Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 6230] Large JPEG files are not dissected

Wireshark-bugs: [Wireshark-bugs] [Bug 6230] Large JPEG files are not dissected

Date: Wed, 26 Sep 2012 11:53:01 -0700 (PDT)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6230

--- Comment #5 from Chris Maynard <christopher.maynard@xxxxxxxxx> 2012-09-26 11:53:00 PDT ---
(In reply to comment #4)
> Maybe: don't check for MARKER_EOI when dissecting JPEG files,
> check for MARKER_EOI when doing HTTP/other heuristics?

Nice idea.  I did that then was able to load a large jpg, achieving the same
level of dissection as with trunk-1.4.

However, I also decided to try loading an http+jpeg image with the MARKER_EOI
not present to see what I would get.  To do this, I grabbed the capture file
attached to bug 5771, isolated frame 26 and chopped off the last 2 bytes using
editcap.  As it turns out, no version of Wireshark I tried (1.6+patch, 1.8,
svn) will dissect any part of the jpeg as a result.  But I guess that's to be
expected.

So, in order to handle that latter problem (as well as this one), I think full
jpeg dissection would be needed so that the number of bytes dissected by the
jpeg dissector could be returned.  But since that's not yet implemented,
perhaps this upcoming patch will suffice?

(I will attach my patch and sample pcap file for testing shortly ...)

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

Prev by Date: [Wireshark-bugs] [Bug 6645] Patch to add support for Friendly Names for interfaces on Windows
Next by Date: [Wireshark-bugs] [Bug 6230] Large JPEG files are not dissected
Previous by thread: [Wireshark-bugs] [Bug 6230] Large JPEG files are not dissected
Next by thread: [Wireshark-bugs] [Bug 6230] Large JPEG files are not dissected
Index(es):
- Date
- Thread