Wireshark mailing list archives
Re: TCP dissect issue when app-level message spans multiple TCP packets
From: Chris Maynard <chris.maynard () gtech com>
Date: Thu, 5 May 2011 16:27:26 +0000 (UTC)
Fernandez, Rafael <Rafael.Fernandez@...> writes:
This is my current get_message_tcpmessage_len: guint get_message_tcpmessage_len(packet_info *pinfo, tvbuff_t *tvb, int offset) { guint remaining = tvb_length_remaining(tvb, offset); guint last_size = tvb_get_letohl(tvb, offset)+MESSAGE_HEADER_SIZE; if(last_size > remaining) { printf("not enough data: %d remaining: %d\n", last_size,
remaining);
} return last_size; }
This is still wrong. You shouldn't be trying to figure out if you've got enough data; tcp_dissect_pdus() will handle all that for you. This function only needs to return the length of the entire PDU so tcp_dissect_pdus() knows how much data it needs to reassemble before calling your dissector. Try changing the function to something like what I posted earlier. You might also re-read section 2.7.1 of doc/README.developer, as it could help you in the case of UDP. And take a look at other examples in the Wireshark codebase, such as packet-dns.c which doc/README.developer references in its example. And stop using printf(). If you need to, try using g_warning() instead. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 04)
- Re: [Wireshark-dev] TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Graham Bloice (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Graham Bloice (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Graham Bloice (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 05)
- Re: [Wireshark-dev] TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Guy Harris (May 05)
- Re: [Wireshark-dev] TCP dissect issue when app-level message spans multiple TCP packets John Sullivan (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Guy Harris (May 05)
- Re: [Wireshark-dev] TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Guy Harris (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Jeff Morriss (May 05)