Robert Naumann wrote:
Hello,
i have got a new problem with tcp_dissect_pdus(). I got a PDU with the
fixed header lenght of 8 Bytes, which also contains the lenght of the
whole PDU. The lenght-information is stored in the 3th Byte, so the
minimum Headersize is 3. The Datalength of the PDU in my cases is
always 1 Byte.
In the first case the PDU is split over 4 TCP-Segments:
1. Segment: 1 Byte (PDU Type)
2. Segment: 1 Byte (some stuff)
3. Segment: 1 Byte (length-information)
4. Segment: 5 Bytes (some stuff + one Databyte)
- in this case tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 3 ,
get_pdu_len, dissect_pdus); works fine
-> get_pdu_len passes 9 as the number of Bytes for the whole PDU
-> reassembling works followed by a correct dissection
In the second case the PDU is only slip over 2 TCP-Segments:
1. Segment: 1 Byte (PDU Type)
2. Segment: 8 Bytes (some stuff + length information + some stuff +
Databyte)
- in this case tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 3 ,
get_pdu_len, dissect_pdus); doesnt work correctly
-> get_pdu_len passes 9 as the number of Bytes for the whole PDU
-> the wireshark-frame only shows [TCP segment of a reassembled PDU]
with reassembled 3 Bytes (minimum Headerbytes)
-> the rest seems to be ignored, which causes wrong dissection of the
following packets in the same direction
I already looked in packet-tcp.c and tried to figure out whats
happening. tcp_dissect_pdus() seems to work correctly. I think the
problem lies in desegment_tcp() but i couldn't figure out whats wrong.
Any help would be appreciated.
Regards,
Robert
No answer? Noone ever had a similar problem? I wanna know if this could
be a bug in desegment_tcp()-code or if i'm doing something wrong. This
different (wrong) reassembling and dissection only caused by different
splitting over TCP-Segments makes no sense. My Dissectorcode didnt change.
Hopefully awaiting any reply,
Regards
Robert
