On Apr 18, 2016, at 4:04 PM, Guy Harris <guy@xxxxxxxxxxxx> wrote:
> This is a dumpcap bug, and needs to be fixed - "fixed" as in "fixed for 2.0.3".
Except that (as you already said) it's not present in 2.0.2.
So...
> Please file the bug
...no need to file the bug.
Then again, I looked at the code that dumpcap would use to write an ISB, and it doesn't seem to have changed since 2.0.x, so *dumpcap* should still be writing the ISB correctly.
It's *libwiretap* that's broken. The new option-handling code treats it as a regular 64-bit quantity, which it is *not* - it's two 32-bit quantities, a high part and a low part, *always* written in that order, with each of the parts written in host byte order.
