Use of "." in abbrev field of ZigBee hf_register_info

[Chris Brandson <chris.brandson () gmail com>]

Hello, 

It appears to be impossible to use external tools such as pyshark to extract field information from many of the fields 
in a ZigBee packet because many of the abbrev fields of the hf_register_info entries for the ZigBee dissectors more 
than one “.” . It does not appear to affect anything inside wireshark (though I’m not sure?), but it may impact some 
filtering and possibly other uses of capture information such as pyshark.

For example in packet-zbee-nwk.c, line 1832, hf_zbee_nwk_src64_origin uses an abbrev field of “zbee_nwk.src64.origin” 
(zbee_nwk is the PROTO_ABBREV used in the proto_register_protocol() ). I expect that the second “.” should really be 
“_” and thus “zbee_nwk.src64_origin”.

It affects many lines in many files, but it is a straightforward change that I would be willing to undertake. 

I do not know but am concerned of the possibility of this change impact existing users. However, if it is illegal (as 
evidenced by my experience with pyshark) they would not have been able to make use it in the illegal form anyway.

So I am proposing that I make this change and asking for feedback specifically on how serious a issue the extra dots 
are (if at all) and how this might change existing users.

Regards,

+ Chris Brandson
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe