TCP reassembling

[fab12 () freesurf fr]

Hello,

I am having problem using the tcp_dissect_pdus and hope someone can help
me here.

The documentation seems pretty clear to me and I think I am doing what I
am suppose to do:

        tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 20,
                    get_foo_message_len, dissect_foo_packet);


static guint get_foo_message_len(packet_info *pinfo, tvbuff_t *tvb, int
offset)
{
        guint length;
        unsigned char lengthBytes[4];

        tvb_memcpy(tvb, lengthBytes, offset+MPI_LENGTH_INDEX, MPI_LENGTH_SIZE/8);
        length = lengthBytes[0] + (lengthBytes[1]<<8) + (lengthBytes[2]<<16) +
(lengthBytes[3]<<24) + MPI_HEADER_SIZE;

    return length;
}

Unfortunaty when I open a capture file it is not working properly.
When I attach to wireshark with a debugger I can see that the behavior is
not the one I expect:

1. The debugger stop to a first frame which contains the beginning of a
large message.
I can see that my get_foo_message_len is called and returns the length of
the complete message.
2. Then wireshark the process the next frame which contains the remaining
of the message. I can see it calls get_foo_message_len. Is this normal?
I don't think so and if it is what am I suppose to do since I can't
retrieve the size of the message the second time.

Best regards,
Fabien

PS: Sorry if this is a duplicate. I tried to send the question already
yesterday but I can't see it in my outbox so I guess I misclicked...


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe