Hi guys, i have been working in a lua dissector for a private protocol the protocol in the dump has a section with the return of the window's API GetSystemTimeAsFileTime in the form 6a 0e 2e c2 0c e2 ce 01 this is the value of the structure FILETIME in the serve is decoded with import datetime datetime.datetime.fromtimestamp((0xc22e0e6a + (0x01cee20c << 32)) / 10000000.0 - 11644473600) the hex number 0xc2220e6a is the representation of "6a 0e 2e c2" and 0x01cee20c is "0c e2 ce 01" i tried to decoded with a lua script: timelow = buffer(0,4):le_uint() timehihg = buffer(4,4):le_uint() the numbers are correct (i saw it with message()) but i have problems with bit.lshift(timehigh,32) when i did message(bit.lshift(timehigh, 32)) i got -1037169046 i think that the problem has two reasons: timehigh isn't a unsigned value or timehigh is a 32 bits integer without the possility to extend to 64 bits i wanna get:
is there any way? p.s.: i also tried to get the complete number of 64 bits with le_uint64() but doesn't work thanks for advance Regards asked 25 Nov '13, 09:25  Javier Aguinaga edited 25 Nov '13, 09:27 |
2 Answers:
sounds like a problem with 64 bit values in Lua. See my answer for a similar problem
and the resulting bug report Regards answered 27 Nov '13, 13:03  Kurt Knochner ♦ |
Just to bring this answer up-to-date, Wireshark now has fairly extensive 64-bit support starting in release 1.11.3. Also, the poster asked about the answered 07 Mar '14, 16:40  Hadriel |
