Wireshark mailing list archives

Re: dissecting bits versus bytes

From: Ankith Agarwal <ankitha () cdac in>
Date: Tue, 10 May 2011 09:30:12 +0530 (IST)

Hi

I found these routines in the wireshark.README file:

guint8 tvb_get_bits8(tvbuff_t *tvb, gint bit_offset, gint no_of_bits);
guint16 tvb_get_bits16(tvbuff_t *tvb, gint bit_offset, gint 
no_of_bits,gboolean little_endian);
guint32 tvb_get_bits32(tvbuff_t *tvb, gint bit_offset, gint 
no_of_bits,gboolean little_endian);
guint64 tvb_get_bits64(tvbuff_t *tvb, gint bit_offset, gint 
no_of_bits,gboolean little_endian);

Is there a way to get a String...??


The tvb pointer which is present in the context is an array of
characters..indirectly a string.. so, you can copy the values of tvb into
a local string variable...(don't forget to get the size of the string)

The string that I have ends with a special value of 0xFF ......


if this is the case you can copy a character and loop it till the
condition of 0xFF doesn't satisfy...

string it's self has a bit_offset
that is determined at runtime. How do I read this..??


You can work out from the previous mails, on how to read a bit_offset...

Also...I have a series of bits fields that span bytes....is there an 
example out there where somebody already dissected
a stream of bits not bytes..??

For example:  How would I dissect an 18 bit field that starts at an 
offset of 2 bits..?

You cannot dissect the bit fields directly... you have to take the largest
container of it and the put a mask to obtain the values...
As for your example... for 18 bit field, just get the next power of 2 ie,
32 and put the mask, or do an and operation with
(11111111111111111100000000000000) 0xFFFFC000, and you will be extract
your 18 bits into a local variable... Then by further processing you can
get your bit fields dissected completely...

Regards
Ankith

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Re: dissecting bits versus bytes Anders Broman (May 06)
- <Possible follow-ups>
- Re: dissecting bits versus bytes Ankith Agarwal (May 08)
  - Re: dissecting bits versus bytes Brian Oleksa (May 09)
    - Re: dissecting bits versus bytes Anders Broman (May 09)
    - Re: dissecting bits versus bytes Ankith Agarwal (May 09)
    - Re: dissecting bits versus bytes Brian Oleksa (May 17)
    - Re: dissecting bits versus bytes Jakub Zawadzki (May 17)
    - Re: dissecting bits versus bytes Brian Oleksa (May 17)