(I posted this email twelve hours ago, but it hasn't shown up, so I'm resending. Sorry if it's a duplicate.)
I've updated the patch for bug 5531 per comments from Jeff Morriss (thanks, Jeff!) but he brought up a comment I don't know how to address, so I thought I'd ask here. The comment is on a bit of code that looks
like this:
/* at this point there are two possibilities: either the packet
* has been dissected already or it has not. If it has not, then
* we already have a tvb full of C12.22 data. If it has, then we
* are actually two levels deep and the data we seek is actually in
* the grandparent of the current node.
*/
if ((tree->parent->finfo != NULL) && (tree->parent->parent != NULL))
pkt_tree = tree->parent->parent;
This code, which is within asn1/c1222/packet-c1222-template.c, is called when we're just displaying the list of packets and also when the packet is being displayed in tree form. In order to allow the use of a display filter such as "c1222.crypto_good == true" the packet has to be parsed and rearranged in canonical form for cryptographic processing, per the protocol. In some cases, what gets passed here is the whole packet in which case the if clause above is false. However, if the tree has already been constructed, what this code is handed is actually deeper inside and we need to climb the tree to get access to the packet data.
Is there a better way to do this?
Ed
