Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] call_dissector() is eating memory

From: "ronnie sahlberg" <ronniesahlberg@xxxxxxxxx>
Date: Tue, 15 Aug 2006 20:41:09 +0000
your analysis is correct.

hte reason for this symbol not to be exported was merely that it was
never anticipated that dissectors would be called without going
through epan_dissect_run()

i have exported that symbol now.



do you have a page/description of your tool. would be interesting to
see what external tools use libwireshark for.

(by the way,   since libwireshark is GPL and not LGPL  your tool must
also be under a GPL licence)



On 8/15/06, Oleg Kostenko <oleg.kostenko@xxxxxxxxxxxx> wrote:
Hello,

I am developing an application that uses libwireshark.dll to decode
packets.

The protocol of each packet is known before the dissection is started, so I
just find the needed dissector with find_dissector() and then start
dissection with call_dissector(). The code that does it is a slightly
different version of dissect_packet().

The dissection is performed multiple times a second and I've noticed
that the amount of memory that the process occupies increases with each
dissection.

In epan.c, in the epan_dissect_run() function just before the call to
dissect_packet() there's a call to ep_free_all(). If I do the same in my
function, the process stops eating memory. But the problem is that
ep_free_all() is not exported, so I have to make changes to libwireshark.def
and rebuild Wireshark each time I want to upgrade to a new version of
Wireshark.

So the question is: is ep_free_all() missing from libwireshark.def by
mistake, or is it something that I do wrong?

Thanks in advance.

--
Best regards,
 Oleg                          mailto:oleg.kostenko@xxxxxxxxxxxx

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev