result of sizeof() to an unsigned lvalue like a
guint, there's no point in casting to int

Change-Id: I9644c72a22a6dadb9ecd4073a4fcbd1c93517b59
Reviewed-on: https://code.wireshark.org/review/15531
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agomanolito: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang
Alexis La Goutte [Sun, 22 May 2016 16:52:45 +0000 (18:52 +0200)]
manolito: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: I89a69c33486bf4b660118a816abcd2aa855e08d8
Reviewed-on: https://code.wireshark.org/review/15534
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agoBluetooth: Update Member UUIDs and CompanyIDs
Michal Labedzki [Sat, 7 May 2016 16:07:47 +0000 (18:07 +0200)]
Bluetooth: Update Member UUIDs and CompanyIDs

Update member UUIDs and CompanyIDs from Bluetooth Assign Numbers.

Change-Id: I5deb5b8e930d2df0296f17a3fe3b46989a28a86d
Reviewed-on: https://code.wireshark.org/review/15453
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agozigbee zdp: remove some unnecessary NULL checks
Martin Kaiser [Sun, 22 May 2016 15:48:23 +0000 (17:48 +0200)]
zigbee zdp: remove some unnecessary NULL checks

Change-Id: I8219105ccf38db6592e2ba4c83d1ec1da73abc4f
Reviewed-on: https://code.wireshark.org/review/15530
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years ago[Automatic update for 2016-05-22]
Gerald Combs [Sun, 22 May 2016 15:11:11 +0000 (08:11 -0700)]
[Automatic update for 2016-05-22]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: I6ac498e507c71fd917eb0cfc3c4330a4c0ffcb64
Reviewed-on: https://code.wireshark.org/review/15527
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoQt: fix parameter 'overlay_image' not found in the function declaration [-Wdocumentation]
Alexis La Goutte [Sat, 21 May 2016 18:13:00 +0000 (20:13 +0200)]
Qt: fix parameter 'overlay_image' not found in the function declaration [-Wdocumentation]

Change-Id: I5f18d7ed5f4c830ce201fa6929fc1b7c0259692e
Reviewed-on: https://code.wireshark.org/review/15515
Reviewed-by: João Valverde <j@v6e.pt>
Tested-by: João Valverde <j@v6e.pt>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoERF: Fix and improve ERF_TYPE_META sanity checks
Anthony Coddington [Thu, 5 May 2016 07:40:57 +0000 (19:40 +1200)]
ERF: Fix and improve ERF_TYPE_META sanity checks

Fix sanity checking overflow in wiretap ERF_TYPE_META parsing segfault.
Fix final tag of exactly 4 bytes not being dissected.
Fix not setting bitfield tag subtree (was working due to proto.c internal behaviour).
Add dissector expertinfo for truncated tags. Dissect type and length on error.

Bug: 12352
Change-Id: I3fe6644f369e4d6f1f64270cb83c8d0f8a1f1a94
Reviewed-on: https://code.wireshark.org/review/15357
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoStart dissecting the Mikrotik/Routerboard vendorspecific IEs
Joerg Mayer [Sun, 22 May 2016 10:54:24 +0000 (12:54 +0200)]
Start dissecting the Mikrotik/Routerboard vendorspecific IEs

Change-Id: I87c80489c77243191cd44ab8fc6172a884ec05fb
Reviewed-on: https://code.wireshark.org/review/15526
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
3 years agospeex: Fix unknown option after ‘#pragma GCC diagnostic’ kind [-Werror=pragmas]
João Valverde [Sun, 22 May 2016 02:26:52 +0000 (03:26 +0100)]
speex: Fix unknown option after ‘#pragma GCC diagnostic’ kind [-Werror=pragmas]

Change-Id: Ia6c5d2c19d991ee3ca3b1525b93121ee7cf15b1e
Reviewed-on: https://code.wireshark.org/review/13919
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>