Hello, I'm writing a dissector right now, and I want it to verify that incoming packets are the right length. Is there a way I can throw a malformed packet exception once I find out that the packet isn't the right size? I already have code that checks if the size is correct, I just don't know how to throw the exception, and Google has only brought me to people with questions about why their packets are being marked as malformed. I was looking at the THROW() function but there was nothing for malformed packet exceptions. Any advice? asked 06 Jul '15, 06:37  broccollirob edited 06 Jul '15, 06:38 |
One Answer:
If you encounter a situation which cannot be handled by the dissector, you could use the Most of the time however you want to dissect as much as possible and let the If you can fully dissect a packet, but would like to notify the user of protocol violations, then it is recommended to use Expert Info. See https://wiki.wireshark.org/Development/ExpertInfo for more information and the doc/packet-PROTOABBREV.c file for an example. answered 06 Jul '15, 08:37  Lekensteyn |
