Wireshark-commits: [Wireshark-commits] master 259989a: camins: improve the heuristics
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Thu, 12 Jan 2017 16:05:37 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=259989ac1ade9cf60db9e5a78ceb404123d57fe9
Submitter: Roland Knall (rknall@xxxxxxxxx)
Changed: branch: master
Repository: wireshark

Commits:

259989a by Martin Kaiser (wireshark@xxxxxxxxx):

    camins: improve the heuristics
    
    The current mechanism that reads the first 20 blocks looking for a headerd
    oesn't work in all cases. I was given sample files that consist of
    data blocks only and have no header.
    
    Use a new approach to detect a .camins file by searching for pairs of
    size high + size low blocks, either read or write. Go through the
    entire file. If we have significantly more pairs than single, non-matching
    blocks, this is a camins file.
    
    Change-Id: Ic91e7db7149b105e26896d1a89cad4a2a73d0f13
    Reviewed-on: https://code.wireshark.org/review/19603
    Reviewed-by: Martin Kaiser <wireshark@xxxxxxxxx>
    Petri-Dish: Martin Kaiser <wireshark@xxxxxxxxx>
    Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
    Reviewed-by: Roland Knall <rknall@xxxxxxxxx>
    

Actions performed:

    from  3df81a0   Qt: Remove unneccessary Q_DECLARE_METATYPE
    adds  259989a   camins: improve the heuristics


Summary of changes:
 wiretap/camins.c |   93 ++++++++++++++++++++++++++++++++++++++++++------------
 wiretap/camins.h |    2 +-
 2 files changed, 73 insertions(+), 22 deletions(-)