Wireshark · Wireshark-dev: Re: [Wireshark-dev] payload_proto

Wireshark-dev: Re: [Wireshark-dev] payload_proto_id in SCPT dissector

From: João Valverde <joao.valverde@xxxxxxxxxxxxxxxxxx>

Date: Sun, 18 Aug 2019 00:42:42 +0100

On 17/08/19 11:16, Peter Wu wrote:

On Fri, Aug 16, 2019 at 10:09:43AM +0100, João Valverde wrote:

Using a hash table is an indirect method of passing data. A void pointer
function argument is a direct method of passing data. So why would the
former present problems with nested TLS traffic and the latter not? Any
limitations present in one would be present in the other and vice-versa.
What am I missing?

In a direct approach, the caller either passes data or it passes NULL.
With indirect methods, the caller may pass data, but if it does not,
then the setting from previous layers would be applied, unless every
caller is audited and modified to clear the data. This is the
"unexpected interference" problem I mentioned in the review comments.

The indirect approach naturally assumes a dissector won't behave whimsically about argument passing when called multiple times for the same frame (tunneling, etc).

References:
- [Wireshark-dev] payload_proto_id in SCPT dissector
  - From: Dario Lombardo
- Re: [Wireshark-dev] payload_proto_id in SCPT dissector
  - From: Anders Broman
- Re: [Wireshark-dev] payload_proto_id in SCPT dissector
  - From: Peter Wu
- Re: [Wireshark-dev] payload_proto_id in SCPT dissector
  - From: João Valverde
- Re: [Wireshark-dev] payload_proto_id in SCPT dissector
  - From: Peter Wu

Prev by Date: Re: [Wireshark-dev] payload_proto_id in SCPT dissector
Next by Date: [Wireshark-dev] (no subject)
Previous by thread: Re: [Wireshark-dev] payload_proto_id in SCPT dissector
Next by thread: [Wireshark-dev] (no subject)
Index(es):
- Date
- Thread