Wireshark mailing list archives
GIOP dissector reply decode
From: Andy Ling <Andy.Ling () s-a-m com>
Date: Thu, 29 Oct 2015 15:23:55 +0000
I'm currently using Wireshark 1.12.5 built on Windows 7 using Visual C++ 12 I am adding a GIOP plugin for our internal IDL using the following command to generate the plugin C code C:\Python27\omniorb\omniORB-4.1.6\bin\x86_win32\omniidl.exe -p d:\wireshark-1.12.5\tools -b wireshark_be Q_Quentin.idl
packet-q_quentin.c
I am finding that the dissector is getting confused when trying to decode replies. It looks like it is only checking the GIOP request ID to determine which request a reply is for. So when there are multiple machines making requests, the same request ID can get used for different requests. When this happens the replies can get decoded wrongly. In fact multiple threads from a single source IP can use the same GIOP request ID on different ports. This can confuse the reply decode too. I have had a quick look through the dissector code and can't work out what is doing this. So can someone point me in the right direction and maybe give me some clues about where and whether this can be fixed. Regards Andy Ling --------------------------------------------------------------------------------------- This email has been scanned for email related threats and delivered safely by Mimecast. For more information please visit http://www.mimecast.com ---------------------------------------------------------------------------------------
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- GIOP dissector reply decode Andy Ling (Oct 30)
- Re: GIOP dissector reply decode Michael Mann (Oct 30)