Re: Calling a dissector: Type for data parameter

[Graham Bloice <graham.bloice () trihedral com>]

When I made that change to MQTT I failed to notice that it called other
dissectors with different data pointers, and although specifically modified
for SparkplugB, felt that passing the topic as data was sufficiently
general to be useful.

As others have noted, I guess the issue here is that to be more specific
about when to call a sub-dissector those sub-dissectors need to register
with the "parent" dissector using arbitrary fields and arbitrary values to
determine when and how the sub-dissector should be called.

A more minimal solution could be for MQTT to declare an enum of "data"
pointer types and a special registration routine and sub-dissectors
register with that routine passing in one of the enum types and then in
MQTT before calling a sub-dissector check that "data pointer type" table.

On Sat, 29 May 2021 at 08:33, Anders Broman <a.broman58 () gmail com> wrote:

> Hi,
> Yes the method is fragile. At the time of development I think it was
> proposed to pass a struct containing a string and the void pointer where
> the string could be used as a identifier. But that was voted down.
> Regards
> Anders
>
> Den lör 29 maj 2021 09:26Guy Harris <gharris () sonic net> skrev:
>
> > On May 29, 2021, at 12:12 AM, Anders Broman <a.broman58 () gmail com> wrote:
> >
> > > Shouldn't the caller be calling with the right data type or NULL? So a
> > bug in the MQTT disector?
> >
> > How can the MQTT dissector determine what the right data type *is* -
> > especially given that the dissectors aren't wired in, there's a UAT
> > preference that lets the user configure it.
> >
> > This is where the current mechanism for passing data between dissectors
> > goes crashing to the ground.
> >
> > MQTT passes a topic string, which is just a string, to the dissectors it
> > calls.
> >
> > JSON expects to be passed a pointer to an http_message_info_t.
> >
> > JSON registers its non-heuristic dissector by name, and allows it to be
> > used with Decode As... for UDP ports.
> >
> > It might *look* safe if you check the UDP dissector and the dissectors
> > that use "media_type" and "grpc_message_type", but the "registers its
> > non-heuristic dissector by name" mean there are no guarantees, given that
> > another dissector that passes a pointer to something *other* than an
> > http_message_info_t to dissectors that are specified by name in a UAT.
> >
> > ___________________________________________________________________________
> > Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> > Archives:    https://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
> >              mailto:wireshark-dev-request () wireshark org
> > ?subject=unsubscribe
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org
> ?subject=unsubscribe


-- 
Graham Bloice
Software Developer
Trihedral UK Limited

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe