mailing list archives
Re: large signed 40-56bit integers
From: Jakub Zawadzki <darkjames-ws () darkjames pl>
Date: Tue, 17 Dec 2013 00:08:23 +0100
On Sat, Dec 14, 2013 at 07:44:02PM -0500, mmann78 () netscape net wrote:
There is a bug in Wireshark when a dissector has an hf_ variable of type FT_INT64 and the requested length of the
field is < 8 bytes. There is no accounting for the sign bit (which has led dissectors to come up with their own
solutions). The attached patch attempts to address it. The questions I have is
1. Are these the right places to modify? I thought about pint.h, but I didn't know how to get the "sign check" in
2. Is this cross-platform friendly? (I realize it may not be the most optimized solution)
3. Did I go far enough in addressing the "common" uses? Is FT_INT40, etc necessary?
Any other thoughts?
+tvb_get_letohi56(tvbuff_t *tvb, const gint offset)
+ const guint8 *ptr;
+ guint64 ret;
+ ptr = fast_ensure_contiguous(tvb, offset, 7);
+ ret = pletoh56(ptr);
just: ret = tvb_get_letoh56(tvb, offset); ?
+ if (ret & 0x80) /* account for sign bit */
+ ret |= 0xFF00000000000000;
why 0x80? I think it should be:
if (ret & 0x0080000000000000LL) /* (1LL << 55) */
ret |= 0xff00000000000000LL /* -(1LL << 56) */
Thanks for working on it.
Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org>
mailto:wireshark-dev-request () wireshark org?subject=unsubscribe