Need advice about protocol defragmentation

[Brian White <mscdex () mscdex net>]

I'm currently writing a dissector for a protocol where the server can
fragment its data within a single frame as well as across multiple
consecutive frames (if necessary). No fragment will ever begin in one frame
and end in the next, so frames will always contain whole fragments.

Also, the total length of the data is not known ahead of time, so I cannot
use tcp_dissect_pdus(). There are also no sequence numbers, ids, or anything
else in the fragment headers, all I have is a byte containing some flags
(indicating fragment or termination -- the final fragment) and the fragment
length, which is present at the beginning of each fragment. There is no
interleaving of application-level packets from the server to the client, so
it is safe to keep reading fragments/frames until I find that a termination
flag is set.

I started out using fragment_add_multiple_ok() and
process_reassembled_data(), but then I became a bit confused about the
meaning of the offset parameter. Since there can be multiple fragments per
frame in this case, I assumed that the frag_offset is simply the offset
within the current tvbuff_t. However, what should I then be using for the
offset parameter?

If there's an easier way to go about defragmenting for this type of
protocol, please let me know as well.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe