diff options
author | Sake Blok <sake@euronet.nl> | 2007-10-17 07:14:56 +0000 |
---|---|---|
committer | Sake Blok <sake@euronet.nl> | 2007-10-17 07:14:56 +0000 |
commit | 7b5113c2a45c1038e4fbea894d3896729c2b9aba (patch) | |
tree | c4ccc6f9f69b5f87654e07d06e783df2ac3a795c | |
parent | 74825dbc9bc4c41666b2b2f0cb8953eebbfce9d0 (diff) |
Fix for bug 1542:
When a SYN/ACK is missing in the capture, the base_seq used in
relative sequence numbers was not set correctly. I made the
setting of fwd->base_seq and rev->base_seq a little more solid.
svn path=/trunk/; revision=23213
-rw-r--r-- | epan/dissectors/packet-tcp.c | 26 |
1 files changed, 16 insertions, 10 deletions
diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c index 57ee3f334b..9b30e98417 100644 --- a/epan/dissectors/packet-tcp.c +++ b/epan/dissectors/packet-tcp.c @@ -537,18 +537,24 @@ printf("REV list lastflags:0x%04x base_seq:0x%08x:\n",tcpd->rev->lastsegmentflag /* if this is the first segment for this list we need to store the * base_seq + * + * Start relative seq and ack numbers at 1 if this + * is not a SYN packet. This makes the relative + * seq/ack numbers to be displayed correctly in the + * event that the SYN or SYN/ACK packet is not seen + * (this solves bug 1542) */ if(tcpd->fwd->base_seq==0){ - tcpd->fwd->base_seq=seq; - /* Only store reverse sequence if this isn't a handshake. - * There's no guarantee that the ACK field of a SYN - * contains zeros; get the ISN from the SYNACK instead. - */ - if(tcpd->rev->base_seq==0){ - if (!flags & TH_SYN){ - tcpd->rev->base_seq=ack; - } - } + tcpd->fwd->base_seq = (flags & TH_SYN) ? seq : seq-1; + } + + /* Only store reverse sequence if this isn't the SYN + * There's no guarantee that the ACK field of a SYN + * contains zeros; get the ISN from the first segment + * with the ACK bit set instead (usually the SYN/ACK). + */ + if( (tcpd->rev->base_seq==0) && (flags & TH_ACK) ){ + tcpd->rev->base_seq = (flags & TH_SYN) ? ack : ack-1; } |