Ask Your Question

I have built a custom wireshark plugin on Windows but when I try to use this on an another installed wireshark version by copying the dll file, it fails to load

asked 2020-04-22 05:52:28 +0000

Sriram R gravatar image

updated 2020-04-22 05:53:34 +0000

I have already built a custom plugin and compiled it using the source files of Wireshark 3.2. I want to use this plugin on another wireshark version which has been installed. So, I copied the dll file from my build to the current wireshark plugin folder. But when I launch application, I get the following error-

"The procedure entry point new_create_dissector_handle could not be located in the dynamic link library C:\Program Files\Wireshark\plugins\3.2\epan\<plugin_name>.dll"

If I try to alter the "new_create_dissector_handle" function, I get errors in compilation. So, how can I resolve this issue to load my plugin using the dll file?

Thank you

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2020-04-22 09:13:21 +0000

Jaap gravatar image

Somehow you've mixed up versions, because new_create_dissector_handle() went away 4 years ago in Wireshark 2.2, see this change.

edit flag offensive delete link more


Which function should be used instead of new_create_dissector_handle()?

Sriram R gravatar imageSriram R ( 2020-04-22 09:42:23 +0000 )edit

The contents of the macro that was removed, i.e. create_dissector_handle()

grahamb gravatar imagegrahamb ( 2020-04-22 10:09:40 +0000 )edit

But when I use the create_dissector_handle() function, I get the following error- epan\packet.c(3103,1): warning C4029: declared formal parameter list different from definition

Is there a workaround for this?

Sriram R gravatar imageSriram R ( 2020-04-22 11:34:03 +0000 )edit

Yes. Update your dissector to conform to the current function argument specifications.

The dissector registration functions changed a long time ago. For some interleaving period there were the compatibility macros to ease transition, that period has ended.

To see what the functions should look like, read README.dissector in the source "doc" directory, or look at the source of any of the plugins in the source tree.

grahamb gravatar imagegrahamb ( 2020-04-22 11:58:12 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2020-04-22 05:52:28 +0000

Seen: 1,552 times

Last updated: Apr 22 '20