On Tue, Nov 18, 2008 at 01:28:53PM -0600, Federico Mena Quintero wrote:
> I've been working on making the VNC dissector work for TightVNC
> extensions, including decoding rectangles with tight compression.
Excellent! Could you please open a bug (https://bugs.wireshark.org) and
mark it as an enhancement request and then attach your patches to it?
> The patchset is attached; it's all my individual commits for clarity,
> but please tell me if you'd prefer to have this as a single, big
> patch. This adds the following to the VNC dissector:
That's fine.
> That is, the dissectors first check that they have as much data as
> they need, and only then do they fiddle with the displayed tree. Is
> this correct, or am I overlooking something?
That is correct, but see below..
> Changing the VNC dissector to follow that pattern isn't horribly hard,
> just a lot of grunt work, but I can handle it if someone can confirm
> what the "right" pattern is for a dissector :)
It would be appreciated if you could figure out a better way to handle
the VNC dissection. The problem I ran into writing the bulk of the VNC
dissector was that you don't know how much more data there is until you
go further along in the packet. Basically: you find out you need X more
bytes of data, so you request them, then you find out you need Y more
bytes of data after reading the X bytes of data and so on. I stared at
the VNC dissector so much that I may have just overlooked a better way
to handle things. Any input/code is appreciated :).
Steve