Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] Problem with tcp_dissect_pdus

From: Andrew Schweitzer <a.schweitzer.grps@xxxxxxxxx>
Date: Sun, 19 Nov 2006 02:57:05 -0500
Attached are some tools that might help test these issues.

If you wish to use, rename the attached file to aaaa.zip, and extract it. It contains aaaa.dll, a simple dissector, aaaa10.cap a short capture file demonstrating what happens when this dissector is used, the source and makefile for the dissector, and TestMsgSender.exe, a program that generates the attached capture. If the attachement gets stripped, and you want to see it, send me e-mail directly.

Format of "protocol" in the capture is:
0		len of Data section
4		seq num
8		"Header" (all "H")
36		"Data" section (all "D")
36 + len above	seq num repeated

I believe the capture shows the bug 1124, at packet 8, which is not passed to the dissector.

TestMsgSender can, through command line options, change port, header and maximum size data lengths. It can repeat sequences by passing in the same seed. Type TestMsgSender -h to get help. TestMsgSender will send as many messages as you request, with the size you request, as fast as it can (assuming it can talk to another TestMsgSender at specified address/port).

The dissector aaaa.dll is hardcoded to use port 2900 and header length of 28. There are constants in the file to change these. I don't how to write preferences, so you have to recompile.

Andy


Attachment: aaaa.___
Description: Binary data