One of the magic sequences in the wiretap mpeg decoder is pretty weak
and is grabbing files that belong to a new wiretap decoder I'm writing.
It is the sequence for MPEG-PES: 0x000001. The problem is that I can't
find any way to strengthen it without the possibility of breaking
something. The packet header (according to
http://en.wikipedia.org/wiki/Packetized_Elementary_Stream) begins as follows:
Packet start code prefix 3 bytes 0x000001
Stream ID 1 byte Examples: 0xC0-0xDF, 0xE0-0xEF
PES Packet Length 2 bytes Can be zero(!)
I would match those stream ids, but I'm sure there are others floating
around out there. The packet length would work nicely if it couldn't be
zero (".. as in not specified for video streams in transport streams.")
Any ideas?
P.S. The new wiretap decoder I've written reads in files from Apple's
PacketLogger bluetooth data capture program. It's available on MacOS X
and comes with Xcode.
Thanks,
Steve
_______________________________________________
Wireshark-dev mailing list
[email protected]
https://wireshark.org/mailman/listinfo/wireshark-dev
