Wireshark · Wireshark-dev: Re: [Wireshark-dev] Possibility to modify buffer?

Wireshark-dev: Re: [Wireshark-dev] Possibility to modify buffer?

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Wed, 16 Sep 2009 18:33:56 -0700


On Sep 16, 2009, at 2:00 AM, Christian Gurk wrote:

That works so far. Now, if the checksum is ok (no frameerror) I would
like to decrypt the data and pass it to the next dissector to evaluate
the content of the frame further.

You would need to allocate a new tvbuff, and a blob big enough to holdall the decrypted data, and decrypt the data into the blob and attachthat blob to the tvbuff, and hand *that* tvbuff to the nextdissector. You cannot modify the data in a tvbuff handed to you.


I don't know the details of how to do that in a Lua dissector.

Follow-Ups:
- Re: [Wireshark-dev] Possibility to modify buffer?
  - From: Reinhard Speyerer

References:
- [Wireshark-dev] Possibility to modify buffer?
  - From: Christian Gurk

Prev by Date: Re: [Wireshark-dev] Accessing prior packets in Lua
Next by Date: [Wireshark-dev] buildbot failure in Wireshark (development) on OSX-10.5-x86
Previous by thread: [Wireshark-dev] Possibility to modify buffer?
Next by thread: Re: [Wireshark-dev] Possibility to modify buffer?
Index(es):
- Date
- Thread