diff options
author | Bill Meier <wmeier@newsguy.com> | 2014-03-11 10:28:41 -0400 |
---|---|---|
committer | Bill Meier <wmeier@newsguy.com> | 2014-03-13 15:57:37 +0000 |
commit | 53dab8e1f1acb95930bfb06da3c8b9c30af85d1c (patch) | |
tree | 5b8a8e8d533e56537a920e7ab6973dfbb3d1e18a /doc/README.heuristic | |
parent | 36db2df1c18f7000f3d0e21f8d667344725403fc (diff) |
Note that a dissector heuristic test *must not* cause an exception before returning FALSE.
Change-Id: I9f1ab000f7a2c554d1c20abf8ca4e4bab4b5ef27
Reviewed-on: https://code.wireshark.org/review/635
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
Diffstat (limited to 'doc/README.heuristic')
-rw-r--r-- | doc/README.heuristic | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/doc/README.heuristic b/doc/README.heuristic index d0d270ee53..544a64d484 100644 --- a/doc/README.heuristic +++ b/doc/README.heuristic @@ -91,6 +91,13 @@ Obviously, this is *not* 100% bullet proof, but it's the best WS can offer to its users here - and improving the heuristic is always possible if it turns out that it's not good enough to distinguish between two given protocols. +Note: The heuristic code in a dissector *must not* cause an exception + (before returning FALSE) as this will prevent following + heuristic dissector handoffs. In practce, this normally means + that a test should be done to verify that the required data is + available in the tvb before fetching from the tvb. (See the + example below). + Heuristic Code Example ---------------------- @@ -120,6 +127,9 @@ static gboolean dissect_PROTOABBREV_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) { ... + /* 0) Verify needed bytes available in tvb so tvb_get...() doesn't cause exception. + if (tvb_length(tvb) < 5) + return FALSE; /* 1) first byte must be 0x42 */ if ( tvb_get_guint8(tvb, 0) != 0x42 ) |