自学教程：C++ tvb_captured_length函数代码示例

static intdissect_nsh(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_){	int offset = 0;	int md_type = -1;	int nsh_bytes_len = 0;	int nsh_next_proto = -1;	int captured_length;	tvbuff_t *next_tvb;	col_set_str(pinfo->cinfo, COL_PROTOCOL, "NSH");	col_set_str(pinfo->cinfo, COL_INFO, "Network Service Header");	captured_length = tvb_captured_length(tvb);	if (tree) {		proto_item *ti;		proto_tree *nsh_tree;		/* Bits 10 - 15 contain length value */		nsh_bytes_len = 4 * tvb_get_bits8(tvb, 10, 6);		ti = proto_tree_add_item(tree, proto_nsh, tvb, offset, nsh_bytes_len, ENC_NA);		nsh_tree = proto_item_add_subtree(ti, ett_nsh);		/*NSH Base Header*/		proto_tree_add_item(nsh_tree, hf_nsh_version, tvb, offset, 2, ENC_BIG_ENDIAN);

/* XXX - "packet comment" is passed into dissector as data, but currently doesn't have a use */static intdissect_file_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data){	proto_item  *volatile ti = NULL;	guint	     cap_len = 0, frame_len = 0;	proto_tree  *volatile fh_tree = NULL;	proto_tree  *volatile tree;	proto_item  *item;	const gchar *cap_plurality, *frame_plurality;	const color_filter_t *color_filter;	file_data_t *file_data = (file_data_t*)data;	tree=parent_tree;	pinfo->current_proto = "File";	/* if FILE is not referenced from any filters we don't need to worry about	   generating any tree items.  */	if(!proto_field_is_referenced(tree, proto_file)) {		tree=NULL;	} else {		gboolean old_visible;		/* Put in frame header information. */		cap_len = tvb_captured_length(tvb);		frame_len = tvb_reported_length(tvb);		cap_plurality = plurality(cap_len, "", "s");		frame_plurality = plurality(frame_len, "", "s");		ti = proto_tree_add_protocol_format(tree, proto_file, tvb, 0, -1,		    "File record %u: %u byte%s",		    pinfo->fd->num, frame_len, frame_plurality);		proto_item_append_text(ti, ", %u byte%s",		    cap_len, cap_plurality);		fh_tree = proto_item_add_subtree(ti, ett_file);		proto_tree_add_int(fh_tree, hf_file_ftap_encap, tvb, 0, 0, pinfo->fd->lnk_t);		proto_tree_add_uint(fh_tree, hf_file_record_number, tvb, 0, 0, pinfo->fd->num);		proto_tree_add_uint_format(fh_tree, hf_file_record_len, tvb,					   0, 0, frame_len, "Record Length: %u byte%s (%u bits)",					   frame_len, frame_plurality, frame_len * 8);		ti = proto_tree_add_boolean(fh_tree, hf_file_marked, tvb, 0, 0,pinfo->fd->flags.marked);		PROTO_ITEM_SET_GENERATED(ti);		ti = proto_tree_add_boolean(fh_tree, hf_file_ignored, tvb, 0, 0,pinfo->fd->flags.ignored);		PROTO_ITEM_SET_GENERATED(ti);		if(proto_field_is_referenced(tree, hf_file_protocols)) {			/* we are going to be using proto_item_append_string() on			 * hf_frame_protocols, and we must therefore disable the			 * TRY_TO_FAKE_THIS_ITEM() optimisation for the tree by			 * setting it as visible.			 *			 * See proto.h for details.			 */			old_visible = proto_tree_set_visible(fh_tree, TRUE);			ti = proto_tree_add_string(fh_tree, hf_file_protocols, tvb, 0, 0, "");			PROTO_ITEM_SET_GENERATED(ti);			proto_tree_set_visible(fh_tree, old_visible);		}		if(pinfo->fd->pfd != 0){			proto_item *ppd_item;			guint num_entries = g_slist_length(pinfo->fd->pfd);			guint i;			ppd_item = proto_tree_add_uint(fh_tree, hf_file_num_p_prot_data, tvb, 0, 0, num_entries);			PROTO_ITEM_SET_GENERATED(ppd_item);			for(i=0; i<num_entries; i++){				gchar* str = p_get_proto_name_and_key(wmem_file_scope(), pinfo, i);				proto_tree_add_string_format(fh_tree, hf_file_proto_name_and_key, tvb, 0, 0, str, "%s", str);			}		}#if 0		if (show_file_off) {			proto_tree_add_int64_format_value(fh_tree, hf_frame_file_off, tvb,						    0, 0, pinfo->fd->file_off,						    "%" G_GINT64_MODIFIER "d (0x%" G_GINT64_MODIFIER "x)",						    pinfo->fd->file_off, pinfo->fd->file_off);		}#endif	}	if (pinfo->fd->flags.ignored) {		/* Ignored package, stop handling here */		col_set_str(pinfo->cinfo, COL_INFO, "<Ignored>");		proto_tree_add_boolean_format(tree, hf_file_ignored, tvb, 0, -1, TRUE, "This record is marked as ignored");		return tvb_captured_length(tvb);	}	/* Portable Exception Handling to trap Wireshark specific exceptions like BoundsError exceptions */	TRY {#ifdef _MSC_VER		/* Win32: Visual-C Structured Exception Handling (SEH) to trap hardware exceptions//.........这里部分代码省略.........

/* * Main dissection routine. */static gbooleandissect_iwarp_mpa(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data){	tvbuff_t *next_tvb = NULL;	conversation_t *conversation = NULL;	mpa_state_t *state = NULL;	struct tcpinfo *tcpinfo;	guint8 endpoint = 3;	guint16 ulpdu_length = 0;	if (data == NULL)		return FALSE;	tcpinfo = (struct tcpinfo *)data;	/* FPDU */	if (tvb_captured_length(tvb) >= MPA_SMALLEST_FPDU_LEN && is_mpa_fpdu(pinfo)) {		conversation = find_conversation(pinfo->num, &pinfo->src,				&pinfo->dst, pinfo->ptype, pinfo->srcport, pinfo->destport, 0);		state = get_mpa_state(conversation);		if (pinfo->srcport == state->minfo[MPA_INITIATOR].port) {			endpoint = MPA_INITIATOR;		} else if (pinfo->srcport == state->minfo[MPA_RESPONDER].port) {			endpoint = MPA_RESPONDER;		} else {			REPORT_DISSECTOR_BUG("endpoint cannot be determined");		}		/* Markers are used by either the Initiator or the Responder or both. */		if ((state->ini_exp_m_res || state->res_exp_m_ini) && endpoint <= MPA_RESPONDER) {			/* find the TCP sequence number of the first FPDU */			if (!state->minfo[endpoint].valid) {				state->minfo[endpoint].seq = tcpinfo->seq;				state->minfo[endpoint].valid = TRUE;			}		}		/* dissect FPDU */		ulpdu_length = dissect_mpa_fpdu(tvb, pinfo, tree, state, tcpinfo,				endpoint);		/* an ulpdu_length of 0 should never happen */		if (!ulpdu_length)			return FALSE;		/* removes Markers if any and prepares new tvbuff for next dissector */		if (endpoint <= MPA_RESPONDER && state->minfo[endpoint].valid				&& number_of_markers(state, tcpinfo, endpoint) > 0) {			next_tvb = tvb_new_subset_length(remove_markers(tvb, pinfo,					get_first_marker_offset(state, tcpinfo, endpoint),					number_of_markers(state, tcpinfo, endpoint),					fpdu_total_length(tcpinfo)), MPA_ULPDU_LENGTH_LEN,					ulpdu_length);		} else {			next_tvb = tvb_new_subset_length(tvb, MPA_ULPDU_LENGTH_LEN, ulpdu_length);		}		/* call subdissector */		if (ddp_rdmap_handle) {			call_dissector(ddp_rdmap_handle, next_tvb, pinfo, tree);		} else {			REPORT_DISSECTOR_BUG("ddp_handle was null");		}		return TRUE;	}	/* MPA REQUEST or MPA REPLY */	if (tvb_captured_length(tvb) >= MPA_REQ_REP_FRAME_HEADER_LEN) {		if (is_mpa_req(tvb, pinfo))			return dissect_mpa_req_rep(tvb, pinfo, tree, MPA_REQUEST_FRAME);		else if (is_mpa_rep(tvb, pinfo))			return dissect_mpa_req_rep(tvb, pinfo, tree, MPA_REPLY_FRAME);	}	return FALSE;}

/* * Add an Ethernet trailer - which, for some captures, might be the FCS * rather than a pad-to-60-bytes trailer. * * If fcs_len is 0, we assume the frame has no FCS; if it's 4, we assume * it has an FCS; if it's anything else (such as -1, which means "maybe * it does, maybe it doesn't"), we try to infer whether it has an FCS. */voidadd_ethernet_trailer(packet_info *pinfo, proto_tree *tree, proto_tree *fh_tree,    int trailer_id, tvbuff_t *tvb, tvbuff_t *trailer_tvb, int fcs_len){  /* If there're some bytes left over, it could be a combination of:     - padding to meet the minimum 64 byte frame length     - an FCS, if present (if fcs_len is 0, we know it's not present;       if fcs_len is 4, we know it's present; if fcs_len is -1, we       need some heuristics to determine whether it's present)     - information inserted by TAPs or other network monitoring equipment.     If we don't know whether the FCS is present, then, if we don't have a     network monitoring trailer, and if the Ethernet frame was claimed to     have had 64 or more bytes - i.e., it was at least an FCS worth of data     longer than the minimum payload size - we could assume the last 4 bytes     of the trailer are an FCS. */  proto_item *item;  proto_tree *checksum_tree;  heur_dtbl_entry_t *hdtbl_entry;  if (trailer_tvb) {    guint trailer_length, trailer_reported_length;    guint padding_length = 0;    gboolean has_fcs = FALSE;    tvbuff_t *real_trailer_tvb;    trailer_length = tvb_captured_length(trailer_tvb);    trailer_reported_length = tvb_reported_length(trailer_tvb);    /* There can not have been padding when the length of the frame (including the       trailer) is less than 60 bytes. */    if (eth_assume_padding && pinfo->fd->pkt_len>=60) {        /* Calculate the amount of padding needed for a minimum sized frame */        if ( (pinfo->fd->pkt_len - trailer_reported_length) < 60 )            padding_length = 60 - (pinfo->fd->pkt_len - trailer_reported_length);        /* Add the padding to the tree, unless it should be treated as           part of the trailer and therefor be handed over to (one of)           the ethernet-trailer dissectors */        if (padding_length > 0) {            tvb_ensure_bytes_exist(tvb, 0, padding_length);            proto_tree_add_item(fh_tree, hf_eth_padding, trailer_tvb, 0,                padding_length, ENC_NA);            trailer_length -= padding_length;            trailer_reported_length -= padding_length;        }    }    if (fcs_len != 0) {      /* If fcs_len is 4, we assume we definitely have an FCS.         Otherwise, then, if the frame is big enough that, if we         have a trailer, it probably inclues an FCS, and we have         enough space in the trailer for the FCS, we assume we         have an FCS.         "Big enough" means 64 bytes or more; any frame that big         needs no trailer, as there's no need to pad an Ethernet         packet past 60 bytes.         The trailer must be at least 4 bytes long to have enough         space for an FCS. */      if (fcs_len == 4 || (tvb_reported_length(tvb) >= 64 &&        trailer_reported_length >= 4)) {        /* Either we know we have an FCS, or we believe we have an FCS. */        if (trailer_length < trailer_reported_length) {          /* The packet is claimed to have enough data for a 4-byte FCS,             but we didn't capture all of the packet.             Slice off the 4-byte FCS from the reported length, and             trim the captured length so it's no more than the reported             length; that will slice off what of the FCS, if any, is             in the captured packet. */          trailer_reported_length -= 4;          if (trailer_length > trailer_reported_length)            trailer_length = trailer_reported_length;          has_fcs = TRUE;        } else {          /* We captured all of the packet, including what appears to             be a 4-byte FCS.  Slice it off. */          trailer_length -= 4;          trailer_reported_length -= 4;          has_fcs = TRUE;        }      }    }    /* Create a new tvb without the padding and/or the (assumed) fcs */    if (fcs_len==4)      real_trailer_tvb = tvb_new_subset(trailer_tvb, padding_length,                                trailer_length, trailer_reported_length);    else      real_trailer_tvb = tvb_new_subset_remaining(trailer_tvb, padding_length);//.........这里部分代码省略.........

static intdissect_t125(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void *data _U_){  proto_item *item = NULL;  proto_tree *tree = NULL;  gint8 ber_class;  gboolean pc;  gint32 tag;  top_tree = parent_tree;  col_set_str(pinfo->cinfo, COL_PROTOCOL, "T.125");  col_clear(pinfo->cinfo, COL_INFO);  item = proto_tree_add_item(parent_tree, proto_t125, tvb, 0, tvb_captured_length(tvb), ENC_NA);  tree = proto_item_add_subtree(item, ett_t125);  get_ber_identifier(tvb, 0, &ber_class, &pc, &tag);  if ( (ber_class==BER_CLASS_APP) && (tag>=101) && (tag<=104) ){    dissect_ConnectMCSPDU_PDU(tvb, pinfo, tree, NULL);  } else  {    t124_set_top_tree(top_tree);    dissect_DomainMCSPDU_PDU(tvb, pinfo, tree);  }  return tvb_captured_length(tvb);}static gboolean

//.........这里部分代码省略.........	}	if(pinfo->pkt_comment){		item = proto_tree_add_item(tree, proto_pkt_comment, tvb, 0, 0, ENC_NA);		comments_tree = proto_item_add_subtree(item, ett_comments);		comment_item = proto_tree_add_string_format(comments_tree, hf_comments_text, tvb, 0, 0,							                   pinfo->pkt_comment, "%s",							                   pinfo->pkt_comment);		expert_add_info_format(pinfo, comment_item, &ei_comments_text,					                       "%s",  pinfo->pkt_comment);	}	/* if FRAME is not referenced from any filters we don't need to worry about	   generating any tree items.  */	if(!proto_field_is_referenced(tree, proto_frame)) {		tree=NULL;		if(pinfo->fd->flags.has_ts) {			if(pinfo->fd->abs_ts.nsecs < 0 || pinfo->fd->abs_ts.nsecs >= 1000000000)				expert_add_info(pinfo, NULL, &ei_arrive_time_out_of_range);		}	} else {		proto_tree *fh_tree;		gboolean old_visible;		/* Put in frame header information. */		cap_len = tvb_length(tvb);		frame_len = tvb_reported_length(tvb);		cap_plurality = plurality(cap_len, "", "s");		frame_plurality = plurality(frame_len, "", "s");		ti = proto_tree_add_protocol_format(tree, proto_frame, tvb, 0, tvb_captured_length(tvb),		    "Frame %u: %u byte%s on wire",		    pinfo->fd->num, frame_len, frame_plurality);		if (generate_bits_field)			proto_item_append_text(ti, " (%u bits)", frame_len * 8);		proto_item_append_text(ti, ", %u byte%s captured",		    cap_len, cap_plurality);		if (generate_bits_field) {			proto_item_append_text(ti, " (%u bits)",			    cap_len * 8);		}		if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID) {			proto_item_append_text(ti, " on interface %u",			    pinfo->phdr->interface_id);		}		if (pinfo->phdr->presence_flags & WTAP_HAS_PACK_FLAGS) {			if (pinfo->phdr->pack_flags & 0x00000001) {				proto_item_append_text(ti, " (inbound)");				pinfo->p2p_dir = P2P_DIR_RECV;			}			if (pinfo->phdr->pack_flags & 0x00000002) {				proto_item_append_text(ti, " (outbound)");				pinfo->p2p_dir = P2P_DIR_SENT;			}		}		fh_tree = proto_item_add_subtree(ti, ett_frame);		if (pinfo->phdr->presence_flags & WTAP_HAS_INTERFACE_ID && proto_field_is_referenced(tree, hf_frame_interface_id)) {			const char *interface_name = epan_get_interface_name(pinfo->epan, pinfo->phdr->interface_id);			if (interface_name)				proto_tree_add_uint_format_value(fh_tree, hf_frame_interface_id, tvb, 0, 0, pinfo->phdr->interface_id, "%u (%s)", pinfo->phdr->interface_id, interface_name);

/** Dissect P1 PDUs inside a PPDU.*/static intdissect_p1(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data){	int offset = 0;	int old_offset;	proto_item *item;	proto_tree *tree;	struct SESSION_DATA_STRUCTURE* session;	int (*p1_dissector)(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_, proto_tree *tree, int hf_index _U_) = NULL;	const char *p1_op_name;	int hf_p1_index = -1;	asn1_ctx_t asn1_ctx;	asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);	/* do we have operation information from the ROS dissector? */	if (data == NULL)		return 0;	session  = (struct SESSION_DATA_STRUCTURE*)data;	/* save parent_tree so subdissectors can create new top nodes */	p1_initialize_content_globals (&asn1_ctx, parent_tree, TRUE);	asn1_ctx.private_data = session;	item = proto_tree_add_item(parent_tree, proto_p1, tvb, 0, -1, ENC_NA);	tree = proto_item_add_subtree(item, ett_p1);	col_set_str(pinfo->cinfo, COL_PROTOCOL, "P1");	col_clear(pinfo->cinfo, COL_INFO);	switch(session->ros_op & ROS_OP_MASK) {	case (ROS_OP_BIND | ROS_OP_ARGUMENT):	/*  BindInvoke */	  p1_dissector = dissect_p1_MTABindArgument;	  p1_op_name = "Bind-Argument";	  hf_p1_index = hf_p1_MTABindArgument_PDU;	  break;	case (ROS_OP_BIND | ROS_OP_RESULT):	/*  BindResult */	  p1_dissector = dissect_p1_MTABindResult;	  p1_op_name = "Bind-Result";	  hf_p1_index = hf_p1_MTABindResult_PDU;	  break;	case (ROS_OP_BIND | ROS_OP_ERROR):	/*  BindError */	  p1_dissector = dissect_p1_MTABindError;	  p1_op_name = "Bind-Error";	  hf_p1_index = hf_p1_MTABindError_PDU;	  break;	case (ROS_OP_INVOKE | ROS_OP_ARGUMENT):	/*  Invoke Argument */	  p1_dissector = dissect_p1_MTS_APDU;	  p1_op_name = "Transfer";	  hf_p1_index = hf_p1_MTS_APDU_PDU;	  break;	default:	  proto_tree_add_text(tree, tvb, offset, -1,"Unsupported P1 PDU");	  return tvb_captured_length(tvb);	}	col_set_str(pinfo->cinfo, COL_INFO, p1_op_name);	while (tvb_reported_length_remaining(tvb, offset) > 0){		old_offset=offset;		offset=(*p1_dissector)(FALSE, tvb, offset, &asn1_ctx , tree, hf_p1_index);		if(offset == old_offset){			proto_tree_add_text(tree, tvb, offset, -1,"Internal error, zero-byte P1 PDU");			break;		}	}	p1_initialize_content_globals (&asn1_ctx, NULL, FALSE);	return tvb_captured_length(tvb);}

// Draw a line of byte view text for a given offset.// Text with different styles are split into fragments and passed to// flushOffsetFragment. Font character widths aren't necessarily whole// numbers so we track our X coordinate position using using floats.void ByteViewText::drawOffsetLine(QPainter &painter, const guint offset, const int row_y){    if (!tvb_) {        return;    }    guint tvb_len = tvb_captured_length(tvb_);    guint max_pos = qMin(offset + row_width_, tvb_len);    const guint8 *pd = tvb_get_ptr(tvb_, 0, -1);    static const guchar hexchars[16] = {        '0', '1', '2', '3', '4', '5', '6', '7',        '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };    QString text;    highlight_state state = StateNormal, offset_state = StateOffsetNormal;    qreal hex_x = offsetPixels() + margin_;    qreal ascii_x = offsetPixels() + hexPixels() + margin_;    // Hex    if (show_hex_) {        for (guint tvb_pos = offset; tvb_pos < max_pos; tvb_pos++) {            highlight_state hex_state = StateNormal;            bool add_space = tvb_pos != offset;            if ((tvb_pos >= f_bound_.first && tvb_pos < f_bound_.second) || (tvb_pos >= fa_bound_.first && tvb_pos < fa_bound_.second)) {                hex_state = StateField;                offset_state = StateOffsetField;            } else if (tvb_pos >= p_bound_.first && tvb_pos < p_bound_.second) {                hex_state = StateProtocol;            }            if (hex_state != state) {                if ((state == StateNormal || (state == StateProtocol && hex_state == StateField)) && add_space) {                    add_space = false;                    text += ' ';                    /* insert a space every separator_interval_ bytes */                    if ((tvb_pos % separator_interval_) == 0)                        text += ' ';                }                hex_x += flushOffsetFragment(painter, hex_x, row_y, state, text);                state = hex_state;            }            if (add_space) {                text += ' ';                /* insert a space every separator_interval_ bytes */                if ((tvb_pos % separator_interval_) == 0)                    text += ' ';            }            switch (recent.gui_bytes_view) {            case BYTES_HEX:                text += hexchars[(pd[tvb_pos] & 0xf0) >> 4];                text += hexchars[pd[tvb_pos] & 0x0f];                break;            case BYTES_BITS:                /* XXX, bitmask */                for (int j = 7; j >= 0; j--)                    text += (pd[tvb_pos] & (1 << j)) ? '1' : '0';                break;            }        }    }    if (text.length() > 0) {        flushOffsetFragment(painter, hex_x, row_y, state, text);    }    state = StateNormal;    // ASCII    if (show_ascii_) {        for (guint tvb_pos = offset; tvb_pos < max_pos; tvb_pos++) {            highlight_state ascii_state = StateNormal;            bool add_space = tvb_pos != offset;            if ((tvb_pos >= f_bound_.first && tvb_pos < f_bound_.second) || (tvb_pos >= fa_bound_.first && tvb_pos < fa_bound_.second)) {                ascii_state = StateField;                offset_state = StateOffsetField;            } else if (tvb_pos >= p_bound_.first && tvb_pos < p_bound_.second) {                ascii_state = StateProtocol;            }            if (ascii_state != state) {                if ((state == StateNormal || (state == StateProtocol && ascii_state == StateField)) && add_space) {                    add_space = false;                    /* insert a space every separator_interval_ bytes */                    if ((tvb_pos % separator_interval_) == 0)                        text += ' ';                }                ascii_x += flushOffsetFragment(painter, ascii_x, row_y, state, text);                state = ascii_state;            }            if (add_space) {                /* insert a space every separator_interval_ bytes */                if ((tvb_pos % separator_interval_) == 0)                    text += ' ';//.........这里部分代码省略.........

static intdissect_gssapi_work(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,		    gboolean is_verifier, gssapi_encrypt_info_t* encrypt_info){	proto_item *volatile item;	proto_tree *volatile subtree;	volatile int return_offset = 0;	gssapi_conv_info_t *volatile gss_info;	gssapi_oid_value *oidvalue;	dissector_handle_t handle;	conversation_t *conversation;	tvbuff_t *oid_tvb;	int len, start_offset, oid_start_offset;	volatile int offset;	gint8 appclass;	gboolean pc, ind_field;	gint32 tag;	guint32 len1;	const char *oid;	fragment_head *fd_head=NULL;	gssapi_frag_info_t *fi;	tvbuff_t *volatile gss_tvb=NULL;	asn1_ctx_t asn1_ctx;	start_offset=0;	offset=0;	asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);	/*	 * We don't know whether the data is encrypted, so say it's	 * not, for now.  The subdissector must set gssapi_data_encrypted	 * if it is.	 */	encrypt_info->gssapi_data_encrypted = FALSE;	/*	 * We need a conversation for later	 */	conversation = find_or_create_conversation(pinfo);	gss_info = (gssapi_conv_info_t *)conversation_get_proto_data(conversation, proto_gssapi);	if (!gss_info) {		gss_info = wmem_new(wmem_file_scope(), gssapi_conv_info_t);		gss_info->oid=NULL;		gss_info->do_reassembly=FALSE;		gss_info->frags=wmem_tree_new(wmem_file_scope());		conversation_add_proto_data(conversation, proto_gssapi, gss_info);	}	item = proto_tree_add_item(		tree, proto_gssapi, tvb, offset, -1, ENC_NA);	subtree = proto_item_add_subtree(item, ett_gssapi);	/*	 * Catch the ReportedBoundsError exception; the stuff we've been	 * handed doesn't necessarily run to the end of the packet, it's	 * an item inside a packet, so if it happens to be malformed (or	 * we, or a dissector we call, has a bug), so that an exception	 * is thrown, we want to report the error, but return and let	 * our caller dissect the rest of the packet.	 *	 * If it gets a BoundsError, we can stop, as there's nothing more	 * in the packet after our blob to see, so we just re-throw the	 * exception.	 */	TRY {		gss_tvb=tvb;		/* First of all, if it's the first time we see this packet		 * then check whether we are in the middle of reassembly or not		 */		if( (!pinfo->fd->flags.visited)		&&  (gss_info->do_reassembly)		&&  (gssapi_reassembly) ){			fi=(gssapi_frag_info_t *)wmem_tree_lookup32(gss_info->frags, gss_info->first_frame);			if(!fi){				goto done;			}			wmem_tree_insert32(gss_info->frags, pinfo->num, fi);			fd_head=fragment_add(&gssapi_reassembly_table,				tvb, 0, pinfo, fi->first_frame, NULL,				gss_info->frag_offset,				tvb_captured_length(tvb), TRUE);			gss_info->frag_offset+=tvb_captured_length(tvb);			/* we need more fragments */			if(!fd_head){				goto done;			}			/* this blob is now fully reassembled */			gss_info->do_reassembly=FALSE;			fi->reassembled_in=pinfo->num;			gss_tvb=tvb_new_chain(tvb, fd_head->tvb_data);			add_new_data_source(pinfo, gss_tvb, "Reassembled GSSAPI");		}//.........这里部分代码省略.........

static intdissect_ipmi_cmd(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,		gint hf_parent_item, gint ett_tree, const ipmi_context_t * ctx){	ipmi_packet_data_t * data;	ipmi_netfn_t * cmd_list;	ipmi_cmd_t * cmd;	proto_item * ti;	proto_tree * cmd_tree = NULL, * tmp_tree;	guint8 prev_level, cc_val;	guint offset, siglen, is_resp;	const char * cc_str, * netfn_str;	/* get packet data */	data = get_packet_data(pinfo);	if (!data) {		return 0;	}	/* get prefix length */	siglen = ipmi_getsiglen(ctx->hdr.netfn);	/* get response flag */	is_resp = ctx->hdr.netfn & 1;	/* check message length */	if (tvb_captured_length(tvb) < ctx->hdr_len + siglen + is_resp			+ !(ctx->flags & IPMI_D_NO_CKS)) {		/* don bother with anything */		return call_data_dissector(tvb, pinfo, tree);	}	/* save nest level */	prev_level = data->curr_level;	/* assign next nest level */	data->curr_level = data->next_level;	/* increment next nest level */	data->next_level++;	/* check for the first invocation */	if (!data->curr_level) {		/* get current frame data */		data->curr_frame = get_frame_data(data, pinfo->num);		data->curr_frame_num = pinfo->num;		/* copy frame timestamp */		memcpy(&data->curr_frame->ts, &pinfo->abs_ts, sizeof(nstime_t));		/* cache channel and direction */		data->curr_channel = ctx->hdr.channel;		data->curr_dir = ctx->hdr.dir;		/* remove requests which are too old */		remove_old_requests(data, &pinfo->abs_ts);	}	if (data->curr_level < MAX_NEST_LEVEL) {		if (ctx->hdr.netfn & 1) {			/* perform request/response matching */			match_request_response(data, &ctx->hdr, ctx->flags);		} else {			/* add request to the list for later matching */			add_request(data, &ctx->hdr);		}	}	/* get command list by network function code */	cmd_list = ipmi_getnetfn(ctx->hdr.netfn,			tvb_get_ptr(tvb, ctx->hdr_len + is_resp, siglen));	/* get command descriptor */	cmd = ipmi_getcmd(cmd_list, ctx->hdr.cmd);	/* check if response */	if (is_resp) {		/* get completion code */		cc_val = tvb_get_guint8(tvb, ctx->hdr_len);		/* get completion code desc */		cc_str = ipmi_get_completion_code(cc_val, cmd);	} else {		cc_val = 0;		cc_str = NULL;	}	/* check if not inside a message */	if (!data->curr_level) {		/* add packet info */		add_command_info(pinfo, cmd, is_resp, cc_val, cc_str,				ctx->flags & IPMI_D_BROADCAST ? TRUE : FALSE);	}	if (tree) {		/* add parent node */		if (!data->curr_level) {			ti = proto_tree_add_item(tree, hf_parent_item, tvb, 0, -1, ENC_NA);			cmd_tree = proto_item_add_subtree(ti, ett_tree);		} else {//.........这里部分代码省略.........

//.........这里部分代码省略.........                pushInt64(L,(Int64)(fvalue_get_sinteger64(&(fi->ws_fi->value))));                return 1;            }        case FT_UINT64: {                pushUInt64(L,fvalue_get_uinteger64(&(fi->ws_fi->value)));                return 1;            }        case FT_ETHER: {                Address eth = (Address)g_malloc(sizeof(address));                eth->type = AT_ETHER;                eth->len = fi->ws_fi->length;                eth->data = tvb_memdup(NULL,fi->ws_fi->ds_tvb,fi->ws_fi->start,fi->ws_fi->length);                pushAddress(L,eth);                return 1;            }        case FT_IPv4:{                Address ipv4 = (Address)g_malloc(sizeof(address));                ipv4->type = AT_IPv4;                ipv4->len = fi->ws_fi->length;                ipv4->data = tvb_memdup(NULL,fi->ws_fi->ds_tvb,fi->ws_fi->start,fi->ws_fi->length);                pushAddress(L,ipv4);                return 1;            }        case FT_IPv6: {                Address ipv6 = (Address)g_malloc(sizeof(address));                ipv6->type = AT_IPv6;                ipv6->len = fi->ws_fi->length;                ipv6->data = tvb_memdup(NULL,fi->ws_fi->ds_tvb,fi->ws_fi->start,fi->ws_fi->length);                pushAddress(L,ipv6);                return 1;            }        case FT_FCWWN: {                Address fcwwn = (Address)g_malloc(sizeof(address));                fcwwn->type = AT_FCWWN;                fcwwn->len = fi->ws_fi->length;                fcwwn->data = tvb_memdup(NULL,fi->ws_fi->ds_tvb,fi->ws_fi->start,fi->ws_fi->length);                pushAddress(L,fcwwn);                return 1;            }        case FT_IPXNET:{                Address ipx = (Address)g_malloc(sizeof(address));                ipx->type = AT_IPX;                ipx->len = fi->ws_fi->length;                ipx->data = tvb_memdup(NULL,fi->ws_fi->ds_tvb,fi->ws_fi->start,fi->ws_fi->length);                pushAddress(L,ipx);                return 1;            }        case FT_ABSOLUTE_TIME:        case FT_RELATIVE_TIME: {                NSTime nstime = (NSTime)g_malloc(sizeof(nstime_t));                *nstime = *(NSTime)fvalue_get(&(fi->ws_fi->value));                pushNSTime(L,nstime);                return 1;            }        case FT_STRING:        case FT_STRINGZ: {                gchar* repr = fvalue_to_string_repr(&fi->ws_fi->value,FTREPR_DISPLAY,BASE_NONE,NULL);                if (repr)                    lua_pushstring(L,repr);                else                    luaL_error(L,"field cannot be represented as string because it may contain invalid characters");                return 1;            }        case FT_NONE:                if (fi->ws_fi->length > 0 && fi->ws_fi->rep) {                    /* it has a length, but calling fvalue_get() on an FT_NONE asserts,                       so get the label instead (it's a FT_NONE, so a label is what it basically is) */                    lua_pushstring(L, fi->ws_fi->rep->representation);                    return 1;                }                return 0;        case FT_BYTES:        case FT_UINT_BYTES:        case FT_REL_OID:        case FT_SYSTEM_ID:        case FT_OID:            {                ByteArray ba = g_byte_array_new();                g_byte_array_append(ba, (const guint8 *) fvalue_get(&fi->ws_fi->value),                                    fvalue_length(&fi->ws_fi->value));                pushByteArray(L,ba);                return 1;            }        case FT_PROTOCOL:            {                ByteArray ba = g_byte_array_new();                tvbuff_t* tvb = (tvbuff_t *) fvalue_get(&fi->ws_fi->value);                g_byte_array_append(ba, (const guint8 *)tvb_memdup(wmem_packet_scope(), tvb, 0,                                            tvb_captured_length(tvb)), tvb_captured_length(tvb));                pushByteArray(L,ba);                return 1;            }        case FT_GUID:        default:                luaL_error(L,"FT_ not yet supported");                return 1;    }}

/** Dissect RTSE PDUs inside a PPDU.*/static intdissect_rtse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data){    int offset = 0;    int old_offset;    proto_item *item;    proto_tree *tree;    proto_tree *next_tree=NULL;    tvbuff_t *next_tvb = NULL;    tvbuff_t *data_tvb = NULL;    fragment_head *frag_msg = NULL;    guint32 fragment_length;    guint32 rtse_id = 0;    gboolean data_handled = FALSE;    struct SESSION_DATA_STRUCTURE* session;    conversation_t *conversation = NULL;    asn1_ctx_t asn1_ctx;    asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);    /* do we have application context from the acse dissector? */    if (data == NULL)        return 0;    session  = (struct SESSION_DATA_STRUCTURE*)data;    /* save parent_tree so subdissectors can create new top nodes */    top_tree=parent_tree;    asn1_ctx.private_data = session;    col_set_str(pinfo->cinfo, COL_PROTOCOL, "RTSE");    col_clear(pinfo->cinfo, COL_INFO);    if (rtse_reassemble &&        ((session->spdu_type == SES_DATA_TRANSFER) ||         (session->spdu_type == SES_MAJOR_SYNC_POINT))) {        /* Use conversation index as fragment id */        conversation  = find_conversation (pinfo->fd->num,                           &pinfo->src, &pinfo->dst, pinfo->ptype,                           pinfo->srcport, pinfo->destport, 0);        if (conversation != NULL) {            rtse_id = conversation->index;        }        session->rtse_reassemble = TRUE;    }    if (rtse_reassemble && session->spdu_type == SES_MAJOR_SYNC_POINT) {        frag_msg = fragment_end_seq_next (&rtse_reassembly_table,                          pinfo, rtse_id, NULL);        next_tvb = process_reassembled_data (tvb, offset, pinfo, "Reassembled RTSE",                             frag_msg, &rtse_frag_items, NULL, parent_tree);    }    item = proto_tree_add_item(parent_tree, proto_rtse, next_tvb ? next_tvb : tvb, 0, -1, ENC_NA);    tree = proto_item_add_subtree(item, ett_rtse);    if (rtse_reassemble && session->spdu_type == SES_DATA_TRANSFER) {        /* strip off the OCTET STRING encoding - including any CONSTRUCTED OCTET STRING */        dissect_ber_octet_string(FALSE, &asn1_ctx, tree, tvb, offset, hf_rtse_segment_data, &data_tvb);        if (data_tvb) {            fragment_length = tvb_captured_length_remaining (data_tvb, 0);            proto_item_append_text(asn1_ctx.created_item, " (%u byte%s)", fragment_length,                                        plurality(fragment_length, "", "s"));            frag_msg = fragment_add_seq_next (&rtse_reassembly_table,                              data_tvb, 0, pinfo,                              rtse_id, NULL,                              fragment_length, TRUE);            if (frag_msg && pinfo->fd->num != frag_msg->reassembled_in) {                /* Add a "Reassembled in" link if not reassembled in this frame */                proto_tree_add_uint (tree, *(rtse_frag_items.hf_reassembled_in),                             data_tvb, 0, 0, frag_msg->reassembled_in);            }            pinfo->fragmented = TRUE;            data_handled = TRUE;        } else {            fragment_length = tvb_captured_length_remaining (tvb, offset);        }        col_append_fstr(pinfo->cinfo, COL_INFO, "[RTSE fragment, %u byte%s]",                    fragment_length, plurality(fragment_length, "", "s"));    } else if (rtse_reassemble && session->spdu_type == SES_MAJOR_SYNC_POINT) {        if (next_tvb) {            /* ROS won't do this for us */            session->ros_op = (ROS_OP_INVOKE | ROS_OP_ARGUMENT);            /*offset=*/dissect_ber_external_type(FALSE, tree, next_tvb, 0, &asn1_ctx, -1, call_rtse_external_type_callback);            top_tree = NULL;            /* Return other than 0 to indicate that we handled this packet */            return 1;        } else {            offset = tvb_captured_length (tvb);        }        pinfo->fragmented = FALSE;        data_handled = TRUE;    }    if (!data_handled) {        while (tvb_reported_length_remaining(tvb, offset) > 0){            old_offset=offset;//.........这里部分代码省略.........

//.........这里部分代码省略.........      proto_tree_add_item(openvpn_tree, hf_openvpn_mpid_arraylength, tvb, offset, 1, ENC_BIG_ENDIAN);      offset += 1;      if (pid_arraylength > 0) {        packetarray_tree = proto_tree_add_subtree(openvpn_tree, tvb, offset, 0, ett_openvpn_packetarray, NULL, "Packet-ID Array");        for (i = 0; i < pid_arraylength; i++) {          proto_tree_add_item(packetarray_tree, hf_openvpn_mpid_arrayelement, tvb, offset, 4, ENC_BIG_ENDIAN);          offset += 4;        }        if (tvb_reported_length_remaining(tvb, offset) >= 8) {          proto_tree_add_item(openvpn_tree, hf_openvpn_rsessionid, tvb, offset, 8, ENC_BIG_ENDIAN);          offset += 8;        }      }    }    /* if we have a P_CONTROL packet */    if (openvpn_opcode != P_ACK_V1) {      /* read Message Packet-ID */      if (tvb_reported_length_remaining(tvb, offset) >= 4) {        msg_mpid = tvb_get_bits32(tvb, offset*8, 32, ENC_BIG_ENDIAN);        proto_tree_add_item(openvpn_tree, hf_openvpn_mpid, tvb, offset, 4, ENC_BIG_ENDIAN);        offset += 4;      }    }  }  /* if we have more data left, determine what to do */  msg_length_remaining = tvb_reported_length_remaining(tvb, offset);  if (msg_length_remaining == 0) {    return tvb_captured_length(tvb);  }  if (openvpn_opcode != P_CONTROL_V1) {    proto_tree *data_tree;    data_tree = proto_tree_add_subtree_format(openvpn_tree, tvb, offset, -1,                              ett_openvpn_data, NULL, "Data (%d bytes)",                              tvb_captured_length_remaining(tvb, offset));    proto_tree_add_item(data_tree, hf_openvpn_data, tvb, offset, -1, ENC_NA);    return tvb_captured_length(tvb);  }  /* Try to reassemble */  /* an ordinary openvpn control packet contains 100 bytes only if it is part of a     fragmented message and is not the last fragment of the current transmission.     Note that the tvb contains exactly one openvpn PDU:     UDP: by definition;     TCP: because of the use of tcp_dissect_pdus().  */  if (msg_length_remaining == 100) {    msg_lastframe = FALSE;  } else {    msg_lastframe = TRUE;  }  save_fragmented = pinfo->fragmented;  pinfo->fragmented = TRUE;  frag_msg = fragment_add_seq_next(    &msg_reassembly_table,    tvb,

static gintdissect_btmcap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_){    proto_item *main_item;    proto_tree *main_tree;    proto_item *pitem;    gint        offset = 0;    guint32     op_code;    guint32     response_code;    guint32     mdl_id;    guint32     mdep_id;    guint32     bluetooth_clock_sync_time;    guint64     timestamp_sync_time;    main_item = proto_tree_add_item(tree, proto_btmcap, tvb, offset, tvb_captured_length(tvb), ENC_NA);    main_tree = proto_item_add_subtree(main_item, ett_btmcap);    col_set_str(pinfo->cinfo, COL_PROTOCOL, "MCAP");    switch (pinfo->p2p_dir) {        case P2P_DIR_SENT:            col_set_str(pinfo->cinfo, COL_INFO, "Sent ");            break;        case P2P_DIR_RECV:            col_set_str(pinfo->cinfo, COL_INFO, "Rcvd ");            break;        default:            col_set_str(pinfo->cinfo, COL_INFO, "UnknownDirection ");            break;    }

static gbooleandissect_fcip (tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,              gboolean check_port){    gint offset = 0,         start  = 0,         frame_len = 0;    gint bytes_remaining = tvb_captured_length (tvb);    guint8 pflags, sof = 0, eof = 0;   /* Set up structures needed to add the protocol subtree and manage it */    proto_item *ti;    proto_tree *fcip_tree = NULL;    tvbuff_t *next_tvb;    fc_data_t fc_data;    if (bytes_remaining < FCIP_ENCAP_HEADER_LEN) {        return FALSE;    }    if (check_port &&        ((pinfo->srcport != fcip_port) && (pinfo->destport != fcip_port))) {        return FALSE;    }    while (bytes_remaining > FCIP_ENCAP_HEADER_LEN) {        if ((offset = get_next_fcip_header_offset (tvb, pinfo, offset)) == -1) {            return FALSE;        }        else if (offset == -2) {            /* We need more data to desegment */            return (TRUE);        }        start = offset;        col_set_str(pinfo->cinfo, COL_PROTOCOL, "FCIP");        frame_len = (tvb_get_ntohs (tvb, offset+12) & 0x03FF)*4;        if (bytes_remaining < frame_len) {            if(fcip_desegment && pinfo->can_desegment) {                /*                 * This frame doesn't have all of the data for                 * this message, but we can do reassembly on it.                 *                 * Tell the TCP dissector where the data for this                 * message starts in the data it handed us, and                 * how many more bytes we need, and return.                 */                pinfo->desegment_offset = offset;                pinfo->desegment_len = frame_len - bytes_remaining;                return (TRUE);            }        }        pflags = tvb_get_guint8 (tvb, start+8);        if (tree) {            if (FCIP_IS_SF (pflags)) {                ti = proto_tree_add_protocol_format (tree, proto_fcip, tvb, 0,                                                     FCIP_ENCAP_HEADER_LEN,                                                     "FCIP");            }            else if (tvb_bytes_exist (tvb, offset, offset+frame_len-4)) {                sof = tvb_get_guint8 (tvb, offset+FCIP_ENCAP_HEADER_LEN);                eof = tvb_get_guint8 (tvb, offset+frame_len - 4);                ti = proto_tree_add_protocol_format (tree, proto_fcip, tvb, 0,                                                     FCIP_ENCAP_HEADER_LEN,                                                     "FCIP (%s/%s)",                                                     val_to_str (sof, fcip_sof_vals,                                                                 "0x%x"),                                                     val_to_str (eof, fcip_eof_vals,                                                                 "0x%x"));            }            else {                sof = tvb_get_guint8 (tvb, offset+FCIP_ENCAP_HEADER_LEN);                ti = proto_tree_add_protocol_format (tree, proto_fcip, tvb, 0,                                                     FCIP_ENCAP_HEADER_LEN,                                                     "FCIP (%s/%s)",                                                     val_to_str (sof, fcip_sof_vals,                                                                 "0x%x"),                                                     "NA");            }            fcip_tree = proto_item_add_subtree (ti, ett_fcip);            /* Dissect the Common FC Encap header */            dissect_fcencap_header (tvb, fcip_tree, offset);            offset += FCIP_ENCAP_HEADER_LEN;            if (!FCIP_IS_SF (pflags)) {                /* print SOF */                proto_tree_add_item (fcip_tree, hf_fcip_sof, tvb, offset, 1, ENC_BIG_ENDIAN);                proto_tree_add_item (fcip_tree, hf_fcip_sof_c, tvb, offset+2, 1, ENC_BIG_ENDIAN);                /* print EOF */                offset += (frame_len-FCIP_ENCAP_HEADER_LEN-4);                if (tvb_bytes_exist (tvb, offset, 4)) {                    proto_tree_add_item (fcip_tree, hf_fcip_eof, tvb, offset, 1, ENC_BIG_ENDIAN);                    proto_tree_add_item (fcip_tree, hf_fcip_eof_c, tvb, offset+2, 1, ENC_BIG_ENDIAN);//.........这里部分代码省略.........

//.........这里部分代码省略.........    }  } else {    udph->uh_ulen = tvb_reported_length(tvb);    udph->uh_sum_cov = tvb_get_ntohs(tvb, offset+4);    if (((udph->uh_sum_cov > 0) && (udph->uh_sum_cov < 8)) || (udph->uh_sum_cov > udph->uh_ulen)) {      /* Bogus length - it includes the header, so it must be >= 8, and no larger then the IP payload size. */      if (tree) {        hidden_item = proto_tree_add_boolean(udp_tree, &hfi_udplite_checksum_coverage_bad, tvb, offset + 4, 2, TRUE);        PROTO_ITEM_SET_HIDDEN(hidden_item);        hidden_item = proto_tree_add_uint(udp_tree, &hfi_udp_length, tvb, offset + 4, 0, udph->uh_ulen);        PROTO_ITEM_SET_HIDDEN(hidden_item);      }      item = proto_tree_add_uint_format_value(udp_tree, hfi_udplite_checksum_coverage.id, tvb, offset + 4, 2,          udph->uh_sum_cov, "%u (bogus, must be >= 8 and <= %u (ip.len-ip.hdr_len))",          udph->uh_sum_cov, udph->uh_ulen);      expert_add_info_format(pinfo, item, &ei_udplite_checksum_coverage, "Bad checksum coverage length value %u < 8 or > %u",                             udph->uh_sum_cov, udph->uh_ulen);      col_append_fstr(pinfo->cinfo, COL_INFO, " [BAD LIGHTWEIGHT UDP CHECKSUM COVERAGE LENGTH %u < 8 or > %u]",                        udph->uh_sum_cov, udph->uh_ulen);      if (!udplite_ignore_checksum_coverage)        return;    } else {      if (tree) {        hidden_item = proto_tree_add_uint(udp_tree, &hfi_udp_length, tvb, offset + 4, 0, udph->uh_ulen);        PROTO_ITEM_SET_HIDDEN(hidden_item);        proto_tree_add_uint(udp_tree, &hfi_udplite_checksum_coverage, tvb, offset + 4, 2, udph->uh_sum_cov);      }    }  }  udph->uh_sum_cov = (udph->uh_sum_cov) ? udph->uh_sum_cov : udph->uh_ulen;  udph->uh_sum = tvb_get_ntohs(tvb, offset+6);  reported_len = tvb_reported_length(tvb);  len = tvb_captured_length(tvb);  if (udph->uh_sum == 0) {    /* No checksum supplied in the packet. */    if ((ip_proto == IP_PROTO_UDP) && (pinfo->src.type == AT_IPv4)) {      item = proto_tree_add_uint_format_value(udp_tree, hfi_udp_checksum.id, tvb, offset + 6, 2, 0,        "0x%04x (none)", 0);      checksum_tree = proto_item_add_subtree(item, ett_udp_checksum);      item = proto_tree_add_boolean(checksum_tree, &hfi_udp_checksum_good, tvb,                             offset + 6, 2, FALSE);      PROTO_ITEM_SET_GENERATED(item);      item = proto_tree_add_boolean(checksum_tree, &hfi_udp_checksum_bad, tvb,                             offset + 6, 2, FALSE);      PROTO_ITEM_SET_GENERATED(item);    } else {      item = proto_tree_add_uint_format_value(udp_tree, hfi_udp_checksum.id, tvb, offset + 6, 2, 0,        "0x%04x (Illegal)", 0);      expert_add_info(pinfo, item, &ei_udp_checksum_zero);      col_append_str(pinfo->cinfo, COL_INFO, " [ILLEGAL CHECKSUM (0)]");      checksum_tree = proto_item_add_subtree(item, ett_udp_checksum);      item = proto_tree_add_boolean(checksum_tree, &hfi_udp_checksum_good, tvb,                             offset + 6, 2, FALSE);      PROTO_ITEM_SET_GENERATED(item);      item = proto_tree_add_boolean(checksum_tree, &hfi_udp_checksum_bad, tvb,                             offset + 6, 2, TRUE);      PROTO_ITEM_SET_GENERATED(item);    }  } else if (!pinfo->fragmented && (len >= reported_len) &&             (len >= udph->uh_sum_cov) && (reported_len >= udph->uh_sum_cov) &&             (udph->uh_sum_cov >= 8)) {    /* The packet isn't part of a fragmented datagram and isn't       truncated, so we can checksum it.

static voiddisplay_xip_serval(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree){	proto_tree *xip_serval_tree;	proto_item *ti, *check_ti, *hl_ti;	tvbuff_t *next_tvb;	vec_t cksum_vec;	gint offset;	guint16 packet_checksum, actual_checksum;	guint8 xsh_len, protocol, bytes_remaining;	/* Get XIP Serval header length, stored as number of 32-bit words. */	xsh_len = tvb_get_guint8(tvb, XSRVL_LEN) << 2;	/* Create XIP Serval header tree. */	ti = proto_tree_add_item(tree, proto_xip_serval, tvb,		0, xsh_len, ENC_NA);	xip_serval_tree = proto_item_add_subtree(ti, ett_xip_serval_tree);	/* Add XIP Serval header length. */	hl_ti = proto_tree_add_item(xip_serval_tree, hf_xip_serval_hl, tvb,		XSRVL_LEN, 1, ENC_BIG_ENDIAN);	proto_item_append_text(hl_ti, " bytes");	if (tvb_captured_length(tvb) < xsh_len)		expert_add_info_format(pinfo, hl_ti, &ei_xip_serval_bad_len,			"Header Length field (%d bytes) cannot be greater than actual number of bytes left in packet (%d bytes)",			xsh_len, tvb_captured_length(tvb));	/* Add XIP Serval protocol. If it's not data, TCP, or UDP, the	 * packet is malformed.	 */	proto_tree_add_item(xip_serval_tree, hf_xip_serval_proto, tvb,		XSRVL_PRO, 1, ENC_BIG_ENDIAN);	protocol = tvb_get_guint8(tvb, XSRVL_PRO);	if (!try_val_to_str(protocol, xip_serval_proto_vals))		expert_add_info_format(pinfo, ti, &ei_xip_serval_bad_proto,			"Unrecognized protocol type: %d", protocol);	/* Compute checksum. */	SET_CKSUM_VEC_TVB(cksum_vec, tvb, 0, xsh_len);	actual_checksum = in_cksum(&cksum_vec, 1);	/* Get XIP Serval checksum. */	packet_checksum = tvb_get_ntohs(tvb, XSRVL_CHK);	if (actual_checksum == 0) {		/* Add XIP Serval checksum as correct. */		proto_tree_add_uint_format(xip_serval_tree,			hf_xip_serval_check, tvb, XSRVL_CHK, 2, packet_checksum,			"Header checksum: 0x%04x [correct]", packet_checksum);	} else {		/* Add XIP Serval checksum as incorrect. */		check_ti = proto_tree_add_uint_format(xip_serval_tree,			hf_xip_serval_check, tvb, XSRVL_CHK, 2, packet_checksum,			"Header checksum: 0x%04x [incorrect, should be 0x%04x]",			packet_checksum,			in_cksum_shouldbe(packet_checksum, actual_checksum));		expert_add_info_format(pinfo, check_ti,			&ei_xip_serval_bad_checksum, "Bad checksum");	}	offset = XSRVL_EXT;	/* If there's still more room, check for extension headers. */	bytes_remaining = xsh_len - offset;	while (bytes_remaining >= XIP_SERVAL_EXT_MIN_LEN) {		gint8 bytes_displayed = display_xip_serval_ext(tvb, pinfo, ti,			xip_serval_tree, offset);		/* Extension headers are malformed, so we can't say		 * what the rest of the packet holds. Stop dissecting.		 */		if (bytes_displayed <= 0)			return;		offset += bytes_displayed;		bytes_remaining -= bytes_displayed;	}	switch (protocol) {	case XIP_SERVAL_PROTO_DATA:		next_tvb = tvb_new_subset_remaining(tvb, offset);		call_dissector(data_handle, next_tvb, pinfo, tree);		break;	case IP_PROTO_TCP: {		/* Get the Data Offset field of the TCP header, which is		 * the high nibble of the 12th octet and represents the		 * size of the TCP header of 32-bit words.		 */		guint8 tcp_len = hi_nibble(tvb_get_guint8(tvb, offset + 12))*4;		next_tvb = tvb_new_subset(tvb, offset, tcp_len, tcp_len);		call_dissector(tcp_handle, next_tvb, pinfo, tree);		break;	}	case IP_PROTO_UDP:		/* The UDP header is always 8 bytes. */		next_tvb = tvb_new_subset(tvb, offset, 8, 8);		call_dissector(udp_handle, next_tvb, pinfo, tree);		break;//.........这里部分代码省略.........

static void do_address_str_tree(const char* addr, tvbuff_t* tvb_string, asn1_ctx_t* actx, proto_tree* tree){    wmem_strbuf_t *ddatype = (wmem_strbuf_t *)actx->value_ptr;    p1_address_ctx_t* ctx = get_do_address_ctx(actx);    do_address(addr, tvb_string, actx);    if (ctx && ctx->do_address && tvb_string && ddatype) {        if (wmem_strbuf_get_len(ddatype) > 0) {            proto_item_append_text (tree, " (%s=%s)", wmem_strbuf_get_str(ddatype), tvb_format_text(tvb_string, 0, tvb_captured_length(tvb_string)));        }    }}

/* Code to actually dissect the packets */static intdissect_tivoconnect(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gboolean is_tcp){    /* parsing variables */    gchar * string = NULL;    gint length = -1;    /* value strings */    const gchar * proto_name = NULL;    gchar * packet_identity = NULL;    gchar * packet_machine = NULL;    /* validate that we have a tivoconnect packet */    if ( tvb_strncaseeql(tvb, 0, "tivoconnect", 11) != 0) {        return 0;    }    length = tvb_captured_length(tvb);    string = (gchar*)tvb_get_string_enc(wmem_packet_scope(), tvb, 0, length, ENC_ASCII);    /* Make entries in Protocol column and Info column on summary display */    col_set_str(pinfo->cinfo, COL_PROTOCOL, "TiVoConnect");    /* make a distinction between UDP and TCP packets */    proto_name = is_tcp ? "Discovery Connection" : "Discovery Beacon";    col_set_str(pinfo->cinfo, COL_INFO, proto_name);    if (tree) {        /* Set up structures needed to add the protocol subtree and manage it */        proto_item *ti = NULL;        proto_tree *tivoconnect_tree = NULL;        /* parsing variables */        guint offset = 0;        gchar * field = NULL;        /* create display subtree for the protocol */        ti = proto_tree_add_item(tree, proto_tivoconnect, tvb, 0, -1, ENC_NA);        tivoconnect_tree = proto_item_add_subtree(ti, ett_tivoconnect);        /* process the packet */        for ( field = strtok(string,"/n");                field;                offset+=length, field = strtok(NULL,"/n") ) {            gchar * value = NULL;            gint fieldlen;            length = (int)strlen(field) + 1;            if ( !(value=strchr(field, '=')) ) {                /* bad packet: missing the field separator */                continue;            }            *value++='/0';            fieldlen=(int)strlen(field)+1;            if ( g_ascii_strcasecmp(field,"tivoconnect") == 0 ) {                proto_tree_add_item(tivoconnect_tree,                                    hf_tivoconnect_flavor, tvb, offset+fieldlen,                                    length-fieldlen-1, ENC_ASCII|ENC_NA);            }            else if ( g_ascii_strcasecmp(field,"method") == 0 ) {                proto_tree_add_item(tivoconnect_tree,                                    hf_tivoconnect_method, tvb, offset+fieldlen,                                    length-fieldlen-1, ENC_ASCII|ENC_NA);            }            else if ( g_ascii_strcasecmp(field,"platform") == 0 ) {                proto_tree_add_item(tivoconnect_tree,                                    hf_tivoconnect_platform, tvb, offset+fieldlen,                                    length-fieldlen-1, ENC_ASCII|ENC_NA);            }            else if ( g_ascii_strcasecmp(field,"machine") == 0 ) {                proto_tree_add_item(tivoconnect_tree,                                    hf_tivoconnect_machine, tvb, offset+fieldlen,                                    length-fieldlen-1, ENC_ASCII|ENC_NA);                packet_machine = value;            }            else if ( g_ascii_strcasecmp(field,"identity") == 0 ) {                proto_tree_add_item(tivoconnect_tree,                                    hf_tivoconnect_identity, tvb, offset+fieldlen,                                    length-fieldlen-1, ENC_ASCII|ENC_NA);                packet_identity = value;            }            else if ( g_ascii_strcasecmp(field,"services") == 0 ) {                proto_tree_add_item(tivoconnect_tree,                                    hf_tivoconnect_services, tvb, offset+fieldlen,                                    length-fieldlen-1, ENC_ASCII|ENC_NA);            }            else if ( g_ascii_strcasecmp(field,"swversion") == 0 ) {                proto_tree_add_item(tivoconnect_tree,                                    hf_tivoconnect_version, tvb, offset+fieldlen,                                    length-fieldlen-1, ENC_ASCII|ENC_NA);            }            else {                /* unknown field! */            }        }//.........这里部分代码省略.........

/*voidethertype(guint16 etype, tvbuff_t *tvb, int offset_after_etype,	  packet_info *pinfo, proto_tree *tree, proto_tree *fh_tree,	  int etype_id, int trailer_id, int fcs_len)*/static intdissect_ethertype(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data){    const char	  *description;    tvbuff_t	  *volatile next_tvb;    guint		   length_before;    gint		   captured_length, reported_length;    volatile int  dissector_found = 0;    const char	  *volatile saved_proto;    ethertype_data_t  *ethertype_data;    /* Reject the packet if data is NULL */    if (data == NULL)        return 0;    ethertype_data = (ethertype_data_t*)data;    /* Add the Ethernet type to the protocol tree */    proto_tree_add_uint(ethertype_data->fh_tree, ethertype_data->etype_id, tvb,                        ethertype_data->offset_after_ethertype - 2, 2, ethertype_data->etype);    /* Get the captured length and reported length of the data       after the Ethernet type. */    captured_length = tvb_captured_length_remaining(tvb, ethertype_data->offset_after_ethertype);    reported_length = tvb_reported_length_remaining(tvb,                      ethertype_data->offset_after_ethertype);    /* Remember how much data there is after the Ethernet type,       including any trailer and FCS. */    length_before = reported_length;    /* Construct a tvbuff for the payload after the Ethernet type.       If the FCS length is positive, remove the FCS.       (If it's zero, there's no FCS; if it's negative,       we don't know whether there's an FCS, so we'll       guess based on the length of the trailer.) */    if (ethertype_data->fcs_len > 0) {        if (captured_length >= 0 && reported_length >= 0) {            if (reported_length >= ethertype_data->fcs_len)                reported_length -= ethertype_data->fcs_len;            if (captured_length > reported_length)                captured_length = reported_length;        }    }    next_tvb = tvb_new_subset(tvb, ethertype_data->offset_after_ethertype, captured_length,                              reported_length);    p_add_proto_data(pinfo->pool, pinfo, proto_ethertype, 0, GUINT_TO_POINTER((guint)ethertype_data->etype));    /* Look for sub-dissector, and call it if found.       Catch exceptions, so that if the reported length of "next_tvb"       was reduced by some dissector before an exception was thrown,       we can still put in an item for the trailer. */    saved_proto = pinfo->current_proto;    TRY {        dissector_found = dissector_try_uint(ethertype_dissector_table,        ethertype_data->etype, next_tvb, pinfo, tree);    }    CATCH_NONFATAL_ERRORS {        /* Somebody threw an exception that means that there           was a problem dissecting the payload; that means           that a dissector was found, so we don't need to           dissect the payload as data or update the protocol           or info columns.           Just show the exception and then drive on to show           the trailer, after noting that a dissector was found           and restoring the protocol value that was in effect           before we called the subdissector. */        show_exception(next_tvb, pinfo, tree, EXCEPT_CODE, GET_MESSAGE);        dissector_found = 1;        pinfo->current_proto = saved_proto;    }    ENDTRY;    if (!dissector_found) {        /* No sub-dissector found.           Label rest of packet as "Data" */        call_dissector(data_handle,next_tvb, pinfo, tree);        /* Label protocol */        col_add_fstr(pinfo->cinfo, COL_PROTOCOL, "0x%04x", ethertype_data->etype);        description = try_val_to_str(ethertype_data->etype, etype_vals);        if (description) {            col_add_str(pinfo->cinfo, COL_INFO, description);        }    }    add_dix_trailer(pinfo, tree, ethertype_data->fh_tree, ethertype_data->trailer_id, tvb, next_tvb, ethertype_data->offset_after_ethertype,                    length_before, ethertype_data->fcs_len);    return tvb_captured_length(tvb);}

    free_address(&follow_info->server_ip);    g_free(follow_info->filter_out_filter);    g_free(follow_info);}tap_packet_statusfollow_tvb_tap_listener(void *tapdata, packet_info *pinfo,                      epan_dissect_t *edt _U_, const void *data){    follow_record_t *follow_record;    follow_info_t *follow_info = (follow_info_t *)tapdata;    tvbuff_t *next_tvb = (tvbuff_t *)data;    follow_record = g_new(follow_record_t,1);    follow_record->data = g_byte_array_sized_new(tvb_captured_length(next_tvb));    follow_record->data = g_byte_array_append(follow_record->data,                                              tvb_get_ptr(next_tvb, 0, -1),                                              tvb_captured_length(next_tvb));    follow_record->packet_num = pinfo->fd->num;    if (follow_info->client_port == 0) {        follow_info->client_port = pinfo->srcport;        copy_address(&follow_info->client_ip, &pinfo->src);        follow_info->server_port = pinfo->destport;        copy_address(&follow_info->server_ip, &pinfo->dst);    }    if (addresses_equal(&follow_info->client_ip, &pinfo->src) && follow_info->client_port == pinfo->srcport)        follow_record->is_server = FALSE;    else

/*FUNCTION:------------------------------------------------------ *  NAME *      dissect_zbee_secure *  DESCRIPTION *      Dissects and decrypts secured ZigBee frames. * *      Will return a valid tvbuff only if security processing was *      successful. If processing fails, then this function will *      handle internally and return NULL. *  PARAMETERS *      tvbuff_t    *tvb    - pointer to buffer containing raw packet. *      packet_info *pinfo  - pointer to packet information fields *      proto_tree  *tree   - pointer to data tree Wireshark uses to display packet. *      guint       offset  - pointer to the start of the auxiliary security header. *      guint64     src64   - extended source address, or 0 if unknown. *  RETURNS *      tvbuff_t * *--------------------------------------------------------------- */tvbuff_t *dissect_zbee_secure(tvbuff_t *tvb, packet_info *pinfo, proto_tree* tree, guint offset){    proto_tree     *sec_tree;    zbee_security_packet    packet;    guint           mic_len;    gint            payload_len;    tvbuff_t       *payload_tvb;#ifdef HAVE_LIBGCRYPT    proto_item         *ti;    proto_item         *key_item;    guint8             *enc_buffer;    guint8             *dec_buffer;    gboolean            decrypted;    GSList            **nwk_keyring;    GSList             *GSList_i;    key_record_t       *key_rec = NULL;#endif    zbee_nwk_hints_t   *nwk_hints;    ieee802154_hints_t *ieee_hints;    ieee802154_map_rec *map_rec = NULL;    static const int * sec_flags[] = {        &hf_zbee_sec_key_id,        &hf_zbee_sec_nonce,        NULL    };    /* Init */    memset(&packet, 0, sizeof(zbee_security_packet));    /* Get pointers to any useful frame data from lower layers */    nwk_hints = (zbee_nwk_hints_t *)p_get_proto_data(wmem_file_scope(), pinfo,        proto_get_id_by_filter_name(ZBEE_PROTOABBREV_NWK), 0);    ieee_hints = (ieee802154_hints_t *)p_get_proto_data(wmem_file_scope(), pinfo,        proto_get_id_by_filter_name(IEEE802154_PROTOABBREV_WPAN), 0);    /* Create a subtree for the security information. */    sec_tree = proto_tree_add_subtree(tree, tvb, offset, -1, ett_zbee_sec, NULL, "ZigBee Security Header");    /*  Get and display the Security control field */    packet.control  = tvb_get_guint8(tvb, offset);    /* Patch the security level. */    packet.control &= ~ZBEE_SEC_CONTROL_LEVEL;    packet.control |= (ZBEE_SEC_CONTROL_LEVEL & gPREF_zbee_sec_level);    /*     * Eww, I think I just threw up a little...  ZigBee requires this field     * to be patched before computing the MIC, but we don't have write-access     * to the tvbuff. So we need to allocate a copy of the whole thing just     * so we can fix these 3 bits. Memory allocated by tvb_memdup(wmem_packet_scope(),...)     * is automatically freed before the next packet is processed.     */#ifdef HAVE_LIBGCRYPT    enc_buffer = (guint8 *)tvb_memdup(wmem_packet_scope(), tvb, 0, tvb_captured_length(tvb));    /*     * Override the const qualifiers and patch the security level field, we     * know it is safe to overide the const qualifiers because we just     * allocated this memory via tvb_memdup(wmem_packet_scope(),...).     */    enc_buffer[offset] = packet.control;#endif /* HAVE_LIBGCRYPT */    packet.level    = zbee_get_bit_field(packet.control, ZBEE_SEC_CONTROL_LEVEL);    packet.key_id   = zbee_get_bit_field(packet.control, ZBEE_SEC_CONTROL_KEY);    packet.nonce    = zbee_get_bit_field(packet.control, ZBEE_SEC_CONTROL_NONCE);    proto_tree_add_bitmask(sec_tree, tvb, offset, hf_zbee_sec_field, ett_zbee_sec_control, sec_flags, ENC_NA);    offset += 1;    /* Get and display the frame counter field. */    packet.counter = tvb_get_letohl(tvb, offset);    proto_tree_add_uint(sec_tree, hf_zbee_sec_counter, tvb, offset, 4, packet.counter);    offset += 4;    if (packet.nonce) {        /* Get and display the source address of the device that secured this payload. */        packet.src64 = tvb_get_letoh64(tvb, offset);        proto_tree_add_item(sec_tree, hf_zbee_sec_src64, tvb, offset, 8, ENC_LITTLE_ENDIAN);//.........这里部分代码省略.........

static voiddissect_smb_direct_payload(tvbuff_t *tvb, packet_info *pinfo,			   proto_tree *tree, guint32 remaining_length){	gboolean save_fragmented = pinfo->fragmented;	int save_visited = pinfo->fd->flags.visited;	conversation_t *conversation = NULL;	fragment_head *fd_head = NULL;	tvbuff_t *payload_tvb = NULL;	gboolean more_frags = FALSE;	gboolean fd_head_not_cached = FALSE;	heur_dtbl_entry_t *hdtbl_entry;	if (!smb_direct_reassemble) {		payload_tvb = tvb;		goto dissect_payload;	}	conversation = find_or_create_conversation(pinfo);	if (remaining_length > 0) {		more_frags = TRUE;	}	fd_head = (fragment_head *)p_get_proto_data(wmem_file_scope(), pinfo, proto_smb_direct, 0);	if (fd_head == NULL) {		fd_head_not_cached = TRUE;		pinfo->fd->flags.visited = 0;		fd_head = fragment_add_seq_next(&smb_direct_reassembly_table,						tvb, 0, pinfo,						conversation->index,						NULL, tvb_captured_length(tvb),						more_frags);	}	if (fd_head == NULL) {		/*		 * We really want the fd_head and pass it to		 * process_reassembled_data()		 *		 * So that individual fragments gets the		 * reassembled in field.		 */		fd_head = fragment_get_reassembled_id(&smb_direct_reassembly_table,						      pinfo,						      conversation->index);	}	if (fd_head == NULL) {		/*		 * we need more data...		 */		goto done;	}	if (fd_head_not_cached) {		p_add_proto_data(wmem_file_scope(), pinfo,				 proto_smb_direct, 0, fd_head);	}	payload_tvb = process_reassembled_data(tvb, 0, pinfo,					       "Reassembled SMB Direct",					       fd_head,					       &smb_direct_frag_items,					       NULL, /* update_col_info*/					       tree);	if (payload_tvb == NULL) {		/*		 * we need more data...		 */		goto done;	}dissect_payload:	pinfo->fragmented = FALSE;	if (!dissector_try_heuristic(smb_direct_heur_subdissector_list,				     payload_tvb, pinfo, tree, &hdtbl_entry, NULL)) {		call_dissector(data_handle, payload_tvb, pinfo, tree);	}done:	pinfo->fragmented = save_fragmented;	pinfo->fd->flags.visited = save_visited;	return;}

//.........这里部分代码省略.........        proto_tree_add_item(main_tree, hf_data_length, tvb, offset, 4, ENC_LITTLE_ENDIAN);        offset += 4;        if (data_length > 0)            col_append_fstr(pinfo->cinfo, COL_INFO, " length=%u ", data_length);        crc_item = proto_tree_add_item(main_tree, hf_data_crc32, tvb, offset, 4, ENC_LITTLE_ENDIAN);        crc_tree = proto_item_add_subtree(crc_item, ett_adb_crc);        crc32 = tvb_get_letohl(tvb, offset);        offset += 4;        magic_item = proto_tree_add_item(main_tree, hf_magic, tvb, offset, 4, ENC_LITTLE_ENDIAN);        if ((tvb_get_letohl(tvb, offset) ^ 0xFFFFFFFF) != command) {            proto_tree  *expert_tree;            expert_tree = proto_item_add_subtree(magic_item, ett_adb_magic);            proto_tree_add_expert(expert_tree, pinfo, &ei_invalid_magic, tvb, offset, 4);        }        if (!pinfo->fd->flags.visited)            save_command(command, arg0, arg1, data_length, crc32, service_data, proto, data, pinfo, &service_data, &command_data);        offset += 4;    }    if (!pinfo->fd->flags.visited && command_data) {            if (command_data->command_in_frame != frame_number) {                is_command = FALSE;                is_next_fragment = TRUE;            }            data_length = command_data->data_length;            crc32 = command_data->crc32;            if ((command_data->command_in_frame != frame_number && tvb_captured_length(tvb) == data_length) ||                (command_data->command_in_frame == frame_number && tvb_captured_length(tvb) == data_length + 24)            ) {                command_data->reassemble_data_length = command_data->data_length;                command_data->completed_in_frame = frame_number;            }    }    if (is_next_fragment && command_data) {        sub_item = proto_tree_add_uint(main_tree, hf_command_in_frame, tvb, offset, 0, command_data->command_in_frame);        PROTO_ITEM_SET_GENERATED(sub_item);        sub_item = proto_tree_add_uint(main_tree, hf_command, tvb, offset, 0, command_data->command);        PROTO_ITEM_SET_GENERATED(sub_item);        sub_item = proto_tree_add_uint(main_tree, hf_data_length, tvb, offset, 0, command_data->data_length);        PROTO_ITEM_SET_GENERATED(sub_item);        crc_item = proto_tree_add_uint(main_tree, hf_data_crc32, tvb, offset, 0, command_data->crc32);        crc_tree = proto_item_add_subtree(crc_item, ett_adb_crc);        PROTO_ITEM_SET_GENERATED(crc_item);    }    if (command_data && command_data->completed_in_frame != frame_number) {        sub_item = proto_tree_add_uint(main_tree, hf_completed_in_frame, tvb, offset, 0, command_data->completed_in_frame);        PROTO_ITEM_SET_GENERATED(sub_item);    }    if (tvb_captured_length_remaining(tvb, offset) > 0 && (!is_command || data_length > 0)) {        guint32 crc = 0;        guint32 i_offset;

//.........这里部分代码省略.........		pgm_tree = proto_item_add_subtree(ti, ett_pgm);		cursor = ptvcursor_new(pgm_tree, tvb, 0);		hidden_item = proto_tree_add_item(pgm_tree, hf_pgm_port, tvb, 0, 2, ENC_BIG_ENDIAN);		PROTO_ITEM_SET_HIDDEN(hidden_item);		hidden_item = proto_tree_add_item(pgm_tree, hf_pgm_port, tvb, 2, 2, ENC_BIG_ENDIAN);		PROTO_ITEM_SET_HIDDEN(hidden_item);		ptvcursor_add(cursor, hf_pgm_main_sport, 2, ENC_BIG_ENDIAN);		ptvcursor_add(cursor, hf_pgm_main_dport, 2, ENC_BIG_ENDIAN);		ptvcursor_add(cursor, hf_pgm_main_type, 1, ENC_BIG_ENDIAN);		tf = proto_tree_add_uint_format_value(pgm_tree, hf_pgm_main_opts, tvb,			ptvcursor_current_offset(cursor), 1, pgmhdr_opts, "%s (0x%x)",			optsstr(pgmhdr_opts), pgmhdr_opts);		opt_tree = proto_item_add_subtree(tf, ett_pgm_optbits);		ptvcursor_set_tree(cursor, opt_tree);		ptvcursor_add_no_advance(cursor, hf_pgm_main_opts_opt, 1, ENC_BIG_ENDIAN);		ptvcursor_add_no_advance(cursor, hf_pgm_main_opts_netsig, 1, ENC_BIG_ENDIAN);		ptvcursor_add_no_advance(cursor, hf_pgm_main_opts_varlen, 1, ENC_BIG_ENDIAN);		ptvcursor_add(cursor, hf_pgm_main_opts_parity, 1, ENC_BIG_ENDIAN);		ptvcursor_set_tree(cursor, pgm_tree);		/* Checksum may be 0 (not available), but not for DATA packets */		if ((pgmhdr_type != PGM_RDATA_PCKT) && (pgmhdr_type != PGM_ODATA_PCKT) &&		    (pgmhdr_cksum == 0))		{			proto_tree_add_uint_format_value(pgm_tree, hf_pgm_main_cksum, tvb,				ptvcursor_current_offset(cursor), 2, pgmhdr_cksum, "not available");		} else {			reportedlen = tvb_reported_length(tvb);			pgmlen = tvb_captured_length(tvb);			if (pgm_check_checksum && pgmlen >= reportedlen) {				vec_t cksum_vec[1];				guint16 computed_cksum;				SET_CKSUM_VEC_TVB(cksum_vec[0], tvb, 0, pgmlen);				computed_cksum = in_cksum(&cksum_vec[0], 1);				if (computed_cksum == 0) {					proto_tree_add_uint_format_value(pgm_tree, hf_pgm_main_cksum, tvb,						ptvcursor_current_offset(cursor), 2, pgmhdr_cksum, "0x%04x [correct]", pgmhdr_cksum);				} else {					hidden_item = proto_tree_add_boolean(pgm_tree, hf_pgm_main_cksum_bad, tvb,					    ptvcursor_current_offset(cursor), 2, TRUE);					PROTO_ITEM_SET_HIDDEN(hidden_item);					proto_tree_add_uint_format_value(pgm_tree, hf_pgm_main_cksum, tvb,					    ptvcursor_current_offset(cursor), 2, pgmhdr_cksum, "0x%04x [incorrect, should be 0x%04x]",						pgmhdr_cksum, in_cksum_shouldbe(pgmhdr_cksum, computed_cksum));				}			} else {				ptvcursor_add_no_advance(cursor, hf_pgm_main_cksum, 2, ENC_BIG_ENDIAN);			}		}		ptvcursor_advance(cursor, 2);		ptvcursor_add(cursor, hf_pgm_main_gsi, 6, ENC_NA);		ptvcursor_add(cursor, hf_pgm_main_tsdulen, 2, ENC_BIG_ENDIAN);		switch(pgmhdr_type) {		case PGM_SPM_PCKT:			type_tree = proto_tree_add_subtree_format(pgm_tree, tvb, ptvcursor_current_offset(cursor), plen,												ett_pgm_spm, NULL, "%s Packet", pktname);			ptvcursor_set_tree(cursor, type_tree);

/** Dissect DISP PDUs inside a ROS PDUs*/static intdissect_disp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data){	int offset = 0;	int old_offset;	proto_item *item;	proto_tree *tree;	struct SESSION_DATA_STRUCTURE* session;	int (*disp_dissector)(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_) = NULL;	const char *disp_op_name;	asn1_ctx_t asn1_ctx;	/* do we have operation information from the ROS dissector */	if (data == NULL)		return 0;	session  = (struct SESSION_DATA_STRUCTURE*)data;	asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);	asn1_ctx.private_data = session;	item = proto_tree_add_item(parent_tree, proto_disp, tvb, 0, -1, ENC_NA);	tree = proto_item_add_subtree(item, ett_disp);	col_set_str(pinfo->cinfo, COL_PROTOCOL, "DISP");  	col_clear(pinfo->cinfo, COL_INFO);	switch(session->ros_op & ROS_OP_MASK) {	case (ROS_OP_BIND | ROS_OP_ARGUMENT):	/*  BindInvoke */	  disp_dissector = dissect_disp_DSAShadowBindArgument;	  disp_op_name = "Shadow-Bind-Argument";	  break;	case (ROS_OP_BIND | ROS_OP_RESULT):	/*  BindResult */	  disp_dissector = dissect_disp_DSAShadowBindResult;	  disp_op_name = "Shadow-Bind-Result";	  break;	case (ROS_OP_BIND | ROS_OP_ERROR):	/*  BindError */	  disp_dissector = dissect_disp_DSAShadowBindError;	  disp_op_name = "Shadow-Bind-Error";	  break;	case (ROS_OP_INVOKE | ROS_OP_ARGUMENT):	/*  Invoke Argument */	  switch(session->ros_op & ROS_OP_OPCODE_MASK) {	  case 1: /* requestShadowUpdate */	    disp_dissector = dissect_disp_RequestShadowUpdateArgument;	    disp_op_name = "Request-Shadow-Update-Argument";	    break;	  case 2: /* updateShadow*/	    disp_dissector = dissect_disp_UpdateShadowArgument;	    disp_op_name = "Update-Shadow-Argument";	    break;	  case 3: /* coordinateShadowUpdate */	    disp_dissector = dissect_disp_CoordinateShadowUpdateArgument;	    disp_op_name = "Coordinate-Shadow-Update-Argument";	    break;	  default:	    proto_tree_add_expert_format(tree, pinfo, &ei_disp_unsupported_opcode, tvb, offset, -1,	        "Unsupported DISP opcode (%d)", session->ros_op & ROS_OP_OPCODE_MASK);	    break;	  }	  break;	case (ROS_OP_INVOKE | ROS_OP_RESULT):	/*  Return Result */	  switch(session->ros_op & ROS_OP_OPCODE_MASK) {	  case 1: /* requestShadowUpdate */	    disp_dissector = dissect_disp_RequestShadowUpdateResult;	    disp_op_name = "Request-Shadow-Result";	    break;	  case 2: /* updateShadow */	    disp_dissector = dissect_disp_UpdateShadowResult;	    disp_op_name = "Update-Shadow-Result";	    break;	  case 3: /* coordinateShadowUpdate */	    disp_dissector = dissect_disp_CoordinateShadowUpdateResult;	    disp_op_name = "Coordinate-Shadow-Update-Result";	    break;	  default:	    proto_tree_add_expert_format(tree, pinfo, &ei_disp_unsupported_opcode, tvb, offset, -1,	        "Unsupported DISP opcode (%d)", session->ros_op & ROS_OP_OPCODE_MASK);	    break;	  }	  break;	case (ROS_OP_INVOKE | ROS_OP_ERROR):	/*  Return Error */	  switch(session->ros_op & ROS_OP_OPCODE_MASK) {	  case 1: /* shadowError */	    disp_dissector = dissect_disp_ShadowError;	    disp_op_name = "Shadow-Error";	    break;	  default:	    proto_tree_add_expert_format(tree, pinfo, &ei_disp_unsupported_errcode, tvb, offset, -1,	            "Unsupported DISP errcode (%d)", session->ros_op & ROS_OP_OPCODE_MASK);	    break;	  }	  break;	default:	  proto_tree_add_expert(tree, pinfo, &ei_disp_unsupported_pdu, tvb, offset, -1);	  return tvb_captured_length(tvb);	}//.........这里部分代码省略.........

    proto_item  *proto_root;    proto_tree  *scop_tree;    guint        offset = 0;    scop_packet  packet;    memset(&packet, 0, sizeof(packet));    /* Set the protocol name. */    col_set_str(pinfo->cinfo, COL_PROTOCOL, "SCoP");    /* Clear the info column. */    col_clear(pinfo->cinfo, COL_INFO);    /* Create the protocol display tree. */    proto_root = proto_tree_add_protocol_format(tree, proto_scop, tvb, 0, tvb_captured_length(tvb),                                                "ZigBee SCoP");    scop_tree = proto_item_add_subtree(proto_root, ett_scop);    /* Extract the SCoP Transport type. */    packet.transport = tvb_get_guint8(tvb, offset);    proto_tree_add_uint(scop_tree, hf_scop_transport, tvb, offset, 1, packet.transport);    offset += 1;    /* Extract the SCoP Version. */    packet.version = tvb_get_guint8(tvb, offset);    proto_tree_add_uint(scop_tree, hf_scop_version, tvb, offset, 1, packet.version);    offset += 1;    /* Extract the SCoP Packet length. */    packet.length = tvb_get_ntohs(tvb, offset);

static intdissect_json(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data){	proto_tree *json_tree = NULL;	proto_item *ti = NULL;	json_parser_data_t parser_data;	tvbparse_t *tt;	const char *data_name;	int offset;	/* JSON dissector can be called in a JSON native file or when transported	 * by another protocol. We set the column values only if they've not been	 * already set by someone else.	 */	wmem_list_frame_t *proto = wmem_list_frame_prev(wmem_list_tail(pinfo->layers));	if (proto) {		const char *name = proto_get_protocol_filter_name(GPOINTER_TO_INT(wmem_list_frame_data(proto)));		if (!strcmp(name, "frame")) {			col_set_str(pinfo->cinfo, COL_PROTOCOL, "JSON");			col_set_str(pinfo->cinfo, COL_INFO, "JavaScript Object Notation");		}	}	data_name = pinfo->match_string;	if (! (data_name && data_name[0])) {		/*		 * No information from "match_string"		 */		data_name = (char *)data;		if (! (data_name && data_name[0])) {			/*			 * No information from dissector data			 */			data_name = NULL;		}	}	if (tree) {		ti = proto_tree_add_item(tree, hfi_json, tvb, 0, -1, ENC_NA);		json_tree = proto_item_add_subtree(ti, ett_json);		if (data_name)			proto_item_append_text(ti, ": %s", data_name);	}	offset = 0;	parser_data.stack = wmem_stack_new(wmem_packet_scope());	wmem_stack_push(parser_data.stack, json_tree);	tt = tvbparse_init(tvb, offset, -1, &parser_data, want_ignore);	/* XXX, only one json in packet? */	while ((tvbparse_get(tt, want)))		;	offset = tvbparse_curr_offset(tt);	proto_item_set_len(ti, offset);	/* if we have some unparsed data, pass to data-text-lines dissector (?) */	if (tvb_reported_length_remaining(tvb, offset) > 0) {		tvbuff_t *next_tvb;		next_tvb = tvb_new_subset_remaining(tvb, offset);		call_dissector_with_data(text_lines_handle, next_tvb, pinfo, tree, data);	} else if (data_name) {		col_append_sep_fstr(pinfo->cinfo, COL_INFO, " ", "(%s)", data_name);	}	return tvb_captured_length(tvb);}