Hi, im having trouble calling a dissector from another dissector. As a test, im trying to call the foo dissector, from my test dissector. The foo dissector has the following registration
Meaning its abbreviation is "foo". So, in the dissector im programing, im doing the following. I have the following global variable
This is my handoff void proto_reg_handoff_test(void) { static dissector_handle_t test_handle; foo_handle = find_dissector("foo"); test_handle = create_dissector_handle(dissect_test, proto_test); dissector_add_uint("udp.port", TEST_PORT, test_handle); } The trouble im having is that foo_handle is NULL. My dissector compiles OK, but when I run wireshark, it just doesnt work, and the program shuts down. This is how im trying to call the dissector static void dissect_test(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) { col_set_str(pinfo->cinfo, COL_PROTOCOL, "Test protocol"); /* Clear out stuff in the info column */ col_clear(pinfo->cinfo,COL_INFO); if (tree) { /* we are being asked for details */ proto_item *ti = NULL; proto_tree *test_tree = NULL; ti = proto_tree_add_item(tree, proto_test, tvb, 0, -1, ENC_NA); test_tree = proto_item_add_subtree(ti, ett_test); proto_tree_add_item(test_tree, hf_test_uselessbyte, tvb, 0, 1, ENC_BIG_ENDIAN); call_dissector(foo_handle, tvb_new_subset_remaining(tvb, 1), pinfo, test_tree); } } My test protocol, has only 1 byte at the beggining (uselessbyte), and then, the rest follows my foo template. Im doing this to experiment, and to learn how to use this tools, to later apply them in a real dissector. I havent found any help on the internet (theres nothing on README.dissector), so could you please tell me what im doing wrong? Thanks in advance |
In the foo dissector you need to do register_dissector("foo", dissect_foo, proto_foo); Thanks! That worked like a charm!
(29 Aug '14, 08:08)
ingcpt
Finally, i had to add, into foo (the dissector that gets called from another dissector) the line register_dissector("foo", dissect_foo, proto_foo);
(29 Aug '14, 08:15)
ingcpt
|
If foo_handle is NULL it mean that the dissector does not exist. You can check if your dissector exist by trying to find him in filter. Open Wireshark and write your dissector's name in filter bar, green mean that Wireshark knows your dissector and red mean that he does not.
foo exists. If i run wireshark, and type foo in the filter, it turns green, yet foo_handle is still null
foo exists, and works perfectly. I made it using the guide provided by wireshark