aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--packet-atalk.c82
-rw-r--r--packet-clnp.c90
-rw-r--r--packet-dcerpc.c6
-rw-r--r--packet-eap.c71
-rw-r--r--packet-ieee80211.c80
-rw-r--r--packet-ip.c9
-rw-r--r--packet-ipv6.c89
-rw-r--r--packet-rpc.c5
-rw-r--r--packet-smb-pipe.c59
-rw-r--r--packet-smb.c4
-rw-r--r--packet-wtp.c85
-rw-r--r--reassemble.c179
-rw-r--r--reassemble.h14
13 files changed, 315 insertions, 458 deletions
diff --git a/packet-atalk.c b/packet-atalk.c
index 00f75712e8..84b50c5dcb 100644
--- a/packet-atalk.c
+++ b/packet-atalk.c
@@ -2,7 +2,7 @@
* Routines for AppleTalk packet disassembly: LLAP, DDP, NBP, ATP, ASP,
* RTMP.
*
- * $Id: packet-atalk.c,v 1.73 2002/06/04 07:03:44 guy Exp $
+ * $Id: packet-atalk.c,v 1.74 2002/06/07 10:11:38 guy Exp $
*
* Simon Wilkinson <sxw@dcs.ed.ac.uk>
*
@@ -287,6 +287,19 @@ static gint ett_ddp = -1;
static gint ett_llap = -1;
static gint ett_pstring = -1;
+fragment_items atp_frag_items = {
+ &ett_atp_segment,
+ &ett_atp_segments,
+ &hf_atp_segments,
+ &hf_atp_segment,
+ &hf_atp_segment_overlap,
+ &hf_atp_segment_overlap_conflict,
+ &hf_atp_segment_multiple_tails,
+ &hf_atp_segment_too_long_segment,
+ &hf_atp_segment_error,
+ "segments"
+};
+
static dissector_table_t ddp_dissector_table;
static dissector_handle_t data_handle;
@@ -646,67 +659,6 @@ dissect_nbp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
return;
}
-static void
-show_fragments(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
- fragment_data *fd_head)
-{
- guint32 offset;
- fragment_data *fd;
- proto_tree *ft;
- proto_item *fi;
-
- fi = proto_tree_add_item(tree, hf_atp_segments, tvb, 0, -1, FALSE);
- ft = proto_item_add_subtree(fi, ett_atp_segments);
- offset = 0;
- for (fd = fd_head->next; fd != NULL; fd = fd->next){
- if (fd->flags & (FD_OVERLAP|FD_OVERLAPCONFLICT|FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- /*
- * This segment has some flags set; create a subtree for it and
- * display the flags.
- */
- proto_tree *fet = NULL;
- proto_item *fei = NULL;
- int hf;
-
- if (fd->flags & (FD_OVERLAPCONFLICT|FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- hf = hf_atp_segment_error;
- } else {
- hf = hf_atp_segment;
- }
- fei = proto_tree_add_none_format(ft, hf, tvb, offset, fd->len,
- "Frame:%u payload:%u-%u",
- fd->frame, offset, offset+fd->len-1);
- fet = proto_item_add_subtree(fei, ett_atp_segment);
- if (fd->flags&FD_OVERLAP)
- proto_tree_add_boolean(fet, hf_atp_segment_overlap, tvb, 0, 0, TRUE);
- if (fd->flags&FD_OVERLAPCONFLICT) {
- proto_tree_add_boolean(fet, hf_atp_segment_overlap_conflict, tvb, 0, 0,
- TRUE);
- }
- if (fd->flags&FD_MULTIPLETAILS) {
- proto_tree_add_boolean(fet, hf_atp_segment_multiple_tails, tvb, 0, 0,
- TRUE);
- }
- if (fd->flags&FD_TOOLONGFRAGMENT) {
- proto_tree_add_boolean(fet, hf_atp_segment_too_long_segment, tvb, 0, 0,
- TRUE);
- }
- } else {
- /*
- * Nothing of interest for this segment.
- */
- proto_tree_add_text (ft, tvb, offset, fd->len,
- "Frame:%u payload:%u-%u",
- fd->frame, offset, offset+fd->len-1);
- }
- offset += fd->len;
- }
- if (fd_head->flags & (FD_OVERLAPCONFLICT|FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- if (check_col(pinfo->cinfo, COL_INFO))
- col_set_str(pinfo->cinfo, COL_INFO, "[Illegal segments]");
- }
-}
-
/* -----------------------------
ATP protocol cf. inside appletalk chap. 9
desegmentation from packet-ieee80211.c
@@ -860,8 +812,10 @@ dissect_atp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
tvb_set_child_real_data_tvbuff(tvb, new_tvb);
add_new_data_source(pinfo, new_tvb, "Reassembled ATP");
/* Show all fragments. */
- if (tree)
- show_fragments(new_tvb, pinfo, atp_tree, fd_head);
+ if (tree) {
+ show_fragment_seq_tree(fd_head, &atp_frag_items,
+ atp_tree, pinfo, new_tvb);
+ }
}
else
new_tvb = tvb_new_subset(tvb, ATP_HDRSIZE -1, -1, -1);
diff --git a/packet-clnp.c b/packet-clnp.c
index 6b9b5ff120..7a4f5724b0 100644
--- a/packet-clnp.c
+++ b/packet-clnp.c
@@ -1,7 +1,7 @@
/* packet-clnp.c
* Routines for ISO/OSI network and transport protocol packet disassembly
*
- * $Id: packet-clnp.c,v 1.56 2002/06/04 07:03:44 guy Exp $
+ * $Id: packet-clnp.c,v 1.57 2002/06/07 10:11:38 guy Exp $
* Laurent Deniel <deniel@worldnet.fr>
* Ralf Schneider <Ralf.Schneider@t-online.de>
*
@@ -77,6 +77,19 @@ static int hf_clnp_segment_multiple_tails = -1;
static int hf_clnp_segment_too_long_segment = -1;
static int hf_clnp_segment_error = -1;
+fragment_items clnp_frag_items = {
+ &ett_clnp_segment,
+ &ett_clnp_segments,
+ &hf_clnp_segments,
+ &hf_clnp_segment,
+ &hf_clnp_segment_overlap,
+ &hf_clnp_segment_overlap_conflict,
+ &hf_clnp_segment_multiple_tails,
+ &hf_clnp_segment_too_long_segment,
+ &hf_clnp_segment_error,
+ "segments"
+};
+
static dissector_handle_t data_handle;
/*
@@ -1827,10 +1840,6 @@ static void dissect_clnp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
cnf_type & CNF_MORE_SEGS);
if (fd_head != NULL) {
- fragment_data *fd;
- proto_tree *ft=NULL;
- proto_item *fi=NULL;
-
/* OK, we have the complete reassembled payload.
Allocate a new tvbuff, referring to the reassembled payload. */
next_tvb = tvb_new_real_data(fd_head->data, fd_head->datalen,
@@ -1844,75 +1853,8 @@ static void dissect_clnp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
/* Add the defragmented data to the data source list. */
add_new_data_source(pinfo, next_tvb, "Reassembled CLNP");
- /* It's not fragmented. */
- pinfo->fragmented = FALSE;
-
- /* show all segments */
- fi = proto_tree_add_item(clnp_tree, hf_clnp_segments,
- next_tvb, 0, -1, FALSE);
- ft = proto_item_add_subtree(fi, ett_clnp_segments);
- for (fd = fd_head->next; fd != NULL; fd = fd->next){
- if (fd->flags & (FD_OVERLAP|FD_OVERLAPCONFLICT
- |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- /* this segment has some flags set, create a subtree
- * for it and display the flags.
- */
- proto_tree *fet = NULL;
- proto_item *fei = NULL;
- int hf;
-
- if (fd->flags & (FD_OVERLAPCONFLICT
- |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- hf = hf_clnp_segment_error;
- } else {
- hf = hf_clnp_segment;
- }
- fei = proto_tree_add_none_format(ft, hf,
- next_tvb, fd->offset, fd->len,
- "Frame:%u payload:%u-%u",
- fd->frame,
- fd->offset,
- fd->offset+fd->len-1
- );
- fet = proto_item_add_subtree(fei, ett_clnp_segment);
- if (fd->flags&FD_OVERLAP) {
- proto_tree_add_boolean(fet,
- hf_clnp_segment_overlap, next_tvb, 0, 0,
- TRUE);
- }
- if (fd->flags&FD_OVERLAPCONFLICT) {
- proto_tree_add_boolean(fet,
- hf_clnp_segment_overlap_conflict, next_tvb, 0, 0,
- TRUE);
- }
- if (fd->flags&FD_MULTIPLETAILS) {
- proto_tree_add_boolean(fet,
- hf_clnp_segment_multiple_tails, next_tvb, 0, 0,
- TRUE);
- }
- if (fd->flags&FD_TOOLONGFRAGMENT) {
- proto_tree_add_boolean(fet,
- hf_clnp_segment_too_long_segment, next_tvb, 0, 0,
- TRUE);
- }
- } else {
- /* nothing of interest for this segment */
- proto_tree_add_none_format(ft, hf_clnp_segment,
- next_tvb, fd->offset, fd->len,
- "Frame:%u payload:%u-%u",
- fd->frame,
- fd->offset,
- fd->offset+fd->len-1
- );
- }
- }
- if (fd_head->flags & (FD_OVERLAPCONFLICT
- |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- if (check_col(pinfo->cinfo, COL_INFO)) {
- col_set_str(pinfo->cinfo, COL_INFO, "[Illegal segments]");
- update_col_info = FALSE;
- }
- }
+ update_col_info = !show_fragment_tree(fd_head, &clnp_frag_items,
+ clnp_tree, pinfo, next_tvb);
} else {
/* We don't have the complete reassembled payload. */
next_tvb = NULL;
diff --git a/packet-dcerpc.c b/packet-dcerpc.c
index a9d0ec84f5..634cbdf46b 100644
--- a/packet-dcerpc.c
+++ b/packet-dcerpc.c
@@ -2,7 +2,7 @@
* Routines for DCERPC packet disassembly
* Copyright 2001, Todd Sabin <tas@webspan.net>
*
- * $Id: packet-dcerpc.c,v 1.54 2002/06/05 11:21:47 sahlberg Exp $
+ * $Id: packet-dcerpc.c,v 1.55 2002/06/07 10:11:38 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -232,7 +232,9 @@ fragment_items dcerpc_frag_items = {
&hf_dcerpc_fragment_overlap_conflict,
&hf_dcerpc_fragment_multiple_tails,
&hf_dcerpc_fragment_too_long_fragment,
- &hf_dcerpc_fragment_error
+ &hf_dcerpc_fragment_error,
+
+ "fragments"
};
/* try to desegment big DCE/RPC packets over TCP? */
diff --git a/packet-eap.c b/packet-eap.c
index ac72716ce6..0b382f464d 100644
--- a/packet-eap.c
+++ b/packet-eap.c
@@ -2,7 +2,7 @@
* Routines for EAP Extensible Authentication Protocol dissection
* RFC 2284
*
- * $Id: packet-eap.c,v 1.25 2002/06/04 07:03:44 guy Exp $
+ * $Id: packet-eap.c,v 1.26 2002/06/07 10:11:39 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -194,9 +194,27 @@ static GHashTable *eaptls_fragment_table = NULL;
static int hf_eaptls_fragment = -1;
static int hf_eaptls_fragments = -1;
+static int hf_eaptls_fragment_overlap = -1;
+static int hf_eaptls_fragment_overlap_conflict = -1;
+static int hf_eaptls_fragment_multiple_tails = -1;
+static int hf_eaptls_fragment_too_long_fragment = -1;
+static int hf_eaptls_fragment_error = -1;
static gint ett_eaptls_fragment = -1;
static gint ett_eaptls_fragments = -1;
+fragment_items eaptls_frag_items = {
+ &ett_eaptls_fragment,
+ &ett_eaptls_fragments,
+ &hf_eaptls_fragments,
+ &hf_eaptls_fragment,
+ &hf_eaptls_fragment_overlap,
+ &hf_eaptls_fragment_overlap_conflict,
+ &hf_eaptls_fragment_multiple_tails,
+ &hf_eaptls_fragment_too_long_fragment,
+ &hf_eaptls_fragment_error,
+ "fragments"
+};
+
/*********************************************************************
**********************************************************************/
@@ -603,32 +621,15 @@ dissect_eap_data(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
if (fd_head != NULL) /* Reassembled */
{
- fragment_data *ffd; /* fragment file descriptor */
- proto_tree *ft=NULL;
- proto_item *fi=NULL;
- guint32 frag_offset;
-
next_tvb = tvb_new_real_data(fd_head->data,
fd_head->len,
fd_head->len);
tvb_set_child_real_data_tvbuff(tvb, next_tvb);
add_new_data_source(pinfo, next_tvb, "Reassembled EAP-TLS");
- pinfo->fragmented = FALSE;
-
- fi = proto_tree_add_item(eap_tree, hf_eaptls_fragments,
- next_tvb, 0, -1, FALSE);
- ft = proto_item_add_subtree(fi, ett_eaptls_fragments);
- frag_offset = 0;
- for (ffd=fd_head->next; ffd; ffd=ffd->next){
- proto_tree_add_none_format(ft, hf_eaptls_fragment,
- next_tvb, frag_offset, ffd->len,
- "Frame:%u payload:%u-%u",
- ffd->frame,
- frag_offset,
- frag_offset+ffd->len-1
- );
- frag_offset += ffd->len;
- }
+
+ show_fragment_seq_tree(fd_head, &eaptls_frag_items,
+ eap_tree, pinfo, next_tvb);
+
call_dissector(ssl_handle, next_tvb, pinfo, eap_tree);
/*
@@ -817,14 +818,32 @@ proto_register_eap(void)
VALS(eap_type_vals), 0x0, "", HFILL }},
{ &hf_eaptls_fragment,
{ "EAP-TLS Fragment", "eaptls.fragment",
- FT_NONE, BASE_NONE, NULL, 0x0,
- "EAP-TLS Fragment", HFILL }},
+ FT_NONE, BASE_NONE, NULL, 0x0,
+ "EAP-TLS Fragment", HFILL }},
{ &hf_eaptls_fragments,
{ "EAP-TLS Fragments", "eaptls.fragments",
FT_NONE, BASE_NONE, NULL, 0x0,
"EAP-TLS Fragments", HFILL }},
-
-
+ { &hf_eaptls_fragment_overlap,
+ { "Fragment overlap", "eaptls.fragment.overlap",
+ FT_BOOLEAN, BASE_NONE, NULL, 0x0,
+ "Fragment overlaps with other fragments", HFILL }},
+ { &hf_eaptls_fragment_overlap_conflict,
+ { "Conflicting data in fragment overlap", "eaptls.fragment.overlap.conflict",
+ FT_BOOLEAN, BASE_NONE, NULL, 0x0,
+ "Overlapping fragments contained conflicting data", HFILL }},
+ { &hf_eaptls_fragment_multiple_tails,
+ { "Multiple tail fragments found", "eaptls.fragment.multipletails",
+ FT_BOOLEAN, BASE_NONE, NULL, 0x0,
+ "Several tails were found when defragmenting the packet", HFILL }},
+ { &hf_eaptls_fragment_too_long_fragment,
+ { "Fragment too long", "eaptls.fragment.toolongfragment",
+ FT_BOOLEAN, BASE_NONE, NULL, 0x0,
+ "Fragment contained data past end of packet", HFILL }},
+ { &hf_eaptls_fragment_error,
+ { "Defragmentation error", "eaptls.fragment.error",
+ FT_NONE, BASE_NONE, NULL, 0x0,
+ "Defragmentation error due to illegal fragments", HFILL }},
};
static gint *ett[] = {
&ett_eap,
diff --git a/packet-ieee80211.c b/packet-ieee80211.c
index fa4a4efd44..9bff706334 100644
--- a/packet-ieee80211.c
+++ b/packet-ieee80211.c
@@ -3,7 +3,7 @@
* Copyright 2000, Axis Communications AB
* Inquiries/bugreports should be sent to Johan.Jorgensen@axis.com
*
- * $Id: packet-ieee80211.c,v 1.63 2002/06/04 07:03:44 guy Exp $
+ * $Id: packet-ieee80211.c,v 1.64 2002/06/07 10:11:39 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -363,6 +363,19 @@ static gint ett_fixed_parameters = -1;
static gint ett_tagged_parameters = -1;
static gint ett_wep_parameters = -1;
+fragment_items frag_items = {
+ &ett_fragment,
+ &ett_fragments,
+ &hf_fragments,
+ &hf_fragment,
+ &hf_fragment_overlap,
+ &hf_fragment_overlap_conflict,
+ &hf_fragment_multiple_tails,
+ &hf_fragment_too_long_fragment,
+ &hf_fragment_error,
+ "fragments"
+};
+
static dissector_handle_t llc_handle;
static dissector_handle_t ipx_handle;
static dissector_handle_t data_handle;
@@ -1081,67 +1094,6 @@ set_dst_addr_cols(packet_info *pinfo, const guint8 *addr, char *type)
ether_to_str(addr), type);
}
-static void
-show_fragments(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
- fragment_data *fd_head)
-{
- guint32 offset;
- fragment_data *fd;
- proto_tree *ft;
- proto_item *fi;
-
- fi = proto_tree_add_item(tree, hf_fragments, tvb, 0, -1, FALSE);
- ft = proto_item_add_subtree(fi, ett_fragments);
- offset = 0;
- for (fd = fd_head->next; fd != NULL; fd = fd->next){
- if (fd->flags & (FD_OVERLAP|FD_OVERLAPCONFLICT|FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- /*
- * This fragment has some flags set; create a subtree for it and
- * display the flags.
