Wireshark-dev: [Wireshark-dev] Extending the DHCP (BOOTP) dissector

From: "Borz, John (IPG-Roseville R&D)" <john.borz@xxxxxx>
Date: Thu, 24 Sep 2009 21:13:45 +0000
Hello,

I'm interested in extending the DHCP dissector to decode a vendor specific DHCP option.  What is the recommended process for this?  Is it possible to write a plugin that can be called for this option by the BOOTP/DHCP dissector, or would I have to actually modify the BOOTP dissector to accomplish this?

thanks,
John

-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Bill Meier
Sent: Thursday, September 24, 2009 1:09 PM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] tvb_reported_length() vs tvb_length()

Jeff Morriss wrote:
> 
> After having made many a comment (on new dissectors) about using the 
> wrong function, I start to wonder:
> 
> Should we rename tvb_length() to, say, tvb_captured_length() and 
> tvb_reported_length() to tvb_length()?
> 
> Looking at it from the point of the TVB API it doesn't make much sense, 
> but since [it appears that] many dissector writers tend to not think of 
> snapshot lengths when dealing with TVBs, it might be the best way to 
> prevent this problem going forward.

Or maybe just rename tvb_length() to tvb_captured_length() ?

Actually: I guess I should take a step back ?

I see that there are over 400 dissectors which use tvb_length... (> 2400 
usages).

What are the cases where the use of tvb_length... in a dissctors is valid ?

Looking at README.developer in detrail I see that:

1. tvb_length is shown as being used before doing a heuristics check in
    new-style (and presumably heuristics) dissectors.
    In fact: I now see that the return is shown as
    tvb_length not tvb_reported_length.
    (Given this, I made an incorrect commit in a recent commit).

2. When calling tvb_new-subset.

Others ?

Bill





___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe