1. 首頁
  2. 問答
  3. Wireshark的Ç解剖器錯誤填充子樹

Wireshark的Ç解剖器錯誤填充子樹

2016-07-28 40 views
2

當我有一個簡單的Wireshark解剖當針對捕獲運行哪個引發以下的錯誤警告:Wireshark的Ç解剖器錯誤填充子樹

13:04:12   Warn Dissector bug, protocol usbserial, in packet 353: /wireshark/epan/proto.c:5504: 
failed assertion "idx >= 0 && idx < num_tree_types"

協議註冊功能看起來像這樣:

static gint ett_myproto = -1; 

void 
proto_register_myproto(void) 
{ 
    /* Set up field array */ 
    static hf_register_info hf[] = { 
     { &hf_myproto_payload, 
      {"Payload", "myproto.payload", FT_BYTES, BASE_NONE, NULL, 
       0x0, NULL, HFILL }}, 
    }; 

    /* Register protocol */ 
    proto_myproto = proto_register_protocol("My Protocol", "myproto", "myproto"); 
    /* Register protocol fields */ 
    proto_register_field_array(proto_myproto, hf, array_length(hf)); 

    /* Register the dissector */ 
    register_dissector("myproto", dissect_myproto, proto_myproto); 
}

解剖器做了一些通用的數據傳輸,但問題區域的核心似乎是:

static int 
dissect_myproto(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, 
     void *data _U_) 
{ 
    proto_item *ti; 
    proto_tree *myproto_tree; 

    /* Create top tree and add to the item */ 
    ti = proto_tree_add_protocol_format(tree, proto_myproto, tvb, 0, -1, 
      "My Protocol"); 
    myproto_tree = proto_item_add_subtree(ti, ett_myproto); 

    proto_tree_add_bytes_format(myproto_tree, hf_myproto_payload, 
      tvb, 0, payload_len, 
      NULL, "Payload"); 
}

我需要做些什麼才能使協議正確填充子樹?

來源

2016-07-28 Inductiveload

回答

2

這裏的問題是一個未登記的子樹作爲子樹陣列(從here提示)的一部分。

這是在協議註冊函數來完成,並且需要「包裝」的子樹的變量(其中只有一個在這裏:ett_myproto)到一個數組,然後註冊使用proto_register_subtree_array該數組:

static gint ett_myproto = -1; 

void 
proto_register_myproto(void) 
{ 
    /* Set up field array */ 
    static hf_register_info hf[] = { 
     .... 
    }; 

    /* Register protocol */ 
    proto_myproto = proto_register_protocol("My Protocol", "myproto", "myproto"); 
    /* Register protocol fields */ 
    proto_register_field_array(proto_myproto, hf, array_length(hf)); 

    /* Setup and register all protocol subtrees */ 
    static gint *ett[] = { 
     &ett_myproto, 
    }; 

    proto_register_subtree_array(ett, array_length(ett)); 

    /* Register the dissector */ 
    register_dissector("myproto", dissect_myproto, proto_myproto); 
}

ett變量是用於指大約的子樹的狀態GUI信息的索引(例如擴展或沒有)。針對示例解剖器代碼在[DOC /分組PROTOABBREV.c](https://github.com/wireshark/wireshark/blob/master/doc/packet-PROTOABBREV.c比較時

來源

2016-07-28 06:06:22 Inductiveload

+0

通常,這樣的問題被容易地捕捉) – Lekensteyn

相關問題

 相關問題