Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] wiretap function wtap_open_offline fails with SIGSEGV

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Thu, 3 May 2018 01:52:30 -0700
On May 3, 2018, at 1:38 AM, Martin Sehnoutka <msehnout@xxxxxxxxxx> wrote:

> I'm trying to write a simple program with the wiretap API just to test
> how it works, but I'm struggling with the function wtap_open_offline.
> Here is what the code looks like:
> 
> #include <glib.h>
> #include <iostream>
> #include <cassert>
> #include <wireshark/wiretap/wtap.h>
> 
> using std::cout;
> using std::endl;
> 
> int main(int argc, char* argv[])
> {
>    if (argc < 2) {
>        fprintf(stderr,
>            "Dump filename missing!\n\n"
>            "Usage: %s dump_filename\n\n", (const char*) argv[0]);
>        exit(1);
>    }
>    cout << "Test wiretap drop_count: " << argv[1] << endl;
>    int err = 0;
>    gchar* err_info = NULL;
>    wtap* wth = wtap_open_offline(argv[1], WTAP_TYPE_AUTO, &err,
> &err_info, FALSE);

You must initialize libwiretap before you use it.

Call

	wtap_init(TRUE);

first.

Note also that the libwiretap API is subject to change, so don't rely on it not changing out from under you in future Wireshark releases.