Steve Grinwis wrote:
First of all I am using the TCP_dissect_pdu’s function, and it works
great if there are multiple TCP packets in the same pdu. However if it
goes the other way, and there are multiple PDU’s in the same tcp packet,
the dissect_pdu’s will pull the length out of the first pdu, and then
attempt to reapply that length over and over again in the same TCP
packet. Hilarity (a.k.a chaos) ensues. Am I using the function
incorrectly?
Probably. It works fine in that case with other dissectors.
The length is fetched by calling back to the "get PDU length" routine;
that routine is passed a pointer to a tvbuff *and* an offset in that
tvbuff, and the offset is the offset within that tvbuff of the beginning
of the PDU.
If your "get PDU length" routine is fetching the length from the
*beginning* of the tvbuff it's handed, it's incorrect. It should fetch
the length starting at the offset it's handed.
