On Sep 12, 2006, at 12:51 PM, Tomasz Noiński wrote:
Comments about "new_dissector_t" in packet.h say:
/*
* Dissector that returns:
*
* The amount of data in the protocol's PDU, if it was able to
* dissect all the data;
*
* 0, if the tvbuff doesn't contain a PDU for that protocol;
*
* The negative of the amount of additional data needed, if
* we need more data (e.g., from subsequent TCP segments) to
* dissect the entire PDU.
*/
The first two clauses (after "Dissector that returns") of that comment
are true (and there are places where the return value is used as a
length, e.g. the GSSAPI dissector).
The third clause is false. The intent was to do that at some point,
but it never happened. (It's probably the wrong thing to do - lengths
should be unsigned, not signed.)
pinfo->desegment_offset = offset;
pinfo->desegment_len = 1;
return -1;
Try
pinfo->desegment_len = tvb_length_remaining(tvb, offset) + 1;
return tvb_length(tvb);
instead, or try making it not a "new-style" dissector (so it returns
nothing) but still change the "pinfo->desegment_len" line in that
fashion. Let us know whether that works. (I.e., I think the
desegment_len might be releative to the desegment_offset.)
If it works, the example probably needs changing - and the API perhaps
needs changing as well.
