[Wireshark-dev] Crash in RDP/EGFX dissector

Hi! Wireshark crashes while decoding relatively large (~20 MBytes) captures with RDP traffic. Here is how the stack trace looks like (only frames 0-26, since there are 90 frames in the core dump): (gdb) bt #0 __memmove_avx_unaligned_erms () at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-e

Re: [Wireshark-dev] Crash in RDP/EGFX dissector

Hi Uli, > > 1. Is this issue known? I tried to look it up on gitlab but I did not > > find anything relevant. Should I file an issue on gitlab? > > Yes, please open a new issue for this using the bug template. Please attach a > sample capture to reproduce the bug. The biggest problem with the c

[Wireshark-dev] SCTP association analysis & selection does not work correctly

Hi, I am trying to look at all SCTP associations (lots of them) in an pcap. However, none of the "Analyse/SCTP/..." menu options work correctly. It shows only _one_ association whereas there are many in the pcap. Pls. see an attachment with a screenshot of "Analyse/SCTP/Show All...". What happene

Re: [Wireshark-dev] SCTP association analysis & selection does not work correctly

> > On Wed, Dec 6, 2023 at 12:15 PM Cristian Constantin via Wireshark-dev > wrote: >> >> Hi, >> >> I am trying to look at all SCTP associations (lots of them) in an pcap. >> However, none of the "Analyse/SCTP/..." menu options work correctly. >

[Wireshark-dev] Sorting "Number of Packets" / SCTP Associations as strings ?!...

Hi, Now, come on guys, really?? Sorting this field as strings?... OS: Ubuntu cco@DEU1145:~$ cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=22.04 DISTRIB_CODENAME=jammy DISTRIB_DESCRIPTION="Ubuntu 22.04.3 LTS" Wireshark version as shown by "About Wireshark": Version 3.6.2 (Git v3.6.2 pack

Re: [Wireshark-dev] SCTP association analysis & selection does not work correctly

45 AM John Thacker wrote: > > On Thu, Dec 7, 2023 at 3:32 AM Cristian Constantin via Wireshark-dev > wrote: >> >> Hi Jeff, >> >> Yes, after enabling the respective protocol decoding option, SCTP >> association analysis works. >> SCTP association analysis i

Re: [Wireshark-dev] SCTP association analysis & selection does not work correctly

Hi, How to figure out if a fix for an issue like the one mentioned by John above is part of a Wireshark release? And what Wireshark release is part of... Thank you, Cristian On Sat, Dec 23, 2023 at 4:45 AM John Thacker wrote: > > On Thu, Dec 7, 2023 at 3:32 AM Cristian Constantin via Wir

[Wireshark-dev] byte range selections in tshark -e fields

hi! wireshark GUI supports byte selection by means of indexing an protocol field in display filters, e.g.: "gsm_map.ms.autn[6] == 0x80" is it possible to use expressions indexed like shown above for tshark fields specified with -e option? what is the syntax for it? thanks, cristian