On Monday, June 23, 2008, 6:38:16 PM, Martin Corraine (mcorrain) wrote: > In the readme.developer, it states you shouldn't use "tvb_get_ntohl(tvb, > offset);" I tried using tvb_get_letohl (tvb, offset);" However, it > retrieves the data backwards thus retrieving the wrong value. Any > suggestions?
What it actually says is: Don't use "ntohs()", "ntohl()", "htons()", or "htonl()"; the header files required to define or declare them differ between platforms, This is talking just about the functions with those names - it says nothing about the wireshark-provided alternatives called g_ntohl(), tvb_get_ntohl() etc. These are safe platform-independant versions that you are expected to use (in the appropriate circumstances.) Then: Don't fetch a little-endian value using "tvb_get_ntohs() or "tvb_get_ntohl()" and then using "g_ntohs()", "g_htons()", "g_ntohl()", or "g_htonl()" on the resulting value Here it is saying don't use tvb_get_ntohl() *followed* by g_ntohl(), in the expectation that the second call will byte-swap. On a naturally big-endian machine, g_ntohl() does nothing. This says nothing about calling tvb_get_ntohl() *on its own*, where that is the appropriate thing to do. > For instance, > "00 00 00 06 " should be 6 in base 10 (I'm sure it should be read this > way). However, I get 1610612736 with tvb_get_letohl() becasue it reads > it "60 00 00 00" In your example, the value is trasmitted in big-endian (AKA network) byte order already, not little-endian, so the right thing is to use tvb_get_ntohl() to retrieve it. This will produce the correct result on all platforms. John -- Dead stars still burn _______________________________________________ Wireshark-dev mailing list Wireshark-dev@wireshark.org https://wireshark.org/mailman/listinfo/wireshark-dev