Wireshark-bugs: [Wireshark-bugs] [Bug 7997] New: openSAFETY - Allow for specific enabling and di
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7997
Summary: openSAFETY - Allow for specific enabling and disabling
of heuristic dissectors
Product: Wireshark
Version: SVN
Platform: x86
OS/Version: All
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
ReportedBy: rknall@xxxxxxxxx
Created attachment 9545
--> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=9545
openSAFETY - Allow for specific enabling and disabling of heuristic dissectors
Build Information:
TShark 1.9.0 (SVN Rev 46080 from /trunk)
Copyright 1998-2012 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GLib 2.32.3, with libpcap, with libz 1.2.3.4, with POSIX
capabilities (Linux), with libnl 1, with SMI 0.4.8, with c-ares 1.7.5, with Lua
5.1, without Python, with GnuTLS 2.12.14, with Gcrypt 1.5.0, with MIT Kerberos,
with GeoIP.
Running on Linux 3.2.0-32-generic, with locale de_AT.UTF-8, with libpcap
version
1.1.1, with libz 1.2.3.4.
Built using gcc 4.6.3.
--
openSAFETY per defaults activates all heuristic dissectors and registers itself
on a variety of fieldbus protocols. This can lead to issues with other
heuristic implementations, where false-positives may get detected.
The underlying issue occured on a dissection for Profinet IO, where the field
ID took values between 0xFF80 and 0xFF8F. This issue will be tackled with a
separate bugfix, but it is generally a good idea, to allow for the specific
disablement and enablement of the heuristic dissectors for openSAFETY.
As of this patch, all heuristic dissectors are enabled by default, with the
exception of Profinet IO. The implementation for openSAFETY over Profinet is
not officially released yet, so it is ok to keep it at false. Every other
implementation is available and can be tested.
All fuzz and randpkt tests have been performed.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.