Wireshark mailing list archives

Re: Duplicate dissectors error

From: Guy Harris <guy () alum mit edu>
Date: Mon, 29 Aug 2016 19:43:06 -0700

On Aug 29, 2016, at 7:05 PM, Guy Harris <guy () alum mit edu> wrote:

On Aug 29, 2016, at 6:09 PM, Michael Mann <mmann78 () netscape net> wrote:

Yes, that's the main side effect, and if all the registering is with proprietary dissectors, it's your users that 
have to deal with it.
Solutions are:
1. Change dissector table to allow duplicates.
2. Create "placeholder" protocols (you'll see a few examples in native Wireshark dissectors) so that each can show 
up differently in Decode As.


Or

3. In dissector_add_for_decode_as(), if you find an entry in the list of "for decode as" handles for the same handle 
it was asked to add, just silent ignore the request to add it.

That way, if the same handle is added multiple times - for example, if that handle is used for multiple different 
keys in a dissector table, so that dissector_add_for_decode_as() is called multiple times for that handle and that 
dissector table - there's never any output.

If that means we can get rid of the allow_dup_proto flag, great!


Actually, it's uglier than that.

For example, the GTPv2 dissector module registers a bunch of dissectors for particular Diameter AVPs with the GTPv2 
protocol, even though they're not actually dissecting GTPv2 packets.  Those are, I suspect, unlikely to be of any use 
with "Decode As" - they don't correspond to "decode this AVP's value as a GTPv2" dissectors - and they don't deserve 
protocols of their own.

That causes some "duplicate" registrations, none of which really need to be done - not even the first of them!

So we probably either 1) need to have a way of marking dissector tables as "doesn't need Decode As" or 2) marking a 
registration in a dissector table as "this isn't useful for Decode As".
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Duplicate dissectors error Juan Jose Martin Carrascosa (Aug 29)
- Re: Duplicate dissectors error Guy Harris (Aug 29)
  - Re: Duplicate dissectors error Juan Jose Martin Carrascosa (Aug 29)
    - Re: Duplicate dissectors error Michael Mann (Aug 29)
    - Re: Duplicate dissectors error Guy Harris (Aug 29)
    - Re: Duplicate dissectors error Guy Harris (Aug 29)
    - Re: Duplicate dissectors error Michael Mann (Aug 29)
    - Re: Duplicate dissectors error Guy Harris (Aug 29)
    - Re: Duplicate dissectors error Juan Jose Martin Carrascosa (Aug 30)