metze/wireshark/wip.git
3 years agoRemove trailing blank.
Guy Harris [Mon, 2 May 2016 01:00:00 +0000 (18:00 -0700)]
Remove trailing blank.

Change-Id: I57017b3e574983dac9107712a0dd6b243b62bb80
Reviewed-on: https://code.wireshark.org/review/15240
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoAdd some more checks, clean up length handling.
Guy Harris [Mon, 2 May 2016 00:58:49 +0000 (17:58 -0700)]
Add some more checks, clean up length handling.

Check for destination or source MAC addresses that aren't 12 characters
(hex dump of 6 octets) long and type/length fields that aren't 4
characters (hex dump of 2 octets) long.

The buffer into which we copy the hex dump characters doesn't need to be
null-terminated, so don't bother to null-terminate it.  Use the final
offset into the buffer as the buffer length, rather than using strlen().

Just memcpy the MAC addresses and type/length fields into the buffer;
the buffer is guaranteed to be big enough for all of them, and, as
noted, it doesn't need to be null-terminated.

Change-Id: I790e953542ae8443af01c81229a8deb877448ee3
Reviewed-on: https://code.wireshark.org/review/15239
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoDon't assume packets will be no larger than ISERIES_MAX_PACKET_LEN.
Guy Harris [Mon, 2 May 2016 00:52:45 +0000 (17:52 -0700)]
Don't assume packets will be no larger than ISERIES_MAX_PACKET_LEN.

We don't check against it.  Insteead, use phdr->caplen as the buffer
size; that's based on the number of hex digits we've found.

While we're at it, also get rid of ISERIES_PKT_ALLOC_SIZE - it makes it
less obvious that it's based on the packet length from the packet
header.

Change-Id: I8ad6306c62e7bc4cf896b335f39a5a77780fb2ea
Reviewed-on: https://code.wireshark.org/review/15236
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoMake sure the packet length isn't > WTAP_MAX_PACKET_SIZE.
Guy Harris [Mon, 2 May 2016 00:02:12 +0000 (17:02 -0700)]
Make sure the packet length isn't > WTAP_MAX_PACKET_SIZE.

Change-Id: I65c1e87e2fcff93b3db998666ff51f19ecd71b55
Reviewed-on: https://code.wireshark.org/review/15233
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoFix wsutil/Makefile.nmake rule for ws_version_info.obj
João Valverde [Sun, 1 May 2016 23:02:44 +0000 (00:02 +0100)]
Fix wsutil/Makefile.nmake rule for ws_version_info.obj

Change-Id: I397da333b467d140613947fe49cd98338ab1d8f6
Reviewed-on: https://code.wireshark.org/review/15218
Tested-by: João Valverde <j@v6e.pt>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoIMAP: Add heuristic check for TLS
João Valverde [Thu, 28 Jan 2016 02:08:06 +0000 (02:08 +0000)]
IMAP: Add heuristic check for TLS

If the IMAP TCP stream doesn't include the STARTTLS command/response
the IMAP dissector will try to dissect TLS ciphertext as IMAP protocol
plaintext.

Add heuristic check for SSLv3/TLS and if the heuristic matches register
dissect_ssl() as the dissector for that IMAP session.

Change-Id: If84eca22315193a306e93e66c608de6634e6cd85
Reviewed-on: https://code.wireshark.org/review/13570
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
3 years agoDon't treat the packet length as unsigned.
Guy Harris [Sun, 1 May 2016 23:29:41 +0000 (16:29 -0700)]
Don't treat the packet length as unsigned.

The scanf family of functions are as annoyingly bad at handling unsigned
numbers as strtoul() is - both of them are perfectly willing to accept a
value beginning with a negative sign as an unsigned value.  When using
strtoul(), you can compensate for this by explicitly checking for a '-'
as the first character of the string, but you can't do that with
sscanf().

So revert to having pkt_len be signed, and scanning it with %d, but
check for a negative value and fail if we see a negative value.

Bug: 12394
Change-Id: I4b19b95f2e1ffc96dac5c91bff6698c246f52007
Reviewed-on: https://code.wireshark.org/review/15230
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoDon't treat the packet length as unsigned.
Guy Harris [Sun, 1 May 2016 23:22:40 +0000 (16:22 -0700)]
Don't treat the packet length as unsigned.

The scanf family of functions are as annoyingly bad at handling unsigned
numbers as strtoul() is - both of them are perfectly willing to accept a
value beginning with a negative sign as an unsigned value.  When using
strtoul(), you can compensate for this by explicitly checking for a '-'
as the first character of the string, but you can't do that with
sscanf().

So revert to having pkt_len be signed, and scanning it with %d, but
check for a negative value and fail if we see a negative value.

Bug: 12395
Change-Id: I43b458a73b0934e9a5c2c89d34eac5a8f21a7455
Reviewed-on: https://code.wireshark.org/review/15223
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoICMPv6: Observe "Redirected Header" option length
João Valverde [Sat, 30 Apr 2016 20:19:24 +0000 (21:19 +0100)]
ICMPv6: Observe "Redirected Header" option length

Bug: 12400
Change-Id: Ic4116082b0f6c119172b222aadefab821f1b0971
Reviewed-on: https://code.wireshark.org/review/15205
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
3 years agoDon't treat the packet length as unsigned.
Guy Harris [Sun, 1 May 2016 23:13:31 +0000 (16:13 -0700)]
Don't treat the packet length as unsigned.

The scanf family of functions are as annoyingly bad at handling unsigned
numbers as strtoul() is - both of them are perfectly willing to accept a
value beginning with a negative sign as an unsigned value.  When using
strtoul(), you can compensate for this by explicitly checking for a '-'
as the first character of the string, but you can't do that with
sscanf().

So revert to having pkt_len be signed, and scanning it with %d, but
check for a negative value and fail if we see a negative value.

Bug: 12396
Change-Id: I54fe8f61f42c32b5ef33da633ece51bbcda8c95f
Reviewed-on: https://code.wireshark.org/review/15220
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoDon't treat the packet length as unsigned.
Guy Harris [Sun, 1 May 2016 23:02:40 +0000 (16:02 -0700)]
Don't treat the packet length as unsigned.

The scanf family of functions are as annoyingly bad at handling unsigned
numbers as strtoul() is - both of them are perfectly willing to accept a
value beginning with a negative sign as an unsigned value.  When using
strtoul(), you can compensate for this by explicitly checking for a '-'
as the first character of the string, but you can't do that with
sscanf().

So revert to having pkt_len be signed, and scanning it with %d, but
check for a negative value and fail if we see a negative value.

Change-Id: I6450d468504e942df72342176a0e145e5ac3db5f
Reviewed-on: https://code.wireshark.org/review/15216
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoMake class "type" for USB conversations.
Michael Mann [Sun, 1 May 2016 16:55:23 +0000 (12:55 -0400)]
Make class "type" for USB conversations.

USB dissectors can't assume that only their class type has been passed around in the conversation.  Make explicit check that class type expected matches the dissector and stop/prevent dissection if there isn't a match.

Bug: 12356
Change-Id: Ib23973a4ebd0fbb51952ffc118daf95e3389a209
Reviewed-on: https://code.wireshark.org/review/15212
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoqt: SH_ScrollBar_Transient is not available for Qt <= 5.2
Martin Kaiser [Sat, 30 Apr 2016 15:04:05 +0000 (17:04 +0200)]
qt: SH_ScrollBar_Transient is not available for Qt <= 5.2

add a version check in order to fix compilation with older Qt versions

(I couldn't figure out when exactly SH_ScrollBar_Transient was
introduced. It appears in the Qt 5.6 documentation, it's unavailable in
Qt 5.2)

Change-Id: Idf7ea1302e4a40e290a6750cbe077d9d2b7b56a8
Reviewed-on: https://code.wireshark.org/review/15196
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agozvt: return -1 if we need more data from tcp
Martin Kaiser [Sun, 1 May 2016 16:23:52 +0000 (18:23 +0200)]
zvt: return -1 if we need more data from tcp

0 means that the dissector rejected the packet.

Change-Id: I9e04443a5f378198f94038e0e67b2e1fde8054be
Reviewed-on: https://code.wireshark.org/review/15210
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agoldss: remove if (tree) checks
Martin Kaiser [Sun, 1 May 2016 15:49:29 +0000 (17:49 +0200)]
ldss: remove if (tree) checks

Change-Id: Ib453a247eb1a2b6e88b3a4abab301bdc7c18bdb0
Reviewed-on: https://code.wireshark.org/review/15209
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agoldss: return -1 (not 0) if we need more data from TCP
Martin Kaiser [Sat, 30 Apr 2016 15:53:56 +0000 (17:53 +0200)]
ldss: return -1 (not 0) if we need more data from TCP

If a dissector returns 0, it rejects the packet ("this is not my
protocol"). This is in contradiction to requesting more data from TCP.

Bug: 12359
Change-Id: Ib0da7fc3ef92b35b3950e74f50484d9e21a93a6f
Reviewed-on: https://code.wireshark.org/review/15198
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years ago[Automatic update for 2016-05-01]
Gerald Combs [Sun, 1 May 2016 15:09:31 +0000 (08:09 -0700)]
[Automatic update for 2016-05-01]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: Icfa09469ffc84943f9e54eae10f60001a3790694
Reviewed-on: https://code.wireshark.org/review/15206
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoqt: don't declare dp_ratio for Qt < 5.1
Martin Kaiser [Sat, 30 Apr 2016 14:42:08 +0000 (16:42 +0200)]
qt: don't declare dp_ratio for Qt < 5.1

this avoids warnings about unused variables

Change-Id: I0ee033f90c1387615ffc167161e53f4293d89763
Reviewed-on: https://code.wireshark.org/review/15195
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agoReturn the same error for too-large packets as we do for other files.
Guy Harris [Sat, 30 Apr 2016 23:38:27 +0000 (16:38 -0700)]
Return the same error for too-large packets as we do for other files.

And note that our limit (which is what we use as the fixed buffer size)
is less than WTAP_MAX_PACKET_SIZE, so we don't have to check against
WTAP_MAX_PACKET_SIZE.

Change-Id: I28cd95c40fd2fba9994a5d64ef323f1d8c1c4478
Reviewed-on: https://code.wireshark.org/review/15204
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoNote that we don't have to worry about too-large packets.
Guy Harris [Sat, 30 Apr 2016 23:11:08 +0000 (16:11 -0700)]
Note that we don't have to worry about too-large packets.

Change-Id: If72fb1ed64686348fa24b441cba8534fadc0e707
Reviewed-on: https://code.wireshark.org/review/15203
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoClean up packet length handling.
Guy Harris [Sat, 30 Apr 2016 18:30:07 +0000 (11:30 -0700)]
Clean up packet length handling.

Treat the packet length as unsigned - it shouldn't be negative in the
file.  If it is, that'll probably cause the sscanf to fail, so we'll
report the file as bad.

A normal packet should be Ethernet-sized; initially make the buffer big
enough for a maximum-sized Ethernet packet.

Once we know the payload length, check to make sure the packet length
won't be > WTAP_MAX_PACKET_SIZE and fail if it will.  Then boost the
buffer size to be large enough for the packet, even if it's bigger than
a maximum-sized Ethernet packet.

Change-Id: I75b2108dd68f5bc5cd436bf5b82990089a7116bf
Reviewed-on: https://code.wireshark.org/review/15200
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoqt: use NULL instead of Q_NULLPTR
Martin Kaiser [Sat, 30 Apr 2016 15:19:59 +0000 (17:19 +0200)]
qt: use NULL instead of Q_NULLPTR

Q_NULLPTR is not defined in Qt4

Change-Id: I0dd5444c6c019b7e8f1a346d9e12432d9b306d8a
Reviewed-on: https://code.wireshark.org/review/15197
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
3 years agoHave daintree_sna_read_packet() do all the packet reading work.
Guy Harris [Sat, 30 Apr 2016 09:05:09 +0000 (02:05 -0700)]
Have daintree_sna_read_packet() do all the packet reading work.

Share more code between the read and seek-read routines.

Also note why that code doesn't have to check against
WTAP_MAX_PACKET_SIZE.

Change-Id: I09086fcd3c16883c2598fb0aeb172c66f480d315
Reviewed-on: https://code.wireshark.org/review/15193
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoIPv4: use calculated value for Header Length display filter
Pascal Quantin [Fri, 29 Apr 2016 14:25:03 +0000 (16:25 +0200)]
IPv4: use calculated value for Header Length display filter

Bug: 12387
Change-Id: I63370ea884b6fb75a0743fecc06af2e213700645
Reviewed-on: https://code.wireshark.org/review/15163
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoDon't bother checking for getaddrinfo(): we don't use it.
Jeff Morriss [Fri, 29 Apr 2016 15:34:17 +0000 (11:34 -0400)]
Don't bother checking for getaddrinfo(): we don't use it.

Since Ie5e670b769eb0674950f3679ef511047641c2873 we no longer support
synchronous name resolution.

Change-Id: Icc65bd665bd610d89f894549e77608cfb5ef4c53
Reviewed-on: https://code.wireshark.org/review/15165
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoNetflow: Updating the list of Ixia IxFlow fields
Deep Datta [Mon, 25 Apr 2016 16:50:09 +0000 (11:50 -0500)]
Netflow: Updating the list of Ixia IxFlow fields

Change-Id: I38c2b337bf276f6edc6b5d3f10e47ae81a1610b5
Reviewed-on: https://code.wireshark.org/review/15167
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoAdd TCP preference for Process information from IPFIX
Michael Mann [Thu, 28 Apr 2016 02:40:07 +0000 (22:40 -0400)]
Add TCP preference for Process information from IPFIX

The preference is disabled by default and saves a little
bit of memory for those that don't get process information
from IPFIX.

Change-Id: I4b6a106d156862a8d53bf2ad5ee88ea857637815
Reviewed-on: https://code.wireshark.org/review/15139
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoCheck for packets bigger than WTAP_MAX_PACKET_SIZE.
Guy Harris [Sat, 30 Apr 2016 02:35:10 +0000 (19:35 -0700)]
Check for packets bigger than WTAP_MAX_PACKET_SIZE.

Change-Id: Iaa4865393e711633312e44eaba4985c75668746a
Reviewed-on: https://code.wireshark.org/review/15190
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agodebian: Fix hardening-check during package build
Balint Reczey [Fri, 29 Apr 2016 08:27:28 +0000 (10:27 +0200)]
debian: Fix hardening-check during package build

Change-Id: I30465f1cd0b725e58f3445813e443521350900a2
Reviewed-on: https://code.wireshark.org/review/15160
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
3 years agoCheck for packets bigger than WTAP_MAX_PACKET_SIZE.
Guy Harris [Sat, 30 Apr 2016 02:10:01 +0000 (19:10 -0700)]
Check for packets bigger than WTAP_MAX_PACKET_SIZE.

Change-Id: Ia932f3e5aeaca7a566ea9f00ce1dca1a2071a1a4
Reviewed-on: https://code.wireshark.org/review/15187
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoNote some cases where we don't need to check the packet length.
Guy Harris [Sat, 30 Apr 2016 02:04:17 +0000 (19:04 -0700)]
Note some cases where we don't need to check the packet length.

These file formats have 16-bit packet lengths, so, even with some extra
metadata added, the packet data length will never be bigger than
WTAP_MAX_PACKET_SIZE.  (No, we won't ever reduce WTAP_MAX_PACKET_SIZE.)

Change-Id: I9e1b1d90971f91cc6e5d66d0aa93841445b2bc22
Reviewed-on: https://code.wireshark.org/review/15186
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoCheck for packets bigger than WTAP_MAX_PACKET_SIZE.
Guy Harris [Sat, 30 Apr 2016 01:59:44 +0000 (18:59 -0700)]
Check for packets bigger than WTAP_MAX_PACKET_SIZE.

Change-Id: If7cd6ae60b805121c3f54dcaa48d730b6cd9b648
Reviewed-on: https://code.wireshark.org/review/15183
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoCheck for packets bigger than WTAP_MAX_PACKET_SIZE.
Guy Harris [Sat, 30 Apr 2016 01:55:07 +0000 (18:55 -0700)]
Check for packets bigger than WTAP_MAX_PACKET_SIZE.

And note the cases where we don't have to check, as the length in the
file is 2 bytes long, and 65535 + the metadata length is <
WTAP_MAX_PACKET_SIZE.

Change-Id: I1e690eeee900b9aa7484dc0bd0c106dc38c77269
Reviewed-on: https://code.wireshark.org/review/15180
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoUse WTAP_MAX_PACKET_SIZE as the maximum packet length.
Guy Harris [Sat, 30 Apr 2016 01:47:49 +0000 (18:47 -0700)]
Use WTAP_MAX_PACKET_SIZE as the maximum packet length.

And use the actual packet length, rather than a fixed value, as the
buffer size we need for the packet.

Change-Id: I3af6724210a85b50610839d1bdf97fcf5a152b2f
Reviewed-on: https://code.wireshark.org/review/15179
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoFix packet length handling.
Guy Harris [Sat, 30 Apr 2016 00:08:11 +0000 (17:08 -0700)]
Fix packet length handling.

Treat the packet length as unsigned - it shouldn't be negative in the
file.  If it is, that'll probably cause the sscanf to fail, so we'll
report the file as bad.

Check it against WTAP_MAX_PACKET_SIZE to make sure we don't try to
allocate a huge amount of memory, just as we do in other file readers.

Use the now-validated packet size as the length in
ws_buffer_assure_space(), so we are certain to have enough space, and
don't allocate too much space.

Merge the header and packet data parsing routines while we're at it.

Bug: 12396
Change-Id: I7f981f9cdcbea7ecdeb88bfff2f12d875de2244f
Reviewed-on: https://code.wireshark.org/review/15176
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoQt: Make sure we pass along a resizeEvent.
Gerald Combs [Fri, 29 Apr 2016 21:33:44 +0000 (14:33 -0700)]
Qt: Make sure we pass along a resizeEvent.

Change-Id: I6bf07058b0a5b53fe862f4ca414602c658cf50dd
Reviewed-on: https://code.wireshark.org/review/15168
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoFix packet length handling.
Guy Harris [Fri, 29 Apr 2016 22:46:58 +0000 (15:46 -0700)]
Fix packet length handling.

Treat the packet length as unsigned - it shouldn't be negative in the
file.  If it is, that'll probably cause the sscanf to fail, so we'll
report the file as bad.

Check it against WTAP_MAX_PACKET_SIZE to make sure we don't try to
allocate a huge amount of memory, just as we do in other file readers.

Use the now-validated packet size as the length in
ws_buffer_assure_space(), so we are certain to have enough space, and
don't allocate too much space.

Merge the header and packet data parsing routines while we're at it.

Bug: 12395
Change-Id: Ia70f33b71ff28451190fcf144c333fd1362646b2
Reviewed-on: https://code.wireshark.org/review/15172
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoQt: Add recent items to the OS X dock menu.
Gerald Combs [Fri, 29 Apr 2016 15:53:44 +0000 (08:53 -0700)]
Qt: Add recent items to the OS X dock menu.

Qt 5.2 added QMenu::setAsDockMenu. Use it to add recent items to the
Wireshark dock menu.

Add QWinJumpList code which does something similar. Comment it out
because it does it slowly and not-quite-correctly.

Change-Id: I801b1037b998516eacab695f982d7d6e889bafb6
Reviewed-on: https://code.wireshark.org/review/15166
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoFix packet length handling.
Guy Harris [Fri, 29 Apr 2016 22:19:49 +0000 (15:19 -0700)]
Fix packet length handling.

Treat the packet length as unsigned - it shouldn't be negative in the
file.  If it is, that'll probably cause the sscanf to fail, so we'll
report the file as bad.

Check it against WTAP_MAX_PACKET_SIZE to make sure we don't try to
allocate a huge amount of memory, just as we do in other file readers.

Use the now-validated packet size as the length in
ws_buffer_assure_space(), so we are certain to have enough space, and
don't allocate too much space.

Bug: 12394
Change-Id: Ifa023ce70f7a2697bf151009b035a6e6cf8d5d90
Reviewed-on: https://code.wireshark.org/review/15169
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years ago[Diameter AVPs] Add AVP 620 Redirect-Realm
AndersBroman [Fri, 29 Apr 2016 12:33:07 +0000 (14:33 +0200)]
[Diameter AVPs] Add AVP 620 Redirect-Realm

Bug 12381

Change-Id: I8ba1306661b4b2c30c865761e1c2a90b5e4140b0
Reviewed-on: https://code.wireshark.org/review/15162
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoANSI IS-637 A: fix display of reserved bits when using 7bits GSM encoding
Pascal Quantin [Thu, 28 Apr 2016 22:14:30 +0000 (00:14 +0200)]
ANSI IS-637 A: fix display of reserved bits when using 7bits GSM encoding

Change-Id: Ida59c339d174e8f9a3b8bf108374875d12c51b21
Reviewed-on: https://code.wireshark.org/review/15153
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
3 years agoSeparate out the members of tcp_flow_t structure that are only used for sequence...
Michael Mann [Thu, 28 Apr 2016 02:21:15 +0000 (22:21 -0400)]
Separate out the members of tcp_flow_t structure that are only used for sequence analysis.

That way they only need to be allocated if analysis is being done.

Inspired by https://www.wireshark.org/lists/wireshark-dev/201604/msg00218.html
Ping-Bug: 12367

Change-Id: I797e5b305133d85a2a89688109cc3a218d0a9e88
Reviewed-on: https://code.wireshark.org/review/15138
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoUpdate BPKM Auth Reply key length for DOCSIS 3.1
Philip Rosenberg-Watt [Thu, 28 Apr 2016 20:25:13 +0000 (14:25 -0600)]
Update BPKM Auth Reply key length for DOCSIS 3.1

Wireshark was failing to parse DOCSIS 3.1 BPKM Response (Auth Reply)
messages with a key length of 256 bytes, which is in the DOCSIS 3.1
specification located here:

http://www.cablelabs.com/specification/docsis-3-1-security-specification/

See Appendix I.4 "Authorization Reply"

Change-Id: Ic50eb4a2d637a7bc47385b7c0a96c830f7a920be
Reviewed-on: https://code.wireshark.org/review/15149
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agomake-version.pl: Preserve line endings.
Gerald Combs [Fri, 29 Apr 2016 00:55:46 +0000 (17:55 -0700)]
make-version.pl: Preserve line endings.

Make sure we replace a line using the same line endings.

Change-Id: I73b07a773bc39b05ba7a73b3c3c984a73c545a48
Reviewed-on: https://code.wireshark.org/review/15157
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoPrint version variables in make-version.pl
Gerald Combs [Thu, 28 Apr 2016 23:48:45 +0000 (16:48 -0700)]
Print version variables in make-version.pl

Print our various version variables when we set versions.

Change-Id: I9212369c17f3d2a040e83900945eb57670d4992d
Reviewed-on: https://code.wireshark.org/review/15156
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoWin32: Make sure we zero out PROCESS_INFORMATION.
Gerald Combs [Thu, 28 Apr 2016 19:39:56 +0000 (12:39 -0700)]
Win32: Make sure we zero out PROCESS_INFORMATION.

Make sure we zero our PROCESS_INFORMATION struct before passing it to
CreateProcess.

Change-Id: Ib42320965bb7b2d37a9fc106d78ace02153e48d2
Reviewed-on: https://code.wireshark.org/review/15154
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoWin32: Pass a mutable string to CreateProcess.
Gerald Combs [Thu, 28 Apr 2016 22:15:32 +0000 (15:15 -0700)]
Win32: Pass a mutable string to CreateProcess.

CreateProcess can modify its second (lpCommandLine) argument. Don't
pass it the output of utf_8to16.

Constify the return value of utf_8to16.

Change-Id: I0d4361396e90c88a4ab2a3f2f0e058230e897fdf
Reviewed-on: https://code.wireshark.org/review/15155
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoDon't mix g_malloc() and wmem_alloc().
Guy Harris [Thu, 28 Apr 2016 21:53:11 +0000 (14:53 -0700)]
Don't mix g_malloc() and wmem_alloc().

Always allocate sub_net_hashipv4 structures with wmem.

Bug: 12386
Change-Id: Ibc4f09c267a2e651d9120ef67d4d5b77635172d6
Reviewed-on: https://code.wireshark.org/review/15152
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoCleanups to issues found while investigating 12386.
Guy Harris [Thu, 28 Apr 2016 21:46:31 +0000 (14:46 -0700)]
Cleanups to issues found while investigating 12386.

Get rid of the printable-IP-address member of a sub_net_hashipv4; it's
not used.

Free hash buckets of those structures iteratively, not recursively.

Change-Id: I1ee8f46d3175a380e6a439fe71e7c06a0e939a3d
Reviewed-on: https://code.wireshark.org/review/15150
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoAdd support for ModbusRTU over UDP.
Michael Mann [Wed, 27 Apr 2016 00:11:46 +0000 (20:11 -0400)]
Add support for ModbusRTU over UDP.

Bug: 12374
Change-Id: I2df806c902b932d87e82f6f097f7acce814e5040
Reviewed-on: https://code.wireshark.org/review/15126
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoUse "system" for "use system language", and don't try to print a null string.
Guy Harris [Thu, 28 Apr 2016 19:33:28 +0000 (12:33 -0700)]
Use "system" for "use system language", and don't try to print a null string.

Add a #define USE_SYSTEM_LANGUAGE for the language string meaning "use
the system setting", and use that instead of hardcoding "system" in
various places.

If "language" is null, don't try to write it to the file with fprintf()
- on *most* systems, that prints "(null)", but on some systems, such as
Solaris, it *crashes*.  Write USE_SYSTEM_LANGUAGE instead.  Check for
"(null)" and treat it as meaning "use the system language".

Map "auto" to "use the system language" as well, for backwards
compatibility.

Change-Id: Iba9be540a5139e9cca8bddd0761ee4cbf0f79a49
Reviewed-on: https://code.wireshark.org/review/15147
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoQt: Refresh the display filter toolbar layout.
Gerald Combs [Thu, 28 Apr 2016 17:59:40 +0000 (10:59 -0700)]
Qt: Refresh the display filter toolbar layout.

Force the display filter toolbar to update its layout when we recreate
our filter buttons. This ensures that we draw the overflow icon in
the right place.

Change-Id: Ibfb34b77d565e8db15bb2576249e0e3016993083
Reviewed-on: https://code.wireshark.org/review/15145
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoRegister Wireshark as the reader of mplog files on freedesktop, OS X, and Windows.
Jeff Morriss [Tue, 19 Apr 2016 22:04:03 +0000 (18:04 -0400)]
Register Wireshark as the reader of mplog files on freedesktop, OS X, and Windows.

(Doing this for freedesktop.org-compliant systems requires adding a MIME type;
yes, I just made the application/x-micropross-mplog MIME type up.)

Change-Id: I11d8cc22571dd39984f8237d0ef995922bdfd15f
Reviewed-on: https://code.wireshark.org/review/15012
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoRemind wiretap developers where else they need to register their file types.
Jeff Morriss [Tue, 19 Apr 2016 21:45:29 +0000 (17:45 -0400)]
Remind wiretap developers where else they need to register their file types.

Chances are they want to include the file extension in wiretap's list of
file extensions (for the File->Open dialog) as well as the various files
needed for integration with the various desktop environments that
Wireshark supports.

(I should have put this advice there years ago when creating the
freedesktop.org mime-package file.)

Add a comment to the mime-package file explaining its purpose, giving
a link to the specification, and talking about MIME types and the registration
thereof.

Change-Id: I60540bf88062b7a90653888534405f6aef4f657c
Reviewed-on: https://code.wireshark.org/review/15011
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoAdd a rule to build lemon so any target that depends on it can (re)build it if necessary.
Jeff Morriss [Thu, 28 Apr 2016 14:48:13 +0000 (10:48 -0400)]
Add a rule to build lemon so any target that depends on it can (re)build it if necessary.

See, for example:

https://ask.wireshark.org/questions/52045/make-c-plugins-fails-looking-for-target-toolslemonlemonc

Also add another lemon dependency for MATE.

Change-Id: Ifc62e174fb6dc4247887607ad37a505b36d83134
Reviewed-on: https://code.wireshark.org/review/15143
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoQt: Refactor the packet list scroll bar.
Gerald Combs [Wed, 10 Feb 2016 00:38:43 +0000 (16:38 -0800)]
Qt: Refactor the packet list scroll bar.

Split OverlayScrollBar into parent and child scroll bar widgets. This
gives us two packet list scroll bars: a packet map, which draws and
operates on nearby packets and a normal scroll bar.

The packet map is drawn to the left of the child scroll bar. This gives
us more room to draw and doesn't obscure the scroll bar itself (which is
a problem on newer versions of Windows). When the user clicks on a
portion of the map, scroll to that part of the packet list.

Draw marked packet ticks over the normal scroll bar. Marked & ignored
are on the left, time references are on the right.

To do:

- Borrow more from packet fence and graph something (packet size? time
  delta?)

Change-Id: Ie952fcbd98fd0e047200f2279cb63227feabf5b1
Reviewed-on: https://code.wireshark.org/review/15046
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoQt: Display filter toolbar behavior tweaks.
Gerald Combs [Wed, 27 Apr 2016 23:53:03 +0000 (16:53 -0700)]
Qt: Display filter toolbar behavior tweaks.

By default GtkToolbar shows overflow items in a menu. QToolBar shows
them in a bigger toolbar. This is a problem for users with lots of
display filter expressions because expanding the display filter toolbar
can make it very tall.

QToolBar can optionally overflow into a menu, but as noted in
https://bugreports.qt.io/browse/QTBUG-2472 there isn't a way do so
directly, e.g. with a setter. Force an overflow menu in the display
filter toolbar by adding a child QToolBar and adding filter expression
actions to it.

While we're here, set the minimum width of the display filter edit to
two-thirds of the width of the main window.

Change-Id: I49cd58397e087f1aa79b5bbce471f827e9804148
Reviewed-on: https://code.wireshark.org/review/15134
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agouat_dialog (Qt): uat_ can't be NULL here, no need to check it. (CID 1358793)
Jeff Morriss [Thu, 28 Apr 2016 12:32:37 +0000 (08:32 -0400)]
uat_dialog (Qt): uat_ can't be NULL here, no need to check it. (CID 1358793)

Change-Id: I58d402b95a029066abd41438d652a5c805ca166d
Reviewed-on: https://code.wireshark.org/review/15140
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years ago[NAS EPS] Displat Tracking area code(TAC) as decimal.
AndersBroman [Thu, 28 Apr 2016 13:06:04 +0000 (15:06 +0200)]
[NAS EPS] Displat Tracking area code(TAC) as decimal.

Change-Id: I8698a14e68d800e697f246b67856fd363fee52e3
Reviewed-on: https://code.wireshark.org/review/15142
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoExecute svn info in the sourcedir
AndersBroman [Thu, 28 Apr 2016 12:59:41 +0000 (14:59 +0200)]
Execute svn info in the sourcedir

Change-Id: I6b77c919e92af83c48bf02c49d865523f0a97d83
Reviewed-on: https://code.wireshark.org/review/15141
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoRevert "Windows: Wait for dumpcap to initialize."
Gerald Combs [Thu, 28 Apr 2016 00:12:20 +0000 (00:12 +0000)]
Revert "Windows: Wait for dumpcap to initialize."

This didn't fix the test failures.

This reverts commit e5f4c5c8a80e2f5970b8c1d4fdfc29ab851f0e6f.

Change-Id: I0cff5eff88d2b49806797cef83338dbbace42a4c
Reviewed-on: https://code.wireshark.org/review/15135
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoWindows: Wait for dumpcap to initialize.
Gerald Combs [Wed, 27 Apr 2016 19:14:11 +0000 (12:14 -0700)]
Windows: Wait for dumpcap to initialize.

As the MSDN documentation says, "CreateProcess returns without waiting
for the new process to finish its initialization." Add an SP_INIT sync
pipe indicator on Windows and use it in dumpcap to signal to its parent
that it has started up.

Change-Id: I88a4c158871dbe2dd6eba13434e92c5d4b1c2e4b
Reviewed-on: https://code.wireshark.org/review/15132
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoFix "Follow TCP stream" when TCP desegmentation is disabled.
Jeff Morriss [Wed, 27 Apr 2016 19:46:25 +0000 (15:46 -0400)]
Fix "Follow TCP stream" when TCP desegmentation is disabled.

Bug: 12382
Change-Id: I52a4c78cd0d901b8c28106bf33627a3f956b5e48
Reviewed-on: https://code.wireshark.org/review/15133
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoconfigure.ac: Fix rpm check
João Valverde [Wed, 27 Apr 2016 07:57:35 +0000 (08:57 +0100)]
configure.ac: Fix rpm check

Some versions of rpmbuild fail this test. Use rpm instead.

Fixup for bbea6a1c9f58d7f87424e0df6f9821d8ef1d3b00.

Change-Id: I6068541d5944b08140ea7fc5efd13ad488dda1f3
Reviewed-on: https://code.wireshark.org/review/15131
Reviewed-by: João Valverde <j@v6e.pt>
3 years agoAdd expert info when Modbus/TCP packet can't be classified.
Michael Mann [Wed, 27 Apr 2016 00:36:25 +0000 (20:36 -0400)]
Add expert info when Modbus/TCP packet can't be classified.

The common case for this is using Decode As over the Modbus/TCP port preference.  Here the port preference is used to determine request/response because the protocol itself doesn't have any indications (so Decode As can't be helpful).  Looking into the packet itself can lead to too many false positives.

Bug: 10933
Change-Id: Ic6b4304f062f55ff273105edbb0d272c30e53506
Reviewed-on: https://code.wireshark.org/review/15127
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agomp2t: support forced tcp decoding
Dominic Chen [Tue, 26 Apr 2016 21:22:18 +0000 (17:22 -0400)]
mp2t: support forced tcp decoding

Change-Id: I82a2908f513bff2f6452abffeb818e1f943fc67c
Reviewed-on: https://code.wireshark.org/review/15124
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agomp2t: add frame limit to mp2t_find_next_pcr, and handle timeout correctly
Dominic Chen [Mon, 25 Apr 2016 22:12:00 +0000 (18:12 -0400)]
mp2t: add frame limit to mp2t_find_next_pcr, and handle timeout correctly

Change-Id: I02fab252bed3c4d0b134c2e61ea6f3338e21637b
Reviewed-on: https://code.wireshark.org/review/15114
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoOpenFlow: fix flow_monitor_request dissector
IWASE Yusuke [Tue, 26 Apr 2016 07:58:32 +0000 (16:58 +0900)]
OpenFlow: fix flow_monitor_request dissector

This patch fixes:
 - offset calculation
 - monitor_id field description

Change-Id: I9568b8897ca9ebbc6203db6640b88e1b1676448d
Reviewed-on: https://code.wireshark.org/review/15128
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoUSB Audio: Add feature Unit
Alexis La Goutte [Tue, 26 Apr 2016 06:08:51 +0000 (08:08 +0200)]
USB Audio: Add feature Unit

Change-Id: Id23d1c945df3c0b7392b5c807ef04c85309999de
Ping-Bug: 11858
Reviewed-on: https://code.wireshark.org/review/15118
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoTest: capture_step_stdin updates.
Gerald Combs [Tue, 26 Apr 2016 21:57:15 +0000 (14:57 -0700)]
Test: capture_step_stdin updates.

In capture_step_stdin, print information about our test capture if we
fail.

Change-Id: I046f9d22b1bb2d52d96926f50379ab51e6279eb3
Reviewed-on: https://code.wireshark.org/review/15125
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoTest: more suite-capture debugging.
Gerald Combs [Tue, 26 Apr 2016 20:52:19 +0000 (13:52 -0700)]
Test: more suite-capture debugging.

Change-Id: I94967aeabdf2786868c3f7fce9e95633332d4948
Reviewed-on: https://code.wireshark.org/review/15123
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoTest: Make capture_step_stdin more verbose.
Gerald Combs [Tue, 26 Apr 2016 19:22:12 +0000 (12:22 -0700)]
Test: Make capture_step_stdin more verbose.

Add some verbosity to the stdin capture test. Hopefully this will shed
some light on the Windows 8 builder failures.

Change-Id: Ife2bbbaeed7a1e4a7ddd1c1f86322ba25d154f4c
Reviewed-on: https://code.wireshark.org/review/15122
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoNSIS: Pass /install to vcredist_xNN.exe.
Gerald Combs [Tue, 26 Apr 2016 16:12:59 +0000 (09:12 -0700)]
NSIS: Pass /install to vcredist_xNN.exe.

Explicitly pass /install to the Visual C++ redistributable installer. A
few people have reported issues with missing or incorrect redistributable
files after installing Wireshark but unfortunately haven't provided
much in the way of further detail. Is it possible that the installer
sometimes goes into /repair, /layout, or /uninstall modes?

Remove checks for old, unsupported compilers while we're here.

