Skip to content

Commit

Permalink
ja4: Fix parsing of tshark --version output
Browse files Browse the repository at this point in the history
Bump version to 0.18.3.
  • Loading branch information
vvv committed Sep 10, 2024
1 parent 170d01c commit dd77c4e
Show file tree
Hide file tree
Showing 4 changed files with 18 additions and 5 deletions.
6 changes: 6 additions & 0 deletions rust/CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased]

## [0.18.3] - 2024-09-10

### Fixed

- Fix parsing of `tshark --version` output.

## [0.18.2] - 2024-05-22

### Fixed
Expand Down
4 changes: 2 additions & 2 deletions rust/Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion rust/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ members = ["ja4", "ja4x"]
resolver = "2"

[workspace.package]
version = "0.18.2"
version = "0.18.3"
license = "LicenseRef-FoxIO-Proprietary"
repository = "https://github.com/FoxIO-LLC/ja4"

Expand Down
11 changes: 9 additions & 2 deletions rust/ja4/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -195,8 +195,9 @@ fn parse_tshark_version(tshark_version_output: &str) -> Option<&str> {
// "TShark (Wireshark) 4.0.8 (v4.0.8-0-g81696bb74857).\n"
let start = tshark_version_output.find(") ").map(|i| i + 2)?;
let version_start = &tshark_version_output[start..];
let end = version_start.find(' ')?;
Some(&version_start[..end])
let end = version_start.find(char::is_whitespace)?;
let ver = &version_start[..end];
Some(ver.strip_suffix('.').unwrap_or(ver))
}

#[test]
Expand All @@ -209,6 +210,12 @@ fn test_parse_tshark_version() {
parse_tshark_version("TShark (Wireshark) 3.6.2 (Git v3.6.2 packaged as 3.6.2-2)"),
Some("3.6.2")
);
assert_eq!(
parse_tshark_version("TShark (Wireshark) 4.4.0.\n\nCopyright 1998-2024"),
Some("4.4.0")
);
// Abrupt end of the string.
assert!(parse_tshark_version("TShark (Wireshark) 4.4.0.").is_none());
assert!(parse_tshark_version("What the TShark?!").is_none());
}

Expand Down

0 comments on commit dd77c4e

Please sign in to comment.