[Dmitry Lazurkin <dilaz03@xxxxxxxxx>]

Thank you for reply.

After return dissection function continue parsing rest of packet. I think this is not good.

PS. Question about dissection of kafka strings, bytes and arrays.

On 11/16/2016 11:29 PM, Alexis La Goutte wrote:

Hi,

You need to add a expert info and return

There is already check on proto_tree_add_* function to detect malformed value (and automally return)

Cheers

On Wed, Nov 16, 2016 at 5:57 PM, Dmitry Lazurkin <dilaz03@xxxxxxxxx> wrote:

Hello.

I read packet header and try to read string length and string data. But
string length field has illegal value. I add expert info. But how to
stop dissection after adding expert info? I can not dissect rest of
packet at this point. I can return error code from this function, but
calling tree may be too big. May be exists more graceful solution?
Something like exceptions in C++.

PS. I found DISSECTOR_VERIFY_DATA in mailing lists, but it is not
implemented in source code.


___________________________________________________________________________
Sent via:� � Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:� � https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
� � � � � � �mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe