[Anton Glukhov <anton.a.glukhov@xxxxxxxxx>]

Great idea! I think I can store it in conversation structure, because I already use it to track some parameters of fragments.

2018-03-22 18:00 GMT+01:00 Peter Wu <peter@xxxxxxxxxxxxx>:

On Thu, Mar 22, 2018 at 04:07:05PM +0100, Anton Glukhov wrote:
> I have dissector which works with fragments and reassembling by using
> fragment_add_check() and process_reassembled_data() functions. Now I got
> one problem. Each new fragment must be validated thought CRC32 calculation,
> but not for itself but for all previous fragments together. Here is an
> example: imagine that we received 3 fragments and now they are already in
> fragment_table. Next 4th fragment is coming and we need to verify it. In
> order to verify it we have to take all previous fragments(all 3 previous)
> out, concatenate them, calculate crc32 for all _four_ fragments together
> and put 4th fragment into fragment_table by using function
> fragment_add_check(). So, it looks like we do "temporary" reassemble for
> each new packet with all previous packet. Could you help me with ideas how
> to design it better?

Can you somehow identify the individual fragments outside the reassembly
table? If so, what about storing the CRC32 value of the last fragment
(for example, in a hash table or linked list), then look that up and use
it as seed for the CRC32 calculation with your new fragment?
--
Kind regards,
Peter Wu
https://lekensteyn.nl
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe