Ethereal-users: [Ethereal-users] Re: Problem with -w - on Windows 2000 [follow-up]

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Joe Marcus Clarke <marcus@xxxxxxxxxxxxx>
Date: Sun, 25 Apr 2004 18:40:50 -0400
On Fri, 2004-04-23 at 20:30, Joe Marcus Clarke wrote:
> I'm spawning tethereal-0.10.3 in Java on Windows 2000 SP4.  I'm reading
> bytes from stdout, and writing them to a file.  The resulting capture
> file is corrupt.  It either claims to have been truncated in mid-packet,
> or it claims that one packet far exceeds the max capture size of 65535.
> 
> I thought this must have something to do with my Java code (even though
> it works fine on Solaris and FreeBSD).  So I took the same command line,
> and did a simple redirect to a file:
> 
> tethereal -s 65535 -w - > outfile
> 
> The resulting outfile has the same problem.  Again, this command works
> fine on Solaris and FreeBSD (and I assume all flavors of UNIX).  I've
> tried both WinPcap 2.3 and 3.0, and both exhibit the same behavior.  If
> needed, I can produce one of the bad capture files.  However, I think
> this is pretty reproduceable as it's now happened on two different
> Windows 2000 machines.
> 
> I searched the archives, but didn't find anything relating to this. 
> Ideally, what I'd like to be able to do is use -w <filename>, but
> Process.destroy() (in Java) calls TerminateProcess() on Windows, and
> this doesn't give tethereal a chance to flush its output buffer.  If
> tethereal flushed after each packet that might do it, but it only seems
> to do that if the output file is stdout.  Any advice would be greatly
> appreciated.  Thanks.

I saw Richard Urwin's reply in the archives, but I was not copied.  I
should have said I was not subscribed.  In any event, it got me
thinking, and sure enough, the file descriptor is not opened in binary
mode if the output is stdout.

I believe the attached patch should do the trick, but I do not have
access to a C compiler on Windows to test for sure.  I'd appreciate
comments.  And please CC me as I am not subscribed to the list.  Thanks.

Joe

> 
> Joe
-- 
PGP Key : http://www.marcuscom.com/pgp.asc

--- wiretap/file_access.c.orig	Sun Apr 25 18:22:20 2004
+++ wiretap/file_access.c	Sun Apr 25 18:36:29 2004
@@ -538,6 +538,9 @@
 
 	/* Empty filename means stdout */
 	if (*filename == '\0')
+#ifdef _WIN32
+		setmode(fileno(stdout), O_BINARY);
+#endif
 		wdh->fh = stdout;
 	else {
 		/* In case "fopen()" fails but doesn't set "errno", set "errno"

Attachment: signature.asc
Description: This is a digitally signed message part