Age | Commit message (Collapse) | Author | Files | Lines |
|
We register dissectors for "Decode As" for {SSL,TLS}-over-TCP, so we
should actually set up the "Decode As" stuff for it.
Change-Id: I2a738667efdec1007069df74885a4fe8fc3fcbab
Reviewed-on: https://code.wireshark.org/review/17400
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
dissection and display the problem more prominetly.
Change-Id: Ia1a32667a18e1e5b60b5c167da9b6dd945ba3dfc
Reviewed-on: https://code.wireshark.org/review/17385
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
If the heuristics fail to detect a resumed session, then it must mark
the session as a normal session. This will also prevent from
applying secrets that do not apply to this renegotiated session.
Bug: 12793
Change-Id: I90f794a7bbaf7f1839e39656ac318183ecf48887
Reviewed-on: https://code.wireshark.org/review/17376
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ia3d8956197faff9366de2635a9bd29f2bfc40f0d
Reviewed-on: https://code.wireshark.org/review/17381
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
No more memleaks reported for the attachment in bug 12790 :-)
Change-Id: I8472e442143b332edfacdf9ef3b8b893f1ec4386
Ping-Bug: 12790
Reviewed-on: https://code.wireshark.org/review/17365
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Before:
SUMMARY: AddressSanitizer: 399684 byte(s) leaked in 17208 allocation(s).
After addressing to-do by calling ddict_free:
SUMMARY: AddressSanitizer: 3024 byte(s) leaked in 256 allocation(s).
After fixing all remaining leaks cases in the flex file for diameter:
SUMMARY: AddressSanitizer: 735 byte(s) leaked in 58 allocation(s).
Not bad huh :-)
Ping-Bug: 12790
Change-Id: I0c730ad77ae15c69390bc6cf0a3a985395a64771
Reviewed-on: https://code.wireshark.org/review/17364
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Change-Id: Ie8e77fffd54eb9b1918d90999a4419a80de8bc5e
Reviewed-on: https://code.wireshark.org/review/17374
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I3b9bc01a4f72e2e0de3f83426a9b8e7060d0c89a
Reviewed-on: https://code.wireshark.org/review/17366
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
strdup and strcmp is a recipe for leaking.
Change-Id: I522c71964e39f671a4101df9b2b432433fc1c12e
Reviewed-on: https://code.wireshark.org/review/17363
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Use same wmem_epan_scope() as "w" (tvbparse_wanted_t).
Change-Id: I73fdb1fb3b55a91b7bb0fc36e435024c6f0b3d73
Ping-Bug: 12790
Reviewed-on: https://code.wireshark.org/review/17361
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Update manuf, services enterprise-numbers, translations, and other items.
Change-Id: Ic4d32253800cb94d52c817f1cd40179d878323cb
Reviewed-on: https://code.wireshark.org/review/17358
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Fix the "Number of SPIs" field name in the Delete payload.
References: RFC 2408, RFC 7296
Change-Id: I205fb830275fc011e6605fdae53c6b9141e1628b
Reviewed-on: https://code.wireshark.org/review/17353
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
A XMPP stanza may be fragmented inside a conversation, so don't
check for this only when starting a new conversation.
Change-Id: I63b987184f52645e6c72c3c4155b39b7948de828
Reviewed-on: https://code.wireshark.org/review/17344
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Search address type by name iterates over an array, but fails to find its end.
Therefore it may dereference invalid pointers, or NULL.
Add the proper check in the for loop and make sure an end condition is always
there in the array searched.
Change-Id: I60ade9d438dc394340b6483b4fcb23e5ce432000
Reviewed-on: https://code.wireshark.org/review/17337
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Some type changes were not carried forwared into the conversation
debugging code. These changes allow compilation again.
Change-Id: I90dde7cc94496828cf8931d74225773c2cea42a1
Reviewed-on: https://code.wireshark.org/review/17336
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Added the dissection of three parameters.
Change-Id: I07e7b655ad7fd3462625c2fb565e41593c62f897
Reviewed-on: https://code.wireshark.org/review/17346
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Issue reported by Lucas Pardue
Change-Id: Ic3c53fce9751a556c5f1aa30d55687a60c9c6a4d
Reviewed-on: https://code.wireshark.org/review/17345
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Lucas Pardue <lucas.pardue@bbc.co.uk>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Issue reported by Lucas Perdue
Change-Id: I4852f6bad7a4c98b345ff198b33ab560eacb5ed0
Reviewed-on: https://code.wireshark.org/review/17341
Reviewed-by: Lucas Pardue <lucas.pardue@bbc.co.uk>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Issue reported by Lucas Perdue
Change-Id: I9c4ede6ba2fb0303aab05f1d59835e5a8b386a3e
Reviewed-on: https://code.wireshark.org/review/17340
Reviewed-by: Lucas Pardue <lucas.pardue@bbc.co.uk>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Libpcap just backed out the "host-endian" SocketCAN LINKTYPE_ value; we
don't need it any more.
Change-Id: I33a7dc21207a0009e20b4abaefe1119eb649c39a
Reviewed-on: https://code.wireshark.org/review/17327
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The created XML proto_item can be faked (if not visible and not referenced),
so ensure we store the correct item length to be used in XMPP.
This will avoid an invalid "Malformed Packet" for some XMPP packets.
Change-Id: I79d805b725dbeb93f26a38b72bdcc84187aee16f
Reviewed-on: https://code.wireshark.org/review/17324
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
RFC 6120 section 4.6.1 defines the use of a single whitespace as
"whitespace keepalive", so indicate this in the Info column.
Change-Id: I685431d91be2a37fbd66f8d1cdabe53f33092e93
Reviewed-on: https://code.wireshark.org/review/17323
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: I4e3de542d24c567434f4554917e826ccbd64cb6c
Reviewed-on: https://code.wireshark.org/review/17319
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Id463f7746880f71f317bb52b40dc8b298965b4ec
Reviewed-on: https://code.wireshark.org/review/17300
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
and also use the name of spec for field (Header BLock Fragment
Change-Id: I5a3884186258dac1f243f991a3392c875403eb97
Reviewed-on: https://code.wireshark.org/review/17310
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
show expert infos and return the number of bytes we dissected
Change-Id: Ibb12372e8670380137f4fc3d012d0b0afa4cd638
Reviewed-on: https://code.wireshark.org/review/17313
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Use RVALS + BASE_RANGE_STRING for range_strings. This should fix the "-G
values" failure on the Win32 buildbot.
Change-Id: I9a42b66a22b615d3de9c04b485adc7b9aa2cc154
Reviewed-on: https://code.wireshark.org/review/17309
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
rejects packet
This can happen for example is the heuristics changed between the Wireshark
version used to export PDUs, and the one used to open the file.
Instead, call data dissector.
Change-Id: I29f7754f883fd710c3557a610583ef988ca13e43
Reviewed-on: https://code.wireshark.org/review/17280
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Issue reported by Sharon Samuel Enoch
Bug:12780
Change-Id: I94ad5355cdfa4d8cd3915c9e261931ff56dc765b
Reviewed-on: https://code.wireshark.org/review/17272
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 12782
Change-Id: Ia082ccf5355d7f8dd6073861c59c804fecc96266
Reviewed-on: https://code.wireshark.org/review/17289
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
isakmp_cleanup_protocol() and isakmp_init_protocol() are already registered
as cleanup and init routines
Change-Id: I4fd2348dc507c8bc933aebd5abfb2522b57da0b4
Reviewed-on: https://code.wireshark.org/review/17284
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Read 4 bytes from the packet instead of 1 because that is the
correct size of the DOI field.
Reference: RFC 2408
Change-Id: I5745363811bb46af307a925d688ec36cfb29984b
Reviewed-on: https://code.wireshark.org/review/17271
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Setting our compiler warning flags in CMAKE_C_FLAGS does not allow
using different flags per target.
Allow for that possibility by setting the internal WS_WARNINGS_{C,CXX}_FLAGS
and using the COMPILE_OPTIONS property to set them.
This change is just setting mechanism and there should be no difference
in generated warnings.
The check_X_compiler_flag cmake test is changed to test each flag individually.
We need a list, not a space separated string, and the aggregate test is not
significant.
Change-Id: I59fc5cd7e130c7a5e001c598e3df3e13f83a6a25
Reviewed-on: https://code.wireshark.org/review/17150
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Problem is that not all fields of UAT are updated on change (only those
defined in UAT definition with ikev2_uat_flds, specifically pointers to
encr_spec and auth_spec in ike2_decr_data_t were set to NULL.
Fixed by re-setting pointers after update table callback was called.
Also fixed memory leaks after UAT modification.
Bug was partially resolved with change
Ibdab979b5959eb561635cbcb446e17138baca87b
https://code.wireshark.org/review/17078
which eliminated crash, but decryption still didn't work after UAT
modification (DISSECTOR BUG was displayed).
Bug: 12748
Change-Id: I8209edd8e214d62e34b641fdd2e046b9ff4c95eb
Reviewed-on: https://code.wireshark.org/review/17249
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
They follow the same dissection as normal 'Analog Change Report' Responses (FC0)
Change-Id: I854084f43fd0cc52ba02b6f1e760a63033ab48dd
Reviewed-on: https://code.wireshark.org/review/17270
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
|
|
We now check much earlier for an invalid message length; remove the
check done afterwards.
Also, note that dissect_netlink_error() should also check the message
length, to make sure it doesn't run past the end of the message, and
indicate why we are assuming an "integer" is 4 bytes (it's because the
RFC is vague here).
Change-Id: Ie0b5074acc852cdeaa008fee1125130a6c8771a1
Reviewed-on: https://code.wireshark.org/review/17279
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I0c26f02a63a12acc900637cd6a106d26e386a7a8
Reviewed-on: https://code.wireshark.org/review/17278
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
0 would cause an infinite loop. and any value < 16 is clearly wrong, so
if we see such a packet, just show the header's length field and stop
dissecting.
Bug: 12776
Change-Id: Iefc56b26b83ff5424968d065bdb9fa84a7a65481
Reviewed-on: https://code.wireshark.org/review/17277
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The Msg3 PUSCH narrowband index parameter depends on the UL bandwidth
Change-Id: Ib57c85ffbd4c108e9c8f3d14fa53a48f0df1b0e6
Reviewed-on: https://code.wireshark.org/review/17274
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
IKEv2:
Fixed bug with AEAD ciphers with 8- and 12-byte length ICVs and
libgcrypt 1.6.x - gcry_cipher_checktag() returned INVALID_LENGTH.
Fixed for merged changeset https://code.wireshark.org/review/17078
Added support for verification of encrypted data with HMAC_MD5_128
[RFC4595] and HMAC_SHA1_160 [RFC4595] integrity algorithms
Added IKEv2 decryption suite for few combinations of encryption and
integrity algorithms: 3DES-CBC/SHA1_160, AES-128-CCM-12, AES-128-CCM-12
(using CTR mode), AES-192-CTR/SHA2-512, AES-256-CBC/SHA2-256,
AES-256-CCM-16, AES-256-GCM-16, AES-256-GCM-8
Change-Id: Ic564b25f1fd41e913c605322b7b8aa030cf90ddf
Reviewed-on: https://code.wireshark.org/review/17213
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
This patch shows the Information Elements (IE) defined by the
IEEE802.15.4. It dissects the information of those IE which are used
by the IETF WG 6tisch and announces the others. Here the list of the
fully dissected ones:
- For the header IEs:
- Time Correction.
- Header Termination 1.
- Header Termination 2.
- For the payload IEs:
- MLME:
- Nested Shorts:
- TSCH Synchronization IE.
- TSCH Timeslot IE.
- TSCH Slotframe and Link IE.
- Nested Longs:
- Channel Hopping IE.
- Payload Termination IE.
For the rest of the IEs defined in the standart, this patch shows them
but does not analyze their inner fields.
References:
https://datatracker.ietf.org/doc/draft-ietf-6tisch-minimal/
IEEE Standard for Low-Rate Wireless Personal Area Networks (WPANs).
Change-Id: I45292315fa532f08be6a218eb5756284a22eeee4
Reviewed-on: https://code.wireshark.org/review/16671
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Caught by ASAN with WIRESHARK_DEBUG_WMEM_OVERRIDE=simple set.
Manually inspection of all type casts to decrypt_data_t and
ikev2_decrypt_data_t showed no other users that do not check
isakmp_version first.
Change-Id: If889afff85a20e31222d33cbea8db3a91a77f389
Reviewed-on: https://code.wireshark.org/review/17246
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michał Skalski <mskalski13@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I2a7715ac3255502f244a0d0a7e588b3a44c34f11
Reviewed-on: https://code.wireshark.org/review/17258
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I8362e64354c4ca985dbabc190cfb75d2bd31a5ad
Reviewed-on: https://code.wireshark.org/review/17257
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Return a value length of 0 if there's no parameter value.
(And don't return anything if the pointers through which we return them
are null.)
If no value is present, return NULL from ws_find_media_type_parameter().
Change-Id: I32b57623d7651bcf065af5b81f2390a600988b21
Reviewed-on: https://code.wireshark.org/review/17255
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ia95c40096018479aec99fafd93d7b95d31ba4723
Reviewed-on: https://code.wireshark.org/review/17253
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Backslash, in a quoted-string, escapes quotes (and any other characters,
although the only ones that *need* escaping are a double-quote and a
backslash).
This means that the value of a parameter isn't just the raw characters
from the parameters string; for a quoted string, it needs to be
un-escaped, and for a *non*-quoted string, it has to stop at the first
non-token character (you can put comments in). So
ws_find_media_type_parameter() must return an allocated string with the
actual value.
Get rid of index_of_char(); it doesn't do anything that strchr() does.
Change-Id: I36328ea71c28fe6ac4918a8e73c281a25f6be844
Reviewed-on: https://code.wireshark.org/review/17251
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Add Diffie-Hellman Group Transform IDs for the ECC Brainpool Curves.
References: RFC 6932, RFC 6954
Change-Id: I1ca0da8e5e06abbd1c53a591d01c1f05aa60c35a
Reviewed-on: https://code.wireshark.org/review/17231
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I1c0d344c50ee5d78dd8247ccfe795ce0cd94aaa2
Reviewed-on: https://code.wireshark.org/review/17230
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
|
|
The symbols exported from libs should use less generic. preferably
prefixed names to avoid name collisions with other shared library
symbols.
Change-Id: I8323b3e194a7ee4d61baec0c007342fab6cbde84
Reviewed-on: https://code.wireshark.org/review/17229
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|