Garbage characters in PCAPdtoid trailer app name

[emanuele-f]

See #428 (comment)

[Qpp0]

I have the same problem here. It seems that because these ASCII encodings correspond to Chinese characters, there is an issue with the display. Is there a way to make the Lua script support decoding to UTF-8?

[emanuele-f]

@Qpp0 can you try changing this line base.ASCII to base.UNICODE here in the wireshark plugin, to see if it works?

[Qpp0]

@Qpp0 can you try changing this line base.ASCII to base.UNICODE here in the wireshark plugin, to see if it works?

@emanuele-f
I have already tried doing it,but it doesn't work.I’m not sure if it’s related to the Lua version used by Wireshark. In fact, by right-clicking on ‘appname’ and selecting ‘Show Packet Bytes,’ choosing UTF-8 encoding, it displays correctly.”

[emanuele-f]

@Qpp0 please try this other change, other than base.UNICODE also modify line 54 to local appname = trailer(8, 20):raw(). Here is the full diff:

diff --git a/tools/pcapdroid.lua b/tools/pcapdroid.lua
index 0cb2c52a..c0127cbf 100644
--- a/tools/pcapdroid.lua
+++ b/tools/pcapdroid.lua
@@ -30,7 +30,7 @@ local fields = {}
 
 fields.magic   = ProtoField.uint32("pcapdroid.magic", "Magic", base.HEX)
 fields.uid     = ProtoField.int32("pcapdroid.uid", "UID", base.DEC)
-fields.appname = ProtoField.string("pcapdroid.appname", "App name", base.ASCII)
+fields.appname = ProtoField.string("pcapdroid.appname", "App name", base.UNICODE)
 
 pcapdroid.fields = fields
 
@@ -51,7 +51,7 @@ function pcapdroid.dissector(buffer, pinfo, tree)
     return
   end
 
-  local appname = trailer(8, 20):string()
+  local appname = trailer(8, 20):raw()
   local subtree = tree:add(pcapdroid, buffer(), string.format("PCAPdroid, App: %s", appname))
 
   subtree:add(fields.magic, trailer(0, 4))

[Qpp0]

local appname = trailer(8, 20):raw()

Problem solved!

[emanuele-f]

Thanks for confirming