https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4401
--- Comment #2 from Gregor Anich <gregor.anich@xxxxxx> 2010-01-19 15:27:33 PST ---
I tried with latest git/svn of libpcap/wireshark, here's the build info:
Version 1.2.5
Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.18.3, with GLib 2.22.3, with libpcap 1.1-PRE-CVS, with
libz
1.2.3.3, without POSIX capabilities, without libpcre, without SMI, without
c-ares, without ADNS, without Lua, with GnuTLS 2.8.3, with Gcrypt 1.4.4, with
MIT Kerberos, without GeoIP, with PortAudio V19-devel (built Jun 20 2009
13:28:51), without AirPcap.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.
Running on Linux 2.6.31-17-generic, with libpcap version 1.1-PRE-CVS, GnuTLS
2.8.3, Gcrypt 1.4.4.
Built using gcc 4.4.1.
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
=== END OF BUILD INFO ===
The problem persists. Here's an example isochronous packet's "Application
Data":
0000 ee ff ff ff 00 00 00 00 1e 00 00 00 00 00 00 00 ................
0010 ee ff ff ff 1e 00 00 00 24 00 00 00 00 00 00 00 ........$.......
0020 ee ff ff ff 42 00 00 00 1e 00 00 00 00 00 00 00 ....B...........
0030 ee ff ff ff 60 00 00 00 24 00 00 00 00 00 00 00 ....`...$.......
0040 ee ff ff ff 84 00 00 00 1e 00 00 00 00 00 00 00 ................
0050 ee ff ff ff a2 00 00 00 24 00 00 00 00 00 00 00 ........$.......
0060 ee ff ff ff c6 00 00 00 1e 00 00 00 00 00 00 00 ................
0070 ee ff ff ff e4 00 00 00 24 00 00 00 00 00 00 00 ........$.......
0080 28 77 ac 00 28 77 ac 00 d8 11 e4 08 d8 11 e4 08 (w..(w..........
0090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0180 00 00 00 00 00 00 00 00 ........
As can be seen, there's the 16 byte pattern with eeffffff again, which is very
likely the struct mon_bin_isodesc from
linux-2.6.32/drivers/usb/mon/mon_bin.c line 116 (see original comment/bug
report)
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.