Wireshark mailing list archives

Re: Parsing variable length protocol trailer

From: "Maynard, Chris" <Christopher.Maynard () GTECH COM>
Date: Tue, 27 Apr 2010 18:01:16 -0400

For those types of dissectors called in that manner, I don't know of any way directly to tell how many bytes were 
dissected, but you could have the calling dissector initialize a pinfo->private_data struct that contains a "number of 
bytes dissected" field initialized to zero.  Before the subdissector returns from the dissector_try_port/heuristic 
call, it can set that field to the actual number of bytes it was able to dissect, thus the caller can easily determine 
how many bytes remain.  And if this information is useful enough, then maybe a dedicated field is added to the 
packet_info struct for that purpose rather than using the private_data.

I don't know, maybe there's another easier & better way, but that's one potential solution that comes to mind.
- Chris


From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Edgar, Thomas
Sent: Tuesday, April 27, 2010 3:22 PM
To: 'wireshark-dev () wireshark org'
Subject: [Wireshark-dev] Parsing variable length protocol trailer

I have a variable length protocol trailer (which is only known by the end devices) to parse and there is no way to 
figure it out during the framing process.  Is there a way to determine how many bytes the subdissectors actually used 
or how many bytes are left unused after a return from dissector_try_port/heuristic?  Is there something in the tvbuff, 
packet_info, or proto_tree structures that would work?

Thanks,

Thomas W. Edgar




CONFIDENTIALITY NOTICE: The contents of this email are confidential
and for the exclusive use of the intended recipient. If you receive this
email in error, please delete it from your system immediately and 
notify us either by email, telephone or fax. You should not copy,
forward, or otherwise disclose the content of the email.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Parsing variable length protocol trailer Edgar, Thomas (Apr 27)
- Re: Parsing variable length protocol trailer Maynard, Chris (Apr 27)
- Re: Parsing variable length protocol trailer Stephen Fisher (Apr 27)
  - Re: Parsing variable length protocol trailer Maynard, Chris (Apr 28)
    - Re: Parsing variable length protocol trailer Guy Harris (Apr 28)