Wireshark mailing list archives

Re: Calling a dissector: Type for data parameter

From: Anders Broman <a.broman58 () gmail com>
Date: Sat, 29 May 2021 09:32:29 +0200

Hi,
Yes the method is fragile. At the time of development I think it was
proposed to pass a struct containing a string and the void pointer where
the string could be used as a identifier. But that was voted down.
Regards
Anders

Den lör 29 maj 2021 09:26Guy Harris <gharris () sonic net> skrev:

On May 29, 2021, at 12:12 AM, Anders Broman <a.broman58 () gmail com> wrote:

Shouldn't the caller be calling with the right data type or NULL? So a

bug in the MQTT disector?

How can the MQTT dissector determine what the right data type *is* -
especially given that the dissectors aren't wired in, there's a UAT
preference that lets the user configure it.

This is where the current mechanism for passing data between dissectors
goes crashing to the ground.

MQTT passes a topic string, which is just a string, to the dissectors it
calls.

JSON expects to be passed a pointer to an http_message_info_t.

JSON registers its non-heuristic dissector by name, and allows it to be
used with Decode As... for UDP ports.

It might *look* safe if you check the UDP dissector and the dissectors
that use "media_type" and "grpc_message_type", but the "registers its
non-heuristic dissector by name" mean there are no guarantees, given that
another dissector that passes a pointer to something *other* than an
http_message_info_t to dissectors that are specified by name in a UAT.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org
?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Calling a dissector: Type for data parameter Uli Heilmeier (May 29)
- Re: Calling a dissector: Type for data parameter Anders Broman (May 29)
  - Re: Calling a dissector: Type for data parameter Uli Heilmeier (May 29)
  - Re: Calling a dissector: Type for data parameter Guy Harris (May 29)
    - Re: Calling a dissector: Type for data parameter Anders Broman (May 29)
    - Re: Calling a dissector: Type for data parameter Graham Bloice (May 30)
    - Re: Calling a dissector: Type for data parameter João Valverde via Wireshark-dev (May 30)