Wireshark · Wireshark-dev: [Wireshark-dev] DISSECTOR_ASSERT vs. expert_add

Wireshark-dev: [Wireshark-dev] DISSECTOR_ASSERT vs. expert_add_info vs. MALFORMED packets

Date: Tue, 10 Jun 2008 22:07:56 +0200

In order to better help the end user reading captures, I'm trying to set hints, when decoding problems arise, due to packet data.

My first attempt was using DISSECTOR_ASSERT(), but this causes a 'bug in dissector'. After reading a thread the dev-archive, this is apparently by design, but about 50% of the DISSECTOR_ASSERT() code lines I came across are to catch somewhat expected data errors. 

As suggested there, I switched to expert_add_info, but with the result, that my packets are not marked MALFORMED, which I think is a pity.

And the suggested Macro DISSECTOR_VERIFY_DATA is not written yet.

The other suggested workaround to ask for a silly amount of data, does not really sound the way I'd like to go.


- Is there a 'best practice' to MALFORMED PACKETS without 'bug in dissector'?

- In case nobody is working on 'DISSECTOR_VERIFY_DATA' yet, I'm willing to contribute code, but so far only worked on a dissector for a while. In addition I am not really an exception handler specialist, and I guess, this is pretty core code. A rough hint of what would need to be done could maybe get me started.

Regards
David

Follow-Ups:
- Re: [Wireshark-dev] DISSECTOR_ASSERT vs. expert_add_info vs. MALFORMED packets
  - From: Jaap Keuter
- Re: [Wireshark-dev] DISSECTOR_ASSERT vs. expert_add_info vs. MALFORMED packets
  - From: Guy Harris

Prev by Date: Re: [Wireshark-dev] SMTP: Extracting parametrs
Next by Date: Re: [Wireshark-dev] DISSECTOR_ASSERT vs. expert_add_info vs. MALFORMED packets
Previous by thread: [Wireshark-dev] I need help
Next by thread: Re: [Wireshark-dev] DISSECTOR_ASSERT vs. expert_add_info vs. MALFORMED packets
Index(es):
- Date
- Thread