Change-Id: I4e24dbe562c8aeb6ce63ec98ea1601cba5256806
Reviewed-on: https://code.wireshark.org/review/15120
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
3 years agoUpdate .mailmap (and regenerate AUTHORS)
Alexis La Goutte [Mon, 25 Apr 2016 07:47:41 +0000 (09:47 +0200)]
Update .mailmap (and regenerate AUTHORS)

Change-Id: Iae5c032e3d21a694845b89b285d61d45c6f8584f
Reviewed-on: https://code.wireshark.org/review/15105
Reviewed-by: Yang Luo <hsluoyz@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoRemove the dist tarball after making an RPM.
Jeff Morriss [Mon, 25 Apr 2016 17:40:07 +0000 (13:40 -0400)]
Remove the dist tarball after making an RPM.

A typo has prevented this from happening for a while.

Change-Id: I57f3ed1138d6caffa596f41e6257ecc0eb39a1a6
Reviewed-on: https://code.wireshark.org/review/15112
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoAvoid making dist tarball if rpmbuild is missing
João Valverde [Mon, 25 Apr 2016 17:57:00 +0000 (18:57 +0100)]
Avoid making dist tarball if rpmbuild is missing

Fail sooner rather than later.

Change-Id: If5740ee01d79f2eec87038cdbcb0725899735ff6
Reviewed-on: https://code.wireshark.org/review/15113
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoGet rid of duplicate code.
Guy Harris [Tue, 26 Apr 2016 00:41:49 +0000 (17:41 -0700)]
Get rid of duplicate code.

Use CHECK_FOR_NULL_TREE() while we're at it, to make it more like other
routines.

Change-Id: I2cbdf9f043583fd0c9858e94ae1134173a68c875
Reviewed-on: https://code.wireshark.org/review/15116
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoAlways call test_length(), even if the tree is null.
Guy Harris [Tue, 26 Apr 2016 00:32:57 +0000 (17:32 -0700)]
Always call test_length(), even if the tree is null.

Otherwise, we run the risk of getting caught in a loop that runs past
the end of the packet.

Shows up in, for example, the capture in bug 12370; if you read it with
tshark -V, it reports malformed packets, but if you try to read it with
tshark without -V, it spins.

Bug: 12370
Change-Id: Ic3e7be2ddbaaf52b58c4f73348a0f093979af1cc
Reviewed-on: https://code.wireshark.org/review/15115
Reviewed-by: Guy Harris <guy@alum.mit.edu>
3 years agoTreat JXTA URI address type like AT_STRINGZ.
Michael Mann [Sat, 23 Apr 2016 13:25:10 +0000 (09:25 -0400)]
Treat JXTA URI address type like AT_STRINGZ.
An "empty" address should still have a size of 1 for NULL string character.

Bug: 12354
Change-Id: I32e3217cba2802be90244f8579acacf524162e2a
Reviewed-on: https://code.wireshark.org/review/15070
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoUSB Audio: Add Input/Output Terminal
Alexis La Goutte [Thu, 21 Apr 2016 17:50:22 +0000 (19:50 +0200)]
USB Audio: Add Input/Output Terminal

Change-Id: Id71015673d8ad0d40afdf926a3610a7544f4e1b8
Ping-Bug:11858
Reviewed-on: https://code.wireshark.org/review/15045
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoAnother fix for RPM spec file version string
João Valverde [Mon, 25 Apr 2016 12:49:18 +0000 (13:49 +0100)]
Another fix for RPM spec file version string

Change-Id: I424640867173ccd5655b4cefb457d76f845e7966
Reviewed-on: https://code.wireshark.org/review/15111
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoJ1939 can have 0 bytes of "packet data" (i.e. just CAN ID), so use tvb_reported_lengt...
Michael Mann [Mon, 25 Apr 2016 15:39:06 +0000 (11:39 -0400)]
J1939 can have 0 bytes of "packet data" (i.e. just CAN ID), so use tvb_reported_length instead of -1.

Bug: 12366
Change-Id: Id702572b95c3500906ce12ee9658ded132611247
Reviewed-on: https://code.wireshark.org/review/15108
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoaddr_resolv: async_dns_queue_head HAVE_C_ARES missing
Uli Heilmeier [Mon, 25 Apr 2016 14:11:14 +0000 (16:11 +0200)]
addr_resolv: async_dns_queue_head HAVE_C_ARES missing

async_dns_queue_head is only defined when HAVE_C_ARES is available.
Therefore we should call it also only if HAVE_C_ARES is set.

Change-Id: Iceb27096c188bb1b70ca89ee7782ca8d0990294d
Reviewed-on: https://code.wireshark.org/review/15106
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
3 years agoJ1939 can legitimately have 0 data bytes so don't give the impression data is "missing".
Michael Mann [Mon, 25 Apr 2016 15:40:51 +0000 (11:40 -0400)]
J1939 can legitimately have 0 data bytes so don't give the impression data is "missing".

Change-Id: I285ba0d1aba3cbe230831ed41e7bcf8d6d9f74f3
Reviewed-on: https://code.wireshark.org/review/15109
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agoautotools: use AM_CONDITIONAL for rpm build rule
João Valverde [Sat, 23 Apr 2016 00:07:55 +0000 (01:07 +0100)]
autotools: use AM_CONDITIONAL for rpm build rule

Change-Id: Ia97966e28cf7d061694336fb00b9a0790f0d57bb
Reviewed-on: https://code.wireshark.org/review/15067
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
3 years agoQt: Speed up the Display Filter Expression dialog appearance.
Gerald Combs [Sun, 24 Apr 2016 21:18:44 +0000 (14:18 -0700)]
Qt: Speed up the Display Filter Expression dialog appearance.

Copy over and adapt SupportedProtocolsDialog::fillTree, which fills in
the protocol tree after the dialog is shown processes display events
while the tree is being built.

