Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-dev: [Wireshark-dev] Lua - error calling multiple dissectors

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: "Becker, Matthew J." <matthew.becker@xxxxxxx>
Date: Mon, 1 Dec 2008 13:12:24 -0600

Title: Lua - error calling multiple dissectors

Hello!  I'm creating a Lua dissector to dissect custom packets that contain header data and then other message-type-specific data.  I made dissectors for the header data and message-type data in separate Lua files, and then want to call those dissectors from inside this one.  However, after I call the header dissector, it seems like the original buffer data doesn't exist anymore - I get a "tvb expired" error when I try to access the original buffer after calling the header dissector.

In my code below, the "1" Header dissector is called and works correctly, but the subtree:add_le() calls after that give a "tvb expired" error on buffer().  Is Lua's garbage collection destroying this dissector's "buffer" variable when I call the header dissector?  Is this a bug (shouldn't I be able to call different dissectors on separate parts of packet data)?  Or am I doing something wrong here?

Thanks,
Matt

------------------------------------------------------------
dofile("testHeader.lua")
dofile("test700.lua")

test_proto = Proto("Test","TEST Protocol")

local msg_type = ProtoField.int32("Test.type", "Message Type", base.DEC)
local msg_size = ProtoField.int32("Test.size", "Message Size (bytes)", base.DEC)

test_proto.fields = {msg_type, msg_size}

TestTable = DissectorTable.new("Test")
TestTable:add(1, testHeader_proto)
TestTable:add(700, test700_proto)

function test_proto.dissector(buffer,pinfo,tree)
        pinfo.cols.protocol = "TEST"
        local subtree = tree:add(test_proto, buffer(), "TEST Protocol")

        local test_header = TestTable:get_dissector(1)
        if test_header ~= nil then
                test_header:call(buffer(0,14):tvb(), pinfo, subtree)
        end

        subtree:add_le(msg_type, buffer(14,4))
        subtree:add_le(msg_size, buffer(18,4))

        local msgtype = buffer(14,4):le_uint()

        TestTable:try(msgtype, buffer(22):tvb(), pinfo, subtree)

end

  • Prev by Date: [Wireshark-dev] How to share enhanced plugin
  • Next by Date: [Wireshark-dev] buildbot failure in Wireshark (development) on OSX-10.5-x86
  • Previous by thread: Re: [Wireshark-dev] How to share enhanced plugin
  • Next by thread: [Wireshark-dev] Thoughts on Bug #2533: EBCDIC display for TN3270 packet
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation