Wireshark · Wireshark-dev: Re: [Wireshark-dev] Structure sizes change between Linux and Windows help

[Alex Lindberg <alindber@xxxxxxxxx>]

Ok - so overlaying a struct to a copy of the TVB is not the way to go.  So my problem is then extracting all of the struct members in order to determine their offsets in the struct on the build system.

By using the address of the struct and that of the struct member, the offset can be found.

Anyone have a utility to extract all of the struct members from a struct definition?

Thanks as always.

Alex Lindberg

--- On Thu, 7/28/11, Bill Meier <wmeier@xxxxxxxxxxx> wrote:

From: Bill Meier <wmeier@xxxxxxxxxxx>
Subject: Re: [Wireshark-dev] Structure sizes change between Linux and Windows help
To: "Developer support list for Wireshark" <wireshark-dev@xxxxxxxxxxxxx>
Date: Thursday, July 28, 2011, 4:39 PM

On 7/28/2011 5:27 PM, Alex Lindberg wrote:
> I am creating a dissector that overlays a complicated struct (bit
> fields, unions, etc) on the the tvb.

Unfortunately, you can't do that;   :)

From doc/README.developer

Don't use structures that overlay packet data, or into which you copy
packet data; the C programming language does not guarantee any
particular alignment of fields within a structure, and even the
extensions that try to guarantee that are compiler-specific and not
necessarily supported by all compilers used to build Wireshark.  Using
bitfields in those structures is even worse; the order of bitfields
is not guaranteed.



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe