Wireshark mailing list archives
Re: Stop dissection in get_pdu_len
From: Jakub Zawadzki <darkjames-ws () darkjames pl>
Date: Thu, 24 May 2012 18:02:50 +0200
Hi, On Thu, May 24, 2012 at 11:35:34AM -0400, Tobias Weiss wrote:
I'm using tcp_dissect_pdus() to reassemble packets in my dissector. One of my functions will calculate the length of the real message based on a header with a fixed length (get_pdu_len function pointer). But what is the best way to stop the dissection in get_pdu_len if I figured out that the header is invalid? I could just return 0 which would result in a call to show_reported_bounds_error(), but is that the best way to report the error?
You can't. But you can check header before calling tcp_dissect_pdus(). But it'd be good to have some tcp_dissect_pdus_heur(), feel free to write one :-) Cheers, Kuba. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Stop dissection in get_pdu_len Tobias Weiss (May 24)
- Re: Stop dissection in get_pdu_len Jakub Zawadzki (May 24)
- Re: Stop dissection in get_pdu_len Bill Meier (May 24)
- Re: Stop dissection in get_pdu_len Bill Meier (May 24)
- Re: Stop dissection in get_pdu_len Tobias Weiss (May 24)
- Re: Stop dissection in get_pdu_len Jakub Zawadzki (May 24)
- Re: Stop dissection in get_pdu_len Tobias Weiss (May 24)
- Re: Stop dissection in get_pdu_len Tobias Weiss (May 24)
- Re: Stop dissection in get_pdu_len Bill Meier (May 24)
- Re: Stop dissection in get_pdu_len Jakub Zawadzki (May 24)