Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] Wireshark-dev Digest, Vol 31, Issue 16

From: "Moti Shani" <moti.shani1@xxxxxxxxx>
Date: Thu, 11 Dec 2008 01:41:46 +0200
Graham,
 
Thanks for responding.
I looked at the source file "packet-dcom.c" to try to fix the first syntax error but surprisingly the identifier was written correctly (hf_dcOm_stdobjref) and not the way it's written in the "all_output" (hf_dcom_stdobjref) in all of the file. Any ideas of how and way should the compiler see the name differently from the way I see it in the source file?
BTW, I erased all of the files and re downloaded them and tried to rebuild but I got the same problem - this time in different places. (case changes in some of the identifiers).
 
Thanks again,
Moti.

On Wed, Dec 10, 2008 at 4:28 PM, <wireshark-dev-request@xxxxxxxxxxxxx> wrote:
Send Wireshark-dev mailing list submissions to
       wireshark-dev@xxxxxxxxxxxxx

To subscribe or unsubscribe via the World Wide Web, visit
       https://wireshark.org/mailman/listinfo/wireshark-dev
or, via email, send a message with subject or body 'help' to
       wireshark-dev-request@xxxxxxxxxxxxx

You can reach the person managing the list at
       wireshark-dev-owner@xxxxxxxxxxxxx

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Wireshark-dev digest..."


Today's Topics:

  1. Re: Trouble with building Wireshark on Win32 (Graham Bloice)
  2. Re: How to remove the {Malformed Packet] warning  message
     (Jaap Keuter)
  3. Re: [Wireshark-commits] rev 26944: /trunk/plugins/profinet/
     /trunk/plugins/profinet/: packet-dcerpc-pn-io.c (Andrew Hood)
  4. Re: Trouble with building Wireshark on Win32
     (spiritsince1969@xxxxxxxxx)
  5. Re: How to remove the {Malformed Packet] warning  message
     (spiritsince1969@xxxxxxxxx)


----------------------------------------------------------------------

Message: 1
Date: Wed, 10 Dec 2008 11:04:20 +0000
From: Graham Bloice <graham.bloice@xxxxxxxxxxxxx>
Subject: Re: [Wireshark-dev] Trouble with building Wireshark on Win32
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Message-ID: <493FA234.20109@xxxxxxxxxxxxx>
Content-Type: text/plain; charset="utf-8"

Moti Shani wrote:
> Hello,
>
> I have followed the step by step guide on
> http://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html to
> build wireshark on my win32 system.
> all stages have finished successfully (at least as far as I
> understand...), but the building (stage 2.2.10 -> 2: nmake -f
> Makefile.nmake all) failed.
> In the attached files there is the output of "nmake -f Makefile.nmake
> all", "nmake -f Makefile.nmake setup" and the output of "nmake -f
> Makefile.nmake verify_tools".
> I will really appreciate if someone can help me out with this, I wish
> to get started on writing a new dissector.

I've extracted the build errors from your email below:

packet-dcom.c(2154) : error C2065: 'hf_dcOm_stdobjref' : undeclared identifier
C:\wireshark\wiretap/wtap.h(762) : error C2079: 'cosine' uses undefined struct 'cosine_phdr'

C:\Program Files\Microsoft Visual Studio 9.0\VC\INCLUDE\stdlib.h(463) : error C2061: syntax error : identifier _itoa_s'
C:\Program Files\Microsoft Visual Studio 9.0\VC\INCLUDE\stdlib.h(463) : error C2059: syntax error : ';'
C:\Program Files\Microsoft Visual Studio 9.0\VC\INCLUDE\stdlib.h(463) : error C2059: syntax error : '['

C:\wireshark-win32-libs\glib\include\glib-2.0\glib/gthread.h(298) : error C2143: syntax error : missing ')' before '*'
C:\wireshark-win32-libs\glib\include\glib-2.0\glib/gthread.h(298) : error C2143: syntax error : missing '{' before '*'
C:\wireshark-win32-libs\glib\include\glib-2.0\glib/gthread.h(298) : error C2059: syntax error : ')'

packet-rmp.c(263) : error C2065: 'dissEctor_handle_t' : undeclared identifier
packet-rmp.c(263) : error C2146: syntax error : missing ';' before identifier 'rmp_handle'
packet-rmp.c(263) : error C2065: 'rmp_handle' : undeclared identifier
packet-rmp.c(267) : error C2065: 'rmp_handle' : undeclared identifier
packet-rmp.c(267) : warning C4047: '=' : 'int' differs in levels of indirection from 'dissector_handle_t'
packet-rmp.c(268) : error C2065: 'rmp_handle' : undeclared identifier
packet-rmp.c(268) : warning C4047: 'function' : 'dissector_handle_t' differs in levels of indirection from 'int'
packet-rmp.c(268) : warning C4024: 'dissector_add' : different types for formal and actual parameter 3
packet-rmp.c(269) : error C2065: 'rmp_handle' : undeclared identifier
packet-rmp.c(269) : warning C4047: 'function' : 'dissector_handle_t' differs in levels of indirection from 'int'
packet-rmp.c(269) : warning C4024: 'dissector_add' : different types for formal and actual parameter 3

There seems to be a couple of case changes in the source files  (packet-dcom.c & packet-rmp.c) that are causing some errors, check using 'svn status' for inadvertent changes to your working copy and correct those.

The other errors may be caused by similar corruption issues (gthread.h) or possibly an older SDK (stdlib.h).

Resolve the changes to your wc first then try again.

--
Regards,

Graham Bloice

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.wireshark.org/lists/wireshark-dev/attachments/20081210/4c4ce24a/attachment.htm

------------------------------

Message: 2
Date: Wed, 10 Dec 2008 12:47:48 +0100
From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Subject: Re: [Wireshark-dev] How to remove the {Malformed Packet]
       warning message
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Message-ID: <F05881BC-BEE9-4A65-A91E-C379F638E3CD@xxxxxxxxx>
Content-Type: text/plain;       charset=us-ascii;       format=flowed;  delsp=yes

Hi,

Just make sure you don't read more bytes from the tvb than that are in
their. You should have some measure from the protocol fields
themselves, or use tvb_length_remaining()

Thanx,
Jaap

Sent from my iPhone

On 10 dec 2008, at 10:04, spiritsince1969@xxxxxxxxx wrote:

> Hi everyone,
>   I wrote a dissector for a special protocol, which may has only
> 40~44 bytes packets. Although i can dissect it as well, i'll receive
> a red [Malformed Packet : myprotocolname] label at the end of the
> packet details window . How to remove this this restrict and make
> wireshark allows packet which length is from 40 to 2000 bytes?
>  Sorry for my poor english.
>
>
>
> Sincerely yours,
> SpiritSince1969
> ___________________________________________________________________________


> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


------------------------------

Message: 3
Date: Wed, 10 Dec 2008 22:33:41 +1100
From: Andrew Hood <ajhood@xxxxxxxxx>
Subject: Re: [Wireshark-dev] [Wireshark-commits] rev 26944:
       /trunk/plugins/profinet/ /trunk/plugins/profinet/:
       packet-dcerpc-pn-io.c
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Message-ID: <493FA915.6030504@xxxxxxxxx>
Content-Type: text/plain; charset=us-ascii

Ulf Lamping wrote:
> stig@xxxxxxxxxxxxx schrieb:
>
>>http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=26944
>>
>>User: stig
>>Date: 2008/12/09 05:42 AM
>>
>>Log:
>> From Jim Young (bug 3105):
>> Trivial patch to change two C++ style comments to standard C style comments.
>>
>
>
> Sh..!
>
> Sorry for any inconvenience, seems I'm not learning from my mistakes :-(
>
> BTW: We have dropped support for some platforms in the past
> months/years. Are there still compilers in use that do not support C++
> style comments (they are really nice to have ...)?

Yes there are. The Wireshark suite are C programs - not C++.

There are a number of projects that haven't learnt to ban C99isms and
gcc extensions. They have to be beaten up on regularly. Don't join the
rush to incompatibility.

--
There's no point in being grown up if you can't be childish sometimes.
               -- Dr. Who


------------------------------

Message: 4
Date: Wed, 10 Dec 2008 22:25:31 +0800
From: spiritsince1969@xxxxxxxxx
Subject: Re: [Wireshark-dev] Trouble with building Wireshark on Win32
To: "Developer support list for Wireshark"
       <wireshark-dev@xxxxxxxxxxxxx>
Message-ID:
       <49ea11450812100625r6f8cbbc4wea8c8691589d917b@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"

Hi Moti,
 to ensure your plugin is easily compatible with office released wireshark
1.0.4, use VC6.0 instead of VS9. Or you have to distribute whole wireshark
binaries, but not only the dll your plugin create. If you want to build
plugins for wireshark 1.1 beta, use vs 2008 sp1.

On Wed, Dec 10, 2008 at 6:30 PM, Moti Shani <moti.shani1@xxxxxxxxx> wrote:

> Hello,
>
> I have followed the step by step guide on
> http://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html to build
> wireshark on my win32 system.
> all stages have finished successfully (at least as far as I understand...),
> but the building (stage 2.2.10 -> 2: nmake -f Makefile.nmake all) failed.
> In the attached files there is the output of "nmake -f Makefile.nmake all",
> "nmake -f Makefile.nmake setup" and the output of "nmake -f Makefile.nmake
> verify_tools".
> I will really appreciate if someone can help me out with this, I wish to
> get started on writing a new dissector.
>
> --
> Moti Shani
>
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>



--



Sincerely yours,
SpiritSince1969
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.wireshark.org/lists/wireshark-dev/attachments/20081210/4676610f/attachment.htm

------------------------------

Message: 5
Date: Wed, 10 Dec 2008 22:28:16 +0800
From: spiritsince1969@xxxxxxxxx
Subject: Re: [Wireshark-dev] How to remove the {Malformed Packet]
       warning message
To: "Developer support list for Wireshark"
       <wireshark-dev@xxxxxxxxxxxxx>
Message-ID:
       <49ea11450812100628r61cd9518kcc9afcaebd049fec@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"

Hi Jaap,
 Thanks for your advice. but all I want is to get rid of red [Malformed
Packet : myprotocolname] label, when my packet is undersize or oversize. Do
you have any suggestions?

Yours, truly

On Wed, Dec 10, 2008 at 7:47 PM, Jaap Keuter <jaap.keuter@xxxxxxxxx> wrote:

> Hi,
>
> Just make sure you don't read more bytes from the tvb than that are in
> their. You should have some measure from the protocol fields
> themselves, or use tvb_length_remaining()
>
> Thanx,
> Jaap
>
> Sent from my iPhone
>
> On 10 dec 2008, at 10:04, spiritsince1969@xxxxxxxxx wrote:
>
> > Hi everyone,
> >   I wrote a dissector for a special protocol, which may has only
> > 40~44 bytes packets. Although i can dissect it as well, i'll receive
> > a red [Malformed Packet : myprotocolname] label at the end of the
> > packet details window . How to remove this this restrict and make
> > wireshark allows packet which length is from 40 to 2000 bytes?
> >  Sorry for my poor english.
> >
> >
> >
> > Sincerely yours,
> > SpiritSince1969
> >
> ___________________________________________________________________________
>
>
> > Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> > Archives:    http://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> >             mailto:wireshark-dev-request@xxxxxxxxxxxxx
> ?subject=unsubscribe
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>



--



Sincerely yours,
SpiritSince1969
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.wireshark.org/lists/wireshark-dev/attachments/20081210/fba9ee9d/attachment.htm

------------------------------

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
https://wireshark.org/mailman/listinfo/wireshark-dev


End of Wireshark-dev Digest, Vol 31, Issue 16
*********************************************



--
Moti Shani