Wireshark-dev: Re: [Wireshark-dev] tvb_composite
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: "Yosi Saggi" <yosis@xxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 30 Mar 2011 09:34:04 +0200
I have gone through the composite function once more and found the
problem I had with it.
In "tvb_composite_append" function at the end there is a use of
"add_to_used_in_list" function.
This is used also in "tvb_composite_prepend" function.
My issue with the " tvb_composite_append" function was that the first
buffer in the composed_tvb->used_in->data was the last buffer I have
added
To the composed buffer.
As I mentioned the "add_to_used_in_list" function does the following:

static void
add_to_used_in_list(tvbuff_t *tvb, tvbuff_t *used_in)
{
	tvb->used_in = g_slist_prepend(tvb->used_in, used_in);
	tvb_increment_usage_count(tvb, 1);
}

As you can see both for appending and prepending we are using "
g_slist_prepend" which is incorrect. Once I have changed the function
into:

static void
add_to_used_in_list_append(tvbuff_t *tvb, tvbuff_t *used_in)
{
	tvb->used_in = g_slist_append(tvb->used_in, used_in);
	tvb_increment_usage_count(tvb, 1);
}

I can now get my composed buffer in " (tvbuff_t*) composed_tvb
->used_in->data ". I'm not sure this is the way it was ment to be used,
but it works for me. The result is a composed buffer out of the chunked
buffers I have mentioned previously, The functions just need to be fixed
to the appropriate use:
Append - g_slist_append
Prepend - g_slist_prepend

Any comments will be welcomed

Yosi

 
-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Yosi Saggi
Sent: Tuesday, March 29, 2011 11:00 AM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] tvb_composite

reasseble.c is good for fragmented packets, I use it when I have
fragmented packets over a few frames.
I need a solution that composite was supposed to give, in the same
frame. I will explain graphically. 
Let's say this is my buffer for the given frame:
1xxxxxxx
xxxxxxxx
xxx2ooxx
xxxxxxxx
x3ooxxxx
xxxxx4oo
xxxxxxxx

I need a function that will help me get a new buffer (in the same frame,
without touching the original buffer) that will be:
1xxxxxxx
xxxxxxxx
xxx2xxxx
xxxxxxx3
xxxxxxxx
x4xxxxxx
xx

I want to display the original buffer and parse it as usual, I also want
to have the new buffer to be sent to a different dissector that will
take care of the appended data.

Yosi


-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Jakub Zawadzki
Sent: Monday, March 28, 2011 10:30 PM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] tvb_composite

On Mon, Mar 28, 2011 at 03:49:52PM -0400, Jeff Morriss wrote:
> I've never heard of anyone successfully using composite TVBs so I'm 
> guessing the comment (from 2007) is still accurate.

Not working and unused API for at least 4 years... it means than can be
removed, right? :)

Isn't reassemble.c API good (and working!) replacement for composite
TVBs?

Regards.
________________________________________________________________________
___
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
________________________________________________________________________
___
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe