This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Wireshark crashes with FT_UINT64 and BASE_CUSTOM

0

Hello,

I try to add a UINT64 field with the following definition:

{ &hf_boxinfo_softwarerelease,
            { "SoftwareRelease", "boxinfo.swRelease",
            FT_UINT32, BASE_CUSTOM,
            displayVersion48, 0x0,
            "SoftwareRelease", HFILL }
}

This field contains 6 bytes, which I want to display as a version (e.g. 03.45.32 so 2 bytes per element) The problem is that Wireshark crashes when I click on the protocol item. I have another simular field with a FT_UINT32 which without troubles. Here is the function's source:

void displayVersion48(gchar *strptr, guint64 value){
     g_snprintf(strptr,15,"TEST");
}

Thank you for help.

lal12

asked 11 Jun '15, 08:51

lal12's gravatar image

lal12
367712
accept rate: 33%

edited 11 Jun '15, 08:52


One Answer:

0

Support for 64bits and BASE_CUSTOM was added in master branch. So please consider using this one and declare your entry as:

{ &hf_boxinfo_softwarerelease,
        { "SoftwareRelease", "boxinfo.swRelease",
        FT_UINT64, BASE_CUSTOM,
        CF_FUNC(displayVersion48), 0x0,
        "SoftwareRelease", HFILL }
}

where displayVersion48 has the following signature:

typedef void (*custom_fmt_func_64_t)(gchar *, guint64);

answered 11 Jun '15, 09:36

Pascal%20Quantin's gravatar image

Pascal Quantin
5.5k1060
accept rate: 30%

edited 11 Jun '15, 09:36

If I switch to the master branch, will the plugins work on the normal wireshark installations from the website. If not your solution, won't work for me, cause my plugin needs to work on this versions.

I think just declaring a FT_UINT32 works, even if the value is longer.

(12 Jun '15, 05:47) lal12
1

The plugin are only compatible with the branches for which they are compiled.

As Wireshark 1.99.6 is distributed on Wireshark web site it should be OK I guess.

I do not see how you expect to get a guint64 out of a guint32 value... So no it will not work. BASE_CUSTOM simply cannot be used with a 64 bits long number with Wireshark 1.12.x. What you could use instead if proto_tree_add_uint64_format_value() function.

(12 Jun '15, 06:00) Pascal Quantin