Brian Oleksa skrev 2011-05-09 19:53:
Thanks for the info.
I was able to get that far. Things are starting to look a lot better
now. Thanks for everybody's help.
I still have a couple of questions through:
I found these routines in the wireshark.README file:
guint8 tvb_get_bits8(tvbuff_t *tvb, gint bit_offset, gint no_of_bits);
guint16 tvb_get_bits16(tvbuff_t *tvb, gint bit_offset, gint
no_of_bits,gboolean little_endian);
guint32 tvb_get_bits32(tvbuff_t *tvb, gint bit_offset, gint
no_of_bits,gboolean little_endian);
guint64 tvb_get_bits64(tvbuff_t *tvb, gint bit_offset, gint
no_of_bits,gboolean little_endian);
Is there a way to get a String...??
The string that I have ends with a special value of 0xFF ......and the
string it's self has a bit_offset
that is determined at runtime. How do I read this..??
Also...I have a series of bits fields that span bytes....is there an
example out there where somebody already dissected
a stream of bits not bytes..??
For example: How would I dissect an 18 bit field that starts at an
offset of 2 bits..?
Thanks,
Brian
On 5/8/2011 11:50 PM, Ankith Agarwal wrote:
Hi
You can directly take the mask and convert them into hex.
Example: If you want to extract bits 5-8 then the mask is
0xf0(11110000),
for bit 4 the value is 0x08(00001000), for bit 3&2 the value is
0x06(00000110), for the last bit the value is 0x01(00000001).
By this way there is no need of performing shift operations, also you
don't have to maintain indexes.
Regards
Ankith
On Sat, May 7, 2011, Brian Oleksa<oleksab@xxxxxxxxxxxxxxxxxxxxxx> said:
Anders
Yes.... I was able to figure this out.
<4 bits> <1 bit> <2 bits> <1 bit>
0xf 0x1 0x3 0x1
but then you have to shift the results:
0xf0 0x8 0x6 0x1
to make room for the other fields.
BUT...I ran into a little snag.
I figured out that I must read 4 bits from the "end" of the byte (which
will give me 0010). This means I need to take bits 5-8 to construct the
version field...and use
bit 4 for x...and then use bit 3 and 2 for y and then bit 1 for z.
So this means I not only need to keep an index to the actual byte I am
on, but the individual bit index as well.
How would I do this within the wireshark code..?
Thanks,
Brian
Truly bit oriented protocols are not that common I think, ASN.1 PER
encoded protocols being an exception.
But if you need examples use grep on the sources for the functions you
are interested in,
like proto_add_bits_item() packet-per,c and packet-h264.c are good
starting points. You should only get
the value if you really need it for some additional logic. A string
placed in a bit field is something you'd
have to code yourself.
Regards
Anders
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
