Wireshark-dev: Re: [Wireshark-dev] 0.99.8 col_append_str fails
From: Jason Dick <jasonkdick@xxxxxxxxx>
Date: Mon, 3 Mar 2008 14:50:10 -0800 (PST)
Thanks for your help.  I will try setting if (tree){...} to if (1){...} in various places and see what happens.  

I have tried this on Windows XP with 0.99.7 and on linux with 0.99.8.

Jason

----- Original Message ----
From: "Maynard, Chris" <Christopher.Maynard@xxxxxxxxx>
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Sent: Monday, March 3, 2008 4:41:43 PM
Subject: Re: [Wireshark-dev] 0.99.8 col_append_str fails

The only other advice I can offer is to make sure you do a distclean
before trying to compile and don't expect a plugin built for an earlier
version of Wireshark to work with a later version (I think you mentioned
that you had a dissector working on 0.99.6?).  In particular, you may
have some tweaking to do with the various Makefiles.  And if there's any
chance that you might be trying to add the column information from
within an "if (tree) { ... }" block, then you could try changing it to
"if (1) { ... } temporarily to see if that helps.

You didn't mention which platform you were working on ... or I missed
it.  It may or may not matter to someone else on this list who might
have further advice for you.

- Chris

-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Jason Dick
Sent: Monday, March 03, 2008 11:47 AM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] 0.99.8 col_append_str fails

Yeah, I copied the base code from another dissector and just updated it.

In the main dissector function I set the message type and call other
functions to dissect the different message types.  It is in the these
sub type functions I am calling col_append_str(...).  Sometimes I've
called before and sometimes inside of if(tree).  It doesn't seem to
matter.  Once I set it in the main dissector, I doesn't change.

- Jason

----- Original Message ----
From: "Maynard, Chris" <Christopher.Maynard@xxxxxxxxx>
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Sent: Monday, March 3, 2008 11:02:44 AM
Subject: Re: [Wireshark-dev] 0.99.8 col_append_str fails

Sorry, I don't know exactly what changed.  I know there were changes in
how the plugins were built, but I just followed what the built-in plugin
dissectors did.

One other thing I thought of, and it's mentioned in the README.developer
file within the example skeleton code given there (section 1.2):

   In the interest of speed, if "tree" is NULL, avoid building a
   protocol tree and adding stuff to it, or even looking at any packet
   data needed only if you're building the protocol tree, if possible.

   Note, however, that you must fill in column information, create
   conversations, reassemble packets, build any other persistent state
   needed for dissection, and call subdissectors regardless of whether
   "tree" is NULL or not.  

Are you trying to add column information from within an if (tree) { ...}
block?  If so, you should move it outside the block. 

- Chris

-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Jason Dick
Sent: Monday, March 03, 2008 10:39 AM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] 0.99.8 col_append_str fails

Thanks for the follow-up.  Found the tutorial you mentioned and tried
exactly that.  It seems that as soon as is set the text for the column,
I cannot change it any more.  I tried a number of permutations and still
the result is I can set it COL_INFO only once.

This a plugin dissector and everything else seems to work just fine.  I
would like to add some more info to the COL_INFO for various message
types that I dissect.

Any idea what changes were made to the plugin API?  

Thanks,
Jason

----- Original Message ----
From: "Maynard, Chris" <Christopher.Maynard@xxxxxxxxx>
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Sent: Sunday, March 2, 2008 5:10:47 PM
Subject: Re: [Wireshark-dev] 0.99.8 col_append_str fails

Is this a plugin dissector or normal dissector?  If it's a plugin, it
seems you're not the only one experiencing this problem, although I
highly doubt that it's a Wireshark bug.  There have been some changes to
the plugin API somewhat recently and I think your problem may be related
to that.  You might try first to re-read the most recent README.plugins
and possibly even reviewing the following tutorial:
http://www.codeproject.com/KB/IP/custom_dissector.aspx.  In addition,
it's probably a good idea to compare your plugin files with the
Wireshark built-in plugin files.

- Chris

-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Jason Dick
Sent: Sunday, March 02, 2008 3:01 PM
To: wireshark-dev@xxxxxxxxxxxxx
Subject: [Wireshark-dev] 0.99.8 col_append_str fails

I am writing a dissector for a custom protocol and found that I am
unable to add additional information to the INFO column.  See the
following code:

if (check_col(pinfo->cinfo, COL_INFO)) {
  col_append_str(pinfo->cinfo, COL_INFO, "  more info");
}

It appears that after the initial setting of the column, pinfo->cinfo is
no longer writable.  That is 

col_get_writable(pinfo->cinfo) 

always returns false.  It still returns false even after I run:

col_set_writable(pinfo->cinfo, 1);

Has anyone else run across this?  I thought I had this working for
another dissector on 0.99.6 but I don't have that code with me right
now.

Thanks for any thoughts, comments, ideas -- Jason

[snip]
[snip]

-----------------------------------------
This email may contain confidential and privileged material for the
sole use of the intended recipient(s). Any review, use, retention,
distribution or disclosure by others is strictly prohibited. If you
are not the intended recipient (or authorized to receive for the
recipient), please contact the sender by reply email and delete all
copies of this message. Also, email is susceptible to data
corruption, interception, tampering, unauthorized amendment and
viruses. We only send and receive emails on the basis that we are
not liable for any such corruption, interception, tampering,
amendment or viruses or any consequence thereof.
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev





      ____________________________________________________________________________________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