Wireshark · Wireshark-dev: [Wireshark-dev] RFC: Any reason not to do this?

Wireshark-dev: [Wireshark-dev] RFC: Any reason not to do this?

From: Martin Mathieson <martin.r.mathieson@xxxxxxxxxxxxxx>

Date: Tue, 23 Apr 2013 16:23:38 -0400

In a profile, I was surprised to see that > 2.5% of time was spent calling dissect_sip_tcp_heur(). There are no SIP PDUs in the log. HTTP was very similar.

Does the attached change look reasonable? It does a quick check for the first character being printable before trying to extract the first line and check it for NULL characters.

Thanks,

Martin

Attachment: packet-sip.c.diff
Description: Binary data

Follow-Ups:
- Re: [Wireshark-dev] RFC: Any reason not to do this?
  - From: Anders Broman

Prev by Date: [Wireshark-dev] GSoC 2013 Student.
Next by Date: Re: [Wireshark-dev] RFC: Any reason not to do this?
Previous by thread: Re: [Wireshark-dev] GSoC 2013 Student.
Next by thread: Re: [Wireshark-dev] RFC: Any reason not to do this?
Index(es):
- Date
- Thread