Wireshark-dev: Re: [Wireshark-dev] Structure sizes change between Linux and Windows help
From: Alex Lindberg <[email protected]>
Date: Fri, 29 Jul 2011 08:22:36 -0700 (PDT)
Ok - so overlaying a struct to a copy of the TVB is not the way to go.  So my problem is then extracting all of the struct members in order to determine their offsets in the struct on the build system.

By using the address of the struct and that of the struct member, the offset can be found.

Anyone have a utility to extract all of the struct members from a struct definition?

Thanks as always.

Alex Lindberg

--- On Thu, 7/28/11, Bill Meier <[email protected]> wrote:

From: Bill Meier <[email protected]>
Subject: Re: [Wireshark-dev] Structure sizes change between Linux and Windows help
To: "Developer support list for Wireshark" <[email protected]>
Date: Thursday, July 28, 2011, 4:39 PM

On 7/28/2011 5:27 PM, Alex Lindberg wrote:
> I am creating a dissector that overlays a complicated struct (bit
> fields, unions, etc) on the the tvb.

Unfortunately, you can't do that;   :)

From doc/README.developer

Don't use structures that overlay packet data, or into which you copy
packet data; the C programming language does not guarantee any
particular alignment of fields within a structure, and even the
extensions that try to guarantee that are compiler-specific and not
necessarily supported by all compilers used to build Wireshark.  Using
bitfields in those structures is even worse; the order of bitfields
is not guaranteed.

Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:[email protected]?subject=unsubscribe