Wireshark is unable to dissect Security Descriptors that span TCP segments where some are not captured or reassembled
This issue was migrated from bug 7363 in our old bug tracker.
Original bug information:
Reporter: Richard Sharpe
Status: RESOLVED FIXED
Product: Wireshark
Component: GTK+ UI
OS: All
Platform: x86
Version: 1.9.x (Experimental)
Attachments:
test-cifs-sec-desc-mods.cap: An example capture showing the result
: A screen shot showing the result of dissecting frame 7
: Showing more detail of the current dissection
: Example of a better dissection
wireshark-smb-windows-common-better.patch: patch for epan/dissectors/packet-windows-common.c
wireshark-packet-smb.patch: The changes to epan/dissectors/packet-smb.c