tuexen [Thu, 16 Feb 2012 20:22:34 +0000 (20:22 +0000)]
Fix from Irene Ruengeler: Show correct details in the interface dialog on
Windows.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41042
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 16 Feb 2012 18:58:40 +0000 (18:58 +0000)]
With the WTAP_ERR_UNSUPPORTED error, Wiretap supplies a string giving
the details of what in particular is unsupported; report it in TShark
and Wireshark.
Handle WTAP_ERR_RANDOM_OPEN_PIPE in TShark.
Handle WTAP_ERR_COMPRESSION_NOT_SUPPORTED in TShark, and have its error
message in Wireshark not speak of gzip, in case we support compressed
output in other formats in the future.
If we see a second section header block in a pcap-NG file, don't report
it as "the file is corrupted", report it as "the file uses a feature we
don't support", as that's the case - and don't free up the interface
data array, as the file remains open, and Wireshark might still try to
access the packets we were able to read.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41041
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Thu, 16 Feb 2012 16:31:09 +0000 (16:31 +0000)]
As suggested on the -dev list today, add Wireshark_package.pmdoc to the source
distribution.
To do this, however, requires renaming that directory because automake can't
handle files with spaces in their names.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41040
f5534014-38df-0310-8fa8-
9805f1628bb7
stig [Thu, 16 Feb 2012 09:18:33 +0000 (09:18 +0000)]
Register the p772 dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41039
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Thu, 16 Feb 2012 08:31:19 +0000 (08:31 +0000)]
Let part of the patch speak for itself:
{ &hf_ieee80211_addr,
- {"Source or Destination address", "wlan.addr", FT_ETHER, BASE_NONE, NULL, 0,
- "Source or Destination Hardware Address", HFILL }},
+ {"Hardware address", "wlan.addr", FT_ETHER, BASE_NONE, NULL, 0,
+ "SA, DA, BSSID, RA or TA Hardware Address", HFILL }},
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41038
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Thu, 16 Feb 2012 05:21:09 +0000 (05:21 +0000)]
From Naoyoshi Ueda:
Patch to fix DTLS decryption.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6847
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41036
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Thu, 16 Feb 2012 03:00:52 +0000 (03:00 +0000)]
Fix the rest of of https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6764 :
The Lua API does not have FT_*, it has ftypes.*, so use that in the
documentation. Also, list out each ft so the user knows what the available
options are.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41035
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 16 Feb 2012 02:06:48 +0000 (02:06 +0000)]
Again, turn off the debug logging; it messes up the fuzz-testing bot.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41034
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Wed, 15 Feb 2012 22:56:20 +0000 (22:56 +0000)]
From Pascal Quantin:
[NAS EPS] PDN Connectivity Request message dissection fixes.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6845
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41033
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Wed, 15 Feb 2012 19:44:16 +0000 (19:44 +0000)]
Make it possible to get inforamtion from the read SHB to the one to write out.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41032
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Wed, 15 Feb 2012 06:01:01 +0000 (06:01 +0000)]
From Andy Karch:
Enhance L2TP filters to include assigned IDs.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6841
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41031
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 14 Feb 2012 22:31:33 +0000 (22:31 +0000)]
TYPE_PAD records can have zero bytes of payload; don't treat them as
errors.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41030
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Tue, 14 Feb 2012 20:23:02 +0000 (20:23 +0000)]
From David Wei:
Fix handling of piggybacked messages.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41029
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Tue, 14 Feb 2012 20:06:48 +0000 (20:06 +0000)]
As Guy suggested in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6765 :
Since his r41025 change to the HTTP dissector fixes the problem reported in
the subject bug, revert r41018 (whose check-in comment, BTW, should have
referenced this bug instead of 6817).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41028
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Tue, 14 Feb 2012 18:34:59 +0000 (18:34 +0000)]
- dissect_vendor_ie_atheros:
Remove tag_len parameter - it was redundant.
The length passed no longer contains the vendor id.
- add_tagged_field / TAG_VENDOR_SPECIFIC_IE:
Reorder so that the ieee "standard" vendor ids come fist,
after that the really vendor specific stuff.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41027
f5534014-38df-0310-8fa8-
9805f1628bb7
tuexen [Tue, 14 Feb 2012 17:07:52 +0000 (17:07 +0000)]
From Anders: Add support for options in the SHB.
From me: Some whitespace changes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41026
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 14 Feb 2012 06:00:14 +0000 (06:00 +0000)]
To quote section "7.2.1 Type" of RFC 2068, "Hypertext Transfer Protocol
-- HTTP/1.1":
Any HTTP/1.1 message containing an entity-body SHOULD include a
Content-Type header field defining the media type of that body. If
and only if the media type is not given by a Content-Type field, the
recipient MAY attempt to guess the media type via inspection of its
content and/or the name extension(s) of the URL used to identify the
resource. If the media type remains unknown, the recipient SHOULD
treat it as type "application/octet-stream".
To quote section "4. Encoding of Transport Layer" of RFC 2565, "Internet
Printing Protocol/1.0: Encoding and Transport":
HTTP/1.1 [RFC2068] is the transport layer for this protocol.
...
Note: even though port 631 is the IPP default, port 80 remains the
default for an HTTP URI. Thus a URI for a printer using port 631
MUST contain an explicit port, e.g. "http://forest:631/pinetree". An
HTTP URI for IPP with no explicit port implicitly reference port 80,
which is consistent with the rules for HTTP/1.1. Each HTTP operation
MUST use the POST method where the request-URI is the object target
of the operation, and where the "Content-Type" of the message-body in
each request and response MUST be "application/ipp". The message-body
MUST contain the operation layer and MUST have the syntax described
in section 3.2 "Syntax of Encoding". A client implementation MUST
adhere to the rules for a client described for HTTP1.1 [RFC2068]. A
printer (server) implementation MUST adhere the rules for an origin
server described for HTTP1.1 [RFC2068].
So, when choosing a subdissector for HTTP request bodies, search based
on the media type first, and only if we *don't* find a dissector for the
media type, do other stuff such as heuristics or choosing a subdissector
based on the port number.
This fixes a number of problems; in particular, it fixes bug 6765
"non-IPP packets to or from port 631 are dissected as IPP" without
requiring the IPP dissector to attempt to determine whether an entity
body looks like IPP. It also ensures that the default dissector for
HTTP entity bodies, the "media" dissector, will get the media type
passed to it in pinfo->match_string.
Don't use "!str*cmp()" while we're at it - it's valid C, but the "!" can
make it look as if it's checking for something not being the case when,
in fact, you're checking for equality rather than inequality. (The
str*cmp() routines don't return Boolean results.)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41025
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Tue, 14 Feb 2012 03:37:19 +0000 (03:37 +0000)]
Fix part of https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6764 :
The Lua API does not have BASE_*, it has base.*, so use that. Also, list out
each base so the user knows what the available options are.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41024
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Tue, 14 Feb 2012 03:24:19 +0000 (03:24 +0000)]
As suggested in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6763 :
Give an example of a Pref.range's default value.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41023
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Tue, 14 Feb 2012 02:57:48 +0000 (02:57 +0000)]
This dissector calls process_reassembled_data() so there's no need for it to
manually insert the fragment data to the tree (by calling show_fragment_tree());
doing both just means the fragments get added to the tree twice.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41022
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Tue, 14 Feb 2012 02:43:58 +0000 (02:43 +0000)]
There's no need to get the parent of an item we're passing into
proto_tree_move_item(): that function will expects the item, not its parent.
This avoids dissector bugs such as the one reported in
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6768 :
** (process:745): WARNING **: Dissector bug, protocol RTP, in packet 82:
proto.c:4273: failed assertion "fixed_item->parent == tree"
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41021
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Mon, 13 Feb 2012 22:46:12 +0000 (22:46 +0000)]
From Pascal Quantin:
fixes for dissection of Traffic Flow Template IE.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6840
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41020
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Mon, 13 Feb 2012 22:22:29 +0000 (22:22 +0000)]
Handle piggybacked messages.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41019
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Mon, 13 Feb 2012 20:56:40 +0000 (20:56 +0000)]
Fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6817 :
Make the IPP dissector a 'new-style' dissector that does not accept packets
which are clearly not IPP.
This is useful when a user points their web browser at a CUPS server--which
causes the CUPS server to spit out a nice looking web page from which you can
administer the server and/or printers but which up until this fix caused the
IPP dissector to mark the packet as malformed.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41018
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Mon, 13 Feb 2012 18:58:14 +0000 (18:58 +0000)]
From Sean Bright:
Wireshark crashes after editing interface settings from capture options dialog.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6788
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41017
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Mon, 13 Feb 2012 18:50:31 +0000 (18:50 +0000)]
Mark an unused parameter.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41016
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Mon, 13 Feb 2012 17:34:56 +0000 (17:34 +0000)]
White space changes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41015
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Mon, 13 Feb 2012 17:34:15 +0000 (17:34 +0000)]
Drop count is 64 bits
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41014
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Mon, 13 Feb 2012 17:33:05 +0000 (17:33 +0000)]
Edit packet comments
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41013
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Mon, 13 Feb 2012 17:31:54 +0000 (17:31 +0000)]
Drop count is 64 bits
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41012
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Mon, 13 Feb 2012 09:13:37 +0000 (09:13 +0000)]
Start itemizing.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41011
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 13 Feb 2012 05:35:20 +0000 (05:35 +0000)]
In a loop of the form
for (i = 1; i <= N; i++)
...
the type of "i" must have, as its maximum value, a value >= the maximum
value of N; otherwise, if N is equal to the maximum value that fits in
"i", the loop willnever terminate. (If that requires "i" to be larger
than you'd like, do the loop as
for (i = 0; i < N; i++)
...
which doesn't have that problem.)
Clean up the "i = 1" clause's white space in those for loops.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41010
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Mon, 13 Feb 2012 03:14:46 +0000 (03:14 +0000)]
If WIRESHARK_ABORT_ON_DISSECTOR_BUG is set (in the environment) and we put more
than MAX_TREE_ITEMS in the tree, abort() out rather than throwing an exception.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41009
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Mon, 13 Feb 2012 03:03:03 +0000 (03:03 +0000)]
Fix the crash reported in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6804
For WTAP_ENCAP_ERF files if we find an Extension and/or Multi-Channel header,
ensure that the size of the full pseudoheader is smaller than the packet size
to avoid an underflow and subsequent attempt to allocate a rather large amount
of memory.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41008
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 12 Feb 2012 23:50:13 +0000 (23:50 +0000)]
Do not assume tab stops are set every 4 spaces.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41007
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Sun, 12 Feb 2012 23:17:01 +0000 (23:17 +0000)]
Add edit_packet_comment_dlg.h to the source distribution
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41006
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 12 Feb 2012 23:09:14 +0000 (23:09 +0000)]
Capitalize the "P" in "Packet" in "Add or Edit Packet Comment". Add
"..." after it, as it pops up a dialog box to let you actually type in a
comment.
Add "Add or Edit Packet Comment" to the menubar's Edit menu.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41005
f5534014-38df-0310-8fa8-
9805f1628bb7
tuexen [Sun, 12 Feb 2012 21:56:00 +0000 (21:56 +0000)]
Fix debug output.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41004
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sun, 12 Feb 2012 21:15:11 +0000 (21:15 +0000)]
Add a button row.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41003
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 12 Feb 2012 20:44:51 +0000 (20:44 +0000)]
Close parentheses in expert info.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41002
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 12 Feb 2012 20:03:37 +0000 (20:03 +0000)]
Don't trust the pointer value in a packet; it could be invalid, and this
could cause an unsigned length value to be reduced by more than its
value, turning it into a very large value.
I couldn't exactly reproduce bug 6833, but it was due to an attempt to
allocate
4294967110 bytes, and this bug caused remaining_len to equal
4294967110, and it would try to create a reassembled packet tvbuff of
that size, so I'm guessing this fixes 6833.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41001
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 19:30:57 +0000 (19:30 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@41000
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 19:26:53 +0000 (19:26 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40999
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 19:24:38 +0000 (19:24 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40998
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 18:06:37 +0000 (18:06 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40997
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 18:05:50 +0000 (18:05 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40996
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 18:05:22 +0000 (18:05 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40995
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 18:05:02 +0000 (18:05 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40994
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 18:04:26 +0000 (18:04 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40993
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 18:03:17 +0000 (18:03 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40992
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 18:02:58 +0000 (18:02 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40991
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 18:02:39 +0000 (18:02 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40990
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 17:47:11 +0000 (17:47 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40989
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 17:46:57 +0000 (17:46 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40988
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Sun, 12 Feb 2012 17:41:57 +0000 (17:41 +0000)]
Enhance BGP Notification message
* Make field filterable (3 proto_tree_add_text less ! but there are still 147 proto_tree_add_text...)
* Remove bgp_notify struct
* Use expert info to display a unknown error type
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40987
f5534014-38df-0310-8fa8-
9805f1628bb7
tuexen [Sun, 12 Feb 2012 16:38:47 +0000 (16:38 +0000)]
Get it compiling.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40986
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sun, 12 Feb 2012 16:18:25 +0000 (16:18 +0000)]
Get the comment and put it in the textview.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40985
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sun, 12 Feb 2012 15:48:57 +0000 (15:48 +0000)]
Try to make the buildbot happy.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40983
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Sun, 12 Feb 2012 15:03:25 +0000 (15:03 +0000)]
[Automatic manuf, services and enterprise-numbers update for 2012-02-12]
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40981
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sun, 12 Feb 2012 14:56:06 +0000 (14:56 +0000)]
Add the edit packet comment menu entry and the empty files
to actually handel the menu to edit the comments.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40980
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sun, 12 Feb 2012 07:18:05 +0000 (07:18 +0000)]
From Steve Magnani:
USB: add infrastructure for dissecting class-specific descriptors.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6825
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40979
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 11 Feb 2012 20:57:26 +0000 (20:57 +0000)]
Use the length-on-the-network, not the captured length, when deciding
how far to dissect.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40978
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 11 Feb 2012 20:37:54 +0000 (20:37 +0000)]
Don't bail out of a non-heuristic dissector routine just because there's
not enough captured data in the tvbuff.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40977
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 11 Feb 2012 20:36:35 +0000 (20:36 +0000)]
Get rid of checkapi warning about %hh.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40976
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 11 Feb 2012 20:35:03 +0000 (20:35 +0000)]
mpeg_pat.cur_next_ind looks like a Boolean; make it one. That also
fixes checkapi warnings about its value_string not being properly
terminated (by replacing it with a true_false_string).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40975
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sat, 11 Feb 2012 17:31:13 +0000 (17:31 +0000)]
Store drop count if present.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40974
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sat, 11 Feb 2012 16:59:38 +0000 (16:59 +0000)]
From Steve Magnani:
USB: support filtering of isochronous packets via usb.bInterfaceClass.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6824
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40973
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sat, 11 Feb 2012 16:52:32 +0000 (16:52 +0000)]
From Guy Martin:
Dissector for DVB MultiProtocol Encapsulation (DVB-MPE)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6822
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40972
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sat, 11 Feb 2012 16:44:45 +0000 (16:44 +0000)]
From Guy Martin:
Dissector for MPEG Program Association Table (PAT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6821
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40971
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sat, 11 Feb 2012 16:38:01 +0000 (16:38 +0000)]
From Guy Martin:
Dissector for MPEG section packets.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6820
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40970
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sat, 11 Feb 2012 12:34:39 +0000 (12:34 +0000)]
Add the abillity to read and write option comments unedited.
This is POC we may want to have more efficient use of the frame data
structure etc. But this allows for work to be done on the GUI to actually add comments.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40969
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sat, 11 Feb 2012 09:09:27 +0000 (09:09 +0000)]
From David Wei:
Udate AVP:s
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40968
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 11 Feb 2012 07:12:34 +0000 (07:12 +0000)]
Don't use 16-bit integers as counters. The code won't be any faster on
anything that can run Wireshark (it might be slower), and if the maximum
count value is 16-bit, you can loop forever if the maximum count value
happens to be 65535.
(Yes, this means that
guint i, j;
...
for (i = 0; i < j; i++)
...
risks looping forever if j is 2^32-1, and the same applies to 64-bit
counters. There are probably fewer protocols with 32-bit counts, and
probably even fewer with 64-bit counts, but the way it should be done in
those cases, for safety, is
i = 0;
for (;;) {
if (i >= j)
break;
...
if (i == j - 1)
break;
}
or something such as that.)
Fixes bug 6809.
#BACKPORT
Will schedule for 1.6.x.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40967
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 11 Feb 2012 03:57:49 +0000 (03:57 +0000)]
It is a complete mistake to have *ANY* messages during packet capture
sent to the standard output if "-w" is specified because, when you
capture, you can capture with the output directed to the standard
output, and dumping some text crap to the standard output will corrupt
your capture file.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40966
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 11 Feb 2012 02:45:58 +0000 (02:45 +0000)]
Use C89-style comment rather than C++/C99-style comment.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40965
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 11 Feb 2012 02:45:16 +0000 (02:45 +0000)]
Get rid of C++/C99-style comment; use #if 0/#endif instead.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40964
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 11 Feb 2012 02:41:04 +0000 (02:41 +0000)]
Revert presumably-unintentional turning on of debug messages.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40963
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 11 Feb 2012 02:31:52 +0000 (02:31 +0000)]
Global variables considered harmful. Pass pinfo along as a parameter;
this appears to fix bug 6823 (the actual crash was a null pinfo being
passed to call_dissector()).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40962
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sat, 11 Feb 2012 02:10:32 +0000 (02:10 +0000)]
NETLOGON handle different schannel with the same source
ip and dest i
from Matthieu Patou <mat@matws.net>
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40961
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sat, 11 Feb 2012 02:09:20 +0000 (02:09 +0000)]
NETLOGON: Fix bugs with netlogon decryption not working in some cases
If there is only one Authenticatex in the file, decryption is not
working.
from Matthieu Patou <mat@matws.net>
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40960
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sat, 11 Feb 2012 02:08:02 +0000 (02:08 +0000)]
NETLOGON: improve debugging messages
from Matthieu Patou <mat@matws.net>
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40959
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sat, 11 Feb 2012 02:06:45 +0000 (02:06 +0000)]
NTLM show the decrypted data buffer in a separate tab
from Matthieu Patou <mat@matws.net>
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40958
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sat, 11 Feb 2012 02:05:57 +0000 (02:05 +0000)]
NTLM print the whole string, not just half the string
from Matthieu Patou <mat@matws.net>
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40957
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sat, 11 Feb 2012 02:04:36 +0000 (02:04 +0000)]
NTLM: clear the nt_password_unicode buffer.
from Matthieu Patou <mat@matws.net>
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40956
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sat, 11 Feb 2012 02:03:20 +0000 (02:03 +0000)]
NTLM make it easier to activate/deactivate debugging code in NTLM
from Matthieu Patou <mat@matws.net>
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40955
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sat, 11 Feb 2012 02:01:47 +0000 (02:01 +0000)]
NTLM: If we encounter an NTLM blob that is bigger than out fixed maxbuffer,
log a warning to the user.
from Matthieu Patou <mat@matws.net>
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40954
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sat, 11 Feb 2012 01:59:55 +0000 (01:59 +0000)]
NTLMv2 blobs can be bigger than 256 bytes. Set the limite to 10k for now.
From Matthieu Patou <mat@matws.net>
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40953
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Fri, 10 Feb 2012 23:08:46 +0000 (23:08 +0000)]
Fix via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6817 :
r40200 made ssl_parse()/dtls_parse() post-update-callbacks for those
dissector's UATs so that the dissector would be updated when the user changed
the UAT. (This allows SSL/DTLS keys to be taken into account without requiring
Wireshark to be restarted.)
But, those functions also update the UAT themselves if the old-style keys_list
preference is used, creating an infinite recursion.
Fix this by splitting the *_parse() functions into two: one for the UAT and one
for the old-style keys list.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40952
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Fri, 10 Feb 2012 07:16:27 +0000 (07:16 +0000)]
Sean Bright <sean.bright@gmail.com>:
In r37159, the following change was made to ui/gtk/rtp_player.c:
@@ -1654,9 +1636,7 @@
GtkWidget *dialog;
/* we should never be here if we are in PLAY and !PAUSE */
- if(!rtp_channels->stop&& !rtp_channels->pause){
- exit(10);
- }
+ g_assert(!rtp_channels->stop&& !rtp_channels->pause);
The logic, however, was not negated properly. The correct assertion should be:
g_assert(rtp_channels->stop || rtp_channels->pause);
With the current code, the RTP player causes a crash for me when pressing the
'Play' button.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40951
f5534014-38df-0310-8fa8-
9805f1628bb7
cmaynard [Fri, 10 Feb 2012 05:05:17 +0000 (05:05 +0000)]
Delete the TH_* defines and use those from epan/dissectors/packet-tcp.h.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40950
f5534014-38df-0310-8fa8-
9805f1628bb7
cmaynard [Fri, 10 Feb 2012 03:37:28 +0000 (03:37 +0000)]
Since the nonce and reserved bits were added in r34084, tcp.flags is now 12 bits, so its type needs to be changed from an FT_UINT8 to an FT_UINT16. This should avoid the crash experienced by Lanell Allen as reported on -dev: article.gmane.org/gmane.network.wireshark.devel/24846 (although in my testing on Windows XP SP3 (32-bit), Wireshark did not crash).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40949
f5534014-38df-0310-8fa8-
9805f1628bb7
cmaynard [Fri, 10 Feb 2012 03:30:28 +0000 (03:30 +0000)]
Make proper use of esg_tree.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40948
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Thu, 9 Feb 2012 22:24:00 +0000 (22:24 +0000)]
Add pcapng variables to wtap_pkthdr.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40947
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Thu, 9 Feb 2012 22:17:42 +0000 (22:17 +0000)]
From David Wei:
Add a preference to not dissect containers,
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40946
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Thu, 9 Feb 2012 22:14:58 +0000 (22:14 +0000)]
Add comments about new IEs
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40945
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Thu, 9 Feb 2012 19:17:28 +0000 (19:17 +0000)]
From Sean Bright via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6815 :
Don't use tvb_get_ptr() to retrieve a string being sent into
proto_tree_add_string_format(): use tvb_get_ephemeral_string() instead.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40944
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Thu, 9 Feb 2012 19:02:28 +0000 (19:02 +0000)]
From Wido Kelling via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6819 :
Patch to fix channelproperty Maintanance decode.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40943
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Thu, 9 Feb 2012 18:59:16 +0000 (18:59 +0000)]
Eliminate a C++/C99-style comment.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40942
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Thu, 9 Feb 2012 17:41:22 +0000 (17:41 +0000)]
Add tvb_ip_to_str and tvb_ip6_to_str to the Dev Guide
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40941
f5534014-38df-0310-8fa8-
9805f1628bb7
alagoutte [Thu, 9 Feb 2012 17:35:05 +0000 (17:35 +0000)]
Fix some Dead Store (Dead assignement/Dead increment) Warning found by Clang
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@40940
f5534014-38df-0310-8fa8-
9805f1628bb7