- */
- proto_tree *fet = NULL;
- proto_item *fei = NULL;
- int hf;
-
- if (fd->flags & (FD_OVERLAPCONFLICT|FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- hf = hf_fragment_error;
- } else {
- hf = hf_fragment;
- }
- fei = proto_tree_add_none_format(ft, hf, tvb, offset, fd->len,
- "Frame:%u payload:%u-%u",
- fd->frame, offset, offset+fd->len-1);
- fet = proto_item_add_subtree(fei, ett_fragment);
- if (fd->flags&FD_OVERLAP)
- proto_tree_add_boolean(fet, hf_fragment_overlap, tvb, 0, 0, TRUE);
- if (fd->flags&FD_OVERLAPCONFLICT) {
- proto_tree_add_boolean(fet, hf_fragment_overlap_conflict, tvb, 0, 0,
- TRUE);
- }
- if (fd->flags&FD_MULTIPLETAILS) {
- proto_tree_add_boolean(fet, hf_fragment_multiple_tails, tvb, 0, 0,
- TRUE);
- }
- if (fd->flags&FD_TOOLONGFRAGMENT) {
- proto_tree_add_boolean(fet, hf_fragment_too_long_fragment, tvb, 0, 0,
- TRUE);
- }
- } else {
- /*
- * Nothing of interest for this fragment.
- */
- proto_tree_add_none_format(ft, hf_fragment, tvb, offset, fd->len,
- "Frame:%u payload:%u-%u",
- fd->frame, offset, offset+fd->len-1);
- }
- offset += fd->len;
- }
- if (fd_head->flags & (FD_OVERLAPCONFLICT|FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- if (check_col(pinfo->cinfo, COL_INFO))
- col_set_str(pinfo->cinfo, COL_INFO, "[Illegal fragments]");
- }
-}
-
/* ************************************************************************* */
/* Dissect 802.11 frame */
/* ************************************************************************* */
@@ -1667,8 +1619,8 @@ dissect_ieee80211_common (tvbuff_t * tvb, packet_info * pinfo,
tvb_set_child_real_data_tvbuff(tvb, next_tvb);
add_new_data_source(pinfo, next_tvb, "Reassembled 802.11");
- /* Show all fragments. */
- show_fragments(next_tvb, pinfo, hdr_tree, fd_head);
+ /* Show all fragments. */
+ show_fragment_seq_tree(fd_head, &frag_items, hdr_tree, pinfo, next_tvb);
} else {
/*
* Not fragmented, really.
diff --git a/packet-ip.c b/packet-ip.c
index ec867f6ddd..d79adffb46 100644
--- a/packet-ip.c
+++ b/packet-ip.c
@@ -1,7 +1,7 @@
/* packet-ip.c
* Routines for IP and miscellaneous IP protocol packet disassembly
*
- * $Id: packet-ip.c,v 1.168 2002/06/05 11:21:47 sahlberg Exp $
+ * $Id: packet-ip.c,v 1.169 2002/06/07 10:11:39 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -122,7 +122,8 @@ fragment_items ip_frag_items = {
&hf_ip_fragment_overlap_conflict,
&hf_ip_fragment_multiple_tails,
&hf_ip_fragment_too_long_fragment,
- &hf_ip_fragment_error
+ &hf_ip_fragment_error,
+ "fragments"
};
/* Used by IPv6 as well, so not static */
@@ -1009,8 +1010,8 @@ dissect_ip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
add_new_data_source(pinfo, next_tvb, "Reassembled IPv4");
/* show all fragments */
- update_col_info = !show_fragment_tree(ipfd_head, &ip_frag_items, ip_tree, pinfo, next_tvb);
-
+ update_col_info = !show_fragment_tree(ipfd_head, &ip_frag_items,
+ ip_tree, pinfo, next_tvb);
} else {
/* We don't have the complete reassembled payload. */
next_tvb = NULL;
diff --git a/packet-ipv6.c b/packet-ipv6.c
index df2877858d..b87b5407a9 100644
--- a/packet-ipv6.c
+++ b/packet-ipv6.c
@@ -1,7 +1,7 @@
/* packet-ipv6.c
* Routines for IPv6 packet disassembly
*
- * $Id: packet-ipv6.c,v 1.82 2002/06/04 07:03:45 guy Exp $
+ * $Id: packet-ipv6.c,v 1.83 2002/06/07 10:11:39 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -106,6 +106,19 @@ static gint ett_ipv6 = -1;
static gint ett_ipv6_fragments = -1;
static gint ett_ipv6_fragment = -1;
+fragment_items ipv6_frag_items = {
+ &ett_ipv6_fragment,
+ &ett_ipv6_fragments,
+ &hf_ipv6_fragments,
+ &hf_ipv6_fragment,
+ &hf_ipv6_fragment_overlap,
+ &hf_ipv6_fragment_overlap_conflict,
+ &hf_ipv6_fragment_multiple_tails,
+ &hf_ipv6_fragment_too_long_fragment,
+ &hf_ipv6_fragment_error,
+ "fragments"
+};
+
static dissector_handle_t data_handle;
/* Reassemble fragmented datagrams */
@@ -828,10 +841,6 @@ again:
offlg & IP6F_MORE_FRAG);
if (ipfd_head != NULL) {
- fragment_data *ipfd;
- proto_tree *ft = NULL;
- proto_item *fi = NULL;
-
/* OK, we have the complete reassembled payload.
Allocate a new tvbuff, referring to the reassembled payload. */
next_tvb = tvb_new_real_data(ipfd_head->data, ipfd_head->datalen,
@@ -845,75 +854,9 @@ again:
/* Add the defragmented data to the data source list. */
add_new_data_source(pinfo, next_tvb, "Reassembled IPv6");
- /* It's not fragmented. */
- pinfo->fragmented = FALSE;
-
/* show all fragments */
- fi = proto_tree_add_item(ipv6_tree, hf_ipv6_fragments,
- next_tvb, 0, -1, FALSE);
- ft = proto_item_add_subtree(fi, ett_ipv6_fragments);
- for (ipfd = ipfd_head->next; ipfd; ipfd = ipfd->next){
- if (ipfd->flags & (FD_OVERLAP|FD_OVERLAPCONFLICT
- |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- /* this fragment has some flags set, create a subtree
- * for it and display the flags.
- */
- proto_tree *fet = NULL;
- proto_item *fei = NULL;
- int hf;
-
- if (ipfd->flags & (FD_OVERLAPCONFLICT
- |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- hf = hf_ipv6_fragment_error;
- } else {
- hf = hf_ipv6_fragment;
- }
- fei = proto_tree_add_none_format(ft, hf,
- next_tvb, ipfd->offset, ipfd->len,
- "Frame:%u payload:%u-%u",
- ipfd->frame,
- ipfd->offset,
- ipfd->offset+ipfd->len-1
- );
- fet = proto_item_add_subtree(fei, ett_ipv6_fragment);
- if (ipfd->flags&FD_OVERLAP) {
- proto_tree_add_boolean(fet,
- hf_ipv6_fragment_overlap, next_tvb, 0, 0,
- TRUE);
- }
- if (ipfd->flags&FD_OVERLAPCONFLICT) {
- proto_tree_add_boolean(fet,
- hf_ipv6_fragment_overlap_conflict, next_tvb, 0, 0,
- TRUE);
- }
- if (ipfd->flags&FD_MULTIPLETAILS) {
- proto_tree_add_boolean(fet,
- hf_ipv6_fragment_multiple_tails, next_tvb, 0, 0,
- TRUE);
- }
- if (ipfd->flags&FD_TOOLONGFRAGMENT) {
- proto_tree_add_boolean(fet,
- hf_ipv6_fragment_too_long_fragment, next_tvb, 0, 0,
- TRUE);
- }
- } else {
- /* nothing of interest for this fragment */
- proto_tree_add_none_format(ft, hf_ipv6_fragment,
- next_tvb, ipfd->offset, ipfd->len,
- "Frame:%u payload:%u-%u",
- ipfd->frame,
- ipfd->offset,
- ipfd->offset+ipfd->len-1
- );
- }
- }
- if (ipfd_head->flags & (FD_OVERLAPCONFLICT
- |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- if (check_col(pinfo->cinfo, COL_INFO)) {
- col_set_str(pinfo->cinfo, COL_INFO, "[Illegal fragments]");
- update_col_info = FALSE;
- }
- }
+ update_col_info = !show_fragment_tree(ipfd_head, &ipv6_frag_items,
+ ipv6_tree, pinfo, next_tvb);
} else {
/* We don't have the complete reassembled payload. */
next_tvb = NULL;
diff --git a/packet-rpc.c b/packet-rpc.c
index a352c0b1ea..107836cd3d 100644
--- a/packet-rpc.c
+++ b/packet-rpc.c
@@ -2,7 +2,7 @@
* Routines for rpc dissection
* Copyright 1999, Uwe Girlich <Uwe.Girlich@philosys.de>
*
- * $Id: packet-rpc.c,v 1.96 2002/06/05 11:32:14 sahlberg Exp $
+ * $Id: packet-rpc.c,v 1.97 2002/06/07 10:11:39 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -223,7 +223,8 @@ fragment_items rpc_frag_items = {
&hf_rpc_fragment_overlap_conflict,
&hf_rpc_fragment_multiple_tails,
&hf_rpc_fragment_too_long_fragment,
- &hf_rpc_fragment_error
+ &hf_rpc_fragment_error,
+ "fragments"
};
/* Hash table with info on RPC program numbers */
diff --git a/packet-smb-pipe.c b/packet-smb-pipe.c
index 80827dff0d..ca3752c3bf 100644
--- a/packet-smb-pipe.c
+++ b/packet-smb-pipe.c
@@ -8,7 +8,7 @@ XXX Fixme : shouldnt show [malformed frame] for long packets
* significant rewrite to tvbuffify the dissector, Ronnie Sahlberg and
* Guy Harris 2001
*
- * $Id: packet-smb-pipe.c,v 1.78 2002/06/04 07:03:45 guy Exp $
+ * $Id: packet-smb-pipe.c,v 1.79 2002/06/07 10:11:39 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -72,10 +72,31 @@ static int hf_pipe_getinfo_current_instances = -1;
static int hf_pipe_getinfo_pipe_name_length = -1;
static int hf_pipe_getinfo_pipe_name = -1;
static int hf_pipe_write_raw_bytes_written = -1;
+static int hf_pipe_fragments = -1;
+static int hf_pipe_fragment = -1;
+static int hf_pipe_fragment_overlap = -1;
+static int hf_pipe_fragment_overlap_conflict = -1;
+static int hf_pipe_fragment_multiple_tails = -1;
+static int hf_pipe_fragment_too_long_fragment = -1;
+static int hf_pipe_fragment_error = -1;
static gint ett_smb_pipe = -1;
+static gint ett_smb_pipe_fragment = -1;
static gint ett_smb_pipe_fragments = -1;
+fragment_items smb_pipe_frag_items = {
+ &ett_smb_pipe_fragment,
+ &ett_smb_pipe_fragments,
+ &hf_pipe_fragments,
+ &hf_pipe_fragment,
+ &hf_pipe_fragment_overlap,
+ &hf_pipe_fragment_overlap_conflict,
+ &hf_pipe_fragment_multiple_tails,
+ &hf_pipe_fragment_too_long_fragment,
+ &hf_pipe_fragment_error,
+ "fragments"
+};
+
static int proto_smb_lanman = -1;
static int hf_function_code = -1;
static int hf_param_desc = -1;
@@ -3163,10 +3184,6 @@ dissect_pipe_dcerpc(tvbuff_t *d_tvb, packet_info *pinfo, proto_tree *parent_tree
fd_head=fragment_get(pinfo, pinfo->fd->num ,
dcerpc_fragment_table);
if(fd_head && fd_head->flags&FD_DEFRAGMENTED){
- proto_tree *tr;
- proto_item *it;
- fragment_data *fd;
-
new_tvb = tvb_new_real_data(fd_head->data,
fd_head->datalen, fd_head->datalen);
tvb_set_child_real_data_tvbuff(d_tvb, new_tvb);
@@ -3177,14 +3194,8 @@ dissect_pipe_dcerpc(tvbuff_t *d_tvb, packet_info *pinfo, proto_tree *parent_tree
d_tvb=new_tvb;
/* list what segments we have */
- it = proto_tree_add_text(tree, d_tvb, 0, -1, "Fragments");
- tr = proto_item_add_subtree(it, ett_smb_pipe_fragments);
- for(fd=fd_head->next;fd;fd=fd->next){
- proto_tree_add_text(tr, d_tvb, fd->offset, fd->len,
- "Frame:%u Data:%u-%u",
- fd->frame, fd->offset,
- fd->offset+fd->len-1);
- }
+ show_fragment_tree(fd_head, &smb_pipe_frag_items,
+ tree, pinfo, d_tvb);
}
}
@@ -3650,9 +3661,31 @@ proto_register_smb_pipe(void)
{ &hf_pipe_write_raw_bytes_written,
{ "Bytes Written", "pipe.write_raw.bytes_written", FT_UINT16, BASE_DEC,
NULL, 0, "Number of bytes written to the pipe", HFILL }},
+ { &hf_pipe_fragment_overlap,
+ { "Fragment overlap", "pipe.fragment.overlap", FT_BOOLEAN, BASE_NONE,
+ NULL, 0x0, "Fragment overlaps with other fragments", HFILL }},
+ { &hf_pipe_fragment_overlap_conflict,
+ { "Conflicting data in fragment overlap", "pipe.fragment.overlap.conflict", FT_BOOLEAN,
+ BASE_NONE, NULL, 0x0, "Overlapping fragments contained conflicting data", HFILL }},
+ { &hf_pipe_fragment_multiple_tails,
+ { "Multiple tail fragments found", "pipe.fragment.multipletails", FT_BOOLEAN,
+ BASE_NONE, NULL, 0x0, "Several tails were found when defragmenting the packet", HFILL }},
+ { &hf_pipe_fragment_too_long_fragment,
+ { "Fragment too long", "pipe.fragment.toolongfragment", FT_BOOLEAN,
+ BASE_NONE, NULL, 0x0, "Fragment contained data past end of packet", HFILL }},
+ { &hf_pipe_fragment_error,
+ { "Defragmentation error", "pipe.fragment.error", FT_NONE,
+ BASE_NONE, NULL, 0x0, "Defragmentation error due to illegal fragments", HFILL }},
+ { &hf_pipe_fragment,
+ { "Fragment", "pipe.fragment", FT_NONE,
+ BASE_NONE, NULL, 0x0, "Pipe Fragment", HFILL }},
+ { &hf_pipe_fragments,
+ { "Fragments", "pipe.fragments", FT_NONE,
+ BASE_NONE, NULL, 0x0, "Pipe Fragments", HFILL }},
};
static gint *ett[] = {
&ett_smb_pipe,
+ &ett_smb_pipe_fragment,
&ett_smb_pipe_fragments,
};
diff --git a/packet-smb.c b/packet-smb.c
index e9dcabab97..87eacf4c04 100644
--- a/packet-smb.c
+++ b/packet-smb.c
@@ -3,7 +3,7 @@
* Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com>
* 2001 Rewrite by Ronnie Sahlberg and Guy Harris
*
- * $Id: packet-smb.c,v 1.269 2002/06/05 11:21:47 sahlberg Exp $
+ * $Id: packet-smb.c,v 1.270 2002/06/07 10:11:40 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -669,6 +669,8 @@ fragment_items smb_frag_items = {
&hf_smb_segment_multiple_tails,
&hf_smb_segment_too_long_fragment,
&hf_smb_segment_error,
+
+ "segments"
};
proto_tree *top_tree=NULL; /* ugly */
diff --git a/packet-wtp.c b/packet-wtp.c
index 6be5a3f24d..bb6cbe51ca 100644
--- a/packet-wtp.c
+++ b/packet-wtp.c
@@ -2,7 +2,7 @@
*
* Routines to dissect WTP component of WAP traffic.
*
- * $Id: packet-wtp.c,v 1.34 2002/06/04 07:03:47 guy Exp $
+ * $Id: packet-wtp.c,v 1.35 2002/06/07 10:11:41 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -189,6 +189,19 @@ static gint ett_header = ETT_EMPTY;
static gint ett_wsp_fragments = ETT_EMPTY;
static gint ett_wtp_fragment = ETT_EMPTY;
+fragment_items wtp_frag_items = {
+ &ett_wtp_fragment,
+ &ett_wsp_fragments,
+ &hf_wtp_fragments,
+ &hf_wtp_fragment,
+ &hf_wtp_fragment_overlap,
+ &hf_wtp_fragment_overlap_conflict,
+ &hf_wtp_fragment_multiple_tails,
+ &hf_wtp_fragment_too_long_fragment,
+ &hf_wtp_fragment_error,
+ "fragments"
+};
+
/* Handle for WSP dissector */
static dissector_handle_t wsp_handle;
@@ -225,73 +238,6 @@ static char retransmission_indicator(unsigned char octet)
}
}
-static void show_fragments(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
- fragment_data *fd_head)
-{
- guint32 offset;
- fragment_data *fd;
- proto_tree *ft;
- proto_item *fi;
-
- fi = proto_tree_add_item(tree, hf_wtp_fragments, tvb, 0, -1, FALSE);
- ft = proto_item_add_subtree(fi, ett_wsp_fragments);
- offset = 0;
- for (fd=fd_head->next; fd; fd=fd->next){
- if (fd->flags & (FD_OVERLAP|FD_OVERLAPCONFLICT
- |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- /* this fragment has some flags set, create a subtree
- for it and display the flags. */
- proto_tree *fet=NULL;
- proto_item *fei=NULL;
- int hf;
-
- if (fd->flags & (FD_OVERLAPCONFLICT
- |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- hf = hf_wtp_fragment_error;
- } else {
- hf = hf_wtp_fragment;
- }
- fei = proto_tree_add_none_format(ft, hf,
- tvb, offset, fd->len,
- "Frame:%u payload:%u-%u",
- fd->frame, offset, offset+fd->len-1);
- fet = proto_item_add_subtree(fei, ett_wtp_fragment);
- if (fd->flags&FD_OVERLAP) {
- proto_tree_add_boolean(fet,
- hf_wtp_fragment_overlap, tvb, 0, 0,
- TRUE);
- }
- if (fd->flags&FD_OVERLAPCONFLICT) {
- proto_tree_add_boolean(fet,
- hf_wtp_fragment_overlap_conflict, tvb, 0, 0,
- TRUE);
- }
- if (fd->flags&FD_MULTIPLETAILS) {
- proto_tree_add_boolean(fet,
- hf_wtp_fragment_multiple_tails, tvb, 0, 0,
- TRUE);
- }
- if (fd->flags&FD_TOOLONGFRAGMENT) {
- proto_tree_add_boolean(fet,
- hf_wtp_fragment_too_long_fragment, tvb, 0, 0,
- TRUE);
- }
- } else {
- /* nothing of interest for this fragment */
- proto_tree_add_none_format(ft, hf_wtp_fragment,
- tvb, offset, fd->len,
- "Frame:%u payload:%u-%u",
- fd->frame, offset, offset+fd->len-1);
- }
- offset += fd->len;
- }
- if (fd_head->flags & (FD_OVERLAPCONFLICT
- |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- if (check_col(pinfo->cinfo, COL_INFO))
- col_set_str(pinfo->cinfo, COL_INFO, "[Illegal fragments]");
- }
-}
-
/* Code to actually dissect the packets */
static void
dissect_wtp_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
@@ -603,7 +549,8 @@ dissect_wtp_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
pinfo->fragmented = FALSE;
/* show all fragments */
- show_fragments(wsp_tvb, pinfo, wtp_tree, fd_head);
+ show_fragment_seq_tree(fd_head, &wtp_frag_items,
+ wtp_tree, pinfo, wsp_tvb);
call_dissector(wsp_handle, wsp_tvb, pinfo, tree);
}
diff --git a/reassemble.c b/reassemble.c
index 4cf4428008..3badf3eb52 100644
--- a/reassemble.c
+++ b/reassemble.c
@@ -1,7 +1,7 @@
/* reassemble.c
* Routines for {fragment,segment} reassembly
*
- * $Id: reassemble.c,v 1.19 2002/06/05 11:21:48 sahlberg Exp $
+ * $Id: reassemble.c,v 1.20 2002/06/07 10:11:41 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -1104,14 +1104,82 @@ fragment_add_seq_check(tvbuff_t *tvb, int offset, packet_info *pinfo,
}
-/* This function will build the fragment subtree
- function will return TRUE if there were fragmentation errors
+/*
+ * Show a single fragment in a fragment subtree.
+ */
+static void
+show_fragment(fragment_data *fd, int offset, fragment_items *fit,
+ proto_tree *ft, tvbuff_t *tvb)
+{
+ if (fd->flags & (FD_OVERLAP|FD_OVERLAPCONFLICT
+ |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
+ /* this fragment has some flags set, create a subtree
+ * for it and display the flags.
+ */
+ proto_tree *fet=NULL;
+ proto_item *fei=NULL;
+ int hf;
+
+ if (fd->flags & (FD_OVERLAPCONFLICT
+ |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
+ hf = *(fit->hf_fragment_error);
+ } else {
+ hf = *(fit->hf_fragment);
+ }
+ fei = proto_tree_add_none_format(ft, hf,
+ tvb, offset, fd->len,
+ "Frame:%u payload:%u-%u",
+ fd->frame,
+ offset,
+ offset+fd->len-1);
+ fet = proto_item_add_subtree(fei, *(fit->ett_fragment));
+ if (fd->flags&FD_OVERLAP) {
+ proto_tree_add_boolean(fet,
+ *(fit->hf_fragment_overlap),
+ tvb, 0, 0,
+ TRUE);
+ }
+ if (fd->flags&FD_OVERLAPCONFLICT) {
+ proto_tree_add_boolean(fet,
+ *(fit->hf_fragment_overlap_conflict),
+ tvb, 0, 0,
+ TRUE);
+ }
+ if (fd->flags&FD_MULTIPLETAILS) {
+ proto_tree_add_boolean(fet,
+ *(fit->hf_fragment_multiple_tails),
+ tvb, 0, 0,
+ TRUE);
+ }
+ if (fd->flags&FD_TOOLONGFRAGMENT) {
+ proto_tree_add_boolean(fet,
+ *(fit->hf_fragment_too_long_fragment),
+ tvb, 0, 0,
+ TRUE);
+ }
+ } else {
+ /* nothing of interest for this fragment */
+ proto_tree_add_none_format(ft, *(fit->hf_fragment),
+ tvb, offset, fd->len,
+ "Frame:%u payload:%u-%u",
+ fd->frame,
+ offset,
+ offset+fd->len-1
+ );
+ }
+}
+
+/* This function will build the fragment subtree; it's for fragments
+ reassembled with "fragment_add()".
+
+ It will return TRUE if there were fragmentation errors
or FALSE if fragmentation was ok.
*/
-int
-show_fragment_tree(fragment_data *ipfd_head, fragment_items *fit, proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb)
+gboolean
+show_fragment_tree(fragment_data *fd_head, fragment_items *fit,
+ proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb)
{
- fragment_data *ipfd;
+ fragment_data *fd;
proto_tree *ft=NULL;
proto_item *fi=NULL;
@@ -1121,68 +1189,53 @@ show_fragment_tree(fragment_data *ipfd_head, fragment_items *fit, proto_tree *tr
fi = proto_tree_add_item(tree, *(fit->hf_fragments),
tvb, 0, -1, FALSE);
ft = proto_item_add_subtree(fi, *(fit->ett_fragments));
- for (ipfd=ipfd_head->next; ipfd; ipfd=ipfd->next){
- if (ipfd->flags & (FD_OVERLAP|FD_OVERLAPCONFLICT
- |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- /* this fragment has some flags set, create a subtree
- * for it and display the flags.
- */
- proto_tree *fet=NULL;
- proto_item *fei=NULL;
- int hf;
-
- if (ipfd->flags & (FD_OVERLAPCONFLICT
- |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
- hf = *(fit->hf_fragment_error);
- } else {
- hf = *(fit->hf_fragment);
- }
- fei = proto_tree_add_none_format(ft, hf,
- tvb, ipfd->offset, ipfd->len,
- "Frame:%u payload:%u-%u",
- ipfd->frame,
- ipfd->offset,
- ipfd->offset+ipfd->len-1);
- fet = proto_item_add_subtree(fei, *(fit->ett_fragment));
- if (ipfd->flags&FD_OVERLAP) {
- proto_tree_add_boolean(fet,
- *(fit->hf_fragment_overlap), tvb, 0, 0,
- TRUE);
- }
- if (ipfd->flags&FD_OVERLAPCONFLICT) {
- proto_tree_add_boolean(fet,
- *(fit->hf_fragment_overlap_conflict),
- tvb, 0, 0,
- TRUE);
- }
- if (ipfd->flags&FD_MULTIPLETAILS) {
- proto_tree_add_boolean(fet,
- *(fit->hf_fragment_multiple_tails), tvb, 0, 0,
- TRUE);
- }
- if (ipfd->flags&FD_TOOLONGFRAGMENT) {
- proto_tree_add_boolean(fet,
- *(fit->hf_fragment_too_long_fragment),
- tvb, 0, 0,
- TRUE);
- }
- } else {
- /* nothing of interest for this fragment */
- proto_tree_add_none_format(ft, *(fit->hf_fragment),
- tvb, ipfd->offset, ipfd->len,
- "Frame:%u payload:%u-%u",
- ipfd->frame,
- ipfd->offset,
- ipfd->offset+ipfd->len-1
- );
+ for (fd=fd_head->next; fd; fd=fd->next)
+ show_fragment(fd, fd->offset, fit, ft, tvb);
+
+ if (fd_head->flags & (FD_OVERLAPCONFLICT
+ |FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
+ if (check_col(pinfo->cinfo, COL_INFO)) {
+ col_add_fstr(pinfo->cinfo, COL_INFO,
+ "[Illegal %s]", fit->tag);
+ return TRUE;
}
}
- if (ipfd_head->flags & (FD_OVERLAPCONFLICT
+ return FALSE;
+}
+
+/* This function will build the fragment subtree; it's for fragments
+ reassembled with "fragment_add_seq()" or "fragment_add_seq_check()".
+
+ It will return TRUE if there were fragmentation errors
+ or FALSE if fragmentation was ok.
+*/
+gboolean
+show_fragment_seq_tree(fragment_data *fd_head, fragment_items *fit,
+ proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb)
+{
+ guint32 offset;
+ fragment_data *fd;
+ proto_tree *ft=NULL;
+ proto_item *fi=NULL;
+
+ /* It's not fragmented. */
+ pinfo->fragmented = FALSE;
+
+ fi = proto_tree_add_item(tree, *(fit->hf_fragments),
+ tvb, 0, -1, FALSE);
+ ft = proto_item_add_subtree(fi, *(fit->ett_fragments));
+ offset = 0;
+ for (fd=fd_head->next; fd; fd=fd->next){
+ show_fragment(fd, offset, fit, ft, tvb);
+ offset += fd->len;
+ }
+
+ if (fd_head->flags & (FD_OVERLAPCONFLICT
|FD_MULTIPLETAILS|FD_TOOLONGFRAGMENT) ) {
if (check_col(pinfo->cinfo, COL_INFO)) {
- col_set_str(pinfo->cinfo, COL_INFO,
- "[Illegal fragments]");
+ col_add_fstr(pinfo->cinfo, COL_INFO,
+ "[Illegal %s]", fit->tag);
return TRUE;
}
}
diff --git a/reassemble.h b/reassemble.h
index 7b3faf96a5..dbe333c8e1 100644
--- a/reassemble.h
+++ b/reassemble.h
@@ -1,7 +1,7 @@
/* reassemble.h
* Declarations of outines for {fragment,segment} reassembly
*
- * $Id: reassemble.h,v 1.8 2002/06/05 11:21:49 sahlberg Exp $
+ * $Id: reassemble.h,v 1.9 2002/06/07 10:11:41 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
@@ -184,6 +184,14 @@ typedef struct _fragment_items {
int *hf_fragment_multiple_tails;
int *hf_fragment_too_long_fragment;
int *hf_fragment_error;
+
+ char *tag;
} fragment_items;
-int
-show_fragment_tree(fragment_data *ipfd_head, fragment_items *fit, proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb);
+
+extern gboolean
+show_fragment_tree(fragment_data *ipfd_head, fragment_items *fit,
+ proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb);
+
+extern gboolean
+show_fragment_seq_tree(fragment_data *ipfd_head, fragment_items *fit,
+ proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb);