This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Update plugin to latest wireshark version

0

I have a plugin code for older wireshark version, when I use it in V-1.99 it gives these errors

error C2220: warning treated as error - no 'object' file generated
warning C4013: 'check_col' undefined; assuming extern returning int
warning C4013: 'decode_boolean_bitfield' undefined; assuming extern returning int
warning C4113: 'void (__cdecl *)(tvbuff_t *,packet_info *,proto_tree *)' differs in parameter lists from 'new_dissector_t' 
warning C4133: 'function' : incompatible types - from 'void (__cdecl *)(tvbuff_t *,packet_info *,proto_tree *)' to 'new_dissector_t'

how shall I solve them?

asked 12 Jun '14, 12:08

aman's gravatar image

aman
36151620
accept rate: 0%

edited 12 Jun '14, 13:31

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196

One Answer:

1

First of all check_col function does not exist anymore so you should remove its call (and assume that it always returns true).

Then decode_boolean_bitfield function was also removed. I guess it is used by some call to proto_tree_add_text right? Replace it by a FT_BOOLEAN filterable hf entry instead. Or build the string yourself (the old code for this function can be found here).

Finally check new_dissector_t definition in epan\packet.h (hint: the return type differs and you miss 1 parameter).

answered 12 Jun '14, 13:22

Pascal%20Quantin's gravatar image

Pascal Quantin
5.5k1060
accept rate: 30%

1

Finally check new_dissector_t definition in epan\packet.h (hint: the return type differs and you miss 1 parameter).

"New-style" dissectors now take an additional "private data" argument. You would have to change any such dissectors to take an additional void * argument; you don't have to use the argument.

(12 Jun '14, 13:33) Guy Harris ♦♦

for check_col I have code

if (check_col(pinfo->cinfo, COL_INFO)) { col_append_fstr(pinfo->cinfo,COL_INFO,"Indicator_Update "); }

how shall I make it compatible with current version?

Yes, decode_boolean_bitfield function is used by proto_tree_add_text. when I replace decode_boolean_bitfield with FT_boolean it says no such function found.

(13 Jun '14, 07:51) aman

As per the instructions from @Pascal Quantin, assume check_col returns true, so either replace it with "1" or remove the conditional entirely, i.e. simply a call to col_append_fstr(...).

In the call to proto_tree_add_text() you have to add an hf element whose type is FT_BOOLEAN. If you post the relevant piece of code we can help further.

(13 Jun '14, 07:57) grahamb ♦

thats the part..

if (tempValue & G711_ULAW64) proto_tree_add_text(reg_codec, tvb, offset+36, 4, "%s", decode_boolean_bitfield(tempValue, G711_ULAW64, 32, "G.711 PCMU",""));

(13 Jun '14, 08:04) aman

@grahamb I can see an update 10 mins ago here, but no comment. please re post your last comment.

(13 Jun '14, 08:29) aman
1

For the bitfield, you would first need to declare

static const true_false_string tfs_codec_bit = {
        "G.711 PCMU",
        ""
};

and then declare a header field variable

static int hf_myprotocolname_codec_bit = -1;

and then, in your dissector's hf[] array containing the named fields for your protocol, add

    { &hf_myprotocolname_codec_bit,
      { "Codec", "myprotocolname.codec", FT_BOOLEAN, 32,
        TFS(&tfs_codec_bit), G711_ULAW64,   
        "Whether the codec is G.711 PCMU or not", HFILL }},

and then do

proto_tree_add_boolean(reg_codec, hf_myprotocolname_codec_bit, tvb, offset+36, 4, tempValue);

"myprotocolname" is the same name for the protocol that you are using for other named fields.

(13 Jun '14, 09:11) Guy Harris ♦♦

I have done the declaration part but cant figure out where to use the hf[] code in packet.h file.

(13 Jun '14, 10:03) aman

If your dissector already has a call to proto_register_field_array(), it already has an hf[] array; just add it to that array.

If your dissector does not already have a call to proto_register_field_array(), it presumably was using only proto_tree_add_text(), and it needs to be fixed to use named fields. Read the doc/README.dissector document, which discusses how to create a dissector that uses named fields.

(13 Jun '14, 10:34) Guy Harris ♦♦

I have declared

static int hf_my[] = { &hf_my_codec_bit,
      { "Codec", "my.codec", FT_BOOLEAN, 32,
        TFS(&tfs_codec_bit), G711_ULAW64,   
        "Whether the codec is G.711 PCMU or not", HFILL }
        };  
proto_tree_add_boolean(reg_codec, hf_my_codec_bit, tvb, offset+36, 4, tempValue);

I am getting this:

(5881) : error C2065: 'reg_codec' : undeclared identifier

(5881) : warning C4047: 'function' : 'proto_tree *' differs in levels of indirection from 'int'


(5881) : warning C4024: 'proto_tree_add_boolean' : different types for formal and actual parameter 1


(5881) : error C2065: 'tempValue' : undeclared identifier
(13 Jun ‘14, 11:10) aman
1

You did put

proto_tree_add_boolean(reg_codec, hf_my_codec_bit, tvb, offset+36, 4, tempValue);

in the exact same place in your code where the

proto_tree_add_text(reg_codec, tvb, offset+36, 4, "%s", decode_boolean_bitfield(tempValue, G711_ULAW64, 32, "G.711 PCMU",""));

was before, right?

If not, do so.

(13 Jun ‘14, 11:12) Guy Harris ♦♦

yes I did..

(13 Jun ‘14, 11:15) aman

Then your code probably wouldn’t have compiled even with an older version of Wireshark, because, if you really did replace

if (tempValue & G711_ULAW64)
proto_tree_add_text(reg_codec, tvb, offset+36, 4, "%s", decode_boolean_bitfield(tempValue, G711_ULAW64, 32, "G.711 PCMU",""));

with

if (tempValue & G711_ULAW64)
proto_tree_add_boolean(reg_codec, hf_my_codec_bit, tvb, offset+36, 4, tempValue);

so that both of those sequences of code are in exactly the same place in your code, the references to tempValue and reg_codec are the same, and would therefore get exactly the same errors.

(13 Jun ‘14, 11:17) Guy Harris ♦♦

the above part of code you wrote doesnt run in the code too.. I am getting parameter error with tempValue and proto* tree

(13 Jun ‘14, 11:37) aman

I don’t know what you mean by “the above part of code you wrote doesnt run in the code too”.

The

if (tempValue & G711_ULAW64)
proto_tree_add_text(reg_codec, tvb, offset+36, 4, "%s", decode_boolean_bitfield(tempValue, G711_ULAW64, 32, "G.711 PCMU",""));

part is a direct copy and paste (other than tweaking the formatting) of code you said, in a comment above, was the code using decode_boolean_bitfield(). Are you saying that code doesn’t “run”? If so, then, as I said, your dissector wouldn’t have worked even with an older version of Wireshark.

It might help if you just put your entire dissector up on a site such as pastebin, so we can see all of the code, in context, rather than seeing snippets taken out of context.

(13 Jun ‘14, 11:49) Guy Harris ♦♦

@aman: You had a lot of problems compiling Wireshark and your dissector in the last couple of days.

Wouldn’t it be much easier if you upload your dissector code to github, google code, sourceforge, or similar? Maybe that speeds up things, if you find a person that is willing to help you with the code and the problems you are facing.

(13 Jun ‘14, 11:49) Kurt Knochner ♦

@guy thanks alot, I fixed it.. there was some parameter issue.. thanks for your help.. @kurt for sure, it I have any further problems, I ll update it on github and consult you guys.. thanks for help..

(13 Jun ‘14, 11:54) aman
showing 5 of 16 show 11 more comments