Wireshark-dev: [Wireshark-dev] newbie question about dissection specifications
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Christian Convey <christian.convey@xxxxxxxxx>
Date: Mon, 30 May 2016 16:44:30 -0400
Hi guys,  

I'm starting a side project, and I was wondering if it might eventually be something useful to Wireshark developers.  Anyone mind weighing in?

It's a translator that does this:
Input:
  • A declarative description of wire-level message layouts.
  • Details regarding desired properties of C / C++ / Python / etc. code generated from those layout descriptions.
Output:
  • Generated C / C++ / Python / etc. code based on those layout descriptions.  For example:
    • Pretty-printing
    • C++ classes for accessing individual fields safely, including endian-ness correction.
    • C structs / unions / bit-fields for unchecked access to buffers supposedly having those formats.
    • C++ functions that create an appropriate Wireshark dissector.
    • Etc.
So the idea is a bit like the dual of Google Protocol Buffers.  Both tools take a declarative description of message content, as the basis for generated code.  But in the tool I'm working on, the description specifies the wire-level layout

It's actually something that's inspired from my work in databases, where it seems like the code describing the layout of disk pages is unnecessarily convoluted.  But I think Wireshark would probably make a more interesting test case for the tool, because (I assume) people develop new Wireshark dissectors a lot more often than databases develop new page layouts.

I'd be grateful for any feedback / suggestions people have!

Cheers,
Christian Convey