Wireshark mailing list archives

Re: Specifying dissectors declaratively

From: Alexander Adolf <alexander.adolf () condition-alpha com>
Date: Wed, 19 Apr 2017 14:46:21 +0200

On 2017-04-19, at 14:16 , Pascal Quantin <pascal.quantin () gmail com> wrote:

[...]
It's true that it is used a lot for telephony business. ASN stands for Abstract Syntax Notation and defines a grammar 
that is independent of the encoding used. Then you have all the encoding variants: (aligned or not) PER, BER, DER, 
XER, GSER, OER, etc... It could be used for any protocol, but it's encoding is complex and not as friendly as a basic 
TLV one for humans like us :)

asn2wrs is really specialized for (un)aligned PER and BER, so not relevant to any other protocol (and should not be 
extended to something else other than ASN.1 variants).


I have used ASN.1 in projects, and I would fully support Pascal's recommendation that it doesn't seem the best choice 
for Wireshark.

Kaitai seems very interesting to just have a short look at. But the question is still, not really which language to 
use, but what should the integration be like.
[...]


https://github.com/dloss/binary-parsing

http://www.icsi.berkeley.edu/pubs/networking/binpacIMC06.pdf

http://nmedit.sourceforge.net/subprojects/libpdl.html

https://users.ece.cmu.edu/~dbrumley/pdf/Borisov%20et%20al._2007_A%20Generic%20Application-Level%20Protocol%20Analyzer%20and%20its%20Language.pdf

Disclaimer: I haven't used any of these, nor have I investigated what build infrastructure they would require.

Many of these offer just-in-time compilers for their description language. So this would probably mean inventing some 
kind of plugin system for such dynamically loaded, and JIT-compiled parsing scripts.

Cheers,

  --alexander
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Specifying dissectors declaratively Ahmad Fatoum (Apr 19)
- Re: Specifying dissectors declaratively Roland Knall (Apr 19)
  - Re: Specifying dissectors declaratively Pascal Quantin (Apr 19)
    - Re: Specifying dissectors declaratively Alexander Adolf (Apr 19)
    - Re: Specifying dissectors declaratively Guy Harris (Apr 19)
    - Re: Specifying dissectors declaratively Alexander Adolf (Apr 19)
  - Re: Specifying dissectors declaratively Guy Harris (Apr 19)
  - Re: Specifying dissectors declaratively Ahmad Fatoum (Apr 20)
- Re: Specifying dissectors declaratively Guy Harris (Apr 19)