This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

TVB reference from one tree to another CRASH while starting Wireshark

0

Hi iam trying to build custom protocol and i need to have 2 trees.

[-] Tree1 [-] subtree1 [-] subtree2

[-] Tree 2 (This tree's data is from tree1 's Subtree 2 ) [-] subtree1

i have used tvb reference and my code not working and facing runtime crash (i can Build, i have tried distclean and complete setup , distclean, all , still runtime crash ) can anyone help me whats wrong in my code. Advance Thanks!

 #define proto1_PORT XXX
 #define PROTO_TAG_proto1   "proto2"

static int registration_request_msg =0;

static int proto_proto1 = -1; static int proto_proto2 = -1; static dissector_handle_t data_handle; static dissector_handle_t proto1_handle;

static dissector_handle_t proto2_handle; static gint hf_proto1 = -1; static gint hf_proto2 = -1;

tvbuff_t *next_tvb;

static gint ett_proto1 = -1;

static gint ett_proto2 = -1;

static gint *ett[] = {

&ett_proto1, … … };

static gint *ett1[] = {

&ett_proto2, … …

};

void proto_register_proto1(void); void proto_reg_handoff_proto1(void); void proto_register_proto2(void); void proto_reg_handoff_proto2(void); void dissect_proto1(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree); void dissect_proto2(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);

void proto_reg_handoff_proto1(void) { static dissector_handle_t proto1_handle; proto1_handle = find_dissector("proto1"); proto1_handle = create_dissector_handle (dissect_proto1, proto_proto1); // sub_dissector_handle (dissect_proto2, proto_proto2); dissector_add_uint ("udp.port", proto1_PORT, proto1_handle); }

void proto_reg_handoff_proto2(void) { static dissector_handle_t proto2_handle; proto2_handle = find_dissector("proto2"); proto2_handle = create_dissector_handle (dissect_proto2, proto_proto2);

}

void proto_register_proto1 (void) {

static hf_register_info hf[] = { { &hf_proto1, { "proto1 ", "proto1.data", FT_NONE, BASE_NONE, NULL, 0x0,"proto1", HFILL }}, … … };

proto_proto1 = proto_register_protocol ("proto1 ", "proto1", "bplt");

proto_register_field_array (proto_proto1, hf, array_length (hf)); proto_register_subtree_array (ett, array_length (ett)); register_dissector("proto1", dissect_proto1, proto_proto1);

}

static void dissect_proto1(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {

proto_item *proto1_item = NULL; proto_item *proto1_sub_item = NULL; proto_tree *proto1_tree = NULL; proto_tree *proto1_sub_tree = NULL; proto_tree *proto1_header_tree = NULL;

if (tree) { /* we are being asked for details */ guint offset=0; proto_tree *checksum_tree; proto_item *checksum_ti; guint16 checksum, checksum_calculated; guint checksum_offset=0;

guint len=0; //guint available_length=0; guint length=0; guint reported_length=0; guint available_length=0; guint length_new=0;

col_set_str(pinfo->cinfo, COL_PROTOCOL, PROTO_TAG_proto1); col_clear(pinfo->cinfo,COL_INFO);

proto1_item = proto_tree_add_item(tree, proto_proto1, tvb, 0, -1, FALSE); proto1_tree = proto_item_add_subtree(proto1_item, ett_proto1); proto1_header_tree = proto_item_add_subtree(proto1_item, ett_proto1);

tvb_get_guint8( tvb, offset );
len = tvb_length(tvb) -offset ; len=len-2;

proto_tree_add_item(proto1_sub_tree, hf_proto1_lesp_data, tvb, offset, len, ENC_LITTLE_ENDIAN); offset += len; length = tvb_length(tvb); reported_length = tvb_reported_length(tvb);

next_tvb = tvb_new_subset(tvb, offset, len, -1);

call_dissector(proto2_handle, next_tvb, pinfo, tree);

 }

 }

 void proto_register_proto2 (void)
{

static hf_register_info hf[] = {
{ &hf_proto2,
{ "proto2 (Rx 2) ", "proto2.proto1",FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL }
},
{ &hf_SUBTREE,
{ "SUBTREE) ", "subtree1",FT_UINT8, BASE_HEX_DEC , NULL, 0x0, NULL, HFILL}
}

};

 proto_proto2 = proto_register_protocol ("proto2", "proto2", "proto_name");

 proto_register_field_array (proto_proto2, hf, array_length (hf));
 proto_register_subtree_array (ett1, array_length (ett1));

 }

 static void dissect_proto2(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
 {
 proto_item *proto2_item = NULL;
 proto_item *proto2_sub_item = NULL;
 proto_tree *proto2_tree = NULL;
 proto_tree *proto2_sub_tree = NULL;
 proto_tree *proto2_header_tree = NULL;

 if (tree) { /* we are being asked for details */

 proto2_item = proto_tree_add_item(tree, proto_proto2, tvb, 0, -1, FALSE);
 proto2_tree = proto_item_add_subtree(proto2_item, ett_proto2);
 proto2_header_tree = proto_item_add_subtree(proto2_item, ett_proto2);

 }

 }</code></pre></div><div id="question-tags" class="tags-container tags"><span class="post-tag tag-link-passing" rel="tag" title="see questions tagged &#39;passing&#39;">passing</span> <span class="post-tag tag-link-dissector" rel="tag" title="see questions tagged &#39;dissector&#39;">dissector</span> <span class="post-tag tag-link-tree" rel="tag" title="see questions tagged &#39;tree&#39;">tree</span> <span class="post-tag tag-link-tvb" rel="tag" title="see questions tagged &#39;tvb&#39;">tvb</span></div><div id="question-controls" class="post-controls"></div><div class="post-update-info-container"><div class="post-update-info post-update-info-user"><p>asked <strong>30 May '14, 00:16</strong></p><img src="https://secure.gravatar.com/avatar/1339589a92af9455063c09e56bfc6299?s=32&amp;d=identicon&amp;r=g" class="gravatar" width="32" height="32" alt="umar&#39;s gravatar image" /><p><span>umar</span><br />

26222427
accept rate: 0%

edited 09 Sep ‘14, 23:29

Where is the crash occurring? Have you attached a debugger to get a stack backtrace so you can determine where it is going wrong?

What OS are you using?

(30 May ‘14, 02:49) grahamb ♦

Hi grahamb, Its working now. Iam using Winxp wireshark GTK 1.113.. Thanks for your time :)

(30 May ‘14, 21:53) umar


One Answer:

1

First this:

if (tree) { /* we are being asked for details */

It stops the dissector from setting the column info and it prevents the calling of subdissectors. It should only be applied to statements that work on trees and tree items, and even that doesn't help much because these calls first check the 'tree' parameter anyway.

Then this module variable:

 tvbuff_t *next_tvb;

It must be put in the dissection function itself. It may not be shared like this, nor be persistent across frames.

len = tvb_length(tvb) - offset;

This is tvb_length_remaining(), but could fail if captured frames are cut short. Watch out for possible negative values!

next_tvb = tvb_new_subset(tvb, offset, len, -1);

At this point offset is already beyond len, at the end of the TVB, so you are passing what along?

answered 30 May '14, 04:38

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

Hi jaap, i could able to solve the problem. I have Moved next_tvb to above the level of my subtree. Its works now. many thanks for your support :)

(30 May '14, 21:52) umar