Re: Clearly, someone thought no one should be using CommView after 2038

[Guy Harris <gharris () sonic net>]

On Apr 18, 2021, at 10:18 PM, Eugène Adell <eugene.adell () gmail com> wrote:

> probably the guy writing this considered the "Epochalypse" problem.

Or wanted *some* test to help rule out files that are probably not ConnView NCF files (there is no file header, so 
there's no file magic number, and there's no packet magic number, either, so you can't just test that to check whether 
the file is an NCF file or not), and went with "make sure year is < 2038 because the 32-bit signed time epoch issue 
makes it an "obvious" choice.

It'd might still be useful to have *some* value there, to keep the heuristic reasonably strong, but maybe we should 
pick a bigger number.  (If, as per Richard's comment on my merge request:

        https://gitlab.com/wireshark/wireshark/-/merge_requests/2762#note_554424206

Tamosoft may be considering switching to pcapng, if they do, perhaps we could use the year in which they do so plus 
100, or something such as that.)

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe