On May 29, 2021, at 12:12 AM, Anders Broman <a.broman58@xxxxxxxxx> wrote:
> Shouldn't the caller be calling with the right data type or NULL? So a bug in the MQTT disector?
How can the MQTT dissector determine what the right data type *is* - especially given that the dissectors aren't wired in, there's a UAT preference that lets the user configure it.
This is where the current mechanism for passing data between dissectors goes crashing to the ground.
MQTT passes a topic string, which is just a string, to the dissectors it calls.
JSON expects to be passed a pointer to an http_message_info_t.
JSON registers its non-heuristic dissector by name, and allows it to be used with Decode As... for UDP ports.
It might *look* safe if you check the UDP dissector and the dissectors that use "media_type" and "grpc_message_type", but the "registers its non-heuristic dissector by name" mean there are no guarantees, given that another dissector that passes a pointer to something *other* than an http_message_info_t to dissectors that are specified by name in a UAT.
