Just so everyone knows, the issue was not caused by the tvb*
functions, but by a very simple error in an ep_alloc call:
char_array = ep_alloc(sizeof(gchar)*26);
g_sprintf(char_array, "0C0504%04x%04x0804%04x%02x%02x",
port_rec->dst_port, port_rec->src_port,
sar_rec->sar_msg_ref, sar_rec->sar_tot_seg, sar_rec->sar_cur_seg);
byte_array = convert_string_to_hex(char_array, &nbytes);
In the above call to ep_alloc, I should have used 27 instead of 26
(for the terminating NUL) :-(
While debugging this, I came across a couple of very interesting pages
in the Wiki:
http://wiki.wireshark.org/PerPacketMemoryCorrupted
http://wiki.wireshark.org/Development/Canary
and learnt a few things!
These pages are a bit *nix oriented, but with a bit of work can be
applied to Windows as well.
On Dec 27, 2007 5:19 PM, Abhik Sarkar <sarkar.abhik@xxxxxxxxx> wrote:
> Hello Everyone,
>
> Is there some clear documentation on when tvb_new_* functions may or
> may not be called. I keep getting per-packet data corrupt, and I
> suspect that I am using tvb_new_composite or tvb_subset at an
> incorrect place.
>
> What I am attempting to do is to take various fields from one PDU,
> transform them as a new tvb and pass it to a higher level dissector.
>
> Thanks in advance!
> Abhik.
>
