Hi, I think it sounds reasonable to have the dissector turned off as default and definetly turned of if there is no "ASN.1 type table file" as the table is "stating" how the protocol should be dissected right? Furthermore the default port should probably be zero e.g dissection turned off. At some stage the dissector should also be changed to use the BER helpers rather than the current ones. If you frequently use the asn1 plugin to dissect a protocol you should consider using asn2wrs and create a "real" dissector for the protocol in question. Best regards Anders
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thomas Steffen Sent: den 28 september 2006 10:44 To: Developer support list for Wireshark Subject: [Wireshark-dev] Problem dissection generic ASN1 Dear Developers I think I was able to pinpoint a long standing problem with the ASN1 dissector (plugin), and I wonder whether other users have the same experience. The ASN1 dissector works fine if you specify an "ASN.1 type table file" in the preference. It automatically dissects packets send to the configured ports, and you can use the context menu entry "Decode As ..." to force dissection as ASN1. However, if the field "ASN.1 type table file" is empty, the dissector does not work. It does not recognize packets send to the specified ports, and it does not appear in the list of dissectors under "Decode As ...". I find this a rather strange behaviour, and I could not find any hint in the code that this would be intended. (I need to get my debugger working to find out why it might happen unintentionally.) So is this problem indeed unintended? If so, I could try to produce a fix. The only reservation that I have is that it may make Wireshark more vulnerable, because the ASN1 dissector certainly still has a few rough edges. Since the default setting basically disables the dissector, no vulnerability is reach. However, if I fix this issue, the dissector would automatically dissect everything on port 801 (by default). So should the ASN1 dissector be disabled by default, or can I just fix the issue, and thereby enable the dissector by default? Yours, Thomas _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