Change-Id: I25082fd94c511db6a94aaed1c463ba1c1e64855c
Reviewed-on: https://code.wireshark.org/review/15079
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
3 years agoFix nmake build after statically linking version code
Michael Mann [Sat, 23 Apr 2016 15:54:20 +0000 (11:54 -0400)]
Fix nmake build after statically linking version code

Change-Id: I86a01bdd778f2242aa534a687275a85a2f329c02
Reviewed-on: https://code.wireshark.org/review/15071
Reviewed-by: Michael Mann <mmann78@netscape.net>
3 years agogpef: fix 'pinfo' was marked unused but was used [-Werror,-Wused-but-marked-unused]
Alexis La Goutte [Tue, 19 Apr 2016 13:56:53 +0000 (15:56 +0200)]
gpef: fix 'pinfo' was marked unused but was used [-Werror,-Wused-but-marked-unused]

Change-Id: I6a302ce6dc18850e6ccc0995c60c4a010e46ad30
Reviewed-on: https://code.wireshark.org/review/15104
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agogmr1_bcch: fix 'tree' was marked unused but was used [-Werror,-Wused-but-marked-unused]
Alexis La Goutte [Tue, 19 Apr 2016 13:20:44 +0000 (15:20 +0200)]
gmr1_bcch: fix 'tree' was marked unused but was used [-Werror,-Wused-but-marked-unused]

Change-Id: I9a1950e3719927178221999c33f41920e1e4065a
Reviewed-on: https://code.wireshark.org/review/15103
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agogmhdr: fix 'pinfo' was marked unused but was used [-Werror,-Wused-but-marked-unused]
Alexis La Goutte [Tue, 19 Apr 2016 12:46:08 +0000 (14:46 +0200)]
gmhdr: fix 'pinfo' was marked unused but was used [-Werror,-Wused-but-marked-unused]

Change-Id: Ib86b2665ad8000b6c4a4ce69b3284a7f0e235115
Reviewed-on: https://code.wireshark.org/review/15102
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoglusterfs (hndsk): fix 'pinfo/data' was marked unused but was used [-Werror,-Wused...
Alexis La Goutte [Tue, 19 Apr 2016 12:44:39 +0000 (14:44 +0200)]
glusterfs (hndsk): fix 'pinfo/data' was marked unused but was used [-Werror,-Wused-but-marked-unused]

Change-Id: I5177c0bfdfb010a76ee2763030a32eafb9a6d1f2
Reviewed-on: https://code.wireshark.org/review/15101
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoglusterfs: fix 'pinfo/data' was marked unused but was used [-Werror,-Wused-but-marked...
Alexis La Goutte [Tue, 19 Apr 2016 12:31:11 +0000 (14:31 +0200)]
glusterfs: fix 'pinfo/data' was marked unused but was used [-Werror,-Wused-but-marked-unused]

Change-Id: I5694867029d5d40de6dbe5c617aee70ac62d7139
Reviewed-on: https://code.wireshark.org/review/15100
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agoglusterd: fix 'data' was marked unused but was used [-Werror,-Wused-but-marked-unused]
Alexis La Goutte [Tue, 19 Apr 2016 12:21:04 +0000 (14:21 +0200)]
glusterd: fix 'data' was marked unused but was used [-Werror,-Wused-but-marked-unused]

Change-Id: Id3aa0972503ffcd238148ab0283ec4ea1a0a478c
Reviewed-on: https://code.wireshark.org/review/15099
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agogluster_pmap: fix 'data' was marked unused but was used [-Werror,-Wused-but-marked...
Alexis La Goutte [Tue, 19 Apr 2016 12:08:48 +0000 (14:08 +0200)]
gluster_pmap: fix 'data' was marked unused but was used [-Werror,-Wused-but-marked-unused]

Change-Id: Idaa9515c8b9a74de3fdeba5cb2dbda195adbe3bf
Reviewed-on: https://code.wireshark.org/review/15098
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agogluster_cli: fix 'data' was marked unused but was used [-Werror,-Wused-but-marked...
Alexis La Goutte [Tue, 19 Apr 2016 12:06:17 +0000 (14:06 +0200)]
gluster_cli: fix 'data' was marked unused but was used [-Werror,-Wused-but-marked-unused]

Change-Id: I969403ac48dbec1ad765e799fcf0cb5b76cd83c7
Reviewed-on: https://code.wireshark.org/review/15097
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agogdsdb: fix 'tvb/pinfo' was marked unused but was used [-Werror,-Wused-but-marked...
Alexis La Goutte [Tue, 19 Apr 2016 12:04:40 +0000 (14:04 +0200)]
gdsdb: fix 'tvb/pinfo' was marked unused but was used [-Werror,-Wused-but-marked-unused]

Change-Id: I53e99b2fc2a0549984d39a9f1fb1de610d4e645c
Reviewed-on: https://code.wireshark.org/review/15096
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agogdb: fix 'pinfo' was marked unused but was used [-Werror,-Wused-but-marked-unused]
Alexis La Goutte [Tue, 19 Apr 2016 12:03:48 +0000 (14:03 +0200)]
gdb: fix 'pinfo' was marked unused but was used [-Werror,-Wused-but-marked-unused]

Change-Id: I8d990808fcfa29494e392721185e987709340c30
Reviewed-on: https://code.wireshark.org/review/15095
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agogadu-gadu: fix 'tvb/tree' was marked unused but was used [-Werror,-Wused-but-marked...
Alexis La Goutte [Tue, 19 Apr 2016 12:03:20 +0000 (14:03 +0200)]
gadu-gadu: fix 'tvb/tree' was marked unused but was used [-Werror,-Wused-but-marked-unused]

Change-Id: I0f7a4f06b5274f00d0f2ff4a0002fb694a6e3e9b
Reviewed-on: https://code.wireshark.org/review/15094
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agofr: fix 'pseudo_header' was marked unused but was used [-Werror,-Wused-but-marked...
Alexis La Goutte [Tue, 19 Apr 2016 11:43:25 +0000 (13:43 +0200)]
fr: fix 'pseudo_header' was marked unused but was used [-Werror,-Wused-but-marked-unused]

Change-Id: I06ceb2d54d1c3dfeaf3f5e80980687e5f68bc4bc
Reviewed-on: https://code.wireshark.org/review/15093
Reviewed-by: Anders Broman <a.broman58@gmail.com>
3 years agofp (hint): fix 'pinfo' was marked unused but was used [-Werror,-Wused-but-marked...
Alexis La Goutte [Tue, 19 Apr 2016 10:22:15 +0000 (12:22 +0200)]
fp (hint): fix 'pinfo' was marked unused but was used [-Werror,-Wused-but-marked-unused]

Change-Id: I68a8a79ab27a6469512d4a3f26695a37ad307b11
Reviewed-on: https://code.wireshark.org/review/15092
Reviewed-by: Anders Broman <a.broman58@gmail.com>