Wireshark-dev: Re: [Wireshark-dev] Best way to handle a variable-length NULL-terminated string
On Mon, May 03, 2010 at 11:14:15AM -0400, Jeremy O'Brien wrote:
> Actually, is there a function that will just get the length of said
> string? I don't need to do anything with the string itself other than
> add it to the proto_tree and of course increment my offset.
You could use tvb_get_ephemeral_stringz() to both fetch the string (and
allocate memory) along with setting the length variable (passing it by
reference as the third parameter). Then add the string to the tree
using proto_tree_add_string() and pass the string and the length
variables starting at the offset variable (set to 0 before starting).
Then increment offset by the length
This is basically what I did in epan/dissectors/packet-exec.c, but the
packet data sounds a bit different from what you're working with. In
the (r)exec protocol, there are four null-terminated strings that it
looks for.
Although, as Guy mentioned, you will have trouble (a thrown exception)
with this if the final string really doesn't have a null. Perhaps you
could do a search (perhaps by using tvb_find_guint8 with '\0' as your
needle [search term]) to see if there is a null coming up before looking
for it, otherwise just grab the final string without a null
(tvb_get_string).
--
Steve
