Ask Your Question

Unable to compile wireshark plugin on windows 10

asked 2020-03-16 08:47:30 +0000

Sriram R gravatar image

updated 2020-03-16 11:02:53 +0000

grahamb gravatar image

I'm getting the following error while trying to build a plugin for wireshark 3.2.1 on my PC (windows 10)

C:\Users\ravishas\Desktop\wsnew\plugins\epan\expand\packet-expand.c(778,43): warning C4113: 'void (__cdecl *)(tvbuff_t *,packet_info *,proto_tree *)' differs in parameter lists from 'dissector_t' [C:\Development\build_try\plugins\epan\expand\expand.vcxproj]

C:\Users\ravishas\Desktop\wsnew\plugins\epan\expand\packet-expand.c(778,43): warning C4133: 'function': incompatible types - from 'void (__cdecl *)(tvbuff_t *,packet_info *,proto_tree *)' to 'dissector_t' [C:\Development\build_try\plugins\epan\expand\expand.vcxproj]

There seems to be an error in the parameter list for the dissector_t and create_dissector_handle functions. I tried using the new_create_dissector_handle function too but the error remains. What else is the error? How can it be rectified?

Thanks a lot

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2020-03-16 12:55:54 +0000

grahamb gravatar image

The code in your plugin likely doesn't conform to the requirements of the Wireshark API, in particular your dissector function doesn't have the correct signature. A dissector function must have a dissector_t signature, this is defined as:

typedef int (*dissector_t)(tvbuff_t *, packet_info *, proto_tree *, void *);

So your function should be something like:

static int dissect_my_protocol(tvbuff_t *, packet_info *, proto_tree *, void *data) { ... }

From the error messages I suspect your code is missing the final parameter for dissector data. If you won't be using it, simply define it as void * without a name.

edit flag offensive delete link more


Since I am not passing any data, I have passed the final parameter as " void * " but I still get the same error

Sriram R gravatar imageSriram R ( 2020-03-16 13:58:07 +0000 )edit

Can you share your plug-in code, or at least the definition of your dissector function and the registration calls?

grahamb gravatar imagegrahamb ( 2020-03-16 14:12:06 +0000 )edit

Since I am not passing any data, I have passed the final parameter as " void * " but I still get the same error

What do you mean, you passed the final parameter as "void * "? Your function needs to be declared with a void *data argument, but you don't pass "void *" to it, you pass NULL if you're calling the function without any data.

By the way, if the data isn't used, you should declare your function with the data marked as unused, like so:

static int dissect_my_protocol(tvbuff_t *, packet_info *, proto_tree *, void *data _U_) { ... }
cmaynard gravatar imagecmaynard ( 2020-03-16 15:15:08 +0000 )edit

Here are my function definitions

static int dissect_expand(tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree, void *data _U_)

void proto_reg_handoff_expand(void) { /** the handle for the dynamic dissector */ dissector_handle_t expand_handle;

expand_handle = new_create_dissector_handle(dissect_expand, proto_register_expand, NULL); 
dissector_add_uint("udp.port", expand_PORT, expand_handle);
dissector_handle_t new_create_dissector_handle(dissector_t dissector, const int proto, void *data _U_)
    return new_dissector_handle(DISSECTOR_TYPE_SIMPLE, dissector, proto, NULL, NULL);

static dissector_handle_t new_dissector_handle(enum dissector_e type, void *dissector, const int proto, const char *name, void *cb_data)
    struct dissector_handle *handle; handle = wmem_new(wmem_epan_scope(), struct dissector_handle); 
    handle->name = name;
    handle->dissector_type = type;
    handle->dissector_func = dissector;
    handle->dissector_data = cb_data;
    handle->protocol = find_protocol_by_id(proto);
    return handle;

I have added the void * parameter to the definition and passed NULL as the actual parameter but I still get the following error

C:\Users\ravishas\Desktop\wsnew\plugins\epan\expand\packet-expand.c(779,70): warning C4047: 'function': 'const int' differs in levels of indirection from 'void (__cdecl *)(void)' [C:\Development\build_ try\plugins\epan\expand\expand.vcxproj ...
Sriram R gravatar imageSriram R ( 2020-03-17 05:41:34 +0000 )edit

Not entirely sure what you're trying to do there, you should follow the example in the gryphon plugin in the source tree and in the proto_reg_handoff_expand() function, call create_dissector_handle() followed by dissector_add_uint().

grahamb gravatar imagegrahamb ( 2020-03-17 08:12:04 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2020-03-16 08:47:30 +0000

Seen: 235 times

Last updated: Mar 16 '20