Wireshark-dev: Re: [Wireshark-dev] Modifying custom giop dissector

Date: Wed, 27 Nov 2013 17:54:24 +0000
> I don't think a solution currently exists with the parser.
> 

OK, thanks.

It looks like there is a problem with the "un-edited" code.

I have a function declared in the IDL that looks like..

  typedef sequence <long> Longs ;
  void newThumbnail (in long ident, in long offset, in long width, in long 
height, in Longs data) ;

This produces code that looks like

    case Request:
        proto_tree_add_int(tree, 
hf_Quentin_ThumbnailListener_newThumbnail_ident, tvb, *offset-4, 4, 
get_CDR_long(tvb,offset,stream_is_big_endian, boundary));

        proto_tree_add_int(tree, 
hf_Quentin_ThumbnailListener_newThumbnail_offset, tvb, *offset-4, 4, 
get_CDR_long(tvb,offset,stream_is_big_endian, boundary));

        proto_tree_add_int(tree, 
hf_Quentin_ThumbnailListener_newThumbnail_width, tvb, *offset-4, 4, 
get_CDR_long(tvb,offset,stream_is_big_endian, boundary));

        proto_tree_add_int(tree, 
hf_Quentin_ThumbnailListener_newThumbnail_height, tvb, *offset-4, 4, 
get_CDR_long(tvb,offset,stream_is_big_endian, boundary));

        u_octet4_loop_Quentin_ThumbnailListener_newThumbnail_data = 
get_CDR_ulong(tvb, offset, stream_is_big_endian, boundary);
        /* coverity[returned_pointer] */
        item = proto_tree_add_uint(tree, 
hf_Quentin_ThumbnailListener_newThumbnail_data, tvb,*offset-4, 4, 
u_octet4_loop_Quentin_ThumbnailListener_newThumbnail_data);

        for (i_Quentin_ThumbnailListener_newThumbnail_data=0; 
i_Quentin_ThumbnailListener_newThumbnail_data < 
u_octet4_loop_Quentin_ThumbnailListener_newThumbnail_data; 
i_Quentin_ThumbnailListener_newThumbnail_data++) {

            proto_tree_add_int(tree, 
hf_Quentin_ThumbnailListener_newThumbnail_data, tvb, *offset-4, 4, 
get_CDR_long(tvb,offset,stream_is_big_endian, boundary));

        }

If I run this as is I get an error in the dissector

Q_quentin Dissector Using GIOP API
    ident: 0
    offset: 1073
    width: 90
    height: 72
    Seq length of data: 6480

followed by..

Message: proto.c:3174: failed assertion "DISSECTOR_ASSERT_NOT_REACHED"

Changing the proto_tree_add_int in the loop to proto_tree_add_uint fixes 
the
error, but then I get a dissected message that looks like...

Q_quentin Dissector Using GIOP API
    ident: 0
    offset: 1073
    width: 90
    height: 72
    Seq length of data: 6480
    Seq length of data: 198147
    Seq length of data: 66560
    Seq length of data: 0
    Seq length of data: 769........

If I open the same file on the old version 1.6 of Wireshark I get

Q_quentin Dissector Using GIOP API
    ident: 0
    offset: 1073
    width: 90
    height: 72
    Seq length of data: 6480
    data = 198147
    data = 66560
    data = 0
    data = 769 ....

Any ideas what I need to do to fix this.

Thanks in advance

Andy Ling