Ethereal

[Ethereal-dev] Re packet-smb.c
Google
 
Web Ethereal.com

Home | Introduction | Documentation | Lists | FAQ | Development | Wiki | Bugs

Main Index | Thread Index | Mailing Lists | | Date Prev | Date Next | Thread Prev | Thread Next

Ethereal-dev: October 2001

 

Hi list

As you might have noticed if you have tested it, the tvbuffified smb dissector I posted yesterday is far from production quality.

Some of the main faults of the dissector are:
~ time/date,  time and date decoding of the various formats used
 by smb is completely hosed.
 It displays the right number of bytes (I think) but the decoding
 is broken.
 Should not be too difficult to fix.
~ 64 bit integers. Ethereal needs something like FT_UINT64 to properly
 display 64 bit integers used by several smb commands as Trans2 and
 NT Trans. As of now all 64bit integers are displayed via a sub in
 packet-smb.c which really only reads and displays the low 32 bits
 of the data.
~ 64bit time format. Probably quite a lot of work.
 Some smb commands use a 64bit integer field to represent the date/time
 which currently is just displayed as <can not decode yet> in a
 sub in packet-smb.c.
 Perhaps we need something like FT_ABSOLUTE_TIME_64 or something.
~ Can not handle well when WordCount==0 or ByteCount==0 for error
 conditions.
 A lot of work but simple to do.


I belive the dissector is far from production quality right now but
if placed in CVS after the next release it can be tested and worked on
until it is useable.
If not, we can just back it out before the next-next release and go back to the old one.
Or can a separate CVS branch be set up for this dissector so it can
be worked on and improved by all interested developers until it is good
enough for the main branch?
The dissector is BIG and was a bitch to write and it will be a bitch
to test and improve until it is useable which will take a lot of time
and effort. But I do think it can be used if it is just properly
tested and fixed.

(and then we can get reassembly of Trans and NT Trans commands :-))

Comments? Guy?


On a different note, Guy, the entry in Authors for me starts to look silly in my opinion. Could you change it to just one entry saying something like "Misc enhancement and fixes" or similar?
Thanks.

have fun
 ronnie sahlberg


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp



Powered by MHonArc 2.6.10

Please send support questions about Ethereal to the ethereal-users[AT]ethereal.com mailing list.
For corrections/additions/suggestions for this web page (and not Ethereal support questions), please send email to ethereal-web[AT]ethereal.com.
Last modified: Fri, November 10 2006.
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.