Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] GPL license question

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Thu, 12 Jul 2007 09:45:51 -0700
Phillip Paradis wrote:
> One might be able to do as Nvidia/ATI et. al. do with their drivers. Create
> the plug-in itself as a generic binary module which decodes blocks of data;
> it would make no use of the Wireshark APIs and cannot include or link with
> any GPL code. Then create a stub that fits between Wireshark's APIs and the
> plugin; this would be released as source code along with the binary, and
> would also not contain any Wireshark code, though it would contain the
> necessary header includes.

If you release a binary dissection module, what's to stop someone from
feeding it fuzzed and randomized data, mapping the input and output, and
reverse-engineering the protocol itself?  Dissectors aren't device
drivers, and their very nature (i.e. "tell me everything you know about
the data at offset X") means that once you release a dissector, you've
also released the details of your protocol.