Wireshark-bugs: [Wireshark-bugs] [Bug 5008] New: The VRRP dissector can not handle correctly VRR
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5008
Summary: The VRRP dissector can not handle correctly VRRPv3
packets with IPv4 assocoated addresses in them
Product: Wireshark
Version: 1.2.9
Platform: Other
OS/Version: Windows 7
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: milkovm@xxxxxxxxxxx
Created an attachment (id=4917)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4917)
Capture showing the problem
Build Information:
Version 1.2.9 (SVN Rev 33171)
Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.16.6, (32-bit) with GLib 2.22.4, with WinPcap (version
unknown), with libz 1.2.3, without POSIX capabilities, without libpcre, with
SMI
0.4.8, with c-ares 1.7.0, with Lua 5.1, with GnuTLS 2.8.5, with Gcrypt 1.4.5,
with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Jun 8 2010),
with AirPcap.
Running on 32-bit Windows 7, build 7600, with WinPcap version 4.1.1 (packet.dll
version 4.1.0.1753), based on libpcap version 1.0 branch 1_0_rel0b (20091008),
GnuTLS 2.8.5, Gcrypt 1.4.5, without AirPcap.
Built using Microsoft Visual C++ 9.0 build 30729
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
Please look at the attached capture. It consists of VRRPv3 packets over IPv4.
RFC 5798 is very clear about VRRPv3 supporting both IPv6 and IPv4 and how the
structure of the VRRPv3 packet looks like. If you look at any of the packets in
this capture via Wireshark, you'll see that the sniffer declares the packet as
malformed. I suspect that when the VRRP version is set to 3, the VRRP dissector
always tries to parse the associated IP section of the packet as IPv6 addresses
and because of that it fails when this section holds IPv4 addresses. With
VRRPv3 packets carrying IPv6 associated IPs, Wireshark correctly parses the
associated IPs section of the packet.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.