Wireshark-bugs: [Wireshark-bugs] [Bug 10998] New: NS Trace (NetScaler Trace) file format is not

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 23 Feb 2015 11:23:05 +0000
Bug ID 10998
Summary NS Trace (NetScaler Trace) file format is not able to export specified packets
Product Wireshark
Version 1.12.3
Hardware x86
OS Windows 8.1
Status UNCONFIRMED
Severity Minor
Priority Low
Component Capture file support (libwiretap)
Assignee [email protected]
Reporter [email protected]
CC [email protected]
Attachment #13467 Flags review_for_checkin? 

Created attachment 13467 [details]
patch file for review

Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
NS Trace (NetScaler Trace) file format is not able to export specified packets

Steps to reproduce:
1) open NetScaler packet capture file from wireshark GUI [nstrace_original]
2) apply some display filter (e.g. frame.number <= 5)
3) GoTo : File->Export Specified Packets... and save file
4) open newly created file [nstarce_export.cap]

result:
1) file size is always 42 bytes:
    23-02-2015  15:36                42 nstrace_export.cap
               1 File(s)             42 bytes

2) there are no packets in final captured file (only signature information is
present)

Root cause:

file : wiretap\netscaler.c
in funciton "nstrace_dump" the capture length (phdr->caplen) of incoming
records is always zero and as a result "wtap_dump_file_write()" is not writing
any thing to the output file.

Fix:
nstrace_seek_read_v30 : setting capturelen and len of phdr in seek read
function

Fixed output file attached [nstrace_export_fixed.cap]

Verified on build :

Version 1.99.3 (v1.99.3rc0-266-g6765bf7 from master)

Copyright 1998-2015 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.24.23, with Cairo 1.10.2, with Pango 1.34.0, with
WinPcap (4_1_3), with libz 1.2.5, with GLib 2.38.0, with SMI 0.4.8, with c-ares
1.9.1, with Lua 5.2, with GnuTLS 3.2.15, with Gcrypt 1.6.2, with MIT Kerberos,
with GeoIP, with PortAudio V19-devel (built Feb 23 2015), with AirPcap.

Running on 64-bit Windows 8.1, build 9600, with locale English_India.1252, with
WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version
1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.2.15, with Gcrypt 1.6.2, without
AirPcap.
AMD A10-4600M APU with Radeon(tm) HD Graphics   (with SSE4.2), with 3554MB of
physical memory.


Built using Microsoft Visual C++ 12.0 build 31101

You are receiving this mail because:
  • You are watching all bug changes.