Hi Pascal,
On Tuesday, January 19, 2021 11:19 AM, Pascal Quantin wrote:
> Hi Joey,
>
> Le mar. 19 janv. 2021 à 17:45, Joey Salazar via Wireshark-dev
> <[email protected]> a écrit :
>
>> Hi all,
>>
>> In commit 33af2649 [1] we can keep dissecting the contents of the req, adv,
>> and res packets by setting
>> while (plen > 0) { }
>> either in `dissect_git_pdu()` or in `dissect_one_pkt_line()`, but for now in
>> `dissect_git_pdu()` it'd be a bit messy, so wanted to ask for your feedback
>> for getting `dissect_one_pkt_line()` to work properly first.
>>
>> As you can see in pcap 169 [2], it correctly parses the length of the first
>> line as 0x0014 (20 bytes) until `0x0a`, then it's supposed to get the length
>> of the next line by the first 4 hex bytes in that line, but instead of
>> reading the length as 0x0018 (24 bytes) it's reading it as 0x0010 (16
>> bytes), and anyways, this particular line's length actually is 59 bytes.
>>
>> Suggestions on how to approach this?
>
> So what is the code leading to this dissection? It does not seem to be
> https://gitlab.com/joeysal/wireshark/-/commit/33af2649927cb5660d4aeb64b9a9e9a58a1823aa
> as dissect_one_pkt_line() seem to read only one line
Yes, the code on that commit is what gives the parsing of the screenshot.
> (BTW using a while loop in this commit is useless as you are incrementing
> offset by plen, and the code you shared considers that plen includes the 4
> bytes of the packet length field while your screenshot does not assume that).
The first line does, please see this other screenshot [1].
Thank you,
Joey
[1] imgur.com/a/k8ueWfR
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <[email protected]>
Archives: https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:[email protected]?subject=unsubscribe
