Wireshark mailing list archives
Re: Extracting field values in a C post-dissector
From: Guy Harris <guy () alum mit edu>
Date: Sun, 4 Sep 2016 19:23:44 -0700
On Sep 4, 2016, at 2:38 PM, Pascal Quantin <pascal.quantin () gmail com> wrote:
2016-09-04 23:36 GMT+02:00 Paul Offord <Paul.Offord () advance7 com>:Just to be clear what you mean. You are saying that I should submit a patch to change: extern int proto_registrar_get_id_byname(const char *field_name); to: WS_DLL_PUBLIC int proto_registrar_get_id_byname(const char *field_name); Is that correct?Yes, otherwise (as you stated) it cannot be called from a plugin. Such change would be part of Wireshark 2.4
That change is *already* part of Wireshark 2.4...
(as it is probably too late to merge this in Wireshark 2.2).
...and it's also part of Wireshark 2.2. That was done in change cdf9943717c9bb1cba7af381507b295b384e800b: Author: Guy Harris <guy () alum mit edu> Date: Mon Jan 4 13:14:08 2016 -0800 Don't walk the entire protocol tree to extract the value of one field. Instead, prime the epan_dissect_t's tree to look for rtp.ssrc, and extract that value with proto_get_finfo_ptr_array(). Also, have the filter used to check whether the packet is a candidate for RTP analysis to check for RTPv2 (and add a check for IPv4 or IPv6 back to the Qt version), and get rid of an unnecessary extra level of indirection for that string. In the Qt version, if findStreams() set the error string, don't overwrite it with a "No streams found." indication, and fix error handling for the "filter didn't compile" case. Change-Id: I09d0ea37ccd4806d99e3b6394f2a8a376e974705 Reviewed-on: https://code.wireshark.org/review/13045 Reviewed-by: Guy Harris <guy () alum mit edu> which was made before the 2.2 branch was created. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Extracting field values in a C post-dissector Paul Offord (Sep 04)
- Re: Extracting field values in a C post-dissector Pascal Quantin (Sep 04)
- Re: Extracting field values in a C post-dissector Paul Offord (Sep 04)
- Re: Extracting field values in a C post-dissector Pascal Quantin (Sep 04)
- Re: Extracting field values in a C post-dissector Paul Offord (Sep 04)
- Re: Extracting field values in a C post-dissector Pascal Quantin (Sep 04)
- Re: Extracting field values in a C post-dissector Guy Harris (Sep 04)
- Re: Extracting field values in a C post-dissector Paul Offord (Sep 04)
- Re: Extracting field values in a C post-dissector Pascal Quantin (Sep 04)
- <Possible follow-ups>
- Re: Extracting field values in a C post-dissector Guy Harris (Sep 04)
- Re: Extracting field values in a C post-dissector Paul Offord (Sep 05)
- Re: Extracting field values in a C post-dissector Paul Offord (Sep 05)
- Re: Extracting field values in a C post-dissector Paul Offord (Sep 06)
- Re: Extracting field values in a C post-dissector Paul Offord (Sep 09)
- Re: Extracting field values in a C post-dissector Paul Offord (Sep 06)