Interpreting an FT_UNIT32 field as little endian

Question

I'm in the middle of writing a Wireshark dissector for a custom protocol. However, I have a field which is a unsigned 32-bit integer. It's actually transmitted in little endian form. How do I force Wireshark to interpret it as such?

i.e. my hf_register_info struct contains

&hf_foo_length,
{ "Length", "foo.length", FT_UINT32, BASE_DEC,
NULL, 0x0, NULL, HFILL }

And in the dissect function I'm calling

proto_tree_add_item(foo_tree, hf_foo_length, tvb, offset, 4, FALSE);

Answer 1

To answer my last question. I discovered that if the last parameter of proto_tree_add_item if non-zero will make it interpret the field as little-endian.

See proto.h

/*
 * We might also, in the future, want to allow a field specifier to
 * indicate the encoding of the field, or at least its default
 * encoding, as most fields in most protocols always use the
 * same encoding (although that's not true of all fields, so we
 * still need to be able to specify that at run time).
 *
 * So, for now, we define ENC_BIG_ENDIAN and ENC_LITTLE_ENDIAN as
 * bit flags, to be combined, in the future, with other information
 * to specify the encoding in the last argument to
 * proto_tree_add_item(), and possibly to specify in a field
 * definition (e.g., ORed in with the type value).
 *
 * Currently, proto_tree_add_item() treats its last argument as a
 * Boolean - if it's zero, the field is big-endian, and if it's non-zero,
 * the field is little-endian - and other code in epan/proto.c does
 * the same.  We therefore define ENC_BIG_ENDIAN as 0x00000000 and
 * ENC_LITTLE_ENDIAN as 0x80000000 - we're using the high-order bit
 * so that we could put a field type and/or a value such as a character
 * encoding in the lower bits.
 */