Shah, Sachin wrote:
>
> These two plugins have completely different signature, so they are very
> easy to differentiate. Following is snippet from dissect_*** methods of
> each:
>
>>From packet-xxx.c
> s1 = tvb_get_guint8(tvb, 0);
> if (s1 != 0x01 && s1 != 0x02 && s1 != 0x03)
> return;
>
>>From packet-yyy.c
> s1 = tvb_get_guint8(tvb, 0);
> s2 = tvb_get_guint8(tvb, 1);
> if(s1 != 0x55)
> return;
> if(s2 != 0x55)
> return;
>
At the very least you need to:
return FALSE;
if the heuristic fails.
(Note that packet-??? should have been defined as "static gboolean ..."
See (for example) packet-acn.c for an example of a heuristic dissector.
_______________________________________________
Wireshark-dev mailing list
[email protected]
http://www.wireshark.org/mailman/listinfo/wireshark-dev
