Wireshark · Wireshark-dev: [Wireshark-dev] Custom formatter for 64bit field

Wireshark-dev: [Wireshark-dev] Custom formatter for 64bit field

From: "David Arnold" <david@xxxxxxxxxxx>

Date: Thu, 11 Mar 2010 17:24:56 -0500

Hi!

I'm writing a dissector for a protocol that uses a 64-bit time field
which is not in the format required for FT_ABSOLUTE_TIME.

So, I declared the hfinfo like

        { &hf_prot_pkthdr_time,
          { "Transmit Time", "prot.time",
            FT_UINT64, BASE_CUSTOM,
            prot_fmt_time, 0x0,
            "Transmission timestamp",
            HFILL }
        }

However, this causes an abort from the assertion in proto.c:4182
(trunk), which checks that hfinfo->strings is NULL (no, because of the
custom formatter), or the type matches a set that doesn't include
FT_UINT64.

This is my first attempt at writing a dissector, so I'm sure I'm missing
something.  Can someone point me in the right direction?

Thanks,




d

Follow-Ups:
- Re: [Wireshark-dev] Custom formatter for 64bit field
  - From: Guy Harris
- Re: [Wireshark-dev] Custom formatter for 64bit field
  - From: Maynard, Chris

Prev by Date: Re: [Wireshark-dev] How do I call the pkcs1 dissection from another dissector?
Next by Date: Re: [Wireshark-dev] Custom formatter for 64bit field
Previous by thread: [Wireshark-dev] Help with packet statistics
Next by thread: Re: [Wireshark-dev] Custom formatter for 64bit field
Index(es):
- Date
- Thread