On Jul 18, 2008, at 9:01 AM, Luis EG Ontanon wrote:
He says the only interesting info there's in the IP header is the
length. If he needs it to calculate the length of the payload. There's
no need to access the IP header.The length of the payload data is
passed to the dissector intrinsically by the tvb (tvb->length).
Actually, you want tvb_reported_length(tvb), not tvb_length(tvb);
tvb_length(tvb) returns tvb->length, which is the amount of *captured*
data in the packet, not the total amount of data in the packet - the
amount of captured data could be less than the total amount of data,
due to the capture being done with a snapshot length (or with
"slicing" or whatever the application calls it). Dissectors should
almost always use the total length (reported length), so that they
throw an exception if they go past the end of the captured data, and
the packet details are marked as being incomplete (due to the snapshot
length).
