Hi,
If I remember correctly the header dissection in gtp is a bit iffy and
could do with a rewrite
if some one has the time... On the other hand there is no bug reports
about the dissection...
Regards
Anders
-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Rayne
Sent: den 11 juni 2009 04:37
To: Developer support list for Wireshark
Subject: [Wireshark-dev] GTP extension headers for TPDU
Hi,
I noticed that in the GTP dissector, when the GTP message is a TPDU
(GTPv1), and the "Next Extension Header" bit (and/or the S and/or PN
bit) is set, the offset is set to 11, which points to the "Next
Extension Header Type" field. If this field has a value of 0, then the
offset is increased by one, and we move on to check if the next layer is
IPv4, IPv6 or PPP.
My understanding is that if the "Next Extension Header Type" field value
is 0, then either the S or PN bit is set to 1, so increasing the offset
by 1 allows us to move past the "Next Extension Header Type" field to
the next IP/PPP header, since there are no extension headers.
What happens if the "Next Extension Header Type" field value is not 0?
The offset is still at 11, which still points to the "Next Extension
Header Type" field. There doesn't seem to be any mechanism to deal with
these extension headers.
Thank you.
Regards,
Rayne
________________________________________________________________________
___
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
