Wireshark-commits: [Wireshark-commits] master af987ec: TFTP: Improve dissection of ERROR packets.
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Fri, 23 Nov 2018 05:49:07 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=af987ecd288a7d3b6bed252a3b65ecff514bfb96
Submitter: "Anders Broman <a.broman58@xxxxxxxxx>"
Changed: branch: master
Repository: wireshark

Commits:

af987ec by Darius Davis (darius@xxxxxxxxxx):

    TFTP: Improve dissection of ERROR packets.
    
    Instead of annotating every TFTP ERROR packet as "TFTP blocksize out of range",
    let's flag them as TFTP error packets using their own expert info type.
    
    Let's also try to figure out whether an ERROR packet represents a "close"
    operation after a transfer-size ("tsize") query.  Such ERROR packets aren't
    really errors, so we can use a separate expert info type to report those with
    lower severity.
    
    Testing Done: On macOS 10.12.6, built Wireshark, and examined a handful of
       TFTP packet captures in the GUI, including tsize probes and real errors
       (file not found, permission denied).  From the menu, chose Analyze > Expert
       Information, and saw the tsize probes listed together at "Chat" severity,
       and actual errors reported at "Warning" severity, all appropriately labeled.
    
    Change-Id: I5605ce00559264ed94a47435c8f6d253f143fefb
    Reviewed-on: https://code.wireshark.org/review/30760
    Petri-Dish: Anders Broman <a.broman58@xxxxxxxxx>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
    

Actions performed:

    from  ed8da33   RTPS: Extra fields dissected in RTI DDS field PID_TYPE_CONSISTENCY.
     add  af987ec   TFTP: Improve dissection of ERROR packets.


Summary of changes:
 epan/dissectors/packet-tftp.c | 89 ++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 79 insertions(+), 10 deletions(-)