Guy Harris [Tue, 19 May 2015 01:43:14 +0000 (18:43 -0700)]
Fix typo.
Change-Id: Idde2f4771b42714561f65f712e680f9609aeaa57
Reviewed-on: https://code.wireshark.org/review/8535
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Tue, 19 May 2015 01:40:13 +0000 (18:40 -0700)]
Pass the executable path to CreateProcess(), and end it with ".exe".
On Windows, 1) pass the path of the executable as the first argument to
CreateProcess(), which requires that we 2) have that path end with
".exe.
Maybe it'll fix the searching-for-dumpcap that showed up in bug 11196.
Change-Id: I9d06c07c3513fd42b98d3f8d9a1d2d545f651fe2
Reviewed-on: https://code.wireshark.org/review/8534
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Martin Kaiser [Sun, 17 May 2015 15:20:32 +0000 (17:20 +0200)]
DVB-CI: remove proto_tree_add_text() calls from the appmmi resource
Change-Id: I422e8644445d7bb8a8ae43f426183db6b8974839
Reviewed-on: https://code.wireshark.org/review/8530
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Martin Kaiser [Sun, 17 May 2015 14:26:45 +0000 (16:26 +0200)]
DVB-CI: remove proto_tree_add_text() calls from the operator profile resource
rename some variables and remove obsolete comments while we're at it
Change-Id: Ib400c371ea52c3681fbc1d25ef42791e4aeff9e4
Reviewed-on: https://code.wireshark.org/review/8529
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Martin Kaiser [Sun, 17 May 2015 12:44:13 +0000 (14:44 +0200)]
DVB-CI: remove proto_tree_add_text() calls from the transport layer
Change-Id: I593527fafa38312d5d4e8f778e9af0d6294bb3f8
Reviewed-on: https://code.wireshark.org/review/8528
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Martin Kaiser [Sun, 17 May 2015 13:58:17 +0000 (15:58 +0200)]
DVB-CI: fix a TPDU parsing error
if the response TPDU starts with 0x80 (T_SB), this is not an unknown
tag, it simply indicates that the optional header and body are absent
this bug was introduced in
e597acdc4827ef62bc9597fdd248366411533a36
Change-Id: I076a0c9f0ea124e11edbb7a0bc0e41d1ab6f374a
Reviewed-on: https://code.wireshark.org/review/8527
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Guy Harris [Mon, 18 May 2015 17:17:19 +0000 (10:17 -0700)]
Don't put the NTLMv2 ChallengeFromClient into the protocol tree twice.
It's already put there by dissect_ntlmv2_response(); no need to do it
again.
Also, rename "NTLM Client Challenge" to "LMv2 Client Challenge", as
that's what it is (ChallengeFromClient from 2.2.2.4 LMv2_RESPONSE), and
rename "Client Challenge" to "NTLMv2 Client Challenge", as that's what
*it* is (ChallengeFromClient from 2.2.2.7 NTLM v2:
NTLMv2_CLIENT_CHALLENGE).
Change-Id: If95e2c77323cb597df7e400bf9ffc045d94c60e2
Reviewed-on: https://code.wireshark.org/review/8524
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Mon, 18 May 2015 17:00:58 +0000 (10:00 -0700)]
Reorganize the NTLMSSP blob and AUTHENTICATE message parsing.
The "result" argument to dissect_ntlmssp_blob() is never null, so don't
check for it being null.
Have separate clauses for LmChallengeResponse and NtChallengeResponse,
and do the checks for NTLMv1 vs. NTLMv2 inside those clauses.
Do the copy to client_challenge within the AUTHENTICATE message parsing
only if we've already determined that it's an NTLMv2 message.
Add some comments to better explain what's being done and to ask some
questions.
Change-Id: I52345eaeac4252d928b2e477751817084bf4e363
Reviewed-on: https://code.wireshark.org/review/8523
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Michal Labedzki [Mon, 18 May 2015 10:15:43 +0000 (12:15 +0200)]
Bluetooth: OBEX: Fix crash when there is no Type/Name header in request
Not all requests have them, so check for them to avoid crash.
Change-Id: I265fb8ad9f63132bee6eeb1aa521cae8b8df82b9
Reviewed-on: https://code.wireshark.org/review/8521
Reviewed-by: Michal Orynicz <michal.orynicz@tieto.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Alexis La Goutte [Mon, 18 May 2015 09:08:51 +0000 (11:08 +0200)]
IPDR: Fix Dead Store (Dead assignement/Dead increment) warning found by Clang
Change-Id: Icf1686e9f1530a602ec5b03572be53d4f245d70c
Reviewed-on: https://code.wireshark.org/review/8520
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Alexis La Goutte [Mon, 18 May 2015 09:03:08 +0000 (11:03 +0200)]
IPDR: fix comma at end of enumerator list [-Wpedantic]
Change-Id: I4f78a3a15aa04c52042f7461d11b31c95f7e9590
Reviewed-on: https://code.wireshark.org/review/8519
Reviewed-by: Michael Mann <mmann78@netscape.net>
Alexis La Goutte [Mon, 18 May 2015 08:15:45 +0000 (10:15 +0200)]
fix make distcheck (add packet-bthci_sco.h to list of distributed file)
Don't forget to add *.h files to distributed file
Change-Id: I37459a4836e495f66185fd4d07306bb8963667f6
Reviewed-on: https://code.wireshark.org/review/8518
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Guy Harris [Mon, 18 May 2015 07:31:02 +0000 (00:31 -0700)]
Fix a comment.
Change-Id: I0f777121a4897983a48794fcdfb13efc26266bdc
Reviewed-on: https://code.wireshark.org/review/8517
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Michal Labedzki [Sun, 3 May 2015 15:24:10 +0000 (17:24 +0200)]
androiddump: Case-insensitive for option and add verbose mode
If verbose mode is off, then androiddump is quite.
Change-Id: Ib0b2d10acf05487a971e2bf7cbc27fd2666ec262
Reviewed-on: https://code.wireshark.org/review/8516
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Michal Labedzki [Sun, 3 May 2015 16:34:31 +0000 (18:34 +0200)]
Ubertooth: Add WriteRegister command
Change-Id: Ie1cea754bcf732bf3985b777245e8b08606757f0
Reviewed-on: https://code.wireshark.org/review/8515
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Michal Labedzki [Sun, 3 May 2015 11:50:42 +0000 (13:50 +0200)]
Bluetooth: HCI: Add command-event tracking
HCI Commands in most cases generate response in Event queue, so try
to map event to command and give user response time information.
Change-Id: Ib4956829b7d0064ab528aa3202f8f959d8d371b7
Reviewed-on: https://code.wireshark.org/review/8514
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Michal Labedzki [Sun, 10 May 2015 17:07:19 +0000 (19:07 +0200)]
Bluetooth: HCI: Add new LE Event numbers
New event will be added later, for now all number are useful.
Change-Id: I83b77627dfb0c511710c3080aaac0f6857f76137
Reviewed-on: https://code.wireshark.org/review/8513
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Michal Labedzki [Fri, 8 May 2015 07:10:35 +0000 (09:10 +0200)]
Bluetooth: BTLE: Fix data handling from previous dissector
Check previous dissector before cast data parameter.
That also causes Head overflow too.
Change-Id: I8f6ce2ec183e4c757613fd7e1959d9d0e4cfc89e
Reviewed-on: https://code.wireshark.org/review/8512
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Michal Labedzki [Mon, 4 May 2015 09:46:19 +0000 (11:46 +0200)]
Bluetooth: Remove duplicates by default for ATT Server Attributes dialog
Change-Id: Ic833c800f599eed465eddc3d17ca07bdf3e83aba
Reviewed-on: https://code.wireshark.org/review/8511
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Michal Labedzki [Mon, 4 May 2015 10:54:29 +0000 (12:54 +0200)]
Bluetooth: SCO: Add Stream Number generated field
It is used to distinguish SCO streams.
Stream Number increase any time when new SCO connection is created.
Change-Id: I6cf68914112980cdbad345e52469bf2baf214551
Reviewed-on: https://code.wireshark.org/review/8510
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Michal Labedzki [Fri, 1 May 2015 13:13:13 +0000 (15:13 +0200)]
Bluetooth: SCO: Add Connect/Disconnect tracking
Change-Id: I4db44628d60ec8ae22b625649e971b344f450ed9
Reviewed-on: https://code.wireshark.org/review/8509
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Michal Labedzki [Thu, 30 Apr 2015 13:44:42 +0000 (15:44 +0200)]
Bluetooth: SCO: Add Missing fields
Missing fields are: Reserved, Packet Status.
Change-Id: Ia9edb23e3fc8c45d12931200dd02f0d3eef87c48
Reviewed-on: https://code.wireshark.org/review/8508
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Michal Labedzki [Mon, 20 Apr 2015 11:46:01 +0000 (13:46 +0200)]
Bluetooth: ATT: Enable UUID128 field
API used by this field is implemented, so field can be enabled now.
Change-Id: Ifc8de81157c9b125ba769d14ec57a498d9810c5f
Reviewed-on: https://code.wireshark.org/review/8507
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Michal Labedzki [Sun, 19 Apr 2015 17:08:13 +0000 (19:08 +0200)]
Bluetooth: OBEX: Add DecodeAs by Type aka MIME Type
Also map some Types to Dissector Table dissectors.
Change-Id: I1a1924924ac569368b3a4fafdc05c98e4a8d4841
Reviewed-on: https://code.wireshark.org/review/8506
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Michal Labedzki [Sun, 5 Apr 2015 11:57:53 +0000 (13:57 +0200)]
Bluetooth: OBEX: Add Current Path tracking info
It will be useful for analysis. Also support partialy known path,
unknown part is shown as "?".
Change-Id: I0299e64d233022d1941b364afc4a6be0c9f4d23e
Reviewed-on: https://code.wireshark.org/review/8505
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Jeff Morriss [Mon, 18 May 2015 00:33:12 +0000 (20:33 -0400)]
Add IP Detail Record dissector to the Release Notes.
Change-Id: I6c5405beef4e8d880d73d9706e61e953431cce4f
Reviewed-on: https://code.wireshark.org/review/8504
Reviewed-by: Michael Mann <mmann78@netscape.net>
Evan Huus [Sun, 17 May 2015 14:31:38 +0000 (10:31 -0400)]
ntlmssp: swap bounds check and length for memcpy
The values make more sense swapped (and the code is super-old) so I'm assuming
this was just a long-uncaught typo. Fixes a valgrind error at any rate.
Also replace a malloc+memcpy with a memdup for simplicity.
Bug: 11203
Change-Id: I74c0aff548b844cf90610db56a143f3eac172658
Reviewed-on: https://code.wireshark.org/review/8493
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Guy Harris [Sun, 17 May 2015 21:35:50 +0000 (14:35 -0700)]
Update some comments.
There's all sorts of interesting stuff out there on the Intertubes if
you happen to be searching for the right thing.
Change-Id: Ib5e18ece5dfaa284ece8cfda23887a9408c8318e
Reviewed-on: https://code.wireshark.org/review/8503
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Michael Mann [Sun, 17 May 2015 20:33:21 +0000 (16:33 -0400)]
Add IPDR dissector
Bug: 2771
Change-Id: Ic2904c981a182be5859c3840025e7ffa9ea387ed
Reviewed-on: https://code.wireshark.org/review/8501
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Joerg Mayer [Sun, 17 May 2015 20:59:12 +0000 (22:59 +0200)]
Fix some files to pass the pre-commit hook script.
Change-Id: I105bf4e03fcf95cf7541f6377215809759fd933e
Reviewed-on: https://code.wireshark.org/review/8502
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Guy Harris [Sun, 17 May 2015 19:38:04 +0000 (12:38 -0700)]
Improve comments, fix capitalization of "Aruba".
Give better comments describing the 5 different formats Aruba equipment
can use.
It's "Aruba Networks", not "ARUBA" anything.
Change-Id: I300d77375e8182b60e830cb545d8802c1a49569c
Reviewed-on: https://code.wireshark.org/review/8500
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Sun, 17 May 2015 19:19:47 +0000 (12:19 -0700)]
Make the human-readable names the same in the preferences and the packets.
Change-Id: Ie00c81e9893412cc322cfb08e8b5b5f4e5ce47e4
Reviewed-on: https://code.wireshark.org/review/8499
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Sun, 17 May 2015 18:17:30 +0000 (11:17 -0700)]
Update a URL.
Change-Id: I51e884815a83bd44b528d5dd86f98d0ea51719f9
Reviewed-on: https://code.wireshark.org/review/8498
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Gerald Combs [Sun, 17 May 2015 15:07:52 +0000 (08:07 -0700)]
[Automatic update for 2015-05-17]
Update manuf, services enterprise-numbers, translations, and other items.
Change-Id: Ic345ff4e7b46ee43af35ebbdda32ffc25e793c65
Reviewed-on: https://code.wireshark.org/review/8495
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Alexis La Goutte [Fri, 15 May 2015 17:07:38 +0000 (19:07 +0200)]
HTTP2: Update to final RFC
Change-Id: I0b19d4576b652dc9dd94346c75945e0bdc554a0e
RFC7540: Hypertext Transfer Protocol Version 2 (HTTP/2)
RFC7541: HPACK: Header Compression for HTTP/2
Reviewed-on: https://code.wireshark.org/review/8478
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Alexis La Goutte [Fri, 15 May 2015 16:54:49 +0000 (18:54 +0200)]
nghttp2: use <> for include glib.h
Change-Id: I6fdb72322dca514a774ab074c26128f70992a8f7
Reviewed-on: https://code.wireshark.org/review/8476
Reviewed-by: Michael Mann <mmann78@netscape.net>
Joerg Mayer [Sun, 17 May 2015 07:12:07 +0000 (09:12 +0200)]
packet-skinny.c is a generated file nowadays.
Apply commit
0970872a4cfdba0d9de913da036717ac2167297a to the source file
as well.
Change-Id: I9cc69bf5de3318b9a930bde3455a320880976af7
Reviewed-on: https://code.wireshark.org/review/8492
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Guy Harris [Sat, 16 May 2015 22:52:31 +0000 (15:52 -0700)]
struct timeval not used, so no need for <sys/time.h>.
Change-Id: I5f635f354db68f1cff0874f3cd0ba09c87edad1d
Reviewed-on: https://code.wireshark.org/review/8491
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Sat, 16 May 2015 22:49:38 +0000 (15:49 -0700)]
Do all floating-point work in double-precision.
That squelches some double -> float warnings.
Change-Id: I19b8049698c7931e8c146d9532fc65ee091e4c24
Reviewed-on: https://code.wireshark.org/review/8490
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Sat, 16 May 2015 20:48:04 +0000 (13:48 -0700)]
Use nstime_t for time stamps.
Don't roll our own time stamp handling, use nstime_t. That also gives
us nanosecond resolution, for what that's worth.
Change-Id: Ib9945bdef5a70e1656b96995f510507da36b4b59
Reviewed-on: https://code.wireshark.org/review/8489
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Alexis La Goutte [Sat, 16 May 2015 16:02:12 +0000 (18:02 +0200)]
SIP: Fix typo lenght => length
Change-Id: Ib533bd2526c27cf5f1161616fcf52136e40c827a
Reviewed-on: https://code.wireshark.org/review/8484
Reviewed-by: Michael Mann <mmann78@netscape.net>
Evan Huus [Sat, 16 May 2015 14:48:40 +0000 (10:48 -0400)]
megaco: handle missing tokens
Fix an infinite loop when no transaction end offset is present and
`megaco_tvb_find_token` returns -1.
Bug: 11193
Change-Id: I82c7b795e522efca674787e504427f64b8c28fc4
Reviewed-on: https://code.wireshark.org/review/8483
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Guy Harris [Sat, 16 May 2015 18:37:28 +0000 (11:37 -0700)]
Have per-queued-packet flags, including "is a packet in error".
The contents of the packet_info structure change during the dissection
process, so you can't rely on its contents when running tap listeners.
Bug: 11184
Change-Id: I52fc45774add56ee2bcb5faef2af7c731b4304fd
Reviewed-on: https://code.wireshark.org/review/8486
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Graham Bloice [Sat, 16 May 2015 14:10:53 +0000 (15:10 +0100)]
Remove odd characters
Change-Id: Ie861badb555e235199549ee27ca374feb6356be6
Reviewed-on: https://code.wireshark.org/review/8482
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Evan Huus [Wed, 13 May 2015 01:53:32 +0000 (21:53 -0400)]
tap: Add ability to reject/ignore "error" packets in tap
ICMP (and a few other protocols) can carry "error packets" as payloads in
certain cases. In the same way that we don't (by default) call TCP reassembly
code on TCP packets we know are out-of-order, we also shouldn't call tap code on
frames carried in ICMP error packets.
Bug: 11184
Change-Id: Ie83dbb505c8fdc15c5554705488c16fa0274a06a
Reviewed-on: https://code.wireshark.org/review/8446
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Alexis La Goutte [Fri, 15 May 2015 16:43:09 +0000 (18:43 +0200)]
Main (menubar): fix C++ style comments are not allowed in ISO C90
Change-Id: Ia8ae6780027a63c4a88ea8d2a10ba1e0f8931f25
Reviewed-on: https://code.wireshark.org/review/8472
Reviewed-by: Michael Mann <mmann78@netscape.net>
Gerald Combs [Fri, 15 May 2015 20:36:04 +0000 (13:36 -0700)]
Qt: Stop tapping when the I/O Graph dialog closes.
Add a setCaptureStopFlag function to ProgressBar. Add a stopTapping
function and setCaptureStopFlag signal to CaptureFile. Use the new
plubming to stop tapping when the IO Graph dialog closes.
Bug: 10116
Change-Id: Ic46814eed18933f511d9d1ff37e2e7918741f353
Reviewed-on: https://code.wireshark.org/review/8480
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Fri, 15 May 2015 18:08:18 +0000 (11:08 -0700)]
Qt: Make sure we can fetch ExportDissectionDialog's layout.
Make sure ExportDissectionDialog is a non-native, funny-looking file
dialog so that we can fetch its layout.
Fix and add some URLs while we're here.
Bug: 11122
Change-Id: Icf62f7a436c7ba27ec20f84e7c1af1a5d7c9b949
Reviewed-on: https://code.wireshark.org/review/8479
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Pascal Quantin [Fri, 15 May 2015 16:13:49 +0000 (18:13 +0200)]
MBIM: add checks on the maximum string or PDU size allowed
Change-Id: I10912bbe5a4ee38732a200b595b8d34dfa40c698
Reviewed-on: https://code.wireshark.org/review/8475
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Gerald Combs [Fri, 15 May 2015 16:43:18 +0000 (09:43 -0700)]
Qt: Fixup sequence dialog buttons.
Switch from "Save As" + Cancel + OK to "Save As" + Close.
Change-Id: I6f1093965f90fe9cbbfbf053779c05388c897641
Reviewed-on: https://code.wireshark.org/review/8474
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Fri, 15 May 2015 16:04:02 +0000 (09:04 -0700)]
Qt: Fix packet deselection.
When no packets are selected, clear the related item delegate, packet
detail, and byte view. Also, don't crash.
Bug: 10529
Change-Id: I1f46d0d60d060d517f1ee2f8b5a9124bc1fad00e
Reviewed-on: https://code.wireshark.org/review/8470
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Edwin Groothuis [Fri, 15 May 2015 00:15:44 +0000 (20:15 -0400)]
ui/mcast_stream.c: Add dependency on sys/time.h for struct timeval
Needed to compile on FreeBSD.
Bug: 11199
Change-Id: I6b10a0954020d58dcec93364ebecc8a7069ac8f3
Reviewed-on: https://code.wireshark.org/review/8467
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Edwin Groothuis [Fri, 15 May 2015 11:30:02 +0000 (13:30 +0200)]
androiddump: fix compilation under FreeBSD
Bug: 11200
Change-Id: Ic46b235c84488bb8537ec3c2605e6770eb843795
Reviewed-on: https://code.wireshark.org/review/8469
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Roland Knall [Mon, 9 Mar 2015 07:11:13 +0000 (08:11 +0100)]
Qt: Implement "Apply as Column" for packet context
Implement the same functionality for "Apply as Column" as it
exists in the GTK version of Wireshark. Especially for the
context menu in the packet view panel.
Change-Id: Id25b7797616ff3b3acf7aa920395516c8a4e9bf9
Reviewed-on: https://code.wireshark.org/review/7604
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Gerald Combs [Thu, 14 May 2015 22:37:55 +0000 (15:37 -0700)]
Pop the display filter status when it loses focus.
Change-Id: I7878fd99f8b773f8c550a6d2416e9e2d44abd321
Reviewed-on: https://code.wireshark.org/review/8466
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Thu, 14 May 2015 22:12:12 +0000 (15:12 -0700)]
Don't complete the current field.
Change-Id: If2b16783d08d23df427ac9b9c86984245db56d53
Reviewed-on: https://code.wireshark.org/review/8465
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Thu, 14 May 2015 22:00:07 +0000 (15:00 -0700)]
Fix display filter completion behavior.
Allow completion for mismatched protocol and filter names.
Change-Id: I1d1e6b8f16d4d2d331b915c199f857835dcc1c53
Ping-bug: 11187
Reviewed-on: https://code.wireshark.org/review/8464
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Thu, 14 May 2015 17:25:56 +0000 (10:25 -0700)]
Fix packet list font zooming.
Change-Id: I376fc3b41e9ebbe1353527d8d3bbf8d4b86cc29a
Reviewed-on: https://code.wireshark.org/review/8463
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Pascal Quantin [Thu, 14 May 2015 15:31:30 +0000 (17:31 +0200)]
USB COM: add dissection of Ethernet Networking Functional Descriptor
Change-Id: Id5023090b5b80ca12695fc9e012a59f53b30479c
Reviewed-on: https://code.wireshark.org/review/8461
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Gerald Combs [Thu, 14 May 2015 16:28:29 +0000 (09:28 -0700)]
Qt: Apply protocol preferences.
Make sure we call prefs_apply_all when saving preferences.
Bug: 11119
Change-Id: Iacf1e28e69c2aebcbbd7dceaa210c8219663665f
Reviewed-on: https://code.wireshark.org/review/8462
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Wed, 13 May 2015 22:46:51 +0000 (15:46 -0700)]
Qt: Column preference fixes.
Don't call redrawVisiblePackets in PacketList::sectionResized. Otherwise
we trigger the crash in bug 11179. Call recent_set_column_width instead.
Clean up the slots called when column preferences change and when recent
column widths change.
Update our column visibility in redrawVisiblePackets.
Use recent_get_column_width when writing the recent file. columnWidth
doesn't return a valid value when we're not visible.
Bug: 11179.
Change-Id: I34ab93d944b341e42129a1c8ff94ba8f7ad4f5fc
Reviewed-on: https://code.wireshark.org/review/8457
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Thu, 14 May 2015 15:28:08 +0000 (08:28 -0700)]
Add a comment explaining completion misbehavior.
Note that field name completion won't work correctly if a field's abbrev
doesn't match its protocol filter name. Fixing this is left as an exercise
for the reader.
Change-Id: Ia9b55f20bf58b8252e27506bcce4a0dd71cc199c
Reviewed-on: https://code.wireshark.org/review/8460
Reviewed-by: Gerald Combs <gerald@wireshark.org>
cff339 [Thu, 14 May 2015 03:16:17 +0000 (11:16 +0800)]
GSM A RR: fix 'packet channel description' dissection
It should support decoding 'MA_NUMBER_IND' and 'CHANGE_MARK_1'.
Signed-off-by: cff339 <cff339@gmail.com>
Change-Id: I634f326b4741b8853a631e6da2e9c056f60781ef
Reviewed-on: https://code.wireshark.org/review/8458
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Guy Harris [Thu, 14 May 2015 07:46:26 +0000 (00:46 -0700)]
Register the IPv4 and IPv6 dissectors directly with WTAP_ENCAP_RAW_IP{4,6}.
No need to run them through the "raw IP" dissector.
Change-Id: I63639651873f00326a20b88a08ecb4ab3b9a83b3
Reviewed-on: https://code.wireshark.org/review/8459
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Jeff Morriss [Wed, 13 May 2015 18:04:45 +0000 (14:04 -0400)]
Don't put an expert info on every single raw frame (even if it was just a Note).
It's completely normal that there's no link information when you're dissecting
raw packets. This does leave the Raw protocol tree without any children
(which looks a little funny) but I don't want to take it out and I don't see
anything useful to put under it.
Also change the Raw protocol item to cover all the bytes of the TVB (like the
frame item).
Change-Id: I44c1ac954c9989273d0c461ba366caba0a480ea6
Reviewed-on: https://code.wireshark.org/review/8454
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Gerald Combs [Wed, 13 May 2015 19:34:25 +0000 (12:34 -0700)]
Qt: Add the correct column width padding.
When applying recent column widths, add the correct padding in the
right place.
Bug: 11175
Change-Id: I5a6fe7975764ddc5d9024d8839a837579b2bf799
Ping-Bug: 11179
Reviewed-on: https://code.wireshark.org/review/8456
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Tue, 12 May 2015 23:28:39 +0000 (16:28 -0700)]
Qt: Don't set ProtoTree::uniformRowHeights.
Some packet detail items contain multiple lines. Show them, which
duplicates the GTK+ UI behavior. Add a note about adding a custom item
delegate if this affects performance.
Make item labels QStrings while we're here.
Bug: 10225
Change-Id: Ia39320028ecff5fe7fa3e4c09ff37405986b7f6e
Reviewed-on: https://code.wireshark.org/review/8445
Tested-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Gerald Combs [Wed, 13 May 2015 19:04:05 +0000 (12:04 -0700)]
Fix an error found by Valgrind.
Change-Id: I9f0adac70129c90b4bf1e678bece6c6b8b8b4b75
Reviewed-on: https://code.wireshark.org/review/8455
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Alexis La Goutte [Wed, 13 May 2015 06:02:58 +0000 (08:02 +0200)]
QCustomPlot: fix division(or modulo) by zero found by Clang and Coverity (CID
1159170 &
1159171)
Try 2
Change-Id: I10c439ccd4b8e5ac24275332e35fb35ad95b8d1b
Reviewed-on: https://code.wireshark.org/review/8447
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Gerald Combs [Wed, 13 May 2015 16:25:41 +0000 (09:25 -0700)]
Try to avoid duplicate display filter completions.
When adding recent filters to the completion list, skip over items that
look like fields and assume they'll be added further down the line.
Change-Id: Ief1e7aeebf91504becc2e07ba9cad66a90d8c7f3
Reviewed-on: https://code.wireshark.org/review/8453
Reviewed-by: Gerald Combs <gerald@wireshark.org>
AndersBroman [Wed, 13 May 2015 15:54:19 +0000 (17:54 +0200)]
[Thrift] Strengthen the heuristic.
Change-Id: I9e0676f36f8c5cb7fb344640333c8d32990e0a1e
Reviewed-on: https://code.wireshark.org/review/8452
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Francesco Fondelli [Wed, 13 May 2015 14:41:45 +0000 (16:41 +0200)]
PCEP: fix SID parsing, label is the first 20 bits
Change-Id: I13d2ff79b171b232dd4e1e1082beeae2e36dec51
Signed-off-by: Francesco Fondelli <francesco.fondelli@gmail.com>
Reviewed-on: https://code.wireshark.org/review/8451
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Wed, 13 May 2015 06:12:13 +0000 (08:12 +0200)]
MEGACO: Fix Dead Store (Dead assignement/Dead increment) warning found by Clang
Change-Id: Iee615c46fcb5dd0ced55d971c5f70bc7c970f9a6
Reviewed-on: https://code.wireshark.org/review/8448
Reviewed-by: Anders Broman <a.broman58@gmail.com>
AndersBroman [Wed, 13 May 2015 12:20:49 +0000 (14:20 +0200)]
[GCP] Add a command string when there's no context tracking.
Change-Id: I26235f172d97e5c4f6e52d3816675deb1849d988
Reviewed-on: https://code.wireshark.org/review/8450
Reviewed-by: Anders Broman <a.broman58@gmail.com>
AndersBroman [Wed, 13 May 2015 11:26:06 +0000 (13:26 +0200)]
[VoIP] There has to be two separate routines for MEGACO and H248 as
tap_id_offset is used to access tapinfo. Fixes a crash rported in
Bug: 11132
Change-Id: I32ada3e0eb16d0e128ff67c5aec499890602eab0
Reviewed-on: https://code.wireshark.org/review/8449
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Michael Mann [Mon, 11 May 2015 23:43:38 +0000 (19:43 -0400)]
Change the formatting strings used to create the Conversation Filter submenu
Bug: 11178
Change-Id: I4a5ae1399da8206efb29c059437d56da06a539a9
Reviewed-on: https://code.wireshark.org/review/8417
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Guy Harris [Tue, 12 May 2015 22:23:27 +0000 (15:23 -0700)]
Remove trailing whitespace.
Change-Id: I7be78c8759255f14efd1b794bfefad9a18428670
Reviewed-on: https://code.wireshark.org/review/8444
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Tue, 12 May 2015 22:21:44 +0000 (15:21 -0700)]
More cleanly handle 3-byte IPv4 addresses.
Make a union of the 4 bytes of the address and the address as a 32-bit
integer, and fill in the bytes differently based on whether it's an
interior or exterior route. Rather than just casting a pointer to a
byte to a pointer to a 4-byte integer - which may not be safe, as the
byte array might not be properly aligned - just use the integer member
of the union.
Change-Id: Ic0e78a832cedb9a5a8d435a6c911409b17e41685
Reviewed-on: https://code.wireshark.org/review/8443
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Gerald Combs [Tue, 12 May 2015 22:09:16 +0000 (15:09 -0700)]
Add casts to fix clang warnings.
Change-Id: I0059536cb68fb3ef313f3166bf18444a89b4eea3
Reviewed-on: https://code.wireshark.org/review/8442
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Guy Harris [Tue, 12 May 2015 22:09:41 +0000 (15:09 -0700)]
Fix check for NUL at the end of a string.
*seq[slength - 1] means *(seq[slength - 1]), where seq points to a
"const gchar *", so it fetches the pointer at an offset of slength - 1
from the pointer to which seq points, and dereferences that pointer.
What's wanted is (*seq)[slength - 1], i.e. fetch the pointer to which
seq points, and fetch the byte at an offset of slength - 1 from the byte
to which said pointer points.
Change-Id: I7246f5e6093d035bad59be530893f3fc54dad97e
Reviewed-on: https://code.wireshark.org/review/8441
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Gerald Combs [Tue, 12 May 2015 19:35:54 +0000 (12:35 -0700)]
Qt: Display filter completion fixes.
Fixup the logic for adding field names to the list.
Connect our completer activation signal to its slot once, not twice.
Bug: 11187
Change-Id: Ife1879fe05c870094ee31e59dd62e3004f588bfc
Reviewed-on: https://code.wireshark.org/review/8440
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Pascal Quantin [Tue, 12 May 2015 20:56:15 +0000 (22:56 +0200)]
OSPF: fix dissection of Router Address TLV
Bug: 11190
Change-Id: Ic6585e44767c1c80a7090dc94205eb33cf15c083
Reviewed-on: https://code.wireshark.org/review/8437
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Gerald Combs [Tue, 12 May 2015 18:26:59 +0000 (11:26 -0700)]
Qt: Add packet list navigation checks.
Add sanity checks to go{First,Last,Next,Previous}Packet.
Bug: 11085
Change-Id: I6c33ea314720935aa1881257e9f32732134eec31
Reviewed-on: https://code.wireshark.org/review/8433
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Pascal Quantin [Tue, 12 May 2015 16:43:30 +0000 (18:43 +0200)]
USB: allow to call sub dissectors for setup response packets without transaction available
This is useful when people export displayed packets of a USB sub dissector (like MBIM) without keeping
the USB setup requests and still expect to have "Decode As" functionality working
Change-Id: Iad32ddc7b87544ff568a091f03e393a106f38554
Reviewed-on: https://code.wireshark.org/review/8430
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Alexis La Goutte [Tue, 12 May 2015 13:54:30 +0000 (15:54 +0200)]
PIM: Add PIM IP version field for PIMv1 too
Change-Id: I455a4f81798c7a99a48551ae362dabf2b697cf88
Reviewed-on: https://code.wireshark.org/review/8427
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michael Mann [Fri, 8 May 2015 15:47:05 +0000 (11:47 -0400)]
Overhaul the MEGACO dissector.
1. Have megaco dissector display fields as their are "interpreted", not as raw data with "interpretation" as a subtree
2. Replace/remove proto_tree_add_text
3. Convert some "numeric string fields" into numeric values.
4. Add some more dissection discovered while looking for sample captures.
Bug: 6732
Ping-Bug: 10909
Change-Id: Ie051a8a16ef2355681a24be8789bae0971632cd1
Reviewed-on: https://code.wireshark.org/review/8382
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Mon, 11 May 2015 10:32:33 +0000 (12:32 +0200)]
PIM: Remove trailing whitespace before comma
Change-Id: I7798ddd6db4a98cfe9cc96275f56837ef3bf0b1e
Reviewed-on: https://code.wireshark.org/review/8399
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Mon, 11 May 2015 10:30:19 +0000 (12:30 +0200)]
PIM: Enhance code
Use proto_tree_add_item when it is possible
Add display of reserved field...
Change-Id: Id47c237f06e28e7d5dfbd92848dc26a7496cf799
Reviewed-on: https://code.wireshark.org/review/8398
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Mon, 11 May 2015 08:20:45 +0000 (10:20 +0200)]
PIM: Remove proto_tree_add_text
rewrite display of PIM(v1) Address and remove last proto_tree_add_text call :)
Change-Id: I020970e80338d15dbe68e32713b8ada31fd0a4e2
Reviewed-on: https://code.wireshark.org/review/8397
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Alexis La Goutte [Sun, 10 May 2015 19:16:00 +0000 (21:16 +0200)]
PIM: Remove proto_tree_add_text
only 2 proto_tree_add_text calls, (it will be remove on another patch)
Change-Id: I670e37bbbe1cc3ae740a94cd620fa14f20cb9feb
Reviewed-on: https://code.wireshark.org/review/8396
Reviewed-by: Michael Mann <mmann78@netscape.net>
Jeff Morriss [Mon, 11 May 2015 19:45:04 +0000 (15:45 -0400)]
Fix Diameter reassembly when the captured tvb length is less than 5 bytes.
Since Diameter does heuristic checks before calling tcp_dissect_pdus() we
have to "manually" ask for more data if the tvb is too short for our
heuristics.
Bug: 11183
Change-Id: I14c36042306b532b53df80cc3971866b76094084
Reviewed-on: https://code.wireshark.org/review/8405
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Marius [Tue, 12 May 2015 11:35:34 +0000 (13:35 +0200)]
Diameter: Add support for Sd interface
Bug: 11186
Change-Id: I3aed8818dd021c72b2cb1fb51adc717613c501ea
Reviewed-on: https://code.wireshark.org/review/8425
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Pascal Quantin [Mon, 11 May 2015 21:46:17 +0000 (23:46 +0200)]
MBIM: fix dissection of captures taken on a Linux host
- ensure that MBIM tree is not below URB setup one
- do not try to dissect an empty tvb
Change-Id: I8c6655727eec7df84882fd861d5581848340e0f3
Reviewed-on: https://code.wireshark.org/review/8410
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Pascal Quantin [Mon, 11 May 2015 21:24:05 +0000 (23:24 +0200)]
USB COM: add dissection of ECM Management Element Notifications
Change-Id: I9395c5e7974526d9be5cceca479e840dca5ff71e
Reviewed-on: https://code.wireshark.org/review/8409
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Guy Harris [Tue, 12 May 2015 02:40:59 +0000 (19:40 -0700)]
In the name of God and all that is holy, don't do that.
http://www.bitterfilms.com/rejected.html
1) There is *NO* guarantee that you can safely dereference a misaligned
pointer.
2) There is *NO* guarantee that you are running on a little-endian
machine, so that an attempt to fetch a 32-bit integer through such a
pointer will fetch it in little-endian form.
Instead, fetch it using tvb_get_letohl(), which 1) doesn't care about
alignment and 2) always fetches in little-endian order.
Change-Id: I44721cbf3c4456797990cc741836c9dd8c6c3696
Reviewed-on: https://code.wireshark.org/review/8423
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris [Tue, 12 May 2015 00:22:30 +0000 (17:22 -0700)]
In the name of God and all that is holy, don't do that.
http://www.bitterfilms.com/rejected.html
1) There is *NO* guarantee that you can safely dereference a misaligned
pointer.
2) There is *NO* guarantee that you are running on a little-endian
machine, so that an attempt to fetch a 32-bit integer through such a
pointer will fetch it in little-endian form.
Instead, fetch it using tvb_letohl(), which 1) doesn't care about
alignment and 2) always fetches in little-endian order.
Change-Id: I30ad6607b7c6d5047245bfcfdcbe757b02d02172
Reviewed-on: https://code.wireshark.org/review/8422
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Gerald Combs [Tue, 12 May 2015 00:14:38 +0000 (17:14 -0700)]
Qt: Expert info → Expert information.
Change-Id: I6cf87a1c63a4b34678667396d836d15766155b1a
Reviewed-on: https://code.wireshark.org/review/8420
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Guy Harris [Tue, 12 May 2015 00:14:54 +0000 (17:14 -0700)]
Don't cast pointers when they're assigned to the data field of an address.
That field is just a void *, so there's no need to cast them, and at
least one of those casts generates alignment warnings with -Wcast-align.
Change-Id: I88e22a794a8c990b01e7ed8f45951a2665febbc1
Reviewed-on: https://code.wireshark.org/review/8421
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Gerald Combs [Mon, 11 May 2015 23:42:52 +0000 (16:42 -0700)]
Speed up display filter completion.
Don't loop over non-matching fields. This improves completion performance
considerably on Windows (where it was noticeable).
Change-Id: I7f526fe960c5c41da5ae847b04be25d65ca42bb1
Reviewed-on: https://code.wireshark.org/review/8418
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Guy Harris [Mon, 11 May 2015 22:45:38 +0000 (15:45 -0700)]
Get rid of now-empty and unneeded structure.
Change-Id: I4c557c49a6d6013dff129515cdfadb496529ff35
Reviewed-on: https://code.wireshark.org/review/8414
Reviewed-by: Guy Harris <guy@alum.mit.edu>
git.samba.org / metze / wireshark / wip.git / log