Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Here is answer to what's happening but not a solution to the problem. Sorry.

epan/dissectors/packet-bthci_evt.c is expecting an extra chunk of data:

static gint
dissect_bthci_evt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
{
...
    /* Reject the packet if data is NULL */
    if (data == NULL)
        return 0;

When it's normally called (epan/dissectors/packet-hci_usb.c) that data is provided:

        case 1:
            call_dissector_with_data(bthci_evt_handle, next_tvb, pinfo, tree, bluetooth_data);
            break;


The Wireshark Lua (wslua) does not support the extra parameter when calling a dissector. From the WSDG:

11.6.1.3. dissector:call(tvb, pinfo, tree) Calls a dissector against a given packet (or part of it).

Arguments
tvb - The buffer to dissect.
pinfo - The packet info.
tree - The tree on which to add the protocol items.
Returns - Number of bytes dissected. Note that some dissectors always return number of bytes in incoming buffer, so be aware.

And the call in wslua (epan/wslua/wslua_dissector.c):

WSLUA_METHOD Dissector_call(lua_State* L) {
    /* Calls a dissector against a given packet (or part of it). */
#define WSLUA_ARG_Dissector_call_TVB 2 /* The buffer to dissect. */
#define WSLUA_ARG_Dissector_call_PINFO 3 /* The packet info. */
#define WSLUA_ARG_Dissector_call_TREE 4 /* The tree on which to add the protocol items. */

    Dissector volatile d = checkDissector(L,1);
    Tvb tvb = checkTvb(L,WSLUA_ARG_Dissector_call_TVB);
    Pinfo pinfo = checkPinfo(L,WSLUA_ARG_Dissector_call_PINFO);
    TreeItem ti = checkTreeItem(L,WSLUA_ARG_Dissector_call_TREE);
    const char *volatile error = NULL;
    int len = 0;

    if (! ( d && tvb && pinfo) ) return 0;

    TRY {
        len = call_dissector(d, tvb->ws_tvb, pinfo->ws_pinfo, ti->tree);
...

Here is answer to what's happening but not a solution to the problem. Sorry.

epan/dissectors/packet-bthci_evt.c is expecting an extra chunk of data:

static gint
dissect_bthci_evt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
{
...
    /* Reject the packet if data is NULL */
    if (data == NULL)
        return 0;

When it's normally called (epan/dissectors/packet-hci_usb.c) that data is provided:

  case 1:
        call_dissector_with_data(bthci_evt_handle, next_tvb, pinfo, tree, bluetooth_data);
        break;
 


The Wireshark Lua (wslua) does not support the extra parameter when calling a dissector. From the WSDG:

11.6.1.3. dissector:call(tvb, pinfo, tree) Calls a dissector against a given packet (or part of it).

Arguments
tvb - The buffer to dissect.
pinfo - The packet info.
tree - The tree on which to add the protocol items.
Returns - Number of bytes dissected. Note that some dissectors always return number of bytes in incoming buffer, so be aware.

And the call in wslua (epan/wslua/wslua_dissector.c):

WSLUA_METHOD Dissector_call(lua_State* L) {
    /* Calls a dissector against a given packet (or part of it). */
#define WSLUA_ARG_Dissector_call_TVB 2 /* The buffer to dissect. */
#define WSLUA_ARG_Dissector_call_PINFO 3 /* The packet info. */
#define WSLUA_ARG_Dissector_call_TREE 4 /* The tree on which to add the protocol items. */

    Dissector volatile d = checkDissector(L,1);
    Tvb tvb = checkTvb(L,WSLUA_ARG_Dissector_call_TVB);
    Pinfo pinfo = checkPinfo(L,WSLUA_ARG_Dissector_call_PINFO);
    TreeItem ti = checkTreeItem(L,WSLUA_ARG_Dissector_call_TREE);
    const char *volatile error = NULL;
    int len = 0;

    if (! ( d && tvb && pinfo) ) return 0;

    TRY {
        len = call_dissector(d, tvb->ws_tvb, pinfo->ws_pinfo, ti->tree);
...

Here is answer to what's happening but not a solution to the problem. Sorry.

epan/dissectors/packet-bthci_evt.c is expecting an extra chunk of data:

static gint
dissect_bthci_evt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
{
...
    /* Reject the packet if data is NULL */
    if (data == NULL)
        return 0;

When it's normally called (epan/dissectors/packet-hci_usb.c) that data is provided:

   case 1:
       call_dissector_with_data(bthci_evt_handle, next_tvb, pinfo, tree, bluetooth_data);
       break;


The Wireshark Lua (wslua) does not support the extra parameter when calling a dissector. From the WSDG:

11.6.1.3. dissector:call(tvb, pinfo, tree) Calls a dissector against a given packet (or part of it).

Arguments
tvb - The buffer to dissect.
pinfo - The packet info.
tree - The tree on which to add the protocol items.
Returns - Number of bytes dissected. Note that some dissectors always return number of bytes in incoming buffer, so be aware.

And the call in wslua (epan/wslua/wslua_dissector.c):

WSLUA_METHOD Dissector_call(lua_State* L) {
    /* Calls a dissector against a given packet (or part of it). */
#define WSLUA_ARG_Dissector_call_TVB 2 /* The buffer to dissect. */
#define WSLUA_ARG_Dissector_call_PINFO 3 /* The packet info. */
#define WSLUA_ARG_Dissector_call_TREE 4 /* The tree on which to add the protocol items. */

    Dissector volatile d = checkDissector(L,1);
    Tvb tvb = checkTvb(L,WSLUA_ARG_Dissector_call_TVB);
    Pinfo pinfo = checkPinfo(L,WSLUA_ARG_Dissector_call_PINFO);
    TreeItem ti = checkTreeItem(L,WSLUA_ARG_Dissector_call_TREE);
    const char *volatile error = NULL;
    int len = 0;

    if (! ( d && tvb && pinfo) ) return 0;

    TRY {
        len = call_dissector(d, tvb->ws_tvb, pinfo->ws_pinfo, ti->tree);
...

Sample capture (btsnoop_hci_20210205_105229.log) with the Bluetooth HCI H4 protocol attached to 17236: [Tshark] - Missing bluetooth protocol details