Wireshark-dev: Re: [Wireshark-dev] Dissector plugin not working with wireshark 1.12.3
From: Pascal Quantin <pascal.quantin@xxxxxxxxx>
Date: Tue, 17 Feb 2015 14:07:09 +0100


2015-02-17 12:41 GMT+01:00 yannick omnes <yomnes@xxxxxxxxxxx>:
Hi Pascal,

Thank you for your answer,

The plugin crashes (dereferencing a NULL pointer) in the second iteration of the loop in proto_register_field_array. Looking around, i noticed that the bitmask field of header_field_info changed betwen 1.10.6 and 1.12.3, it was a guint64 and is now a guint32. I didn't update my wireshark-dev package (just noticed that) so that might be the problem. Where can I find the dev package for wireshark 1.12.3 ? (The one provided by aptitude is out-of-date)

Hi Yannick,

you can find the Wireshark 1.12.3 source code on this page: https://www.wireshark.org/download.html . It contains the full source tree, including the include files you might need to compile your plugin. Note that according to https://packages.debian.org/search?keywords=wireshark-de, there is also a wheezy-backports repository that provides the wireshark-dev package for 1.12.1 which should be compatible with 1.12.3.
As you noticed, it's always mandatory to recompile a plugin between major Wireshark releases as there is no guarantee that the internal API will be compatible (well let's say that it's guaranteed that it will NOT be compatible ;) ).





Regards,

Yannick


Le 17/02/2015 10:42, Pascal Quantin a écrit :
2015-02-17 10:08 GMT+01:00 yannick omnes <yomnes@xxxxxxxxxxx>:
Hi list,

I've recently updated my Wireshark to 1.12.3. I created a plugin that worked fine with previous versions but now I'm facing some problems.

The plugins still compile and is correctly loaded by wireshark on Windows

On my ubuntu 14.04, it is not loaded anymore. The problem seems to come from the register fonction. If there is only one element in the hf_register_info array, the plugin is being correctly loaded by Wireshark. But with more than one items, Wireshark crashes.

Does anyone know what's wrong ?

Hi Yannick,

without having access to your code, it's almost impossible to provide you support. Have you checked with a debugger where it fails more precisely? What version were you using previously?

Regards,
Pascal.


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

--



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe