On Mar 9, 2007, at 4:55 PM, Stephen Fisher wrote:
Out of curiosity, what sort of changes are we interested in making in
the current API?
Well, some of the ones I'd like to see made are at
http://wiki.wireshark.org/Development/Wishlist
See, for example, the first item under "Dissector infrastructure", for
processing strings (although some of it is out of date - the Unicode
issues on Windows aren't so bad now that we've dropped support for
Windows OT).
I'd also like to see field lengths become unsigned, with -1 no longer
meaning "to end of packet", and, for those cases where "to end of
packet" is necessary, have a separate API for that. This would, I
think, let us get rid of some checks we now have, where a 32-bit
length field is fetched from the packet and used as a field length -
currently, there are some checks done in a variety of dissectors to
handle the case where the uppermost bit of the length is set (so we
don't get a dissector assertion thrown due to the length being
negative and not -1).
In addition, tvb_new_subset() should probably take only a "reported
length" argument, and calculate the data length appropriately; I've
fixed several bugs where the length wasn't being set appropriately.
There are probably other changes that should be considered as well.
