Title: Help needed on value translation of dissected bits
Normally with the translation of specific bits to a decimal value is easy using the definition in the hf structure, but I am trying to find a way to properly display 1 or more bytes that have disjoint bits associated to a specific value.
Let me give an example:
Assume that you have 2 bytes to dissect that are formatted as follows:
- There are 2 values, A and B that are encoded into 2 Bytes
- Value A has a maximum size of 127 and is encoded using the lower 7 bits of Byte 1
- Value B has a maximum size of 511 and is encoded using all 8 bits in Byte 2 along with bit 8 in Byte 1 representing the MSB for Value B
Normally, I would define the dissection in the hf structure as follows:
{ &hf_myproto_B,
{ "B Value", "myproto.b",
FT_UINT16, BASE_DEC, NULL, 0x80ff, NULL, HFILL
}
}
In this case, it will mask of the bits correctly, but it will translate it to decimal as if there the extra bits that are masked off still exist, but are a value of 0
So, for instance, the following encoding:
1000 0000
0000 0000
Would be translated as follows:
A = 0
B = 32768
Instead of what I want:
A = 0
B = 256
Any way that I can do it? If not, can I somehow use "proto_add_text" or something similar to make the addition to the tree look similar to how it would have looked with the bits that are masked off being shown?
Thanks for any help.
Confidentiality Notice: This e-mail (including any attachments) is intended only for the recipients named above. It may contain confidential or privileged information and should not be read, copied or otherwise used by any other person. If you are not a named recipient, please notify the sender of that fact and delete the e-mail from your system.
