Package: wireshark
Version: 3.4.4-1
Severity: normal

When viewing packets from a capture file, I found that the ASCII
decoding of the bytes doesn't show most of the last 8 bytes on each row
of 16. This is an example of what is shown:

0000   00 e0 4c dc 45 db 00 f7 01 fc c5 31 08 00 45 00   ..L.E...
0010   00 40 a7 86 40 00 40 11 39 36 ac 12 01 ca ac 12   .@..@.@.
0020   00 02 4b e4 00 35 00 2c c5 f9 30 50 01 00 00 01   ..K..5.,
0030   00 00 00 00 00 00 05 67 72 61 70 68 08 66 61 63   .......g
0040   65 62 6f 6f 6b 03 63 6f 6d 00 00 01 00 01         ebook.co m.....

Curiously, right click and "Copy Bytes as Hex + ASCII Dump" does result
in the following being copied:

0000   00 e0 4c dc 45 db 00 f7 01 fc c5 31 08 00 45 00   ..L.E......1..E.
0010   00 40 a7 86 40 00 40 11 39 36 ac 12 01 ca ac 12   .@..@[email protected]......
0020   00 02 4b e4 00 35 00 2c c5 f9 30 50 01 00 00 01   ..K..5.,..0P....
0030   00 00 00 00 00 00 05 67 72 61 70 68 08 66 61 63   .......graph.fac
0040   65 62 6f 6f 6b 03 63 6f 6d 00 00 01 00 01         ebook.com.....

In the example above all but the last line had the problem, however on
some data a couple of ASCII characters are shown on the right part, but
still not all. I have not been able to find a pattern when a byte is
shown or not.

I noticed this on 3.4.2-1, tried updating to 3.4.4-1 but that didn't
make any difference.

Thanks,
Paul


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.8.0-2-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_FORCED_RMMOD, TAINT_WARN, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: sysvinit (via /sbin/init)

Versions of packages wireshark depends on:
ii  wireshark-qt  3.4.4-1

wireshark recommends no packages.

wireshark suggests no packages.

-- no debconf information

Reply via email to