Wireshark-bugs: [Wireshark-bugs] [Bug 8275] Basic dissector: FIPA/ACL Message protocol over TCP
Date: Sun, 24 Nov 2013 03:15:56 +0000

changed bug 8275

What Removed Added
Attachment #12004 is obsolete   1
Attachment #12004 Flags review_for_checkin?  

Comment # 26 on bug 8275 from
Created attachment 12159 [details]
Cleaned up patch

I cleaned up the dissector with a few things:

1. Reordered functions so there didn't need to be a declaration at the top of
the file
2. Removed all functions used strictly for testing.
3. Removed unnecessary includes
4. Converted dissector to "new style" so it give other dissectors a shot if its
determined the packet isn't an ACL message
5. Added ACL by handle to "tcp.port" so you can still use Decode As without a
port range.

Played around with the dissector a bit and the reassembly still doesn't seem to
work.  For example, packet 10 in provided capture includes "most" of a message
(missing ending parathessis?) yet it is never "reassembled".  Packet 12 appears
to be a complete message, but is perhaps thrown off by packet 10?

Overall I think fields should be populated when found and not wait for a
"complete" list of parameters.  It makes finding truly malformed packets much
easier.


You are receiving this mail because:
  • You are watching all bug changes.