Wireshark · Wireshark-dev: Re: [Wireshark-dev] BUG: infinite loop in "dumpcap -L" with rpcap:// interface since 2.2.0

Wireshark-dev: Re: [Wireshark-dev] BUG: infinite loop in "dumpcap -L" with rpcap:// interface s

From: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>

Date: Wed, 21 Sep 2016 16:31:46 -0400

On Fri, Sep 16, 2016 at 10:40 AM, Lukas Tribus <luky-37@xxxxxxxxxxx> wrote:

Hello,

dumpcap (and wireshark, if using that dumpcap feature) hangs using a full CPU core since 2.2.0 in the following conditions:

- OS is Windows (other OS'es unknown)
- interface is remote ("rpcap://...")
- dumpcap is trying to read the link type (-L)

For example, old stable 2.0.6 works fine:
Wireshark206Portable\App\Wireshark>dumpcap -i rpcap://[172.22.0.12]/eth0 -L
Data link types of interface rpcap://[172.22.0.12]/eth0 (use option -y to set):
EN10MB (Ethernet)
>

\Wireshark220Portable\App\Wireshark>dumpcap -i rpcap:// [172.22.0.12]/eth0 -L
<<--- hangs using a full CPU core

Wireshark, if using this dumpcap feature hangs as well (when adding remote interfaces).

Wireshark 2.0.6 and previous releases work fine.

For the record it looks like you did the right thing :-) and submitted a bug report for this:

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12930

References:
- [Wireshark-dev] BUG: infinite loop in "dumpcap -L" with rpcap:// interface since 2.2.0
  - From: Lukas Tribus

Prev by Date: [Wireshark-dev] Malformed packet in Expert Info not shown
Next by Date: [Wireshark-dev] Wireshark Memory Usage
Previous by thread: [Wireshark-dev] BUG: infinite loop in "dumpcap -L" with rpcap:// interface since 2.2.0
Next by thread: [Wireshark-dev] TRANSUM Program Logic Notes
Index(es):
- Date
- Thread