| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
And avoid different string for translation...
Change-Id: I36ae0fd3366cb9b42f146163f4355778f0b9b40c
Reviewed-on: https://code.wireshark.org/review/771
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I7114028ce296ffa875ddfbb24b935dc2573f964c
Reviewed-on: https://code.wireshark.org/review/770
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: Id82763dd17e8c4e0902ae8e31ec6554e8f174b59
Reviewed-on: https://code.wireshark.org/review/769
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
There's a relatively new feature in 1.11.3 to select a specific file format
reader, instead of relying on magics or heuristics. If you select a file
reader and open a file, open it, and then click the reload-file button or go
to View->Reload or press the ctrl-R keymap, the file is reloaded but using the
magic/heuristics again instead of the file format reader you previously chose.
Likewise, the Lua relaod() function has the same issue (which is how I found
this problem).
I have tested this change by hand, using a Lua script, but I didn't add it
to the testsuite because I need another change for my test script to work
correctly. (an enhancement rather than a bug fix, which I'll submit separately)
Change-Id: I48c2d9ea443e37fd9d41be43d6b6cd5a866d5b01
Reviewed-on: https://code.wireshark.org/review/764
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
packet-epl.c:2248: warning: declaration of 'index' shadows a global declaration
packet-epl.c: In function 'dissect_epl_sdo_command_write_multiple_by_index':
packet-epl.c:2380: warning: declaration of 'index' shadows a global declaration
packet-epl.c: In function 'dissect_epl_sdo_command_read_by_index':
packet-epl.c:2489: warning: declaration of 'index' shadows a global declaration
Change-Id: Ib1a1d1d2aa596df558162839e7594b7fd12559a3
Reviewed-on: https://code.wireshark.org/review/765
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I4361e282146d86057d6797bc001f6605d5d06486
Whitespaces removed, Code clean up, usage of expert information API
Change-Id: I4361e282146d86057d6797bc001f6605d5d06486
code beautyfying, modeline added
Change-Id: I4361e282146d86057d6797bc001f6605d5d06486
code beautyfying
Change-Id: I4361e282146d86057d6797bc001f6605d5d06486
Reviewed-on: https://code.wireshark.org/review/430
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Each package is dissected using a reference to object indeces, so
that in the view of the dissector output, a clear indication
to what the index means and what the subindices mean is given.
Additional special entries (mappings, timestamps) have their own hf
fields, and can be searched for via display filter.
Signed-off-by: Lukas Emersberger <lukas.emersberger@gmail.com>
Change-Id: I928c11a9f4a5b762c8947713a0f70e03bd711158
Reviewed-on: https://code.wireshark.org/review/730
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Lukas Emersberger <lukas.emersberger@br-automation.co.at>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I1d80b82d7c6a5aa85bf59b449326874c0f851737
Reviewed-on: https://code.wireshark.org/review/763
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I5922a36ee84d45653e52e6fe847c6a9085ee5e21
Reviewed-on: https://code.wireshark.org/review/762
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- Adding a typedefinition which can be deactivated, so
that certain types of frames are only detected in their
respective transport protocols
- Rename bytes array as it is a key-word for some IDEs and
hinders syntax checking
- Add node info to the time request from/by fields
- EPL: add message type to heuristic dissection call
Change-Id: Ia572bb68fc1d24d70e72b77867f0dad323b055b9
Reviewed-on: https://code.wireshark.org/review/750
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
There have been enough gnarly bus in sip/sdp/rtp that it needs
to have good debug printing. Using a debugger isn't good enough
because there's interaction across multiple frames and it's too
hard to follow what's going on without real printed data history.
Change-Id: Ifb5bb1fb580be81f988569ece79d238a9c030c34
Reviewed-on: https://code.wireshark.org/review/688
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This fixes the crashing on buildbot, but only in the sense that
it now calls DESSECTOR_ASSERT_NOT_REACHED() for the case that's
causing the crash - which is a null dereference, due to something
going wrong in add_tagged_field() of packet-ieee80211.c.
I don't know what the right thing to do is, but at least this
gets buildbot going again. (that file is over 25k lines!)
Change-Id: I1658944f9704a071dffc7f4834b9294fffc0e7ba
Reviewed-on: https://code.wireshark.org/review/757
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Apparently, some systems write out big-endian Prism headers (probably
big-endian-MIPS-based Wi-Fi APs running $LINUX_DISTRIBUTION and the
like), so check for both big-endian and little-endian message codes,
and, for the fields in the header, use the byte order that matched.
Change-Id: Ia13df606676bb7dbc5d12fe4e297681bebb6f478
Reviewed-on: https://code.wireshark.org/review/759
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I8e080b250b81976898d2950da9e91fb32b719590
Reviewed-on: https://code.wireshark.org/review/756
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I17e4bb3968e503b250b9c8d6a7a9bb2abf0f6868
Reviewed-on: https://code.wireshark.org/review/755
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I1dd51d1452333826c153b6bb861262a6166af3c5
Reviewed-on: https://code.wireshark.org/review/754
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
Change-Id: I4c2464c6faa79bdc1edb205f3f842864963d1cb9
Reviewed-on: https://code.wireshark.org/review/753
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: If1f64241846cc18463c8c5e9da7dd2a5eaba6733
Reviewed-on: https://code.wireshark.org/review/752
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I261a740cbc369d905c89236b5173944e2780af59
Reviewed-on: https://code.wireshark.org/review/751
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This patch causes Wireshark/tshark to segfault if the file is reread(open a file and press reload).
The test suite also fails on
2.1.1 Step: Exit status for existing file: "/home/wireshark/builders/trunk/sol10sparc/build/test/captures/dhcp.pcap" must be 0/home/wireshark/builders/trunk/sol10sparc/build/test/suite-clopts.sh: line 149: 6646 Segmentation Fault (core dumped) $TSHARK -r "${CAPTURE_DIR}dhcp.pcap" > ./testout.txt 2>&1
OSX build bot chokes on
pcapng.c: In function 'pcapng_destroy_option_value':
pcapng.c:377: warning: implicit declaration of function 'g_byte_array_unref'
pcapng.c:379: warning: implicit declaration of function 'g_array_unref'
pcapng.c: In function 'pcapng_collect_block_option':
pcapng.c:419: warning: implicit declaration of function 'g_byte_array_new_take'
pcapng.c:419: warning: initialization makes pointer from integer without a cast
these functions are glib 2.22
This reverts commit 7b13a3b0f6a5617e0e352f87cc5a20afea226aa8.
Change-Id: Ia82fdb2d08287bc2cd2841e1e941ae68cbc2e009
Reviewed-on: https://code.wireshark.org/review/749
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Interface options[1], and more generally pcapng options[2], are useful
information that can provide improved dissector output.
Prior to this change, only certain pcapng interface options were interpreted
and made available to dissectors, e.g. the interface name or description.
This change augments the situation by providing epan_get_interface_option( ),
which returns an array of byte arrays if the option code exists
(otherwise NULL). Each element of the array is a byte buffer containing
the raw data of the option. An array-of-buffers is used because pcapng
allows for multiple instances of the same option to be present in the file.
All interface options found in a pcapng file are thus made available to the
dissector.
The implementation also provides infrastructure to collect options from
other pcapng blocks such as the section header. Currently these options
are discarded, but could be retained in the future to support more features.
[1] http://www.winpcap.org/ntar/draft/PCAP-DumpFileFormat.html#sectionidb
[2] http://www.winpcap.org/ntar/draft/PCAP-DumpFileFormat.html#sectionopt
Change-Id: I944b6f0f03dde9b8e7d1348b76acde6f9d312f37
Reviewed-on: https://code.wireshark.org/review/331
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
0...heuristic_open_routine_idx-1
at the moment, we loop over all entries of the open_info_arr
Change-Id: Iabca32521a066d994b1c840b7514faa983375f0c
Reviewed-on: https://code.wireshark.org/review/748
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
until recently, we always had a 0,0,0,... entry at the end of the array
that's gone now - which makes sense for people who register wiretap
plugins...
Change-Id: Id47dc4917481ffa8560e17b8740c2f9716bb8df1
Reviewed-on: https://code.wireshark.org/review/747
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
strncpy -> g_strlcpy
Change-Id: Ib17b6799a762e2e2e65bf7c6dd5a894bfb127c86
Reviewed-on: https://code.wireshark.org/review/746
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Issue found by rols
Fix comment and use the correct plugin_dir path (missing wireshark folder)
Change-Id: I298bc5e9872d8c20c5baeaaf056262b9668f15bf
Closed-bug: 9854
Reviewed-on: https://code.wireshark.org/review/745
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
logcat.c: In function 'detect_version':
logcat.c:142: warning: implicit conversion shortens 64-bit value into a 32-bit value
logcat.c:143: warning: implicit conversion shortens 64-bit value into a 32-bit value
logcat.c:150: warning: implicit conversion shortens 64-bit value into a 32-bit value
logcat.c:151: warning: implicit conversion shortens 64-bit value into a 32-bit value
logcat.c: In function 'logcat_dump_text':
logcat.c:427: warning: implicit conversion shortens 64-bit value into a 32-bit value
logcat.c:451: warning: implicit conversion shortens 64-bit value into a 32-bit value
Change-Id: I4361567e599b7d04f422fccd7f8b1bccc897f114
Reviewed-on: https://code.wireshark.org/review/744
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I7067a8856ff1c431d5e5ec7ec2a51228a8613631
Reviewed-on: https://code.wireshark.org/review/743
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
nearest. GTK QT
Change-Id: I34e84e6cf4587fee999764435fa1a407c8aa04bb
Reviewed-on: https://code.wireshark.org/review/687
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
The -X read_format extension was added in code but in the manuals.
Change-Id: I21692120229ef531671fc3db247809ace69d23b3
Reviewed-on: https://code.wireshark.org/review/742
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
registered
The testsuite for Lua file reader/writer uses the acme_file.lua script to
generate a pcapng file from an Acme sipmsg.log file. It then compares the
tshark verbose output of this new pcapng file to a sip.pcapng file in
the test/captures directory that was previously made. Unfortunately, the
acme_file.lua script generates a timestamp based on local system timezone,
rather than UTC, so the testsuite fails if not run in the EST timezone where
the sip.pcapng file was originally made. This has now been fixed.
Also, trying to register new weak heuristic readers fails because the GArray
is terminated with a NULL-based row without Glib knowing about that. So this
commit changes it to let Glib handle the NULL-terminated row, so that appending
takes it into account automatically.
Change-Id: I037ce1cfbda03585b3a1e159df78ff8ebb41fc32
Reviewed-on: https://code.wireshark.org/review/741
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Now Androit Logcat (Logger) binary logs are supported.
Try "adb logcat -Bf /sdcard/log.logcat; adb pull /sdcard/log.logcat".
Also there is possibility to save logs to text format like by "adb".
Change-Id: If7bfc53d3fbd549a0978d1dbf96f3fff671fd601
Reviewed-on: https://code.wireshark.org/review/235
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
chunk is provided.
Change-Id: I88c5367652fb59a3da2cfd8895a1c0cc5176b859
Reviewed-on: https://code.wireshark.org/review/740
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
Tested-by: Michael Tüxen <tuexen@wireshark.org>
|
|
(Because check whitespace quit after check... and no longer launch other check...)
Change-Id: I97ee0191c3d985934e74d23576f88984ec0e9b46
Reviewed-on: https://code.wireshark.org/review/739
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I303184523c22d17c3f642852bcd97a9533bf5521
Reviewed-on: https://code.wireshark.org/review/738
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
packet-ieee80211.c:8583: warning: integer constant is too large for 'long' type
packet-ieee80211.c:8584: warning: integer constant is too large for 'long' type
packet-ieee80211.c:8585: warning: integer constant is too large for 'long' type
Change-Id: I5badc6e0d2595d4353e33cd273d55f28737b34a8
Reviewed-on: https://code.wireshark.org/review/737
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
(and fix also fix-encodings-args)
Change-Id: Ic2e99ca02398b7525b1cf68ab0d8279a2909940e
Reviewed-on: https://code.wireshark.org/review/736
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
If the interface class is not yet known (for example, in the enumeration
phase; or if the interface descriptor was missed), then a HID descriptor
would not get dissected. Instead of printing an unhelpful "unknown
descriptor" message, always try to find a HID descriptor.
Change-Id: Ic162d6b93b0428a1edd3a925229093dfcc52c42d
Reviewed-on: https://code.wireshark.org/review/735
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
This makes the usb.data_fragment field more useful in tshark, i.e.,
showing the bytes for the data stage. Previously, the GUI would just
show the "Data Fragment" text label which is not really useful on its
own.
Change-Id: Id0ca39a9a144a37aa6d0b4ae65c1d655deb76748
Reviewed-on: https://code.wireshark.org/review/734
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
packet-ieee80211.c:8581: warning: implicit conversion shortens 64-bit value into a 32-bit value
packet-ieee80211.c:8582: warning: integer constant is too large for 'long' type
packet-ieee80211.c:8583: warning: integer constant is too large for 'long' type
packet-ieee80211.c:8583: warning: implicit conversion shortens 64-bit value into a 32-bit value
packet-ieee80211.c:8584: warning: integer constant is too large for 'long' type
packet-ieee80211.c:8584: warning: implicit conversion shortens 64-bit value into a 32-bit value
Change-Id: I8f8c5518239c7d6e55006abfca8d9452f9a09c6a
Reviewed-on: https://code.wireshark.org/review/733
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
wslua_file.c:92:13: error: request for implicit conversion from 'WFILE_T' to 'FILE_T' not permitted in C++ [-Werror=c++-compat]
Change-Id: Iff9cc716333802a3902429a8c68e5f4cdac2ee9e
Reviewed-on: https://code.wireshark.org/review/732
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Issue found by rols
The installer puts the normal included plugins (e.g. mate, wimax) in
/Applications/Wireshark.app/Contents/Frameworks/wireshark/plugins,
however the global plugins directory is set to
/Applications/Wireshark.app/Contents/Resources/lib/wireshark/plugins
(as it was in previous versions) so no plugins load at startup.
In order to make them load you have to create this directory and
copy the plugins there, or put them in your personal directory.
From remark of Gerald, use recommandation of Bundle Programming Guide (use Contents/PlugIns for plugin)
https://developer.apple.com/library/mac/documentation/corefoundation/conceptual/cfbundles/BundleTypes/BundleTypes.html#//apple_ref/doc/uid/10000123i-CH101-SW19
Change-Id: Ib1ae7da48a8fa94f7037912cd44c05532a238b71
Closed-bug: 9854
Reviewed-on: https://code.wireshark.org/review/602
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
(according to the 9th draft of the standard)
Closed-bug: 8594
Change-Id: I742726027bcab7d25ca4a9ce3a406518db6d272f
Reviewed-on: https://code.wireshark.org/review/632
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
trailing space in packet-lg8979.c
Change-Id: I80e5c93846c66aad1d1bc6f91b20501e0f384a6c
Reviewed-on: https://code.wireshark.org/review/729
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Iff14ec4d0297ec85f3597b33871fb0ab5256a597
Reviewed-on: https://code.wireshark.org/review/728
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The Buildbot found a crash which is cause by a bug that has
been there all along, but a recent change exposed. This bug is
likely in 1.10.6 as well, so I'll backport this if I can
reproduce it in 1.10.6.
Change-Id: I505bc73cbe6281e6d64f00de441c8e6231b55000
Reviewed-on: https://code.wireshark.org/review/702
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Commit includes dissector code for lg8979 as well as additions to RTAC Serial code to call dissector when required.
See bug report 9874 for further details and sample pcap files
UPDATE1: L&G 8979 commit for addressing comments from Anders and Alexis and added Cmakelists.txt
UPDATE2: address further comments from Alexis re. proto_item_set_text / proto_item_add_text entries. Also add modelines
UPDATE3: fix compilation error noted by Alexis
UPDATE4: address proto_tree_add_* comments from Michael
Change-Id: I6e69d2b7b7e91e6efa12e4a5fb7dbd140c0540ed
Reviewed-on: https://code.wireshark.org/review/610
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
capture file formats.
This enables a Lua script to implement a brand new capture file format reader/writer, so that for example one could write a script to read from vendor-specific "logs" of packets, and show them as normal packets in wireshark.
Change-Id: Id394edfffa94529f39789844c382b7ab6cc2d814
Reviewed-on: https://code.wireshark.org/review/431
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ie32a2c256055059d1eade29af69eaad9011ca78b
Reviewed-on: https://code.wireshark.org/review/727
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I86d21cadcbd3e85b7a91d509ffd3c317d76a2ce2
Reviewed-on: https://code.wireshark.org/review/726
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I9d7b16c450cb99aa1d66b0a180241c36f8869637
Reviewed-on: https://code.wireshark.org/review/716
Reviewed-by: Evan Huus <eapache@gmail.com>
|
