Re: TCP dissect issue when app-level message spans multiple TCP packets

[Chris Maynard <chris.maynard () gtech com>]

Fernandez, Rafael <Rafael.Fernandez@...> writes:

> This is my current get_message_tcpmessage_len:
>
> guint get_message_tcpmessage_len(packet_info *pinfo, tvbuff_t *tvb, int offset)
> {
>         guint remaining  = tvb_length_remaining(tvb, offset);
>         guint last_size = tvb_get_letohl(tvb, offset)+MESSAGE_HEADER_SIZE;
>         if(last_size > remaining)
>         {
>                 printf("not enough data: %d remaining: %d\n", last_size,
remaining);
>         }
>         return last_size;
> }

This is still wrong.  You shouldn't be trying to figure out if you've got enough
data; tcp_dissect_pdus() will handle all that for you.  This function only needs
to return the length of the entire PDU so tcp_dissect_pdus() knows how much data
it needs to reassemble before calling your dissector.  Try changing the function
to something like what I posted earlier.

You might also re-read section 2.7.1 of doc/README.developer, as it could help
you in the case of UDP.  And take a look at other examples in the Wireshark
codebase, such as packet-dns.c which doc/README.developer references in its 
example.

And stop using printf().  If you need to, try using g_warning() instead.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe