4365250098
Unparsed tokens are tokens that can either be fields or literal values like byte arrays or something weirder. Some cases are troublesome, like two letter tokens being a protocol name or a byte (fc is Fiber Channel or 0xFC), or hypothetically aa.bb.cc being a byte array { 0xaa, 0xbb, 0xcc} or the "bb.cc" field of the "aa" protocol. Etc. This semantic difference obviously matters when parsing an expression and providing helpful error messages to users. I have now made several attempts at resolving unparsed tokens into field/not field at the lexical level and still provide good error messages and there are always limitations and weird corner cases. Assigning a semantic type to such ambiguous tokens requires more context. Originally this was implemented by checking for registered field values in the scanner but that is one of the possible solutions that does not produce good results in practice IMO. Accept that we will never fully fix this without backward incompatible grammar changes and commit to resolving unparsed types during the semantic check phase and maybe having a convoluted lemon grammar with lots of ugly UNPARSED special cases. |
||
---|---|---|
.. | ||
baseline | ||
captures | ||
config | ||
keys | ||
lua | ||
protobuf_lang_files | ||
suite_dfilter | ||
suite_dissectors | ||
README.test | ||
conftest.py | ||
fixtures_ws.py | ||
hosts.custom | ||
hosts.global | ||
hosts.personal | ||
matchers.py | ||
sampleif.py | ||
subprocesstest.py | ||
suite_capture.py | ||
suite_clopts.py | ||
suite_decryption.py | ||
suite_dissection.py | ||
suite_extcaps.py | ||
suite_fileformats.py | ||
suite_follow.py | ||
suite_follow_dccp.py | ||
suite_follow_multistream.py | ||
suite_io.py | ||
suite_mergecap.py | ||
suite_nameres.py | ||
suite_outputformats.py | ||
suite_release.py | ||
suite_sharkd.py | ||
suite_text2pcap.py | ||
suite_unittests.py | ||
suite_wslua.py | ||
travis-upload-artifacts.sh | ||
util_dump_dhcp_pcap.py |
README.test
Wireshark Tests The recommended steps to prepare for and to run tests: * Install two Python packages, pytest: `pip install pytest pytest-xdist` * Build programs (“wireshark”, “tshark”, etc.): `ninja` * Build additional programs for the “unittests” suite: `ninja test-programs` * Run tests in the build directory: `pytest` Replace `ninja test-programs` by `make test-programs` as needed. See the “Wireshark Tests” chapter of the Developer's Guide for details: https://www.wireshark.org/docs/wsdg_html_chunked/ChapterTests.html If you need to update the baseline files use the following commands (on a Linux system) mkdir ~/.config/wireshark/profiles/ctest TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T ek -r test/captures/dhcp.pcap > test/baseline/dhcp.ek TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T json -r test/captures/dhcp.pcap > test/baseline/dhcp.json TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T jsonraw -r test/captures/dhcp.pcap > test/baseline/dhcp.jsonraw TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T ek -r test/captures/dhcp.pcap -x > test/baseline/dhcp-raw.ek