diff options
| author | Guy Harris <guy@alum.mit.edu> | 2013-04-18 02:31:45 +0000 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2013-04-18 02:31:45 +0000 |
| commit | c2087da0abbe58229f7add0da6df77e0fcb4c549 (patch) | |
| tree | f83420e959f85eec37f6a2c03134fd720464470b /epan/reassemble.h | |
| parent | 6bfd0bb9d5cc879a41253b2cc9828560ea313ad8 (diff) | |
| download | wireshark-c2087da0abbe58229f7add0da6df77e0fcb4c549.tar.gz | |
When we throw a reassembly error, remember the error, so that, if we
revisit this reassembly (in a multi-pass program such as Wireshark, or
TShark with -2), we'll throw the same error.
In fragment_set_tot_len(), allow the length to be set to a value that's
before the offset of existing fragments; we'll catch that later when the
reassembly completes. This lets us handle some problems with DTLS less
confusingly.
When adding frames to an already-completed reassembly, check for
fragments that overlap existing fragments or go past the end of the
reassembly, and report errors.
When completing a reassembly, make the buffer for the reassembled data
big enough to contain the specified data length for the reassembly, even
if that's less than the offset + length of the last fragment. Flag all
fragments that go past that length as "too long", and only copy out what
part of them fits, if any. That lets us flag the correct fragment or
fragments as being "too long".
When adding fragments, do some additional checks, even if we're not
doing the first pass through the packets, so errors that show up in the
first pass also show up on subsequent passes.
svn path=/trunk/; revision=48909
Diffstat (limited to 'epan/reassemble.h')
| -rw-r--r-- | epan/reassemble.h | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/epan/reassemble.h b/epan/reassemble.h index 69a8de731a..833b545a64 100644 --- a/epan/reassemble.h +++ b/epan/reassemble.h @@ -43,7 +43,8 @@ /* more than one fragment which indicates end-of data */ #define FD_MULTIPLETAILS 0x0008 -/* fragment contains data past the end of the datagram */ +/* fragment starts before the end of the datagram but extends + past the end of the datagram */ #define FD_TOOLONGFRAGMENT 0x0010 /* fragment data not alloc'ed, fd->data pointing to fd_head->data+fd->offset */ @@ -71,12 +72,13 @@ typedef struct _fragment_data { struct _fragment_data *next; - guint32 frame; - guint32 offset; - guint32 len; + guint32 frame; /* XXX - does this apply to reassembly heads? */ + guint32 offset; /* XXX - does this apply to reassembly heads? */ + guint32 len; /* XXX - does this apply to reassembly heads? */ guint32 fragment_nr_offset; /* offset for frame numbering, for sequences, where the * provided fragment number of the first fragment does - * not start with 0 */ + * not start with 0 + * XXX - does this apply only to reassembly heads? */ guint32 datalen; /* Only valid in first item of list and when * flags&FD_DATALEN_SET is set; * number of bytes or (if flags&FD_BLOCKSEQUENCE set) @@ -84,8 +86,20 @@ typedef struct _fragment_data { guint32 reassembled_in; /* frame where this PDU was reassembled, only valid in the first item of the list and when FD_DEFRAGMENTED is set*/ - guint32 flags; - unsigned char *data; + guint32 flags; /* XXX - do some of these apply only to reassembly + heads and others only to fragments within + a reassembly? */ + guint8 *data; + + /* + * Null if the reassembly had no error; non-null if it had + * an error, in which case it's the string for the error. + * + * XXX - this is wasted in all but the reassembly head; we + * should probably have separate data structures for a + * reassembly and for the fragments in a reassembly. + */ + const char *error; } fragment_data; |