Update manuf, services enterprise numbers, translations, and other items.

HTTP chunked transfer encoding can have lots of chunks, and calling
the data dissector for each individual chunk adds a large number of
layers to the frame and doesn't really make sense. (As opposed to
calling the data dissector on the reassembled data if we can't handle
the content type, which does make sense.) In particular, this can
cause a failed assertion by adding more layers than
PINFO_LAYER_MAX_RECURSION_DEPTH.

Just add each data chunk as a FT_BYTES item. Fix #18130.


(cherry picked from commit e49a69f3)

Fixes #18155.

(cherry picked from commit 229dad6a)

Eelco Chaudron authored Mar 07, 2022 and Guy Harris committed Jun 24, 2022

This change fixes a segmentation fault core dump in tshark/Wireshark
when loading a pcapng file that contains the packet verdict option.

This problem got introduced in the commit mentioned below.

Fixes: 030b06ba

 ("pcapng: write packet and Netflix custom blocks the same as other blocks.")
Signed-off-by: Eelco Chaudron <echaudro@redhat.com>


(cherry picked from commit e79630f1)

j.novak@netsystem.cz authored Jun 21, 2022 and Gerald Combs committed Jun 21, 2022

(cherry picked from commit b6ccc65a)

Chuck Craft authored Nov 18, 2021 and Guy Harris committed Jun 20, 2022

Closes #16783. No open issue for autostop bug. Link added in
issue 16783 to Ask site question 15303.


(cherry picked from commit c560226f)

Update manuf, services enterprise numbers, translations, and other items.

After parsing a Topology Descriptor at the start of a request
or reply command, reset the left and right bracket counters
before going back to the top of the loop to parse the next
command, just like how done at the end of the while loop with
a normal command.

Prevents marking as malformed packets which have a Topology Descriptor
followed by a single command (e.g. Move) without any trailing
descriptors, and hence no more left brackets.


(cherry picked from commit 9319394a)

When the field width was corrected by commit
b240d5ba, the masks got messed
up. There's 4 reserved bits that don't have fields and the bits
are in Little Endian order. Fix #18132.


(cherry picked from commit 4d578542)

Fixes #18136


(cherry picked from commit 1bd24bb9)

Gerald Combs authored Jun 15, 2022 and Gerald Combs committed Jun 15, 2022

The correct glob pattern for a directory and its subdirectories is
"**/*". Use that in the change rules for the Documentation job.

(cherry picked from commit 022ebb10)

[skip ci]

[skip ci]

If we get into the dissect_tftp call, we must have either matched
a WRQ/RRQ at some point and created a wildcarded UDP conversation,
or we matched the TFTP port. While it is contrary to the spirit
of RFC 1350 for the server not to switch ports, it basically works
and the port is IANA assigned, so it doesn't do harm to process these.
In the heuristic dissector, of course, we don't do this.

The conversation code doesn't automatically fill in wildcarded
ports for UDP (since it's connectionless), and the wildcarded
find_conversation call in the TFTP dissector was twisted around
so it didn't actually fill in the second port before anyway.
Filling in the server port would make sense, but then the necessary
logic to find the right conversations would be more complicated.
(The default find_conversation logic prefers any conversation with
both ports to a wildcarded conversation, but the TFTP dissector would
then want the most recent conversation, whether wildcarded or with
both ports.)

These packets were handled prior to the 3.6 changes. Fix #18122

(cherry picked from commit 47c418d4)

(cherry picked from commit 01f9dcbb)

Update manuf, services enterprise numbers, translations, and other items.

Jakub Jirutka authored May 18, 2022 and Gerald Combs committed Jun 05, 2022

    $ gdb --args wireshark
    (gdb) run
    Starting program: /usr/bin/wireshark
    [New LWP 10363]
    [New LWP 10364]
     ** (wireshark:10356) 13:13:14.137941 [GUI WARNING] -- codecForName: ucnv_open failed ISO-8859-2 U_FILE_ACCESS_ERROR
    (gdb) bt
    Thread 1 "wireshark" received signal SIGSEGV, Segmentation fault.
    0x00005555557b1959 in MainWindow::findTextCodecs (this=0x7fffecdfd390) at wireshark-3.6.5/ui/qt/main_window.cpp:2029
    2029            QString key = codec->name().toUpper();
    (gdb) bt
    #0  0x00005555557b1959 in MainWindow::findTextCodecs (this=0x7fffecdfd390) at wireshark-3.6.5/ui/qt/main_window.cpp:2029
    #1  0x00005555557b4ce3 in MainWindow::MainWindow (this=this@entry=0x7fffecdfd390, parent=parent@entry=0x0) at wireshark-3.6.5/ui/qt/main_window.cpp:362
    #2  0x000055555564f0af in main (argc=<optimized out>, qt_argv=0x7fffffffe748) at wireshark-3.6.5/ui/qt/main.cpp:725

See https://gitlab.alpinelinux.org/alpine/aports/-/issues/13814 for more
information.

Update manuf, services enterprise numbers, translations, and other items.

Plug a memory leak. If cf_save_records wrote to a temporary file,
free the name if the rename is successful (not just if it fails.)

(backported from 356a6ab0)

Dana Sy authored May 26, 2022 and Gerald Combs committed May 31, 2022

Fixed typo for Touchlink command filter name


(cherry picked from commit eb3c77f3)

Update manuf, services enterprise numbers, translations, and other items.

Update manuf, services enterprise numbers, translations, and other items.

Without this, the simple stat tables default to sorting by the first
column in descending order. (An artifact of the QTreeWidget that they
inherit from.) The first column is generally a message type (integer or
string) and ascending order makes more sense.

Some of the stat tables intentionally insert rows in a preferred order
that is different than sorting by the first column (e.g, ANSI A I/F tables
are sorted by the second column), but we can't tell what that is.
QTreeWidget only allows the data to be shown in its original unsorted
order if the widget is marked unsortable, but then the user isn't allowed
to sort at all, and being able to sort by other columns (such as count)
is useful.


(cherry picked from commit 7987df81)

Jason Cohen authored May 17, 2022 and Alexis La Goutte committed May 18, 2022

Some versions of BIG-IP create Type 2 Version 0 records with the
Type 2 Version 1 size.  Allow for the decoding of these records.


(cherry picked from commit 0cab39a8)

Roland Knall authored May 16, 2022 and Roland Knall committed May 17, 2022

The current situation in UatDelegate as well as PathChooserDelegate leads to issues, where Wireshark crashes if the button is clicked. This is due to the UI not correctly positioning the button inside the cell.

This change implements a widget, which will serve as cell content, handling all relations with choosing the file, but also properly handling the size and geometry of said cell content, therefore no longer leading to crashes and cleaning up code at the same time, as duplicate methods are being removed.

Fixes #17789, #17819, #18088

Roland Knall authored May 16, 2022 and Gerald Combs committed May 16, 2022

Windows implements so called CRT handlers, which will catch any
assertions happening inside so called crt routines and either
displays a debug dialog (Cancel, Retry, Ignore) or outright crashes
the application.

See
https://docs.microsoft.com/en-us/cpp/c-runtime-library/parameter-validation?view=msvc-170
for an explanation of the behaviour.

Now, in the current situation here, close will detect (correctly)
that the pipe it is supposed to be closing is already closed. This
happens (again correctly) because it had been closed by the extcap
application.

The change added, checks for a closed pipe first, and if so just
returns -1 (as it should) silently without calling the CRT routine,
therefore not crashing


(cherry picked from commit 28b917a7)

Gerald Combs authored May 16, 2022 and Gerald Combs committed May 16, 2022

It's Windows-only.

(cherry picked from commit 6c612bf2)

Gerald Combs authored Apr 26, 2022 and Gerald Combs committed May 16, 2022

In validate-clang-check.sh, only check files that have rules in
compile_commands.json or build.ninja.

(cherry picked from commit b53d3495)

Jaap Keuter authored Jan 04, 2022 and Gerald Combs committed May 16, 2022

(cherry picked from commit a4cbf047)

Anders Broman authored Dec 22, 2021 and Gerald Combs committed May 16, 2022

(cherry picked from commit b5928542)

Zoran Bošnjak authored Oct 29, 2021 and Gerald Combs committed May 16, 2022

Asterix data format is a complex family of asterix categories,
where each individual category exists in multiple editions.
As a result of many variants, the epan/dissectors/packet-asterix.c
is one of the largest dissectors.

So far, the asterix dissector had been maintained manually, where the
generic decoding routines and category/edition specific definitions
were entangled in the same file (packet-asterix.c).

This commit preserves the overall dissector structure, but makes
it easy to update the dissector with new categories or editions as
they become available (via the update script from this commit).
See tools/asterix/README.md file for dissector update procedure.

This commit includes:

- tools/asterix/packet-asterix-template.c
  Extraction of generic asterix decoding routines and
  common data structures.

- tools/asterix/update-specs.py
  Update script, to render the template with up-to-date asterix
  specs files. The asterix specs files themselves are maintained in
  a separate repository.

- epan/dissectors/packet-asterix.c
  Automatically generated dissector for asterix data format.
  Although generated, this file needs to remain in the repository,
  to be able to build the project in a reproducible way.

The generated asterix dissector was additionally tested with:

- ./tools/check_typed_item_calls.py --mask
- ./tools/fuzz-test.sh

Sync with asterix-specs #cef694825c

(cherry picked from commit 16779dc4)

Update manuf, services enterprise numbers, translations, and other items.

Gerald Combs authored May 11, 2022 and Gerald Combs committed May 11, 2022

Qt::endl was introduced in 5.14.
(cherry picked from commit 7b749f5e)

Fixes #18084.

Display filters on Windows where broken in such a way that the file was generated with empty lines and the wrong file delimiters.

Likewise, loading the file lead to issues when the formatting was not 100% match by the plattform being used

Fixes #18082


(cherry picked from commit ad28888d)

Update manuf, services enterprise numbers, translations, and other items.

Odysseus Yang authored May 06, 2022 and Pascal Quantin committed May 06, 2022

(cherry picked from commit 8f4d38b7)

The handshake hash is used to derive TLS decryption keys when the
Extended Master Secret (EMS) extension is in use.
ssl_calculate_handshake_hash updates this hash only when the master
secret has not been determined yet.

During TLS renegotiation, there are two master secrets: one before, and
one after. Before this fix, the second calculated master secret is
wrong because the second Client Hello is missing in the handshake hash.
It was missing because the handshake hash was not being updated since
the master secret for the first handshake was still present, and the
decryption state was only reset after that hash update.

To fix this, make sure to clear the SSL_MASTER_SECRET flag before
updating the handshake hash when needed. Additionally, clear the
handshake hash when processing the Client Hello just to make sure that
any previous state is gone.

Fixes #18059

(cherry picked from commit 62100da7)

[skip ci]