Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Sub_dissectors assertion failed

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Scott <theerickson@xxxxxxxxx>
Date: Fri, 21 May 2010 13:49:41 -0600
Thanks for the reply Guy!  I have some followup questions.

I killed the original error of
ERROR:packet.c:709:dissector_add: assertion failed: (sub_dissectors)
by calling register_dissector_table() in proto_register_..().  Apparently I didn't know I needed to do that, but it makes sense.

To answer a question you posed me:
> If I am writing a dissector for a protocol that rides on top of IP but then allows any protocol to follow it,

Do you truly mean "any protocol", so that, for example, you could follow it with X.25 or HTTP or Ethernet, or do you mean, for example, any protocol *that runs atop IP* can follow it?
I mean *any protocol that runs atop IP* can follow it.  I am going to work on all protocols registered with IP to follow it as soon as I get *another* custom dissector/protocol that I am working on, which can follow it, to work.  Let's call the custom protocol *custom* and the IP rider *it* to simplify things.

I have the custom protocol doing dissector_add("[field switch on *it*]", [macro expansion that matches a field value], *custom*_handle) in its handoff routine.  However, for some reason it is apparently not being called upon to dissect because it is not showing up as a header in the packet window.

I am unsure of why similar code for *it* -> IP doesn't work for *custom* -> *it*. 
I've tooled around with tvb_new_subset() and even tried calling dissector_next (a routine mentioned in README.developer but that doesn't actually exist) to no avail yet.  I've tried call_dissector(), but that's probably not what I want.


As a "by the way," you mentioned in your reply:
If you mean, for example, "any protocol that runs atop IP", then you should grab hold of the "ip.proto" dissector table:

       dissector_table_t ip_proto_dissector_table;
               ...
       ip_proto_dissector_table = find_dissector_table("ip.proto");

and then use that to hand off the payload to the next dissector with that dissector table, the protocol number, and dissector_try_port().
How do I "hand off the payload to the next dissector with that dissector table, the protocol number, and dissector_try_port()?"  Is that through a function call?  And what does dissector_try_port() do?  All I could tell is that it returns a gboolean.

More questions I haven't been able to find answers to:
*The proto_handoff_..(void) routine's main job is to register the dissector with other dissectors so it gets called at the right moment, correct?
*What is the difference between create_dissector_handle() and new_create_dissector_handle()?


Quite a number of questions?  Yes.  I feel like README.developer is good but it doesn't explain all.  Guidance from you and any other developers is much appreciated.
-Scott
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube