Ethereal-dev: Re: [Ethereal-dev] ip defragment, virtual packets

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <gharris@xxxxxxxxxxxx>
Date: Tue, 10 Apr 2001 07:36:13 -0700
On Tue, Apr 10, 2001 at 01:20:57AM -0700, Guy Harris wrote:
> This may be a failure in the way we handle calling old-style dissectors
> from tvbuffified dissectors...
> 
> ...but the right way to fix it is, I think, to get rid of the remaining
> old-style dissectors or, at least, get rid of the ones for protocols
> that run atop UDP (you're unlikely to get TCP segments inside fragmented
> IP datagrams, although it's not impossible to get that).

The problem is worse - calling *any* old-style dissector when you're
working on a secondary data source may not work correctly, as:

	"tvb_create_from_top()" assumes that "pi.compat_top_tvb" points
	to a tvbuff to which its "pd" argument belongs;

	the code to set the "name of the data source" field for a
	protocol tree item assumes that, if the tvbuff pointer is null,
	the name is "Frame";

	old-style dissectors assume "pi.captured_len" and "pi.len" refer
	to the length of the data being worked on;

and none of those will be true unless "pi.compat_top_tvb",
"pi.captured_len", "pi.len", and "null_tvb_ds_name" are all changed when
a secondary data source is created - and restored when the dissector
working on the top-level tvbuff for the secondary data source returns.

This could cause problems even in the *current* code, if an IP datagram
inside a Wellfleet-compressed packet contains data from a protocol
dissected with an old-style dissector.