Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com
This issues causes stenographer to panic, if a query is executed under these circumstances:
Stenotype writes blocks that are not 1Mb
The query has no criteria or only afterand/or before critieria
Under the above circumstances, the query uses the method BlockFile.AllPackets as a shortcut. This is harcoded to assume that stenotype has written 1MB blocks.
This fix will work, provided that the classes in stenotype extending Packets, ensure that the field block->hdr.bh1.blk_len is populated with the actual size of the block.
This is already the case with PacketsV3 but I do not know whether it is also the case with TestimonyPackets.
Dear Maintainers, please accept this PR that fixes https://github.com/google/stenographer/issues/229
This issues causes stenographer to panic, if a query is executed under these circumstances:
afterand/orbeforecritieriaUnder the above circumstances, the query uses the method
BlockFile.AllPacketsas a shortcut. This is harcoded to assume that stenotype has written 1MB blocks.This fix will work, provided that the classes in stenotype extending
Packets, ensure that the fieldblock->hdr.bh1.blk_lenis populated with the actual size of the block. This is already the case withPacketsV3but I do not know whether it is also the case withTestimonyPackets.