Re: my dissector breaks with updated 1.6 source and libs

[Guy Harris <guy () alum mit edu>]

On Jul 8, 2011, at 7:31 PM, oleksab () darkcornersoftware com wrote:

> My dissector worked when I updated libs and sources from 1.2 to 1.4. So I
> figured it would work from 1.4 to 1.6. But it did not.
>
> I did get the latest libs and sources

What do you mean by "the latest sources"?  Do you mean the Subversion trunk?  If so, that's not what you should use for 
building plugins for 1.6; you should use the source to Wireshark 1.6 for that.

> and I did recompile everything...but
> I ended up with some errors (which I will need to dig through).
>
> But I got this one error that I am not sure what it means. Wireshark
> (version 1.6) did start up properly. I was able to load a .pcap capture
> file....but when I click on one of the rows in the tree...I got the below
> error. Any thoughts..??
>
> The error was:
>
> 22:26:55   Err  new_fi->hfinfo->type 28 <FT_PCRE> not handled

What does the $Id$ line say in the file "epan/ftypes/ftypes.h" in the Wireshark source you're using?

In Wireshark 1.6, it should say 37594 as the version.  In the Wireshark 1.6.x branch in Subversion, it should say 37146 
as the version.  If it has any other version, it's not the Wireshark 1.6 source or even the source from the 1.6 branch 
- and, if it doesn't include FT_EBCDIC, it's a recent version from the trunk, and that source *cannot* be used to build 
plugins for the 1.6 branch (again, plugins have to be built with the Wireshark source for the version with which 
they're going to be used).  FT_PCRE is type 29 in 1.6; it's type 28 in the current Subversion trunk.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe