Wireshark-bugs: [Wireshark-bugs] [Bug 6452] packet-ajp13 fix, cleanup, and enhancement
Date: Wed, 12 Oct 2011 10:51:14 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6452

--- Comment #4 from Guy Harris <guy@xxxxxxxxxxxx> 2011-10-12 10:51:13 PDT ---
If the attribute is going to the end of the packet, it should use
tvb_reported_length_remaining() in the loop - the packet size is the reported
length, not the captured length, and tvb_length_remaining() checks the latter.

+    /* ATTRIBUTE VALUE
+     */
+    if (aid == ATYPE_SSL_KEY_SIZE) {
+      if (ajp13_tree) {
+        proto_tree_add_string_format(ajp13_tree, hf_ajp13_aval,
+                                     tvb, pos, 2, aname,
+                                     "%s: %d", aname, tvb_get_ntohs(tvb,
pos));
+      }
+      pos+=2;
+    } else {
+      aval = ajp13_get_nstring(tvb, pos, &aval_len);
+
+      pos+=2; /* skip over size */
+      if (ajp13_tree) {
+        proto_tree_add_string_format(ajp13_tree, hf_ajp13_aval,
+                                     tvb, pos, aval_len, aname,
+                                     "%s: %s", aname, aval);
+      }
+      pos+=aval_len;
+    }
+  }
 }

appears to be setting hf_ajp13_aval to have as its value the attribute *name*,
not its *value*.  In addition, it appears that the attribute type
ATYPE_SSL_KEY_SIZE has a numerical value, while other attribute types have
string values, so you might need two different fields for the attribute value.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.