> On Jan 21, 2020, at 9:46 AM, João Valverde <joao.valverde@xxxxxxxxxxxxxxxxxx> wrote:
>
>
>
> On 21/01/20 14:33, Christian Hopps wrote:
>> So I've got a payload of packets in a single frame. I'm calling dissector_try_uint_new() to dissect each payload (typically IPv4 packets). Some of these packets are considered "malformed" by wireshark (e.g., created by scapy/trex with some bogus values).
>>
>> The problem I'm hitting is that the first malformed inner packet fails all the way out of my parent dissector, so it doesn't dissect any of the other packets in the payload.
>>
>> Another problem I'm having is that the IP sub-dissector is overwriting my source and destination addresses in the pinfo/tree (not sure which doesn't really matter).
>>
>> Summary:
>>
>> - How can I "catch" errors in a subdissector so I can call other sub-dissectors?
>
> Use TRY/CATCH (in epan/exceptions.h).
This worked!
Thanks,
Chris.
>
>> - How can I "block" sub-dissectors from overwriting my outer header information?
>
> I don't think you can. Maybe your IPTFS dissector can set it after the sub-dissectors run.
>
>>
>> Thanks,
>> Chris.
>> ___________________________________________________________________________
>> Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
>> Archives: https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>
> ___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives: https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
