Recently found that Wireshark would completely crash when loading certain capture files which activated a custom dissector. After some basic debugging I determined that removing the use of those macros from my definition of static "hf_register_info" data made the problem go away. This sounds a lot like a coincidence (e.g. change just masked a bug) but haven't been able to put my finger on alternative cause just yet. In most cases Wireshark would just crash upon loading/dissecting but I also did find instances where the crash would not occur until I selected a certain packet. This sort of implies that the act of de-referencing the array or displaying the text is causing the issue, so I am pursuing that angle, but wanted to see if there were any known issues or limitations with the use of the VALS and/or RVALS arrays. asked 21 Jun '17, 07:02  wittynickname |
One Answer:
Slowly removing egg from face... Confirmed, these lists must be terminated with either {0, NULL} or {0,0,NULL} entry as appropriate. There appear to be some additional MACROs to help with this but none of the examples I looked at in the standard source base used them. answered 21 Jun '17, 07:48 wittynickname 1 FYI: You might want to run the various perl scripts such as For example, I temporarily removed the (21 Jun '17, 13:10) cmaynard ♦♦ |
Never mind, pretty sure I found it... my arrays were not terminated with {0, NULL} which seems to be the convention.