Wireshark-bugs: [Wireshark-bugs] [Bug 7061] New Dissector: Binary Floor Control Protocol (BFCP)
Date: Wed, 18 Apr 2012 15:39:07 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7061

--- Comment #16 from patrick.white@xxxxxxxxxxxxx 2012-04-18 15:39:06 PDT ---
(In reply to comment #15)
> Hi,
> 
> This hunk seems suspicious:
> -    if (first_byte != 0x20)
> +    if (first_byte != 0x20 && first_byte != 0x30 )
>          return FALSE;
> 

Ya, it isn't elegant, but in the updated BFCP rfc the 4th bit is the "I" or
transaction-initiator. So now the options for the first byte are either 0x20 or
0x30. I was hacking to get this working.

> If hf_bfcp_payload is no more used, simply remove it:
> +//                proto_tree_add_item(bfcp_tree, hf_bfcp_payload, tvb,
> +//                BFCP_OFFSET_PAYLOAD, bfcp_payload_length,
> +//                ENC_NA);
> Or should it be used to display the remaining bytes of the payload after
> analyzing the 2/3 first bytes?

That's a good idea. I can try to add that.

> 
> If the protocol can run on UDP also, it's probably time to rename the
> dissection function:
> +        heur_dissector_add ("udp", dissect_bfcp_tcp, proto_bfcp);

Ya, that makes sense. This is my first wireshark plugin dev, and was hacking
this pretty quick ( as I am at the IMTC SuperOp! right now doing a lot of bfcp
testing ). What do you recommend for the name?

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.