Wireshark mailing list archives

Re: Failing to get my tree to show - problem solved, but I don't understand why

From: Kaul <mykaul () gmail com>
Date: Thu, 21 Jan 2010 23:48:31 +0200

Well, I solved the problem - but I still don't get why it's working. I've
copied what packet-vnc.c does:
After getting the conversation object, get the per-packet info. If none
exist, I create one and copy the protocol conversation state machine to it.
Then, I act upon the state *from the packet info*. Everything works
beautifully afterwards (attached changed code - mainly the addition in lines
290-297 - which fetch the per packet information and use it.)

I'd still be happy to understand why this works now (also as a lesson for
others).
Y.


On Wed, Jan 20, 2010 at 11:15 PM, Kaul <mykaul () gmail com> wrote:



On Tue, Jan 19, 2010 at 1:09 AM, Guy Harris <guy () alum mit edu> wrote:


On Jan 16, 2010, at 10:39 AM, Kaul wrote:

From README.developer:
"Wireshark distinguishes between the 2 modes with the proto_tree

pointer"

I'll look at rewriting that to clarify that they're not modes of operation
of Wireshark, and that one must not make assumptions about when you'll be
called with, or without, a protocol tree (other than "if Wireshark needs the
entire tree, for whatever reason that might be, it'll pass a non-null
pointer; otherwise, it might be null or it might be non-null, don't depend
on either one").

Would posting the complete code help?


Probably.


Thank you - attached.
The main dissectors starts at dissect_spice(), and relevant code in line
283 and on.

Thanks in advance,
Yaniv.


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org
?subject=unsubscribe

Attachment: packet-redc.c
Description:

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Re: Failing to get my tree to show - problem solved, but I don't understand why Kaul (Jan 21)
- Re: Failing to get my tree to show - problem solved, but I don't understand why Stephen Fisher (Jan 21)