Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] lua http.request and http.response structure

From: "Luis EG Ontanon" <luis@xxxxxxxxxxx>
Date: Tue, 2 Sep 2008 16:57:31 +0200
On Tue, Sep 2, 2008 at 1:21 PM, Riccardo Roasio
<riccardo.roasio@xxxxxxxxx> wrote:
> I also found that i'm using the tshark 1.0.0 version.
> Should be that the problem was solved in the 1.0.3 ?

http_response_data() returns FieldInfo info whose __tostring() method
triggers the assertion where WS crashes and it is not fixed in 1.0.3.
Maybe accessing the attribute label instead gives you what you want
(beware: long labels are cropped and WS appends " ..." at the end).

What you want to do is to do something like

for x in http_response_data do
   print("DATA: ", x.label)
end


> Thanks,
> Riccardo
>
> Luis EG Ontanon wrote:
>> A bug in wireshark...
>> That should't fail (not at least that way)!
>>
>> Can you open a bug in https://bugs.wireshark.org and attach to it both
>> the code and a capture file that shows the problem
>>
>> Thanks,
>> \Lego
>>
>> On Tue, Sep 2, 2008 at 12:42 PM, Riccardo Roasio
>> <riccardo.roasio@xxxxxxxxx> wrote:
>>
>>> I did this:
>>>
>>>
>>> do
>>>
>>> http__response_data_extractor=Field.new("data-text-lines")
>>>
>>> http=Listener.new()
>>>
>>> function http.packet(pinfo,tvb)
>>>
>>>       local http_response_data=http_response_data_extractor()
>>>       print("DATA : ",http_response_data)
>>>
>>> end
>>>
>>>
>>> end
>>>
>>>
>>>
>>> but it gives me this error:
>>>
>>> ERROR:(ftype-tvbuff.c:133):val_repr_len: assertion failed
>>> (rtype==FTREPR_DFILTER)
>>>
>>> Aborted
>>>
>>>
>>> What's wrong with it?
>>>
>>> Thanks,
>>> Riccardo
>>>
>>> Luis EG Ontanon wrote:
>>>
>>>> do
>>>>   local xyz_field = Field.new("http.xyz")
>>>>   local tap= Listener.new();
>>>>
>>>>   ...
>>>>
>>>>   function tap.packet(pinfo,tvb)
>>>>      local xyz = xyz_field()
>>>>      ...
>>>>   end
>>>>
>>>>   ...
>>>>
>>>> end
>>>>
>>>>
>>>> On Tue, Sep 2, 2008 at 12:16 PM, Riccardo Roasio
>>>> <riccardo.roasio@xxxxxxxxx> wrote:
>>>>
>>>>
>>>>> Hi,
>>>>>
>>>>> thanks for the aswer.
>>>>> I think i made the wrong question....
>>>>>
>>>>> I would like to know how can i access to http message parts whit the
>>>>> Field.new("") function.
>>>>> In particular i'm trying to retrieve the get response body (or data)
>>>>>
>>>>> I tryed with Fiend.new(data-text-lines") but it gives an error when i
>>>>> try to print it.
>>>>>
>>>>> Best Regards,
>>>>> Riccardo
>>>>>
>>>>> Luis EG Ontanon wrote:
>>>>>
>>>>>
>>>>>> I'm wrote preety much all of WS Lua's interface, and I am not aware of
>>>>>> any such "structure"...
>>>>>>
>>>>>> There are tap-data structures of lua that are extracted from header
>>>>>> files of dissectors using code generated by epan/wslua/make-taps.pl
>>>>>> which in turn is controlled by epan/wslua/taps .
>>>>>>
>>>>>> These are *willingly* left un-documented. As my plans are to radically
>>>>>> modify this part of the code (but before I need to have a clear Idea
>>>>>> of what and how this should be done).
>>>>>>
>>>>>> The http req/resp data currently passed to Listener calls is a Table
>>>>>> that contains the  same data as struct http_info_value_t defined in
>>>>>> epan/dissectors/packet-http.h .
>>>>>>
>>>>>> typedef struct _http_info_value_t {
>>>>>>       guint32 framenum;
>>>>>>       gchar   *request_method;
>>>>>>       guint    response_code;
>>>>>>       gchar   *http_host;
>>>>>>       gchar   *request_uri;
>>>>>> } http_info_value_t;
>>>>>>
>>>>>> Hope this helps...
>>>>>>
>>>>>> I hope this helps but do not count on it to be there on future versions.
>>>>>>
>>>>>> \Lego
>>>>>>
>>>>>> On Tue, Sep 2, 2008 at 10:16 AM, Riccardo Roasio
>>>>>> <riccardo.roasio@xxxxxxxxx> wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> where can i found informations about the lua http.response and
>>>>>>> http.request structure?
>>>>>>>
>>>>>>> Regards,
>>>>>>> Riccardo
>>>>>>>
>>>>>>> --
>>>>>>> Riccardo Roasio
>>>>>>> amuser S.p.A.
>>>>>>> advanced multimedia services
>>>>>>> 10149 Torino (Italy) - via Val della Torre, 4
>>>>>>> Tel     +39 011 291 3777
>>>>>>> Fax +39 011 291 3737
>>>>>>> riccardo.roasio@xxxxxxxxx
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Wireshark-dev mailing list
>>>>>>> Wireshark-dev@xxxxxxxxxxxxx
>>>>>>> https://wireshark.org/mailman/listinfo/wireshark-dev
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>> --
>>>>> Riccardo Roasio
>>>>> amuser S.p.A.
>>>>> advanced multimedia services
>>>>> 10149 Torino (Italy) - via Val della Torre, 4
>>>>> Tel     +39 011 291 3777
>>>>> Fax +39 011 291 3737
>>>>> riccardo.roasio@xxxxxxxxx
>>>>>
>>>>> _______________________________________________
>>>>> Wireshark-dev mailing list
>>>>> Wireshark-dev@xxxxxxxxxxxxx
>>>>> https://wireshark.org/mailman/listinfo/wireshark-dev
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>> --
>>> Riccardo Roasio
>>> amuser S.p.A.
>>> advanced multimedia services
>>> 10149 Torino (Italy) - via Val della Torre, 4
>>> Tel     +39 011 291 3777
>>> Fax +39 011 291 3737
>>> riccardo.roasio@xxxxxxxxx
>>>
>>> _______________________________________________
>>> Wireshark-dev mailing list
>>> Wireshark-dev@xxxxxxxxxxxxx
>>> https://wireshark.org/mailman/listinfo/wireshark-dev
>>>
>>>
>>
>>
>>
>>
>
>
> --
> Riccardo Roasio
> amuser S.p.A.
> advanced multimedia services
> 10149 Torino (Italy) - via Val della Torre, 4
> Tel     +39 011 291 3777
> Fax +39 011 291 3737
> riccardo.roasio@xxxxxxxxx
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> https://wireshark.org/mailman/listinfo/wireshark-dev
>



-- 
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan