https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3691
Summary: DCERPC Eventlog ReadEventLogW flags field not decoding
Product: Wireshark
Version: SVN
Platform: x86
OS/Version: Windows XP
Status: NEW
Severity: Normal
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: chcosta75@xxxxxxxxxxx
Chris Costa <chcosta75@xxxxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #3295| |review_for_checkin?
Flag| |
Created an attachment (id=3295)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=3295)
Patch to fix ReadEventLogW flags
Build Information:
TShark 1.3.0-CCOSTA (SVN Rev unknown)
Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GLib 2.20.3, with WinPcap (version unknown), with libz 1.2.3,
without POSIX capabilities, with libpcre 7.0, with SMI 0.4.8, with c-ares
1.6.0,
with Lua 5.1, without Python, with GnuTLS 2.8.1, with Gcrypt 1.4.4, with MIT
Kerberos, with GeoIP.
Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.0.2
(packet.dll version 4.0.0.1040), based on libpcap version 0.9.5, GnuTLS 2.8.1,
Gcrypt 1.4.4.
Built using Microsoft Visual C++ 9.0 build 30729
--
Wireshark displays the flags field in a ReadEventLogW request as a simple
integer, whereas it would be much more helpful if the flags were broken out in
a subtree so that the user could easily tell which flags were set and what the
bits meant without referencing a protocol spec.
It looks like a dissector function already exists to accomplish this, but it
isn't being called when the flags are being dissected.
I corrected that in the attached patch.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
