On 7/28/2011 5:27 PM, Alex Lindberg wrote:
I am creating a dissector that overlays a complicated struct (bit
fields, unions, etc) on the the tvb.
Unfortunately, you can't do that; :)
From doc/README.developer
Don't use structures that overlay packet data, or into which you copy
packet data; the C programming language does not guarantee any
particular alignment of fields within a structure, and even the
extensions that try to guarantee that are compiler-specific and not
necessarily supported by all compilers used to build Wireshark. Using
bitfields in those structures is even worse; the order of bitfields
is not guaranteed.
