Question about tvb decompressors

[Hardening <rdp.effort () gmail com>]

Hi guys,

I was looking at porting from FreeRDP to wireshark the various RDP 
decompressors, and I've seen tvbuff_[zlib|lz77] and friends and they all 
seem stateless, so I was quite surprised.

Does it mean that you can start decoding only the full stream, because I 
guess that if you take an arbitrary chunk, you need the history to 
decode it correctly ?

Writing this email, I figure that it kinda answers my question, but I 
wanted to start the discussion on this. I mean in my particular case for 
RDP bulk compression, it means that I will have to maintain a bulk 
context per conversation, and update that context when I'm treating new 
compressed packet, or am I missing something ?

Best regards.

--
David FORT
website: https://www.hardening-consulting.com/

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe