https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3926
Summary: TS2 dissector is wrong
Product: Wireshark
Version: 1.2.0
Platform: All
URL: http://wiki.wireshark.org/TeamSpeak2
OS/Version: All
Status: NEW
Severity: Minor
Priority: Low
Component: Documentation
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: avithan@xxxxxxxxxxxxxx
Build Information:
Version 1.2.0 (SVN Rev 28753)
Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.14.7, with GLib 2.18.4, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, without libpcre, without SMI,
without c-ares, without ADNS, with Lua 5.1, without GnuTLS, without Gcrypt,
without Kerberos, without GeoIP, with PortAudio V19-devel (built Jun 15 2009),
without AirPcap.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.
Running on Windows Vista, build 7100, with WinPcap version 4.1 beta5
(packet.dll
version 4.1.0.1452), based on libpcap version 1.0.0.
Built using Microsoft Visual C++ 9.0 build 30729
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
Im currently analyzing the TS2 protocol. I think the TS2 Dissector is still -
well - uncomplete. I like to share my results when I got a good overview, but
one thing I can say at the moment is:
End Marker (0xFFFFFFFF) does NOT exist. These four bytes are an long field for
the "Parent Channel ID". If the current channel is on top-level (so has no
parent), the field (indeed) contains 0xFFFFFFFF.
Kind regards,
avi
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
