Ask Your Question

Revision history [back]

Is there an official documentation

Hi, ALL, This is my first post so please be gentle. ;-)

  1. Could someone point me to the official documentation that will explain the parameters of tvb_new_subset()/tvb_new_subset_length_caplen()?

Problem:

I'm trying to daisy-chain 2 dissectors. Both are written by our group. First one is successfully perform what needs to be done.

The size of the message is 3 bytes - first one is message type and then 2 bytes of data length that follow. The length of the data is successfully retrieved in the variable msg_len.

So I called:

next_tvb = tvb_new_subset( tvb, 3, msg_len, msg_len );

but this call will simply return from the parsing function and will not do anything.

If I try to call:

next_tvb = tvb_new_subset( tvb, 3, -1, -1 );

it succeeds.

However, I'm not sure that the second call is correct and that I wil get a proper data for the packet/message.

  1. Consider following scenario:

[code] new_tvb = tvb_new_subset(); // pass the data to second dissector if( !!handle ) handle = find_dissector(); if( handle ) call_dissector( handle, next_tvb, pinfo, tree ); [/code]

I presume that call_dissector() will call the dissect_XXX() function from the second dissector.

However, this is not the case.

Trying to set a breakpoint at that function - it never hit.

So what function will be called when executing call_dissector() API? Again - link to the official Wireshark documentation would be nice.

I'm looking for an official documentation or any official (meaning from the Wireshark site, and not 3rd party) references.

As you can see the dissectors are written in C and so I am looking for some guidance.

Thank you.

Is there an official documentation

Hi, ALL, This is my first post so please be gentle. ;-)

  1. Could someone point me to the official documentation that will explain the parameters of tvb_new_subset()/tvb_new_subset_length_caplen()?

Problem:

I'm trying to daisy-chain 2 dissectors. Both are written by our group. First one is successfully perform what needs to be done.

The size of the message is 3 bytes - first one is message type and then 2 bytes of data length that follow. The length of the data is successfully retrieved in the variable msg_len.

So I called:

next_tvb = tvb_new_subset( tvb, 3, msg_len, msg_len );

);

but this call will simply return from the parsing function and will not do anything.

If I try to call:

next_tvb = tvb_new_subset( tvb, 3, -1, -1 );

);

it succeeds.

However, I'm not sure that the second call is correct and that I wil get a proper data for the packet/message.

  1. Consider following scenario:

[code] [code]

new_tvb = tvb_new_subset();
// pass the data to second dissector
if( !!handle )
    handle = find_dissector();
if( handle )
    call_dissector( handle, next_tvb, pinfo, tree );

[/code]

I presume that call_dissector() will call the dissect_XXX() function from the second dissector.

However, this is not the case.

Trying to set a breakpoint at that function - it never hit.

So what function will be called when executing call_dissector() API? Again - link to the official Wireshark documentation would be nice.

I'm looking for an official documentation or any official (meaning from the Wireshark site, and not 3rd party) references.

As you can see the dissectors are written in C and so I am looking for some guidance.

Thank you.

Is there an official documentation

Hi, ALL, This is my first post so please be gentle. ;-)

  1. Could someone point me to the official documentation that will explain the parameters of tvb_new_subset()/tvb_new_subset_length_caplen()?tvb_new_subset()/tvb_new_subset_length_caplen()?

Problem:

I'm trying to daisy-chain 2 dissectors. Both are written by our group. First one is successfully perform what needs to be done.

The size of the message is 3 bytes - first one is message type and then 2 bytes of data length that follow. The length of the data is successfully retrieved in the variable msg_len.

So I called:

next_tvb = tvb_new_subset( tvb, 3, msg_len, msg_len );

but this call will simply return from the parsing function and will not do anything.

If I try to call:

next_tvb = tvb_new_subset( tvb, 3, -1, -1 );

it succeeds.

However, I'm not sure that the second call is correct and that I wil get a proper data for the packet/message.

  1. Consider following scenario:

[code]

new_tvb = tvb_new_subset(); // pass the data to second dissector if( !!handle ) handle = find_dissector(); if( handle ) call_dissector( handle, next_tvb, pinfo, tree );

[/code]

);

I presume that call_dissector() call_dissector() will call the dissect_XXX() dissect_XXX() function from the second dissector.

However, this is not the case.

Trying to set a breakpoint at that function - it never hit.

So what function will be called when executing call_dissector() call_dissector() API? Again - link to the official Wireshark documentation would be nice.

I'm looking for an official documentation or any official (meaning from the Wireshark site, and not 3rd party) references.

As you can see the dissectors are written in C and so I am looking for some guidance.

Thank you.

Is there an official documentation

Hi, ALL, This is my first post so please be gentle. ;-)

  1. 1) Could someone point me to the official documentation that will explain the parameters of tvb_new_subset()/tvb_new_subset_length_caplen()?

Problem:

I'm trying to daisy-chain 2 dissectors. Both are written by our group. First one is successfully perform what needs to be done.

The size of the message is 3 bytes - first one is message type and then 2 bytes of data length that follow. The length of the data is successfully retrieved in the variable msg_len.

So I called:

next_tvb = tvb_new_subset( tvb, 3, msg_len, msg_len );

but this call will simply return from the parsing function and will not do anything.

If I try to call:

next_tvb = tvb_new_subset( tvb, 3, -1, -1 );

it succeeds.

However, I'm not sure that the second call is correct and that I wil get a proper data for the packet/message.

  1. 2) Consider following scenario:

    new_tvb = tvb_new_subset();
    // pass the data to second dissector
    if( !!handle )
        handle = find_dissector();
    if( handle )
        call_dissector( handle, next_tvb, pinfo, tree );

);

I presume that call_dissector() will call the dissect_XXX() function from the second dissector.

However, this is not the case.

Trying to set a breakpoint at that function - it never hit.

So what function will be called when executing call_dissector() API? Again - link to the official Wireshark documentation would be nice.

I'm looking for an official documentation or any official (meaning from the Wireshark site, and not 3rd party) references.

As you can see the dissectors are written in C and so I am looking for some guidance.

Thank you.

Is there an official documentation

Hi, ALL, This is my first post so please be gentle. ;-)

1) Could someone point me to the official documentation that will explain the parameters of tvb_new_subset()/tvb_new_subset_length_caplen()?

Problem:

I'm trying to daisy-chain 2 dissectors. Both are written by our group. First one is successfully perform what needs to be done.

The size of the message is 3 bytes - first one is message type and then 2 bytes of data length that follow. The length of the data is successfully retrieved in the variable msg_len.

So I called:

next_tvb = tvb_new_subset( tvb, 3, msg_len, msg_len );

but this call will simply return from the parsing function and will not do anything.

If I try to call:

next_tvb = tvb_new_subset( tvb, 3, -1, -1 );

it succeeds.

However, I'm not sure that the second call is correct and that I wil get a proper data for the packet/message.

2) Consider following scenario:

new_tvb = tvb_new_subset();
// pass the data to second dissector
if( !!handle )
    handle = find_dissector();
if( handle )
    call_dissector( handle, next_tvb, pinfo, tree );

I presume that call_dissector() will call the dissect_XXX() function from the second dissector.

However, this is not the case.

Trying to set a breakpoint at that function - it never hit.

So what function will be called when executing call_dissector() API? Again - link to the official Wireshark documentation would be nice.

I'm looking for an official documentation or any official (meaning from the Wireshark site, and not 3rd party) references.

As you can see the dissectors are written in C and so I am looking for some guidance.

Thank you.