Wireshark mailing list archives
Re: removed functions fast way to find substitutes?
From: Semjon <semgo () web de>
Date: Fri, 21 Nov 2014 17:34:58 +0100
Am 21.11.2014 um 15:42 schrieb Bill Meier:
On 11/21/2014 9:29 AM, Pascal Quantin wrote:2014-11-21 14:06 GMT+01:00 Semjon <semgo-S0/GAf8tV78 () public gmane org <mailto:semgo-S0/GAf8tV78 () public gmane org>>: Am 21.11.2014 um 10:06 schrieb Guy Harris: > > On Nov 21, 2014, at 12:48 AM, Semjon <semgo-S0/GAf8tV78-XMD5yJDbdMReXY1tMh2IBg () public gmane org <mailto:GAf8tV78-XMD5yJDbdMReXY1tMh2IBg () public gmane org>> wrote: > >> One of my current problems is with >> >> tvb_get_faked_unicode(...) >> >> which isn't available anymore. >> In my Protocol I have some Ascii-encoded String but which comes as two >> bytes per character. Example: >> {0x0031, 0x0032, 0x0033, 0x0034, 0x0000} in tvb should display in >> GUI/Tree/PacketList as "1234" > > If that's truly ASCII-encoded, that would be a significant waste of bytes - you could just use one byte per character for ASCII; if the second byte is always zero, that byte serves no useful purpose. > > So I'll assume it's a *superset* of ASCII, and that you mean either "UTF-16 encoded string" or "UCS-2 encoded string" rather than "ASCII-encoded string which comes as two bytes per character". > > So: > >> I used to call: >> >> tvb_get_faked_unicode(NULL,tvb, 20, ((tvb_length(tvb)-20)/2),ENC_BIG_ENDIAN) >> >> and display result as %s in col_append_fstr() or as FT_STRING in >> proto_tree_add_string(). >> >> So could anyone give me a hint, is there a function still available for >> this type of encoding > > tvb_get_string_enc(tvb, {offset}, {length of string}, ENC_UTF_16|ENC_BIG_ENDIAN) > > or > > tvb_get_string_enc(tvb, {offset}, {length of string}, ENC_UCS_2|ENC_BIG_ENDIAN) > > depending on whether it's UTF-16 (with surrogate pairs to handle Unicode characters that don't fit in 16 bits) or UCS-2 (supporting only characters in the Unicode Basic Multilingual Plane, without surrogate pairs). > > Note that tvb_get_string_enc() returns a UTF-8-encoded string; octet sequences that can't be mapped to UTF-8 strings will be replaced by the Unicode "replacement character". > >> In general is there a fast/convenient way - other than manually looking >> through the sources after functions that might do what i want - to check >> if this function X is now replaced by function Y. > > No. You could check doc/README.developer, etc. to see if anything is mentioned. > >> Other examples I need to replace are: >> abs_time_to_ep_str() > > abs_time_to_str({wmem scope}, ...) > > The old "ephemeral" and "session" memory mechanisms are deprecated in favor of the new wmem mechanisms. The scope that's equivalent to "ephemeral" scope is, I think, packet scope (right, Evan?), so you'd want > > abs_time_to_str(wmem_packet_scope(), ...) > >> nstime_delta() > > Its replacement is called nstime_delta() and has the exact same arguments. :-) > > However, you need to include <wsutil/nstime.h> to get it declared. > Well thanks a lot everybody for helping. I could resolve almost all of my Problems with Your help. In fact the "ASCII encoded 2-byte-string" is a Unicode String shame on me :-) Unfortunately no luck with nstime_delta(). I already had included <wsutil/nstime.h> My call looks like this: proto_item *it; nstime_t ns; it=proto_tree_add_uint(xyz_tree, hf_xyz_response_to, tvb, 0, 0, xyz_trans->req_frame); PROTO_ITEM_SET_GENERATED(it); nstime_delta(&ns, &pinfo->fd->abs_ts, &xyz_trans->req_time); it=proto_tree_add_time(xyz_tree, hf_xyz_response_time, tvb, 0, 0, &ns); PROTO_ITEM_SET_GENERATED(it); It always generates errors LNK2019/LNK1120 ... unresolved external symbol "__imp__nstime_delta" in function ... Hope You have an idea here. I'm not really good in finding the necessary functions/files to include in such a big project and my search on the www on this was not successful. Hi, assuming that your proprietary dissector is a plugin, ensure that your makefile indicates the path to libwsutil. I guess you are on Windows, so your Makefile.nmake file should contain: !IFDEF ENABLE_LIBWIRESHARK LINK_PLUGIN_WITH= ..\..\wsutil\libwsutil.lib CFLAGS=$(CFLAGS)See plugins\ethercat for a dissector which uses nstime_delta() [in packet-esl.c]. Also: proto.h (#included by packet.h) #includes nstime.h so you need not explicitly include same. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev-IZ8446WsY0/dtAWm4Da02A () public gmane org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request-IZ8446WsY0/dtAWm4Da02A () public gmane org?subject=unsubscribe
This is what I have in my Makefile.nmake, all automatic generated: CFLAGS=/WX /DHAVE_CONFIG_H /I../.. $(GLIB_CFLAGS) \ /I$(PCAP_DIR)\include -D_U_="" $(LOCAL_CFLAGS) !IFDEF ENABLE_LIBWIRESHARK LINK_PLUGIN_WITH=..\..\epan\libwireshark.lib CFLAGS=/D_NEED_VAR_IMPORT_ $(CFLAGS) if I change it to what You suggested Pascal it throws loads of the LNK2010/LNK1120 errors so I'd rather stick with one of these errors and change it back :-) I'm running windows 7 pro 64 with MSVC2010EE and building the dissector as a dll-plugin win32 variant which worked fine until some wireshark source version. Yesterday I started using Wireshark 1.99.1 which itself without the plugin compiled without problems. Unfortunately I can't remember when nstime_delta startet making problems in my plugin as I didn't need it this bad so I just commented it out for later. I think it startet with the 1.11.x sources... You're right Bill even packet-tcp uses nstime_delta without including nstime.h explicitly. I compared ethercat to my dissector. Only difference I see is that Ethercat includes glib.h in packet-esl.c where nstime_delta is called. I don't include glib.h but it doesn't make a difference if I do I tried it. If there's some additional Info I could provide just tell me as I have no clue where to look at the moment :-( ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- removed functions fast way to find substitutes? Semjon (Nov 21)
- Re: removed functions fast way to find substitutes? Guy Harris (Nov 21)
- Re: removed functions fast way to find substitutes? Semjon (Nov 21)
- Re: removed functions fast way to find substitutes? Pascal Quantin (Nov 21)
- Re: removed functions fast way to find substitutes? Bill Meier (Nov 21)
- Re: removed functions fast way to find substitutes? Semjon (Nov 21)
- Re: removed functions fast way to find substitutes? Pascal Quantin (Nov 21)
- Re: removed functions fast way to find substitutes? Semjon (Nov 21)
- Re: removed functions fast way to find substitutes? Semjon (Nov 21)
- Re: removed functions fast way to find substitutes? Guy Harris (Nov 21)
- Re: removed functions fast way to find substitutes? Alexis La Goutte (Nov 21)