forked from osmocom/wireshark
epan: ws_debug log for heuristic that claims frame (len != 0)
It's possible for a dissector to claim a frame without adding to the tree or being added to frame.protocols (see !6669) Log a debug message showing the pinfo layers and the dissector that claimed the tvb (frame/packet).
This commit is contained in:
parent
8ac995578c
commit
e12954a637
|
@ -2957,6 +2957,10 @@ dissector_try_heuristic(heur_dissector_list_t sub_dissectors, tvbuff_t *tvb,
|
|||
}
|
||||
}
|
||||
if (len) {
|
||||
if (ws_log_msg_is_active(WS_LOG_DOMAIN, LOG_LEVEL_DEBUG)) {
|
||||
ws_debug("Frame: %d | Layers: %s | Dissector: %s\n", pinfo->num, proto_list_layers(pinfo), hdtbl_entry->short_name);
|
||||
}
|
||||
|
||||
*heur_dtbl_entry = hdtbl_entry;
|
||||
|
||||
/* Bubble the matched entry to the top for faster search next time. */
|
||||
|
|
23
epan/proto.c
23
epan/proto.c
|
@ -7914,6 +7914,29 @@ proto_is_frame_protocol(const wmem_list_t *layers, const char* proto_name)
|
|||
return FALSE;
|
||||
}
|
||||
|
||||
gchar *
|
||||
proto_list_layers(const packet_info *pinfo)
|
||||
{
|
||||
wmem_strbuf_t *buf;
|
||||
wmem_list_frame_t *layers = wmem_list_head(pinfo->layers);
|
||||
|
||||
buf = wmem_strbuf_sized_new(pinfo->pool, 128, 0);
|
||||
|
||||
/* Walk the list of layers in the packet and
|
||||
return a string of all entries. */
|
||||
while (layers != NULL)
|
||||
{
|
||||
wmem_strbuf_append(buf, proto_get_protocol_filter_name(GPOINTER_TO_UINT(wmem_list_frame_data(layers))));
|
||||
|
||||
layers = wmem_list_frame_next(layers);
|
||||
if (layers != NULL) {
|
||||
wmem_strbuf_append_c(buf, ':');
|
||||
}
|
||||
}
|
||||
|
||||
return wmem_strbuf_finalize(buf);
|
||||
}
|
||||
|
||||
gboolean
|
||||
proto_is_pino(const protocol_t *protocol)
|
||||
{
|
||||
|
|
|
@ -2674,6 +2674,12 @@ WS_DLL_PUBLIC void proto_get_frame_protocols(const wmem_list_t *layers,
|
|||
*/
|
||||
WS_DLL_PUBLIC gboolean proto_is_frame_protocol(const wmem_list_t *layers, const char* proto_name);
|
||||
|
||||
/** Create a string of all layers in the packet.
|
||||
* @param pinfo Pointer to packet info
|
||||
* @return string of layer names
|
||||
*/
|
||||
WS_DLL_PUBLIC gchar * proto_list_layers(const packet_info *pinfo);
|
||||
|
||||
/** Mark protocol with the given item number as disabled by default.
|
||||
@param proto_id protocol id (0-indexed) */
|
||||
WS_DLL_PUBLIC void proto_disable_by_default(const int proto_id);
|
||||
|
|
|
@ -1204,6 +1204,7 @@ libwireshark.so.0 libwireshark0 #MINVER#
|
|||
proto_item_set_end@Base 1.9.1
|
||||
proto_item_set_len@Base 1.9.1
|
||||
proto_item_set_text@Base 1.9.1
|
||||
proto_list_layers@Base 3.7.0
|
||||
proto_name_already_registered@Base 2.0.1
|
||||
proto_node_group_children_by_json_key@Base 2.5.0
|
||||
proto_node_group_children_by_unique@Base 2.5.0
|
||||
|
|
Loading…
Reference in New Issue