How does Wireshark determine the style of dissector (new or old) ? For example the code below, how is "handle->is_new" true or false?
/* This function will return
* old style dissector :
* length of the payload or 1 of the payload is empty
* new dissector :
* >0 this protocol was successfully dissected and this was this protocol.
* 0 this packet did not match this protocol.
*
* The only time this function will return 0 is if it is a new style dissector
* and if the dissector rejected the packet.
*/
call_dissector_through_handle(dissector_handle_t handle, tvbuff_t *tvb,
packet_info *pinfo, proto_tree *tree, void *data)
{
……
if (handle->is_new) {
EP_CHECK_CANARY(("before calling handle->dissector.new_d for %s",handle->name));
ret = (*handle->dissector.new_d)(tvb, pinfo, tree, data);
EP_CHECK_CANARY(("after calling handle->dissector.new_d for %s",handle->name));
} else {
EP_CHECK_CANARY(("before calling handle->dissector.old for %s",handle->name));
subdissector */
(handle->dissector.old)(tvb, pinfo, tree);
EP_CHECK_CANARY(("after calling handle->dissector.old for %s",handle->name));
ret = tvb_length(tvb);
if (ret == 0) {
/
* XXX - a tvbuff can have 0 bytes of data in
* it, so we have to make sure we don't return
* 0.
*/
ret = 1;
}
asked 13 May ‘15, 12:15
XQW1123
46●8●10●14
accept rate: 0%
