Wireshark mailing list archives

mp2t Reassembly Help

From: Weston Schmidt <Weston_Schmidt () TVWorks com>
Date: Thu, 10 Jun 2010 01:31:26 -0700

Hello,

I've been trying to re-factor the mp2t dissector to be more easily
extensible and am running into reassembly issues.  I would like to make
the mp2t dissector support the 'new model' of having subdissectors set
pinfo->desegment_len to either DESEGMENT_ONE_MORE_SEGMENT or the desired
length.  I have tried following the examples I have found in
packet-tcp.c, packet-udp.c, the original packet-mp2t.c and others, but I
just can't piece together how to do it.  I've been at it for quite a
while (a couple hours a day for a few weeks) but am no closer.

I mainly need help figuring out how to convince wireshark to reassemble
the data packets and then give me a tvb that I can send to to the
subdissectors (either each call, or at the end of the message).

I also get a multitude of these errors:
Warn Dissector bug, protocol MP2T, in packet 1: proto.c:1570: failed
assertion "(guint)hfindex < gpa_hfinfo.len"

I've stepped around in the code with ddd but am not really able to
figure out how to fix the error.

In a nutshell, here is what I am doing:
1. Create a tree with the active set of messages to rebuild (they can be
interleaved).
2. For each PDU, I uniquely identify the frame, subframe & head/tail
portion for the ID.
3. For each PDU I find the active message structure or create a new one.
4. I then add the data to the fragment table with fragment_add() using
the unique ID.
5. I then attempt to reassemble the data with process_reassembled_data()
6. If I get a tvb buffer, I attempt to call the subdissectors.
7. Depending on the output of the subdissector, I may call
fragment_set_partial_reassembly() to indicate that the message isn't
complete.
8. Repeat until the end of the UDP message wrapper.

I can send the code (if I get it working, I'd very much like to submit
it back) but don't want to clog everybody's email inboxes.

Any help is appreciated.

Thanks,
Wes

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

mp2t Reassembly Help Weston Schmidt (Jun 10)
- Re: mp2t Reassembly Help Anders Broman (Jun 10)