metze/wireshark/wip.git
15 months agoTest: Add UTF-8 filter tests.
Gerald Combs [Wed, 30 May 2018 20:32:20 +0000 (13:32 -0700)]
Test: Add UTF-8 filter tests.

Change-Id: Ic1e961802e716b5c446428efa068a6205faab954
Reviewed-on: https://code.wireshark.org/review/27912
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
15 months agoifaddrs.h may require sys/types.h to be included first.
Guy Harris [Wed, 30 May 2018 20:35:04 +0000 (13:35 -0700)]
ifaddrs.h may require sys/types.h to be included first.

That's the case on DragonFly BSD 5.2.1, at least.

Change-Id: I8bbd51462d74380004c611183f4b9229f4d20ff6
Reviewed-on: https://code.wireshark.org/review/27913
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoDiameter: Remove make file.
Anders [Wed, 30 May 2018 14:09:34 +0000 (16:09 +0200)]
Diameter: Remove make file.

Change-Id: Ia5171fb445fc1fd66ad6f5b304ef0dd0b223ad34
Reviewed-on: https://code.wireshark.org/review/27910
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoQt:Fix ProtoTree Copy
Roland Knall [Fri, 25 May 2018 13:19:46 +0000 (15:19 +0200)]
Qt:Fix ProtoTree Copy

There was an issue, where siblings where not copied correctly.

Bug:14355
Change-Id: I31611a6731f3f4de6b204c7ee708e42f0b7b170c
Reviewed-on: https://code.wireshark.org/review/27802
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
15 months agoZBEE-NWK-GP: Correct the number of leading 0s in display
atsju [Tue, 29 May 2018 12:34:32 +0000 (14:34 +0200)]
ZBEE-NWK-GP: Correct the number of leading 0s in display

Change-Id: Ib5004d5fb96c6ea6116a89a09d38478af6f5ce4f
Reviewed-on: https://code.wireshark.org/review/27893
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoQt: use data() instead of constData() in pcap_compile().
Dario Lombardo [Tue, 29 May 2018 16:25:49 +0000 (18:25 +0200)]
Qt: use data() instead of constData() in pcap_compile().

In different versions of libpcap, pcap_compile() has a 3rd parameter
with or without const. Using a non-const variable, allow the auto
promotion to const possible, but not the vice-versa.

Fixes compilation on OpenBSD.

Change-Id: I72162a4ea419668b6222e84bf5525a6c48fddd52
Reviewed-on: https://code.wireshark.org/review/27896
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
15 months agoAdd valgrind support to randpkt-test.sh.
Darius Davis [Wed, 23 May 2018 08:53:59 +0000 (18:53 +1000)]
Add valgrind support to randpkt-test.sh.

There's already valgrind support in fuzz-test.sh; This change simply clones the
relevant fragments of script into randpkt-test.sh, making very minor tweaks as
needed.  Valgrind support in randpkt-test.sh is enabled through the "-g"
command-line option, just like with fuzz-test.sh.

In my testing here, it seems MAX_LEAK could be reduced somewhat, but I don't
think that that belongs as part of this change; I've simply kept the MAX_LEAK
value from fuzz-test.sh.

While we're here, the last line of valgrind-wireshark.sh launches a subprocess,
and that shell then simply returns its exit code, so there is no need for the
shell to stick around.  So, let's use "exec" here to replace the shell with the
new process.

Testing Done: On Linux amd64, ran several iterations of randpkt-test.sh and
   fuzz-test.sh, both with and without the "-g" option.

Change-Id: I87cc63559dc2e66c42c905f46657ce40cabf0104
Reviewed-on: https://code.wireshark.org/review/27741
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoQt: fix memleaks on opening a context menu
Peter Wu [Sun, 27 May 2018 09:48:57 +0000 (11:48 +0200)]
Qt: fix memleaks on opening a context menu

FrameInformation was never deallocated, leaking the whole pinfo scope.
Fix a dealloc-alloc-mismatch (packet_data_ was g_memdup'd). Attach the
DataPrinter menu actions to the action group instead of the singleton
DataPrinter instance, this enables freeing the actions when the submenu
is gone rather than clearing this at program exit.

Reported by ASAN.

Change-Id: If13af94a60b07b0e52973ccc5c437ef987bfb394
Fixes: v2.5.0rc0-1627-g8a6ea0e454 ("Qt: Further cleanup ByteView")
Reviewed-on: https://code.wireshark.org/review/27844
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoQt: fix memleaks in protocol preferences menu
Peter Wu [Sat, 26 May 2018 12:07:06 +0000 (14:07 +0200)]
Qt: fix memleaks in protocol preferences menu

Reported by ASAN.

Change-Id: I0e7578d6583dc11312d95108331b6a743d7d5514
Reviewed-on: https://code.wireshark.org/review/27832
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoQt: fix memleak in PacketList::contextMenuEvent
Peter Wu [Sat, 26 May 2018 12:06:18 +0000 (14:06 +0200)]
Qt: fix memleak in PacketList::contextMenuEvent

Change-Id: I925d2e1529a70aaf403896a4d7df3f491265916d
Fixes: v1.99.7rc0-225-g26dacfc8c3 ("Qt: Add protocol preferences menus.")
Reviewed-on: https://code.wireshark.org/review/27831
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoQt: fix memleak from cf_get_display_name
Peter Wu [Sat, 26 May 2018 11:32:06 +0000 (13:32 +0200)]
Qt: fix memleak from cf_get_display_name

Free the memory as documented.

Change-Id: I8a8842160be676bb08f5b93e795b9ed8edef2ede
Reviewed-on: https://code.wireshark.org/review/27829
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoAdd PROXY(v2) protocol
Alexis La Goutte [Thu, 10 Sep 2015 22:50:45 +0000 (00:50 +0200)]
Add PROXY(v2) protocol

Bug: 14506
Change-Id: I399f3a94583985a5d036ac26438e0c5bc5a70c85
Reviewed-on: https://code.wireshark.org/review/10626
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months ago.mailmap: update of May (2018)
Alexis La Goutte [Sun, 27 May 2018 19:10:30 +0000 (21:10 +0200)]
.mailmap: update of May (2018)

Change-Id: Id7ea1cde7d08f17a55f7426e1fced00445bd07e8
Reviewed-on: https://code.wireshark.org/review/27852
Reviewed-by: Mikael Kanstrup <mikael.kanstrup@gmail.com>
Reviewed-by: Dirk Roemmen <dro@cslab.de>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agohttp: continue parsing in spite of illegal header name
Peter Wu [Wed, 16 May 2018 20:21:36 +0000 (22:21 +0200)]
http: continue parsing in spite of illegal header name

While HTTP header names are restricted to a limited set, many
implementations basically read whole lines and then look for a colon.
Actual validation happens after that. Follow that approach to avoid
early termination of request/response headers and diagnose the issue.

This may break HTTP/0.9 response parsing, but nobody should be using
that now.

Bug: 10123
Change-Id: If435aa832effc83095f9b6b822a76cb46451e7de
Reviewed-on: https://code.wireshark.org/review/27605
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Craig Jackson <cejackson51@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agomstp: fix buffer overflow in COBS decoding
Peter Wu [Tue, 29 May 2018 15:10:39 +0000 (17:10 +0200)]
mstp: fix buffer overflow in COBS decoding

Fix a crash (denial of service) resulting from a large buffer overrun
(read) when the "MS/TP Length" is smaller than 3. If that is the case,
then an integer overflow will result in a large unsigned number.

Fix a buffer overflow (write) when the "code" (length) octet is 0. This
is illegal and would result in an integer overflow. With a specially
crafted encoded CRC-32K value, this could result in writing 255 bytes
past the end of buffer (xoring the octets with 0x55).

Make the meaning of the "length" parameter more obvious (include two
bytes such that it reflects the input and output buffer size).

Corrected based on the description in Section 9.10 of
http://www.bacnet.org/Addenda/Add-135-2012an-PPR2-draft-rc4_chair_approved.pdf
(note that its reference code also has this overflow issue).

Bug: 14771
Change-Id: Iac27e1151f02add4e54abb0fcae6afc94460ae23
Fixes: v2.9.0rc0-734-g0e517232a8 ("Added support for extended length BACnet MS/TP data frames.")
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8580
Reviewed-on: https://code.wireshark.org/review/27897
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dirk Roemmen <dro@cslab.de>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agowiretap: camins: add support for timestamps
Martin Kaiser [Tue, 1 May 2018 17:12:49 +0000 (19:12 +0200)]
wiretap: camins: add support for timestamps

A CAM inspector file maintains a global time counter in units of
1us. Set the correct resolution for the packet timestamps.

Keep track of the time counter when the file is loaded and we walk
through the file from start to end. Process timestamp blocks in the
file. Each of those blocks updates a part of the overall time counter.

Change-Id: I138cd8fb287e591b078babc2403a599287df1397
Reviewed-on: https://code.wireshark.org/review/27904
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoBoost the maximum frame size.
Guy Harris [Tue, 29 May 2018 23:44:09 +0000 (16:44 -0700)]
Boost the maximum frame size.

Lemon gets this error on its Parse() function, at least on FreeBSD 11.1
with its version of Clang.

Change-Id: I4fc1674373af5c0016ee953b61066bf6b24b7ad6
Reviewed-on: https://code.wireshark.org/review/27905
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoUse rel_time_to_secs_str() to format a time delta.
Guy Harris [Tue, 29 May 2018 18:40:01 +0000 (11:40 -0700)]
Use rel_time_to_secs_str() to format a time delta.

Change-Id: Iba90a9f38c61ea361f990ed1d5cb8859b93a32ba
Reviewed-on: https://code.wireshark.org/review/27902
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoRPC-over-RDMA: fix infinite loop
Peter Wu [Tue, 29 May 2018 10:27:19 +0000 (12:27 +0200)]
RPC-over-RDMA: fix infinite loop

When there are two segments, but zero requests, "i=1" will be reset to
"i=0" and an infinite loop occurs.

Change-Id: I32cb387ce0724936bcb5d5832b1c90d2bc585998
Fixes: v2.5.2rc0-100-g8f0f691312 ("RPC-over-RDMA: add reassembly for reply, read and write chunks")
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7138
Reviewed-on: https://code.wireshark.org/review/27891
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
15 months agoAdd the MATE documentation chapter to the User Guide
Jaap Keuter [Mon, 4 Jul 2016 21:21:28 +0000 (23:21 +0200)]
Add the MATE documentation chapter to the User Guide

With MATE being an integral part of Wireshark for a long time now and its
documentation being part of the Wiki for a while it is time to move it
into the Wireshark Users Guide.

All credits go to Luis Ontanon for creating MATE and the Wiki pages,
the various contributors to those pages and especially Pavel Sindelka for
the creation of the graphics.

This change merely incorporates the contents of the Wiki pages into an
asciidoc file for processing into documentation output. It is in no way a
claim to knowledge of or deep insight in the workings of MATE on my part.

Change-Id: Id9c60fd3ba4a52aafb988370ea7d658907970ccd
Reviewed-on: https://code.wireshark.org/review/27894
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoua3g: added setup of rtp/rtcp converstations from record-rtp message
Nicolas Bertin [Mon, 28 May 2018 14:48:31 +0000 (16:48 +0200)]
ua3g: added setup of rtp/rtcp converstations from record-rtp message

Change-Id: I167756da6cba0734cd0280528f9b5a303675d5b9
Reviewed-on: https://code.wireshark.org/review/27872
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agogtp: added "response in/to" for GPRS Data record
Joakim Karlsson [Mon, 28 May 2018 16:45:55 +0000 (18:45 +0200)]
gtp: added "response in/to" for GPRS Data record

According to TS 29.060, ch6.

Change-Id: I7945b483f73265a7eb5432094054c5d4683fd6f8
Reviewed-on: https://code.wireshark.org/review/27875
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoGTP: fix dissection of GGSN addresses in PDP Context ie
Ivan Nardi [Mon, 28 May 2018 15:00:42 +0000 (17:00 +0200)]
GTP: fix dissection of GGSN addresses in PDP Context ie

Change-Id: I468d253016118887ef90e57f179e3413cca14e40
Reviewed-on: https://code.wireshark.org/review/27889
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoGTPv2: improve visualization of PDN addresses
Ivan Nardi [Tue, 29 May 2018 05:54:25 +0000 (07:54 +0200)]
GTPv2: improve visualization of PDN addresses

Change-Id: I45df36c70bfcd5826de9c15b006570e2c7a36154
Reviewed-on: https://code.wireshark.org/review/27888
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoESP: fix a memory leak in UAT management
Pascal Quantin [Mon, 28 May 2018 13:14:56 +0000 (15:14 +0200)]
ESP: fix a memory leak in UAT management

When updating a SA, ensure to free the previous key before
allocating a new one.

Change-Id: I9e5486c8214d7ce2ea60dd52f9a10f9cfe2a1d20
Reviewed-on: https://code.wireshark.org/review/27870
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agotools: rename rpm_setup.sh to reflect other similar scripts.
Dario Lombardo [Sat, 26 May 2018 04:19:39 +0000 (06:19 +0200)]
tools: rename rpm_setup.sh to reflect other similar scripts.

Change-Id: Ie686d7c5b808d9b89ff47cd65830ae441de8f8a2
Reviewed-on: https://code.wireshark.org/review/27862
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agowsutil: fix compilation on freebsd.
Dario Lombardo [Fri, 25 May 2018 17:50:35 +0000 (19:50 +0200)]
wsutil: fix compilation on freebsd.

Change-Id: Iadb3f3daa1095ac9cc971f79ba4d288e8d835a44
Reviewed-on: https://code.wireshark.org/review/27864
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoIndicate *which* field would go past the MAX_TREE_ITEMS limit.
Guy Harris [Mon, 28 May 2018 18:37:20 +0000 (11:37 -0700)]
Indicate *which* field would go past the MAX_TREE_ITEMS limit.

That could help find the problem if all we have is the error message, as
it'd at least indicate where the problem is occurring.

Change-Id: I01154ff62088a4b710c131cb153e8e4593ebc3b2
Reviewed-on: https://code.wireshark.org/review/27878
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoFix test for early exit from MMSE dissector.
Guy Harris [Mon, 28 May 2018 18:22:52 +0000 (11:22 -0700)]
Fix test for early exit from MMSE dissector.

We don't need to dissect the body if 1) we're *not* building a protocol
tree (tree == NULL) *and* 2) the PDU doesn't have content that can be
handed off to subdissectors.

(Fix which vs. that issue in a comment while we're at it.)

Change-Id: I90890975c05e72cc9ebc776a21683905828f57b5
Reviewed-on: https://code.wireshark.org/review/27876
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoua3g: updated decoding of set-skin-id message
Nicolas Bertin [Mon, 28 May 2018 14:33:04 +0000 (16:33 +0200)]
ua3g: updated decoding of set-skin-id message

Change-Id: Id7c06ac8d25b4a2523604178389a2369b4f85d4c
Reviewed-on: https://code.wireshark.org/review/27871
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoua3g: fixed decoding of start-tone message
Nicolas Bertin [Mon, 28 May 2018 10:03:13 +0000 (12:03 +0200)]
ua3g: fixed decoding of start-tone message

Change-Id: I6ec9742b26daaa63d11c1fa47ec70fb5e6276848
Reviewed-on: https://code.wireshark.org/review/27868
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agosctp-analysis: Use g_list_free_full() in a couple of places.
Anders [Mon, 28 May 2018 08:59:15 +0000 (10:59 +0200)]
sctp-analysis: Use g_list_free_full() in a couple of places.

Change-Id: Ifd9517c562660ddee59feac1a7c234b9cdbbdf98
Reviewed-on: https://code.wireshark.org/review/27867
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoQt: select a better default Decode As table
Peter Wu [Sat, 26 May 2018 10:15:16 +0000 (12:15 +0200)]
Qt: select a better default Decode As table

USB has three possible tables, usb.device, usb.product and usb.protocol
(shown in that order in the Decode As dialog). For single packets with
no prior device descriptors, the last two tables have no valid selector
(integer zero). In such cases it seems more reasonable to use tables for
which a valid selector exists (for example, "usb.device").

Bug: 14717
Change-Id: I2319817fa11318a97519d8cfc912343b16224c12
Reviewed-on: https://code.wireshark.org/review/27820
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoSCTPAllAssocsDialog: fix memleak of "sctp_assocs"
Peter Wu [Sat, 26 May 2018 14:40:02 +0000 (16:40 +0200)]
SCTPAllAssocsDialog: fix memleak of "sctp_assocs"

"fillTable()" overwrites "sctp_assocs" with an external address.

Change-Id: I415d424f16a2306b1b79fde7b5f836458da14b16
Reviewed-on: https://code.wireshark.org/review/27833
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoCIP: Pull out segment parsing to separate functions
Dylan Ulis [Sat, 26 May 2018 14:17:28 +0000 (10:17 -0400)]
CIP: Pull out segment parsing to separate functions

dissect_cip_segment_single was huge and too hard to read and update.
This change pulls out segment parsing into individual functions to make
it easier to read, and will help with upcoming changes.

There are no functional changes. I verified that the packet parsing is
identical before and after using feature_cip_all_segments.pcap from
Bug: 12049

Main changes:
1. Pulled out the following code into separate functions:
   dissect_segment_port
   dissect_segment_safety
   dissect_segment_data_simple
   dissect_segment_ansi_extended_symbol
   dissect_segment_logical_service_id
   dissect_segment_logical_special
   dissect_segment_network
2. In dissect_cip_segment_single, no need to explictly check for zero
   segment_len in many cases because the function will already return
   zero in those cases.

Change-Id: Id437bb34dc665ac37f428b8fdab0c89c454ad25e
Reviewed-on: https://code.wireshark.org/review/27845
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoICMPv6: fix wrong tree for some bitmask field
Alexis La Goutte [Sun, 27 May 2018 10:02:03 +0000 (12:02 +0200)]
ICMPv6: fix wrong tree for some bitmask field

Ping-Bug: 14755
Fixes: v2.3.0rc0-1236-gdcb49539d ("ICMPv6: Convert flag fields to use proto_tree_add_bitmask")
Change-Id: I5ba03391739b34fcba60f636d87d46ec5a3f7660
Reviewed-on: https://code.wireshark.org/review/27847
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoICMPv6: fix malformed packet when there is Use Prefix Part Label (Router Renumbering)
Alexis La Goutte [Sun, 27 May 2018 09:51:49 +0000 (11:51 +0200)]
ICMPv6: fix malformed packet when there is Use Prefix Part Label (Router Renumbering)

Bug: 14755
Change-Id: Ie7edc6d7eeb74b968f1358d980bdb86f41ae85ec
Reviewed-on: https://code.wireshark.org/review/27846
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoMake sure the offset doesn't overflow.
Guy Harris [Mon, 28 May 2018 02:42:35 +0000 (19:42 -0700)]
Make sure the offset doesn't overflow.

It'd only overflow if the value is *so* large that it won't fit in the
packet (given that we have a 2^32-1-byte limit on the packet size), so
use tvb_ensure_bytes_exist() to ensure we have the entire value before
processing the value.

(The real problem is that we don't handle the case where there's a value
multiplicity > 1 for some types; in those cases, we should loop,
processing all the values, which would cause us to eventually throw an
exception when we ran past the end of the packet.  This is just a quick
fix.)

Bug: 14742
Change-Id: I447ece81d1c84d3b1d218faeb2c155f910208c29
Reviewed-on: https://code.wireshark.org/review/27853
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoFix incorrect formatting of NSAP area addresses/address prefixes.
Guy Harris [Sun, 27 May 2018 18:55:40 +0000 (11:55 -0700)]
Fix incorrect formatting of NSAP area addresses/address prefixes.

If the area address/address prefix is 13 octets long, use the 13th
octet, not the 21st octet; the latter is *not* part of the area
address/address prefix, and might either not be in the packet or might
be some random other part of the packet.

Add/expand comments while we're at it.

Bug: 14744
Change-Id: I7b90318a72a49b67d8ec17952add528185fd064b
Reviewed-on: https://code.wireshark.org/review/27848
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months ago[Automatic update for 2018-05-27]
Gerald Combs [Sun, 27 May 2018 08:16:29 +0000 (08:16 +0000)]
[Automatic update for 2018-05-27]

Update manuf, services enterprise numbers, translations, and other items.

Change-Id: I6603cc4dd62ff1db23efa4374437ce9ebf7a81c8
Reviewed-on: https://code.wireshark.org/review/27840
Reviewed-by: Gerald Combs <gerald@wireshark.org>
15 months agoMore bitfield fixes.
Guy Harris [Sun, 27 May 2018 01:52:17 +0000 (18:52 -0700)]
More bitfield fixes.

Use proto_tree_add_boolean(), not proto_tree_add_uint(), for FT_BOOLEAN
fields.

Change-Id: I00c8da977dcb2d232d6837bd58137e7aebe0ca7f
Reviewed-on: https://code.wireshark.org/review/27837
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoHave a dissector table for SSL/TLS/DTLS ALPN protocol IDs.
Guy Harris [Sun, 27 May 2018 01:42:41 +0000 (18:42 -0700)]
Have a dissector table for SSL/TLS/DTLS ALPN protocol IDs.

Have dissectors register with their protocol ID string in that table,
rather than having a table in epan/dissectors/packet-ssl-utils.c that
has to be updated for new protocols.

Have a table of protocol ID string prefixes, to handle the case of
protocols such as SPDY and HTTP2 drafts, where multiple protocol IDs are
used for different versions.

Change-Id: I363d04895a88e779fbbca7dc8e1f31aa1970a31a
Reviewed-on: https://code.wireshark.org/review/27836
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoFix 802.11ax fields.
Guy Harris [Sat, 26 May 2018 19:43:14 +0000 (12:43 -0700)]
Fix 802.11ax fields.

Fix a bunch of copy-and-pasteos, incorrectly using
proto_tree_add_bits_item().

Fix bitmaps to reflect the bit counts.

Show the top-level fields with appropriate zero padding.

Use the appropriate field widths and fix the bit masks.

Change-Id: I8fa34246710dc835f2b30a1af94b997f4ffb10bf
Reviewed-on: https://code.wireshark.org/review/27827
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoFix STUN-over-SSL/TLS/DTLS.
Guy Harris [Sat, 26 May 2018 17:53:03 +0000 (10:53 -0700)]
Fix STUN-over-SSL/TLS/DTLS.

Different dissectors are required for protocols running atop SSL/TLS and
protocols running atop DTLS - SSL/TLS provides a byte-stream service, so
there's no guarantee that there's a correspondence between SSL/TLS
application data record boundaries and packet boundaries, but DTLS
provides a datagram service, with packet boundaries corresponding to
application data record boundaries.

This is similar to the difference between dissectors for protocols
running atop TCP and protocols running atop protocols such as UDP.

So have two separate tables mapping Application-Layer Protocol
Negotiation (ALPN) Protocol IDs to dissector names - one for SSL/TLS and
one for DTLS.

There are both "over a byte-stream protocol" and "over a packet-oriented
protocol" dissectors for STUN and TURN ChannelData packets.  Register
the "over a byte-stream protocol" ones by name, and use the appropriate
ones in the appropriate tables.  (There is not one named "stun", so the
STUN dissector wouldn't have been called at all.)

Change-Id: I054e169f6ae3291abdc7eb58918ef65a17c90a63
Reviewed-on: https://code.wireshark.org/review/27822
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoSCTP: plug the remaining memleaks in the tap
Pascal Quantin [Sat, 26 May 2018 11:35:16 +0000 (13:35 +0200)]
SCTP: plug the remaining memleaks in the tap

Change-Id: I50da5f8c54c7be49ad8339d22639605daf2c5616
Reviewed-on: https://code.wireshark.org/review/27821
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
15 months agoSCTP: fix crash when filtering an association
Pascal Quantin [Fri, 25 May 2018 16:54:53 +0000 (18:54 +0200)]
SCTP: fix crash when filtering an association

Do not free a tsn_t element if it has already been inserted in a GList.
The code structure is complex enough to add an explicit check before
calling g_free().
Fixes a regression introduced in gb19ca06fcc.

While we are at it, let's call the correct free function and plug some
memory leaks.

Bug: 14733
Change-Id: I071da96982da569083fd98b790e0d37ac0826ff1
Reviewed-on: https://code.wireshark.org/review/27808
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
15 months agoAdded support for extended length BACnet MS/TP data frames.
Dirk Römmen [Fri, 25 May 2018 12:57:38 +0000 (14:57 +0200)]
Added support for extended length BACnet MS/TP data frames.

Change-Id: Ic6b02312a95e91f14ebaae9c2f2c95e82512d8cd
Reviewed-on: https://code.wireshark.org/review/27801
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
15 months ago6LoRH: fix in IP-in-IP header dissector
tchang [Fri, 25 May 2018 13:38:30 +0000 (15:38 +0200)]
6LoRH: fix in IP-in-IP header dissector

Change-Id: Iaba22d9b431a097eea4bb0dbea3c514a607ef001
Reviewed-on: https://code.wireshark.org/review/27805
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
15 months agoquakeworld: fix issue found by PVS Studio (V529)
Alexis La Goutte [Thu, 24 May 2018 18:01:23 +0000 (18:01 +0000)]
quakeworld: fix issue found by PVS Studio (V529)

Odd semicolon ';' after 'for' operator.

Change-Id: If77e285b52291b924efe9e68d863d5f01b994fdd
Reviewed-on: https://code.wireshark.org/review/27785
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agomaxmind_db.c: fix a memory leak
Pascal Quantin [Fri, 25 May 2018 17:29:32 +0000 (19:29 +0200)]
maxmind_db.c: fix a memory leak

Change-Id: Iee898541ec723cec209a3561899530a8dbe6e680
Reviewed-on: https://code.wireshark.org/review/27809
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoieee80211: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang
Alexis La Goutte [Fri, 25 May 2018 19:24:31 +0000 (21:24 +0200)]
ieee80211: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: I11c7dce7979eab4b21eb36066adf8c934b751422
Reviewed-on: https://code.wireshark.org/review/27812
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agogQUIC: update code source link and add new error code
Alexis La Goutte [Fri, 25 May 2018 19:14:45 +0000 (21:14 +0200)]
gQUIC: update code source link and add new error code

Change-Id: I55ef3e23c14a79de12b5401ba2cd847b6afddeba
Reviewed-on: https://code.wireshark.org/review/27810
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agogQUIC: it is possible to have multiple COPT Tag
Alexis La Goutte [Fri, 25 May 2018 05:57:18 +0000 (07:57 +0200)]
gQUIC: it is possible to have multiple COPT Tag

And it is a STRING display

Change-Id: I0f6521e936219bc98cd8eae2862bf6c582123f57
Reviewed-on: https://code.wireshark.org/review/27797
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoudpdump: add error message from libwritecap.
Dario Lombardo [Fri, 25 May 2018 14:09:25 +0000 (16:09 +0200)]
udpdump: add error message from libwritecap.

Change-Id: Ida86772c88af6b35e2d3b3864e1b1b551cfd1d96
Reviewed-on: https://code.wireshark.org/review/27804
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agossh: change return value from gint to guint (CID: 1417453).
Dario Lombardo [Thu, 24 May 2018 15:16:09 +0000 (17:16 +0200)]
ssh: change return value from gint to guint (CID: 1417453).

Since we're returning the key_len, there is no point in returning
a signed int.

Change-Id: I8854868ecf5250dca1894fdb8910d9ed48c070db
Reviewed-on: https://code.wireshark.org/review/27781
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agociscodump: check return value of libpcap_write_packet (CID: 1435606).
Dario Lombardo [Fri, 25 May 2018 13:53:04 +0000 (15:53 +0200)]
ciscodump: check return value of libpcap_write_packet (CID: 1435606).

Change-Id: Ifb89952b48bf300168b5f775ac3c2777c0c93877
Reviewed-on: https://code.wireshark.org/review/27803
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoMore comment updates.
Guy Harris [Sat, 26 May 2018 02:24:27 +0000 (19:24 -0700)]
More comment updates.

Change-Id: I33bc8c9685f8a44deaabc91e7c79a89683a6604d
Reviewed-on: https://code.wireshark.org/review/27818
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoFix comments.
Guy Harris [Sat, 26 May 2018 02:18:29 +0000 (19:18 -0700)]
Fix comments.

Fix a tpyo.

draft-ietf-behave-turn-ipv6 is now RFC 6156.

No need to give a particular URL for one of the RFCs in question.

Add RFC 6544, which discusses the use of RFC 4571-style framing for ICE.

Change-Id: Ie2c4f7747f0d08c92dc95d06a54175b2f8b9df76
Reviewed-on: https://code.wireshark.org/review/27817
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoUpdate protocol references.
Guy Harris [Fri, 25 May 2018 20:05:36 +0000 (13:05 -0700)]
Update protocol references.

Change-Id: I00b49e4857f94425d8e1dde6321515b64984a940
Reviewed-on: https://code.wireshark.org/review/27816
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoSSL: Send the record_length to the dissect_ssl3_alert and use it
Eugene Adell [Sun, 20 May 2018 10:57:42 +0000 (03:57 -0700)]
SSL: Send the record_length to the dissect_ssl3_alert and use it

Bug: 14712
Change-Id: I3550f0da76a9acd3619d243b5a6e1d04d6734b62
Reviewed-on: https://code.wireshark.org/review/27670
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
15 months agodpa400: Fix wiretap data packet len
Dirk Eibach [Fri, 25 May 2018 19:14:52 +0000 (21:14 +0200)]
dpa400: Fix wiretap data packet len

Increment the packet size whenn adding the from_source field.

Change-Id: I380305d763df40b2cf1f2209643d05dfde12a716
Reviewed-on: https://code.wireshark.org/review/27811
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agowslua: fix NSTime:__tostring for negative values
Peter Wu [Thu, 24 May 2018 11:57:37 +0000 (13:57 +0200)]
wslua: fix NSTime:__tostring for negative values

"nstime_t{A, B}" is defined as "A + B * 10^9" rather than an integer
part A and fractional part B.

Bug: 14720
Change-Id: I5321db7d5ecea8f976291d2a22667b02162194e2
Reviewed-on: https://code.wireshark.org/review/27775
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoQt: fix use-after-free on error while saving exported packets
Peter Wu [Mon, 21 May 2018 20:33:37 +0000 (22:33 +0200)]
Qt: fix use-after-free on error while saving exported packets

When an error occurs while saving packets using the Export Specified
Packets dialog (e.g. try to overwrite the opened capture file), the
dialog is displayed again. As PacketRangeGroupBox freed the packet
selection range, a crash (use-after-free) occurs.

Removes some unnecessary code in MainWindow::exportDissections as well.

Change-Id: I63898427eff7e71799d89c8a22246db8f93a9ff6
Fixes: v2.5.0rc0-968-g38b40acb2d ("Qt: fix a memory leak when exporting packets")
Reviewed-on: https://code.wireshark.org/review/27695
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoPAPI: Add new type for WebCC
Alexis La Goutte [Mon, 30 Jan 2017 20:08:57 +0000 (21:08 +0100)]
PAPI: Add new type for WebCC

Change-Id: I2355f9c2432e278cd97a868b399bbda8d369c714
Reviewed-on: https://code.wireshark.org/review/27799
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoua3g: move if in the fallthrough case.
Dario Lombardo [Fri, 25 May 2018 12:10:05 +0000 (14:10 +0200)]
ua3g: move if in the fallthrough case.

From gcc version 7 this causes an error:

../epan/dissectors/packet-ua3g.c:1293:28: error: this statement may fall through [-Werror=implicit-fallthrough=]
                         if (parameter_id == 0x02)
                            ^
../epan/dissectors/packet-ua3g.c:1295:21: note: here
                     case 0x03: /* Type Of Service */
                     ^~~~
cc1: all warnings being treated as errors

Fixes: 31663c40
Change-Id: I7622614e5472cc70aac5690d4bfc327be7628ece
Reviewed-on: https://code.wireshark.org/review/27800
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoQt: Configure the selection color via the preferences
Paul Zander [Tue, 22 May 2018 08:06:27 +0000 (10:06 +0200)]
Qt: Configure the selection color via the preferences

The active selection color and inactive selection color can be configured via Edit / Preferences / Font and Colors
There are 3 styles that can be used for the selection color:
Default: legacy behavior
Flat: Use background and foreground color with no gradient.
Gradient: Use background and foreground color with a gradient.

Bug: 14714
Change-Id: Ieca293bb9830d2c5702949d0459d1d6f679e41e4
Reviewed-on: https://code.wireshark.org/review/27701
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
15 months agoua3g: moved setup of rtp/rtcp conversations from packet-ua to packet-ua3g, where...
Nicolas BERTIN [Thu, 24 May 2018 20:26:27 +0000 (22:26 +0200)]
ua3g: moved setup of rtp/rtcp conversations from packet-ua to packet-ua3g, where the start-rtp message is actually decoded.

Change-Id: Id0dc39107f43680f082d5e6a1d8a1d4940640a13
Reviewed-on: https://code.wireshark.org/review/27792
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agouaudp: removed old/unused code (#if 0...#endif)
Nicolas BERTIN [Thu, 24 May 2018 22:00:25 +0000 (00:00 +0200)]
uaudp: removed old/unused code (#if 0...#endif)

Change-Id: I55900e9f6b43b373841ee6c0af80fc3650caf5ce
Reviewed-on: https://code.wireshark.org/review/27793
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agosmb: fix wrong exported smb2 object due to hash collision
Peter Wu [Thu, 24 May 2018 22:23:01 +0000 (00:23 +0200)]
smb: fix wrong exported smb2 object due to hash collision

While SMB1 FIDs are 16-bit, those used in SMB2 are a GUID of 128-bit
which are compressed down to 32-bit using g_str_hash. To reduce
collision probability which could associate wrong file data with an
Exported Object entry, do not truncate this hash value to 16 bits.

Bug: 14662
Change-Id: I2a353eca96b0f5ed2157f3678280642151e2e4e7
Reviewed-on: https://code.wireshark.org/review/27794
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
15 months agoieee80211: Support raw 802.11 data frame dissectors
Mikael Kanstrup [Wed, 25 Apr 2018 19:47:45 +0000 (21:47 +0200)]
ieee80211: Support raw 802.11 data frame dissectors

Add a heuristics dissector list for 802.11 data frames. With this
a heuristics dissector can be registered with "wlan_data" to
retrieve the raw data portion of 802.11 data frames.

Subdissectors can then either perform heuristics directly on
the frame data content or (via parent wlan fields) on frame
header to determine whether it's the protocol of interest.

Change-Id: I8466236835a2d524ccab5c6ebfafefad08ea2d0e
Reviewed-on: https://code.wireshark.org/review/27641
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months ago.mailmap: update of May (2018)
Alexis La Goutte [Tue, 22 May 2018 09:12:27 +0000 (09:12 +0000)]
.mailmap: update of May (2018)

Change-Id: I91de09062e3bfa9bb295d1a00ece5ed533ebdb5d
Reviewed-on: https://code.wireshark.org/review/27704
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoRemove some unused .gitignore entries.
Gerald Combs [Thu, 24 May 2018 22:34:50 +0000 (15:34 -0700)]
Remove some unused .gitignore entries.

Remove unused documentation extensions (.dbk or .fo) and what appear to
be files generated or used by QMake.

Change-Id: I8635436e6e7e7117ef9d0aadf97f925751d8df18
Reviewed-on: https://code.wireshark.org/review/27795
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agomedia_type: Default decode application/octet-stream as data
Stig Bjørlykke [Thu, 24 May 2018 19:02:26 +0000 (21:02 +0200)]
media_type: Default decode application/octet-stream as data

Remove registering media_type application/octet-stream from both
thread and uasip because the settings will interfere each other.

Enable decoding as for media_type instead.

Bug: 14729
Change-Id: I58c527977fe4713418219fc3126ce7a93c4bb641
Reviewed-on: https://code.wireshark.org/review/27789
Reviewed-by: Guy Harris <guy@alum.mit.edu>
15 months agoAsciidoctor: Remove underscores from macro names.
Gerald Combs [Thu, 24 May 2018 18:35:45 +0000 (11:35 -0700)]
Asciidoctor: Remove underscores from macro names.

AsciiDoc allows dashes in macro names but not underscores. Current
versions of AsciiDoctor allow the inverse. Remove underscores to allow
for easier copying and pasting.

Remove asciidoc.conf while we're here. It's no longer used.

Change-Id: I32d8a4ec695b9e17a80ac720ee9faf62dbb362d3
Reviewed-on: https://code.wireshark.org/review/27787
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
15 months agoieee80211: Make DMG Capabilities dissection handle earlier formats
Richard Sharpe [Thu, 24 May 2018 16:33:43 +0000 (09:33 -0700)]
ieee80211: Make DMG Capabilities dissection handle earlier formats

The recent changes to support the current 22-byte DMC Capabilities IE
defined in IEEE802.11-2012 prevents Wireshark from handling frames
in the earlier format.

This change allows Wireshark to dissect both the earlier and current
formats but gives an error if the IE does not have a length of 22.

The error could perhaps be demoted to a warning.

Also made a minor correction to the header fields to conform with
other uses.

Bug: 14727
Change-Id: I3dc333b273f915fa5f5f4cc5c13c1b84863b6713
Reviewed-on: https://code.wireshark.org/review/27782
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
15 months agoPDCP NR: add a framing option to indicate MAC-I presence in user plane PDU (CID 1435480)
Pascal Quantin [Thu, 24 May 2018 15:07:18 +0000 (17:07 +0200)]
PDCP NR: add a framing option to indicate MAC-I presence in user plane PDU (CID 1435480)

Change-Id: I155e4fad0c42c4b2b10cf3a2cb71c0927190b8db
Reviewed-on: https://code.wireshark.org/review/27780
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
15 months agoAllow extra plugins to be missing e.g. because they are in another branch
Joerg Mayer [Thu, 15 Feb 2018 19:43:07 +0000 (20:43 +0100)]
Allow extra plugins to be missing e.g. because they are in another branch
and still succeed with CMake.

Update the example paths to add epan while at it.

Change-Id: I92d21cc5699e784d7e151d18103d7e44078a40ab
Reviewed-on: https://code.wireshark.org/review/25812
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
15 months agoopa-mad: Add Support for Reassembly of PA & SA RMPP packets
Adam Goldman [Fri, 22 Jul 2016 17:26:07 +0000 (13:26 -0400)]
opa-mad: Add Support for Reassembly of PA & SA RMPP packets

Change-Id: I349dbd74768df57d6831fa73c3bdbd472be4aaa6
Signed-off-by: Adam Goldman <adam.goldman@intel.com>
Reviewed-on: https://code.wireshark.org/review/27386
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months ago6lowpan: fix reassembly for forwarded packets
Peter Wu [Wed, 23 May 2018 23:01:57 +0000 (01:01 +0200)]
6lowpan: fix reassembly for forwarded packets

With 6LoWPAN mesh routing over 802.15.4 networks, the same packet will
be forwarded over different links. Such duplicate datagram tags will
result in collisions (wrong "Reasssembled in" and reassembly failure).

Incorporate the link-layer address to differentiate fragments in
forwarded packets, in addition to the datagram tag.

Bug: 14700
Change-Id: I8e4adae54b3e903cfcd74844c6bbe0ecf17eefda
Reviewed-on: https://code.wireshark.org/review/27761
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Eduardo Montoya Marín <emontoya@kirale.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Robert Sauter <sauter@locoslab.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoextcap: set EXTCAP_DIR in the root cmake file and propagate it.
Dario Lombardo [Thu, 24 May 2018 13:08:48 +0000 (15:08 +0200)]
extcap: set EXTCAP_DIR in the root cmake file and propagate it.

The EXTCAP_DIR must be known in the root file to be set in config.h
and it's still needed in extcap/ to install the binaries, hence we
need caching it as well.

Bug: 14724

Change-Id: I58bac7de7a00e06c23fe8c8f1a7e3d299de6a560
Reviewed-on: https://code.wireshark.org/review/27776
Reviewed-by: Mikael Kanstrup <mikael.kanstrup@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agows_pipe: don't check for negative number using DWORD.
Dario Lombardo [Thu, 24 May 2018 07:20:24 +0000 (09:20 +0200)]
ws_pipe: don't check for negative number using DWORD.

DWORD on windows is unsigned, then there is no point in checking
for negative values.

Change-Id: I0b03fb19ebdff86e610cd4571fc30c49b7bd1284
Reviewed-on: https://code.wireshark.org/review/27766
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoDoIP: ISO 13400-2 Diagnostic communication over Internet Protocol
Tobias Rasmusson [Thu, 10 May 2018 18:46:07 +0000 (20:46 +0200)]
DoIP: ISO 13400-2 Diagnostic communication over Internet Protocol

DoIP is a vehicle bus protocol. It is carried by TCP or UDP and may include an UDS payload.

Change-Id: I1459c51fd710da8e2aaff0056bbf3f6e42c1b25e
Reviewed-on: https://code.wireshark.org/review/27448
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoRNSAP: Parse transportLayerAddress and bindingID
Darien Spencer [Thu, 24 May 2018 11:46:17 +0000 (14:46 +0300)]
RNSAP: Parse transportLayerAddress and bindingID

Parse IPv4/v6 and UDP ports

Change-Id: I3cbab496b4c73c1d0a0dbc55be29add8eab60dea
Reviewed-on: https://code.wireshark.org/review/27773
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoNBAP: Fix style issues in .cnf
Darien Spencer [Sun, 20 May 2018 05:28:23 +0000 (08:28 +0300)]
NBAP: Fix style issues in .cnf

Removed empty lines and fixed indentations

Change-Id: I583110e87f4fcf76af66d3ed4c3907bf2caba327
Reviewed-on: https://code.wireshark.org/review/27774
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoieee80211: Add dissector for Aerohive vendor specific IE
Adrian Granados [Wed, 23 May 2018 21:28:17 +0000 (17:28 -0400)]
ieee80211: Add dissector for Aerohive vendor specific IE

Dissector supports only type 33: Host Name.

Change-Id: I90fe19494ce8e1ea209af56162b31711f3f7619c
Reviewed-on: https://code.wireshark.org/review/27757
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agocoap: Revert "Store ctype values in transaction tracking"
Stig Bjørlykke [Thu, 24 May 2018 09:19:34 +0000 (11:19 +0200)]
coap: Revert "Store ctype values in transaction tracking"

This change was based on a incomplete/incorrect implementation of
LwM2M and is not correct because the payload encoding is mandatory
in the response.

This reverts commit 46fcf452ac0204152b6a4fd574547fb478f9e63b.
This reverts commit b1e0cb01b33d1e6798e5f3b2f649b2359874c622.

Change-Id: I89ae1f84e2735ad049a0f7c9045175940bed25cb
Reviewed-on: https://code.wireshark.org/review/27770
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
15 months agoandroiddump: Fix tcpdump encap type when libwiretap is used
Mikael Kanstrup [Wed, 23 May 2018 15:10:27 +0000 (17:10 +0200)]
androiddump: Fix tcpdump encap type when libwiretap is used

androiddump determines encap type by parsing pcap global header from
tcpdump binary output. Only when libpcap is used with androiddump
this (pcap linktype) value can be used right away. Libwiretap
uses its own encap values but is feed with pcap linktype values
making the whole packet encapsulation invalid.

Fix by converting pcap linktype values into wiretap encap values

(For pcap linktype definitions see http://www.tcpdump.org/linktypes.html)
(For wtap encap defininitions see wiretap/wtap.h)

Fixes: bfef57ebb7 ("androiddump: Fix and simplify tcpdump capture")
Change-Id: I5ea86204b8e5774fd84d4007db8c2910680dbd53
Reviewed-on: https://code.wireshark.org/review/27747
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Florian Bezold <florian.bezold@esrlabs.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
15 months agopfcp: updated names Sx -> PFCP
Joakim Karlsson [Wed, 23 May 2018 21:11:42 +0000 (23:11 +0200)]
pfcp: updated names Sx -> PFCP

According to TS 29.244, the name Sx is not used any more. Now it
fully utilize PFCP.

Side note: PFCP is used (today) over interfaces Sxa/Sxb/Sxc/N4.

Change-Id: I2773e64d44f5ca4e010494246ba1f30c21de371b
Reviewed-on: https://code.wireshark.org/review/27756
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agouaudp: simplified code (moved tests of length before the switch/cases)
Nicolas BERTIN [Wed, 23 May 2018 20:45:23 +0000 (22:45 +0200)]
uaudp: simplified code (moved tests of length before the switch/cases)

Change-Id: I78fa8b94e074e23cec2d3a550e62f43fff59c689
Reviewed-on: https://code.wireshark.org/review/27755
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoCMake: remove GIT_BIN_PARAM
Joakim Karlsson [Wed, 23 May 2018 21:50:41 +0000 (23:50 +0200)]
CMake: remove GIT_BIN_PARAM

Added in adb731c1cd69855b1655a0f23001655392a07340 but never worked,
and later corrected in e21da738262af2ba6cf72f46fdc045f0337ca27e.
Correction however gave cygwin user problems with the perl optional parameter
which droped qoutes around the path. But since the orginal commit never worked
as intended in the beginning, it's assume safe to remove.

Change-Id: I825a4e53b257d47601c330b210ac5ffb6870e0d9
Reviewed-on: https://code.wireshark.org/review/27758
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoQt: Support search without a selected packet
Stig Bjørlykke [Wed, 23 May 2018 18:15:32 +0000 (20:15 +0200)]
Qt: Support search without a selected packet

Support doing Find Packet, search for next/previous marked packet and
search for next/previous time reference without having a packet selected
in the packet list.

Change-Id: I648b26365385d98155e905cda270e9e785b9f1da
Reviewed-on: https://code.wireshark.org/review/27752
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agomaxmind: Move request processing to a thread.
Gerald Combs [Tue, 22 May 2018 22:54:55 +0000 (15:54 -0700)]
maxmind: Move request processing to a thread.

It's possible to block while we're writing to our mmdbresolve pipe,
particularly on Windows. Move the write to a separate thread.

Add an #ifdef to mmdbresolve.c which helps test blocking.

Bug: 14701
Change-Id: I6cb8a46a190a268da64f1e6f54d1052d03743c95
Reviewed-on: https://code.wireshark.org/review/27750
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoieee80211: Make QoS DSCP Exception and Range descriptions searchable.
Richard Sharpe [Mon, 26 Mar 2018 16:05:49 +0000 (09:05 -0700)]
ieee80211: Make QoS DSCP Exception and Range descriptions searchable.

People still want to search on the non-broken out fields.

Change-Id: Ibb68d9d335abc5b409ed99044ac2e895d672a174
Reviewed-on: https://code.wireshark.org/review/27760
Petri-Dish: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
15 months agoieee80211: extend DMG capabilities element
Chaitanya Tata [Tue, 22 May 2018 16:06:28 +0000 (21:36 +0530)]
ieee80211: extend DMG capabilities element

extend DMG capabilities element as per IEEE 802.11-2016 spec.

Change-Id: I087c6811399d64e19a2ff0d52b62499a5641940c
Reviewed-on: https://code.wireshark.org/review/27716
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
15 months agoIEEE 1722: rename IEC subdissector from 61883 to iec61883
Pascal Quantin [Wed, 23 May 2018 19:51:45 +0000 (21:51 +0200)]
IEEE 1722: rename IEC subdissector from 61883 to iec61883

Otherwise it can collide with the value 61883 typed in a display filter.
See https://ask.wireshark.org/question/3177 for details.

Change-Id: Ida4872bc4e4b56cb096079a0f0c42e11856e228c
Reviewed-on: https://code.wireshark.org/review/27754
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
15 months agoNBAP: Simplify private data API
Darien Spencer [Wed, 23 May 2018 16:52:42 +0000 (19:52 +0300)]
NBAP: Simplify private data API

Explicit getters/setters seems excessive and become
unmaintainable when the private data struct gets big, like in NBAP

Change-Id: I54d6eea327f1b393d9f80aafcbdd75080e10d50d
Reviewed-on: https://code.wireshark.org/review/27749
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
15 months agoAdd asciidoctor and asciidoctor-pdf to macos-setup.sh
Joerg Mayer [Mon, 26 Feb 2018 23:11:51 +0000 (00:11 +0100)]
Add asciidoctor and asciidoctor-pdf to macos-setup.sh

Change-Id: I531c3cbb4685e722e9b5f7762f184063eca61976
Reviewed-on: https://code.wireshark.org/review/26129
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
15 months agoplugins: Don't free static variable
João Valverde [Wed, 23 May 2018 15:58:05 +0000 (16:58 +0100)]
plugins: Don't free static variable

Our convention is to pass a pointer to a static structure as argument
to *_register_plugin(). Don't try to free it.

Change-Id: I16d81b72faf298ebfb3dccf4c9d4772291fd8cf0
Reviewed-on: https://code.wireshark.org/review/27748
Reviewed-by: João Valverde <j@v6e.pt>
15 months agows_pipe: fix return code on windows.
Dario Lombardo [Wed, 23 May 2018 14:13:39 +0000 (16:13 +0200)]
ws_pipe: fix return code on windows.

Change-Id: I30d24a5cad1991c2ce6a0f2a63fbe715b92943ec
Reviewed-on: https://code.wireshark.org/review/27745
Reviewed-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
15 months agoExpand doc/pugins.example README a bit.
João Valverde [Wed, 23 May 2018 14:27:06 +0000 (15:27 +0100)]
Expand doc/pugins.example README a bit.

Change-Id: Ife25fe9aaa333ffcdce3f2a48faed565dc83aebf
Reviewed-on: https://code.wireshark.org/review/27746
Reviewed-by: João Valverde <j@v6e.pt>