https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4299
--- Comment #9 from Felix Obenhuber <felix@xxxxxxxxxxxx> 2009-12-07 02:23:32 PST ---
>From the libpcap point of view, there are always 16 bytes captured, cause of
the size of struct can_frame. There is no truncation of the packet cause of
it's content. Would be possible to do so, but I think libpcap should pass
exactly what it receives.
In the dissector, the length of the frame on the wire (also shown in can.len),
is used, when the data dissector is called. This is done to hide
uninitialized/zero bytes and avoid confusion.
Maybe we should call the data dissector once again with the remaining bytes?
Another possibility would be to call it twice:
* with the length reported in the frame
* 8 bytes, the maximum length.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.