Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 2000] RTP Stream Analysis - Save Payload error with .enc f

Date: Sat, 24 Nov 2007 16:01:16 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2000





------- Comment #5 from jaap.keuter@xxxxxxxxx  2007-11-24 16:01 GMT -------
The RTP payloads really are missing the 4 octets. In the ngsniffer.c file both
sizes are determined based on what's stored in the capture file records. This
bit sets the pseudo header:
        wth->phdr.len = true_size ? true_size : size;
        wth->phdr.caplen = size;
It seems that true_size is shorter than size. But both are read straight from
the capture. So we need a better understanding of the record types, or the
software creating them is actually wrong (gasp).


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.