On Mon, Jan 14, 2013 at 10:51 AM, Ewgenij Sokolovski
<ewgenijkkg@xxxxxx> wrote:
> I like having malformed in the protocol tree, or at least I like to be
> able
> to use the 'malformed' filter.
> Note that it is also added hidden when malformed is used as a type of
> expert info.
I think "malformed" is OK if there is an explanation, what "malformed" in the particular case means. The packet is malformed indeed and it's good for error search and hierarchical structure of reporting:) But without an explanation the user is quite confused...
So, should I submit an appropriate bug report to bugzilla?
For the cases that I add explicitly using expert info, there is a descriptive text, e.g. "Reserved bits should be 0x0, 0x1 found" or "Too many padding subheaders found (limit is 2)". And with expert info you can find in the tree when it occurs.
For the more normal case where we try to fetch more bytes than are there, I don't know. If its a protocol I'm working with I can usually quickly tell what has gone wrong, helped by by seeing where dissection stopped.
