Wireshark-bugs: [Wireshark-bugs] [Bug 4865] New: mp2t Reassembly Help
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4865

           Summary: mp2t Reassembly Help
           Product: Wireshark
           Version: SVN
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Enhancement
          Priority: Low
         Component: Wireshark
        AssignedTo: [email protected]
        ReportedBy: [email protected]


Created an attachment (id=4782)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4782)
My current version of mp2t that doesn't work.

Build Information:
Version 1.5.0 (SVN Rev 33201 from /trunk)

Copyright 1998-2010 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.20.1, (32-bit) with GLib 2.24.1, with libpcap 1.0.0, with
libz 1.2.3, without POSIX capabilities, without libpcre, without SMI, without
c-ares, without ADNS, without Lua, without Python, without GnuTLS, without
Gcrypt, without Kerberos, without GeoIP, without PortAudio, without AirPcap.

Running on Linux 2.6.33.5-112.fc13.i686, with libpcap version 1.0.0, with libz
1.2.3.

Built using gcc 4.4.4 20100503 (Red Hat 4.4.4-2).
--
I've been trying to re-factor the mp2t dissector to be more easily extensible
and am running into reassembly issues.  I would like to make the mp2t dissector
support the 'new model' of having subdissectors set pinfo->desegment_len to
either DESEGMENT_ONE_MORE_SEGMENT or the desired length.  I have tried
following the examples I have found in packet-tcp.c, packet-udp.c, the original
packet-mp2t.c and others, but I just can't piece together how to do it.  I've
been at it for quite a while (a couple hours a day for a few weeks) but am no
closer.

I mainly need help figuring out how to convince wireshark to reassemble the
data packets and then give me a tvb that I can send to to the subdissectors
(either each call, or at the end of the message).

I also get a multitude of these errors:
Warn Dissector bug, protocol MP2T, in packet 1: proto.c:1570: failed assertion
"(guint)hfindex < gpa_hfinfo.len"

I've stepped around in the code with ddd but am not really able to figure out
how to fix the error.

In a nutshell, here is what I am doing:
1. Create a tree with the active set of messages to rebuild (they can be
interleaved).
2. For each PDU, I uniquely identify the frame, subframe & head/tail portion
for the ID.
3. For each PDU I find the active message structure or create a new one.
4. I then add the data to the fragment table with fragment_add() using the
unique ID.
5. I then attempt to reassemble the data with process_reassembled_data()
6. If I get a tvb buffer, I attempt to call the subdissectors.
7. Depending on the output of the subdissector, I may call
fragment_set_partial_reassembly() to indicate that the message isn't complete.
8. Repeat until the end of the UDP message wrapper.

Private data structure:
typedef struct _mp2t_private_t {
    guint16 pid;
    guint8 tsc;
    guint32 consumed;
} mp2t_private_t;

Anders suggested that something is wrong with my hf declarations.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.