Hi all,
Could you please tell what is the meaning of "Trailing stray characters" WS Expert system warning?
The packet is a part of TCP stream containing clear text request-response type of conversation (SQL-type protocol).
There's no issue, I'm just curious about what could have caused this warning.
Wireshark Version 3.1.0rc0-163-g7a482205, Windows 10 x64
You have configured Show data as text in the Data dissector. The data you are showing as text is zero terminated inside the string so you will not see all the data as text. The warning is trying to tell you this, you have trailing characters which is not shown.
The warning is useful when found in a protocol having data which is text strings. It's not that useful in this case where you are "forcing" whatever data is found to be shown as text.
Maybe the text should be updated to be more clear what happened.
Thank you for explanation! Indeed, the error is gone after I disabled Show data as text setting.
This has come in with this change. It warns about text which is contained in the protocol item, but does not normally appear on a display due to NULL character(s) in the string.
That data does not, in fact, appear to be text; either:
etc..
Thank you all for the answers! Indeed the protocol contains clear-text parts (usually requests) followed by mixed clear- and non-clear-text (responses). Unfortunately I can't demonstrate it because of confidential content. But know I understand the idea.
So perhaps the "Trailing stray characters" warning should be "Trailing stray characters or non-text displayed as text", or something such as that.
This appears to be the result of the following 2 commits:
The implementation would appear to be flawed and a Wireshark bug report would seem to be in order here.
Asked: Feb 27 '19
Seen: 10,611 times
Last updated: Mar 01 '19
