Wireshark-dev: Re: [Wireshark-dev] newbie question about dissection specifications
From: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>
Date: Tue, 31 May 2016 17:49:41 -0400


On Mon, May 30, 2016 at 4:44 PM, Christian Convey <christian.convey@xxxxxxxxx> wrote:
Hi guys,  

I'm starting a side project, and I was wondering if it might eventually be something useful to Wireshark developers.  Anyone mind weighing in?

It's a translator that does this:
Input:
  • A declarative description of wire-level message layouts.
  • Details regarding desired properties of C / C++ / Python / etc. code generated from those layout descriptions.
Output:
  • Generated C / C++ / Python / etc. code based on those layout descriptions.  For example:
    • Pretty-printing
    • C++ classes for accessing individual fields safely, including endian-ness correction.
    • C structs / unions / bit-fields for unchecked access to buffers supposedly having those formats.
    • C++ functions that create an appropriate Wireshark dissector.
    • Etc.
So the idea is a bit like the dual of Google Protocol Buffers.  Both tools take a declarative description of message content, as the basis for generated code.  But in the tool I'm working on, the description specifies the wire-level layout

It's actually something that's inspired from my work in databases, where it seems like the code describing the layout of disk pages is unnecessarily convoluted.  But I think Wireshark would probably make a more interesting test case for the tool, because (I assume) people develop new Wireshark dissectors a lot more often than databases develop new page layouts.

I'd be grateful for any feedback / suggestions people have!

Ideas like this have been discussed before; for example in this thread:

https://www.wireshark.org/lists/wireshark-dev/201207/msg00110.html

But I'm not sure much has ever come of them (beyond the existing projects listed in the first email in the thread).