Wireshark-dev: Re: [Wireshark-dev] Appending 2 TVBs in Wireshark 1.8.2

From: "Zadik, Maayan" <mzadik@xxxxxxxxxxxxxxxx>
Date: Mon, 29 Oct 2012 18:18:03 +0000
Hi Bill,
thanks for the reference :).

so here is where i'm at:
i have data that when too big gets fragmented, then my dissector re-assembles it.
every data chunk in the assembled frame is wrapped with its own header (basically containing the chunk's size)
so when i send the data to my mac dissector, i need to collect only the data without the headers in a single TVB.
my implementation is as below:

{
tvbuff_t* total_payload = tvb_new_composite();

/* Loop over data elements */
for (j = 0; j < num_of_data_chunks; j++)
{
data_size = tvb_get_ntohs(tvb, *plen);
*plen += 2;

// get data chunk
val_ptr = tvb_get_ptr(tvb, *plen, data_size);
tvb_temp = tvb_new_real_data(val_ptr, data_size, data_size);
*plen += data_size;

/* Compose the final buffer with the temp buffer (add the curent data chunk to the total data buffer) */
tvb_composite_append(total_payload, tvb_temp);

}

/* Finalize the composed buffer */
tvb_composite_finalize(total_payload);

DISSECTOR_ASSERT(total_payload != NULL);
call_dissector_only(my_mac_lte_handle, total_payload, pinfo, tree);
}

the problem occurs when i try to create a subset of this TVB:

tvbuff_t *srb_tvb = tvb_new_subset(tvb, offset, rlc_data_length, rlc_data_length);
call_dissector_only(my_rlc_lte_handle, srb_tvb, pinfo, tree);

when printing the the original TVB's and the subset's params i see the following:

                                           tvb_addr               1st byte                 offset from base      tvb length


so, you see when i try to create a subset, instead of the data being 0x0b i'm getting 0xaa and i don't know why.

can you spot what i'm doing wrong?

Thanks,
maayan
________________________________________
From: wireshark-dev-bounces@xxxxxxxxxxxxx [wireshark-dev-bounces@xxxxxxxxxxxxx] on behalf of Bill Meier [wmeier@xxxxxxxxxxx]
Sent: Monday, October 29, 2012 6:06 PM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Appending 2 TVBs in Wireshark 1.8.2

On 10/28/2012 12:20 PM, Zadik, Maayan wrote:
> Hi all,
>
> How do I create a single TVB from several data chunks?
>
> Is there a way to append two TVBs?
> I know the composite doesn't work. I tried it.
>
>
> Regards,
> Maayan
>
>
>

Well: you can create your own tvb using tvb_new_real_data() pointing to
a buffer you've created containing the data you've copied from the two
tvb's.

That being said, the composite TVB code should work. (I fixed the code
some time ago and the code is part 1.8).

(I think composite TVbs are even being used someplace in 1.80).

What problems did you have using a composite TVB ?

Providing the essentials of code you used would help us to see what's
happening.

Also, see epan/tvbtest.c for an example of code which creates composite
tvb's.

(Ignore the comment about "Composite tvbuffs don't work at the
moment...". AFAIK composite TVBs should work. I apparently forgot to
remove the comment when I did the work a while back).

Bill






___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe