Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] Duplicate dissectors error

From: Michael Mann <mmann78@xxxxxxxxxxxx>
Date: Mon, 29 Aug 2016 21:09:13 -0400
Yes, that's the main side effect, and if all the registering is with proprietary dissectors, it's your users that have to deal with it.
Solutions are:
1. Change dissector table to allow duplicates.
2. Create "placeholder" protocols (you'll see a few examples in native Wireshark dissectors) so that each can show up differently in Decode As.
 
 
-----Original Message-----
From: Juan Jose Martin Carrascosa <juanjo@xxxxxxx>
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Sent: Mon, Aug 29, 2016 8:54 pm
Subject: Re: [Wireshark-dev] Duplicate dissectors error

Hi Guy,

Thanks for your answer. What I meant regarding the logging API is to use something that can be disabled changing the verbosity of Wireshark. I've seen that previously.

The plugins are added using dissector_add_string() to the rtps.type_name table. What is the side effect of adding duplicated protocols? Just issues with "decode as"? If that is the only side effect, I can live with it.

Let me know if I can provide more information.

Thanks,
Juanjo Martin

On Mon, Aug 29, 2016 at 5:31 PM, Guy Harris <guy@xxxxxxxxxxxx> wrote:
On Aug 29, 2016, at 3:59 PM, Juan Jose Martin Carrascosa <juanjo@xxxxxxx> wrote:

> Hi everybody,
>
> I am adding plugins to my Wireshark installation, so they register themselves in the table rtps.type_name (created in packet-rtps.c).
>
> Duplicate dissectors (null) and (null) for protocol Custom in dissector table rtps.type_name
> Duplicate dissectors (null) and (null) for protocol Custom_A in dissector table rtps.type_name
> Duplicate dissectors (null) and (null) for protocol Custom_A in dissector table rtps.type_name
> Duplicate dissectors (null) and (null) for protocol Custom_A in dissector table rtps.type_name
> Duplicate dissectors (null) and (null) for protocol (none) in dissector table rtps.type_name
>
> That error message comes from dissector_add_for_decode_as(). Actually, I don't expect my dissectors to be called from decode_as...
>
> Few things:
>
> 1) This message is printed to stderr instead of using any Logging API. Should we change that?

Well, that would first involve having a logging API to use.

For command-line based programs such as TShark, it would print them to stderr; for Wireshark, it could put them in an "error console" window that the user could pop up.  (On some OSes, output to stderr from GUI programs shows up in a log window, but that's not guaranteed.)

> 2) Which is the right way to design this so I don't get those errors? I could change the value DISSECTOR_TABLE_NOT_ALLOW_DUPLICATE to DISSECTOR_TABLE_ALLOW_DUPLICATE when I create the rtps.type_name table but I'd prefer to solve the issue instead of patching it.

So what's the code that's registering your plugins (the reg_handoff routines for them)?
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe



--

Juanjo Martin
Senior Application Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe