calling custom dissector functions from epan module

Question

Hi all

I have developed a custom dissector module, which is included in plugins folder of the wireshark. I have a requirement that when plugins get register need to create a data structure to store data required for dissection. This data structure need to be present through out the life time of the Wireshark process. But, when Wireshark is quit/closed need to cleanup this data structure. For doing this i have written a cleanup function, but not sure where to call this function from. After exploring i tried invoking this function from epan module, epan_cleanup() function in epan.c.

But, faced issue in invoking this function from epan module as the objects are not linked. Then i modified the makefile of epan directory to include the .lo file of my custom dissector and invoke this function. Both, compilation and linking went fine, but, when i execute the Wireshark, the custom cleanup function is invoked but the data structure memory reference is not correct.

Sample code:

In custom_dissector.c
typedef struct xyz{
int a;
char *name;
int b;
}XYZ;
XYZ proto_names[100]; // Global
void custom_cleanup()
{
int i;
for (i=0;i<100;i++)
{
if (XYZ.name != NULL)
{
free (XYZ.name);
}
}
}
in epan.c file :
void epan_cleanup()
{
….
….
…
custom_cleanup(); // could not properly reference XYZ memory
}

Would like know the following, - Which is the right place to invoke custom cleanup functions during wireshark exit. - How to link custom cleanup function in plugin folder and epan module.

Request your help on the same. Thank you Kiran Kumar G

Accepted Answer

If you only need to cleanup a memory allocation, I wouldn't worry too much, the OS will clean that all up as the Wireshark process exits.

Answer 2

Why not simply allocate your memory with wmem based functions and the epan scope, like for example wmem_alloc(wmem_epan_scope(), size)? Wireshark will automatically release the memory for you when closed.