https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4742
Summary: Problems decoding variable length strings in IPFIX
Product: Wireshark
Version: unspecified
Platform: Other
OS/Version: All
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: acferen@xxxxxxxxx
Created an attachment (id=4612)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4612)
patch for variable length IPFIX strings
Build Information:
$ wireshark -v
wireshark 1.2.2
Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.18.3, with GLib 2.22.2, with libpcap 1.0.0, with libz
1.2.3.3, with POSIX capabilities (Linux), with libpcre 7.8, with SMI 0.4.8,
with
c-ares 1.6.0, with Lua 5.1, with GnuTLS 2.8.3, with Gcrypt 1.4.4, with MIT
Kerberos, with GeoIP, with PortAudio V19-devel (built Jun 20 2009 13:30:07),
without AirPcap.
Running on Linux 2.6.31-20-generic, with libpcap version 1.0.0, GnuTLS 2.8.3,
Gcrypt 1.4.4.
Built using gcc 4.4.1.
--
The number of bytes for flow records can be determined when the template
arrives. The length of variable length strings must be determined for each
flow.
The attached patch makes several minor changes.
1) use the length returned from dissect_v9_pdu(...) instead of the template
length (tplt->length) to calculate the new offset.
2) Calculates the correct length for variable length strings in the default
case for unknown information elements.
3) reindented a few lines in the default case to respect the indentation
specified in the Editor modelines at the bottom of the file.
Notes on variable length strings
< 255 char long encoded as : 1 byte len + string.
>= 255 char long encoded as : 255 + 2 byte len + string
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.