Dear Developers I think I was able to pinpoint a long standing problem with the ASN1 dissector (plugin), and I wonder whether other users have the same experience.
The ASN1 dissector works fine if you specify an "ASN.1 type table file" in the preference. It automatically dissects packets send to the configured ports, and you can use the context menu entry "Decode As ..." to force dissection as ASN1. However, if the field "ASN.1 type table file" is empty, the dissector does not work. It does not recognize packets send to the specified ports, and it does not appear in the list of dissectors under "Decode As ...". I find this a rather strange behaviour, and I could not find any hint in the code that this would be intended. (I need to get my debugger working to find out why it might happen unintentionally.) So is this problem indeed unintended? If so, I could try to produce a fix. The only reservation that I have is that it may make Wireshark more vulnerable, because the ASN1 dissector certainly still has a few rough edges. Since the default setting basically disables the dissector, no vulnerability is reach. However, if I fix this issue, the dissector would automatically dissect everything on port 801 (by default). So should the ASN1 dissector be disabled by default, or can I just fix the issue, and thereby enable the dissector by default? Yours, Thomas _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
