Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How to extract a string

From: "Anders Broman" <a.broman () telia com>
Date: Fri, 4 Dec 2009 07:37:26 +0100
Hi,


From the picture below it looks like you are reading the length from offset


0x43 the bytes would then be; starting with the high lighted 0x06 which is
high lighted by

By proto_add_item with length 1.

06 05 44 72 61 6d 61 65 6e 67 00

Loc_name length would then be 0x0605 as you are reading two octets with
tvb_get_ntohs()

Then you are adding the “string”  0x05 44 .. as offset is just moved one
byte with a length of

0x0605 with proto_add_item probably causing a “malformed packets” as you are
trying to read

outside of the tvb.

 

Best regards

Anders

 

 

  _____  

Från: wireshark-dev-bounces () wireshark org
[mailto:wireshark-dev-bounces () wireshark org] För Rach, Darshan
Skickat: den 4 december 2009 04:58
Till: wireshark-dev () wireshark org
Ämne: [Wireshark-dev] How to extract a string

 

Hi,

 

How to extract a string from packet (of Hex values)?

I know the string length.

 



 

I tried doing the following. But I am still not able to find it.

 

guint16 loc_name_length =0;

 

/*Location Name Length*/

proto_tree_add_item(oqtp_tree, hf_loc_name_length, tvb, packet_field_offset,
1, FALSE);

loc_name_length = tvb_get_ntohs(tvb, packet_field_offset);

packet_field_offset += 1;

 

/*Location Name*/

proto_tree_add_item(oqtp_tree, hf_loc_name, tvb,
packet_field_offset,loc_name_length ,FALSE);

packet_field_offset = packet_field_offset + loc_name_length + 1;

 

Any help on this would be appreciated.

 

Regards,

Darshan

 

  _____  

This message is confidential and intended only for the addressee. If you
have received this message in error, please immediately notify the
postmaster () nds com and delete it from your system as well as any copies. The
content of e-mails as well as traffic data may be monitored by NDS for
employment and security purposes.
To protect the environment please do not print this e-mail unless necessary.

An NDS Group Limited company. www.nds.com



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: