Wireshark · Wireshark-dev: Re: [Wireshark-dev] failed assertion "save_desegment_offset == pinfo->desegment_offset && save_deseg

["Maynard, Chris" <Christopher.Maynard@xxxxxxx>]

This probably won’t resolve your problem (or maybe it will?), but why are you using le_uint64():tonumber()?

 

    p2p_tree:add(neop2p.fields.length, buffer(offset, 4), buffer(offset, 4):le_uint64():tonumber())

    offset = offset + 4

    p2p_tree:add(neop2p.fields.checksum, buffer(offset, 4), buffer(offset, 4):le_uint64():tonumber())

 

But instead of bothering with le_uint(), why not just use add_le() instead of add()?

 

    p2p_tree:add_le(neop2p.fields.magic, buffer(offset, 4))

    offset = offset + 4

    p2p_tree:add_le(neop2p.fields.cmd, buffer(offset, 12))

    offset = offset + 12

    p2p_tree:add_le(neop2p.fields.length, buffer(offset, 4))

    offset = offset + 4

    p2p_tree:add_le(neop2p.fields.checksum, buffer(offset, 4))

    offset = offset + 24

 

If that doesn’t help, maybe you could post a small capture file for testing purposes?

- Chris

Ref: https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Tree.html

 

 

From: Wireshark-dev [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of ??
Sent: Wednesday, October 31, 2018 10:52 PM
To: wireshark-dev@xxxxxxxxxxxxx
Subject: [Wireshark-dev] failed assertion "save_desegment_offset == pinfo->desegment_offset && save_desegment_len == pinfo->desegment_len"

 

Dear Experts,

    I am building my Lua plugin for Wireshark, but I got a failed assertion below:

    [Dissector bug, protocol TCP: /build/wireshark-rjGTDh/wireshark-2.6.3/epan/dissectors/packet-tcp.c:5591: failed assertion "save_desegment_offset == pinfo->desegment_offset && save_desegment_len == pinfo->desegment_len"]

    Our prorotocol is top on TCP and has a length code in. so I want to get enough bytes for my dissector.

At first, I use pinfo.desegment_len = missing_bytes and return nothing, but got the assertion.

Now, I am using dissect_tcp_pdus, still got the problem.

I attach my code below and look forward to your reply.

Thank you very much and sorry to bother you.

Here is my code:

 

         local neop2p = Proto("NEO", "Neo P2P Protocol")

 

        neop2p.fields.magic = ProtoField.uint32("neop2p.magic", "MAGIC", base.DEC, NET_TYPE)

        neop2p.fields.cmd = ProtoField.string("neop2p.cmd", "COMMAND", base.UNICODE)

        neop2p.fields.length = ProtoField.uint32("neop2p.length", "LENGTH", base.DEC)

        neop2p.fields.checksum = ProtoField.uint32("neop2p.checksum", "CHECKSUM", base.DEC)

        neop2p.fields.payload = ProtoField.string("neop2p.payload", "PAYLOAD", base.ASCII)

 

        local function neop2p_dissector(buffer, pinfo, tree)

            local L = buffer:len()

            local magic = buffer(0, 4):le_uint()

            local cmd = buffer(4, 12):stringz()

            local length = buffer(16, 4):le_uint()

 

            local p2p_tree = tree:add(neop2p, buffer(0, L), "Neo P2P Protocol, "..NET_TYPE[magic])

            pinfo.cols.protocol:set("NEO")

            pinfo.cols.info:set("".. NET_TYPE[magic]..","..cmd)

    

            local offset = 0

 

            p2p_tree:add(neop2p.fields.magic, buffer(offset, 4), buffer(offset, 4):le_uint64():tonumber())

            offset = offset + 4

            p2p_tree:add(neop2p.fields.cmd, buffer(offset, 12), buffer(offset, 12):string())

            offset = offset + 12

            p2p_tree:add(neop2p.fields.length, buffer(offset, 4), buffer(offset, 4):le_uint64():tonumber())

            offset = offset + 4

            p2p_tree:add(neop2p.fields.checksum, buffer(offset, 4), buffer(offset, 4):le_uint64():tonumber())

            offset = offset + 4

 

            if length ~= 0 then

                local payload = buffer(offset, length)

                p2p_tree:add(neop2p.fields.payload, payload, tostring(payload))

                offset = offset + length

            end

            -- if cmd == C_INV then

            --     return neop2p_inv_dissector(payload, pinfo, p2p_tree)

            -- end

            -- if cmd == C_ADDR then

            --     return neop2p_addr_dissector(payload, pinfo, p2p_tree)

            -- end

            -- if cmd == C_GET_DATA then

            --     return neop2p_getdata_dissector(payload, pinfo, p2p_tree)

            -- end

            -- if cmd == C_VERSION then

            --     return neop2p_ver_dissector(payload, pinfo, p2p_tree)

            -- end

            -- if cmd == C_GET_HEADERS then

            --     return neop2p_getheaders_dissector(payload, pinfo, p2p_tree)

            -- end

            return true

        end

 

        local function get_neop2p_len(buffer)

            local len = buffer(16, 4):le_uint() + 24

            return len

        end

 

        local neo = Proto("NEOPROTOCOL", "Neo Protocol")

        function neo.dissector(buffer, pinfo, tree)

            dissect_tcp_pdus(buffer, tree, 24, get_neop2p_len, neop2p_dissector)

            return true

        end

    ---------------------------------------------------------------------------------------------------

    ---------------------------------------------------------------------------------------------------

    ---------------------------------------------------------------------------------------------------

        neo:register_heuristic("tcp", neo.dissector)

 

CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and may contain proprietary, confidential or trade secret information. This message is intended solely for the use of the addressee. If you are not the intended recipient and have received this message in error, please delete this message from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is strictly prohibited.