Wireshark · Wireshark-dev: Re: [Wireshark-dev] newbie question about dissection specifications

[Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>]

On Mon, May 30, 2016 at 4:44 PM, Christian Convey <christian.convey@xxxxxxxxx> wrote:

Hi guys,  

I'm starting a side project, and I was wondering if it might eventually be something useful to Wireshark developers.  Anyone mind weighing in?

It's a translator that does this:

Input:

• A declarative description of wire-level message layouts.
• Details regarding desired properties of C / C++ / Python / etc. code generated from those layout descriptions.

Output:

• Generated C / C++ / Python / etc. code based on those layout descriptions.  For example:
• Pretty-printing
  
• C++ classes for accessing individual fields safely, including endian-ness correction.
  
• C structs / unions / bit-fields for unchecked access to buffers supposedly having those formats.
• C++ functions that create an appropriate Wireshark dissector.
• Etc.

So the idea is a bit like the dual of Google Protocol Buffers.  Both tools take a declarative description of message content, as the basis for generated code.  But in the tool I'm working on, the description specifies the wire-level layout

It's actually something that's inspired from my work in databases, where it seems like the code describing the layout of disk pages is unnecessarily convoluted.  But I think Wireshark would probably make a more interesting test case for the tool, because (I assume) people develop new Wireshark dissectors a lot more often than databases develop new page layouts.

I'd be grateful for any feedback / suggestions people have!

Ideas like this have been discussed before; for example in this thread:

https://www.wireshark.org/lists/wireshark-dev/201207/msg00110.html

But I'm not sure much has ever come of them (beyond the existing projects listed in the first email in the thread).