Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I32e718a8ef94b514fd2907651e2f9bd92d8119ef
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Reviewed-on: https://code.wireshark.org/review/14627
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The g_hash_table_insert will remove and deallocate existing entry, so we
don't need to do it at all.
Change-Id: I661cadd8beea9585885e48c03a8b52561d1df778
Signed-off-by: Tigran Mkrtchyan <tigran.mkrtchyan@desy.de>
Reviewed-on: https://code.wireshark.org/review/14113
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
fixes regression introduced by f5340b2
g_hash_table_remove will call free on object, thus there is no need for explicit g_free,
as is causes a double-free:
*** Error in `/usr/sbin/wireshark-gtk': double free or corruption (fasttop): 0x0000555556e6bf50 ***
======= Backtrace: =========
/lib64/libc.so.6(+0x77da5)[0x7fffef80ada5]
/lib64/libc.so.6(+0x804fa)[0x7fffef8134fa]
/lib64/libc.so.6(cfree+0x4c)[0x7fffef816cac]
/lib64/libglib-2.0.so.0(g_free+0xe)[0x7ffff09665ee]
/lib64/libglib-2.0.so.0(+0x388ba)[0x7ffff094f8ba]
/lib64/libwireshark.so.6(+0x1cfb46b)[0x7ffff49d646b]
/lib64/libwireshark.so.6(+0x1d03d99)[0x7ffff49ded99]
/lib64/libwireshark.so.6(+0x173b11f)[0x7ffff441611f]
/lib64/libwireshark.so.6(+0x173bba5)[0x7ffff4416ba5]
/lib64/libwireshark.so.6(call_dissector_with_data+0x26)[0x7ffff4419ad6]
.....
The g_hash_table_insert will remove and deallocate existing entry, so we
don't need to do it at all.
Change-Id: Ide47d1f9deb3e1b0d8adefd31fc6f3bf5cbaa010
Signed-off-by: Tigran Mkrtchyan <tigran.mkrtchyan@desy.de>
Reviewed-on: https://code.wireshark.org/review/14096
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
nfs: Fix up the SEQUENCE status flags
The SEQUENCE status flags are being displayed incorrectly (after the NFSv4
operations) due to being attached to the COMPOUND tree instead of the
SEQUENCE op's tree.
nfs/flexfiles: Ensure that we account for the layout_flags in the offset
nfs/flexfiles: Add a dissector for the optional layoutget "stats collect hint"
field
Change-Id: I8744254aa9f65a0b33510f2352875b01804149c2
Fixes: d892c32cc2d0 ("Eliminate proto_tree_add_text from packet-nfs.c")
Fixes: 79b88aacb6d1 ("nfs: Cleanup of FlexFiles Layout Type")
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/13477
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I8512cfa1d424f82a873a0e0e1d22c7b075fdd7f3
Reviewed-on: https://code.wireshark.org/review/13069
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
gf5340b2 introduced a value destroy function.
When transfering a given value from nfs_name_snoop_unmatched to nfs_name_snoop_matched hash map, do not free the value automatically
Bug: 11972
Change-Id: I8c4e0db07084b041baf73ccf4d0788248574a9d8
Reviewed-on: https://code.wireshark.org/review/13115
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
This also fixes a case where, if nfs_fh->len wasn't a multiple of 4, the
allocated buffer was too short, by the difference between the next lower
multiple of 4 and nfs_fh->len, so the memcpy() went past the end of the
buffer. (And, yes, an NFSv3 file handle can have a byte count that's
not a multiple of 4 - it's a variable-length opaque type - even if the
marshalled data is padded with 0s to a multiple of 4 bytes, as with
other XDR types.)
Change-Id: I689d4b365e8a1547428a1580884f66177dc5841b
Reviewed-on: https://code.wireshark.org/review/12964
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
In NFS protocol, stateid's seq# changes within the stateid and therefore
it changes the calculated hash of the stateid displayed by the wireshark.
It makes it inconvenient to filter packets based on such value.
This patches adds additional field (instead of replacing old) to display
the CRC32 hash of the stateid.other field.
Bug:11895
Change-Id: I70c6d2b88822b6f735e8bc506a1bfcb421f6ddb9
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Reviewed-on: https://code.wireshark.org/review/12536
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This finalizes the transformation for dissectors.
Change-Id: Ie5986b72bb69a6e8779ca3f5e20a80357c9e6fea
Reviewed-on: https://code.wireshark.org/review/12122
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Picking off "easy" dissectors that only have one or two exit points at most.
Change-Id: I96aa9cf53533cbb07105aa400d42922baf3016b3
Reviewed-on: https://code.wireshark.org/review/11860
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The target here is the Decode As dialog where protocols have multiple registrations into a dissector table and that shows up as multiple entries in the Decode As dialog list with the same name so users are unsure which "dissector" they are choosing.
The "default" behavior (done in this commit) is to not allow duplicates for a dissector table, whether its part of Decode As or not. It's just ENFORCED for Decode As.
Bug: 3949
Change-Id: Ibe14fa61aaeca0881f9cc39b78799e314b5e8127
Reviewed-on: https://code.wireshark.org/review/11405
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It ends up dragging in libwireshark headers, which programs not linking
with libwireshark shouldn't do. In particular, including
<epan/address.h> causes some functions that refer to libwireshark
functions to be defined if the compiler doesn't handle "static inline"
the way GCC does, and you end up requiring libwireshark even though you
shouldn't require it.
Move plurality() to wsutil/str_util.h, so that non-libwireshark code can
get it without include epan/packet.h. Fix includes as necessary.
Change-Id: Ie4819719da4c2b349f61445112aa419e99b977d3
Reviewed-on: https://code.wireshark.org/review/11545
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I6f90aba1d804b1da666d471b9470acac63df4845
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/11291
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
the case where the number of bitmaps is too large was already handled
more cleanly in some places, we can just copy their code
unfortunately, we have to add a pinfo parameter to quite a few functions
Change-Id: I0e0fa9674d6ecd98c3d7e49e065f7121cc275a9b
Reviewed-on: https://code.wireshark.org/review/11247
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
I thought this was already caught by one of the check*.pl scripts, but I ran into the one in packet-nfs.c and decided to manually check the dissector directory.
Change-Id: I8df83227255818eabc43763e3cf760cf762797cc
Reviewed-on: https://code.wireshark.org/review/11230
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Replace CMP_ADDRESS, COPY_ADDRESS, et al with their lower-case
equivalents in the asn1 and epan directories.
Change-Id: I4043b0931d4353d60cffbd829e30269eb8d08cf4
Reviewed-on: https://code.wireshark.org/review/11200
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
tvb_get_ipv6() takes a struct e_in6_addr *, use that here too.
Change-Id: Id8b368daa05c151a61d4bc01dc88c00da13e9c88
Reviewed-on: https://code.wireshark.org/review/10953
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
The existing code parsed the callback program number from
a packet and then registered the callback program number.
But since the RPC dissector checks for valid and known
program numbers, it never parses it out.
Anyway, NFS4_CALLBACK is a well known number - use it!
Change-Id: Ia812359102bf6620e3b83109eb918032155cd8d3
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10558
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 11528
Change-Id: I9f92a2b38e9c094609b960eb1e105cc57ea66de3
Reviewed-on: https://code.wireshark.org/review/10543
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Not in C, but in C++, and we check to make sure our C code can be
compiled by a C++ compiler.
Change-Id: Ib77fac1abf1c583ebbf4465e4bd681b9db71123c
Reviewed-on: https://code.wireshark.org/review/10495
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
tvb_get_string_enc() treats the FH as an an ASCII string and thus stops
reading at the first zero (0) it encounters.
Replace 'tvb_get_string_enc()' with 'tvb_memdup()' in dissect_fhandle_data().
Change-Id: Ifc30ec41590e9cab5666d0988fab1f66040ce0c7
Reviewed-on: https://code.wireshark.org/review/10493
Reviewed-by: Cal Turney <cturney@charter.net>
Reviewed-by: ronnie sahlberg <ronniesahlberg@gmail.com>
|
|
Initialize layout_type.
