Wireshark mailing list archives
Re: Hierarchy of fields & offsets again, more potential offenders
From: Pascal Quantin <pascal.quantin () gmail com>
Date: Thu, 10 Aug 2017 08:50:04 +0200
Le 10 août 2017 00:03, "Alexis La Goutte" <alexis.lagoutte () gmail com> a écrit : On Wed, Aug 9, 2017 at 7:05 PM, Pascal Quantin <pascal.quantin () gmail com> wrote:
Hi Stig (and Sake), 2017-08-02 22:24 GMT+02:00 Stig Bjørlykke <stig () bjorlykke org>:On Wed, Aug 2, 2017 at 10:03 PM, Sultan, Hassan via Wireshark-dev <wireshark-dev () wireshark org> wrote:Regarding tcp.payload, I don't think tcp.payload in itself has anyproblems. I think the issue lies in tcp showing a length of 32 only, even though it has tcp.payload as its child. The tcp.payload field was recently added, have a look at https://code.wireshark.org/review/22374 I do agree that this is displayed wrong and should be fixed. Increasing the length of the TCP header would be wrong because the payload is dissected by upper protocols and does belong with the TCP header. Putting it at top level would also be wrong because it's not a protocol.What about marking it as PROTO_ITEM_SET_GENERATED() as a first step? Tis value is inferred from the tvb length and not a real field.
tcp.payload is not really GENERATED... (for me) It is inferred from the remaining length and not explicitly transmitted in the header. This matches rather well the PROTO_ITEM_SET_GENERATED definition. I'm not sure if this could be of any help for Hassan's parser or not.
Regards, Pascal. ____________________________________________________________ _______________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscr ibe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Hierarchy of fields & offsets again, more potential offenders, (continued)
- Re: Hierarchy of fields & offsets again, more potential offenders Pascal Quantin (Aug 02)
- Re: Hierarchy of fields & offsets again, more potential offenders Sultan, Hassan via Wireshark-dev (Aug 02)
- Re: Hierarchy of fields & offsets again, more potential offenders Pascal Quantin (Aug 02)
- Re: Hierarchy of fields & offsets again, more potential offenders Stig Bjørlykke (Aug 02)
- Re: Hierarchy of fields & offsets again, more potential offenders Sultan, Hassan via Wireshark-dev (Aug 02)
- Re: Hierarchy of fields & offsets again, more potential offenders Sultan, Hassan via Wireshark-dev (Aug 07)
- Re: Hierarchy of fields & offsets again, more potential offenders Alexis La Goutte (Aug 08)
- Re: Hierarchy of fields & offsets again, more potential offenders Sultan, Hassan via Wireshark-dev (Aug 08)
- Re: Hierarchy of fields & offsets again, more potential offenders Pascal Quantin (Aug 02)
- Re: Hierarchy of fields & offsets again, more potential offenders Pascal Quantin (Aug 09)
- Re: Hierarchy of fields & offsets again, more potential offenders Alexis La Goutte (Aug 09)
- Re: Hierarchy of fields & offsets again, more potential offenders Pascal Quantin (Aug 09)
- Re: Hierarchy of fields & offsets again, more potential offenders Stig Bjørlykke (Aug 10)
- Message not available
- Re: Hierarchy of fields & offsets again, more potential offenders Pascal Quantin (Aug 10)
- Re: Hierarchy of fields & offsets again, more potential offenders Sultan, Hassan via Wireshark-dev (Aug 11)
- Re: Hierarchy of fields & offsets again, more potential offenders Sultan, Hassan via Wireshark-dev (Aug 03)