Re: My first dissector

[Pascal Quantin <pascal.quantin () gmail com>]

2015-04-15 12:53 GMT+02:00 <14l0yt+90c01y4cprdtg () guerrillamail com>:

> Dear all,
>
> (Sorry for double posting, but I got no response on the users mailing
> list, so I thought maybe this list is actually more appropriate)
>
> I'm trying to write my first Wireshark dissector. As an example, I looked
> at http://protomatics.com/wireshark_dissector.html and the nice Wireshark
> Wiki pages.
>
> I have installed on my Mac a Homebrew version of wireshark in:
> /usr/local/Cellar/wireshark/1.12.4/
>
> I checked out the v1.12.4 version in git:
> $ git status
> HEAD detached at v1.12.4
>
> If I copy the created .so file to
> /usr/local/Cellar/wireshark/1.12.4/lib/wireshark/plugins/1.12.4/
> and start wireshark-qt, the program terminates with:
> ERROR:/Users/sjaak/WiresharkPlugins/wireshark/epan/wmem/wmem_scopes.c:124:wmem_epan_scope:
> assertion failed: (epan_scope)
> Abort trap: 6 (core dumped)
>
> I hope there's somebody out there who can easily see what's wrong? I don't
> know if I'm doing something wrong or there's a problem with the code.
>
> Thanks,
> Sjaak.
>
>
> I modified a few makesfiles and used cmake to build everything. That part
> seems to work fine (no errors and I get an .so file in the 'run' folder).
>
> I have these files in the wireshark/plugins/mytest folder:
> CMakeLists.txt                  Makefile.nmake
> packet-mytest.c
> Makefile.am                     moduleinfo.h                    plugin.c
> Makefile.common                 moduleinfo.nmake
> plugin.rc.in
>
> And packet-mytest.c looks like this:
>
>
> #include "config.h"
>
> #include <epan/packet.h>
>
> #define MYTEST_PORT 1234
>
> static int proto_mytest_10 = -1;
> static gint ett_mytest_10 = -1;
>
> static void dissect_mytest10(tvbuff_t *tvb, packet_info *pinfo, proto_tree
> *tree)
> {
>     col_set_str(pinfo->cinfo, COL_PROTOCOL, "MYTEST10");
>     col_clear(pinfo->cinfo, COL_INFO);
>
>     if (tree)
>     {
>         proto_item *ti = proto_tree_add_item(tree, proto_mytest_10, tvb,
> 0, -1, FALSE);
>         tree = proto_item_add_subtree(ti, ett_mytest_10);
>     }
> }
>
> void proto_register_mytest10(void)
> {
>     /* Setup protocol subtree array */
>     static int *ett[] = { &ett_mytest_10 };
>
>     proto_mytest_10 = proto_register_protocol(
>         "MYTEST v1.0 Protocol", // name
>         "MYTEST10", // short name
>         "mytest10"); // abbrev
>
>     proto_register_subtree_array(ett, array_length(ett));
> }
>
> void proto_reg_handoff_mytest10(void)
> {
>     static dissector_handle_t mytest10_handle;
>
>     mytest10_handle = create_dissector_handle(dissect_mytest10,
> proto_mytest_10);
>     dissector_add_uint("tcp.port", MYTEST10_PORT, mytest10_handle);
> }
Hi Sjaak,

you probably did not share all the info as this code compiles and run fine
on my end (Windows 7 with MSVC2013, does not crash as startup when loading
the plugin).
First of all, does Wireshark start properly without your plugin?
If yes, could you share the backtrace (as the wmem assert, by its own, is
not that helpful without the context)?
BTW it should be noted that Qt GUI support is quite experimental (and
abandoned) in master-1.12 branch. It would be safer to either use GTK in
this branch, or switch to master branch if you want to stick to Qt.

Best regards,
Pascal.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe