https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4865
Summary: mp2t Reassembly Help
Product: Wireshark
Version: SVN
Platform: All
OS/Version: All
Status: NEW
Severity: Enhancement
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: weston_schmidt@xxxxxxxxxxx
Created an attachment (id=4782)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4782)
My current version of mp2t that doesn't work.
Build Information:
Version 1.5.0 (SVN Rev 33201 from /trunk)
Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.20.1, (32-bit) with GLib 2.24.1, with libpcap 1.0.0, with
libz 1.2.3, without POSIX capabilities, without libpcre, without SMI, without
c-ares, without ADNS, without Lua, without Python, without GnuTLS, without
Gcrypt, without Kerberos, without GeoIP, without PortAudio, without AirPcap.
Running on Linux 2.6.33.5-112.fc13.i686, with libpcap version 1.0.0, with libz
1.2.3.
Built using gcc 4.4.4 20100503 (Red Hat 4.4.4-2).
--
I've been trying to re-factor the mp2t dissector to be more easily extensible
and am running into reassembly issues. I would like to make the mp2t dissector
support the 'new model' of having subdissectors set pinfo->desegment_len to
either DESEGMENT_ONE_MORE_SEGMENT or the desired length. I have tried
following the examples I have found in packet-tcp.c, packet-udp.c, the original
packet-mp2t.c and others, but I just can't piece together how to do it. I've
been at it for quite a while (a couple hours a day for a few weeks) but am no
closer.
I mainly need help figuring out how to convince wireshark to reassemble the
data packets and then give me a tvb that I can send to to the subdissectors
(either each call, or at the end of the message).
I also get a multitude of these errors:
Warn Dissector bug, protocol MP2T, in packet 1: proto.c:1570: failed assertion
"(guint)hfindex < gpa_hfinfo.len"
I've stepped around in the code with ddd but am not really able to figure out
how to fix the error.
In a nutshell, here is what I am doing:
1. Create a tree with the active set of messages to rebuild (they can be
interleaved).
2. For each PDU, I uniquely identify the frame, subframe & head/tail portion
for the ID.
3. For each PDU I find the active message structure or create a new one.
4. I then add the data to the fragment table with fragment_add() using the
unique ID.
5. I then attempt to reassemble the data with process_reassembled_data()
6. If I get a tvb buffer, I attempt to call the subdissectors.
7. Depending on the output of the subdissector, I may call
fragment_set_partial_reassembly() to indicate that the message isn't complete.
8. Repeat until the end of the UDP message wrapper.
Private data structure:
typedef struct _mp2t_private_t {
guint16 pid;
guint8 tsc;
guint32 consumed;
} mp2t_private_t;
Anders suggested that something is wrong with my hf declarations.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.