metze/wireshark/wip.git
3 years agogtk: fix 32-bit build
Peter Wu [Wed, 31 Aug 2016 09:11:56 +0000 (11:11 +0200)]
gtk: fix 32-bit build

32-bit glib before 2.31.2 expand GUINT_TO_POINTER(x) as (gpointer)x.
add explicit cast since curr_layer_num is 8 bits. Fixes
v1.99.10rc0-179-g1d7bcb2.

Storing a 64-bit integer into a 32-bit pointer makes the compiler
complain. Add explicit cast. Fixes v1.99.1rc0-76-ged0b19b.

Change-Id: I75fdf17882a0f5ddce7d3b3e74b1bf80ff6cd4ae
Reviewed-on: https://code.wireshark.org/review/17417
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agoE.212: update list to Operational Bulletin No. 1106 (15.VIII.2016)
Pascal Quantin [Wed, 31 Aug 2016 20:16:10 +0000 (22:16 +0200)]
E.212: update list to Operational Bulletin No. 1106 (15.VIII.2016)

Also manually add PLMN 460 02 (Chian Mobile) as it is not listed by ITU yet

Bug: 12622
Bug: 12798
Change-Id: I7c6fab9dcb9da90178186e94f624301ef1861421
Reviewed-on: https://code.wireshark.org/review/17428
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoOSSP: Retrieve OUI at proper offset in packet
Jaap Keuter [Wed, 31 Aug 2016 19:06:34 +0000 (21:06 +0200)]
OSSP: Retrieve OUI at proper offset in packet

Bug: 12801
Change-Id: Ic70f0d93bbffc99ceacf6b2963b04d7477e4914b
Reviewed-on: https://code.wireshark.org/review/17425
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoNFS: fix indent (remove some trailing spaces)
Alexis La Goutte [Wed, 31 Aug 2016 15:24:54 +0000 (17:24 +0200)]
NFS: fix indent (remove some trailing spaces)

Change-Id: Ic72d264686c3b37ac15118eec07057c7bb8a2a50
Reviewed-on: https://code.wireshark.org/review/17422
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agodiam_dict.l: remove use of strdup
Peter Wu [Wed, 31 Aug 2016 15:55:15 +0000 (17:55 +0200)]
diam_dict.l: remove use of strdup

This should fix crashes on Windows, _strdup should not be mixed with
g_free. This was only uncovered in v2.3.0rc0-474-ga04b6fc, before that
ddict_free was never called.

Change-Id: I34111385c82715de70fb42fe44b99b89e132a374
Reviewed-on: https://code.wireshark.org/review/17423
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoWin: switch back to Lua library compiled with MinGW
Pascal Quantin [Wed, 31 Aug 2016 09:48:33 +0000 (11:48 +0200)]
Win: switch back to Lua library compiled with MinGW

It does not suffer anymore from bug 9957

Change-Id: I871f01db67101b09a21545ecec5473941997a5cb
Reviewed-on: https://code.wireshark.org/review/17416
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agorftap: add new dissector
Jonathan Brucker [Wed, 31 Aug 2016 09:05:09 +0000 (09:05 +0000)]
rftap: add new dissector

The RFtap protocol is a simple metadata header designed to provide
Radio Frequency (RF) metadata about frames.

For official specifications see: https://rftap.github.io/

Signed-off-by: Jonathan Brucker <jonathan.brucke@gmail.com>
Change-Id: I0d008b2baadcc5cc9577113e9795eef2691b961a
Reviewed-on: https://code.wireshark.org/review/17355
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRevert "Revert "diameter: fix 400kb leaked memory on exit""
Guy Harris [Wed, 31 Aug 2016 08:16:24 +0000 (08:16 +0000)]
Revert "Revert "diameter: fix 400kb leaked memory on exit""

This reverts commit 5fea2b5f4198f1a36f313ef38532ddffd02ac5b1.

I.e., it puts back the change; the reverted version passed the tests on which the versions with this change crashed.

Change-Id: Idcc0eb11588cf14e2fe666de1905ee63917b0fcf
Reviewed-on: https://code.wireshark.org/review/17413
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoRevert "diameter: fix 400kb leaked memory on exit"
Guy Harris [Wed, 31 Aug 2016 07:42:31 +0000 (07:42 +0000)]
Revert "diameter: fix 400kb leaked memory on exit"

This reverts commit a04b6fcb3db901734ed948134c973996786be8b7.

Temporary revert to see if this prevents the "tshark -G" crashes being seen on the 64-bit Windows buildbot.

Change-Id: I561439039ca2667b72d7e2319a6f3f5f97e18d15
Reviewed-on: https://code.wireshark.org/review/17412
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoOK, it probably crashed in proto_initialize_all_prefixes().
Guy Harris [Wed, 31 Aug 2016 07:37:27 +0000 (00:37 -0700)]
OK, it probably crashed in proto_initialize_all_prefixes().

Remove the debugging printouts.

The changes that were committed between the last build that didn't crash
and the first build that did were:

commit 961f743d69b323aa217a6b39184485d6a0bfb2d5
Author: Peter Wu <peter@lekensteyn.nl>
Date:   Mon Aug 29 01:34:22 2016 +0200

    xml: fix some memleaks

    No more memleaks reported for the attachment in bug 12790 :-)

    Change-Id: I8472e442143b332edfacdf9ef3b8b893f1ec4386
    Ping-Bug: 12790
    Reviewed-on: https://code.wireshark.org/review/17365
Reviewed-by: Michael Mann <mmann78@netscape.net>
    Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
commit a04b6fcb3db901734ed948134c973996786be8b7
Author: Peter Wu <peter@lekensteyn.nl>
Date:   Sun Aug 28 22:19:29 2016 +0200

    diameter: fix 400kb leaked memory on exit

    Before:

        SUMMARY: AddressSanitizer: 399684 byte(s) leaked in 17208 allocation(s).

    After addressing to-do by calling ddict_free:

        SUMMARY: AddressSanitizer: 3024 byte(s) leaked in 256 allocation(s).

    After fixing all remaining leaks cases in the flex file for diameter:

        SUMMARY: AddressSanitizer: 735 byte(s) leaked in 58 allocation(s).

    Not bad huh :-)

    Ping-Bug: 12790
    Change-Id: I0c730ad77ae15c69390bc6cf0a3a985395a64771
    Reviewed-on: https://code.wireshark.org/review/17364
    Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
commit 14312835c63a3e2ec9d311ed1ffee5285141f4f9
Author: Peter Wu <peter@lekensteyn.nl>
Date:   Sun Aug 28 19:20:59 2016 +0200

    pcapng: do not leak blocks

    pcapng_open and pcapng_read have 'wblock' allocated on the stack, so if
    they return, they do not have to set wblock.block to NULL.

    pcapng_read_block always sets wblock->block to NULL and may initialize
    it for SHB, IDB, NRB and ISB. Be sure to release the memory for IDB and
    ISB. It is better to have more wtap_block_free calls on a NULL value
    than missing them as this would be a memleak (on the other hand, do not
    release memory that is stored elsewhere such as SHB and NRB).

    Ping-Bug: 12790
    Change-Id: I081f841addb36f16e3671095a919d357f4bc16c5
    Reviewed-on: https://code.wireshark.org/review/17362
    Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
*If* one of those is the cause, my guess is that it's the Diameter one,
as the crash happens before any file is read (so it's probably not the
pcapng one) and thus before any dissection is done (so it's probably not
the XML dissector one).

Change-Id: I816c1bbd6078eab251efd02ebb7c3195f6dd1483
Reviewed-on: https://code.wireshark.org/review/17411
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoGTP: patch for Target identification for non-compliance workaround
Binh Trinh [Wed, 31 Aug 2016 04:18:17 +0000 (00:18 -0400)]
GTP: patch for Target identification for non-compliance workaround

bug 3974

Change-Id: I2faa473c725a803056d6ffd0cb34b46d75121061
Reviewed-on: https://code.wireshark.org/review/17410
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoieee80211: Fix the BAR Ack policy values
Chaitanya T K [Tue, 30 Aug 2016 15:29:34 +0000 (20:59 +0530)]
ieee80211: Fix the BAR Ack policy values

As per 802.11-2012 table 8-15 the string should be reverse.
0 - Send Immediate Ack (False)
1 - Dont't Send Immediate Ack (True)

Change-Id: Iea3b179e11781f891d2294b0bcdf92de2bdba7ba
Reviewed-on: https://code.wireshark.org/review/17394
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agonfs4: Handle CB_GETATTR
Tom Haynes [Tue, 30 Aug 2016 19:15:13 +0000 (12:15 -0700)]
nfs4: Handle CB_GETATTR

Change-Id: Ifb68af443c6f13dfab99e32488d86c148621a316
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/17399
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoCrashing in proto_initialize_all_prefixes()? Debugging output.
Guy Harris [Wed, 31 Aug 2016 03:03:42 +0000 (20:03 -0700)]
Crashing in proto_initialize_all_prefixes()?  Debugging output.

Change-Id: I6db711b1730b95460983ee190762753198c1959e
Reviewed-on: https://code.wireshark.org/review/17409
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoMAUSB: Add Cancellation Status values defined in v1.0a Spec
Sean O. Stalley [Fri, 26 Aug 2016 21:36:57 +0000 (14:36 -0700)]
MAUSB: Add Cancellation Status values defined in v1.0a Spec

Change-Id: I72812fa0650da0cde37ea6cbef81a3c7a9ba333d
Reviewed-on: https://code.wireshark.org/review/17373
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoDebugging printouts, to see why tshark -G crashes on the Win64 buildbot.
Guy Harris [Wed, 31 Aug 2016 02:23:09 +0000 (19:23 -0700)]
Debugging printouts, to see why tshark -G crashes on the Win64 buildbot.

Change-Id: I16f6b7a69eed5ec66842df9d0640216fd273d3b0
Reviewed-on: https://code.wireshark.org/review/17408
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoRTPS: Fixed data holder dissection to match the standard
Juanjo Martin [Fri, 26 Aug 2016 14:27:16 +0000 (16:27 +0200)]
RTPS: Fixed data holder dissection to match the standard

The OMG standard has changed in this new version. I have fixed
the implementation.

Change-Id: Ie9054ed52c66580c76096af86e0fb8e34a44e9d1
Reviewed-on: https://code.wireshark.org/review/17348
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agonfs: Fix style in switch
Tom Haynes [Tue, 30 Aug 2016 17:47:13 +0000 (10:47 -0700)]
nfs: Fix style in switch

Change-Id: Ica9fc960946542badb64af12769e7dfa3793db82
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/17397
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoUse "ecatf" as the protocol name, to parallel everything else.
Guy Harris [Wed, 31 Aug 2016 00:59:59 +0000 (17:59 -0700)]
Use "ecatf" as the protocol name, to parallel everything else.

The fields have names beginning with "ecatf.", the dissector is called
"ecatf", and it's only the frame layer of EtherCAT anyway, so just call
it "ecatf".

Change-Id: I2f127363fd115c307f0525f612fe184a30d46c55
Reviewed-on: https://code.wireshark.org/review/17406
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoDon't do any Decode As stuff for dissector tables not used with Decode As.
Guy Harris [Tue, 30 Aug 2016 22:51:54 +0000 (15:51 -0700)]
Don't do any Decode As stuff for dissector tables not used with Decode As.

Have all dissector tables have a "supports Decode As" flag, which
defaults to FALSE, and which is set to TRUE if a register_decode_as()
refers to it.

When adding a dissector to a dissector table with a given key, only add
it for Decode As if the dissector table supports it.

For non-FT_STRING dissector tables, always check for multiple entries
for the same protocol with different dissectors, and report an error if
we found them.

This means there's no need for the creator of a dissector table to
specify whether duplicates of that sort should be allowed - we always do
the check when registering something for "Decode As" (in a non-FT_STRING
dissector table), and just don't bother registering anything for "Decode
As" if the dissector table doesn't support "Decode As", so there's no
check done for those dissector tables.

Change-Id: I4a1fdea3bddc2af27a65cfbca23edc99b26c0eed
Reviewed-on: https://code.wireshark.org/review/17402
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoRTPS: Allowing duplicates in the rtps.type_name table
Juanjo Martin [Mon, 29 Aug 2016 23:57:32 +0000 (01:57 +0200)]
RTPS: Allowing duplicates in the rtps.type_name table

Change-Id: Ie7a35b0bb3275a0895fad646bf9a81406eadf37c
Reviewed-on: https://code.wireshark.org/review/17393
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agonfs: Standardize on FileHandle vs filehandle
Tom Haynes [Tue, 30 Aug 2016 18:00:21 +0000 (11:00 -0700)]
nfs: Standardize on FileHandle vs filehandle

Change-Id: Ib945ddee4a35bf984a9411e56ed3801cde70c6c4
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/17398
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoSupport Decode As for {SSL,TLS}-over-TCP.
Guy Harris [Tue, 30 Aug 2016 20:38:03 +0000 (13:38 -0700)]
Support Decode As for {SSL,TLS}-over-TCP.

We register dissectors for "Decode As" for {SSL,TLS}-over-TCP, so we
should actually set up the "Decode As" stuff for it.

Change-Id: I2a738667efdec1007069df74885a4fe8fc3fcbab
Reviewed-on: https://code.wireshark.org/review/17400
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years ago[Diameter] Improve dissection of malformed packets by continnuing
AndersBroman [Tue, 30 Aug 2016 12:55:54 +0000 (14:55 +0200)]
[Diameter] Improve dissection of malformed packets by continnuing
dissection and display the problem more prominetly.

Change-Id: Ia1a32667a18e1e5b60b5c167da9b6dd945ba3dfc
Reviewed-on: https://code.wireshark.org/review/17385
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agotime_util: fix -Wshadow issue
Peter Wu [Tue, 30 Aug 2016 09:12:44 +0000 (11:12 +0200)]
time_util: fix -Wshadow issue

time_util.c was already fixed, but the header was missing the change,
breaking the build on a very old compiler.

Change-Id: I95685c9a3e25dcb7567f2551b92f20c8792a6e47
Reviewed-on: https://code.wireshark.org/review/17384
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agossl: fix wrong detection of non-resumed renegotiated session
Peter Wu [Mon, 29 Aug 2016 22:10:50 +0000 (00:10 +0200)]
ssl: fix wrong detection of non-resumed renegotiated session

If the heuristics fail to detect a resumed session, then it must mark
the session as a normal session. This will also prevent from
applying secrets that do not apply to this renegotiated session.

Bug: 12793
Change-Id: I90f794a7bbaf7f1839e39656ac318183ecf48887
Reviewed-on: https://code.wireshark.org/review/17376
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoGTP: add new RAT Type values
Binh Trinh [Tue, 30 Aug 2016 03:22:58 +0000 (23:22 -0400)]
GTP: add new RAT Type values

Change-Id: Ia3d8956197faff9366de2635a9bd29f2bfc40f0d
Reviewed-on: https://code.wireshark.org/review/17381
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoDon't use a no-longer-extant variable.
Guy Harris [Tue, 30 Aug 2016 02:49:58 +0000 (19:49 -0700)]
Don't use a no-longer-extant variable.

Change-Id: I41c1a37248335d983da58b0b657a28ec521be290
Reviewed-on: https://code.wireshark.org/review/17378
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoxml: fix some memleaks
Peter Wu [Sun, 28 Aug 2016 23:34:22 +0000 (01:34 +0200)]
xml: fix some memleaks

No more memleaks reported for the attachment in bug 12790 :-)

Change-Id: I8472e442143b332edfacdf9ef3b8b893f1ec4386
Ping-Bug: 12790
Reviewed-on: https://code.wireshark.org/review/17365
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agodiameter: fix 400kb leaked memory on exit
Peter Wu [Sun, 28 Aug 2016 20:19:29 +0000 (22:19 +0200)]
diameter: fix 400kb leaked memory on exit

Before:

    SUMMARY: AddressSanitizer: 399684 byte(s) leaked in 17208 allocation(s).

After addressing to-do by calling ddict_free:

    SUMMARY: AddressSanitizer: 3024 byte(s) leaked in 256 allocation(s).

After fixing all remaining leaks cases in the flex file for diameter:

    SUMMARY: AddressSanitizer: 735 byte(s) leaked in 58 allocation(s).

Not bad huh :-)

Ping-Bug: 12790
Change-Id: I0c730ad77ae15c69390bc6cf0a3a985395a64771
Reviewed-on: https://code.wireshark.org/review/17364
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agopcapng: do not leak blocks
Peter Wu [Sun, 28 Aug 2016 17:20:59 +0000 (19:20 +0200)]
pcapng: do not leak blocks

pcapng_open and pcapng_read have 'wblock' allocated on the stack, so if
they return, they do not have to set wblock.block to NULL.

pcapng_read_block always sets wblock->block to NULL and may initialize
it for SHB, IDB, NRB and ISB. Be sure to release the memory for IDB and
ISB. It is better to have more wtap_block_free calls on a NULL value
than missing them as this would be a memleak (on the other hand, do not
release memory that is stored elsewhere such as SHB and NRB).

Ping-Bug: 12790
Change-Id: I081f841addb36f16e3671095a919d357f4bc16c5
Reviewed-on: https://code.wireshark.org/review/17362
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agoMAUSB: Add Status value defined in v1.0a Spec
Sean O. Stalley [Fri, 26 Aug 2016 21:40:58 +0000 (14:40 -0700)]
MAUSB: Add Status value defined in v1.0a Spec

Change-Id: Ie8e77fffd54eb9b1918d90999a4419a80de8bc5e
Reviewed-on: https://code.wireshark.org/review/17374
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agotap-iostat.c: ensure that interval is set to its maximum value when using 0
Pascal Quantin [Mon, 29 Aug 2016 09:31:11 +0000 (11:31 +0200)]
tap-iostat.c: ensure that interval is set to its maximum value when using 0

Otherwise the statistics will be wrong if the capture duration is greater
than G_MAXINT32 and it the user specifies an interval of 0

Bug: 12778
Change-Id: I83a0f627ec0bb7c535446c17afa486835091ab8b
Reviewed-on: https://code.wireshark.org/review/17367
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agotelnet: remove meaningless line (CID 1372125).
Dario Lombardo [Mon, 29 Aug 2016 08:40:29 +0000 (10:40 +0200)]
telnet: remove meaningless line (CID 1372125).

Change-Id: I3b9bc01a4f72e2e0de3f83426a9b8e7060d0c89a
Reviewed-on: https://code.wireshark.org/review/17366
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agotproxy: fix memleak in is_banner_exchange_for
Peter Wu [Sun, 28 Aug 2016 17:27:52 +0000 (19:27 +0200)]
tproxy: fix memleak in is_banner_exchange_for

strdup and strcmp is a recipe for leaking.

Change-Id: I522c71964e39f671a4101df9b2b432433fc1c12e
Reviewed-on: https://code.wireshark.org/review/17363
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agotvbparse: fix memleak
Peter Wu [Sun, 28 Aug 2016 17:15:01 +0000 (19:15 +0200)]
tvbparse: fix memleak

Use same wmem_epan_scope() as "w" (tvbparse_wanted_t).

Change-Id: I73fdb1fb3b55a91b7bb0fc36e435024c6f0b3d73
Ping-Bug: 12790
Reviewed-on: https://code.wireshark.org/review/17361
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agoUAT gtk-ui, Qt-ui: Fixed copying records when no cp callback is defined
Michał Skalski [Mon, 22 Aug 2016 20:21:57 +0000 (22:21 +0200)]
UAT gtk-ui, Qt-ui: Fixed copying records when no cp callback is defined

According to documentation of uat_copy_cb_t, if uat->copy_cb is NULL,
memcpy() should be used.

This affected IKEv1 and IKEv2 UAT tables (possibly others).

Change-Id: I27ebdc08385d260945699f101e714d3abb288b22
Reviewed-on: https://code.wireshark.org/review/17245
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years ago[Automatic update for 2016-08-28]
Gerald Combs [Sun, 28 Aug 2016 15:12:43 +0000 (08:12 -0700)]
[Automatic update for 2016-08-28]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: Ic4d32253800cb94d52c817f1cd40179d878323cb
Reviewed-on: https://code.wireshark.org/review/17358
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoISAKMP: fix # of SPIs field name in Delete payload
Mirko Parthey [Sun, 28 Aug 2016 12:49:52 +0000 (14:49 +0200)]
ISAKMP: fix # of SPIs field name in Delete payload

Fix the "Number of SPIs" field name in the Delete payload.
References: RFC 2408, RFC 7296

Change-Id: I205fb830275fc011e6605fdae53c6b9141e1628b
Reviewed-on: https://code.wireshark.org/review/17353
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoxmpp: Improve stanza reassembly.
Stig Bjørlykke [Fri, 26 Aug 2016 09:31:03 +0000 (11:31 +0200)]
xmpp: Improve stanza reassembly.

A XMPP stanza may be fragmented inside a conversation, so don't
check for this only when starting a new conversation.

Change-Id: I63b987184f52645e6c72c3c4155b39b7948de828
Reviewed-on: https://code.wireshark.org/review/17344
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoQt: Support "Resolve Names" with multiple custom column fields
Stig Bjørlykke [Sat, 27 Aug 2016 09:53:29 +0000 (11:53 +0200)]
Qt: Support "Resolve Names" with multiple custom column fields

Make "Resolve Names" enabled if at least one of the custom column
fields can be resolved.

Change-Id: I702471be5d90c91f71209923e6abcc6921dca850
Reviewed-on: https://code.wireshark.org/review/17350
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
3 years agoextcap: improve interface print in help.
Dario Lombardo [Wed, 24 Aug 2016 10:42:15 +0000 (12:42 +0200)]
extcap: improve interface print in help.

Change-Id: Ife8e73b6cb1756623e937452fc042d8b31e2554f
Reviewed-on: https://code.wireshark.org/review/17321
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
3 years agowsutil: add enumeration of local ip addresses in Windows.
Dario Lombardo [Wed, 24 Aug 2016 14:48:39 +0000 (16:48 +0200)]
wsutil: add enumeration of local ip addresses in Windows.

Routine used by ssh-based extcaps.

Change-Id: I06d8e1e1444cd03a0508dc0c7cb91d340a451c58
Reviewed-on: https://code.wireshark.org/review/17308
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
3 years agoProperly end address type search by name (CID-1362742)
Jaap Keuter [Fri, 26 Aug 2016 06:53:33 +0000 (08:53 +0200)]
Properly end address type search by name (CID-1362742)

Search address type by name iterates over an array, but fails to find its end.
Therefore it may dereference invalid pointers, or NULL.

Add the proper check in the for loop and make sure an end condition is always
there in the array searched.

Change-Id: I60ade9d438dc394340b6483b4fcb23e5ce432000
Reviewed-on: https://code.wireshark.org/review/17337
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoSDP: Restore usability of conversation debug feature.
Jaap Keuter [Fri, 26 Aug 2016 06:28:49 +0000 (08:28 +0200)]
SDP: Restore usability of conversation debug feature.

Some type changes were not carried forwared into the conversation
debugging code. These changes allow compilation again.

Change-Id: I90dde7cc94496828cf8931d74225773c2cea42a1
Reviewed-on: https://code.wireshark.org/review/17336
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRTPS: Added missing parameters
Juanjo Martin [Fri, 26 Aug 2016 13:41:36 +0000 (15:41 +0200)]
RTPS: Added missing parameters

Added the dissection of three parameters.

Change-Id: I07e7b655ad7fd3462625c2fb565e41593c62f897
Reviewed-on: https://code.wireshark.org/review/17346
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQUIC: Update COL_INFO when packet is RST Stream and use rst stream code error
Alexis La Goutte [Fri, 26 Aug 2016 11:58:55 +0000 (13:58 +0200)]
QUIC: Update COL_INFO when packet is RST Stream and use rst stream code error

Issue reported by Lucas Pardue
Change-Id: Ic3c53fce9751a556c5f1aa30d55687a60c9c6a4d
Reviewed-on: https://code.wireshark.org/review/17345
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Lucas Pardue <lucas.pardue@bbc.co.uk>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQUIC: Update COL_INFO when packet is GOAWAY
Alexis La Goutte [Fri, 26 Aug 2016 08:43:00 +0000 (10:43 +0200)]
QUIC: Update COL_INFO when packet is GOAWAY

Issue reported by Lucas Perdue
Change-Id: I4852f6bad7a4c98b345ff198b33ab560eacb5ed0
Reviewed-on: https://code.wireshark.org/review/17341
Reviewed-by: Lucas Pardue <lucas.pardue@bbc.co.uk>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoQUIC: Fix some typo (copy/paste error) on GOAWAY/CONNECTION_CLOSE Frame
Alexis La Goutte [Fri, 26 Aug 2016 08:41:45 +0000 (10:41 +0200)]
QUIC: Fix some typo (copy/paste error) on GOAWAY/CONNECTION_CLOSE Frame

Issue reported by Lucas Perdue

Change-Id: I9c4ede6ba2fb0303aab05f1d59835e5a8b386a3e
Reviewed-on: https://code.wireshark.org/review/17340
Reviewed-by: Lucas Pardue <lucas.pardue@bbc.co.uk>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoqt: fix crash on Search Packet while redissecting
Peter Wu [Thu, 25 Aug 2016 16:03:35 +0000 (18:03 +0200)]
qt: fix crash on Search Packet while redissecting

Before redissection, PacketList::freeze() is called which clears the
model. This results in a NULL-deref when pressing Ctrl-F (Packet
Search) or Ctrl-G (Go To Packet). Reproducer: in a large capture file,
enter some display filter (e.g. "udp") and immediately press Ctrl-F.

Thanks to Github user SNAPESNATCH for the initial report via IRC that
included a helpful stack trace on Windows.

Change-Id: If7334d6df4e9591fb1f2a52e3e2f837285b2959f
Reviewed-on: https://code.wireshark.org/review/17326
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
3 years agoHandle ETH_P_CANFD as well as ETH_P_CAN.
Guy Harris [Thu, 25 Aug 2016 23:58:25 +0000 (16:58 -0700)]
Handle ETH_P_CANFD as well as ETH_P_CAN.

Both of them need to have the CAN ID/flags field of the header
byte-swapped as necessary to make sure it's in the *reading* host's byte
order, not the *writing* host's byte order, if the two are different.

Change-Id: Iac1589fdd9fe4d9ee6fbac8d821b48694d68919b
Reviewed-on: https://code.wireshark.org/review/17333
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoOne more change for the removal of LINKTYPE_SOCKETCAN_HOSTENDIAN.
Guy Harris [Thu, 25 Aug 2016 21:39:42 +0000 (14:39 -0700)]
One more change for the removal of LINKTYPE_SOCKETCAN_HOSTENDIAN.

Change-Id: If1615e23efa30119fff5eb2935335c2cde34b89e
Reviewed-on: https://code.wireshark.org/review/17330
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoGo back to having only one SocketCAN LINKTYPE_ value.
Guy Harris [Thu, 25 Aug 2016 21:14:11 +0000 (14:14 -0700)]
Go back to having only one SocketCAN LINKTYPE_ value.

Libpcap just backed out the "host-endian" SocketCAN LINKTYPE_ value; we
don't need it any more.

Change-Id: I33a7dc21207a0009e20b4abaefe1119eb649c39a
Reviewed-on: https://code.wireshark.org/review/17327
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoxmpp/xml: Store item length in xml_frame.
Stig Bjørlykke [Thu, 25 Aug 2016 13:39:40 +0000 (15:39 +0200)]
xmpp/xml: Store item length in xml_frame.

The created XML proto_item can be faked (if not visible and not referenced),
so ensure we store the correct item length to be used in XMPP.

This will avoid an invalid "Malformed Packet" for some XMPP packets.

Change-Id: I79d805b725dbeb93f26a38b72bdcc84187aee16f
Reviewed-on: https://code.wireshark.org/review/17324
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoextcap: add binary name and version to help message.
Dario Lombardo [Wed, 24 Aug 2016 13:10:51 +0000 (15:10 +0200)]
extcap: add binary name and version to help message.

Change-Id: I8f8083c817065cf66fd006a1caeb309d26209509
Reviewed-on: https://code.wireshark.org/review/17305
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
3 years agoxmpp: Add whitespace keepalive indication
Stig Bjørlykke [Thu, 25 Aug 2016 10:44:41 +0000 (12:44 +0200)]
xmpp: Add whitespace keepalive indication

RFC 6120 section 4.6.1 defines the use of a single whitespace as
"whitespace keepalive", so indicate this in the Info column.

Change-Id: I685431d91be2a37fbd66f8d1cdabe53f33092e93
Reviewed-on: https://code.wireshark.org/review/17323
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
3 years agoExpand comments.
Guy Harris [Thu, 25 Aug 2016 02:23:09 +0000 (19:23 -0700)]
Expand comments.

Change-Id: I4e3de542d24c567434f4554917e826ccbd64cb6c
Reviewed-on: https://code.wireshark.org/review/17319
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agodebian: Fix libwscodecs' symbols file
Balint Reczey [Tue, 23 Aug 2016 01:01:32 +0000 (03:01 +0200)]
debian: Fix libwscodecs' symbols file

Change-Id: I842fd2339788c2cbe5ca88294aaf74bf9adc5ae2
Reviewed-on: https://code.wireshark.org/review/17285
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agowsutil: fix indentation of interface.c
Dario Lombardo [Wed, 24 Aug 2016 14:54:02 +0000 (16:54 +0200)]
wsutil: fix indentation of interface.c

Change-Id: Icf0c0c4ce1e3763eb385de24dc608a120e0f4af2
Reviewed-on: https://code.wireshark.org/review/17307
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agodtls: remove unneeded checks (CID 1158712 & 1158716).
Dario Lombardo [Wed, 24 Aug 2016 10:00:54 +0000 (12:00 +0200)]
dtls: remove unneeded checks (CID 1158712 & 1158716).

Change-Id: Id463f7746880f71f317bb52b40dc8b298965b4ec
Reviewed-on: https://code.wireshark.org/review/17300
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoHTTP2: Display PUSH_PROMISE Header in bytes
Alexis La Goutte [Wed, 24 Aug 2016 17:53:04 +0000 (19:53 +0200)]
HTTP2: Display PUSH_PROMISE Header in bytes

and also use the name of spec for field (Header BLock Fragment

Change-Id: I5a3884186258dac1f243f991a3392c875403eb97
Reviewed-on: https://code.wireshark.org/review/17310
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agozbee-nwk-gp: don't THROW() an exception from a dissector
Martin Kaiser [Sat, 6 Aug 2016 17:57:23 +0000 (19:57 +0200)]
zbee-nwk-gp: don't THROW() an exception from a dissector

show expert infos and return the number of bytes we dissected

Change-Id: Ibb12372e8670380137f4fc3d012d0b0afa4cd638
Reviewed-on: https://code.wireshark.org/review/17313
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoextcap: remove unused #define from ssh-base.
Dario Lombardo [Wed, 24 Aug 2016 14:42:16 +0000 (16:42 +0200)]
extcap: remove unused #define from ssh-base.

Change-Id: I52d26cb1e60452f8fa4d79f988fde2268486fc1c
Reviewed-on: https://code.wireshark.org/review/17306
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoIEEE 1722: Fixup ranges.
Gerald Combs [Wed, 24 Aug 2016 17:03:38 +0000 (10:03 -0700)]
IEEE 1722: Fixup ranges.

Use RVALS + BASE_RANGE_STRING for range_strings. This should fix the "-G
values" failure on the Win32 buildbot.

Change-Id: I9a42b66a22b615d3de9c04b485adc7b9aa2cc154
Reviewed-on: https://code.wireshark.org/review/17309
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoFuzz test: Make Valgrind error detection more verbose.
Gerald Combs [Tue, 23 Aug 2016 23:55:16 +0000 (16:55 -0700)]
Fuzz test: Make Valgrind error detection more verbose.

When we set VG_ERR_CNT=1 print the reason.

Change-Id: Icb8f2a1e7074044521873b116fc891cc4be4b204
Reviewed-on: https://code.wireshark.org/review/17287
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoQt: add initializer (CID 1328485).
Dario Lombardo [Wed, 24 Aug 2016 09:10:10 +0000 (11:10 +0200)]
Qt: add initializer (CID 1328485).

Change-Id: I1ce4ddc8bfb66522d4e472c258de2f928d5c776f
Reviewed-on: https://code.wireshark.org/review/17298
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
3 years agoextcap: make extcaps use the version registered in config.
Dario Lombardo [Wed, 24 Aug 2016 08:43:11 +0000 (10:43 +0200)]
extcap: make extcaps use the version registered in config.

Change-Id: I12d0d0bec06e02af0a9d0877c0f0f1d86261d752
Reviewed-on: https://code.wireshark.org/review/17296
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
3 years agocall_heur_dissector_direct: do not trigger an assert if heuristic dissector rejects...
Pascal Quantin [Tue, 23 Aug 2016 20:10:08 +0000 (22:10 +0200)]
call_heur_dissector_direct: do not trigger an assert if heuristic dissector rejects packet

This can happen for example is the heuristics changed between the Wireshark
version used to export PDUs, and the one used to open the file.
Instead, call data dissector.

Change-Id: I29f7754f883fd710c3557a610583ef988ca13e43
Reviewed-on: https://code.wireshark.org/review/17280
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoSCSI: Mode Sense 10: Wrong block descriptor length
Alexis La Goutte [Tue, 23 Aug 2016 17:41:46 +0000 (19:41 +0200)]
SCSI: Mode Sense 10: Wrong block descriptor length

Issue reported by Sharon Samuel Enoch

Bug:12780
Change-Id: I94ad5355cdfa4d8cd3915c9e261931ff56dc765b
Reviewed-on: https://code.wireshark.org/review/17272
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoIPMI: do not use col_set_str with non const strings
Pascal Quantin [Wed, 24 Aug 2016 06:10:27 +0000 (08:10 +0200)]
IPMI: do not use col_set_str with non const strings

Bug: 12782
Change-Id: Ia082ccf5355d7f8dd6073861c59c804fecc96266
Reviewed-on: https://code.wireshark.org/review/17289
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoISAKMP: remove useless callback
Pascal Quantin [Tue, 23 Aug 2016 21:37:12 +0000 (23:37 +0200)]
ISAKMP: remove useless callback

isakmp_cleanup_protocol() and isakmp_init_protocol() are already registered
as cleanup and init routines

Change-Id: I4fd2348dc507c8bc933aebd5abfb2522b57da0b4
Reviewed-on: https://code.wireshark.org/review/17284
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoISAKMP: fix DOI field read size
Mirko Parthey [Tue, 23 Aug 2016 14:29:57 +0000 (16:29 +0200)]
ISAKMP: fix DOI field read size

Read 4 bytes from the packet instead of 1 because that is the
correct size of the DOI field.
Reference: RFC 2408

Change-Id: I5745363811bb46af307a925d688ec36cfb29984b
Reviewed-on: https://code.wireshark.org/review/17271
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoCMake: Allow setting per target compiler warnings
João Valverde [Tue, 16 Aug 2016 21:21:59 +0000 (22:21 +0100)]
CMake: Allow setting per target compiler warnings

Setting our compiler warning flags in CMAKE_C_FLAGS does not allow
using different flags per target.

Allow for that possibility by setting the internal WS_WARNINGS_{C,CXX}_FLAGS
and using the COMPILE_OPTIONS property to set them.

This change is just setting mechanism and there should be no difference
in generated warnings.

The check_X_compiler_flag cmake test is changed to test each flag individually.
We need a list, not a space separated string, and the aggregate test is not
significant.

Change-Id: I59fc5cd7e130c7a5e001c598e3df3e13f83a6a25
Reviewed-on: https://code.wireshark.org/review/17150
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
3 years agoisakmp Fix IKEv2 modification UAT crash
Michał Skalski [Mon, 22 Aug 2016 23:12:59 +0000 (01:12 +0200)]
isakmp Fix IKEv2 modification UAT crash

Problem is that not all fields of UAT are updated on change (only those
defined in UAT definition with ikev2_uat_flds, specifically pointers to
encr_spec and auth_spec in ike2_decr_data_t were set to NULL.

Fixed by re-setting pointers after update table callback was called.

Also fixed memory leaks after UAT modification.

Bug was partially resolved with change
Ibdab979b5959eb561635cbcb446e17138baca87b
https://code.wireshark.org/review/17078

which eliminated crash, but decryption still didn't work after UAT
modification (DISSECTOR BUG was displayed).

Bug: 12748
Change-Id: I8209edd8e214d62e34b641fdd2e046b9ff4c95eb
Reviewed-on: https://code.wireshark.org/review/17249
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years ago[lg8979] - Fix dissection of 'Analog Group Change Report' Responses (FC2)
Chris Bontje [Tue, 23 Aug 2016 14:42:59 +0000 (08:42 -0600)]
[lg8979] - Fix dissection of 'Analog Group Change Report' Responses (FC2)

They follow the same dissection as normal 'Analog Change Report' Responses (FC0)

Change-Id: I854084f43fd0cc52ba02b6f1e760a63033ab48dd
Reviewed-on: https://code.wireshark.org/review/17270
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
3 years agoRemove now-redundant check.
Guy Harris [Tue, 23 Aug 2016 18:50:51 +0000 (11:50 -0700)]
Remove now-redundant check.

We now check much earlier for an invalid message length; remove the
check done afterwards.

Also, note that dissect_netlink_error() should also check the message
length, to make sure it doesn't run past the end of the message, and
indicate why we are assuming an "integer" is 4 bytes (it's because the
RFC is vague here).

Change-Id: Ie0b5074acc852cdeaa008fee1125130a6c8771a1
Reviewed-on: https://code.wireshark.org/review/17279
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoGet rid of trailing tabs.
Guy Harris [Tue, 23 Aug 2016 18:41:24 +0000 (11:41 -0700)]
Get rid of trailing tabs.

Change-Id: I0c26f02a63a12acc900637cd6a106d26e386a7a8
Reviewed-on: https://code.wireshark.org/review/17278
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoCatch too-short netlink message lengths.
Guy Harris [Tue, 23 Aug 2016 18:39:56 +0000 (11:39 -0700)]
Catch too-short netlink message lengths.

0 would cause an infinite loop. and any value < 16 is clearly wrong, so
if we see such a packet, just show the header's length field and stop
dissecting.

Bug: 12776
Change-Id: Iefc56b26b83ff5424968d065bdb9fa84a7a65481
Reviewed-on: https://code.wireshark.org/review/17277
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoMAC LTE: fix dissection of CE Mode A RAR message
Pascal Quantin [Tue, 23 Aug 2016 17:41:48 +0000 (19:41 +0200)]
MAC LTE: fix dissection of CE Mode A RAR message

The Msg3 PUSCH narrowband index parameter depends on the UL bandwidth

Change-Id: Ib57c85ffbd4c108e9c8f3d14fa53a48f0df1b0e6
Reviewed-on: https://code.wireshark.org/review/17274
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoDocumentation with unset license is under project's license (GPL-2+)
Balint Reczey [Tue, 23 Aug 2016 11:53:23 +0000 (13:53 +0200)]
Documentation with unset license is under project's license (GPL-2+)

doc/idl2deb.pod is licensed explicitly under GPL-2+ it is just
not recognized by the check.

Change-Id: Iabc7ee6bd6fe9080d6cdd28a29bb4c5f97b0ece9
Reviewed-on: https://code.wireshark.org/review/17268
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
3 years agodissector ISAKMP IKEv2: fixed bug with libgcrypt-1.6.x and AEAD ciphers
Michał Skalski [Sun, 21 Aug 2016 20:00:44 +0000 (22:00 +0200)]
dissector ISAKMP IKEv2: fixed bug with libgcrypt-1.6.x and AEAD ciphers

IKEv2:
Fixed bug with AEAD ciphers with 8- and 12-byte length ICVs and
libgcrypt 1.6.x - gcry_cipher_checktag() returned INVALID_LENGTH.
Fixed for merged changeset https://code.wireshark.org/review/17078

Added support for verification of encrypted data with HMAC_MD5_128
[RFC4595] and HMAC_SHA1_160 [RFC4595] integrity algorithms

Added IKEv2 decryption suite for few combinations of encryption and
integrity algorithms: 3DES-CBC/SHA1_160, AES-128-CCM-12, AES-128-CCM-12
(using CTR mode), AES-192-CTR/SHA2-512, AES-256-CBC/SHA2-256,
AES-256-CCM-16, AES-256-GCM-16, AES-256-GCM-8

Change-Id: Ic564b25f1fd41e913c605322b7b8aa030cf90ddf
Reviewed-on: https://code.wireshark.org/review/17213
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoIEEE 802.15.4:dissecting header & payload information elements used by 6tisch.
Jonathan Muñoz [Tue, 5 Jul 2016 15:13:14 +0000 (17:13 +0200)]
IEEE 802.15.4:dissecting header & payload information elements used by 6tisch.

This patch shows the Information Elements (IE) defined by the
IEEE802.15.4. It dissects the information of those IE which are used
by the IETF WG 6tisch and announces the others. Here the list of the
fully dissected ones:

- For the header IEs:
    - Time Correction.
    - Header Termination 1.
    - Header Termination 2.

- For the payload IEs:
    - MLME:
        - Nested Shorts:
            - TSCH Synchronization IE.
            - TSCH Timeslot IE.
            - TSCH Slotframe and Link IE.
        - Nested Longs:
            - Channel Hopping IE.
    - Payload Termination IE.

For the rest of the IEs defined in the standart, this patch shows them
but does not analyze their inner fields.

References:
https://datatracker.ietf.org/doc/draft-ietf-6tisch-minimal/
IEEE Standard for Low-Rate Wireless Personal Area Networks (WPANs).

Change-Id: I45292315fa532f08be6a218eb5756284a22eeee4
Reviewed-on: https://code.wireshark.org/review/16671
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoisakmp: fix type confusion
Peter Wu [Mon, 22 Aug 2016 20:29:21 +0000 (22:29 +0200)]
isakmp: fix type confusion

Caught by ASAN with WIRESHARK_DEBUG_WMEM_OVERRIDE=simple set.

Manually inspection of all type casts to decrypt_data_t and
ikev2_decrypt_data_t showed no other users that do not check
isakmp_version first.

Change-Id: If889afff85a20e31222d33cbea8db3a91a77f389
Reviewed-on: https://code.wireshark.org/review/17246
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michał Skalski <mskalski13@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoSee if *this* convinces the compiler that valuelen and value will be set.
Guy Harris [Tue, 23 Aug 2016 03:36:24 +0000 (20:36 -0700)]
See if *this* convinces the compiler that valuelen and value will be set.

Change-Id: I2a7715ac3255502f244a0d0a7e588b3a44c34f11
Reviewed-on: https://code.wireshark.org/review/17258
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoMore fields, more pre-allocated memory for fields.
Guy Harris [Tue, 23 Aug 2016 02:57:22 +0000 (19:57 -0700)]
More fields, more pre-allocated memory for fields.

Change-Id: I8362e64354c4ca985dbabc190cfb75d2bd31a5ad
Reviewed-on: https://code.wireshark.org/review/17257
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoFix handling of parameters with no value.
Guy Harris [Tue, 23 Aug 2016 02:28:24 +0000 (19:28 -0700)]
Fix handling of parameters with no value.

Return a value length of 0 if there's no parameter value.

(And don't return anything if the pointers through which we return them
are null.)

If no value is present, return NULL from ws_find_media_type_parameter().

Change-Id: I32b57623d7651bcf065af5b81f2390a600988b21
Reviewed-on: https://code.wireshark.org/review/17255
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoAdd cast to squelch "building with a C++ compiler" warnings.
Guy Harris [Tue, 23 Aug 2016 01:25:33 +0000 (18:25 -0700)]
Add cast to squelch "building with a C++ compiler" warnings.

Change-Id: Ia95c40096018479aec99fafd93d7b95d31ba4723
Reviewed-on: https://code.wireshark.org/review/17253
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoHandle quoted-pairs in quoted-strings correctly.
Guy Harris [Tue, 23 Aug 2016 00:53:10 +0000 (17:53 -0700)]
Handle quoted-pairs in quoted-strings correctly.

Backslash, in a quoted-string, escapes quotes (and any other characters,
although the only ones that *need* escaping are a double-quote and a
backslash).

This means that the value of a parameter isn't just the raw characters
from the parameters string; for a quoted string, it needs to be
un-escaped, and for a *non*-quoted string, it has to stop at the first
non-token character (you can put comments in).  So
ws_find_media_type_parameter() must return an allocated string with the
actual value.

Get rid of index_of_char(); it doesn't do anything that strchr() does.

Change-Id: I36328ea71c28fe6ac4918a8e73c281a25f6be844
Reviewed-on: https://code.wireshark.org/review/17251
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoUpdate docbook/README.txt
Gerald Combs [Mon, 22 Aug 2016 22:10:24 +0000 (15:10 -0700)]
Update docbook/README.txt

Update to reflect current reality. Still needs a lot of work.

Change-Id: Id6bb12f5e8ca42bbadc237f148bb388b54a321e2
Reviewed-on: https://code.wireshark.org/review/17247
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoIKEv2: Add D-H Transform IDs for Brainpool Curves
Mirko Parthey [Mon, 22 Aug 2016 11:25:33 +0000 (13:25 +0200)]
IKEv2: Add D-H Transform IDs for Brainpool Curves

Add Diffie-Hellman Group Transform IDs for the ECC Brainpool Curves.

References: RFC 6932, RFC 6954

Change-Id: I1ca0da8e5e06abbd1c53a591d01c1f05aa60c35a
Reviewed-on: https://code.wireshark.org/review/17231
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoMake index_of_char() static again
Balint Reczey [Mon, 22 Aug 2016 11:26:14 +0000 (13:26 +0200)]
Make index_of_char() static again

Change-Id: I1c0d344c50ee5d78dd8247ccfe795ce0cd94aaa2
Reviewed-on: https://code.wireshark.org/review/17230
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
3 years agodebian: Update symbols file with new symbols
Balint Reczey [Mon, 22 Aug 2016 12:11:32 +0000 (14:11 +0200)]
debian: Update symbols file with new symbols

Some symbols are marked as appearing in 2.2 intentionally,
because they are cherry-picked to master-2.2.

Change-Id: Ia7807b3bddab0a069812f56c1be2eca8bf7d1cd4
Reviewed-on: https://code.wireshark.org/review/17232
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRename find_parameter() to ws_find_media_type_parameter()
Balint Reczey [Mon, 22 Aug 2016 10:59:01 +0000 (12:59 +0200)]
Rename find_parameter() to ws_find_media_type_parameter()

The symbols exported from libs should use less generic. preferably
prefixed names to avoid name collisions with other shared library
symbols.

Change-Id: I8323b3e194a7ee4d61baec0c007342fab6cbde84
Reviewed-on: https://code.wireshark.org/review/17229
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoFixed a bug which might have caused a division by 0.
Andreas Leibold [Mon, 22 Aug 2016 10:51:05 +0000 (12:51 +0200)]
Fixed a bug which might have caused a division by 0.

Variable "channels_per_frame" could have caused a division by 0.
This is now changed, by stopping dissection in this case. A warning is
shown for this case.

Change-Id: I6d4dcb91b833a7d7f0759e28f56950b94ab1ed7e
Reviewed-on: https://code.wireshark.org/review/17228
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoRANAP: Add an heuristic to decode the HO-to-UTRAN Command embedded in the RRC Contai...
Binh Trinh [Mon, 15 Aug 2016 03:41:48 +0000 (23:41 -0400)]
RANAP:  Add an heuristic to decode the HO-to-UTRAN Command embedded in the RRC Container within the TargetRNC-to-SourceRNC Transparent Container

Change-Id: Iea7c8d24f52cf8bd11e13a53853e11ec1ecdcd36
Reviewed-on: https://code.wireshark.org/review/17058
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoipp: fix typo indent
Alexis La Goutte [Mon, 22 Aug 2016 09:55:52 +0000 (11:55 +0200)]
ipp: fix typo indent

Change-Id: Ibc44ab1e009f2dc07258b702f0e08aced38a66e2
Reviewed-on: https://code.wireshark.org/review/17223
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years ago[Diameter] Add Command codes 8388718 - 8388722.
AndersBroman [Mon, 22 Aug 2016 10:33:08 +0000 (12:33 +0200)]
[Diameter] Add Command codes 8388718 - 8388722.

Bug: 12774
Change-Id: I413ba4a195ee1bd3d7de66399d1be714ef77d7e2
Reviewed-on: https://code.wireshark.org/review/17227
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agowmem_array_index() returns a *pointer* to the array element.
Guy Harris [Mon, 22 Aug 2016 07:37:42 +0000 (00:37 -0700)]
wmem_array_index() returns a *pointer* to the array element.

The array is an array of guint8 *'s that point to strings;
wmem_array_index() doesn't return a pointer to the string, it returns a
pointer to a pointer to the string, and you have to dereference the
result of the wmem_array_index() call to get a pointer to the string.

Change-Id: I8c7b3320f0979b01383ad255419c21cdeb7df4c7
Reviewed-on: https://code.wireshark.org/review/17221
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoLook up the XML dissector the right way.
Guy Harris [Mon, 22 Aug 2016 06:43:38 +0000 (23:43 -0700)]
Look up the XML dissector the right way.

Looking up "text/xml" in the "media_type" dissector is somewhat of a
long-way-around way of finding the XML dissector; just look for it by
name.

Change-Id: Ifafeabc563bf7bfa529bc44ba31bf6ae376a09c8
Reviewed-on: https://code.wireshark.org/review/17219
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoGet rid of trailing blank line.
Guy Harris [Mon, 22 Aug 2016 06:36:54 +0000 (23:36 -0700)]
Get rid of trailing blank line.

Change-Id: I409a843b48983355c242708f6c9972bd8f337bf6
Reviewed-on: https://code.wireshark.org/review/17218
Reviewed-by: Guy Harris <guy@alum.mit.edu>