Hi, there.
Thank you guys for greate product.
I successuly wrote my dissector and few days ago found failure in it.
I have next situatioin:
I dissect last packet in some sequence and get new tvbuffer from
process_reassembled_data
Next step i do is parsing of this new tvbuffer.
I parse it and add new items to tree under my protocol item.
And this is a place where problem is.
I parse new tvbuff from begin, this means that offset is ZERO,
tvbuff it self has raw_offset == -1
When I parse, i do not know a length of element, so i add item to tree and later call
proto_item_set_end
to set end of element in data buffer. if element, which i have read, has quite big size, then all works fine. if it has small size, then i get assert from proto_item_set_end.
It's turned out that every item in tree has 'finfo', which contains filed 'start'. For me this start is usually 28. if my first item in reassebled tvbuff is less then 28, i get assert.
As I can see, the problem happens because all items in tree has 'finfo' field from parent (not reassebled) tvbuff.
So, what i have to do to fix this? how to add items from new tvbuff correctly ?
I use wireshark 1.8.5 on Windows 7
--
With best regards
Ilya 'Akhil' Shvetsov
