Ethereal-dev: Re: [Ethereal-dev] Crash by AJP13 protocol

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <guy@xxxxxxxxxx>
Date: Wed, 26 Mar 2003 13:19:36 -0800
On Wed, Mar 26, 2003 at 10:09:23PM +0100, Martin Regner wrote:
> I also get a crash for frame 5 (Error.cap) respectivelly frame 6
> (Error2.cap). 

That error can occur on the first pass through the packets only if
when the first frame dissected as AJP13 is seen, there's
*already* a conversation established for that TCP flow.

That happens if TCP sequence number analysis is enabled - but *doesn't*
happen if it's not.  You and Greg probably have it enabled; I don't.

I'll check in a fix to have the code *NOT* assume that, merely because
the conversation exists, that conversation was established by the AJP13
dissector and therefore that the conversation has AJP13 data attached to
it.