8 years agoReflect the move of dftest.c back to the top-level directory.
guy [Sun, 19 Feb 2012 08:59:17 +0000 (08:59 +0000)]
Reflect the move of dftest.c back to the top-level directory.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41065 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoMove dftest.c back to the top-level directory; that way, all of the
guy [Sun, 19 Feb 2012 05:57:14 +0000 (05:57 +0000)]
Move dftest.c back to the top-level directory; that way, all of the
stuff in ui/cli can be stuffed into a libcliui library to link with
TShark, and all of the source files containing main() (except for
Wireshark) are in the top-level directory (dftest isn't any more special
than TShark or capinfos or mergecap or editcap or...).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41064 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoui/gtk/main.c calls get_conn_cfilter(), which is defined in ui/util.c,
guy [Sun, 19 Feb 2012 00:19:35 +0000 (00:19 +0000)]
ui/gtk/main.c calls get_conn_cfilter(), which is defined in ui/util.c,
so we need to link libui *after* libgtkui.  (It worked on Mac OS X, but
the OS X linker might do things differently from the GNU linker.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41063 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoWe renamed "libui_win32.lib" to "libgtkui_win32.lib" elsewhere; fix it
guy [Sun, 19 Feb 2012 00:13:33 +0000 (00:13 +0000)]
We renamed "libui_win32.lib" to "libgtkui_win32.lib" elsewhere; fix it

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41062 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoCreate a libui (static) library in the ui directory, which contains the
guy [Sat, 18 Feb 2012 23:55:41 +0000 (23:55 +0000)]
Create a libui (static) library in the ui directory, which contains the
object files from all the source files in the ui directory (but not in
its subdirectories), and link the programs that need it with them.

This cleans things up a little bit, and may also fix the Windows build.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41061 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoUpdate.
guy [Sat, 18 Feb 2012 20:25:15 +0000 (20:25 +0000)]

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41060 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoRename the (static) library built from stuff in ui/gtk to "libgtkui" in
guy [Sat, 18 Feb 2012 20:24:54 +0000 (20:24 +0000)]
Rename the (static) library built from stuff in ui/gtk to "libgtkui" in
automake/autoconf and nmake builds, to match the name in CMake builds.

(Forgot Makefile.nmake.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41059 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoRename the (static) library built from stuff in ui/gtk to "libgtkui" in
guy [Sat, 18 Feb 2012 20:21:30 +0000 (20:21 +0000)]
Rename the (static) library built from stuff in ui/gtk to "libgtkui" in
automake/autoconf and nmake builds, to match the name in CMake builds.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41058 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoReplace the old very simple (line based) RSH dissector with a slightly
sfisher [Fri, 17 Feb 2012 18:28:07 +0000 (18:28 +0000)]
Replace the old very simple (line based) RSH dissector with a slightly
modified version of the EXEC since the protocols are nearly identical.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41056 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix a typo that broke compilation on all platforms
jmayer [Fri, 17 Feb 2012 18:23:48 +0000 (18:23 +0000)]
Fix a typo that broke compilation on all platforms

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41055 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix an old copy and paste mistake in a C comment.
sfisher [Fri, 17 Feb 2012 18:20:28 +0000 (18:20 +0000)]
Fix an old copy and paste mistake in a C comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41054 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoMove exec_isdigit_string() and exec_isprint_string() functions out of
sfisher [Fri, 17 Feb 2012 17:22:12 +0000 (17:22 +0000)]
Move exec_isdigit_string() and exec_isprint_string() functions out of
the exec dissector and into wsutil/str_util.c.  Rename them to
isdigit_string() and isprint_string().  Also rename the variables they use
for consistency: string -> str and position -> pos.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41053 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoTrying to fix the compile of ui/util.c on Windows by moving the
jmayer [Fri, 17 Feb 2012 16:59:14 +0000 (16:59 +0000)]
Trying to fix the compile of ui/util.c on Windows by moving the
source file directly into the sources variable - there seems to
be a subtle difference between ui/util.c and epan/crypt/md5.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41052 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix tooltips (There is a hidden column).
tuexen [Fri, 17 Feb 2012 16:48:55 +0000 (16:48 +0000)]
Fix tooltips (There is a hidden column).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41051 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Anders: fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6839 :
morriss [Fri, 17 Feb 2012 15:38:36 +0000 (15:38 +0000)]
From Anders: fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6839 :

A patch to set for PayloadType = 1 for Connectionless-Information

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41050 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Fri, 17 Feb 2012 13:33:53 +0000 (13:33 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41049 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoinclude "../util.h" -> include "ui/util.h"
jmayer [Fri, 17 Feb 2012 12:46:50 +0000 (12:46 +0000)]
include "../util.h" -> include "ui/util.h"

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41048 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoStart moving files to ui/ and ui/cli/
jmayer [Fri, 17 Feb 2012 12:30:27 +0000 (12:30 +0000)]
Start moving files to ui/ and ui/cli/

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41047 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agotime_t and nstime.nsecs are both signed so don't cast them to unsigned to display...
morriss [Fri, 17 Feb 2012 03:17:34 +0000 (03:17 +0000)]
time_t and nstime.nsecs are both signed so don't cast them to unsigned to display them.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41046 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix part of https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6703 :
morriss [Fri, 17 Feb 2012 03:02:32 +0000 (03:02 +0000)]
Fix part of https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6703 :

r35887 added ntp_to_nstime() to packet-ntp since a couple of dissectors had
their own versions.  The version used was from packet-netflow; switch to the
version from packet-zep because that one's math works better: the fractional
time is actually shown.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41045 f5534014-38df-0310-8fa8-9805f1628bb7

8 years ago(Re)fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6712 :
morriss [Fri, 17 Feb 2012 02:53:02 +0000 (02:53 +0000)]
(Re)fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6712 :

The change made in r40742 turned out to not be portable (FreeBSD doesn't have
the timezone global variable), so use another method to determine the current

Also fix a bug introduced by r40742's change to display this timestamp in UTC:
if the reported (by the message) time zone has a negative offset to UTC, shift
it forward (not backward) to get UTC (and the opposite for positive offsets).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41044 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoUse tce correct IE id
etxrab [Thu, 16 Feb 2012 20:23:16 +0000 (20:23 +0000)]
Use tce correct IE id

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41043 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix from Irene Ruengeler: Show correct details in the interface dialog on
tuexen [Thu, 16 Feb 2012 20:22:34 +0000 (20:22 +0000)]
Fix from Irene Ruengeler: Show correct details in the interface dialog on

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41042 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoWith the WTAP_ERR_UNSUPPORTED error, Wiretap supplies a string giving
guy [Thu, 16 Feb 2012 18:58:40 +0000 (18:58 +0000)]
With the WTAP_ERR_UNSUPPORTED error, Wiretap supplies a string giving
the details of what in particular is unsupported; report it in TShark
and Wireshark.


Handle WTAP_ERR_COMPRESSION_NOT_SUPPORTED in TShark, and have its error
message in Wireshark not speak of gzip, in case we support compressed
output in other formats in the future.

If we see a second section header block in a pcap-NG file, don't report
it as "the file is corrupted", report it as "the file uses a feature we
don't support", as that's the case - and don't free up the interface
data array, as the file remains open, and Wireshark might still try to
access the packets we were able to read.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41041 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAs suggested on the -dev list today, add Wireshark_package.pmdoc to the source
morriss [Thu, 16 Feb 2012 16:31:09 +0000 (16:31 +0000)]
As suggested on the -dev list today, add Wireshark_package.pmdoc to the source

To do this, however, requires renaming that directory because automake can't
handle files with spaces in their names.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41040 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoRegister the p772 dissector.
stig [Thu, 16 Feb 2012 09:18:33 +0000 (09:18 +0000)]
Register the p772 dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41039 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoLet part of the patch speak for itself:
jmayer [Thu, 16 Feb 2012 08:31:19 +0000 (08:31 +0000)]
Let part of the patch speak for itself:

     { &hf_ieee80211_addr,
-      {"Source or Destination address", "wlan.addr", FT_ETHER, BASE_NONE, NULL, 0,
-       "Source or Destination Hardware Address", HFILL }},
+      {"Hardware address", "wlan.addr", FT_ETHER, BASE_NONE, NULL, 0,
+       "SA, DA, BSSID, RA or TA Hardware Address", HFILL }},

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41038 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Naoyoshi Ueda:
etxrab [Thu, 16 Feb 2012 05:21:09 +0000 (05:21 +0000)]
From Naoyoshi Ueda:
Patch to fix DTLS decryption.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41036 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix the rest of of https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6764 :
morriss [Thu, 16 Feb 2012 03:00:52 +0000 (03:00 +0000)]
Fix the rest of of https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6764 :

The Lua API does not have FT_*, it has ftypes.*, so use that in the
documentation.  Also, list out each ft so the user knows what the available
options are.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41035 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAgain, turn off the debug logging; it messes up the fuzz-testing bot.
guy [Thu, 16 Feb 2012 02:06:48 +0000 (02:06 +0000)]
Again, turn off the debug logging; it messes up the fuzz-testing bot.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41034 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Pascal Quantin:
etxrab [Wed, 15 Feb 2012 22:56:20 +0000 (22:56 +0000)]
From Pascal Quantin:
[NAS EPS] PDN Connectivity Request message dissection fixes.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41033 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoMake it possible to get inforamtion from the read SHB to the one to write out.
etxrab [Wed, 15 Feb 2012 19:44:16 +0000 (19:44 +0000)]
Make it possible to get inforamtion from the read SHB to the one to write out.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41032 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Andy Karch:
etxrab [Wed, 15 Feb 2012 06:01:01 +0000 (06:01 +0000)]
From Andy Karch:
Enhance L2TP filters to include assigned IDs.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41031 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoTYPE_PAD records can have zero bytes of payload; don't treat them as
guy [Tue, 14 Feb 2012 22:31:33 +0000 (22:31 +0000)]
TYPE_PAD records can have zero bytes of payload; don't treat them as

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41030 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom David Wei:
etxrab [Tue, 14 Feb 2012 20:23:02 +0000 (20:23 +0000)]
From David Wei:
Fix handling of piggybacked messages.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41029 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAs Guy suggested in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6765 :
morriss [Tue, 14 Feb 2012 20:06:48 +0000 (20:06 +0000)]
As Guy suggested in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6765 :

Since his r41025 change to the HTTP dissector fixes the problem reported in
the subject bug, revert r41018 (whose check-in comment, BTW, should have
referenced this bug instead of 6817).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41028 f5534014-38df-0310-8fa8-9805f1628bb7

8 years ago- dissect_vendor_ie_atheros:
jmayer [Tue, 14 Feb 2012 18:34:59 +0000 (18:34 +0000)]
- dissect_vendor_ie_atheros:
  Remove tag_len parameter - it was redundant.
  The length passed no longer contains the vendor id.
- add_tagged_field / TAG_VENDOR_SPECIFIC_IE:
  Reorder so that the ieee "standard" vendor ids come fist,
  after that the really vendor specific stuff.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41027 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Anders: Add support for options in the SHB.
tuexen [Tue, 14 Feb 2012 17:07:52 +0000 (17:07 +0000)]
From Anders: Add support for options in the SHB.
From me: Some whitespace changes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41026 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoTo quote section "7.2.1 Type" of RFC 2068, "Hypertext Transfer Protocol
guy [Tue, 14 Feb 2012 06:00:14 +0000 (06:00 +0000)]
To quote section "7.2.1 Type" of RFC 2068, "Hypertext Transfer Protocol
-- HTTP/1.1":

   Any HTTP/1.1 message containing an entity-body SHOULD include a
   Content-Type header field defining the media type of that body. If
   and only if the media type is not given by a Content-Type field, the
   recipient MAY attempt to guess the media type via inspection of its
   content and/or the name extension(s) of the URL used to identify the
   resource. If the media type remains unknown, the recipient SHOULD
   treat it as type "application/octet-stream".

To quote section "4. Encoding of Transport Layer" of RFC 2565, "Internet
Printing Protocol/1.0: Encoding and Transport":

   HTTP/1.1 [RFC2068] is the transport layer for this protocol.


   Note: even though port 631 is the IPP default, port 80 remains the
   default for an HTTP URI.  Thus a URI for a printer using port 631
   MUST contain an explicit port, e.g. "http://forest:631/pinetree".  An
   HTTP URI for IPP with no explicit port implicitly reference port 80,
   which is consistent with the rules for HTTP/1.1. Each HTTP operation
   MUST use the POST method where the request-URI is the object target
   of the operation, and where the "Content-Type" of the message-body in
   each request and response MUST be "application/ipp". The message-body
   MUST contain the operation layer and MUST have the syntax described
   in section 3.2 "Syntax of Encoding". A client implementation MUST
   adhere to the rules for a client described for HTTP1.1 [RFC2068]. A
   printer (server) implementation MUST adhere the rules for an origin
   server described for HTTP1.1 [RFC2068].

So, when choosing a subdissector for HTTP request bodies, search based
on the media type first, and only if we *don't* find a dissector for the
media type, do other stuff such as heuristics or choosing a subdissector
based on the port number.

This fixes a number of problems; in particular, it fixes bug 6765
"non-IPP packets to or from port 631 are dissected as IPP" without
requiring the IPP dissector to attempt to determine whether an entity
body looks like IPP.  It also ensures that the default dissector for
HTTP entity bodies, the "media" dissector, will get the media type
passed to it in pinfo->match_string.

Don't use "!str*cmp()" while we're at it - it's valid C, but the "!" can
make it look as if it's checking for something not being the case when,
in fact, you're checking for equality rather than inequality.  (The
str*cmp() routines don't return Boolean results.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41025 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix part of https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6764 :
morriss [Tue, 14 Feb 2012 03:37:19 +0000 (03:37 +0000)]
Fix part of https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6764 :

The Lua API does not have BASE_*, it has base.*, so use that.  Also, list out
each base so the user knows what the available options are.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41024 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAs suggested in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6763 :
morriss [Tue, 14 Feb 2012 03:24:19 +0000 (03:24 +0000)]
As suggested in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6763 :

Give an example of a Pref.range's default value.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41023 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoThis dissector calls process_reassembled_data() so there's no need for it to
morriss [Tue, 14 Feb 2012 02:57:48 +0000 (02:57 +0000)]
This dissector calls process_reassembled_data() so there's no need for it to
manually insert the fragment data to the tree (by calling show_fragment_tree());
doing both just means the fragments get added to the tree twice.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41022 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoThere's no need to get the parent of an item we're passing into
morriss [Tue, 14 Feb 2012 02:43:58 +0000 (02:43 +0000)]
There's no need to get the parent of an item we're passing into
proto_tree_move_item(): that function will expects the item, not its parent.

This avoids dissector bugs such as the one reported in
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6768 :

** (process:745): WARNING **: Dissector bug, protocol RTP, in packet 82:
proto.c:4273: failed assertion "fixed_item->parent == tree"

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41021 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Pascal Quantin:
etxrab [Mon, 13 Feb 2012 22:46:12 +0000 (22:46 +0000)]
From Pascal Quantin:
fixes for dissection of Traffic Flow Template IE.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41020 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoHandle piggybacked messages.
etxrab [Mon, 13 Feb 2012 22:22:29 +0000 (22:22 +0000)]
Handle piggybacked messages.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41019 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6817 :
morriss [Mon, 13 Feb 2012 20:56:40 +0000 (20:56 +0000)]
Fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6817 :

Make the IPP dissector a 'new-style' dissector that does not accept packets
which are clearly not IPP.

This is useful when a user points their web browser at a CUPS server--which
causes the CUPS server to spit out a nice looking web page from which you can
administer the server and/or printers but which up until this fix caused the
IPP dissector to mark the packet as malformed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41018 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Sean Bright:
etxrab [Mon, 13 Feb 2012 18:58:14 +0000 (18:58 +0000)]
From Sean Bright:
Wireshark crashes after editing interface settings from capture options dialog.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41017 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoMark an unused parameter.
etxrab [Mon, 13 Feb 2012 18:50:31 +0000 (18:50 +0000)]
Mark an unused parameter.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41016 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoWhite space changes.
etxrab [Mon, 13 Feb 2012 17:34:56 +0000 (17:34 +0000)]
White space changes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41015 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoDrop count is 64 bits
etxrab [Mon, 13 Feb 2012 17:34:15 +0000 (17:34 +0000)]
Drop count is 64 bits

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41014 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoEdit packet comments
etxrab [Mon, 13 Feb 2012 17:33:05 +0000 (17:33 +0000)]
Edit packet comments

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41013 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoDrop count is 64 bits
etxrab [Mon, 13 Feb 2012 17:31:54 +0000 (17:31 +0000)]
Drop count is 64 bits

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41012 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoStart itemizing.
jmayer [Mon, 13 Feb 2012 09:13:37 +0000 (09:13 +0000)]
Start itemizing.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41011 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoIn a loop of the form
guy [Mon, 13 Feb 2012 05:35:20 +0000 (05:35 +0000)]
In a loop of the form

for (i = 1; i <= N; i++)

the type of "i" must have, as its maximum value, a value >= the maximum
value of N; otherwise, if N is equal to the maximum value that fits in
"i", the loop willnever terminate.  (If that requires "i" to be larger
than you'd like, do the loop as

for (i = 0; i < N; i++)

which doesn't have that problem.)

Clean up the "i = 1" clause's white space in those for loops.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41010 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoIf WIRESHARK_ABORT_ON_DISSECTOR_BUG is set (in the environment) and we put more
morriss [Mon, 13 Feb 2012 03:14:46 +0000 (03:14 +0000)]
If WIRESHARK_ABORT_ON_DISSECTOR_BUG is set (in the environment) and we put more
than MAX_TREE_ITEMS in the tree, abort() out rather than throwing an exception.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41009 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix the crash reported in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6804
morriss [Mon, 13 Feb 2012 03:03:03 +0000 (03:03 +0000)]
Fix the crash reported in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6804

For WTAP_ENCAP_ERF files if we find an Extension and/or Multi-Channel header,
ensure that the size of the full pseudoheader is smaller than the packet size
to avoid an underflow and subsequent attempt to allocate a rather large amount
of memory.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41008 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoDo not assume tab stops are set every 4 spaces.
guy [Sun, 12 Feb 2012 23:50:13 +0000 (23:50 +0000)]
Do not assume tab stops are set every 4 spaces.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41007 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd edit_packet_comment_dlg.h to the source distribution
morriss [Sun, 12 Feb 2012 23:17:01 +0000 (23:17 +0000)]
Add edit_packet_comment_dlg.h to the source distribution

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41006 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoCapitalize the "P" in "Packet" in "Add or Edit Packet Comment". Add
guy [Sun, 12 Feb 2012 23:09:14 +0000 (23:09 +0000)]
Capitalize the "P" in "Packet" in "Add or Edit Packet Comment".  Add
"..." after it, as it pops up a dialog box to let you actually type in a

Add "Add or Edit Packet Comment" to the menubar's Edit menu.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41005 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix debug output.
tuexen [Sun, 12 Feb 2012 21:56:00 +0000 (21:56 +0000)]
Fix debug output.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41004 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd a button row.
etxrab [Sun, 12 Feb 2012 21:15:11 +0000 (21:15 +0000)]
Add a button row.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41003 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoClose parentheses in expert info.
guy [Sun, 12 Feb 2012 20:44:51 +0000 (20:44 +0000)]
Close parentheses in expert info.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41002 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoDon't trust the pointer value in a packet; it could be invalid, and this
guy [Sun, 12 Feb 2012 20:03:37 +0000 (20:03 +0000)]
Don't trust the pointer value in a packet; it could be invalid, and this
could cause an unsigned length value to be reduced by more than its
value, turning it into a very large value.

I couldn't exactly reproduce bug 6833, but it was due to an attempt to
allocate 4294967110 bytes, and this bug caused remaining_len to equal
4294967110, and it would try to create a reassembled packet tvbuff of
that size, so I'm guessing this fixes 6833.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41001 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Sun, 12 Feb 2012 19:30:57 +0000 (19:30 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41000 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Sun, 12 Feb 2012 19:26:53 +0000 (19:26 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40999 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Sun, 12 Feb 2012 19:24:38 +0000 (19:24 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40998 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Sun, 12 Feb 2012 18:06:37 +0000 (18:06 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40997 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Sun, 12 Feb 2012 18:05:50 +0000 (18:05 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40996 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Sun, 12 Feb 2012 18:05:22 +0000 (18:05 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40995 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Sun, 12 Feb 2012 18:05:02 +0000 (18:05 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40994 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Sun, 12 Feb 2012 18:04:26 +0000 (18:04 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40993 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Sun, 12 Feb 2012 18:03:17 +0000 (18:03 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40992 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Sun, 12 Feb 2012 18:02:58 +0000 (18:02 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40991 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Sun, 12 Feb 2012 18:02:39 +0000 (18:02 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40990 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Sun, 12 Feb 2012 17:47:11 +0000 (17:47 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40989 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
alagoutte [Sun, 12 Feb 2012 17:46:57 +0000 (17:46 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40988 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoEnhance BGP Notification message
alagoutte [Sun, 12 Feb 2012 17:41:57 +0000 (17:41 +0000)]
Enhance BGP Notification message
* Make field filterable (3 proto_tree_add_text less ! but there are still 147 proto_tree_add_text...)
* Remove bgp_notify struct
* Use expert info to display a unknown error type

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40987 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoGet it compiling.
tuexen [Sun, 12 Feb 2012 16:38:47 +0000 (16:38 +0000)]
Get it compiling.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40986 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoGet the comment and put it in the textview.
etxrab [Sun, 12 Feb 2012 16:18:25 +0000 (16:18 +0000)]
Get the comment and put it in the textview.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40985 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoTry to make the buildbot happy.
etxrab [Sun, 12 Feb 2012 15:48:57 +0000 (15:48 +0000)]
Try to make the buildbot happy.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40983 f5534014-38df-0310-8fa8-9805f1628bb7

8 years ago[Automatic manuf, services and enterprise-numbers update for 2012-02-12]
gerald [Sun, 12 Feb 2012 15:03:25 +0000 (15:03 +0000)]
[Automatic manuf, services and enterprise-numbers update for 2012-02-12]

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40981 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd the edit packet comment menu entry and the empty files
etxrab [Sun, 12 Feb 2012 14:56:06 +0000 (14:56 +0000)]
Add the edit packet comment menu entry and the empty files
to actually handel the menu to edit the comments.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40980 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Steve Magnani:
etxrab [Sun, 12 Feb 2012 07:18:05 +0000 (07:18 +0000)]
From Steve Magnani:
USB: add infrastructure for dissecting class-specific descriptors.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40979 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoUse the length-on-the-network, not the captured length, when deciding
guy [Sat, 11 Feb 2012 20:57:26 +0000 (20:57 +0000)]
Use the length-on-the-network, not the captured length, when deciding
how far to dissect.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40978 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoDon't bail out of a non-heuristic dissector routine just because there's
guy [Sat, 11 Feb 2012 20:37:54 +0000 (20:37 +0000)]
Don't bail out of a non-heuristic dissector routine just because there's
not enough captured data in the tvbuff.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40977 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoGet rid of checkapi warning about %hh.
guy [Sat, 11 Feb 2012 20:36:35 +0000 (20:36 +0000)]
Get rid of checkapi warning about %hh.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40976 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agompeg_pat.cur_next_ind looks like a Boolean; make it one. That also
guy [Sat, 11 Feb 2012 20:35:03 +0000 (20:35 +0000)]
mpeg_pat.cur_next_ind looks like a Boolean; make it one.  That also
fixes checkapi warnings about its value_string not being properly
terminated (by replacing it with a true_false_string).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40975 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoStore drop count if present.
etxrab [Sat, 11 Feb 2012 17:31:13 +0000 (17:31 +0000)]
Store drop count if present.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40974 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Steve Magnani:
etxrab [Sat, 11 Feb 2012 16:59:38 +0000 (16:59 +0000)]
From Steve Magnani:
USB: support filtering of isochronous packets via usb.bInterfaceClass.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40973 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Guy Martin:
etxrab [Sat, 11 Feb 2012 16:52:32 +0000 (16:52 +0000)]
From Guy Martin:
Dissector for DVB MultiProtocol Encapsulation (DVB-MPE)


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40972 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Guy Martin:
etxrab [Sat, 11 Feb 2012 16:44:45 +0000 (16:44 +0000)]
From Guy Martin:
Dissector for MPEG Program Association Table (PAT)


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40971 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Guy Martin:
etxrab [Sat, 11 Feb 2012 16:38:01 +0000 (16:38 +0000)]
From Guy Martin:
Dissector for MPEG section packets.


git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40970 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd the abillity to read and write option comments unedited.
etxrab [Sat, 11 Feb 2012 12:34:39 +0000 (12:34 +0000)]
Add the abillity to read and write option comments unedited.
This is POC we may want to have more efficient use of the frame data
structure etc. But this allows for work to be done on the GUI to actually add comments.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40969 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom David Wei:
etxrab [Sat, 11 Feb 2012 09:09:27 +0000 (09:09 +0000)]
From David Wei:
Udate AVP:s

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40968 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoDon't use 16-bit integers as counters. The code won't be any faster on
guy [Sat, 11 Feb 2012 07:12:34 +0000 (07:12 +0000)]
Don't use 16-bit integers as counters.  The code won't be any faster on
anything that can run Wireshark (it might be slower), and if the maximum
count value is 16-bit, you can loop forever if the maximum count value
happens to be 65535.

(Yes, this means that

guint i, j;


for (i = 0; i < j; i++)

risks looping forever if j is 2^32-1, and the same applies to 64-bit
counters.  There are probably fewer protocols with 32-bit counts, and
probably even fewer with 64-bit counts, but the way it should be done in
those cases, for safety, is

i = 0;
for (;;) {
if (i >= j)


if (i == j - 1)

or something such as that.)

Fixes bug 6809.

Will schedule for 1.6.x.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40967 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoIt is a complete mistake to have *ANY* messages during packet capture
guy [Sat, 11 Feb 2012 03:57:49 +0000 (03:57 +0000)]
It is a complete mistake to have *ANY* messages during packet capture
sent to the standard output if "-w" is specified because, when you
capture, you can capture with the output directed to the standard
output, and dumping some text crap to the standard output will corrupt
your capture file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40966 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoUse C89-style comment rather than C++/C99-style comment.
guy [Sat, 11 Feb 2012 02:45:58 +0000 (02:45 +0000)]
Use C89-style comment rather than C++/C99-style comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40965 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoGet rid of C++/C99-style comment; use #if 0/#endif instead.
guy [Sat, 11 Feb 2012 02:45:16 +0000 (02:45 +0000)]
Get rid of C++/C99-style comment; use #if 0/#endif instead.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40964 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoRevert presumably-unintentional turning on of debug messages.
guy [Sat, 11 Feb 2012 02:41:04 +0000 (02:41 +0000)]
Revert presumably-unintentional turning on of debug messages.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40963 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoGlobal variables considered harmful. Pass pinfo along as a parameter;
guy [Sat, 11 Feb 2012 02:31:52 +0000 (02:31 +0000)]
Global variables considered harmful.  Pass pinfo along as a parameter;
this appears to fix bug 6823 (the actual crash was a null pinfo being
passed to call_dissector()).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40962 f5534014-38df-0310-8fa8-9805f1628bb7