Wireshark-dev: Re: [Wireshark-dev] IEEE 802.15.4 Payload IE Handling
From: Graham Bloice <[email protected]>
Date: Thu, 1 Sep 2016 13:21:29 +0100

On 1 September 2016 at 13:11, Klaus Hueske <[email protected]> wrote:

Hi all,


happy to see that recent versions of the 802.15.4 dissector support the dissection of 802.15.4 header and payload information elements.


However, there seem to be some issues in the current implementation, especially for unknown payload IEs:


1. The call of “dissect_ieee802154_payload_ie” is after setting “payload_tvb”. This leads to the issue that dissection of the next higher protocol starts after the header information elements, not after the payload information elements.


2. Inside “dissect_ieee802154_payload_ie” the “offset” is not incremented in the default case, a line “offset += pie_length;” seems to be missing.


I attached some quick fix as a workaround for the above issues, but this would only work in cases where no encryption is used.


Best regards,




Thanks for your observations, please see the wiki page on submitting patches (https://wiki.wireshark.org/Development/SubmittingPatches) for info on how to submit changes to Wireshark.

Graham Bloice