This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

ascii value display

0

how to display character value for a field in my protocol dissection ?i am getting the decimal value ,but want to convert to a character..plz explain

asked 27 May '13, 03:37

ajain's gravatar image

ajain
146711
accept rate: 0%

edited 27 May '13, 04:46


One Answer:

3

Use FT_STRING field type. Here is an example taken from doc/README.developer:

static hf_register_info hf[] = {
    {&hf_cstring,
     {"C String", "c.string", FT_STRING, BASE_NONE, NULL, 0x0,
      NULL, HFILL}
     }
   };

/**

  • Dissect a buffer containing ASCII C strings.

  • @param tvb The buffer to dissect.

  • @param pinfo Packet Info.

  • @param tree The protocol tree. **/ static void dissect_cstr(tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree) { guint offset = 0; while(offset < tvb_reported_length(tvb)) { gint available = tvb_reported_length_remaining(tvb, offset); gint len = tvb_strnlen(tvb, offset, available);

    if( -1 == len ) {
        /* we ran out of data: ask for more */
        pinfo-&gt;desegment_offset = offset;
        pinfo-&gt;desegment_len = DESEGMENT_ONE_MORE_SEGMENT;
        return;
    }
    
    col_set_str(pinfo-&gt;cinfo, COL_INFO, &quot;C String&quot;);
    
    len += 1; /* Add one for the &#39;\0&#39; */
    
    if (tree) {
        proto_tree_add_item(tree, hf_cstring, tvb, offset, len,
            ENC_ASCII|ENC_NA);
    }
    offset += (guint)len;
    

    }

    /* if we get here, then the end of the tvb coincided with the end of a string. Happy days. */ }

See doc/README.developer or search for FT_STRING usage in the source code for more information.

answered 27 May ‘13, 05:10

Pascal%20Quantin's gravatar image

Pascal Quantin
5.5k1060
accept rate: 30%