I am writing a Wireshark dissector plugin for a protocol that does not hton it's data, and I need to extract a 64-bit data value without doing any endian conversions.
Is there a version of tvb_get_ntoh64 included in the Wireshark libraries that does not do the ntoh?
I found the answer to my own question. The wireshark document \wireshark\doc\README.developer addresses this:
Don't fetch a little-endian value using "tvb_get_ntohs() or "tvb_get_ntohl()" and then using "g_ntohs()", "g_htons()", "g_ntohl()", or "g_htonl()" on the resulting value - the g_ routines in question convert between network byte order (big-endian) and host byte order, not little-endian byte order; not all machines on which Wireshark runs are little-endian, even though PCs are. Fetch those values using "tvb_get_letohs()" and "tvb_get_letohl()".
In looking in tvbuff.h, I see there are other flavors as well:
extern guint16 tvb_get_letohs(tvbuff_t*, const gint offset);
extern guint32 tvb_get_letoh24(tvbuff_t*, const gint offset);
extern guint32 tvb_get_letohl(tvbuff_t*, const gint offset);
extern guint64 tvb_get_letoh64(tvbuff_t*, const gint offset);
Posting so that people asking this question in the future will be able to find the answer.