Wireshark mailing list archives

Re: Hierarchy of fields & offsets again, more potential offenders

From: "Sultan, Hassan via Wireshark-dev" <wireshark-dev () wireshark org>
Date: Wed, 2 Aug 2017 21:08:31 +0000

So if this needs to be fixed, but we can't change the tcp protocol length, nor move tcp.payload to the top-level, what 
are the options left ?

My personal view is towards being able to process the information in an automated manner. I'd personally strive for 
some type of consistency, but I'm not sure what the options are here.

-----Original Message-----
From: Wireshark-dev [mailto:wireshark-dev-bounces () wireshark org] On Behalf
Of Stig Bjørlykke
Sent: Wednesday, August 02, 2017 1:24 PM
To: Developer support list for Wireshark <wireshark-dev () wireshark org>
Subject: Re: [Wireshark-dev] Hierarchy of fields & offsets again, more potential
offenders

On Wed, Aug 2, 2017 at 10:03 PM, Sultan, Hassan via Wireshark-dev <wireshark-
dev () wireshark org> wrote:

Regarding tcp.payload, I don't think tcp.payload in itself has any problems. I

think the issue lies in tcp showing a length of 32 only, even though it has
tcp.payload as its child.

The tcp.payload field was recently added, have a look at
https://code.wireshark.org/review/22374

I do agree that this is displayed wrong and should be fixed.
Increasing the length of the TCP header would be wrong because the payload is
dissected by upper protocols and does belong with the TCP header.  Putting it at
top level would also be wrong because it's not a protocol.


--
Stig Bjørlykke
_________________________________________________________________
__________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Hierarchy of fields & offsets again, more potential offenders Sultan, Hassan via Wireshark-dev (Aug 01)
- Re: Hierarchy of fields & offsets again, more potential offenders Pascal Quantin (Aug 02)
  - Re: Hierarchy of fields & offsets again, more potential offenders Pascal Quantin (Aug 02)
    - Re: Hierarchy of fields & offsets again, more potential offenders Sultan, Hassan via Wireshark-dev (Aug 02)
    - Re: Hierarchy of fields & offsets again, more potential offenders Pascal Quantin (Aug 02)
    - Re: Hierarchy of fields & offsets again, more potential offenders Stig Bjørlykke (Aug 02)
    - Re: Hierarchy of fields & offsets again, more potential offenders Sultan, Hassan via Wireshark-dev (Aug 02)
    - Re: Hierarchy of fields & offsets again, more potential offenders Sultan, Hassan via Wireshark-dev (Aug 07)
    - Re: Hierarchy of fields & offsets again, more potential offenders Alexis La Goutte (Aug 08)
    - Re: Hierarchy of fields & offsets again, more potential offenders Sultan, Hassan via Wireshark-dev (Aug 08)
    - Re: Hierarchy of fields & offsets again, more potential offenders Pascal Quantin (Aug 09)
    - Re: Hierarchy of fields & offsets again, more potential offenders Alexis La Goutte (Aug 09)
    - Re: Hierarchy of fields & offsets again, more potential offenders Pascal Quantin (Aug 09)
    - Re: Hierarchy of fields & offsets again, more potential offenders Stig Bjørlykke (Aug 10)
    - Message not available
    - Re: Hierarchy of fields & offsets again, more potential offenders Pascal Quantin (Aug 10)
    - Re: Hierarchy of fields & offsets again, more potential offenders Sultan, Hassan via Wireshark-dev (Aug 11)
    - Re: Hierarchy of fields & offsets again, more potential offenders Sultan, Hassan via Wireshark-dev (Aug 03)