Use the time stamps in the packet_info structure, not the frame_data structure.

In the long run, we'd like to remove the time stamp from the frame_data structure, as, in Wireshark, and in TShark in two-pass mode, there's one allocated for every frame in the file, and shrinking the size of that structure reduces the memory usage. This removes one obstacle to that. Change-Id: Ia8f87522cd974555c57e0ac1e742b097e8b0f2fc Reviewed-on: https://code.wireshark.org/review/29881 Reviewed-by: Guy Harris <guy@alum.mit.edu>
author: Guy Harris <guy@alum.mit.edu> 2018-09-26 13:33:25 -0700
committer: Guy Harris <guy@alum.mit.edu> 2018-09-26 20:34:21 +0000
commit: aa6d5ee1a7f04c81262db1f6fb68ccd2f11ed65a (patch)
tree: 746df54cde1e9467a0c7919cdff7db304770ed1e /epan/dissectors/packet-snort.c
parent: 854cfe53efe44080609c78053ecfb2342ad84a08 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/epan/dissectors/packet-snort.c b/epan/dissectors/packet-snort.c
index 34d15770b8..decf4ba385 100644
--- a/epan/dissectors/packet-snort.c
+++ b/epan/dissectors/packet-snort.c
@@ -1179,7 +1179,7 @@ snort_dissector(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data
             rec = *pinfo->rec;
 
             /* Copying packet details into wtp for writing */
-            rec.ts = pinfo->fd->abs_ts;
+            rec.ts = pinfo->abs_ts;
 
             /* NB: overwriting the time stamp so we can see packet number back if an alert is written for this frame!!!! */
             /* TODO: does this seriously affect snort's ability to reason about time?
author	Guy Harris <guy@alum.mit.edu>	2018-09-26 13:33:25 -0700
committer	Guy Harris <guy@alum.mit.edu>	2018-09-26 20:34:21 +0000
commit	aa6d5ee1a7f04c81262db1f6fb68ccd2f11ed65a (patch)
tree	746df54cde1e9467a0c7919cdff7db304770ed1e /epan/dissectors/packet-snort.c
parent	854cfe53efe44080609c78053ecfb2342ad84a08 (diff)