Re: Sub_dissectors assertion failed

[Scott <theerickson () gmail com>]

On Fri, May 21, 2010 at 3:18 PM, Guy Harris <guy () alum mit edu> wrote:
> So what protocols does your custom protocol run on top of?


For now the custom protocol is a dummy protocol that only contains a 32-bit
int and rides on top of the IP protocol rider (*it*).  I got the custom
protocol to show up in the packet detail window ok, although not how I
expected..


> > And what does dissector_try_port() do?  All I could tell is that it
> returns a gboolean.
>
> It takes, as arguments:
>
>        1) a handle for a dissector table that uses integral values as keys
> (it should really be dissector_try_uint(); the "port" is historical);
>
>        2) an integral value to use to select a dissector from that
> dissector table;
>
>        3) a tvbuff_t * that refers to a tvbuff with the data to be
> dissected by the selected dissector;
>
>        4) a packet_info *, which should be the one the dissector calling
> dissector_try_port() was handed;
>
>        5) a proto_tree *, which should be the one the dissector calling
> dissector_try_port() was handed.

When I called dissector_try_port() from the *it* IP rider protocol like
this:
dissector_try_port(subdissector_table, hf_[type switch], next_tvb, pinfo,
tree)

the dummy protocol didn't match correctly.  However, when I called it like
this:
dissector_try_port(subdissector_table, pinfo->destport, next_tvb, pinfo,
tree)

it matched fine.  This doesn't make a lot of sense to me (is it REALLY
matching on the port?) because the dummy custom protocol does:
dissector_add("[*it*].[type]", [macro], test_handle), which doesn't seem to
have anything to do with the port.


> > I mean *any protocol that runs atop IP* can follow it.
>
> Then you want to do what I suggested to find the right dissector for the
> following protocol - just get the "ip.proto" dissector table and use that.


Because the dummy protocol doesn't have a subdissectors table, the original
IP rider protocol needs to call dissector_try_port() again to grab the
dissectors for any protocols that may follow the dummy protocol (TCP, ICMP,
etc.).  Here's the code I have:
 /* dissector_try_port() call for the dummy protocol */

ip_dissector_table = find_dissector_table("ip.proto");
 next_tvb = tvb_new_subset(next_tvb, [macro for dummy proto length], -1,
-1);
dissector_try_port(ip_dissector_table, hf_[*it* field that is a copy of
ip.proto's], next_tvb, pinfo, tree);

But I assume nothing is matching because no protocols show up after the
dummy protocol in the packet details window.

-Scott

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe