Hello Martin,
On Sun, Feb 26, 2012 at 03:20:13PM +0100, Martin Kaiser wrote:
> Is it possible to add an element in the packet tree that has an hf entry
> and can be filtered but does not have a corresponding tvb? I'm looking
> at getting info from a circuit and add this to the tree as a filterable
> element. For now, I read from the circuit, create a tvb, add another
> data source for the tvb and dissect it. I was wondering if there's a
> cleaner solution without adding a data source. (It looks like a tvb
> that's not part of the packet itself needs a new data source).
Take a look at packet-extreme.c and search for hf_edp_checksum_good (similar
code can be found in other dissectors). The core point is setting the item
to PROTO_ITEM_SET_GENERATED. Does this do what you want?
> It seems that a lot of dissectors use pinfo->fd->num without a previous
> check "if (pinfo && pinfo->fd)". Is it safe to do so?
I haven't verfied this, but as pinfo->fd->num ist the frame number it seems
to be extremely likely to be safe :-)
> For se_malloc(), do I have to check the return value for NULL? I recall
> that for g_malloc(), there's no need for a NULL check, the programs is
> terminated when there's no memory.
I assume you mean se_alloc(). epan/emem.c internally uses g_malloc unless
some special steps are taken (debugging). Your memory on the behaviour of
g_malloc() is correct.
Ciao
Jörg
--
Joerg Mayer <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
