https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3913
Summary: PDML output leaks ~300 bytes / packet
Product: Wireshark
Version: 1.2.1
Platform: x86
OS/Version: SuSE
Status: NEW
Severity: Major
Priority: High
Component: TShark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: gkrames@xxxxxxx
Build Information:
wireshark 1.2.1
Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.14.4, with GLib 2.18.2, with libpcap 0.9-PRE-CVS, with
libz
1.2.3, without POSIX capabilities, without libpcre, with SMI 0.4.8, without
c-ares, without ADNS, without Lua, without GnuTLS, without Gcrypt, without
Kerberos, without GeoIP, without PortAudio, without AirPcap.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.
Running on Linux 2.6.27.23-0.1-pae, with libpcap version 0.9-PRE-CVS.
Built using gcc 4.3.2 [gcc-4_3-branch revision 141291].
--
Test case:
Run thsark once with "-T pdml" and once without this option in the same
given scenario (e.g. capturing some test traffic).
While doing this, watch tshark's memory consumption using the "top" comamnd, or
run it in time command.
Observation:
The memory usage of the "-T pdml" version grows much faster with every packet.
My calculation from a large test case (millions of packets) indicates that
about 300 bytes are lost with every IP packet.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