Change-Id: Ied6cf61045cbee4f45b802c99ba06c2a07cc7613
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10461
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I748166ebcad1fa704b3d99770cf0c6296bdae3dd
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10434
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I40462f2acf20b99b5691a5efe1f6bfa563163bee
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10429
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I29429373b4a50d9580560b4f0759e31dd8cbf0c3
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10427
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I6a170f7e38a712c4ea0bc83ff4b1baf616a47253
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10436
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I10fd5c28c57c467c854ce3658887b2d0ce6f51b8
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10435
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Idfd27f382e78813b067b99fbe2e7934ddb72b6da
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10433
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ie2cc621fa928a541810e67a2444408572e0d8d4d
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10432
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Ic5ff60f559e1651b206cac4612b3cbc64ca67306
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10431
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I38eab48dcc27c813fc134881b359d8033bc00771
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10430
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I780b7519be5b8a8aadac7141363ff138cae4e583
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10428
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I178b166ee682693e6e3c17759573899ba13ca6f5
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10426
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: Ib6f0c723dc7a5f031cdc52fd339a8fb29362370b
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10425
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I9a4cbb3b43c2695ca576eea7263c561a9d0f3783
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10424
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: If3970a20045d84200924f89ac467c4eb0206cb11
Reviewed-on: https://code.wireshark.org/review/10446
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Before:
skull:bugs loghyr$ ~/ipv4/wireshark/tshark -r 2-layoutstats-in-1-compound.pcap -Y nfs -V | grep -i ipv4
[IPv4 address 113.12.31.172, protocol=tcp, port=2049]
After:
skull:bugs loghyr$ ~/ipv4/wireshark/tshark -r 2-layoutstats-in-1-compound.pcap -Y nfs -V | grep -i ipv4
[IPv4 address 172.31.12.113, protocol=tcp, port=2049]
Bug: 11496
Change-Id: Ia6097ae76411f6ff9de1f53191c8fc767856e2d1
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/10347
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Hand it a table of version/procedure table/hf-for-program-number
triplets.
Change-Id: I2acc03c2da83353165bd422d8537362201c814e2
Reviewed-on: https://code.wireshark.org/review/9740
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Either there's a known body for the call or reply, in which case we
already have a dissector for it, or the body is empty, in which case we
now have dissect_rpc_void() to dissect it, or the body is unknown or
nobody's bothered writing it, in which case we use dissect_rpc_unknown()
for now.
This means that an attempt to look up the dissector for a known
procedure will always succeed, so we can label it with the name rather
than with "proc-N".
It also means that we distinguish between "it's void" and "it's
unknown", so that unknown values will get flagged as such.
Change-Id: I748580c1dca61d1f0972396db1a3b0885fc0a541
Reviewed-on: https://code.wireshark.org/review/9699
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This patch converts some dissectors using g_hash_table_foreach_remove.
- 9p: drop no-op free func.
- nfs: use g_hash_table_new_full such that a destructor function can
be used. Drop NULL check since g_free can handle these just fine.
- nlm: use g_hash_table_new_full such that a destructor function can
be used. Simplify "matched" destruction by replacing the wrapper by
a direct g_free call.
Change-Id: I455e7f0ad4e47e70dae05af7233fdcdebf583f9f
Reviewed-on: https://code.wireshark.org/review/9224
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8509b9290a7255a91fa5f10a8312ca80eb94ead6
Reviewed-on: https://code.wireshark.org/review/7900
Reviewed-by: Cal Turney <cturney@charter.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
of a "homegrown" method.
Change-Id: I06d7d4e9747ed8593cf40506cae3a09ae237846b
Reviewed-on: https://code.wireshark.org/review/9456
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
dissector function signature.
This paves the way for using dissector tables.
Change-Id: I88ac165ef9aa5bf5c05e1115f7321e18e734d683
Reviewed-on: https://code.wireshark.org/review/9453
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I1b61f6a91fbd3553106d1a9a8aba56db1894a010
Signed-off-by: Tom Haynes <loghyr@primarydata.com>
Reviewed-on: https://code.wireshark.org/review/8940
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
And no longer uses opaque_auth
Change-Id: I272e1c5c1391dac977ad850b899505a28c42b6fd
Reviewed-on: https://code.wireshark.org/review/8939
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I7a4e99242365a6fd7c0fa81c6bc97cbe01a00763
Reviewed-on: https://code.wireshark.org/review/8938
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I67239a7cd1ea63499e5ee1956a2a5ac7b8191f9e
Reviewed-on: https://code.wireshark.org/review/8936
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|