Wireshark mailing list archives
Re: Clearly, someone thought no one should be using CommView after 2038
From: Guy Harris <gharris () sonic net>
Date: Sun, 18 Apr 2021 22:45:30 -0700
On Apr 18, 2021, at 10:18 PM, Eugène Adell <eugene.adell () gmail com> wrote:
probably the guy writing this considered the "Epochalypse" problem.
Or wanted *some* test to help rule out files that are probably not ConnView NCF files (there is no file header, so there's no file magic number, and there's no packet magic number, either, so you can't just test that to check whether the file is an NCF file or not), and went with "make sure year is < 2038 because the 32-bit signed time epoch issue makes it an "obvious" choice. It'd might still be useful to have *some* value there, to keep the heuristic reasonably strong, but maybe we should pick a bigger number. (If, as per Richard's comment on my merge request: https://gitlab.com/wireshark/wireshark/-/merge_requests/2762#note_554424206 Tamosoft may be considering switching to pcapng, if they do, perhaps we could use the year in which they do so plus 100, or something such as that.) ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Clearly, someone thought no one should be using CommView after 2038 Richard Sharpe (Apr 18)
- Re: Clearly, someone thought no one should be using CommView after 2038 Eugène Adell (Apr 18)
- Re: Clearly, someone thought no one should be using CommView after 2038 Guy Harris (Apr 18)
- Re: Clearly, someone thought no one should be using CommView after 2038 Eugène Adell (Apr 18)