Wireshark · Ethereal-dev: [Ethereal-dev] RTP Analysis writes to /tmp endlessly

Ethereal-dev: [Ethereal-dev] RTP Analysis writes to /tmp endlessly

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Thomas Anders <thomas.anders@xxxxxxxxxxxxx>

Date: Wed, 29 Oct 2003 10:57:10 +0100

Folks,

while latest Ethereal 0.9.15 normally works like a charm
for us (thanks so much), it chokes on some capture files when
doing RTP Analysis. It writes to /tmp/ethereal_rtp_fwdXXXXetzbX1
"endlessly", i.e. until it hits a limit (like the 2GB filesize
limit on my machine) and dies.

A sample 2-packet capture file that triggers this problem can
be found at:

  http://user.blue-cable.de/~anders/download/rtp.bin.gz

(you may have to use "Decode As" to decode as RTP)

I suspect that this may have to do with the RTP sequence numbers
being 0 in both packets. Even if so: shouldn't Ethereal handle
this more gently?

My environment:

foo# ethereal -v
ethereal 0.9.15
Compiled with GTK+ 1.2.10, with GLib 1.2.10, with libpcap 0.7, with libz 1.1.4,
with Net-SNMP 5.0.9, without ADNS
Running on Linux 2.4.19-4GB
foo#

This is reproducible with similar capture files (RTP traffic with
the same device) and other Ethereal installations (and versions) on
different machines.

Your feedback is highly appreciated.


Best regards,
Thomas

--
Thomas Anders (thomas.anders at blue-cable.de)

Follow-Ups:
- Re: [Ethereal-dev] RTP Analysis writes to /tmp endlessly
  - From: Guy Harris

Prev by Date: [Ethereal-dev] Re: [Bluez-devel] bluetooth ethereal dissector
Next by Date: Re: [Ethereal-dev] ASN.1 dissector.
Previous by thread: Re: [Ethereal-dev] WAN Capturing problem
Next by thread: Re: [Ethereal-dev] RTP Analysis writes to /tmp endlessly
Index(es):
- Date
- Thread