tcptrace-bugs Bug in Win32 version

From: Enrico Detoma (
Date: 09/18/04

Message-Id: <>
Date: Sat, 18 Sep 2004 16:36:59 +0200
From: Enrico Detoma <>
Subject: tcptrace-bugs Bug in Win32 version

Dear maintainers of tcptrace,

I found a severe bug in the Win32 port of tcptrace: when I use option '-e'
to dump whole tcp connections, all '\n' bytes are converted to "\r\n" in
the output files, because files are opened with "w" and not "wb" option in
fopen (which is a problem only in Win32). Since this enlarges the written
data, some data may also be overwritten like in this case.
Output from tcptrace:


Output from Ethereal:


As you can see, due to the enlargement of the previous data caused by
"\r\n" end of lines, that data was shifted forward and the "QUIT" line
(which is in a different packet) has overwritten the line with the single
dot (this example comes from a SMTP send).

Best regards

Enrico Detoma <>

This archive was generated by hypermail 2.1.7 : 09/18/04 EDT