> For the more normal case where we try to fetch more bytes than are there,
> I
> don't know. If its a protocol I'm working with I can usually quickly tell
> what has gone wrong, helped by by seeing where dissection stopped.
Hmm, I'm quite new to debugging Wireshark dissectors. So, suppose I see that my dissector stops at point X. The only way to find out what the reason is is to look at the values displayed by Wireshark, compare them with values which were sent in the reality and find the point where dissection went wrong then. Do I understand it right?
BR
Ewgenij