Wireshark · Ethereal-dev: [Ethereal-dev] Handling Malformed Packets With tcp_dissect_pdus

[Harry Goldschmitt <harry@xxxxxxxx>]

I'm dissecting a custom protocol for my company.  Unfortunately, one 
side of the interface is broken and we don't have the code for it. 
I've been using tcp_dissect_pdus to handle the protocol, but 
occasionally the length (first two bytes of the packets) is bad. 
I've coded a resilient method to resync the data, but I can't figure 
out how to get the information to tcp_dissect_pdus from the length 
callback routine.  I need about 20 bytes to recover, but if I return 
8 for the packet length to get around 8 bytes of garbage, 
tcp_dissect_pdus ignores the rest of the packet.

What is the feeling.  Should I just copy the code from 
tcp_dissect_pdus into my dissector or should I use tvb_new_subset 
from inside of the length routine?

Sure wish there was a simple way to get around this.

Harry