Re: [Wireshark-dev] libtshark + scripting language support

On Aug 19, 2010, at 1:28 AM, Thierry Emmanuel wrote:

> I have worked very differently than you, considering Wireshark as a library itself. If you take a look at the epan directory, you'll see that you have all the tools you need to decode any kind of packet.
>
> You can :
> - Init the library with "epan_init" and "init_dissection" functions
> - Find a dissector with "dissector_table_foreach_handle" and "dissector_handle_get_protocol_index" functions
> - Request the library to process your data against the protocol you want with "call_dissector_only"

No, you can't - not safely.

Dissectors assume, either explicitly or implicitly, that, for each packet, an epan_dissect_t has been initialized, and that the dissection was started by calling epan_dissect_run(), and, if you want all memory allocated while dissecting the packet to be cleaned up after you've dissected the packet, the epan_dissect_t has to be cleaned up as well.

Otherwise, you run the risk of memory leaks, code breaking because something wasn't set up, etc..
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe

• This message: [ Message body ]
• Next message: Guy Harris: "Re: [Wireshark-dev] Memory leaks when using epan"
• Previous message: Guy Harris: "Re: [Wireshark-dev] "Decode As" - adding payload decoding for the FLIP protocol"
• In reply to: Thierry Emmanuel: "Re: [Wireshark-dev] libtshark + scripting language support"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]