byte[] b1 = { 0, 3 }; //header
byte[] b2 = { 5, 5, 5 }; //data
my dissector is for a 5 bytes message , and is successfull when i send the message like this byte[] buffer = { 0, 3, 5, 5, 5 };
my dissection code is :
static guint get_message_len(packet_info *pinfo, tvbuff_t *tvb, int offset)//a
{
return 3; // the value from the header that represents the length of the data coming after the header
}
static
void foo_msg_dissect(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 2,get_message_len, dissect_foo);
}
void
dissect_mxm(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
if (check_col(pinfo->cinfo, COL_PROTOCOL))
col_set_str(pinfo->cinfo, COL_PROTOCOL,
"mxm");
if (check_col(pinfo->cinfo,COL_INFO))
col_clear(pinfo->cinfo,COL_INFO);
if (tree) /* we are being asked for details */
{
proto_item *ti;
mxm *msg;
ti = proto_tree_add_item(tree, proto_mxm, tvb, 0, -1, FALSE);
tree = proto_item_add_subtree(ti, ett_mxm);
msg = ep_alloc(
sizeof(mxm));
/* call the call dissection logic for my message . */
............
............
}
}
problem is my message is not being reassmbled .
When i try to dissect with this code , wireshark throws an exception for each part of the buffer i send (b1 & b2) ,
and i see in the GUI only the header tree, but with different values (first packet with the right header values , and 2nd packet with values from the message itself . )
Thanks
Yonatan
