Wireshark · Ethereal-dev: [Ethereal-dev] Refragmentation again!

["Sofia Altieri" <sofiaaltieri@xxxxxxxxxxx>]

Hello List, : (
Sofia's back again

I have some problems reassembling my packets properly.

My proto is very simple and when fragmented each fragment is defined as 
follows:


+------------------------------------------------------------+
|   PKTH    |       MSGH        |     DATA        |          | 1) if packet 
is First Fragment
+------------------------------------------------------------+
<-------------><------------------->
   16byte          32byte
.
.
.

+------------------------------------------------------------+
|   PKTH    |              DATA                        |         n) if 
packet is  Nth Fragment
+------------------------------------------------------------+
<------------>
  16byte


Eeach Packet Header (PKTH) has :

1) SOM, EOM, DAT flags respectively meaning 'First Frag', 'Last Frag', 
'Cointaing Data'

2) SEQ : number of sequence (but *NOT* relatively to the Fragmented 
Sequence, so, The *FIRST FRAGMENT* SEQ number is not necessarily 0)

Before showing you the code I'll tell you the idea I have in mind

-Sniff a packet.
-Treat each packet and determine if it's a fragment
-If it is, check if it's the first fragment.
	-If it is, add it to the msg_fragment_table with its (PKTH + MSGH) header
	-it it is not, add it to the msg_fragment_table excluding PKTH header and 
including only data (payload)


My code is as follows:

static void insert_fragment (tvbuff_t * tvb, packet_info *pinfo, proto_tree 
*my_proto_tree _U_, my_proto_header_t * pkth, gint offset) {

gboolean save_fragmented;
guint8 flags;
fragment_data  *frag_msg = NULL;
tvbuff_t * next_tvb = NULL;
offset = 16; /* if this is not the first frag skip the header */


flags = pkth->flags;        /*GET THE FLAGS*/
save_fragmented = pinfo->fragmented

/*if this is a fragment process it*/
if ( is_udp_frag)    {

/*If this is the first frag DO NOT SKIP proto header */
if (is_first_frag)  offset = 0;


tvbuff_t *new_tvb = NULL;
guint32 msg_seqid = get_msgid(pinfo, pkth);

/*If this is the first fragment label it as 0, otherwise label it as 'nth'  
*/
guint32 msg_num = get_relative_seq_num (pkth);

len = tvb_reported_length_remaining (tvb, offset);

/*ADD FRAG to SEQ*/
frag_msg = fragment_add_seq_check (tvb, offset, pinfo, msg_seqid, 
msg_fragment_table, msg_reassembled_table, msg_num, len, flags&EOM_FLAG != 
EOM_FLAG);

/*REASSEMBLE DATA*/
new_tvb = process_reassembled_data (tvb, offset, pinfo, "Reassembled 
Message", frag_msg, &msg_fragment_items, NULL, my_proto_tree);


if (frag_msg)

	if (check_col)...... col_append_fstr(......"(Message Reassembled)");


else

	if (check_col)...... col_append_fstr(......"(Message fragment %u)" ....);
if (new_tvb)

next_tvb = new_tvb;

else

next_tvb = tvb_new_subset (tvb, 0, -1,-1); /*GET THE WHOLE TVB*/

} else  next_tvb = tvb_new_subset (tvb, 0, -1, -1);

}

offset = 16; /*The offset must be set so that next routine dissect what's 
next the PKT HEADER*/

if (has_msgheader) process_msg_header (next_tvb, .....);

else process_simple_packet (next_tvb, ....);

}


Now, when the last packet of a frag sequence is sniffed it actually tells me 
"Message Rassembled" and the new_tvb's length is equal to the length of its 
frags (excluded the pkth headers but the first's) but:

A) the detailed pane shows the content of the last packet (and not of the 
reassembled one, I mean I'd expect to be shown the whole payload in the hex 
pane. I've tried with show_fragment... routine but it doesn't seem to work)

B) When opening another capture file soon after it gives me the following  
segmentation fault:

fragment_table_init(&msg_reassebled_table) -> g_hash_table_size()-> range 
copy() -> g_free() -> free()


How come?! : (
Thank you!

_________________________________________________________________
Scarica gratuitamente MSN Toolbar! http://toolbar.msn.it/