wireshark-dev October 2010 archive
Main Archive Page > Month Archives  > wireshark-dev archives
wireshark-dev: Re: [Wireshark-dev] TCP data PDU decoding fails d

Re: [Wireshark-dev] TCP data PDU decoding fails depending on TCP options field?

From: Fulko Hew <fulko.hew_at_nospam>
Date: Fri Oct 01 2010 - 19:54:45 GMT
To: Developer support list for Wireshark <wireshark-dev@wireshark.org>

On Fri, Oct 1, 2010 at 3:19 PM, Sake Blok <sake@euronet.nl> wrote:

> On 1 okt 2010, at 20:35, Fulko Hew wrote:
>
> > On Fri, Oct 1, 2010 at 2:18 PM, Sake Blok <sake@euronet.nl> wrote:
> > Could you please open a bug report at http://bugs.wireshark.org and
> attach the two tracefiles so that we don't lose track of it?
> >
> > Done, bugzilla entry #5269 submitted.
> >
> > https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5269
>
> Thanks, this will prevent it from being forgotten.
>
> I just checked in a partial fix. Now the packets in your trace are indeed
> decoded, however, there are still some problems with the dissection, so I
> will leave the bug open until that is fixed too.
>

I looked at the src for that dissector, and I found that the enumerations
for the bit mask for the flags field
were all 'off-by-one' and that the endian-ess macro was there and used in
numerous places.

By shifting the mask enumerations, I got the dissector to work, but I didn't
check the details.

Fulko

___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe