Wireshark-bugs: [Wireshark-bugs] [Bug 5453] Help->About Wireshark mis-reports OS

Date: Tue, 30 Nov 2010 14:39:44 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5453

--- Comment #1 from Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx> 2010-11-30 15:39:43 MST ---
Thanks for the report.  I'm responding so fast because I was recently working
on this part of the Wireshark source code and thus have an interest in it :). 
We show the 32/64 bit version of Windows using the GetSystemInfo() Windows API
call, and display it according to the value of the wProcessorArchitecture:

if (system_info.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_AMD64)
    g_string_append(str, "64-bit ");
else if (system_info.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_INTEL)
    g_string_append(str, "32-bit ");

The definition of these values, according to Microsoft are:

PROCESSOR_ARCHITECTURE_AMD64    x64 (AMD or Intel)
PROCESSOR_ARCHITECTURE_INTEL    x86

(from http://msdn.microsoft.com/en-us/library/ms724958%28VS.85%29.aspx)

Since you're using a Core2 processor (thanks for the screen shot), that should
show up as  and cause us to display "64-bit" by the Windows version.

I see the problem now: because Wireshark is 32-bit, it's being run under
"WOW64" (x86 emulator for 64-bit Windows), so the reported processor is being
faked.  We need to use the GetnativeSystemInfo() function instead
(http://msdn.microsoft.com/en-us/library/ms724340%28v=VS.85%29.aspx).

I'll work up some code changes.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.