Hi, I am building wireshark 2.2.4 in centOs6 using
I changed packet-gtpv2.c by adding some new IEs. Now the problem is some of the new IEs are getting registered, some of not getting registered. And surprisingly some old IEs are also shown not registered. The failed assertion message is shown as (guint)hfindex<gpa_hfinfo.len (Unregistered hf)... Any Idea about the issues? Any upper limit to add a new hf in hf_register_info in gtpv2. asked 19 Jul '17, 01:27 Abhisek edited 19 Jul '17, 02:30 Jaap ♦ |
One Answer:
You are probably better off building the development version as new IEs has been added to the standard code since 2.2.4. What you are describing is probably a bug in your code. answered 19 Jul '17, 01:46 Anders ♦ showing 5 of 6 show 1 more comments |
What i found that IEs are added but there dissection still not yet coded completely in packet-gtpv2.c. So basically I coded the dissectors. For that I follow usual method proto_tree_add_item(....) and added the hf to hf_register_info array. But after adding those hf, the assertion message (guint)hfindex<gpa_hfinfo.len (Unregistered hf!) is shown for some of new as well as old hf. Basically Unregistered hf message will come is the hf is not added in hf_register_info array. But in this case though it's added, the error is shown.
If you enhance the dissector you should commit the code to the Wireshark project. It is impossible or at least hard to figure out what's wrong without seeing the code.
I customised the code for internal purpose. Is it ok if I share the proto_register_gtpv2(....) function content.
It might suffice.
I added the code snippet in answer part.
I added IEs one by one and rebuilt every time, AND at the end GOT A CLEAN EXECUTABLE. What I am thinking that probably the error caused by adding any hf entry more than once in the
array. Anyhow it's great learning...