Wireshark-dev: Re: [Wireshark-dev] Retrieving dissection result from another dissector
From: Guy Harris <[email protected]>
Date: Wed, 4 Jul 2018 18:06:21 -0700
On Jul 4, 2018, at 7:02 AM, Michael Mann via Wireshark-dev <[email protected]> wrote:

> Just because you can exchange data between dissectors this way, doesn't mean you should.  I think it's more understandable if there are multiple layers/protocols between the setting of data and it's retrieval, but if you are only going a single layer, the data parameter of call_dissector_with_data should be used and a "shared structure" should be defined that includes the input/output parameters.

Unfortunately, that style means that there's no type checking to make sure the calling dissector passes data of the correct sort to the called dissector; if the calling dissector passes it by attaching something with a given protocol ID and the called dissector fetches it by getting something with some protocol ID, if the protocol IDs don't match the fetch will fail and you'll probably at least get a null-pointer dereference crash - compile-time checks would be better than run-time checks, but run-time checks are better than surprises because a structure of type A is being interpreted as if it were a structure of type B.