Hello, I try to add a UINT64 field with the following definition: This field contains 6 bytes, which I want to display as a version (e.g. 03.45.32 so 2 bytes per element) The problem is that Wireshark crashes when I click on the protocol item. I have another simular field with a FT_UINT32 which without troubles. Here is the function's source: Thank you for help. lal12 asked 11 Jun '15, 08:51  lal12 edited 11 Jun '15, 08:52 |
One Answer:
Support for 64bits and BASE_CUSTOM was added in master branch. So please consider using this one and declare your entry as: where displayVersion48 has the following signature: answered 11 Jun '15, 09:36  Pascal Quantin edited 11 Jun '15, 09:36 |
If I switch to the master branch, will the plugins work on the normal wireshark installations from the website. If not your solution, won't work for me, cause my plugin needs to work on this versions.
I think just declaring a FT_UINT32 works, even if the value is longer.
The plugin are only compatible with the branches for which they are compiled.
As Wireshark 1.99.6 is distributed on Wireshark web site it should be OK I guess.
I do not see how you expect to get a guint64 out of a guint32 value... So no it will not work. BASE_CUSTOM simply cannot be used with a 64 bits long number with Wireshark 1.12.x. What you could use instead if proto_tree_add_uint64_format_value() function.