Wireshark · Wireshark-dev: Re: [Wireshark-dev] Bug 2.6.4 mac

["Maynard, Chris" <Christopher.Maynard@xxxxxxx>]

The best place to report a Wireshark bug is at https://bugs.wireshark.org/bugzilla/ so it can be better tracked, although you might want to search the bug list first to see if it’s already been reported.

- Chris

 

From: Wireshark-dev [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Paul D
Sent: Tuesday, October 30, 2018 11:01 AM
To: wireshark-dev@xxxxxxxxxxxxx
Subject: [Wireshark-dev] Bug 2.6.4 mac

 

Open large capture which takes wireshark a few seconds to parse, and which contains SIP + RTP (concatenate a local capture with a small example sip capture from the web somewhere if need be) e.g.

https://wiki.wireshark.org/SampleCaptures?action="">

 

 

 

Go to telephony voip calls. 

 

Press play streams, cancel (or escape), play streams again (while wireshark is still reparsing the capture file) and crash. 

 

 

=======

 

Bug 2

 

Open capture which contains SIP + RTP

 

Go to telephony voip calls. 

 

Select all, flow sequence. 

 

Close flow. 

 

Press prepare filter (reparse). 

 

Press flow sequence. All packets doubled in flow. (new flow instance did not clean up memory properly) 

 

 

=======

 

Bug 3 (transient) 

 

 

Open capture which contains SIP + RTP

 

Go to telephony voip calls. 

 

Select all, flow sequence. 

 

 

*** sometimes RTP streams which are present, do not display in the call graph. 

 

Close flow. 

 

Press prepare filter (reparse). 

 

Select all, flow sequence. 

 

*** RTP streams which are present, now display in the call graph. 

 

See bug 2

 

=========

 

(version info unimportant, bugs consistent across platforms for many versions)

 

$ wireshark  -v

Wireshark 2.6.4 (v2.6.4-0-g29d48ec8)

 

Copyright 1998-2018 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.

License GPLv2+: GNU GPL version 2 or later <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>

This is free software; see the source for copying conditions. There is NO

warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

 

Compiled (64-bit) with Qt 5.3.2, with libpcap, without POSIX capabilities, with

GLib 2.36.0, with zlib 1.2.5, with SMI 0.4.8, with c-ares 1.12.0, with Lua

5.2.4, with GnuTLS 3.4.17, with Gcrypt 1.7.7, with MIT Kerberos, with MaxMind DB

resolver, with nghttp2 1.21.0, with LZ4, with Snappy, with libxml2 2.9.4, with

QtMultimedia, with SBC, with SpanDSP, with bcg729.

 

Running on Mac OS X 10.14, build 18A391 (Darwin 18.0.0), with Intel(R) Core(TM)

i5-5250U CPU @ 1.60GHz (with SSE4.2), with 8192 MB of physical memory, with

locale C/UTF-8/C/C/C/C, with libpcap version 1.8.1 -- Apple version 79.200.4,

with GnuTLS 3.4.17, with Gcrypt 1.7.7, with zlib 1.2.11, binary plugins

supported (0 loaded).

 

Built using llvm-gcc 4.2.1 (Based on Apple Inc. build 5658) (LLVM build

2336.9.00).

CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and may contain proprietary, confidential or trade secret information. This message is intended solely for the use of the addressee. If you are not the intended recipient and have received this message in error, please delete this message from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is strictly prohibited.