Dissect with pcap file format#6
Open
skraken wants to merge 3 commits into
Open
Conversation
test includes two test packets for PCAPNG and PCAP
Author
|
Remodeling of pcap from VStruct so that it may be used in VStruct2. |
Contributor
|
Are we still waiting for another update here? the unit tests seem to be broken... |
Author
|
Are you testing them using the updated VStruct2 that was proposed by AKOUO?
…-------- Original Message --------
On Jul 25, 2017, 15:16, invisig0th wrote:
Are we still waiting for another update here? the unit tests seem to be broken...
—
You are receiving this because you authored the thread.
Reply to this email directly, [view it on GitHub](#6 (comment)), or [mute the thread](https://github.com/notifications/unsubscribe-auth/AcmKoEGGgNDSbO6AaDpmPkDcUa1rRjE3ks5sRj8PgaJpZM4OYJ9y).
|
Contributor
|
Re-fired the tests after the vstruct2 merge ( which looked great ) but i suspect this one is borked because of local file paths that exist in your checkout directory that dont exist in a clean checkout.... |
invisig0th
reviewed
Jul 25, 2017
| PCAPNG_BLOCKTYPE_SECTION_HEADER = 0x0a0d0d0a | ||
|
|
||
| def pad4bytes(size): | ||
| if (size % 4) == 0: |
Contributor
There was a problem hiding this comment.
calc size % 4 once and save as var to prevent needing to recalculate it later
| def _iterPcapFile(fd, reuse=False): | ||
| h = PCAP_FILE_HEADER() | ||
| b = fd.read(len(h)) | ||
| h.vsParse(b, writeback=True) |
Contributor
There was a problem hiding this comment.
why are we specifying writeback=True here ( and below ) when the object isn't backed by an FD or a memorymap?
Author
|
I wouldn't be surprised if my tests are failing for the same reason that AKOU0's tests are failing. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Works with the new VStruct2 and dissect implementations that AKOU0 pulled