Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Requesting feedback and help on a WIP merge request

From: David Perry <boolean263 () gmail com>
Date: Wed, 23 Jun 2021 10:45:38 -0400
Hello all! I'm writing to request fresh eyes, and possibly hands, on a somewhat significant potential change to Wireshark.
There's an old bug, 14329, requesting support for multiple comments per packet. I've got a proposed solution in merge request #2859: Instead of creating new fields on wtap_rec for every block option type we want to know (currently comments, packet verdicts, and most recently added, custom packet options), act on the code comment in wiretap/wtap.h that suggests "this should become a full set of options", and carry a stripped down wtap_block that can be queried for its options with existing methods that act on wtap_blocks. 

Bug: https://gitlab.com/wireshark/wireshark/-/issues/14329
MR: https://gitlab.com/wireshark/wireshark/-/merge_requests/2859
I've done nearly as much as I can on this over the past month or so, and it's maybe 85% complete. It currently supports: 

* Loading and saving pcapng files with multiple packet comments
* Editing existing comments in the GUI
* Adding new comments in the GUI and in editcap
* Removing specific comments in the GUI
* Handles packet verdicts as pcapng options
* Handles custom packet options (currently untested; that code was new to me this morning) 

Issues that still need resolution:

* Memory leak on multi-pass analysis
* sharkd's role is a mystery to me
* Other file formats that support comments (I did what I could with ERF)
* Lua support for multiple comments
* The Lua API in general for this revised approach
... and of course, whether this approach would even be accepted into Wireshark. I personally think this is a natural evolution of the code, and I've worked to try and demonstrate how that would look.
I unfortunately have not been able to get it to 100% on my own, but I hope that I've done enough to start a conversation. I'd be grateful for any help to address the issues above, and anything I may have missed. 

Thanks in advance for your time and consideration,

David
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: