I can read only until 63 bits (0x7FFFFFFFFFFFFFFF) With full 64-bit values I got this error: [Dissector bug, protocol SNMP: proto.c:1317: failed assertion "length <= 8 && length >= 1"] Can you help me? asked 30 Aug '11, 03:24  Jbit |
2 Answers:
It's a signed/unsigned BER encoding thing. You try to set a Counter64 [APPLICATION 6], which is an unsigned 64 bit integer. That, in BER encoding, results in an extra zero octet prefixed to the value so that it has no sign bit set. That whole value is feed into the presentation routines found in proto.c, but these are fixed size, so a zero octet prefix breaks the size check, as you've seen. So there you have it, a mismatch between TLV encoded values (BER) and fixed size values (typed values). The SNMP dissector should convert between these worlds, obviously it doesn't do a well enough job here. You can file a bug report on this, with a sample capture, at bugs.wireshark.org. answered 30 Aug '11, 05:32  Jaap ♦ |
I haven't done dissector coding myself, but in programming environments that kind of problem usually points to an off-by-one error, meaning that you started counting at 1 to n instead of 0 to n-1. answered 30 Aug '11, 04:15  Jasper ♦♦ |
