Wireshark-dev: [Wireshark-dev] mp2t Reassembly Help
Hello,
I've been trying to re-factor the mp2t dissector to be more easily extensible and am running into reassembly issues. I would like to make the mp2t dissector support the 'new model' of having subdissectors set pinfo->desegment_len to either DESEGMENT_ONE_MORE_SEGMENT or the desired length. I have tried following the examples I have found in packet-tcp.c, packet-udp.c, the original packet-mp2t.c and others, but I just can't piece together how to do it. I've been at it for quite a while (a couple hours a day for a few weeks) but am no closer.
I mainly need help figuring out how to convince wireshark to reassemble the data packets and then give me a tvb that I can send to to the subdissectors (either each call, or at the end of the message).
I also get a multitude of these errors:
Warn Dissector bug, protocol MP2T, in packet 1: proto.c:1570: failed assertion "(guint)hfindex < gpa_hfinfo.len"
I've stepped around in the code with ddd but am not really able to figure out how to fix the error.
In a nutshell, here is what I am doing:
1. Create a tree with the active set of messages to rebuild (they can be interleaved).
2. For each PDU, I uniquely identify the frame, subframe & head/tail portion for the ID.
3. For each PDU I find the active message structure or create a new one.
4. I then add the data to the fragment table with fragment_add() using the unique ID.
5. I then attempt to reassemble the data with process_reassembled_data()
6. If I get a tvb buffer, I attempt to call the subdissectors.
7. Depending on the output of the subdissector, I may call fragment_set_partial_reassembly() to indicate that the message isn't complete.
8. Repeat until the end of the UDP message wrapper.
I can send the code (if I get it working, I'd very much like to submit it back) but don't want to clog everybody's email inboxes.
Any help is appreciated.
Thanks,
Wes
