Robert Naumann wrote: > Hello, > > i have got a new problem with tcp_dissect_pdus(). I got a PDU with the > fixed header lenght of 8 Bytes, which also contains the lenght of the > whole PDU. The lenght-information is stored in the 3th Byte, so the > minimum Headersize is 3. The Datalength of the PDU in my cases is > always 1 Byte. > > In the first case the PDU is split over 4 TCP-Segments: > > 1. Segment: 1 Byte (PDU Type) > 2. Segment: 1 Byte (some stuff) > 3. Segment: 1 Byte (length-information) > 4. Segment: 5 Bytes (some stuff + one Databyte) > > - in this case tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 3 , > get_pdu_len, dissect_pdus); works fine > -> get_pdu_len passes 9 as the number of Bytes for the whole PDU > -> reassembling works followed by a correct dissection > > In the second case the PDU is only slip over 2 TCP-Segments: > > 1. Segment: 1 Byte (PDU Type) > 2. Segment: 8 Bytes (some stuff + length information + some stuff + > Databyte) > > - in this case tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 3 , > get_pdu_len, dissect_pdus); doesnt work correctly > -> get_pdu_len passes 9 as the number of Bytes for the whole PDU > -> the wireshark-frame only shows [TCP segment of a reassembled PDU] > with reassembled 3 Bytes (minimum Headerbytes) > -> the rest seems to be ignored, which causes wrong dissection of the > following packets in the same direction > > I already looked in packet-tcp.c and tried to figure out whats > happening. tcp_dissect_pdus() seems to work correctly. I think the > problem lies in desegment_tcp() but i couldn't figure out whats wrong. > > Any help would be appreciated. > Regards, > > Robert > No answer? Noone ever had a similar problem? I wanna know if this could be a bug in desegment_tcp()-code or if i'm doing something wrong. This different (wrong) reassembling and dissection only caused by different splitting over TCP-Segments makes no sense. My Dissectorcode didnt change.
Hopefully awaiting any reply, Regards Robert _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
