Wireshark mailing list archives

Re: TCP dissect issue when app-level message spans multiple TCP packets

From: Graham Bloice <graham.bloice () trihedral com>
Date: Thu, 05 May 2011 16:43:07 +0100

On 05/05/2011 16:27, Chris Maynard wrote:

Graham Bloice <graham.bloice@...> writes:

    The
        get_message_tcpmessage_len function should also check that there
        are enough bytes in the passed in tvb to call tvb_get_letohl(),
        as the OP's code did.--

I don't think that's the case as tcp_dissect_pdus() is told how many bytes are
needed via the fixed_len argument, so it won't call get_message_tcpmessage_len()
until at least that many bytes are available.

See packet-tcp.c's tcp_dissect_pdus() where it checks for "if (length_remaining
< fixed_len)".

I knew I should have looked at the code and not spouted forth from memory,
Chris is right.  I was thinking of some similar code that does some heuristic
checks before calling tcp_dissct_pdus().

-- 
Regards,

Graham Bloice

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 04)
- Re: [Wireshark-dev] TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
  - Re: TCP dissect issue when app-level message spans multiple TCP packets Graham Bloice (May 05)
    - Re: TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
    - Re: TCP dissect issue when app-level message spans multiple TCP packets Graham Bloice (May 05)
  - Re: TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 05)
    - Re: TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
    - Re: TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 05)
    - Re: TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
    - Re: TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 05)
    - Re: [Wireshark-dev] TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
    - Re: TCP dissect issue when app-level message spans multiple TCP packets Guy Harris (May 05)
    - Re: [Wireshark-dev] TCP dissect issue when app-level message spans multiple TCP packets John Sullivan (May 05)
    - Re: TCP dissect issue when app-level message spans multiple TCP packets Guy Harris (May 05)
    - Re: TCP dissect issue when app-level message spans multiple TCP packets Guy Harris (May 05)

(Thread continues...)