http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2565
Summary: packet-dcm, DICOM dissector bugfixes and features
Product: Wireshark
Version: SVN
Platform: All
OS/Version: All
Status: NEW
Severity: Major
Priority: Medium
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: david_aggeler@xxxxxxxxxx
Build Information:
Version 1.0.99-DAG-0100- (SVN Rev unknown)
Copyright 1998-2008 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.12.9, with GLib 2.16.3, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.8,
with ADNS, with Lua 5.1, with GnuTLS 2.3.8, with Gcrypt 1.4.1, with MIT
Kerberos, with PortAudio V19-devel (built May 24 2008), with AirPcap.
Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.0.2
(packet.dll version 4.0.0.1040), based on libpcap version 0.9.5, without
AirPcap.
Built using Microsoft Visual C++ 8.0 build 50727
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
Following changes will soon be submitted
- Added Class UID lookup, both in the association and in the transfer
- Better hierarchy for items in Association request/response and
therefore better overview. This was a major rework.
Abstract Syntax & Transfer Syntax are now children
of a presentation context and therefore grouped. User Info is now grouped.
- Re-assemble PDVs that span multiple PDUs, i.e fix continuation packets
This caused significant changes to the data structures
- Added preference with dicom tcp ports, to prevent 'stealing' the
converstation
i.e. don't just rely on heuristic
- Use pinfo->desegment_len instead of tcp_dissect_pdus()
- Returns number of bytes parsed
- For non DICOM packets, do not allocate any memory anymore,
- Added one DISSECTOR_ASSERT() to prevent loop with len==0. More to come
- Heuristic search is optional to save resources for non DICOM users
- Output naming closer to DICOM Standard
- Variable names closer to Standard
- Protocol in now called DICOM not dcm anymore.
- Fixed type of a few variables to guchar instead of guint8
- Changed some of the length displays to decimal, because the hex value can
already be seen in the packet and decimal is easier for length calculation
The code changes have been fuzz tested.
I started doing some small changes, but the delta became bigger and bigger. Now
I think, the dissector is in a stable state again. My goal was, to better
display UIDs and to correctly dissect longer packet chains. The the heuristic
and TCP port range really had to be done.
Also addresses bug 2013 for .dcm
This is a significant change to the end user as well. His DICOM specific filter
settings won't work anymore, and without setting the 'Heuristic on', he won't
see any DICOM decoding by default. I am still convinced, that disabling the
heuristic by default hook is better for wireshark overall. So if there is
something like Release notes, a comment would hurt.
More changes to come. And hopefully less intrusive.
Regards
David
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
