Hi, I am having problems displaying hf's whose type is greater than FT_UINT40 (ie FT_UINT48, 56, and most annoyingly 64). Hf in question: { &hf_ieee802154g_aux_sec_key_source64, { "Key Source", "wpantemp.aux_sec.key_source_64", FT_UINT64, BASE_HEX, NULL, 0x0, "Key Source for processing of the protected frame", HFILL } }, I originally developed my dissector with the GTK developer version and had no problem, but now when I copy the plugin into c:\"Program Files"\Wireshark\plugins\1.12.6, and run the executable I get the error (for FT_UINT64 in the "Key Source" hf) 11:31:29: Err Field 'Key Source' (wpantemp.aux_sec.key_source_64) is signed (FT_UINT24) but is being displayed as unsigned (BASE_HEX). If I change the FT_UINT64 to 54, the error changes to FT_UINT16, and also for FT_UINT48 and FT_UINT8. I have commented out the part in the code that adds an item with this header format, and I still get the error so I am very confused. Any thoughts? asked 21 Jul '15, 11:50  j-demars |
One Answer:
You are compiling your plugin with Wireshark master branch (aka Wireshark 1.99.x), and then trying to run the compiled plugin with master-1.12 branch (aka Wireshark 1.12.x). This cannot work as there is no stable API between major versions that would allow a single plugin to run on all releases. We do ensure compatibility between minor releases though (all 1.12.x versions for example). What you need to do is compile your plugin against each Wireshark version you intend to use. Which means compiling it both with master and master-1.12 branch in your case. And at the same time adapt / modify your code so that it can compile with each branch (as APIs can change or some functionalities could be missing in older branch). PS: for reference your issue comes from the fact that ftenum enum definition changed between both branches, with new values inserted between FT_UINT32 and FT_UINT64, and between FT_INT32 and FT_INT64. But many other changes were done in master branch. answered 21 Jul '15, 12:35  Pascal Quantin edited 21 Jul '15, 12:44 showing 5 of 6 show 1 more comments |
Thank you for the answer! I am wondering how I can go about compiling it with a specific branch? Is there some variable I need to change in a makefile?
You need to checkout the corresponding branch using 'git checkout master-1.12' command if you are a git clone, or download the corresponding tarball. Then add your plugin in the source code (as you did with master branch) and recompile it.
When you say add the plugin to the source code what specifically do you mean? I think I may have done it wrong in the first place. Recompile wireshark or the plugin? And then what executable do I use?
To compile your plugin the first time, you downloaded at least the Wireshark header files from master branch (or most probably the full source code). If you want to compile a plugin that runs on Wireshark 1.12.6, you need to recompile your plugin against the header files of master-1.12 branch. So execute the same steps as before, but with another Wireshark code base (I can hardly be more precise without knowing the procedure you used in the first place).
I figured it out. Thank you so much!
@j-demars
If an answer has solved your issue, please accept the answer for the benefit of other users by clicking the checkmark icon next to the answer. Please read the FAQ for more information.