http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1503
sake@xxxxxxxxxx changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #600 is|0 |1
obsolete| |
------- Comment #6 from sake@xxxxxxxxxx 2007-04-03 19:26 GMT -------
Created an attachment (id=604)
--> (http://bugs.wireshark.org/bugzilla/attachment.cgi?id=604&action=view)
fix-bug1503-2.patch
Hi Richard,
You are right, wireshark SHOULD be able to filter on multiple hf's with the
same field-name, BUT there is a little bug in the code. I have pinpointed it to
the following in epan/dfilter/dfvm.c:
case CHECK_EXISTS:
hfinfo = arg1->value.hfinfo;
while(hfinfo) {
accum = proto_check_for_protocol_or_field(tree,
arg1->value.hfinfo->id);
if (accum) {
break;
} else {
hfinfo = hfinfo->same_name_next;
}
}
break;
It actually loops through all the hf's with the same name, but only checks
against the original (first) hf.
So, I fixed this and reverted my patch to only include the other issues,
leaving the multiple hf's with the same field-name intact.
Could you review this updated patch?
Cheers,
Sake
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
