Wireshark-bugs: [Wireshark-bugs] [Bug 8279] Add support for Android Logcat logs
Date: Sat, 09 Feb 2013 23:48:57 +0000

changed bug 8279

What Removed Added
CC   darkjames-ws@darkjames.pl

Comment # 2 on bug 8279 from
Hi Michał,

Great! logcat seems to be interesting format, can you link to some
specification?

Quick review:

1/ wiretap/logcat.c

48 static gchar get_priority(gchar *priority) {

51 if (*priority >= (gchar) sizeof(priorities))

priority is signed char, so *priority can be < 0.

2/ wiretap/wtap.h

I'm not sure exactly how it works, but it seems only WTAP_ENCAP_LOGCAT is used.

3/ wiretap/logcat.c

208 wth->phdr.ts.secs  = GINT32_FROM_LE(*((gint32 *) &buf[3 * 4]));
209 wth->phdr.ts.nsecs = GINT32_FROM_LE(*((gint32 *) &buf[4 * 4]));

Please check wiretap/wtap-int.h but I believe pletohl() should be used.

4/ wiretap/logcat.c

180 if (file_seek(wth->fh, *data_offset, SEEK_SET, err) == -1)
181   return FALSE;

...

193 if (file_seek(wth->fh, *data_offset, SEEK_SET, err) == -1)
194     return FALSE;

not *data_offset nor file offset seems to be changed.
Also I'd rather reconstruct this first two bytes from payload_length and not
seek file, but premature optimization is the root of all evil, so let's leave
it :)

5/ wiretap/logcat.c

Speaking about payload_length:

172 bytes_read = file_read(&payload_length, 2, wth->fh);

Please read it to some payload_tmp[2] and use pletohs().

I don't have time for full review (sorry),
Kuba.


You are receiving this mail because:
  • You are watching all bug changes.