Hi,
Le mercredi 22 avril 2009 ᅵ 20:06 +0000, gogrady@xxxxxxxxx a ᅵcrit :
> well my function is in the dll that i export for my dissector to use. here's the code:
>
> (_AppendMultiMsg)( target, bnpLength ); // adds current tvb to the buffer in my dll
> multiMsgSize = (_GetMultiMsgSize)(); // size of whole buffer as int
> next_tvb = tvb_new_real_data((const guint8 *)(_GetMultiMsg)(), multiMsgSize, multiMsgSize); //new tvb that holds the buffer from my dll
> tvb_set_free_cb(next_tvb, (_FreeMultiMemory)); // FreeMultiMemory is the function that will free the void* multiMsg object in my dll that is holding the buffer in the first place
> add_new_data_source(pinfo, next_tvb, "Multi-Part Message");
> dissectPacket( next_tvb, bnp_tree, pinfo );
>
> So i was wondering a way to put my buffer from dll into a new buffer, free the memory from my dll, but have it copied in wireshark memory to use. I had something like this before, would this work?:
>
Yes but I would use g_malloc() and tvb_set_free_cb(next_tvb, g_free)
rather than ep_alloc().
I'm not sure Wireshark guarantee that tvb buffer life is never greater
than 'ep' memory.
And don't forget the tvb_set_child_real_data_tvbuff() call or you leak
tvb buffer.
Didier
>
> (_AppendMultiMsg)( target, bnpLength );
> multiMsgSize = (_GetMultiMsgSize)();
>
> free(target);
> target = ep_alloc(multiMsgSize);
> memcpy(target, (_GetMultiMsg)(), multiMsgSize);
> target = (_GetMultiMsg)();
> next_tvb = tvb_new_real_data((const guint8 *)target, multiMsgSize, multiMsgSize);*/
> (_FreeMultiMemory)();
> add_new_data_source(pinfo, next_tvb, "Multi-Part Message");
> dissectPacket( next_tvb, bnp_tree, pinfo );
>
> Thanks for the help,
>
> Greg
